当前位置: 代码迷 >> 综合 >> k8s -rbac
  详细解决方案

k8s -rbac

热度:11   发布时间:2023-12-15 09:46:15.0

绑定命名空间账号

apiVersion: v1
kind: ServiceAccount
metadata:name: zhangsannamespace: kube-system---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:namespace: internal-testname: dev-test
rules:
- apiGroups: ["","extensions", "apps"]resources: ["pods","namespaces","statefulsets","deployments","daemonsets","services","ingresses"]verbs: ["get", "watch", "list"]---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: rd-devnamespace: dev-test
subjects:
- kind: ServiceAccountname: zhangsannamespace: kube-system
roleRef:kind: Rolename: dev-testapiGroup: rbac.authorization.k8s.io

绑定管理员账号

apiVersion: v1
kind: ServiceAccount
metadata:name: adminnamespace: kube-system---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: admin
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin
subjects:
- kind: ServiceAccountname: adminnamespace: kube-system
  相关解决方案

代码迷 - 您身边的软件异常,代码异常,编程异常助手(发现,解决,分享)
Copyright © 2009-2013 DAIMAMI.COM. All rights reserved.