Fix node authorization for cloudprovider installs (#1794)

In 1.8, the Node authorization mode should be listed first to allow kubelet to access secrets. This seems to only impact environments with cloudprovider enabled.
2026-01-31 17:19:17 -03:30 · 2017-10-14 11:28:46 +01:00
parent 2972bceb90
commit 92d038062e
2 changed files with 5 additions and 4 deletions
--- a/docs/vars.md
+++ b/docs/vars.md
@@ -72,8 +72,9 @@ following default cluster paramters:
  alpha/experimental Kubernetes features. (defaults is `[]`)
 * *authorization_modes* - A list of [authorization mode](
 https://kubernetes.io/docs/admin/authorization/#using-flags-for-your-authorization-module)
-  that the cluster should be configured for. Defaults to `['RBAC', 'Node']` (RBAC and Node authorizers).
-  Note: `RBAC` is enabled by default. Previously deployed clusters can be
+  that the cluster should be configured for. Defaults to `['Node', 'RBAC']`
+  (Node and RBAC authorizers).
+  Note: `Node` and `RBAC` are enabled by default. Previously deployed clusters can be
  converted to RBAC mode. However, your apps which rely on Kubernetes API will
  require a service account and cluster role bindings. You can override this
  setting by setting authorization_modes to `[]`.