Helm is a package manager for Kubernetes that simplifies deploying and managing applications. It uses charts—pre-configured Kubernetes templates—to bundle your app's configuration, making multi-step deployments repeatable and version-controlled.
Helm solves a real problem: writing raw YAML manifests for Kubernetes is tedious, error-prone, and hard to maintain. With hundreds of configuration files needed for a typical application, managing them manually across environments becomes a nightmare.
Think of Helm as apt or npm, but for Kubernetes. Instead of writing manifests by hand, you define your app once in a reusable template called a chart, then deploy it anywhere with a single command. Helm handles the templating, variable substitution, and versioning automatically.
The project was originally developed by Deis and is now maintained by the Cloud Native Computing Foundation (CNCF). It's become the de facto standard for Kubernetes package management, with thousands of production charts available in public repositories.
A chart is a collection of files that describe a Kubernetes application. It's essentially a templated package containing:
Charts are portable. You can share them across teams, versions, and environments. A single chart can deploy to dev, staging, and production with different values files.
A release is an instance of a chart running in your cluster. When you deploy a chart, Helm creates a release with a unique name. You can have multiple releases of the same chart—each with different configurations and names.
Helm tracks releases and maintains release history, so you can rollback to previous versions instantly if something breaks.
Repositories are remote stores of charts. Think of them as app stores for Kubernetes. The most popular ones include:
You can also create private repositories for internal charts using tools like ChartMuseum or Harbor.
The Helm workflow is straightforward but powerful. Here's what happens when you deploy a chart:
The beauty here is separation of concerns. Developers define the chart once. Operations teams provide environment-specific values. DevOps engineers manage deployments with single commands.
Let's deploy a real example. Say you want to run Nginx:
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install my-nginx bitnami/nginx --values custom-values.yaml
That's it. Three commands deploy a production-ready Nginx with all best practices baked in. Without Helm, you'd write 50+ lines of YAML manually.
Need to update your app to a new version? Helm makes it seamless:
helm upgrade my-nginx bitnami/nginx --values custom-values.yaml
Helm applies only the changes, leaving other resources untouched. And if the upgrade fails, rollback is one command:
helm rollback my-nginx 1
For custom applications, you'll want to create your own charts. Helm provides scaffolding:
helm create my-app
This generates a basic chart structure. Let's say your app needs a Deployment and Service. Your templates/deployment.yaml might look like:
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Chart.Name }}
spec:
replicas: {{ .Values.replicaCount }}
template:
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
ports:
- containerPort: {{ .Values.service.port }}
Notice the template syntax: {{ .Values.replicaCount }} gets replaced with actual values from values.yaml. This single template now works for dev, staging, and production—just change the values file.
replicaCount: 3
image:
repository: myapp
tag: "1.2.0"
service:
port: 8080
type: LoadBalancer
Helm isn't necessary for everything. Consider using it when you have:
For simple single-environment deployments or learning Kubernetes, raw YAML or kustomize might be sufficient.
While Helm dominates, alternatives exist:
Many teams use Helm charts deployed through ArgoCD or Flux for CI/CD workflows that enforce GitOps practices.
Don't just use Helm—use it well. Here's how:
helm lint before committing to catch YAML errors earlyhelm upgrade --dry-run to preview changes before applyingModern DevOps teams integrate Helm with GitOps platforms. You store Helm charts and values in Git, then tools like ArgoCD automatically detect changes and apply them to clusters. This approach gives you:
Check out our ArgoCD guide to see how Helm integrates with GitOps workflows.
Ready to use Helm? Start here:
helm repo add bitnami https://charts.bitnami.com/bitnamihelm search repo nginxhelm install my-release bitnami/nginxhelm status my-releaseFor deeper learning, explore the Kubernetes deployment strategies article and understand how Helm integrates with your deployment pipeline.
Helm 2 is deprecated. If you're still on it, upgrade immediately. Key differences:
kubectl is a low-level tool for managing individual Kubernetes resources. Helm is a higher-level package manager that orchestrates kubectl. Helm handles templating, versioning, and multi-resource deployments. You can think of kubectl as the assembly language and Helm as a framework built on top of it.
Absolutely. Most teams use Helm for application packaging and deploy via CI/CD tools like Jenkins, GitLab CI, or GitHub Actions. The real modern approach combines Helm with GitOps tools like ArgoCD that watch Git repositories and automatically deploy when charts change. Learn more in our CI/CD best practices guide.
Never hardcode secrets in values.yaml. Instead, use Kubernetes Secrets, external secret managers (Vault, AWS Secrets Manager), or Helm plugins like helm-secrets. Reference the secret in your values file and Kubernetes handles the decryption. This keeps sensitive data out of Git.
Yes, that's the point. You publish a chart to a repository, and any team can use it with their own values file. This encourages standardization and reduces duplicate work. Many enterprises run internal chart repositories where teams share battle-tested, approved charts across projects.