mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
fix some kubeadm init phase constants
This commit is contained in:
parent
731dc8cf74
commit
c5c9429d0e
@ -45,6 +45,12 @@ const (
|
||||
|
||||
// KubeProxyServiceAccountName describes the name of the ServiceAccount for the kube-proxy addon
|
||||
KubeProxyServiceAccountName = "kube-proxy"
|
||||
|
||||
// KubeProxyClusterRoleBindingName sets the name for the kube-proxy CluterRoleBinding
|
||||
KubeProxyClusterRoleBindingName = "kubeam:node-proxier"
|
||||
|
||||
// KubeProxyConfigMapRoleName sets the name of ClusterRole for ConfigMap
|
||||
KubeProxyConfigMapRoleName = "kube-proxy"
|
||||
)
|
||||
|
||||
// EnsureProxyAddon creates the kube-proxy addons
|
||||
@ -157,7 +163,7 @@ func createKubeProxyAddon(cfg *kubeadmapi.ClusterConfiguration, client clientset
|
||||
func createClusterRoleBindings(client clientset.Interface) error {
|
||||
if err := apiclient.CreateOrUpdateClusterRoleBinding(client, &rbac.ClusterRoleBinding{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: "kubeadm:node-proxier",
|
||||
Name: KubeProxyClusterRoleBindingName,
|
||||
},
|
||||
RoleRef: rbac.RoleRef{
|
||||
APIGroup: rbac.GroupName,
|
||||
@ -178,7 +184,7 @@ func createClusterRoleBindings(client clientset.Interface) error {
|
||||
// Create a role for granting read only access to the kube-proxy component config ConfigMap
|
||||
if err := apiclient.CreateOrUpdateRole(client, &rbac.Role{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: constants.KubeProxyConfigMap,
|
||||
Name: KubeProxyConfigMapRoleName,
|
||||
Namespace: metav1.NamespaceSystem,
|
||||
},
|
||||
Rules: []rbac.PolicyRule{
|
||||
@ -196,13 +202,13 @@ func createClusterRoleBindings(client clientset.Interface) error {
|
||||
// Bind the role to bootstrap tokens for allowing fetchConfiguration during join
|
||||
return apiclient.CreateOrUpdateRoleBinding(client, &rbac.RoleBinding{
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
Name: constants.KubeProxyConfigMap,
|
||||
Name: KubeProxyConfigMapRoleName,
|
||||
Namespace: metav1.NamespaceSystem,
|
||||
},
|
||||
RoleRef: rbac.RoleRef{
|
||||
APIGroup: rbac.GroupName,
|
||||
Kind: "Role",
|
||||
Name: constants.KubeProxyConfigMap,
|
||||
Name: KubeProxyConfigMapRoleName,
|
||||
},
|
||||
Subjects: []rbac.Subject{
|
||||
{
|
||||
|
@ -125,7 +125,7 @@ func AutoApproveNodeBootstrapTokens(client clientset.Interface) error {
|
||||
},
|
||||
Subjects: []rbac.Subject{
|
||||
{
|
||||
Kind: "Group",
|
||||
Kind: rbac.GroupKind,
|
||||
Name: constants.NodeBootstrapTokenAuthGroup,
|
||||
},
|
||||
},
|
||||
@ -147,7 +147,7 @@ func AutoApproveNodeCertificateRotation(client clientset.Interface) error {
|
||||
},
|
||||
Subjects: []rbac.Subject{
|
||||
{
|
||||
Kind: "Group",
|
||||
Kind: rbac.GroupKind,
|
||||
Name: constants.NodesGroup,
|
||||
},
|
||||
},
|
||||
|
Loading…
Reference in New Issue
Block a user