In our current way of deploying k8s we have a lot of cluster where parts of the cluster ( the api, etcd etc. ) run in one cluster (mgmt) and the workload runs in another (workload).
Not only do i want to register the workload cluster in greenhouse and the management cluster. I want to be able to assign RBAC permissions towards a namespace in mgmt as well as the workload cluster.
E.g.: in our ceph use case we have a support team that needs to be admin inside the ceph clusters and able to manipulate CRD's and k8s primitives in one namespace of the mgmt cluster.
Priority
None
Description
In our current way of deploying k8s we have a lot of cluster where parts of the cluster ( the api, etcd etc. ) run in one cluster (mgmt) and the workload runs in another (workload).
Not only do i want to register the workload cluster in greenhouse and the management cluster. I want to be able to assign RBAC permissions towards a namespace in mgmt as well as the workload cluster.
E.g.: in our ceph use case we have a support team that needs to be admin inside the ceph clusters and able to manipulate CRD's and k8s primitives in one namespace of the mgmt cluster.
Reference Issues
No response