To install Helm with TLS (this is ideal for running in production), run the following commands:
$ curl -LOs https://github.com/smallstep/cli/releases/download/v0.10.1/step_0.10.1_linux_amd64.tar.gz
$ tar xvfz step_0.10.1_linux_amd64.tar.gz
$ sudo mv step_0.10.1/bin/step /bin
$ mkdir -p ~/helm
$ cd ~/helm
$ step certificate create --profile root-ca "My iHelm Root CA" root-ca.crt root-ca.key
$ step certificate create intermediate.io inter.crt inter.key --profile intermediate-ca --ca ./root-ca.crt --ca-key ./root-ca.key
$ step certificate create helm.io helm.crt helm.key --profile leaf --ca inter.crt --ca-key inter.key --no-password --insecure --not-after 17520h
$ step certificate bundle root-ca.crt inter.crt ca-chain.crt
$ helm init
--override 'spec.template.spec.containers[0].command'='{/tiller,--storage=secret}'
--tiller-tls --tiller-tls-verify
--tiller-tls-cert=./helm.crt
--tiller-tls-key=./helm.key
--tls-ca-cert=./ca-chain.crt
--service-account=tiller
$ cd ~/.helm
$ cp ~/helm/helm.crt cert.pem
$ cp ~/helm/helm.key key.pem
$ rm -fr ~/helm ## Copy dir somewhere and protect it.
Once you have installed the Helm repository by using either of the preceding options, perform the following steps:
- Update Helm repo:
$ helm repo update
If you are planning to use a secure helm for Kubernetes installation, use -tls at the end of the Helm commands to use TLS between Helm and the server.
- List Helm repo:
$ helm repo list
NAME URL
stable https://kubernetes-charts.storage.googleapis.com
local http://127.0.0.1:8879/charts
Congratulations! Helm is installed and ready to use. Our final step now is to install the Kubernetes dashboard, so let's jump straight into it.