richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5351 Commits
29 Branches
81 Tags
147 MiB
Tree: 0d0cc8cf9c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0d0cc8cf9c'
${ noResults }
kubespray/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin-rbac....

38 lines
1.0 KiB
Raw Normal View History

Deploy Cinder CSI driver to provision volumes over OpenStack (#5184) * Deploy Cinder CSI driver to provision volumes over OpenStack * Deploy Cinder CSI StorageClass * Cinder CSI doc
5 years ago
Add snapshot-controller for CSI drivers and snapshot CRDs, add a default volumesnapshotclass when running cinder CSI (#6537) * add snapshot-controller and v1beta1 snapshot api * fix typo * udpate manifest to v1beta1 * update * update manifests * fix spelling * wait until crd is applied * fix missing info in kube module * revert snapshotclass * add snapshot crds before applying the csi driver * add crds, missed them in last commit * use pull policy from kubespray
4 years ago
Deploy Cinder CSI driver to provision volumes over OpenStack (#5184) * Deploy Cinder CSI driver to provision volumes over OpenStack * Deploy Cinder CSI StorageClass * Cinder CSI doc
5 years ago
  1. # This YAML defines all API objects to create RBAC roles for csi node plugin.
  3. apiVersion: v1
  4. kind: ServiceAccount
  5. metadata:
  6. name: csi-cinder-node-sa
  7. namespace: kube-system
  8. ---
  9. kind: ClusterRole
  10. apiVersion: rbac.authorization.k8s.io/v1
  11. metadata:
  12. name: csi-nodeplugin-role
  13. rules:
  14. - apiGroups: [""]
  15. resources: ["events"]
  16. verbs: ["get", "list", "watch", "create", "update", "patch"]
  17. - apiGroups: ["snapshot.storage.k8s.io"]
  18. resources: ["volumesnapshotclasses"]
  19. verbs: ["get", "list", "watch"]
  20. - apiGroups: ["snapshot.storage.k8s.io"]
  21. resources: ["volumesnapshotcontents"]
  22. verbs: ["get", "list", "watch"]
  23. - apiGroups: ["snapshot.storage.k8s.io"]
  24. resources: ["volumesnapshotcontents/status"]
  25. verbs: ["update"]
  26. ---
  27. kind: ClusterRoleBinding
  28. apiVersion: rbac.authorization.k8s.io/v1
  29. metadata:
  30. name: csi-nodeplugin-binding
  31. subjects:
  32. - kind: ServiceAccount
  33. name: csi-cinder-node-sa
  34. namespace: kube-system
  35. roleRef:
  36. kind: ClusterRole
  37. name: csi-nodeplugin-role
  38. apiGroup: rbac.authorization.k8s.io