mirror of https://gerrit.hackerspace.pl/hscloud
cluster: allow insecure pods in rook-ceph-system
This is required for the agent to start a socket on each host for kubelet-to-rook access. Change-Id: I78529df81185aeaacdcb494138f72f0224a029c6changes/34/34/2
parent
350aa88421
commit
a01c487a6e
|
@ -1,6 +1,7 @@
|
|||
# Deploy Rook/Ceph Operator
|
||||
|
||||
local kube = import "../../../kube/kube.libsonnet";
|
||||
local policies = import "../../../kube/policies.libsonnet";
|
||||
|
||||
{
|
||||
Operator: {
|
||||
|
@ -21,6 +22,8 @@ local kube = import "../../../kube/kube.libsonnet";
|
|||
|
||||
namespace: kube.Namespace(cfg.namespace),
|
||||
|
||||
policyInsecure: policies.AllowNamespaceInsecure(cfg.namespace),
|
||||
|
||||
crds: {
|
||||
cephclusters: kube.CustomResourceDefinition("ceph.rook.io", "v1", "CephCluster") {
|
||||
spec+: {
|
||||
|
|
Loading…
Reference in New Issue