There are four steps you should take if you are running Tiller (Helm’s server-side component) in a cluster that has untrusted users or pods. These steps are done at installation time, and will substantially improve Helm’s security.
The easiest way to install Tiller is with the
helm init command. Run just like that, it will install a version of Tiller into the cluster. But the version it installs has permissions equivalent to root (if the cluster does not have RBAC enabled). To configure Tiller with higher security, you will need to add some additional command line flags to the
helm init call, and you will need to create some roles and role bindings.
Update: Since the original version, the official documentation on RBAC was revised, and the link changed. This post has been updated accordingly.
1. Enable RBAC on Your Cluster, and Create Roles, SericeAccounts, and Role Bindings
Many Kubernetes clusters still do not have Role Based Access Control (RBAC) enabled. For security reasons, you should enable this. Each Kubernetes distribution has its own mechanism for enabling RBAC. Consult your distribution’s documentation.
Read more at TechnoSophos