With default service account curl works again

fixes https://github.com/Yolean/kubernetes-kafka/pull/39
author: Staffan Olsson <staffan@repos.se> 2017-08-05 05:45:29 +0200
committer: Staffan Olsson <staffan@repos.se> 2017-08-05 05:47:30 +0200
commit: a8ee55bb48a4915b2f119b0f409e7e714d9faf55 (patch)
tree: 75ee22c7596f53968ab12b9b6771829d6817d70c
parent: 05107fd5ab40846517c3539310cfe29c4f2b2e5e (diff)
download: kubernetes-kafka-a8ee55bb48a4915b2f119b0f409e7e714d9faf55.tar.gz
kubernetes-kafka-a8ee55bb48a4915b2f119b0f409e7e714d9faf55.tar.bz2
kubernetes-kafka-a8ee55bb48a4915b2f119b0f409e7e714d9faf55.zip
1 files changed, 26 insertions, 0 deletions
diff --git a/rbac-namespace-default/events-watcher.yml b/rbac-namespace-default/events-watcher.yml
new file mode 100644
index 0000000..6194e84
--- /dev/null
+++ b/rbac-namespace-default/events-watcher.yml
@@ -0,0 +1,26 @@
+# For kubectl get node, required for kafka init container rack awareness
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: events-watcher
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - watch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: kafka-events-watcher
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: events-watcher
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: kafka
author	Staffan Olsson <staffan@repos.se>	2017-08-05 05:45:29 +0200
committer	Staffan Olsson <staffan@repos.se>	2017-08-05 05:47:30 +0200
commit	a8ee55bb48a4915b2f119b0f409e7e714d9faf55 (patch)
tree	75ee22c7596f53968ab12b9b6771829d6817d70c
parent	05107fd5ab40846517c3539310cfe29c4f2b2e5e (diff)
download	kubernetes-kafka-a8ee55bb48a4915b2f119b0f409e7e714d9faf55.tar.gz kubernetes-kafka-a8ee55bb48a4915b2f119b0f409e7e714d9faf55.tar.bz2 kubernetes-kafka-a8ee55bb48a4915b2f119b0f409e7e714d9faf55.zip