Generate certificates by calling the script generate-tiller-certs.sh
. This will provide a CA, server certs for tiller and client certs for helm / weave flux.
Next deploy Helm with TLS and RBAC enabled;
kubectl apply -f helm-rbac.yaml
apiVersion: v1 | |
kind: Namespace | |
metadata: | |
name: echoserver | |
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: echoserver | |
namespace: echoserver |
Generate certificates by calling the script generate-tiller-certs.sh
. This will provide a CA, server certs for tiller and client certs for helm / weave flux.
Next deploy Helm with TLS and RBAC enabled;
kubectl apply -f helm-rbac.yaml
#!/bin/bash | |
# First generate the config file | |
cat >ca-config.json <<EOF | |
{ | |
"signing": { | |
"default": { | |
"expiry": "43800h" | |
}, | |
"profiles": { |
I hereby claim:
To claim this, I am signing this object: