What's on this page

Configuring a custom Helm repository with BEL's lifecycle automation

BEL’s lifecycle automation for Linkerd manages BEL installs via Helm charts. By default, it uses the publicly-available Helm charts at https://helm.buoyant.cloud. However, you may choose to host these Helm charts internally in a private and/or airgapped environment. This guide demonstrates how to configure the BEL lifecycle automation operator to use a custom Helm repository.

Prerequisites

The BUOYANT_LICENSE environment variable set
Your own self-hosted Helm repository, mirroring https://helm.buoyant.cloud

Step 1: Create a config file

Set helmRepoPrefix to your own custom Helm repository, and save this file as custom-helm-repository-values.yaml:

HTTP

custom-helm-repository-values.yaml

controlPlaneOperator:
  helmRepoPrefix: "http://example.com:5000"
  helmNoTLS: true

HTTPS

custom-helm-repository-values.yaml

controlPlaneOperator:
  helmRepoPrefix: "https://example.com:5000"
  # If you are using a private CA, configure the operator to use it:
  additionalVolumes:
    - name: private-ca
      secret:
        secretName: private-ca
  additionalVolumeMounts:
    - mountPath: /etc/ssl/certs/private-ca.pem
      name: private-ca
      readOnly: true
      subPath: private-ca.pem

If you are using a private CA, configure the operator to use it:

kubectl create ns linkerd-buoyant
kubectl -n linkerd-buoyant create secret generic private-ca --from-file=private-ca.pem=rootCA.pem

Step 2: Install the BEL lifecycle automation operator

Next, install the BEL lifecycle automation operator referencing the file created in the previous step.

helm install linkerd-buoyant \
  --create-namespace \
  --namespace linkerd-buoyant \
  --set buoyantCloudEnabled=false \
  --set license=$BUOYANT_LICENSE \
  --values custom-helm-repository-values.yaml \
  linkerd-buoyant/linkerd-buoyant

Learning more

For more information about using BEL’s lifecycle automation, see the Lifecycle automation reference page.