diff options
author | Christian Pointner <equinox@spreadspace.org> | 2022-07-08 00:55:43 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2022-07-08 00:55:43 +0200 |
commit | c85db7f2cbf01d347f64626726e3da83fc53ebc2 (patch) | |
tree | 0a7799ce1a4daa30f43ff40ba12c0143fa7d344d /contrib/k8s-emc/_graveyard_/ingress-rbac.yml | |
parent | renew emc stream-site (diff) |
move old ingress controller to graveyard
Diffstat (limited to 'contrib/k8s-emc/_graveyard_/ingress-rbac.yml')
-rw-r--r-- | contrib/k8s-emc/_graveyard_/ingress-rbac.yml | 133 |
1 files changed, 133 insertions, 0 deletions
diff --git a/contrib/k8s-emc/_graveyard_/ingress-rbac.yml b/contrib/k8s-emc/_graveyard_/ingress-rbac.yml new file mode 100644 index 0000000..82247c7 --- /dev/null +++ b/contrib/k8s-emc/_graveyard_/ingress-rbac.yml @@ -0,0 +1,133 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + namespace: emc + name: ingress-nginx + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: ingress-nginx +rules: + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - "extensions" + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "extensions" + resources: + - ingresses/status + verbs: + - update + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ingress-nginx +subjects: + - kind: ServiceAccount + name: ingress-nginx + namespace: emc + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: emc + name: ingress-nginx +rules: + - apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - namespaces + verbs: + - get + - apiGroups: + - "" + resources: + - configmaps + resourceNames: + # Defaults to "<election-id>-<ingress-class>" + # Here: "<ingress-controller-leader>-<nginx>" + # This has to be adapted if you change either parameter + # when launching the nginx-ingress-controller. + - "ingress-controller-leader-nginx" + verbs: + - get + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + namespace: emc + name: ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: ingress-nginx +subjects: + - kind: ServiceAccount + name: ingress-nginx + namespace: emc |