Cloud / HELM Interview Questions
How do you use Helm with service meshes (Istio, Linkerd) for canary deployments?
Helm integrates with service meshes to enable sophisticated traffic management patterns beyond basic Kubernetes rollout strategies.
Helm chart with Istio VirtualService:
# templates/virtualservice.yaml
{{- if .Values.istio.enabled }}
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: {{ include "myapp.fullname" . }}
spec:
hosts:
- {{ .Values.istio.host }}
gateways:
- {{ .Values.istio.gateway }}
http:
- match:
- headers:
version:
exact: v2
route:
- destination:
host: {{ include "myapp.fullname" . }}
subset: v2
weight: {{ .Values.canary.weight }}
- route:
- destination:
host: {{ include "myapp.fullname" . }}
subset: v1
weight: 100
---
apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
name: {{ include "myapp.fullname" . }}
spec:
host: {{ include "myapp.fullname" . }}
subsets:
- name: v1
labels:
version: v1
- name: v2
labels:
version: v2
{{- end }}
Canary deployment with weights:
# values.yaml
canary:
enabled: true
weight: 10 # 10% traffic to v2
istio:
enabled: true
host: myapp.example.com
# CI/CD progressive weight increase
helm upgrade myapp ./chart --set canary.weight=25
helm upgrade myapp ./chart --set canary.weight=50
helm upgrade myapp ./chart --set canary.weight=100
Linkerd integration:
# Enable mesh injection in namespace
kubectl label namespace myapp istio-injection=enabled # Istio
kubectl annotate namespace myapp linkerd.io/inject=enabled # Linkerd
# In Helm chart templates, add annotations
annotations:
{{- if .Values.linkerd.enabled }}
linkerd.io/inject: "enabled"
{{- end }}
Traffic splitting with Flagger + Helm:
apiVersion: flagger.app/v1beta1
kind: Canary
metadata:
name: myapp
spec:
targetRef:
apiVersion: apps/v1
kind: Deployment
name: myapp
progressDeadlineSeconds: 60
canaryAnalysis:
interval: 30s
threshold: 10
stepWeight: 10
metrics:
- name: istio_requests_total
threshold: 99
webhooks:
- name: load-test
url: http://flagger-loadtester.test/
timeout: 5s
metadata:
cmd: "hey -z 1m -q 10 -c 2 http://myapp.test"
Helm chart structure for mesh deployments:
templates/
deployment.yaml # With version labels
service.yaml # Standard service
virtualservice.yaml # Istio traffic routing
destinationrule.yaml # Subset definitions
authorizationpolicy.yaml # Security policies
Best practices: Separate service mesh configuration into optional components (enable with conditionals). Use Helm hooks for mesh injection readiness checks. Monitor with Kiali/Jaeger for visualization.
Invest now in Acorns!!! 🚀
Join Acorns and get your $5 bonus!
Acorns is a micro-investing app that automatically invests your "spare change" from daily purchases into diversified, expert-built portfolios of ETFs. It is designed for beginners, allowing you to start investing with as little as $5. The service automates saving and investing. Disclosure: I may receive a referral bonus.
Invest now!!! Get Free equity stock (US, UK only)!
Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.
The Robinhood app makes it easy to trade stocks, crypto and more.
Webull! Receive free stock by signing up using the link: Webull signup.
More Related questions...
