Openshift Templates – An alternative to Helm Charts?

by | Nov 19, 2019 | Big Data

Openshift templates are Openshift’s answer to Kubernetes helm charts. In this way, an openshift template contains a list of objects. In consequence, applying an openshift template substitutes its placeholders. Also, it contains a parameter list. Openshift template are a built-in feature of Openshift. But what are differences to helm?

How does Openshift Template work?

 

Openshift Template

apiVersion: v1
kind: Template
metadata:
name: redis-template
name: REDIS_PASSWORD
labels:
redis: master
objects:
- apiVersion: v1
kind: Pod
metadata:
name: redis-master
spec:
containers:
- env:
- name: REDIS_PASSWORD
value: ${REDIS_PASSWORD}
image: dockerfile/redis
name: master
ports:
- containerPort: 6379
protocol: TCP
parameters:
- description: Password used for Redis authentication
from: '[A-Z0-9]{8}'
name: REDIS_PASSWORD
generate: expression
Openshift templates are pretty simple. The header introduces the template “> “> (line 1+). The objects section (line 8+) defines a list of cluster objects. Objects may contain placeholder in curly brackets (see line 17). Section of parameters (line 23+) defines parameters to substitute such placeholders. In this example the template requires a parameter REDIS_PASSWORD. The parameters section supplies it.

applying on openshift template

oc process -f template.yaml --param REDIS_PASSWORD=secret
oc process -f template.yaml --param REDIS_PASSWORD=secret | oc create -f -
oc process -f template.yaml --param REDIS_PASSWORD=secret | ec applay -f -
Once openshift template is defined it must be applied to the cluster. The process command (1) reads the template and substitutes parameters and writes results to console. Piping output to “oc create” (3) lets cluster create the new objects. Once created, objects are updated by “oc apply” (5) command.

Openshift Templates versus Helm Charts?

Are Openshift Templates better than Helm charts? There is no easy answer. Notably, Openshift templates are a built-in feature. In contrast, helm requires tiller service installed. Tiller service creates cluster objects. Because of this, Tiller services require cluster-admin permission on Kube-system service account. But for security reasons, most production systems does not grant this permission. Read here for more details.

Conclusion

Templates offer a generic mechanism to deploy applications to different environments. The process of defining a template substitutes environment specific values. Text files may store substitutions. Such text files may be applied to process command.

References: