\\--feature-gates=KubeletPluginsWatcher=false\\
.Kubernetes Object Name | Type | Default Resource Occupation | Namespace |
csi-provisioner-cfsplugin | StatefulSet | - | kube-system |
csi-nodeplugin-cfsplugin | DaemonSet | - | kube-system |
csi-provisioner-cfsplugin | Service | 1C2G | kube-system |
Feature | Involved Object | Involved Operation Permission |
It is required to support the dynamic creation of CFS instances. | persistentvolumeclaims/persistentvolumes | All operations |
| storageclasses | get/list/watch |
Supporting the cfs instance under the shared pattern | tcfs | get/list/watch/create/update/delete/patch |
| deployment | get/list/watch/create/update/delete |
| node | get/list |
kind: ClusterRoleapiVersion: rbac.authorization.k8s.io/v1metadata:name: csi-cfs-controller-rolerules:- apiGroups: [""]resources: ["nodes"]verbs: ["get", "list"]- apiGroups: [""]resources: ["services", "events", "configmaps", "endpoints"]verbs: ["get","list","create","update","patch","delete"]- apiGroups: [""]resources: ["services/status", "events/status"]verbs: ["get"]- apiGroups: [""]resources: ["persistentvolumes"]verbs: ["get", "list", "watch", "create", "delete", "update"]- apiGroups: [""]resources: ["persistentvolumeclaims"]verbs: ["get", "list", "watch", "update", "patch", "create"]- apiGroups: ["storage.k8s.io"]resources: ["volumeattachments", "volumeattachments/status"]verbs: ["get", "list", "watch", "update", "patch"]- apiGroups: ["storage.k8s.io"]resources: ["storageclasses"]verbs: ["get", "list", "watch"]- apiGroups: ["extensions"]resources: ["ingresses"]verbs: ["get", "list", "watch", "update", "patch", "create"]- apiGroups: ["extensions"]resources: ["ingresses/status"]verbs: ["get"]- apiGroups: ["apps"]resources: ["deployments"]verbs: ["get", "list", "delete", "update", "create", "watch"]- apiGroups: ["apps"]resources: ["deployments/status"]verbs: ["get"]- apiGroups: ["tcfsoperator.k8s.io"]resources: ["tcfs", "tcfs/status"]verbs: ["get", "list", "watch", "create", "delete", "update", "patch"]---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata:name: tcfs-subdir-external-provisioner-runnerrules:- apiGroups: [""]resources: ["nodes"]verbs: ["get", "list", "watch"]- apiGroups: [""]resources: ["persistentvolumes"]verbs: ["get", "list", "watch", "create", "delete"]- apiGroups: [""]resources: ["persistentvolumeclaims"]verbs: ["get", "list", "watch", "update"]- apiGroups: ["storage.k8s.io"]resources: ["storageclasses"]verbs: ["get", "list", "watch"]- apiGroups: [""]resources: ["events"]verbs: ["create", "update", "patch"]
Was this page helpful?