k8s icon indicating copy to clipboard operation
k8s copied to clipboard

Published 20 hours ago verified publisher icon portainer

Portainer server ServiceAccount

Open tmarback opened this issue 11 months ago • 1 comments

Hello,

I noticed that, with the manifests (or the Helm template) in this repository, the pods for the Portainer server mount a service account with cluster-admin access. However, if I understand correctly, all interactions that Portainer has with Kubernetes are done through the agent, not directly by the server. Is there a reason why the server's pods also need cluster admin access to run?

tmarback avatar Apr 02 '24 08:04 tmarback

Don't need an agent to manage the cluster where Portainer Server is running. Only need to deploy agents to clusters other clusters that you would need to manage.

samdulam avatar Apr 08 '24 09:04 samdulam