Configuration difference
Here's a detailed comparison between Helm and raw Kubernetes manifests using Vaultwarden deployment as an example:
1. Raw Kubernetes Manifest Approach
# vaultwarden-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: vaultwarden
spec:
replicas: 1
selector:
matchLabels:
app: vaultwarden
template:
metadata:
labels:
app: vaultwarden
spec:
containers:
- name: vaultwarden
image: vaultwarden/server:latest
ports:
- containerPort: 80
env:
- name: ADMIN_TOKEN
value: "mysecretpassword"
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: vaultwarden-pvc
---
# vaultwarden-service.yaml
apiVersion: v1
kind: Service
metadata:
name: vaultwarden
spec:
selector:
app: vaultwarden
ports:
- protocol: TCP
port: 80
targetPort: 80
---
# vaultwarden-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: vaultwarden-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs
resources:
requests:
storage: 5GiDeployment Steps:
kubectl apply -f vaultwarden-pvc.yaml
kubectl apply -f vaultwarden-deployment.yaml
kubectl apply -f vaultwarden-service.yaml2. Helm Chart Approach
# values.yaml
image:
repository: vaultwarden/server
tag: latest
pullPolicy: IfNotPresent
service:
type: ClusterIP
port: 80
persistence:
enabled: true
storageClass: "nfs"
size: 5Gi
env:
ADMIN_TOKEN: "mysecretpassword"
ingress:
enabled: true
hosts:
- host: vaultwarden.yourdomain.com
paths:
- path: /Deployment Steps:
helm repo add vaultwarden https://github.com/dani-garcia/vaultwarden
helm install vaultwarden vaultwarden/vaultwarden -f values.yaml3. Key Differences
| Feature | Raw Manifests | Helm |
|---|---|---|
| Lines of Code | ~40 lines (3 files) | ~15 lines (1 values file) |
| Updates | Edit/apply each file | helm upgrade --set param=value |
| Secret Management | Plaintext in YAML | Helm Secrets/SOPS integration |
| Dependencies | Manual DB/Redis setup | Auto-install via requirements.yaml |
| DRY Principle | Repeat similar configs | Reuse templates with {{ .Values }} |
| Version Control | Manual tracking | helm history vaultwarden |
| Rollback | Manual kubectl apply of old files |
helm rollback vaultwarden 1 |
| Community Support | Copy/paste from docs | helm search repo vaultwarden |
| Complex Features | Manual ingress setup | Built-in ingress support |
| Storage Configuration | Direct PVC definition | Abstracted via persistence config |
4. Maintenance Comparison
Scenario: Adding Redis caching to Vaultwarden
Raw Manifest Approach:
- Create Redis deployment
- Create Redis service
- Modify Vaultwarden deployment with Redis env vars
- Apply 3 new files
- Manually verify connections
Helm Approach:
# values.yaml
redis:
enabled: true
architecture: standalonehelm upgrade vaultwarden . --values values.yaml5. Homelab-Specific Advantages
Helm Wins When:
- Managing multiple similar services (Nextcloud/Paperless-ngx)
- Upgrading application versions
- Enabling/disabling features like ingress
- Managing secrets across environments
- Backing up/recreating entire stacks
Raw Manifests Win When:
- Learning Kubernetes fundamentals
- Debugging specific resource issues
- Creating one-off custom deployments
- Working with experimental CRDs
6. Real-World Example Output
Helm Status Check:
$ helm status vaultwarden
NAME: vaultwarden
LAST DEPLOYED: Fri Oct 6 10:00:00 2023
NAMESPACE: default
STATUS: deployed
RESOURCES:
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
vaultwarden ClusterIP 10.43.10.123 <none> 80/TCP 2d
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY STORAGECLASS
vaultwarden Bound pvc-1234abcd 5Gi nfsRaw Manifest Check:
$ kubectl get pvc,deploy,svc -l app=vaultwarden
NAME STATUS VOLUME CAPACITY
persistentvolumeclaim/vaultwarden Bound pvc-1234abcd 5Gi
NAME READY UP-TO-DATE AVAILABLE
deployment.apps/vaultwarden 1/1 1 1
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
service/vaultwarden ClusterIP 10.43.10.123 <none> 80/TCPFor your homelab with multiple applications, Helm provides better long-term maintainability while raw manifests offer better visibility into individual resources. Would you like me to show a specific application's Helm chart configuration for your stack?