Questions and answers

You have questions? We might have some answers!

Questions

Answers

What packages can use?

Packages must be self-contained, and not require any additional external service in order to run.

It should be possible to simply start up a local cluster in Minikube and deploy it right away. At the same time it should be possible to run them on any other Kubernetes based solution, in the real cloud.

What is required to create a new package?

We have a full page dedicated to this question: Contribute.

Who is involved in this project?

Take a look at the Who’s Involved page of the project.

Why aren't you using Tiller?

Tiller is a server side component for Helm 2. It allows the Helm client, which is on your local machine, to talk to the cluster, and let it perform the deployment.

There are several aspects to that, which make the use of Tiller complicated. The main concern is security (also see Exploring the Security of Helm). The default deployment of Tiller is rather insecure. That may work on a local instance of Kubernetes, but not when using an actual, hosted version.

And while you can configure Tiller to be less insecure, and also work on a multi-tenant cluster, this might require permissions you don’t have on that cluster. And require additional steps to set up Tiller first.

On the other hand, this project is about getting you started with IoT, not about administrating Tiller. And since Helm allows to locally generate the YAML files, required for deployment, it seems much easier to only use Helm as a template tool, and use standard Kubernetes tooling to perform the deployment.

Why are you using insecure settings?

Every now and then, you might spot a --insecure (or equivalent settings) in the commands.

It is unfortunate, but sometimes it is necessary. With the availability of Let’s Encrypt, it would actually be rather simple to add proper TLS certificates. But when you are running a local minikube instance, you can’t properly use certificates. Also does the process of getting a proper Let’s Encrypt certificate still need a significant effort and understanding, on the user side, especially when requesting a wildcard certificate.

You are encouraged to try with a proper certificate though, and drop the --insecure for commands.

My question isn't answered here!

Your chance to contribute! Raise the question on GitHub, and we will take a look.