fe4c9a7221
This change brings Redfish support to the Jump Host service, enabling sub-cluster operators to reboot virtual machines in their sub-cluster. With a Secret containing sub-cluster host information (e.g. BMC addresses, BMC usernames, BMC password) and a ConfigMap containing a wrapper script for DMTF's redfishtool, a user in a sub-cluster's Jump Pod can manage their hosts by executing /sip/scripts/reboot [CMD]. Signed-off-by: Drew Walters <andrew.walters@att.com> Change-Id: Iff71ad2287cb095ebe92445a4a09771697efa5ee
80 lines
999 B
YAML
80 lines
999 B
YAML
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: scheduler-role
|
|
namespace: metal3
|
|
rules:
|
|
- apiGroups:
|
|
- metal3.io
|
|
resources:
|
|
- baremetalhosts
|
|
verbs:
|
|
- get
|
|
- list
|
|
- patch
|
|
- watch
|
|
- update
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
verbs:
|
|
- get
|
|
- list
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: cluster-scheduler-role
|
|
rules:
|
|
- apiGroups:
|
|
- metal3.io
|
|
resources:
|
|
- baremetalhosts
|
|
verbs:
|
|
- get
|
|
- list
|
|
- patch
|
|
- watch
|
|
- update
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- namespaces
|
|
- deployments
|
|
- secrets
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- update
|
|
- get
|
|
- list
|
|
- watch
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: sipcluster-infra-service
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
- services
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- update
|
|
- get
|
|
- list
|
|
- watch
|