Skip to main content

Deploy a Kubernetes Manifest

Continuous Delivery Pipeline Basics

Automating your deployments does require a few pieces. You do need something that can be deployed and infrastructure where the deployment will be performed. This can be in the form of a binary distribution e.g an image and a Kubernetes cluster. Typically with modern applications, the deployment manifests will be stored in source control, GitHub being a common SCM [source code management] solution.

For this example, we will deploy Grafana, an open source analytics tool, to a Kubernetes cluster with Harness CD. The needed Grafana Manifests will be stored on GitHub and you can deploy to a Kubernetes cluster of your choice.


Getting Started with Harness CD

Getting started with Harness CD is simple, first if you do not have a Harness Account, you can sign up for free for Harness CD.

Sign Up for Harness CD

Once signed up, navigate to the Deployments icon on the left hand navigation and create your start your free forever CD Free Plan.

Free Plan

Once you have clicked on “Start CD Free Plan”, a default Harness Project will be created for you automatically. Projects are logical groupings of resources. The generated default project is perfect for the first time deployment.

When navigating back to Deployments, can set the project context to the Default Project by clicking on the blue chevrons >> and selecting Default Project.

Default Project

With the Default Project selected, clicking on Overview will bring up a wizard to create your first Pipeline/Deployment.

Create First Pipeline

There are a few Harness entities that will need to be created in Harness. The needed objects are wirings to Docker Hub for public image access and GitHub for the Granfa manifest. These objects can be set up during the Pipeline creation or set up ahead of time so they can be reused in multiple Pipelines.

Install Delegate

Install Delegate

Install Delegate on Kubernetes or Docker

What is a Delegate?

Harness Delegate is a lightweight worker process that is installed on your infrastructure and communicates only via outbound HTTP/HTTPS to the Harness Platform. This enables the Harness Platform to leverage the delegate for executing the CI/CD and other tasks on your behalf, without any of your secrets leaving your network.

You can install the Harness Delegate on either Docker or Kubernetes.

Install Delegate

Create New Delegate Token

Login to the Harness Platform and go to Account Settings -> Account Resources -> Delegates. Click on the Tokens tab. Click +New Token and give your token a name `firstdeltoken`. When you click Apply, a new token is generated for you. Click on the copy button to copy and store the token in a temporary file for now. You will provide this token as an input parameter in the next delegation installation step. The delegate will use this token to authenticate with the Harness Platform.

Get Your Harness Account ID

Along with the delegate token, you will also need to provde your Harness accountId as an input parameter to the delegate installation. This accountId is present in every Harness URL. For example, in the following URL

6_vVHzo9Qeu9fXvj-AcQCb is the accountId.

Now you are ready to install the delegate on either Docker or Kubernetes.


Ensure that you access to a Kubernetes cluster. For the purposes of this tutorial, we will use minikube.

Install minikube

  • On Windows:
choco install minikube
  • On macOS:
brew install minikube

Now start minikube with the following config.

minikube start --memory 4g --cpus 4

Validate that you have kubectl access to your cluster.

kubectl get pods -A

Now that you have access to a Kubernetes cluster, you can install the delegate using any of the options below.

Install Helm Chart

As a prerequisite, you should have Helm v3 installed on the machine from which you connect to your Kubernetes cluster.

You can now install the delegate using the Delegate Helm Chart. Let us first add the harness-delegate helm chart repo to your local helm registry.

helm repo add harness-delegate
helm repo update
helm search repo harness-delegate

You can see that there are two helm charts available. We will use the harness-delegate/harness-delegate-ng chart in this tutorial.

NAME                                    CHART VERSION   APP VERSION DESCRIPTION                                
harness-delegate/harness-delegate-ng 1.0.8 1.16.0 A Helm chart for deploying harness-delegate

Now we are ready to install the delegate. The following command installs/upgrades firstk8sdel delegate (which is a Kubernetes workload) in the harness-delegate-ng namespace by using the harness-delegate/harness-delegate-ng helm chart.

helm upgrade -i firstk8sdel --namespace harness-delegate-ng --create-namespace \
harness-delegate/harness-delegate-ng \
--set delegateName=firstk8sdel \
--set delegateToken=PUT_YOUR_DELEGATE_TOKEN_HERE \
--set delegateDockerImage=harness/delegate:23.02.78306 \
--set replicas=1 --set upgrader.enabled=false

PUT_YOUR_MANAGER_HOST_AND_PORT_HERE should be replaced by the Harness Manager Endpoint noted below. For Harness SaaS accounts, you can find your Harness Cluster Location in the Account Overview page under Account Settings section of the left navigation. For Harness CDCE, the endpoint varies based on the Docker vs. Helm installation options.

Harness Cluster LocationHarness Manager Endpoint on Harness Cluster
SaaS prod-1
SaaS prod-2
SaaS prod-3
CDCE Dockerhttp://<HARNESS_HOST> if Docker Delegate is remote to CDCE or http://host.docker.internal if Docker Delegate is on same host as CDCE
CDCE Helmhttp://<HARNESS_HOST>:7143 where HARNESS_HOST is the public IP of the Kubernetes node where CDCE Helm is running

Verify Delegate Connectivity

Click Continue and in a few moments after the health checks pass, your Delegate will be available for you to use. Click Done and can verify your new Delegate is on the list.

Helm Chart & Terraform Helm Provider

Delegate Available

Kubernetes Manifest

Delegate Available


Delegate Available

You can now route communication to external systems in Harness connectors and pipelines by simply selecting this delegate via a delegate selector.

Your First CD Pipeline with Harness - What To Deploy

With the Delegate install out of the way, you are now ready to create your first Pipeline. You will be deploying a Docker Image with a Kubernetes Manifest coming from Docker Hub and GitHub respectively. The following steps will walk you through how to create a Pipeline with those resources.

  • Deployments -> Pipelines + Create new Pipeline
  • Name: my-first-pipeline
  • Setup: in-line

New Pipeline

Click Start and add a Pipeline Stage by clicking the +Add Stage icon.

First Pipelien Stage

Select Deploy as the Stage. Next, name the stage “Deploy Grafana” as a type Service.

Stage Name

Then click Set Up Stage.

The first step is to define the Service by clicking on + New Service

About Service

Can name the Service “my-grafana-instance”.

My Grafana

Once Saved, the next step is to point to a Grafana Kubernetes Manifest. In the Service Definition section, select Kubernetes as the Deployment Type. Then you can add a Manifest from GitHub.

Manifest Type

By selecting +Add Manifest, in the Manifest Wizard, select K8s Manifest.

K8s Manifest

Click continue and select GitHub as the Manifest Source/Store.

Manifest Store

Now you are ready to create a GitHub Connector. GitHub does require Personal Access Tokens [PATs] to access git operations. See below if you do not have one setup.

Wiring GitHub into Harness

Harness will also need access to where to grab the Kubernetes manifests from GitHub and pull an image down from Docker Hub.

GitHub Wiring

GitHub as of 2021 requires token authentication e.g. no more passwords for git operations.

If you have not created a Personal Access Token before.

  • GitHub -> Settings -> Developer Settings -> Personal Access Tokens
  • Name: harness
  • Scopes: repo
  • Expiration: 30 days

GitHub PAT

Make sure to copy down the token that is generated.

In the GitHub Connector Wizard, there are a few steps to wire in your GitHub credentials. For the example authenticate against the repo which is housing the manifest.

Manifest Name: my-gh-connector

GitHub Connector

Click Next. Now can set up authentication against the repository.

GitHub URL

Click Next and provide your GitHub Username and Personal Access Token which can be stored securely in the Harness Secrets Manager.

GitHub Creds

Click on the Personal Access Token to configure your PAT.

  • Secrets Manager: Harness Built-in Secret Manager
  • Secret Name: github_pat

GitHub PAT Secret

Once you hit Save then Continue, select a Harness Delegate to run the operation on. If you have more than one Harness Delegate, can narrow the scope down or for the example, can “Use any available delegate” since this is the only one.

Pick Delegate

Click Save and Continue to validate the GitHub Connection.

Validate GitHub

Next, you will need to wire in the Manifest Details which are being pulled from

Looking at the GitHub structure there are two files to leverage, the deployment manifest and a values.yaml:

Grafana Manifest

Grafana Values.yaml

Can wire those two manifests into Harness.

  • Manifest Name: grafana
  • Branch: main
  • File/Folder Path: /applications/grafana/grafana.yaml
  • Values.yaml: /applications/grafana/grafana_values.yaml

Harness has the ability to read in input variables in your pipeline. In a deployment manifest, can wire in variables to be picked up by Harness. Later when executing the Pipeline, Harness can prompt you for which tag of the image to deploy with {{.Values.image}}.

Image Value Template

Manifest Details

Click Submit, and now your Grafana Manifests will be wired to the Pipeline.

Manifests Wired

Binary Artifact Registry Wiring

To select which version of Grafana to deploy, you can add an Artifact to the Pipeline for Deployment.

Add Artifact

Clicking + Add Primary Artifact, select Docker Registry as the Artifact Repository Type.

Repo Type

Click Continue, the next step is to let Harness know how to connect to the Docker Registry. To head to Docker Hub, can create a new Docker Registry Connector.

+New Docker Registry Connector

Can provide a name for the new Docker Connector.

  • Name: docker_hub_public

Docker Hub Public

Next can provide authentication as needed. Certain Docker Hub Registries limit unauthenticated pulls. If you do have Docker Hub credentials, can enter them here. If not, can use Anonymous. Though there might be a chance the public image has reached it’s public unauthenticated pull limit.

Docker Hub Config

Click Next and select the Delegate to run the image pull. Can use any available Delegate.

Docker Hub Delegate

Click Save and Continue to test the connection. Clicking Continue will allow you to enter the artifact location e.g Artifact Details. The image that we will pull is located at and has a Docker Pull command of docker pull grafana/grafana.

  • Image Path: grafana/grafana

Artifact Details

Clicking Submit will wire the Artifact into the Harness Pipeline.

Artifact Wired

Click Continue, and now you are ready to wire in where and how you want to deploy.

Where Your Pipeline Deploys To

The next step is to define the infrastructure or where your Pipeline will deploy to. The first step is to define the “where” as a Harness Environment.

First Pipeline no Env

A Harness Environment is your deployment target. You can create a new Harness Environment via the wizard by clicking on + New Environment.

  • Name: my-k8s-environment
  • Environment Type: Pre-Production

New Environment

Click Save and now you are ready to wire in your Kubernetes cluster. Since your Delegate should be running in a Kubernetes cluster, you can create a reference to this cluster with a Cluster Connector.

Select “Direct Connection” Kubernetes then can fill out the Cluster Details with a New Connector.

Infra Def

Click on Select Connector and then + New Connector

New Infra Connector

Once clicked on + New Connector, can give a name to your Kubernetes cluster.

  • Name: my-k8s-cluster

K8s Cluster Name

Click Continue and select “Use the credentials of a specific Harness Delegate” to connect.

Choose K8s Connectivity

Click Continue and select the Harness Delegate you installed into your Kubernetes Cluster e.g my-harness-delegate.

K8s Delegate

Click Save and Continue and a connectivity test will occur.

Click Finish and you can enter a namespace that is available on the Kubernetes cluster.

  • Namespace: default

Cluster Details

Click Continue and now you are ready to configure how you want your deployment to execute.

How Your Pipeline Deploys

Clicking Continue, you are now ready to configure the Execution Strategy or the “how” your Pipeline executes. Harness can guide you through several deployment strategies such as a Rolling Deployment or a Canary Deployment. For the example, a Rolling Deployment is simplest.

Exec Strategy

Select “Rolling Kubernetes” then click on Use Strategy. Now you are ready to save this Pipeline and execute the Pipeline to create a deployment.


Click Save and now you are ready to deploy.

Running Your First Harness Pipeline

After the setup steps, you are on your way to a repeatable deployment process. Click run in the Pipeline Window.

Run Pipeline

Here you can select the Artifact Tag that you want to deploy. At the time of this tutorial, Grafana 9.x is out can search for “9.”.

Select Artifact

Select a version of the Artifact you want to run e.g “9.1.1” and click Run Pipeline.

Ready to Run

After a few moments, your Grafana Deployment is complete!


Head back to your terminal and run a kubectl command to get the address [External IP] of what you just deployed. If you are using minikube, to expose a Kubernetes Service, you might have to run minikube tunnel.

kubectl get services -A

External IP

Head to the External-IP over port 3000 to see Grafana. E.g By default, the Grafana user and password is admin/admin.


Congratulations on your first Continuous Delivery Pipeline! The objects that you created can be reused in future pipelines. You are well on your path to Continuous Delivery excellence.