-
Notifications
You must be signed in to change notification settings - Fork 385
Tweaks to the walkthrough for local-up-cluster #1076
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am assuming you tested this @pmorie, and it looks good to me, so I'm LGTMing it.
docs/walkthrough.md
Outdated
KUBE_ENABLE_CLUSTER_DNS=true hack/local-up-cluster.sh -O | ||
``` | ||
```console | ||
KUBE_ENABLE_CLUSTER_DNS=true hack/local-up-cluster.sh -O |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
KUBE_ENABLE_CLUSTER_DNS=true
is the default in kube now
- "--service-catalog-insecure-skip-verify=true" | ||
{{- end }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall question:
Do we need an issue to make sure every single flag is helm exposed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some research makes it LGTM.
namespace has the `cluster-admin` role: | ||
|
||
```console | ||
kubectl create clusterrolebinding default-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
kubeadm sets up this level of access, and while I have to include the disclaimer that kubeadm is not production ready, I have to somewhat assume that a decision was made that this is the correct level of access.
An additional data point is that Bluemix does include this serviceAccount bound to this level of access.
0498d76
to
e324287
Compare
A couple tweaks were necessary for me to make the walkthrough run on a cluster created with
local-up-cluster.sh
:kube-system
namespace a cluster admin