Document needed permissions and actions to install Tiller on a Kubernetes cluster
From https://gitlab.com/gitlab-org/gitlab-ce/issues/41965#note_59345581:
I think the scope of this issue should also include the 2nd point noted at the end of #41614 (moved):
It should note more specifically what will happen (install helm tiller into a dedicated namespace)
I spent an hour today trying to get my cluster integration working with an existing k8s cluster (I was getting 403 Forbidden
errors), only to find out through that issue that Gitlab needed broad privileges because it wanted to create an entirely new namespace gitlab-managed-apps
and install Tiller there. The docs should at least mention:
-
What privileges on the cluster are required for the feature to work https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20517 -
What Gitlab will do under the hood to install Tiller (as mentioned in #41614 (moved)) https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20423
Edited by Achilleas Pipinellis