magnum/magnum/drivers/k8s_fedora_atomic_v1/templates
Feilong Wang d8df9d0c36 [fedora-atomic][k8s] Support default Keystone auth policy file
With the new config option `keystone_auth_default_policy`, cloud admin
can set a default keystone auth policy for k8s cluster when the
keystone auth is enabled. As a result, user can use their current
keystone user to access k8s cluster as long as they're assigned
correct roles, and they will get the pre-defined permissions
set by the cloud provider.

The default policy now is based on the v2 format recently introduced
in k8s-keystone-auth which is getting more useful now. For example,
in v1 it doesn't support a policy for user to access resources from
all namespaces but kube-system, but v2 can do that.

NOTE: Now we're using openstackmagnum dockerhub repo until CPO
team fixing their image release issue.

Task: 30069
Story: 1755770

Change-Id: I2425e957bd99edc92482b6f11ca0b1f91fe59ff6
2019-06-11 11:57:15 +12:00
..
COPYING Bay driver: k8s Fedora Atomic 2016-07-11 10:50:06 -05:00
kubecluster.yaml [fedora-atomic][k8s] Support default Keystone auth policy file 2019-06-11 11:57:15 +12:00
kubemaster.yaml [k8s][fedora atomic] Rolling upgrade support 2019-06-07 14:48:08 +12:00
kubeminion.yaml [k8s][fedora atomic] Rolling upgrade support 2019-06-07 14:48:08 +12:00