Главная Обзор Помощь
Регистрация Вход
Maas2-group
/
maas-base
6
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Ветка: master
Ветки Метки
maas-base
/
charts
/
gpustack
/
templates
/
worker-rbac.yaml

worker-rbac.yaml 2.1 KB
Постоянная ссылка История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. {{- if .Values.worker.enabled }}
    2. 

  2. ---
    3. 

  3. apiVersion: v1
    4. 

  4. kind: ServiceAccount
    5. 

  5. metadata:
    6. 

  6.   namespace: {{ .Release.Namespace }}
    7. 

  7.   name: {{ .Release.Name }}-worker
    8. 

  8.   labels:
    9. 

  9. {{ include "chart_labels" . | indent 4 }}
    10. 

  10. ---
    11. 

  11. apiVersion: rbac.authorization.k8s.io/v1
    12. 

  12. kind: ClusterRole
    13. 

  13. metadata:
    14. 

  14.   name: {{ .Release.Name }}-worker-ingressclass-viewer
    15. 

  15.   labels:
    16. 

  16. {{ include "chart_labels" . | indent 4 }}
    17. 

  17. rules:
    18. 

  18.   - apiGroups: ["networking.k8s.io"]
    19. 

  19.     resources: ["ingressclasses"]
    20. 

  20.     verbs: ["get", "list", "watch"]
    21. 

  21.   - apiGroups: [""]
    22. 

  22.     resources: ["nodes"]
    23. 

  23.     verbs: ["get", "list", "watch"]
    24. 

  24. ---
    25. 

  25. apiVersion: rbac.authorization.k8s.io/v1
    26. 

  26. kind: ClusterRoleBinding
    27. 

  27. metadata:
    28. 

  28.   name: {{ .Release.Name }}-worker-ingressclass-viewer-binding
    29. 

  29.   labels:
    30. 

  30. {{ include "chart_labels" . | indent 4 }}
    31. 

  31. subjects:
    32. 

  32.   - kind: ServiceAccount
    33. 

  33.     name: {{ .Release.Name }}-worker
    34. 

  34.     namespace: {{ .Release.Namespace }}
    35. 

  35. roleRef:
    36. 

  36.   kind: ClusterRole
    37. 

  37.   name: {{ .Release.Name }}-worker-ingressclass-viewer
    38. 

  38.   apiGroup: rbac.authorization.k8s.io
    39. 

  39. ---
    40. 

  40. apiVersion: rbac.authorization.k8s.io/v1
    41. 

  41. kind: ClusterRole
    42. 

  42. metadata:
    43. 

  43.   name: {{ .Release.Name }}-worker-pod-cm-creator
    44. 

  44.   labels:
    45. 

  45. {{ include "chart_labels" . | indent 4 }}
    46. 

  46. rules:
    47. 

  47.   - apiGroups:
    48. 

  48.       - ""
    49. 

  49.     resources:
    50. 

  50.       - "pods"
    51. 

  51.       - "configmaps"
    52. 

  52.       - "secrets"
    53. 

  53.       - "services"
    54. 

  54.       - "pods/log"
    55. 

  55.       - "pods/exec"
    56. 

  56.     verbs:  
    57. 

  57.       - "get"
    58. 

  58.       - "list"
    59. 

  59.       - "watch"
    60. 

  60.       - "create"
    61. 

  61.       - "update"
    62. 

  62.       - "patch"
    63. 

  63.       - "delete"
    64. 

  64.       - "deletecollection"
    65. 

  65.   - apiGroups:
    66. 

  66.       - ""
    67. 

  67.     resources:
    68. 

  68.       - persistentvolumeclaims
    69. 

  69.     verbs:
    70. 

  70.       - get
    71. 

  71.       - list
    72. 

  72.       - watch
    73. 

  73.   - apiGroups:
    74. 

  74.       - ""
    75. 

  75.     resources: 
    76. 

  76.       - "events"
    77. 

  77.     verbs: 
    78. 

  78.       - "create"
    79. 

  79. ---
    80. 

  80. apiVersion: rbac.authorization.k8s.io/v1
    81. 

  81. kind: RoleBinding
    82. 

  82. metadata:
    83. 

  83.   name: {{ .Release.Name }}-worker-pod-cm-creator-binding
    84. 

  84.   namespace: {{ .Release.Namespace }}
    85. 

  85.   labels:
    86. 

  86. {{ include "chart_labels" . | indent 4 }}
    87. 

  87. subjects:
    88. 

  88. - kind: ServiceAccount
    89. 

  89.   name: {{ .Release.Name }}-worker
    90. 

  90.   namespace: {{ .Release.Namespace }}
    91. 

  91. roleRef:
    92. 

  92.   kind: ClusterRole
    93. 

  93.   name: {{ .Release.Name }}-worker-pod-cm-creator
    94. 

  94.   apiGroup: rbac.authorization.k8s.io
    95. 

  95. {{- end }}
    96.