mirror/cube-studio
2
0
Fork 0
mirror of https://github.com/tencentmusic/cube-studio.git synced 2025-02-11 14:34:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
4911fae93c
cube-studio/install/kubernetes/sa-rbac.yaml
pengluan 97e071eb3b deploy
2021-08-17 17:00:34 +08:00

58 lines
1.3 KiB
YAML
Executable File
Raw Blame History

# 训练使用的特殊账号,用来在集群中控制启动分布式
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubeflow-clusterrole
rules:
- apiGroups: ["*"]
resources: ["pods","pods/log","services","endpoints","configmaps","nodes","deployments","mpijobs","tfjobs","pytorchjobs","frameworks"]
verbs: ["create", "delete", "deletecollection", "patch", "update", "get", "list", "watch"]
- apiGroups: ["*"]
resources: ["*"]
verbs: ["create", "delete", "deletecollection", "patch", "update", "get", "list", "watch"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kubeflow-pipeline
namespace: pipeline
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubeflow-pipeline
subjects:
- kind: ServiceAccount
name: kubeflow-pipeline
namespace: pipeline
roleRef:
kind: ClusterRole
name: kubeflow-clusterrole
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nni
namespace: katib
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: katib-nni-clusterrolebinding
subjects:
- kind: ServiceAccount
name: nni
namespace: katib
roleRef:
kind: ClusterRole
name: kubeflow-clusterrole
apiGroup: rbac.authorization.k8s.io
Reference in New Issue View Git Blame Copy Permalink