Helm upgrade. Does it create another container for that application with that image and deletes the old container?

shashikaushal2006123 · February 22, 2025, 1:05pm

controlplane ~ ➜ helm upgrade dazzling-web bitnami/nginx --version 18.3.6
Pulled: us-central1-docker.pkg.dev/kk-lab-prod/helm-charts/bitnami/nginx:18.3.6
Digest: sha256:19a3e4578765369a8c361efd98fe167cc4e4d7f8b4ee42da899ae86e5f2be263
Release “dazzling-web” has been upgraded. Happy Helming!
NAME: dazzling-web
LAST DEPLOYED: Sat Feb 22 13:03:00 2025
NAMESPACE: default
STATUS: deployed
REVISION: 4
TEST SUITE: None
NOTES:
CHART NAME: nginx
CHART VERSION: 18.3.6
APP VERSION: 1.27.4

Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.

** Please be patient while the chart is being deployed **
NGINX can be accessed through the following DNS name from within your cluster:

dazzling-web-nginx.default.svc.cluster.local (port 80)

To access NGINX from outside the cluster, follow the steps below:

Get the NGINX URL by running these commands:

NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: ‘kubectl get svc --namespace default -w dazzling-web-nginx’

export SERVICE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].port}" services dazzling-web-nginx)
export SERVICE_IP=$(kubectl get svc --namespace default dazzling-web-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo "http://${SERVICE_IP}:${SERVICE_PORT}"

WARNING: There are “resources” sections in the chart not set. Using “resourcesPreset” is not recommended for production. For production installations, please set the following values according to your workload needs:

cloneStaticSiteFromGit.gitSync.resources
resources
+info Resource Management for Pods and Containers | Kubernetes

controlplane ~ ➜ kubectl get pods
NAME READY STATUS RESTARTS AGE
dazzling-web-nginx-65fd75c87f-fvl4g 1/1 Running 0 5m12s
dazzling-web-nginx-f759468b5-rsfdb 0/1 Init:0/1 0 6s

controlplane ~ ➜ kubectl get pods
NAME READY STATUS RESTARTS AGE
dazzling-web-nginx-f759468b5-rsfdb 1/1 Running 0 24s

Alistair_KodeKloud · February 22, 2025, 1:28pm

A helm chart once rendered is nothing more than a bunch of Kubernetes manifests which it then effectively does kubectl apply on, so there’s no magic here as to how workloads get changed/updated.

What it does do is to compare the state of the cluster with what the chart wants to deploy. If you do kubectl get secrets in a namespace where a helm chart is deployed, these secrets is how it tracks deployment history and compares what is deployed with what it thinks should be deployed.

shashikaushal2006123 · February 22, 2025, 5:55pm

@Alistair_KodeKloud …Thank you for your response. Would like to check Certified Kubernetes Administrator (CKA) Program Changes - Linux Foundation - Education in the syllabus CKA i don’t see security being listed . Is it safe enough to leave that module?

rob_kodekloud · February 22, 2025, 11:00pm

Since security is pretty fundamental, I’d make sure to study that as well.