From 33f6ce61ada7e30cb1cc3b8c302b46495f223ca2 Mon Sep 17 00:00:00 2001
From: Wei Zhang <kweizh@gmail.com>
Date: Mon, 26 Jul 2021 11:26:34 +0800
Subject: [PATCH] rbac: grant node/status update permission to manager and
 master

Signed-off-by: Wei Zhang <kweizh@gmail.com>
---
 build/assets/master/0200_clusterrole.yaml | 2 +-
 config/rbac/role.yaml                     | 9 ++++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/build/assets/master/0200_clusterrole.yaml b/build/assets/master/0200_clusterrole.yaml
index d3548eb5d..fde18bcd2 100644
--- a/build/assets/master/0200_clusterrole.yaml
+++ b/build/assets/master/0200_clusterrole.yaml
@@ -8,8 +8,8 @@ rules:
   resources:
   - pods
   - nodes
+  - nodes/status
   verbs:
   - get
   - patch
   - update
-
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 35803e5f8..f8933a3ed 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -1,4 +1,3 @@
-
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@@ -166,6 +165,14 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - ""
+  resources:
+  - nodes/status
+  verbs:
+  - get
+  - patch
+  - update
 - apiGroups:
   - ""
   resources: