Docker Community Forums

Share and learn in the Docker community.

Enable for kube-apiserver

(Tdovan) #1

By default, the kube-apiserver does not have the
I’m trying to activate the do you know how to enable this ?


(Vivek Saraswat) #2

Hi tdovan, this is the default Kubernetes RBAC, correct? This cannot enabled in this version of UCP, as UCP uses its own RBAC system. In the future, we are assessing how to add Kube default RBAC compatibility.

(Wsitscorpid) #3

Hi @vsaraswat, can you share what info you have on the progress of this? Is there a Docker EE roadmap which talks to providing default kubernetes RBAC support?

Not having the API within the Docker EE platform is quite restrictive. One can’t deploy any Helm charts with RBAC enabled.

One is also not able to deploy any of the new Kubernetes Operators. The Operators all construct their own custom APIs as well as associated roles. This again is done through the API.

As an example the Oracle/MySQL-Operator has four different roles and sets of permissions. This would require a bit of effort to translate into the Docker EE roles/grants and will require future testing whenever updated. This kind of customization defeats the purpose of Operator Framework.

(Docana) #4

Any updates on this?