Kubernetes Helm Chart

LarsAC · May 22, 2020, 9:16pm

Ah, got it - the secret is created by the chart itself.

rwlove · July 2, 2020, 3:52pm

I am currently migrating from bash script orchestration to a Kubernetes cluster. I am using https://github.com/rwlove/billimek-charts/commits/master/charts/home-assistant (fork’d repo, see top 4 patches) to deploy my Home Assistant instance. I have been hacking away and I’ve created a patchset that I think adds useful functionality. I don’t think the series is ready to be merged and I’m creating this post to solicit feedback on my changeset.

New Functionality

Ability to clone upstream custom components such that they’re loaded when Home Assistant starts.
Clone upstream secrets.yaml file such that it’s loaded when Home Assistant starts.
Mount /dev/wyze in the Pod for the Wyzesense Hub (similar to zwave)
Improve git-sync initContainer to pull from git if the git repo already exists when cloning the Home Assistant configuration

Changes #1 and #2)
These patches presume you are already enabling git-sync to clone your configuration from an upstream git repository. They require the user to create the following symlinks in their configuration git repository that git-sync will clone or pull from. My current layout looks like this:

➜  homeassistant-configuration git:(master) ls -l
total 16
-rw-rw-r-- 1 rwlove rwlove   3 Jun 27 07:57 automations.yaml
-rw-rw-r-- 1 rwlove rwlove 613 Jun 27 07:57 configuration.yaml
lrwxrwxrwx 1 rwlove rwlove  20 Jun 27 07:57 custom_components -> ../custom_components
-rw-rw-r-- 1 rwlove rwlove   0 Jun 27 07:57 groups.yaml
-rw-rw-r-- 1 rwlove rwlove  29 Jun 14 12:05 README.md
-rw-rw-r-- 1 rwlove rwlove   0 Jun 27 07:57 scenes.yaml
-rw-rw-r-- 1 rwlove rwlove   0 Jun 27 07:57 scripts.yaml
lrwxrwxrwx 1 rwlove rwlove  23 Jun 28 17:37 secrets.yaml -> ../secrets/secrets.yaml
-rw-rw-r-- 1 rwlove rwlove 179 Jun 14 12:46 secrets.yaml.example

The patchset will create the /custom_components/ and /secrets/ directories. The user is also required to have a secrets.yaml file in their Home Assistant secrets upstream git repository.

Within the pod it creates the structure:

bash-5.0# ls /config/ -l
total 65688
-rw-r--r--    1 root     root            29 Jun 30 19:32 README.md
drwxr-xr-x    5 root     root            94 Jun 30 19:34 appdaemon
-rw-r--r--    1 root     root             3 Jun 30 19:32 automations.yaml
-rw-r--r--    1 root     root           613 Jun 30 19:32 configuration.yaml
lrwxrwxrwx    1 root     root            20 Jun 30 19:32 custom_components -> ../custom_components
drwxr-xr-x    2 root     root            10 Jun 30 19:34 deps
-rw-r--r--    1 root     root             0 Jun 30 19:32 groups.yaml
-rw-r--r--    1 root     root           290 Jun 30 19:35 home-assistant.log
-rw-r--r--    1 root     root        139264 Jun 30 19:35 home-assistant_v2.db
-rw-r--r--    1 root     root             0 Jun 30 19:32 scenes.yaml
-rw-r--r--    1 root     root             0 Jun 30 19:32 scripts.yaml
lrwxrwxrwx    1 root     root            23 Jun 30 19:32 secrets.yaml -> ../secrets/secrets.yaml
-rw-r--r--    1 root     root           179 Jun 30 19:32 secrets.yaml.example
drwxr-xr-x    2 root     root            10 Jun 30 19:32 tts

My values.yaml looks like this for the above example:

secret:
  enabled: true

  ## we just use the hass-configurator container image                                                                                        
  ## you can use any image which has git and openssh installed                                                                                
  ##                                                                                                                                          
  image:
    repository: causticlab/hass-configurator-docker
    tag: 0.3.5-x86_64
    pullPolicy: IfNotPresent

  secret: git-creds
  syncPath: /config
  keyPath: /root/.ssh

  repo: "[email protected]:rwlove/<my-private-secrets-repo>.git"
  syncPath: /secrets

customcomponents:
  enabled: true

  ## we just use the hass-configurator container image                                                                                        
  ## you can use any image which has git and openssh installed                                                                                
  ##                                                                                                                                          
  image:
    repository: causticlab/hass-configurator-docker
    tag: 0.3.5-x86_64
    pullPolicy: IfNotPresent

  ## Specify the command that runs in the git-sync container to pull in configuration.                                                        
  # command: []
 syncPath: /custom_components

  components:
  - name: ewelink
    repo: "https://github.com/peterbuga/HASS-sonoff-ewelink"
    componentPath: HASS-sonoff-ewelink/sonoff
  - name: wyzesense
    repo: "https://github.com/kevinvincent/ha-wyzesense"
    componentPath: ha-wyzesense/custom_components/wyzesense

Change #3)
I currently use the below rule to create /dev/wyze. I also manually tag the node with the wyze hub USB stick.

➜  ~ cat /etc/udev/rules.d/99-wyze.rules
SUBSYSTEM=="usb", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="e024", SYMLINK+="wyze"

kubectl label nodes <node name> device=wyze

The relevant values.yaml:

wyze:
  enabled: true
  device: wyze

I can provide my full Home Assistant creation and deletion scripts, if anyone is curious.

Change #4)
This change is fairly simple. I use git to check if /config is a valid git repo. If it is, then I do a ‘git pull’, if not, I do a ‘git clone’.

Questions / Opens)

I probably just want to pass in a command for the custom components. I’m doing a weird ‘mv’ in the initContianer because each custom components directory layout is different, but I’ve put too much logic in the initContainer. Simply providing a command in values.yaml for each custom component is probably more of a robust solution.
I cannot seem to get HACS to install without a lot of manual changes. I have appdaemon running, but beyond that it’s unclear to me what I need to do. I can add it through my newly created custom components feature, but I have the impression that the functionality should already exist with appdaemon.
Is there a better way to converge the multiple git repos being pulled into the Pod? I’m currently requiring the user to create symlinks in their configuration git repo, but maybe there is a better way.

TODO)

Use .Values.git.rep and .Values.git.tag for customcomponents and secrets.
Remove .Values.customcomponents.componentPath and just provide a .Values.customcomponents.command for each custom component.
Update README.md

brettyj · July 3, 2020, 1:14am

How are you guys getting sonos working inside your pods? Home assistant won’t discover sonos now that it’s in a different subnet, with a cluserip and load balanced ip

LarsAC · July 10, 2020, 9:03pm

I guess you are looking for something like avahi-reflector or bonjour-reflector ?

Lars

dony1971 · November 25, 2020, 1:01am

Does anybody has values.yaml to deploy pvc on nfs ?
I try to understand how to deploy this

ingvarr · January 10, 2021, 4:45pm

For those who are interested in running in K8s without privileged, and still use USB sticks, this worked for me (with custom naming through udev to /dev root): https://gitlab.com/arm-research/smarter/smarter-device-manager
This way you start a dedicated privileged container, which allows non-privileged pods to use selected devices, and manage their allocation.

ingvarr · January 10, 2021, 4:46pm

I would love to kill hostnetwork and keep LIFX and uPnP, but the only way I found is through multus, which is in the edge of microk8s.
Any alternatives are welcome.

angelnu · January 26, 2021, 9:24am

I also use Multus in my microk8s cluster to access my Google Home devices. I use the macvlan mode so I do not have to setup manually any bridge on the host.

I run on glusterfs and use an external postgres cluster (Zalando operator) so I can failover HA between cluster nodes.

LarsAC · March 8, 2021, 9:21pm

It seems the helm chart was modified / moved ? I cannot get the code server sidecar to run - any hints on this ?

Thanks, Lars

andrey1 · March 18, 2021, 2:49pm

@angelnu, what’s you overhead with running external postgress cluster? i.e. service memory and cpu utilisation? Is it used only for HA or anything else?

Sedos · April 28, 2021, 6:01am

Hi Ingvarr,

Can you please share how are you able to use smarter-device-manager for bluetooth ?
Or maybe anybody has at least guide how to directly map it in k8s?

Need for bluetooth_le_module

Thank you,

angelnu · April 28, 2021, 11:18am

I run the postgres in HA mode using the Zalando operator and a wrapping chart I wrote.

Currently the primary instance is consuming 0.7 CPUs and 200 MB RAM while the backup is 0.03 CPUs and 36 MB RAM. I do not recall how much I was consuming before with the local mysql.

ingvarr · April 28, 2021, 11:57am

As long as device is present as a file in /dev/ (root!), it can be just added to the configuration. In this helm chart, it is possible through values.

gtracy · May 24, 2021, 3:39pm

+count me in.

gtracy · May 24, 2021, 4:17pm

I’m currently working with Kubernetes and learning more everyday. The learning curve is steep.
I had HA running on RaspPi a couple years ago but got very frustrated that code upgrades would corrupt my systems and abandoned HA as a result.
From what I have read it is much more stable and given it will work on Kubernetes I am game to jump back into the pool…
My desire is to use ceph for persistent storage. I have a specific interest in this scenario.
Has anyone created this sort of setup?

One additional question is where will I find all the current helm charts and the kubernetes install instrutions? Several of the above links are old and no longer functioning.
Thanks.