Modify Helm chart values

Gloo Mesh Enterprise uses Helm chart values for settings that control features such as relay certificates, rate limiting, or external authentication.

As you use Gloo Mesh, you might need to modify the Helm chart values to enable or disable these settings for the features that you want to use. Upgrading the Helm chart settings typically does not restart the gloo-mesh-mgmt-server or gloo-mesh-agent pods in your clusters. However, to verify any prerequisite steps or impact, consult the guides for the feature that you want to enable before changing the Helm chart values.

About Gloo Mesh Helm chart components

The following table provides an overview of the Gloo Mesh Helm chart components. You might want to modify some of these charts’ values for your Gloo Mesh setup.

Helm chart Component Prefix Description
gloo-mesh-enterpise Management server glooMeshMgmtServer A component of the Gloo Mesh Enterprise chart to deploy the management server on the management cluster.
gloo-mesh-enterpise UI glooMeshUi A component of the Gloo Mesh Enterprise chart to render the UI that you can launch with the meshctl dashboard command.
gloo-mesh-enterpise Redis glooMeshRedis An optional component of the Gloo Mesh Enterprise chart to store the ID tokens you use to log in to the UI.
gloo-mesh-agent Agent glooMeshAgent The Gloo Mesh agent, deployed on each workload cluster.

Before you begin

  1. Review the Helm value reference documentation for a description of the Helm chart settings that you can modify.

  2. Save the environment variables that you need.

    # Save the kubeconfig contexts for your clusters. Run kubectl config get-contexts, look for your cluster in the CLUSTER column, and get the context name in the NAME column.
    export MGMT_CONTEXT=<management_cluster_config>
    export REMOTE_CONTEXT=<remote_cluster_config>
    
    # Set the Gloo Mesh Enterprise version. The latest version is used as an example. You can find other versions in the Changelog documentation.
    export GLOO_MESH_VERSION=2.1.0-beta8
    
    # Add your Gloo Mesh Enterprise license that you got from your Solo account representative.
    export GLOO_MESH_LICENSE_KEY=<license_key>
    

Installing or upgrading modified Helm values

Install or upgrade the Gloo Mesh Enterprise Helm chart with helm install or helm upgrade CLI commands by using a configuration file such as values.yaml or the --set option. You can download the bundled Gloo Mesh Enterprise charts from https://storage.googleapis.com/gloo-mesh-enterprise/.

  1. Target your cluster.

    
        kubectl config use-context ${MGMT_CONTEXT}
        
    
        kubectl config use-context ${REMOTE_CONTEXT}
        

  2. Add and update the Helm chart repos. Add or update the gloo-mesh-enterprise repo for the management cluster and gloo-mesh-agent for the workload clusters.

    
        helm repo add gloo-mesh-enterprise https://storage.googleapis.com/gloo-mesh-enterprise/gloo-mesh-enterprise
        
    
        helm repo add gloo-mesh-agent https://storage.googleapis.com/gloo-mesh-enterprise/gloo-mesh-agent
        
    
        helm repo update
        

  3. Optional: View the latest chart versions.

    helm search repo
    
  4. Optional: If you already installed the Helm chart, view the current Helm values of the installed chart.

    
       helm show values gloo-mesh-enterprise/gloo-mesh-enterprise --version $GLOO_MESH_VERSION
       
    
       helm show values gloo-mesh-agent/gloo-mesh-agent --version $GLOO_MESH_VERSION
       
  5. If you did not already install the Helm chart, create the gloo-mesh namespace.

    kubectl create ns gloo-mesh
    
  6. Continue to the next sections to install or upgrade Helm chart values, depending on which method you want to use.

Modifying values with –set

Specify the Helm value that you want to modify in the --set command. Remember to include the prefix for the component that you want to modify. For a description of the Helm chart settings that you can modify, review the Helm value reference documentation.


helm install gloo-mesh-enterprise gloo-mesh-enterprise/gloo-mesh-enterprise \
--namespace gloo-mesh \
--kube-context ${MGMT_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--set licenseKey=${GLOO_MESH_LICENSE_KEY} \
--set glooMeshMgmtServer.floatingUserId=true \
--set glooMeshUi.floatingUserId=true \
--set glooMeshRedis.floatingUserId=true

helm upgrade gloo-mesh-enterprise gloo-mesh-enterprise/gloo-mesh-enterprise \
--namespace gloo-mesh \
--kube-context ${MGMT_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--set licenseKey=${GLOO_MESH_LICENSE_KEY} \
--set glooMeshMgmtServer.floatingUserId=true \
--set glooMeshUi.floatingUserId=true \
--set glooMeshRedis.floatingUserId=true

helm install gloo-mesh-agent gloo-mesh-agent/gloo-mesh-agent \
--namespace gloo-mesh \
--kube-context=${REMOTE_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--set insecure=true

helm upgrade gloo-mesh-agent gloo-mesh-agent/gloo-mesh-agent \
--namespace gloo-mesh \
--kube-context=${REMOTE_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--set insecure=true

Modifying values with a configuration file

  1. Create a configuration file with a name such as values.yaml, and include the Helm values that you want to modify, such as the following example. The example modifies the settings of the glooMeshMgmtServer and glooMeshUi components so that you can provide your own relay certificates. The example also shows how you might use the deploymentOverrides and serviceOverrides to modify the default deployment of the glooMeshMgmtServer with your own Kubernetes resources, like a config map or service account.

    For a description of each Helm chart setting that you can modify, review the Helm value reference documentation.

    insecure: false
    mgmtClusterName: $MGMT_CLUSTER
    glooMeshMgmtServer:
      deploymentOverrides:
        spec:
          template:
            spec:
              volumeMounts:
                - name: envoy-config
                  configMap:
                    name: my-custom-envoy-config
      floatingUserId: false
      relay:
        disableCa: true
        disableCaCertGeneration: true
        tlsSecret:
          name: relay-server-tls-secret
          namespace: gloo-mesh
      serviceOverrides:
        spec:
          serviceAccountName: other-service-account
    glooMeshUi:
      floatingUserId: false
    
  2. Optional: Review your changes in the context of the entire template for the Helm chart that you plan to install, such as gloo-mesh-enterprise/gloo-mesh-enterprise for the management cluster. The output includes the YAML manifests for all the resources that Gloo Mesh Enterprise installs in your cluster with the Helm chart, including the changes that you just made.

    helm template gloo-mesh-enterprise https://storage.googleapis.com/gloo-mesh-enterprise/gloo-mesh-enterprise/gloo-mesh-enterprise-$GLOO_MESH_VERSION.tgz --namespace gloo-mesh --values values.yaml
    
  3. Install or upgrade the Helm chart with your updated Helm values.


helm install gloo-mesh-enterprise gloo-mesh-enterprise/gloo-mesh-enterprise \
--namespace gloo-mesh \
--kube-context ${MGMT_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--set licenseKey=${GLOO_MESH_LICENSE_KEY} \
--values values.yaml

helm upgrade gloo-mesh-enterprise gloo-mesh-enterprise/gloo-mesh-enterprise \
--namespace gloo-mesh \
--kube-context ${MGMT_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--values values.yaml

helm install gloo-mesh-agent gloo-mesh-agent/gloo-mesh-agent \
--namespace gloo-mesh \
--kube-context=${REMOTE_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--values values.yaml

helm upgrade gloo-mesh-agent gloo-mesh-agent/gloo-mesh-agent \
--namespace gloo-mesh \
--kube-context=${REMOTE_CONTEXT} \
--version ${GLOO_MESH_VERSION} \
--values values.yaml