Using Helm with Enterprise PKS
Page last updated:
Warning: Pivotal Container Service (PKS)
v1.4 is no longer supported because it has reached the End
of General Support (EOGS) phase as defined by the
Support Lifecycle Policy.
To stay up to date with the latest software and security updates, upgrade to a supported version.
Helm 3 requires less configuration than Helm 2.
Helm 3 and Helm 2 include the following components:
||Client||Runs on your local workstation|
||Server||Runs inside your Kubernetes cluster|
Helm packages are called charts. For more information, see Charts in the Helm documentation.
Examples of charts:
For more charts, see the Helm Charts repository on GitHub.
To install and configure Helm 3, follow the Step 1: Install And Configure Helm instructions in the Bitnami PKS documentation.
To use Helm 2 with Enterprise PKS, you must first configure the Tiller component to give it access to the Kubernetes API. Tiller runs inside the Kubernetes cluster.
To grant API access to Tiller and install Helm 2:
Create a role-based access control (RBAC) configuration file named
rbac-config.yamlthat contains the following:
apiVersion: v1 kind: ServiceAccount metadata: name: tiller namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: tiller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: tiller namespace: kube-system
Create the service account and role by running the following command:
kubectl create -f rbac-config.yaml
Download and install the latest v2 patch release of the Helm CLI.
Deploy Helm 2 using the service account by running the following command:
helm init --service-account tiller
Verify that the permissions are configured by running the following command:
There should be no output from the above command.
To apply more granular permissions to the Tiller service account, see the Helm RBAC documentation.
For more information about securing Helm 2, see the Bitnami article Exploring the Security of Helm.
Please send any feedback you have to firstname.lastname@example.org.