-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cluster Role vs Role #3
Comments
sfxworks
added a commit
that referenced
this issue
Jun 10, 2019
* RCON Port Correction * Backup Integration Backup Integration Uses Stash. Every midnight * New Values New configurable values based on itzg/minecraft-server and s3 backup values. * Altered backup manifest * Change user auth type to service-account For running/easy mounting of kubectl in pod * Updated server deployment Users now have an SSH container with a generated private key. Users no longer need to authenticate with premade cert and key. Service account bound to ssh pod allowing users to run kubectl via the SSH session. Resolves #1 #3 and partial resolution of #4 in the sense of PID running and mounting * Moved DNS updates and mail notification to job Uses mounted secrets. Note: User service acocunt is not allowed to read secrets. * Chart Update Chart update Version 2.0 release
Altered to use individual service accounts. |
sfxworks
added a commit
that referenced
this issue
Sep 3, 2019
* RCON Port Correction * Backup Integration Backup Integration Uses Stash. Every midnight * New Values New configurable values based on itzg/minecraft-server and s3 backup values. * Altered backup manifest * Change user auth type to service-account For running/easy mounting of kubectl in pod * Updated server deployment Users now have an SSH container with a generated private key. Users no longer need to authenticate with premade cert and key. Service account bound to ssh pod allowing users to run kubectl via the SSH session. Resolves #1 #3 and partial resolution of #4 in the sense of PID running and mounting * Moved DNS updates and mail notification to job Uses mounted secrets. Note: User service acocunt is not allowed to read secrets. * Chart Update Chart update Version 2.0 release
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Impliment ClusterRole RBAC vs current role rbac. Keep all perms organized on one space. https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Will need to remove from current chart. May need cluster repo.
The text was updated successfully, but these errors were encountered: