diff options
author | Staffan Olsson <staffan@repos.se> | 2017-08-05 06:30:25 +0200 |
---|---|---|
committer | Staffan Olsson <staffan@repos.se> | 2017-08-05 06:30:25 +0200 |
commit | 13520a6f495fc59d4901c9e39eb3498598a5e1ee (patch) | |
tree | e423b38e27cdb5def08291afb07a801d5caa4f55 | |
parent | 79d65fd2e35b29df9cc936ceba3e4b4a1c151201 (diff) | |
download | kubernetes-kafka-13520a6f495fc59d4901c9e39eb3498598a5e1ee.tar.gz kubernetes-kafka-13520a6f495fc59d4901c9e39eb3498598a5e1ee.tar.bz2 kubernetes-kafka-13520a6f495fc59d4901c9e39eb3498598a5e1ee.zip |
Moved to its PR, multizone-rack-awarenessrbac-namespace-default
-rw-r--r-- | rbac-namespace-default/node-reader.yml | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/rbac-namespace-default/node-reader.yml b/rbac-namespace-default/node-reader.yml deleted file mode 100644 index 62669cd..0000000 --- a/rbac-namespace-default/node-reader.yml +++ /dev/null @@ -1,37 +0,0 @@ -# To see if init containers need RBAC: -# -# $ kubectl exec kafka-1 -- cat /etc/kafka/server.properties | grep broker.rack -# #init#broker.rack=# zone lookup failed, see -c init-config logs -# $ kubectl logs -c init-config kafka-0 -# ++ kubectl get node some-node '-o=go-template={{index .metadata.labels "failure-domain.beta.kubernetes.io/zone"}}' -# Error from server (Forbidden): User "system:serviceaccount:kafka:default" cannot get nodes at the cluster scope.: "Unknown user \"system:serviceaccount:kafka:default\"" -# ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: node-reader - labels: - origin: github.com_Yolean_kubernetes-kafka -rules: -- apiGroups: - - "" - resources: - - nodes - verbs: - - get ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: kafka-node-reader - labels: - origin: github.com_Yolean_kubernetes-kafka -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: node-reader -subjects: -- kind: ServiceAccount - name: default - namespace: kafka |