Text file src/k8s.io/kubernetes/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubelet-binding.yaml

Documentation: k8s.io/kubernetes/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings

     1# The Kubemark environment currently gives all kubelets a single shared credential.
     2#
     3# TODO: give each kubelet a credential in the system:nodes group with username system:node:<nodeName>,
     4# to exercise the Node authorizer and admission, then remove this binding
     5apiVersion: rbac.authorization.k8s.io/v1
     6kind: ClusterRoleBinding
     7metadata:
     8  name: kubelet-node
     9  labels:
    10    kubernetes.io/cluster-service: "true"
    11roleRef:
    12  apiGroup: rbac.authorization.k8s.io
    13  kind: ClusterRole
    14  name: system:node
    15subjects:
    16- apiGroup: rbac.authorization.k8s.io
    17  kind: User
    18  name: kubelet

View as plain text