简体中文版经机器翻译而成,仅供参考。如与英语版出现任何冲突,应以英语版为准。
NKMO"集群角色YAML"示例
贡献者
建议更改
需要至少为NetApp Kubernetes监控操作员(NKMO)的_kubectl_组件配置对以下Kubernetes对象的访问权限:代理、集群角色、集群绑定、自定义资源定义、部署、 命名空间、角色、轮绑定、密码、服务帐户、 和服务。以下是具有这些最低权限的clusterrole示例。
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: netapp-kubernetes-monitoring-operator-installer-role rules: - apiGroups: - "" resources: - services - serviceaccounts - secrets - namespaces verbs: - get - list - create - patch - update - delete - apiGroups: - rbac.authorization.k8s.io resources: - roles - clusterroles - rolebindings - clusterrolebindings verbs: - get - list - create - patch - update - delete - escalate - bind - apiGroups: - apiextensions.k8s.io resources: - customresourcedefinitions verbs: - get - list - create - patch - update - delete - apiGroups: - apps resources: - deployments verbs: - get - list - create - patch - update - delete - apiGroups: - monitoring.netapp.com resources: - agents verbs: - get - list - create - patch - update - delete