| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- # Create the clusterrole and clusterrolebinding:
- # $ kubectl create -f kube-flannel-rbac.yml
- # Create the pod using the same namespace used by the flannel serviceaccount:
- # $ kubectl create --namespace kube-system -f kube-flannel-legacy.yml
- ---
- kind: ClusterRole
- apiVersion: rbac.authorization.k8s.io/v1beta1
- metadata:
- name: flannel
- rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
- - apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - nodes/status
- verbs:
- - patch
- ---
- kind: ClusterRoleBinding
- apiVersion: rbac.authorization.k8s.io/v1beta1
- metadata:
- name: flannel
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: flannel
- subjects:
- - kind: ServiceAccount
- name: flannel
- namespace: kube-system
|
