ff3787c2ad
This removes the reliance on coredns for APIserver discovery, allowing a simpler configuration that is compatible with corednx 1.0.x Change-Id: Ia3b7b5627c16ec47af6b0d6d5e8dee2674e9b1ee
53 lines
1.3 KiB
YAML
53 lines
1.3 KiB
YAML
{{/*
|
|
Copyright 2018 AT&T Intellectual Property. All other rights reserved.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/}}
|
|
|
|
{{- $envAll := . }}
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: haproxy-anchor
|
|
{{- range $namespace, $services := $envAll.Values.conf.anchor.services }}
|
|
---
|
|
kind: Role
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: haproxy-anchor
|
|
namespace: {{ $namespace }}
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources:
|
|
- endpoints
|
|
verbs:
|
|
- get
|
|
---
|
|
kind: RoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: haproxy-anchor
|
|
namespace: {{ $namespace }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: haproxy-anchor
|
|
namespace: {{ $envAll.Release.Namespace }}
|
|
apiGroup: ""
|
|
roleRef:
|
|
kind: Role
|
|
name: haproxy-anchor
|
|
apiGroup: rbac.authorization.k8s.io
|
|
{{- end }}
|