mirror of https://github.com/easzlab/kubeasz.git
29 lines
617 B
Django/Jinja
29 lines
617 B
Django/Jinja
# 绑定helm sa到 cluster-admin,这样可以兼容现有需要集群特权的charts
|
||
#
|
||
{% if helm_namespace not in current_ns.stdout %}
|
||
---
|
||
apiVersion: v1
|
||
kind: Namespace
|
||
metadata:
|
||
name: {{ helm_namespace }}
|
||
{% endif %}
|
||
---
|
||
apiVersion: v1
|
||
kind: ServiceAccount
|
||
metadata:
|
||
name: {{ tiller_sa }}
|
||
namespace: {{ helm_namespace }}
|
||
---
|
||
apiVersion: rbac.authorization.k8s.io/v1
|
||
kind: ClusterRoleBinding
|
||
metadata:
|
||
name: tiller-cb
|
||
roleRef:
|
||
apiGroup: rbac.authorization.k8s.io
|
||
kind: ClusterRole
|
||
name: cluster-admin
|
||
subjects:
|
||
- kind: ServiceAccount
|
||
name: {{ tiller_sa }}
|
||
namespace: {{ helm_namespace }}
|