Helm Project Advances to Help Cloud Native Application Packaging

Helm Project Advances to Help Cloud Native Application Packaging

The open-source Helm project is now its own stand-alone project in the Cloud Native Computing Foundation, providing a package management system for deploying applications into a Kubernetes cluster.

The Cloud Native Computing Foundation announced on June 1 that Helm is now the group’s newest project. Open-source Helm is an increasingly adopted technology that enables operators to easily deploy applications into the cloud.

Helm had been a sub-project of the Kubernetes container orchestration project but is becoming an incubation-level hosted project at the CNCF. The new status is an indicator of the growing importance and utility of Helm as a package management platform for the cloud.

“With Helm we want to bring the package management metaphor that we saw in the operating system world into Kubernetes,” Matt Butcher, principal software development engineer at Microsoft and co-founder of the Helm project, told eWEEK. “Our original purpose was just to help people get started on Kubernetes because the learning curve for Kubernetes is and was very steep.”

The Helm project was originally created by Butcher’s team at Deis, a company that Microsoft acquired in April 2017. Butcher said the original effort to build Helm was done in a three-day hackathon competition at Deis to build new technology.

With operating systems like Linux, package management technology defines the application, including its dependencies and how to install and deploy on systems. The basic premise with Helm is the same, enabling Kubernetes operators to rapidly install applications. Helm packages are known as charts and define an application manifest for deployment on a Kubernetes cluster. Kubernetes is now supported on all of the major public cloud providers as a way to run containers and enable multicloud deployment models.

As an example, Butcher explained that for an organization that wants to deploy the popular WordPress content management system on Kubernetes, Helm can make the exercise significantly easier. WordPress relies on a stack that includes a web server, the PHP programming languages and a database, in addition to the core WordPress application.

“Helm can pull together all the required components into a Kubernetes manifest to start up WordPress,” Butcher said. “The WordPress Helm chart also allows administrators to toggle installations options, including database provisioning or connecting to an existing database.”


By becoming its own stand-alone project within the CNCF, Butcher said that Helm is making a lateral move.

Rather than being directly tied to the day-to-day governance and operations of the larger Kubernetes project, he said that now Helm developers can just be focused on the Helm project. That said, Butcher noted that the Helm project will continue to work closely together with members of the Kubernetes project. From a governance perspective, Helm will now be a direct project under the CNCF and will be defining its own technical oversight committee.

Helm 3

The current release branch for Helm is the 2.x series, which Butcher said includes a stable set of APIs. Butcher said that while work continues on Helm 2 with incremental feature updates, the big push for the future is Helm 3, which has security as a core focus.

Since the time Helm 2 was first released, Butcher said Kubernetes has added significant security capabilities, including pod security and Role Based Access Control (RBAC), which landed in the Kubernetes 1.8 release in September 2017.

“With Helm 3 what we’re looking at is, given the new developments in Kubernetes, what kind of changes we make that will tighten our security model and decrease our attack surface,” Butcher said. “With Helm 3, there is a pretty concerted effort to have security by default.”