Главная Обзор Помощь
Вход
tzeneto
/
custom-kube-scheduler
Следить 1
В избранное 0
Ответвить 0
Файлы Обсуждения 0 Запросы на слияние 0 Вики
Дерево: 0c4ab5bd81
Ветки Метки
custom-kube-...
/
kubernetes
/
cluster
/
addons
/
rbac
/
legacy-kubelet-user
/
kubelet-binding.yaml

kubelet-binding.yaml 565 B
История Исходник

12345678910111213141516171819 
  1. # The GKE environments don't have kubelets with certificates that
    2. 

  2. # identify the system:nodes group.  They use the kubelet identity
    3. 

  3. # TODO: remove this once new nodes are granted individual identities and the
    4. 

  4. # NodeAuthorizer is enabled.
    5. 

  5. apiVersion: rbac.authorization.k8s.io/v1
    6. 

  6. kind: ClusterRoleBinding
    7. 

  7. metadata:
    8. 

  8.   name: kubelet-cluster-admin
    9. 

  9.   labels:
    10. 

  10.     addonmanager.kubernetes.io/mode: Reconcile
    11. 

  11. roleRef:
    12. 

  12.   apiGroup: rbac.authorization.k8s.io
    13. 

  13.   kind: ClusterRole
    14. 

  14.   name: system:node
    15. 

  15. subjects:
    16. 

  16. - apiGroup: rbac.authorization.k8s.io
    17. 

  17.   kind: User
    18. 

  18.   name: kubelet
    19. 

  19.