This module provides for a simple installation of helms tiller agent that
is only accessible by establishing a proxy via the k8s API per this article:
https://engineering.bitnami.com/articles/helm-security.html .
helm provider 0.6.2 vendors helm 2.9.0, which does not correctly deploy
tiller with rbac enabled. The manual patching is not required with this
module.
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"automountServiceAccountToken":true}}}}'resource "kubernetes_namespace" "tiller" {
metadata {
name = "tiller"
}
}
module "tiller" {
source = "git::https://github.com/lsst-sqre/terraform-tinfoil-tiller.git?ref=0.10.x"
namespace = "${kubernetes_namespace.tiller.metadata.0.name}"
}
provider "helm" {
version = "~> 0.10.0"
service_account = "${module.tiller.service_account}"
namespace = "${module.tiller.namespace}"
install_tiller = false
kubernetes {
...
}
}| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| namespace | kubernetes namespace to deploy into | string | "kube-system" |
no |
| service_account | kubernetes service account name | string | "tiller" |
no |
| tiller_image | tiller docker image. | string | "gcr.io/kubernetes-helm/tiller:v2.14.1" |
no |
| Name | Description |
|---|---|
| namespace | kubernetes namespace in which tiller is installed |
| service_account | name of kubernetes service account for tiller |
go get github.com/segmentio/terraform-docs
pip install --user pre-commit
pre-commit install
# manual run
pre-commit run -a
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent