Helm in Kubernetes - What It Is and Why You Need It

Hey, tech queens!

Today we’re talking about Helm — my go-to tool for working with Kubernetes. If you’ve ever suffered through manually crafting YAML files for every single service, you’re about to breathe a huge sigh of relief.

I used to drown in those manifests and think, “Is it always going to be this painful?” Nope. Because Helm exists.

Helm in Plain English#

Imagine you buy a dresser from IKEA. Instead of guessing where each screw goes, you grab the instructions and have it assembled in 20 minutes - latte in hand.

Helm is that same kind of instruction manual - for Kubernetes.

Normally, deploying an app means creating a bunch of objects: Pods, Services, Ingresses, ConfigMaps — each with its own YAML file. It’s tedious.

Helm saves you:

Bundles everything into one structure: a chart
Spins up apps with a single command
Simplifies upgrades, customization, and rollbacks
Makes deployments predictable and repeatable

What’s a Helm Chart (and Why It’s Not Scary)#

The word “chart” might sound intimidating, but it’s really just a folder with organized files. No magic, just structure.

Think of it as your deployment organizer:

Chart.yaml — the chart’s business card: name, version, description
values.yaml — default settings (ports, replicas, DB names, etc.)
templates/ — YAML blueprints Helm renders into actual Kubernetes objects
_helpers.tpl — reusable functions to keep templates DRY
charts/ — dependencies like databases or message queues

Why It’s Handy#

A chart is like a capsule — it holds everything: instructions, configs, and dependencies.

Same chart, different environments:

Dev: myblog-dev, 1 replica, test DB
Prod: myblog, 3 replicas, production DB

Just tweak values.yaml — no need to touch anything else.

It’s like one dress styled with different accessories.

Why Helm Is My Must-Have#

Reasons I love Helm:

Scalability: no more 30+ YAML files
Flexibility: same chart, different setups
Transparency: preview what’s actually going to be installed (helm template)
Security: Helm 3 removed Tiller (and that’s a good thing)
Control: rollbacks are built-in (helm rollback is magic)

Helm 2 vs Helm 3 — Short & Sweet#

Helm 2 relied on a separate component called Tiller, which had elevated cluster privileges — a big security headache.

Helm 3 fixed it:

No Tiller
Uses your existing kubectl credentials
Easier to install and great for CI/CD

What’s Next? Helm v4 Is in the Works#

Helm v4 is currently in planning (see HIP-0012) — with focus on a new API and architectural improvements.

No official release date yet — the devs meet weekly and are actively shaping the roadmap.

Installing Helm — Fast & Painless#

You’ll Need:#

A Kubernetes cluster (Minikube, GKE, etc.)
kubectl installed

Most Universal Way#

1
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
2
chmod 700 get_helm.sh
3
./get_helm.sh

Always use the official script from GitHub. Trust but verify.

Alternatives#

macOS:

1
brew install helm

Homebrew now provides the latest release — v3.18.0

Linux (Snap):

1
sudo snap install helm --classic

Snap can sometimes lag behind — prefer the install script for CI.

Debian / Ubuntu (APT):

1
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | \
2
sudo tee /usr/share/keyrings/helm.gpg > /dev/null
3

4
echo "deb [signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | \
5
sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
6

7
sudo apt-get update
8
sudo apt-get install helm

Verify the Install#

1
helm version

Sample output:

1
version.BuildInfo{Version:"v3.18.0", GitCommit:"...", GoVersion:"go1.22.2", ...}

As of May 20, 2025, this is the latest stable release.

v3.18.1 is expected on June 11, and v3.19.0 is coming in September.

First Helm Run — Let’s Go!#

Install something fun — like Nginx:

1
helm repo add bitnami https://charts.bitnami.com/bitnami
2
helm repo update
3
helm install nginx bitnami/nginx

Customize settings:

1
helm install my-app ./my-chart \
2
 --set image.tag=2.0.1 --set replicaCount=3

Or use a YAML config:

1
helm install my-app ./my-chart -f values-prod.yaml

Something went wrong?

1
helm rollback my-app 1

Uninstall it:

1
helm uninstall my-app

Security & Best Practices#

Always Inspect a Chart Before Installing#

Think of it like trying on a dress before the party - just because it looks cute doesn’t mean it fits.

helm lint — checks the structure and versioning of the chart
helm template — renders the final YAML (preview before install)
helm test — runs built-in tests (if defined)
helm diff — compares installed vs new version

Install the diff plugin:

1
helm plugin install https://github.com/databus23/helm-diff

Sign and Verify Your Charts#

Use helm package --sign to digitally sign your charts
Run helm verify to confirm integrity
For advanced signing, try Cosign + the helm-sigstore plugin

Store Charts Like Images (OCI FTW)#

Helm now supports pushing/pulling from OCI registries:

1
helm push mychart.tgz oci://registry.example.com/charts
2
helm pull oci://registry.example.com/charts/mychart --version 1.2.3

If you’re using older tools like ChartMuseum, clarify that separately.

Mind Your Versions#

Watch for version skew between Helm and Kubernetes
Don’t upgrade Helm right before a production deploy — stability first!

Takeaway#

Helm is my DevOps bestie. It brings:

Organization
Repeatable configuration
And a lot less Kubernetes chaos

If you’re working with Kubernetes, get familiar with Helm.

It 100% deserves a spot in your toolkit.

Tools I Personally Trust#

If you’re building things, breaking things, or just trying to keep your digital life a little calmer - these are tools I actually use every day:

🛸 Proton VPN (60% off link) - my invisible cloak online. It secures your Wi-Fi, hides your IP, and blocks trackers - even on the sketchiest cafe Wi-Fi.

🔑 Proton Pass (50% off link) - my password vault. On-device encryption for logins, 2FA, and notes - all mine and only mine.

🦑 GitKraken Pro (50% off link) - my visual Git sidekick. Gorgeous commit graph, painless merges, and fewer “what just broke?” moments.

💖 These links give you sweet discounts - and help support DevOps.Pink at no extra cost. Thanks a ton!

🎬 YouTube
🐦 X (Twitter)
🎨 Instagram
🐘 Mastodon
🧵 Threads
🎸 Facebook
🦋 Bluesky
🎥 TikTok
💻 LinkedIn
📣 daily.dev Squad
✈️ Telegram
🐈 GitHub

Community of IT Experts#

👾 Discord

Refill My Coffee Supplies#

💖 PayPal
🏆 Patreon
🥤 BuyMeaCoffee
🍪 Ko-fi
⚡ Telegram Boost