diff --git a/base/rsync/centos/build_srpm.data b/base/rsync/centos/build_srpm.data
index 2c93764a1..69cb924ed 100644
--- a/base/rsync/centos/build_srpm.data
+++ b/base/rsync/centos/build_srpm.data
@@ -1,2 +1,2 @@
 COPY_LIST="$PKG_BASE/files/rsyncd.conf"
-TIS_PATCH_VER=1
+TIS_PATCH_VER=2
diff --git a/base/rsync/files/rsyncd.conf b/base/rsync/files/rsyncd.conf
index 8b56742b8..f7a26e1df 100644
--- a/base/rsync/files/rsyncd.conf
+++ b/base/rsync/files/rsyncd.conf
@@ -49,3 +49,9 @@ read only = yes
         comment = SSL ca certificate
         uid = root
         read only = no
+
+[helm_charts]
+        path = /www/pages/helm_charts
+        comment = Helm chart repo
+        uid = root
+        read only = no
diff --git a/kubernetes/helm/centos/build_srpm.data b/kubernetes/helm/centos/build_srpm.data
index 1d35a996a..d18ca5832 100644
--- a/kubernetes/helm/centos/build_srpm.data
+++ b/kubernetes/helm/centos/build_srpm.data
@@ -1,7 +1,6 @@
 VERSION=2.9.1
 TAR_NAME=helm
 TAR="$TAR_NAME-v$VERSION-linux-amd64.tar.gz"
-#COPY_LIST="${CGCS_BASE}/downloads/$TAR ${CGCS_BASE}/downloads/tiller-2.9.1-docker-image.tgz"
-COPY_LIST="${CGCS_BASE}/downloads/$TAR"
+COPY_LIST="${CGCS_BASE}/downloads/$TAR $FILES_BASE/*"
 
-TIS_PATCH_VER=2
+TIS_PATCH_VER=3
diff --git a/kubernetes/helm/centos/files/helm-upload b/kubernetes/helm/centos/files/helm-upload
new file mode 100644
index 000000000..a7f8dcde5
--- /dev/null
+++ b/kubernetes/helm/centos/files/helm-upload
@@ -0,0 +1,79 @@
+#!/bin/bash
+
+#
+# Copyright (c) 2018 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# This script takes the names of packaged helm charts as arguments.
+# It installs them in the on-node helm chart repository and regenerates
+# the repository index.
+
+
+# We want to run as the "www" user and scripts can't be setuid.  The
+# sudoers permissions are set up to allow wrsroot to run this script
+# as the "www" user without a password.
+if [ $USER != "www" ]; then
+    exec sudo -u www $0 $@
+fi
+
+
+RETVAL=0
+REINDEX=0
+
+REPO_DIR='/www/pages/helm_charts'
+
+for FILE in "$@"; do
+    if [ -r $FILE ]; then
+        # QUESTION:  should we disallow overwriting an existing file?
+        # The versions are embedded in the filename, so it shouldn't
+        # cause problems.
+        cp $FILE $REPO_DIR
+        if [ $? -ne 0 ]; then
+            echo Problem adding $FILE to helm chart registry.
+            RETVAL=1
+        else
+            REINDEX=1
+        fi
+    else
+        echo Cannot read file ${FILE}.
+        RETVAL=1
+    fi
+done
+
+
+# Now re-index the helm repository if we successfully copied in
+# any new charts.
+if [ $REINDEX -eq 1 ]; then
+    /usr/sbin/helm repo index $REPO_DIR
+fi
+
+if [ ! -f "/etc/platform/simplex" ]; then
+    # We're not a one node system, copy the files to the other
+    # controller if we can
+    if [ $HOSTNAME == "controller-0" ]; then
+        TARGET="controller-1"
+    else
+        TARGET="controller-0"
+    fi
+
+    # We've modified etc/rsyncd.conf to allow access to /www/helm_charts
+    # To avoid races, copy over the index file last.
+    rsync -acv --exclude=index.yaml ${REPO_DIR}/ rsync://${TARGET}/helm_charts
+    if [ $? -ne 0 ]; then
+        echo Problem syncing helm charts to $TARGET
+        RETVAL=1
+    fi
+
+    rsync -acv ${REPO_DIR}/index.yaml rsync://${TARGET}/helm_charts
+    if [ $? -ne 0 ]; then
+        echo Problem syncing helm chart index file to $TARGET
+        RETVAL=1
+    fi
+fi
+
+# We also need to sync the helm charts on node startup
+# in case they were added while the node was down.
+
+exit $RETVAL
diff --git a/kubernetes/helm/centos/files/helm.sudo b/kubernetes/helm/centos/files/helm.sudo
new file mode 100644
index 000000000..48e02bfbb
--- /dev/null
+++ b/kubernetes/helm/centos/files/helm.sudo
@@ -0,0 +1,3 @@
+wrsroot ALL=(www) NOPASSWD: /usr/local/sbin/helm-upload
+
+Defaults lecture=never, secure_path=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
diff --git a/kubernetes/helm/centos/helm.spec b/kubernetes/helm/centos/helm.spec
index 6afe901ef..f4f56e31c 100644
--- a/kubernetes/helm/centos/helm.spec
+++ b/kubernetes/helm/centos/helm.spec
@@ -7,7 +7,8 @@ Group: devel
 Packager: Wind River <info@windriver.com>
 URL: https://github.com/kubernetes/helm/releases
 Source0: %{name}-v%{version}-linux-amd64.tar.gz
-#Source1: tiller-2.9.1-docker-image.tgz
+Source1: helm-upload
+Source2: helm.sudo
 
 Requires: /bin/bash
 
@@ -20,11 +21,13 @@ Requires: /bin/bash
 %install
 install -d %{buildroot}%{_sbindir}
 install -m 755 ${RPM_BUILD_DIR}/linux-amd64/helm %{buildroot}%{_sbindir}/helm
-#install -d %{buildroot}%{_sharedstatedir}/tiller
-#install -m 400 %{SOURCE1} %{buildroot}%{_sharedstatedir}/tiller/tiller-2.9.1-docker-image.tgz
+install -d %{buildroot}/usr/local/sbin
+install -m 755 %{SOURCE1} %{buildroot}/usr/local/sbin/helm-upload
+install -d %{buildroot}%{_sysconfdir}/sudoers.d
+install -m 440 %{SOURCE2} %{buildroot}%{_sysconfdir}/sudoers.d/helm
 
 %files
 %defattr(-,root,root,-)
 %{_sbindir}/helm
-#%{_sharedstatedir}/tiller/tiller-2.9.1-docker-image.tgz
-
+/usr/local/sbin/helm-upload
+%{_sysconfdir}/sudoers.d/helm