richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7851 Commits
34 Branches
82 Tags
155 MiB
Tree: a2a2dfa419
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a2a2dfa419'
${ noResults }
kubespray/roles/kubernetes-apps/csi_driver/azuredisk/templates/azure-csi-azuredisk-control...

230 lines
6.2 KiB
Raw Normal View History

Azure Disk CSI deployment (#5833) * Azure Disk CSI deployment * Mention Azure CSI support * Fix: remove unnecessary file * Typo in documentation * Add newline to end of file
4 years ago
feat: upgrade azuredisk csi to v1.10.0 (#8432) Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
3 years ago
Azure Disk CSI deployment (#5833) * Azure Disk CSI deployment * Mention Azure CSI support * Fix: remove unnecessary file * Typo in documentation * Add newline to end of file
4 years ago
feat: upgrade azuredisk csi to v1.10.0 (#8432) Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
3 years ago
Azure Disk CSI deployment (#5833) * Azure Disk CSI deployment * Mention Azure CSI support * Fix: remove unnecessary file * Typo in documentation * Add newline to end of file
4 years ago
feat: upgrade azuredisk csi to v1.10.0 (#8432) Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
3 years ago
Azure Disk CSI deployment (#5833) * Azure Disk CSI deployment * Mention Azure CSI support * Fix: remove unnecessary file * Typo in documentation * Add newline to end of file
4 years ago
feat: upgrade azuredisk csi to v1.10.0 (#8432) Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
3 years ago
  1. ---
  2. apiVersion: v1
  3. kind: ServiceAccount
  4. metadata:
  5. name: csi-azuredisk-controller-sa
  6. namespace: kube-system
  7. ---
  9. kind: ClusterRole
  10. apiVersion: rbac.authorization.k8s.io/v1
  11. metadata:
  12. name: azuredisk-external-provisioner-role
  13. rules:
  14. - apiGroups: [""]
  15. resources: ["persistentvolumes"]
  16. verbs: ["get", "list", "watch", "create", "delete"]
  17. - apiGroups: [""]
  18. resources: ["persistentvolumeclaims"]
  19. verbs: ["get", "list", "watch", "update"]
  20. - apiGroups: ["storage.k8s.io"]
  21. resources: ["storageclasses"]
  22. verbs: ["get", "list", "watch"]
  23. - apiGroups: [""]
  24. resources: ["events"]
  25. verbs: ["get", "list", "watch", "create", "update", "patch"]
  26. - apiGroups: ["storage.k8s.io"]
  27. resources: ["csinodes"]
  28. verbs: ["get", "list", "watch"]
  29. - apiGroups: [""]
  30. resources: ["nodes"]
  31. verbs: ["get", "list", "watch"]
  32. - apiGroups: ["coordination.k8s.io"]
  33. resources: ["leases"]
  34. verbs: ["get", "list", "watch", "create", "update", "patch"]
  35. - apiGroups: ["snapshot.storage.k8s.io"]
  36. resources: ["volumesnapshots"]
  37. verbs: ["get", "list"]
  38. - apiGroups: ["snapshot.storage.k8s.io"]
  39. resources: ["volumesnapshotcontents"]
  40. verbs: ["get", "list"]
  41. ---
  43. kind: ClusterRoleBinding
  44. apiVersion: rbac.authorization.k8s.io/v1
  45. metadata:
  46. name: azuredisk-csi-provisioner-binding
  47. subjects:
  48. - kind: ServiceAccount
  49. name: csi-azuredisk-controller-sa
  50. namespace: kube-system
  51. roleRef:
  52. kind: ClusterRole
  53. name: azuredisk-external-provisioner-role
  54. apiGroup: rbac.authorization.k8s.io
  56. ---
  58. kind: ClusterRole
  59. apiVersion: rbac.authorization.k8s.io/v1
  60. metadata:
  61. name: azuredisk-external-attacher-role
  62. rules:
  63. - apiGroups: [""]
  64. resources: ["persistentvolumes"]
  65. verbs: ["get", "list", "watch", "update"]
  66. - apiGroups: [""]
  67. resources: ["nodes"]
  68. verbs: ["get", "list", "watch"]
  69. - apiGroups: ["csi.storage.k8s.io"]
  70. resources: ["csinodeinfos"]
  71. verbs: ["get", "list", "watch"]
  72. - apiGroups: ["storage.k8s.io"]
  73. resources: ["volumeattachments"]
  74. verbs: ["get", "list", "watch", "update", "patch"]
  75. - apiGroups: ["storage.k8s.io"]
  76. resources: ["volumeattachments/status"]
  77. verbs: ["get", "list", "watch", "update", "patch"]
  78. - apiGroups: ["coordination.k8s.io"]
  79. resources: ["leases"]
  80. verbs: ["get", "list", "watch", "create", "update", "patch"]
  81. ---
  83. kind: ClusterRoleBinding
  84. apiVersion: rbac.authorization.k8s.io/v1
  85. metadata:
  86. name: azuredisk-csi-attacher-binding
  87. subjects:
  88. - kind: ServiceAccount
  89. name: csi-azuredisk-controller-sa
  90. namespace: kube-system
  91. roleRef:
  92. kind: ClusterRole
  93. name: azuredisk-external-attacher-role
  94. apiGroup: rbac.authorization.k8s.io
  96. ---
  98. kind: ClusterRole
  99. apiVersion: rbac.authorization.k8s.io/v1
  100. metadata:
  101. name: azuredisk-cluster-driver-registrar-role
  102. rules:
  103. - apiGroups: ["apiextensions.k8s.io"]
  104. resources: ["customresourcedefinitions"]
  105. verbs: ["create", "list", "watch", "delete"]
  106. - apiGroups: ["csi.storage.k8s.io"]
  107. resources: ["csidrivers"]
  108. verbs: ["create", "delete"]
  109. - apiGroups: ["coordination.k8s.io"]
  110. resources: ["leases"]
  111. verbs: ["get", "list", "watch", "create", "update", "patch"]
  112. ---
  114. kind: ClusterRoleBinding
  115. apiVersion: rbac.authorization.k8s.io/v1
  116. metadata:
  117. name: azuredisk-csi-driver-registrar-binding
  118. subjects:
  119. - kind: ServiceAccount
  120. name: csi-azuredisk-controller-sa
  121. namespace: kube-system
  122. roleRef:
  123. kind: ClusterRole
  124. name: azuredisk-cluster-driver-registrar-role
  125. apiGroup: rbac.authorization.k8s.io
  127. ---
  129. kind: ClusterRole
  130. apiVersion: rbac.authorization.k8s.io/v1
  131. metadata:
  132. name: azuredisk-external-snapshotter-role
  133. rules:
  134. - apiGroups: [""]
  135. resources: ["events"]
  136. verbs: ["list", "watch", "create", "update", "patch"]
  137. - apiGroups: [""]
  138. resources: ["secrets"]
  139. verbs: ["get", "list"]
  140. - apiGroups: ["snapshot.storage.k8s.io"]
  141. resources: ["volumesnapshotclasses"]
  142. verbs: ["get", "list", "watch"]
  143. - apiGroups: ["snapshot.storage.k8s.io"]
  144. resources: ["volumesnapshotcontents"]
  145. verbs: ["create", "get", "list", "watch", "update", "delete"]
  146. - apiGroups: ["snapshot.storage.k8s.io"]
  147. resources: ["volumesnapshotcontents/status"]
  148. verbs: ["update"]
  149. - apiGroups: ["apiextensions.k8s.io"]
  150. resources: ["customresourcedefinitions"]
  151. verbs: ["create", "list", "watch", "delete"]
  152. - apiGroups: ["coordination.k8s.io"]
  153. resources: ["leases"]
  154. verbs: ["get", "watch", "list", "delete", "update", "create"]
  155. ---
  157. kind: ClusterRoleBinding
  158. apiVersion: rbac.authorization.k8s.io/v1
  159. metadata:
  160. name: azuredisk-csi-snapshotter-binding
  161. subjects:
  162. - kind: ServiceAccount
  163. name: csi-azuredisk-controller-sa
  164. namespace: kube-system
  165. roleRef:
  166. kind: ClusterRole
  167. name: azuredisk-external-snapshotter-role
  168. apiGroup: rbac.authorization.k8s.io
  169. ---
  171. kind: ClusterRole
  172. apiVersion: rbac.authorization.k8s.io/v1
  173. metadata:
  174. name: azuredisk-external-resizer-role
  175. rules:
  176. - apiGroups: [""]
  177. resources: ["persistentvolumes"]
  178. verbs: ["get", "list", "watch", "update", "patch"]
  179. - apiGroups: [""]
  180. resources: ["persistentvolumeclaims"]
  181. verbs: ["get", "list", "watch"]
  182. - apiGroups: [""]
  183. resources: ["persistentvolumeclaims/status"]
  184. verbs: ["update", "patch"]
  185. - apiGroups: [""]
  186. resources: ["events"]
  187. verbs: ["list", "watch", "create", "update", "patch"]
  188. - apiGroups: ["coordination.k8s.io"]
  189. resources: ["leases"]
  190. verbs: ["get", "list", "watch", "create", "update", "patch"]
  191. - apiGroups: [""]
  192. resources: ["pods"]
  193. verbs: ["get", "list", "watch"]
  194. ---
  195. kind: ClusterRoleBinding
  196. apiVersion: rbac.authorization.k8s.io/v1
  197. metadata:
  198. name: azuredisk-csi-resizer-role
  199. subjects:
  200. - kind: ServiceAccount
  201. name: csi-azuredisk-controller-sa
  202. namespace: kube-system
  203. roleRef:
  204. kind: ClusterRole
  205. name: azuredisk-external-resizer-role
  206. apiGroup: rbac.authorization.k8s.io
  208. ---
  209. kind: ClusterRole
  210. apiVersion: rbac.authorization.k8s.io/v1
  211. metadata:
  212. name: csi-azuredisk-controller-secret-role
  213. rules:
  214. - apiGroups: [""]
  215. resources: ["secrets"]
  216. verbs: ["get", "list"]
  218. ---
  219. kind: ClusterRoleBinding
  220. apiVersion: rbac.authorization.k8s.io/v1
  221. metadata:
  222. name: csi-azuredisk-controller-secret-binding
  223. subjects:
  224. - kind: ServiceAccount
  225. name: csi-azuredisk-controller-sa
  226. namespace: kube-system
  227. roleRef:
  228. kind: ClusterRole
  229. name: csi-azuredisk-controller-secret-role
  230. apiGroup: rbac.authorization.k8s.io