Ashish Patel a-patel
👨💻
a-patel
/ Kubernetes-RBAC-RoleBinding-ClusterRole.yaml
Created
October 28, 2021 17:29
Kubernetes - RBAC - RoleBinding - ClusterRole
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| # This role binding allows "dave" to read secrets in the "development" namespace. | |
| # You need to already have a ClusterRole named "secret-reader". | |
| kind: RoleBinding | |
| metadata: | |
| name: read-secrets | |
| # | |
| # The namespace of the RoleBinding determines where the permissions are granted. | |
| # This only grants permissions within the "development" namespace. | |
| namespace: development |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: Role | |
| metadata: | |
| namespace: default | |
| name: pod-reader | |
| rules: | |
| - apiGroups: [""] # "" indicates the core API group | |
| resources: ["pods"] | |
| verbs: ["get", "watch", "list"] |
a-patel
/ Kubernetes-RBAC-ClusterRole.yaml
Created
October 10, 2021 12:00
Kubernetes - RBAC - ClusterRole
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| # "namespace" omitted since ClusterRoles are not namespaced | |
| name: secret-reader | |
| rules: | |
| - apiGroups: [""] | |
| # | |
| # at the HTTP level, the name of the resource for accessing Secret | |
| # objects is "secrets" |
a-patel
/ Kubernetes-RBAC-RoleBinding.yaml
Created
October 10, 2021 12:00
Kubernetes - RBAC - RoleBinding
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| # This role binding allows "jane" to read pods in the "default" namespace. | |
| # You need to already have a Role named "pod-reader" in that namespace. | |
| kind: RoleBinding | |
| metadata: | |
| name: read-pods | |
| namespace: default | |
| subjects: | |
| # You can specify more than one "subject" | |
| - kind: User |
a-patel
/ Kubernetes-RBAC-ClusterRoleBinding.yaml
Created
October 10, 2021 12:00
Kubernetes - RBAC - ClusterRoleBinding
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| # This cluster role binding allows anyone in the "manager" group to read secrets in any namespace. | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: read-secrets-global | |
| subjects: | |
| - kind: Group | |
| name: manager # Name is case sensitive | |
| apiGroup: rbac.authorization.k8s.io | |
| roleRef: |
a-patel
/ Kubernetes-RBAC-ServiceAccount.yaml
Created
October 10, 2021 12:00
Kubernetes - RBAC - Service Account
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: build-robot | |
| automountServiceAccountToken: false |
a-patel
/ Kubernetes-Storage-StatefulSet-with-Volume.yaml
Created
September 12, 2021 05:45
Kubernetes - StatefulSet with Volume
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: apps/v1 | |
| kind: StatefulSet | |
| metadata: | |
| name: myapp-mongodb-sts | |
| namespace: myapp-ns | |
| labels: | |
| app: myapp-mongodb | |
| spec: | |
| serviceName: mongodb | |
| replicas: 1 |
a-patel
/ Kubernetes-Storage-StorageClass(SC).yaml
Last active
June 7, 2022 11:48
Kubernetes - Storage - Storage Class (SC)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: storage.k8s.io/v1 | |
| kind: StorageClass | |
| metadata: | |
| name: myapp-sc | |
| namespace: myapp-ns | |
| provisioner: kubernetes.io/aws-ebs | |
| reclaimPolicy: Retain | |
| volumeBindingMode: WaitForFirstConsumer | |
| parameters: | |
| type: io1 |
a-patel
/ Kubernetes-Storage-PersistentVolumesClaims(PVC).yaml
Created
September 12, 2021 05:32
Kubernetes - Storage - Persistent Volumes Claims (PVC)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: myapp-mongo-pvc | |
| namespace: myapp-ns | |
| spec: | |
| storageClassName: myapp-sc | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: |
a-patel
/ Kubernetes-Storage-PersistentVolumes(PV).yaml
Last active
June 7, 2022 11:48
Kubernetes - Storage - Persistent Volumes (PV)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: PersistentVolume | |
| metadata: | |
| name: myapp-mongo-pv | |
| spec: | |
| capacity: | |
| storage: 1Gi | |
| volumeMode: Filesystem | |
| accessModes: | |
| - ReadWriteOnce |