move fluentd rbac to yakow

2017-04-15 17:53:13 +02:00 · 2017-04-15 17:53:13 +02:00 · babc372d04
commit babc372d04
parent c1db6da4c1
3 changed files with 0 additions and 24 deletions
--- a/roles/rbac/tasks/main.yml
+++ b/roles/rbac/tasks/main.yml
@ -20,8 +20,6 @@
    - {name: 'custom:system:kube-dns', file: 'custom:system:kube-dns-clusterrolebinding.yml', type: clusterrolebinding}
    - {name: 'custom:system:node', file: 'custom:system:node-clusterrole.yml', type: clusterrole}
    - {name: 'custom:system:node', file: 'custom:system:node-clusterrolebinding.yml', type: clusterrolebinding}
-    - {name: fluentd, file: fluentd-clusterrole.yml, type: clusterrole}
-    - {name: fluentd, file: fluentd-clusterrolebinding.yml, type: clusterrolebinding}
    - {name: cluster-admin-local, file: cluster-admin-local-clusterrolebinding.yml, type: clusterrolebinding}
  register: manifests
  when: inventory_hostname == groups['kube-master'][0]
--- a/roles/rbac/templates/fluentd-clusterrole.yml
+++ b/roles/rbac/templates/fluentd-clusterrole.yml
@ -1,9 +0,0 @@
---
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
-metadata:
-  name: fluentd
-rules:
-  - apiGroups: [""]
-    resources: ["pods"]
-    verbs: ["get"]
--- a/roles/rbac/templates/fluentd-clusterrolebinding.yml
+++ b/roles/rbac/templates/fluentd-clusterrolebinding.yml
@ -1,13 +0,0 @@
---
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
-metadata:
-  name: fluentd
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: fluentd
-subjects:
- kind: ServiceAccount
-  name: fluentd
-  namespace: kube-system