Recently Rimas Mocevicius, a Kubernaut at JFrog and co-founder of Helm, spoke at our recent JFrog Helm meetup about the security issues relating to Helm 2 and offered an elegant workaround to secure your k8s cluster.
Tiller Poses a Potential Security Threat
In Helm 2, a new server-side component called “Tiller” was added. Tiller is an in-cluster server that interacts with the Helm client, and interfaces with the Kubernetes API server.
Tiller is definitely cool but It is important to be aware that there are security issues related to Tiller in Helm 2. This is because the Helm client is responsible for managing charts, and the server is responsible for managing the release. This poses a great risk as Tiller runs with root access and someone can get unauthorized access to your server.
The Helm community is fully aware of this issue and has provided guidance on how to overcome this issue, but it involves a long tedious process.
Tillerless Helm 2 Is the Way to Go
Rimas proposed an innovative approach to addressing this situation by running Helm and Tiller on your workstation or in CI/CD pipelines without installing Tiller to your Kubernetes cluster. This should address your security concerns with Tiller, and you don’t have to wait for Helm 3. To learn how he basically hacked Helm 2 to make it Tillerless Go to the Rimas’ Tillerless Helm 2 blog.
For more information, see how Artifactory can serve as your Kubernetes Helm registry.