RBAC
This is just for illustration, deploying hbase cluster/tenant/standalone comes bundled with rbac permissions
-
RBAC for multi namespace deployment (Operator is deployed in its own namespace different from either cluster or tenant namesapces)
-
Create
ClusterRole
with permissions required for operator to apply on namespaces. Assuming operator is on different namespace from hbasecluster and or tenant. ModifyRole
toClusterRole
in config/rbac/role.yaml in case you want to have global scope or else apply hbase-cluster-ns or hbase-tenant-ns namespace without any changeskubectl apply -f config/rbac/role.yaml
Or
Apply contents from
config/rbac/role.yaml
using some automation tool -
Create RoleBilding under namespace which is hosting either
hbase-tenant-ns
orhbase-cluster-ns
such as follows. Wherehbase-tenant-ns
andhbase-cluster-ns
are the namespace on which you would deploy your resourceskubectl apply -f config/rbac/role_binding.yaml -n hbase-cluster-ns kubectl apply -f config/rbac/role_binding.yaml -n hbase-tenant-ns
Service Account and roleRef particulars should match with which operator will be run along with namespace
-
-
RBAC for single namespace deployment (Operator is deployed along with hbase cluster/tenant in single namespace)
-
Create
Role
with permissions required for operator to apply on namespaces.kubectl apply -f config/rbac/role.yaml
-
Create RoleBilding under same namespace.
kubectl apply -f config/rbac/role_binding.yaml
Service Account and roleRef particulars should match with which operator will be run along with namespace
-