Tiller
Definition
Tiller is a server-side component of Helm, a package manager for Kubernetes, which manages the installation and management of Kubernetes applications. It interacts with the Kubernetes API server to deploy and manage the lifecycle of applications defined in Helm charts. Tiller has been deprecated in Helm 3 in favor of a client-only architecture to improve security and simplify the deployment process.
Secure Settings Example
# Example of a secure Helm 3 configuration without Tiller
apiVersion: v1
kind: ConfigMap
metadata:
name: my-helm-config
data:
# Use Helm 3 which does not require Tiller
helmVersion: "v3"
# Enable strict security policies
securityPolicies:
- enforcePodSecurityPolicy: true
- enforceNetworkPolicy: true
Insecure Settings Example
# Example of an insecure Helm 2 configuration using Tiller
apiVersion: v1
kind: ConfigMap
metadata:
name: tiller-config
data:
# Tiller with cluster-admin privileges
tillerNamespace: kube-system
tillerServiceAccount: tiller
tillerRoleBinding: cluster-admin