Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cluster Role vs Role #3

Closed
sfxworks opened this issue Apr 9, 2019 · 1 comment
Closed

Cluster Role vs Role #3

sfxworks opened this issue Apr 9, 2019 · 1 comment

Comments

@sfxworks
Copy link
Contributor

sfxworks commented Apr 9, 2019

Impliment ClusterRole RBAC vs current role rbac. Keep all perms organized on one space. https://kubernetes.io/docs/reference/access-authn-authz/rbac/

Will need to remove from current chart. May need cluster repo.
sfxworks added a commit that referenced this issue Jun 10, 2019
@sfxworks
Updated server deployment
e2c03a4 
Users now have an SSH container with a generated private key. Users no longer need to authenticate with premade cert and key. Service account bound to ssh pod allowing users to run kubectl via the SSH session.

Resolves #1 #3 and partial resolution of #4 in the sense of PID running and mounting
sfxworks added a commit that referenced this issue Jun 10, 2019
@sfxworks
Helm Chart 2.0 Release (#5)
991d5a3 
* RCON Port Correction

* Backup Integration

Backup Integration
Uses Stash.
Every midnight

* New Values

New configurable values based on itzg/minecraft-server and s3 backup values.

* Altered backup manifest

* Change user auth type to service-account

For running/easy mounting of kubectl in pod

* Updated server deployment

Users now have an SSH container with a generated private key. Users no longer need to authenticate with premade cert and key. Service account bound to ssh pod allowing users to run kubectl via the SSH session.

Resolves #1 #3 and partial resolution of #4 in the sense of PID running and mounting

* Moved DNS updates and mail notification to job

Uses mounted secrets. Note: User service acocunt is not allowed to read secrets.

* Chart Update

Chart update
Version 2.0 release
@sfxworks
Copy link
Contributor Author

Altered to use individual service accounts.

sfxworks added a commit that referenced this issue Sep 3, 2019
@sfxworks
Helm Chart 2.0 Release (#5)
219506f 
* RCON Port Correction

* Backup Integration

Backup Integration
Uses Stash.
Every midnight

* New Values

New configurable values based on itzg/minecraft-server and s3 backup values.

* Altered backup manifest

* Change user auth type to service-account

For running/easy mounting of kubectl in pod

* Updated server deployment

Users now have an SSH container with a generated private key. Users no longer need to authenticate with premade cert and key. Service account bound to ssh pod allowing users to run kubectl via the SSH session.

Resolves #1 #3 and partial resolution of #4 in the sense of PID running and mounting

* Moved DNS updates and mail notification to job

Uses mounted secrets. Note: User service acocunt is not allowed to read secrets.

* Chart Update

Chart update
Version 2.0 release
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sfxworks