RBAC support?

[vmrob]

I set up RBAC support over at https://github.com/bittorrent/kubernetes-graphite-cluster/commit/ca441f7d4639bb3f74946d747aca6fc367b56985 along with a change to use EBS as our EFS volumes didn't have enough io.

Is there any interest in formatting the RBAC portions of that commit into a PR? If so, I would be happy to do so.

[erez-rabih]

Hi @vmrob thanks for bringing this up. A few questions/thoughts:

1. The PVC (Persistent volume claims) type is empty hence it's supposed to take the default storage type for the cluster. On the cluster I use on AWS it is an EBS volume not EFS. I wonder why your default is different but it might be a good idea to explicitly state the storage type.
2. The storage size is now an environment variable so this change is not needed.

I haven't dealt with K8s RBAC before so please explain

1. What are the benefits here? Does it only narrow the permissions the StatefulSet pods have to query the K8s API?
2. I am pretty sure RBAC was added on 1.6 right? If so, what will happen to 1.5.X clusters?

[erez-rabih]

closed by #23