summaryrefslogtreecommitdiffstats
path: root/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
diff options
context:
space:
mode:
authorJose A. Rivera <jarrpa@redhat.com>2017-09-29 22:45:10 -0500
committerJose A. Rivera <jarrpa@redhat.com>2017-09-29 22:45:10 -0500
commit4ab3e20e333d107163abe2a3c88f2aecae3fd77e (patch)
treece693d062a3b4b8e8936b779522bcb5dc546ce25 /roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
parent1cd0a0c1165a4f274b30d7570f2e3ab2009e0046 (diff)
downloadopenshift-4ab3e20e333d107163abe2a3c88f2aecae3fd77e.tar.gz
openshift-4ab3e20e333d107163abe2a3c88f2aecae3fd77e.tar.bz2
openshift-4ab3e20e333d107163abe2a3c88f2aecae3fd77e.tar.xz
openshift-4ab3e20e333d107163abe2a3c88f2aecae3fd77e.zip
GlusterFS: make ServiceAccounts privileged when either glusterfs or heketi is native
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Diffstat (limited to 'roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml')
-rw-r--r--roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml11
1 files changed, 11 insertions, 0 deletions
diff --git a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
index 3f6dab78b..51724f979 100644
--- a/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
+++ b/roles/openshift_storage_glusterfs/tasks/glusterfs_common.yml
@@ -18,6 +18,17 @@
node_selector: "{% if glusterfs_use_default_selector %}{{ omit }}{% endif %}"
when: glusterfs_is_native or glusterfs_heketi_is_native or glusterfs_storageclass
+- name: Add namespace service accounts to privileged SCC
+ oc_adm_policy_user:
+ user: "system:serviceaccount:{{ glusterfs_namespace }}:{{ item }}"
+ resource_kind: scc
+ resource_name: privileged
+ state: present
+ with_items:
+ - 'default'
+ - 'router'
+ when: glusterfs_is_native or glusterfs_heketi_is_native
+
- name: Delete pre-existing heketi resources
oc_obj:
namespace: "{{ glusterfs_namespace }}"
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-06 12:49:51 +0000