Text file src/k8s.io/kubernetes/cluster/addons/rbac/legacy-kubelet-user/kubelet-binding.yaml

Documentation: k8s.io/kubernetes/cluster/addons/rbac/legacy-kubelet-user

     1# The GKE environments don't have kubelets with certificates that
     2# identify the system:nodes group.  They use the kubelet identity
     3# TODO: remove this once new nodes are granted individual identities and the
     4# NodeAuthorizer is enabled.
     5apiVersion: rbac.authorization.k8s.io/v1
     6kind: ClusterRoleBinding
     7metadata:
     8  name: kubelet-cluster-admin
     9  labels:
    10    addonmanager.kubernetes.io/mode: Reconcile
    11roleRef:
    12  apiGroup: rbac.authorization.k8s.io
    13  kind: ClusterRole
    14  name: system:node
    15subjects:
    16- apiGroup: rbac.authorization.k8s.io
    17  kind: User
    18  name: kubelet

View as plain text