| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 |
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: gce:beta:kubelet-certificate-bootstrap
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: gce:beta:kubelet-certificate-bootstrap
- subjects:
- - apiGroup: rbac.authorization.k8s.io
- kind: User
- name: kubelet
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: gce:beta:kubelet-certificate-rotation
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: gce:beta:kubelet-certificate-rotation
- subjects:
- - apiGroup: rbac.authorization.k8s.io
- kind: Group
- name: system:nodes
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: gce:beta:kubelet-certificate-bootstrap
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- rules:
- - apiGroups:
- - "certificates.k8s.io"
- resources:
- - certificatesigningrequests/nodeclient
- verbs:
- - "create"
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: gce:beta:kubelet-certificate-rotation
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- rules:
- - apiGroups:
- - "certificates.k8s.io"
- resources:
- - certificatesigningrequests/selfnodeclient
- - certificatesigningrequests/selfnodeserver
- verbs:
- - "create"
|
