新增learn-kubernetes（https://github.com/yyong-brs/learn-kubernetes）相关文件

2024-02-20 17:15:27 +08:00
parent 6706e1a633
commit 34158042ad
1529 changed files with 177765 additions and 0 deletions
--- a/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/role-bindings/sre-sa-group.yaml
+++ b/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/role-bindings/sre-sa-group.yaml
@@ -0,0 +1,28 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: sre-sa-view-cluster
+  labels:
+    kiamol: ch17
+subjects:
+- kind: Group
+  name: system:serviceaccounts:kiamol-authn-sre
+  apiGroup: rbac.authorization.k8s.io
+roleRef:
+  kind: ClusterRole
+  name: view
+  apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: sre-sa-edit-ch17
+  namespace: kiamol-ch17
+subjects:
+- kind: Group
+  name: system:serviceaccounts:kiamol-authn-sre
+  apiGroup: rbac.authorization.k8s.io
+roleRef:
+  kind: ClusterRole
+  name: edit
+  apiGroup: rbac.authorization.k8s.io
--- a/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/role-bindings/test-sa-group.yaml
+++ b/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/role-bindings/test-sa-group.yaml
@@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: test-sa-logs-cluster
+  labels:
+    kiamol: ch17
+subjects:
+- kind: Group
+  name: system:serviceaccounts:kiamol-authn-test
+  apiGroup: rbac.authorization.k8s.io
+roleRef:
+  kind: ClusterRole
+  name: logs-reader
+  apiGroup: rbac.authorization.k8s.io
--- a/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/sre-sa.yaml
+++ b/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/sre-sa.yaml
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kiamol-authn-sre
+  labels:
+    kiamol: ch17
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: sre2
+  namespace: kiamol-authn-sre
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: sre2-sa-token
+  namespace: kiamol-authn-sre
+  annotations:
+    kubernetes.io/service-account.name: sre2
+type: kubernetes.io/service-account-token
--- a/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/test-sa.yaml
+++ b/learn/learn-kubernetes-master/kiamol/ch17/user-groups/service-accounts/test-sa.yaml
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kiamol-authn-test
+  labels:
+    kiamol: ch17
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: tester2
+  namespace: kiamol-authn-test
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: tester2-sa-token
+  namespace: kiamol-authn-test
+  annotations:
+    kubernetes.io/service-account.name: tester2
+type: kubernetes.io/service-account-token