mirror of
https://github.com/k3s-io/kubernetes.git
synced 2026-01-17 07:14:58 +00:00
a7396fdd3f
If the node authorizer is active, RBAC rules are not needed. But if it's disabled, kubelet needs to get permission through RBAC. In contrast to the authorizer code which is a bit more flexible and isn't directly tied to the current kubelet implementation (i.e. it allows list+delete instead of just deletecollection), the RBAC entry is just for what the current kubelet does because it's a bit easier to change.