diff --git a/docs/features/kubernetes.rst b/docs/features/kubernetes.rst index 4ae49a93..9f8c8f9f 100644 --- a/docs/features/kubernetes.rst +++ b/docs/features/kubernetes.rst @@ -14,7 +14,7 @@ Then add the following to your ConfigureServices method. s.AddOcelot() .AddKubernetes(); -If you have services deployed in kubernetes you will normally use the naming service to access them. +If you have services deployed in kubernetes you will normally use the naming service to access them. Default usePodServiceAccount = True, which means that ServiceAccount using Pod to access the service of the k8s cluster needs to be ServiceAccount based on RABC authorization .. code-block::csharp public static class OcelotBuilderExtensions @@ -22,15 +22,11 @@ If you have services deployed in kubernetes you will normally use the naming ser public static IOcelotBuilder AddKubernetes(this IOcelotBuilder builder, bool usePodServiceAccount = true); } -Default usePodServiceAccount = True, which means that ServiceAccount using Pod to access the service of the k8s cluster needs to be ServiceAccount based on RABC authorization, you can replicate a Permissive. Using RBAC role bindings. -`Permissive RBAC Permissions `, k8s api server and token will read from pod . +You can replicate a Permissive. Using RBAC role bindings. +`Permissive RBAC Permissions `_, k8s api server and token will read from pod . .. code-block::json -kubectl create clusterrolebinding permissive-binding \ - --clusterrole=cluster-admin \ - --user=admin \ - --user=kubelet \ - --group=system:serviceaccounts +kubectl create clusterrolebinding permissive-binding --clusterrole=cluster-admin --user=admin --user=kubelet --group=system:serviceaccounts The following example shows how to set up a ReRoute that will work in kubernetes. The most important thing is the ServiceName which is made up of the kubernetes service name. We also need to set up the ServiceDiscoveryProvider in GlobalConfiguration. The example here shows a typical configuration.