| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104 |
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- name: kube-state-metrics
- namespace: kube-system
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: kube-state-metrics
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- rules:
- - apiGroups: [""]
- resources:
- - configmaps
- - secrets
- - nodes
- - pods
- - services
- - resourcequotas
- - replicationcontrollers
- - limitranges
- - persistentvolumeclaims
- - persistentvolumes
- - namespaces
- - endpoints
- verbs: ["list", "watch"]
- - apiGroups: ["extensions"]
- resources:
- - daemonsets
- - deployments
- - replicasets
- verbs: ["list", "watch"]
- - apiGroups: ["apps"]
- resources:
- - statefulsets
- verbs: ["list", "watch"]
- - apiGroups: ["batch"]
- resources:
- - cronjobs
- - jobs
- verbs: ["list", "watch"]
- - apiGroups: ["autoscaling"]
- resources:
- - horizontalpodautoscalers
- verbs: ["list", "watch"]
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: Role
- metadata:
- name: kube-state-metrics-resizer
- namespace: kube-system
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- rules:
- - apiGroups: [""]
- resources:
- - pods
- verbs: ["get"]
- - apiGroups: ["extensions"]
- resources:
- - deployments
- resourceNames: ["kube-state-metrics"]
- verbs: ["get", "update"]
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: kube-state-metrics
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: kube-state-metrics
- subjects:
- - kind: ServiceAccount
- name: kube-state-metrics
- namespace: kube-system
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: RoleBinding
- metadata:
- name: kube-state-metrics
- namespace: kube-system
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: kube-state-metrics-resizer
- subjects:
- - kind: ServiceAccount
- name: kube-state-metrics
- namespace: kube-system
|
