From c942e55ceea4ce28e84168bb672a83572d0a6313 Mon Sep 17 00:00:00 2001 From: Dileep Ranganathan Date: Fri, 25 Jan 2019 02:44:36 -0800 Subject: Helm charts for Distributed Edge Analytics. Initial Helm charts for CollectD, Prometheus Operator, Kafka Strimzi operator, Rook Ceph Operator. Change-Id: I7323029bd0bf1e4b39aac329fc567f705a59bc0c Issue-ID: ONAPARC-366 Signed-off-by: Dileep Ranganathan --- .../rook-ceph/templates/clusterrolebinding.yaml | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 vnfs/DAaaS/rook-ceph/templates/clusterrolebinding.yaml (limited to 'vnfs/DAaaS/rook-ceph/templates/clusterrolebinding.yaml') diff --git a/vnfs/DAaaS/rook-ceph/templates/clusterrolebinding.yaml b/vnfs/DAaaS/rook-ceph/templates/clusterrolebinding.yaml new file mode 100644 index 00000000..845eb6d7 --- /dev/null +++ b/vnfs/DAaaS/rook-ceph/templates/clusterrolebinding.yaml @@ -0,0 +1,38 @@ +{{- if .Values.rbacEnable }} +# Grant the rook system daemons cluster-wide access to manage the Rook CRDs, PVCs, and storage classes +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-global + labels: + operator: rook + storage-backend: ceph + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rook-ceph-global +subjects: +- kind: ServiceAccount + name: rook-ceph-system + namespace: {{ .Release.Namespace }} +{{- if .Values.pspEnable }} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: rook-ceph-system-psp-users + labels: + operator: rook + storage-backend: ceph + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rook-ceph-system-psp-user +subjects: +- kind: ServiceAccount + name: rook-ceph-system + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} -- cgit 1.2.3-korg