Kubernetes Cluster Changes
When connecting a Kubernetes cluster, Bunnyshell applies the following changes to the cluster:
- add the access control resources.
The changes are documented in detail below.
ClusterRoles:
bunnyshell:events-read-access- required to read events from cluster. The events are displayed in the real-time logs section of the Bunnyshell UI.bunnyshell:read-access- required to read real-time logs from pods/services. The logs messages are shown in the real-time logs section of the Bunnyshell UI.bunnyshell:remote-development-v2- required to enable remote development.
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: bunnyshell:events-read-access
rules:
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- events
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: bunnyshell:read-access
rules:
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- pods
- pods/attach
- pods/exec
- pods/log
- pods/status
- pods/portforward
- services
- configmaps
- serviceaccounts
- secrets
- events
- replicationcontrollers
- persistentvolumeclaims
- namespaces
- namespaces/status
- resourcequotas
- resourcequotas/status
- verbs:
- get
- list
- watch
apiGroups:
- apps
resources:
- '*'
- verbs:
- get
- list
- watch
apiGroups:
- batch
resources:
- jobs
- cronjobs
- verbs:
- get
- list
- watch
apiGroups:
- extensions
resources:
- '*'
- verbs:
- get
- list
- watch
apiGroups:
- metrics.k8s.io
resources:
- pods
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: bunnyshell:remote-development-v2
rules:
- verbs:
- create
- patch
- delete
apiGroups:
- ''
resources:
- pods/attach
- pods/exec
- pods/log
- pods/status
- pods/portforward
- persistentvolumeclaims
- secrets
- verbs:
- patch
- update
apiGroups:
- apps
resources:
- deployments
- statefulsets
- daemonsetsUpdated 17 days ago