imfreedom/k8s-cluster
Clone
Summary
Browse
Changes
Graph
Add a service account so we can access the kubernetes dashboard
2019-05-24, Gary Kramlich
27bd6d2673ce
Add a service account so we can access the kubernetes dashboard
apiVersion
:
v1
kind
:
ServiceAccount
metadata
:
name
:
cert-manager
namespace
:
kube-system
labels
:
app
:
cert-manager
---
apiVersion
:
apiextensions.k8s.io/v1beta1
kind
:
CustomResourceDefinition
metadata
:
name
:
certificates.certmanager.k8s.io
labels
:
app
:
cert-manager
spec
:
group
:
certmanager.k8s.io
version
:
v1alpha1
scope
:
Namespaced
names
:
kind
:
Certificate
plural
:
certificates
shortNames
:
-
cert
-
certs
---
apiVersion
:
apiextensions.k8s.io/v1beta1
kind
:
CustomResourceDefinition
metadata
:
name
:
clusterissuers.certmanager.k8s.io
labels
:
app
:
cert-manager
spec
:
group
:
certmanager.k8s.io
version
:
v1alpha1
scope
:
Cluster
names
:
kind
:
ClusterIssuer
plural
:
clusterissuers
---
apiVersion
:
apiextensions.k8s.io/v1beta1
kind
:
CustomResourceDefinition
metadata
:
name
:
issuers.certmanager.k8s.io
labels
:
app
:
cert-manager
spec
:
group
:
certmanager.k8s.io
version
:
v1alpha1
scope
:
Namespaced
names
:
kind
:
Issuer
plural
:
issuers
---
apiVersion
:
rbac.authorization.k8s.io/v1beta1
kind
:
ClusterRole
metadata
:
name
:
cert-manager
labels
:
app
:
cert-manager
rules
:
-
apiGroups
:
[
"certmanager.k8s.io"
]
resources
:
[
"certificates"
,
"issuers"
,
"clusterissuers"
,
"orders"
,
"challenges"
]
verbs
:
[
"*"
]
-
apiGroups
:
[
""
]
resources
:
[
"configmaps"
,
"secrets"
,
"events"
,
"services"
,
"pods"
]
verbs
:
[
"*"
]
-
apiGroups
:
[
"extensions"
]
resources
:
[
"ingresses"
]
verbs
:
[
"*"
]
---
apiVersion
:
rbac.authorization.k8s.io/v1beta1
kind
:
ClusterRoleBinding
metadata
:
name
:
cert-manager
labels
:
app
:
cert-manager
roleRef
:
apiGroup
:
rbac.authorization.k8s.io
kind
:
ClusterRole
name
:
cert-manager
subjects
:
-
name
:
cert-manager
namespace
:
kube-system
kind
:
ServiceAccount
---
apiVersion
:
apps/v1beta1
kind
:
Deployment
metadata
:
name
:
cert-manager
namespace
:
kube-system
labels
:
app
:
cert-manager
spec
:
replicas
:
1
selector
:
matchLabels
:
app
:
cert-manager
template
:
metadata
:
labels
:
app
:
cert-manager
spec
:
serviceAccountName
:
cert-manager
containers
:
-
name
:
cert-manager
image
:
"quay.io/jetstack/cert-manager-controller:v0.5.0"
imagePullPolicy
:
IfNotPresent
args
:
-
--cluster-resource-namespace=$(POD_NAMESPACE)
-
--leader-election-namespace=$(POD_NAMESPACE)
env
:
-
name
:
POD_NAMESPACE
valueFrom
:
fieldRef
:
fieldPath
:
metadata.namespace
resources
:
requests
:
cpu
:
10m
memory
:
32Mi
---
