File tree Expand file tree Collapse file tree 10 files changed +129
-82
lines changed
postgres-operator/templates
hugo/content/installation Expand file tree Collapse file tree 10 files changed +129
-82
lines changed Original file line number Diff line number Diff line change 1+ #! /bin/bash
2+ helm init --service-account tiller
Original file line number Diff line number Diff line change 22apiVersion : rbac.authorization.k8s.io/v1beta1
33kind : ClusterRoleBinding
44metadata :
5- name : {{ template "postgres-operator.fullname" . }}
6- labels :
7- app : {{ template "postgres-operator.name" . }}
8- chart : {{ template "postgres-operator.chart" . }}
9- release : {{ .Release.Name }}
10- heritage : {{ .Release.Service }}
5+ name : pgopclusterbinding
116roleRef :
127 apiGroup : rbac.authorization.k8s.io
138 kind : ClusterRole
14- name : {{ template "postgres-operator.fullname" . }}
9+ name : pgopclusterrole
1510subjects :
16- - kind : ServiceAccount
17- name : {{ template "postgres-operator.serviceAccountName" . }}
18- namespace : " {{ .Release.Namespace }}"
11+ - apiGroup : rbac.authorization.k8s.io
12+ kind : User
13+ name : postgres-operator
14+
15+ ---
16+
17+ apiVersion : rbac.authorization.k8s.io/v1beta1
18+ kind : ClusterRoleBinding
19+ metadata :
20+ name : pgopclusterbindingcrd
21+ roleRef :
22+ apiGroup : rbac.authorization.k8s.io
23+ kind : ClusterRole
24+ name : pgopclusterrolecrd
25+ subjects :
26+ - apiGroup : rbac.authorization.k8s.io
27+ kind : User
28+ name : postgres-operator
29+
1930{{ end }}
Original file line number Diff line number Diff line change 22apiVersion : rbac.authorization.k8s.io/v1beta1
33kind : ClusterRole
44metadata :
5- name : {{ template "postgres-operator.fullname" . }}
6- labels :
7- app : {{ template "postgres-operator.name" . }}
8- chart : {{ template "postgres-operator.chart" . }}
9- release : {{ .Release.Name }}
10- heritage : {{ .Release.Service }}
5+ name : pgopclusterrole
116rules :
127 - verbs :
138 - get
149 - list
15- - watch
16- - create
17- - patch
18- - update
1910 apiGroups :
2011 - ' *'
2112 resources :
22- - customresourcedefinitions
23- - customresourcedefinitions/status
2413 - nodes
25- - jobs
26- - jobs/status
27- - pgbackups
28- - pgingests
14+
15+ ---
16+ kind : ClusterRole
17+ apiVersion : rbac.authorization.k8s.io/v1beta1
18+ metadata :
19+ name : pgopclusterrolecrd
20+ rules :
21+ - verbs :
22+ - ' *'
23+ apiGroups :
24+ - ' *'
25+ resources :
2926 - pgclusters
3027 - pgpolicies
31- - pgpolicylogs
3228 - pgupgrades
3329 - pgtasks
34- {{ end }}
30+ - pgingests
31+ - pgbackups
32+ - pgreplicas
33+
34+
35+ {{ end }}
Original file line number Diff line number Diff line change 1515 app : {{ template "postgres-operator.name" . }}
1616 release : {{ .Release.Name }}
1717 spec :
18+ serviceAccountName : postgres-operator
1819 containers :
19- - name : {{ .Chart.Name }}- apiserver
20+ - name : apiserver
2021 image : " {{ .Values.env.co_image_prefix }}/pgo-apiserver:{{ .Values.env.co_image_tag }}"
2122 imagePullPolicy : {{ .Values.image.pullPolicy }}
2223 securityContext : {}
3637 - name : operator-conf
3738 mountPath : /operator-conf
3839 readOnly : true
39- - name : {{ .Chart.Name }}- operator
40+ - name : operator
4041 image : " {{ .Values.env.co_image_prefix }}/postgres-operator:{{ .Values.env.co_image_tag }}"
4142 imagePullPolicy : {{ .Values.image.pullPolicy }}
4243 securityContext : {}
Original file line number Diff line number Diff line change 1+ {{ if .Values.serviceAccount.create }}
2+ apiVersion : v1
3+ kind : ServiceAccount
4+ metadata :
5+ name : postgres-operator
6+ labels :
7+ app : {{ template "postgres-operator.name" . }}
8+ chart : {{ template "postgres-operator.chart" . }}
9+ release : {{ .Release.Name }}
10+ heritage : {{ .Release.Service }}
11+ namespace : " {{ .Release.Namespace }}"
12+
13+ ---
14+
15+ kind : Role
16+ apiVersion : rbac.authorization.k8s.io/v1beta1
17+ metadata :
18+ name : pgo-role
19+ namespace : " {{ .Release.Namespace }}"
20+ rules :
21+ - apiGroups :
22+ - ' *'
23+ resources :
24+ - " *"
25+ verbs :
26+ - " *"
27+ - apiGroups :
28+ - " "
29+ resources :
30+ - pods
31+ - services
32+ - endpoints
33+ - persistentvolumeclaims
34+ - events
35+ - configmaps
36+ - secrets
37+ verbs :
38+ - " *"
39+ - apiGroups :
40+ - apps
41+ resources :
42+ - deployments
43+ - daemonsets
44+ - replicasets
45+ - statefulsets
46+ verbs :
47+ - " *"
48+
49+ ---
50+
51+ kind : RoleBinding
52+ apiVersion : rbac.authorization.k8s.io/v1beta1
53+ metadata :
54+ name : pgo-role-binding
55+ namespace : " {{ .Release.Namespace }}"
56+ subjects :
57+ - kind : ServiceAccount
58+ name : postgres-operator
59+ namespace : " {{ .Release.Namespace }}"
60+ roleRef :
61+ kind : Role
62+ name : pgo-role
63+ apiGroup : rbac.authorization.k8s.io
64+
65+
66+ {{ end }}
Load Diff This file was deleted.
Load Diff This file was deleted.
Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1+ apiVersion : v1
2+ kind : ServiceAccount
3+ metadata :
4+ name : tiller
5+ namespace : kube-system
6+ ---
7+ apiVersion : rbac.authorization.k8s.io/v1beta1
8+ kind : ClusterRoleBinding
9+ metadata :
10+ name : tiller
11+ roleRef :
12+ apiGroup : rbac.authorization.k8s.io
13+ kind : ClusterRole
14+ name : cluster-admin
15+ subjects :
16+ - kind : ServiceAccount
17+ name : tiller
18+ namespace : kube-system
Original file line number Diff line number Diff line change @@ -121,7 +121,6 @@ tar xvzf ./postgres-operator.3.2.tar.gz
121121Next, deploy the operator to your Kubernetes cluster -
122122....
123123cd $COROOT
124- go get github.com/blang/expenv
125124make installrbac
126125make deployoperator
127126....
You can’t perform that action at this time.
0 commit comments