简体中文版经机器翻译而成,仅供参考。如与英语版出现任何冲突,应以英语版为准。
NKMO Clusterrole YAML 示例
贡献者
建议更改
PDF
NetApp Kubernetes 监控操作员 (NKMO) 的 kubectl 组件至少需要配置为可以访问以下 kubernetes 对象:代理、集群角色、集群角色绑定、自定义资源定义、部署、命名空间、角色、角色绑定、机密、服务帐户和服务。下面是具有这些最低权限的示例集群角色。
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: netapp-kubernetes-monitoring-operator-installer-role rules: - apiGroups: - "" resources: - services - serviceaccounts - secrets - namespaces verbs: - get - list - create - patch - update - delete - apiGroups: - rbac.authorization.k8s.io resources: - roles - clusterroles - rolebindings - clusterrolebindings verbs: - get - list - create - patch - update - delete - escalate - bind - apiGroups: - apiextensions.k8s.io resources: - customresourcedefinitions verbs: - get - list - create - patch - update - delete - apiGroups: - apps resources: - deployments verbs: - get - list - create - patch - update - delete - apiGroups: - monitoring.netapp.com resources: - agents verbs: - get - list - create - patch - update - delete