Guide to Using HKE Helm Chart

This guide shows you how to deploy the HKE Helm Chart to the created HKE cluster.

Prerequisites

  • A Hostspace Kubernetes Engine (HKE) cluster

  • Helm CLI (comes pre-installed with HKE clusters)

Available Charts in the HKE Helm Repository

  1. HKE Cleaner DaemonSet:

    • Deploys a DaemonSet to automatically prune dangling images.

    • Scheduled via a cron job (runs every Saturday).

    • It can be customized with the crictlVersion or a custom cron schedule.

  2. Netdata:

    • Monitors system and health metrics from your cluster and nodes.

    • Provides useful metrics visible in your HostSpaceCloud dashboard.

    • It includes health checks and integration with Alerta for alert notifications.

    • Netdata supports restarting policies and hierarchical monitoring (parent-child claims).

  3. Redis:

    • Deploys Redis with the option to disable authentication and select storage classes (local-path by default).

    • Can be exposed via LoadBalancer service type.

  4. Velero:

    • Provides backup and restore capabilities for your Kubernetes cluster.

    • Configured with AWS S3 or Minio as the backup storage provider.

    • Integrates with AWS using provided credentials stored in Kubernetes secrets.

  5. OpenTelemetry Collector:

    • A fully customizable OpenTelemetry Collector for scraping metrics from your cluster.

    • Includes dynamic detection of Kubernetes node IPs and auto-discovery for node-exporter, kube-state-metrics, and Blackbox Exporter.

    • Can send metrics to a remote Prometheus instance.

  6. Wazuh Agent:

    • Installs a Wazuh agent on your cluster to collect security events and logs.

Deploying the Charts

Step 1: Add the HKE Helm Repository

helm repo add hke-repo https://storage.googleapis.com/hostspace-helm-repo

Step 2: Update the Helm Repository Cache

helm repo update

Step 3: Install or Upgrade the HKE Chart

helm install hke-charts hke-repo/hke-chart

Enabling and Customizing Individual Charts

To deploy specific charts and enable features, use the --set flag.

a. HKE Cleaner DaemonSet

helm upgrade --set cleanerDaemonset.enabled=true hke-charts hke-repo/hke-chart

To customize the cron job schedule or the crictlVersion:

helm upgrade --set cleanerDaemonset.enabled=true \
  --set cleanerDaemonset.imagecleanup.env.crictlVersion=v1.30.0 \
  --set cleanerDaemonset.cronjob="0 0 * * 6" \
  hke-charts hke-repo/hke-chart

b. Netdata

helm upgrade --set netdata.enabled=true hke-charts hke-repo/hke-chart

To enable health checks, Alerta integration, and parent-child monitoring:

helm upgrade --set netdata.enabled=true \
  --set netdata.health.enabled=true \
  --set netdata.health.path="/etc/netdata/health_alarm_notify.conf" \
  --set netdata.health.data="SEND_EMAIL='NO'\nSEND_ALERTA='YES'\nALERTA_WEBHOOK_URL='https://alerta.hostspacecloud.com/api'\nALERTA_API_KEY='16hhpVeH4rzq0rOOFMIVcXTRHpOICFAQz0WT64kn'\nDEFAULT_RECIPIENT_ALERTA='Production'" \
  --set netdata.restarter.enabled=true \
  hke-charts hke-repo/hke-chart

c. Redis

helm upgrade --set redis.enabled=true hke-charts hke-repo/hke-chart

To specify a node for Redis deployment:

helm upgrade --set redis.enabled=true \
  --set redis.master.service.type=LoadBalancer \
  --set redis.global.storageClass=local-path \
  --set redis.nodeSelector=NodeName \
  hke-charts hke-repo/hke-chart

d. Velero

helm upgrade --set velero.enabled=true \
  --set velero.initContainers[0].image=velero/velero-plugin-for-aws:v1.4.1 \
  --set velero.credentials.useSecret=true \
  --set velero.credentials.secretContents.cloud="[default]\naws_access_key_id=YhhpY8FSzN5QF3NC60Wb\naws_secret_access_key=FIWETWBxJnFuUvFmNf5b8ioBD9Kh2irKPwyUTpkc" \
  hke-charts hke-repo/hke-chart

e. OpenTelemetry Collector

helm -n kube-system upgrade --install otel-collector open-telemetry/opentelemetry-collector \
  -f https://storage.googleapis.com/monitoring-agent-script/hke-otel-values.yaml \
  --set opentelemetry-collector.config.processors.attributes.actions[0].value=$cluster_name \
  --set opentelemetry-collector.config.processors.attributes.actions[0].key=client_cluster \
  --set opentelemetry-collector.config.processors.attributes.actions[0].action=upsert \
  --set opentelemetry-collector.config.processors.attributes.actions[1].value=$email \
  --set opentelemetry-collector.config.processors.attributes.actions[1].key=client_email \
  --set opentelemetry-collector.config.processors.attributes.actions[1].action=upsert

f. Wazuh Agent

helm upgrade --set wazuhAgent.enabled=true \
  --set wazuhAgent.joinManagerMasterHost=master-host \
  --set wazuhAgent.joinManagerWorkerHost=worker-host \
  --set wazuhAgent.joinManagerPassword=yourpassword \
  hke-charts hke-repo/hke-chart

Deploying Multiple Charts at Once

You can enable multiple charts in a single command by using multiple --set flags. For example:

helm upgrade --set redis.enabled=true \
  --set netdata.enabled=true \
  --set velero.enabled=true \
  hke-charts hke-repo/hke-chart
PreviousHKE Add-ons ServicesNextWelcome to HostSpace HCS: Simplify Your Container Management

Last updated