From b2346cdaec9899bd472a28b6c3a4e68fb999eba3 Mon Sep 17 00:00:00 2001
From: Mohamed Zaian <mohamedzaian@gmail.com>
Date: Mon, 6 Jun 2022 16:34:37 +0200
Subject: [PATCH] [feat] Upgrade metrics server to v0.6.1 (#8909)

* Metrics Server now requires access to nodes/metrics RBAC resource instead of nodes/stats. See: https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.0
* Minimize rbac permissions.
---
 roles/download/defaults/main.yml                              | 2 +-
 .../metrics_server/templates/resource-reader.yaml.j2          | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index f011a949c..f9b68664d 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -1012,7 +1012,7 @@ dnsautoscaler_image_tag: "{{ dnsautoscaler_version }}"
 
 registry_image_repo: "{{ docker_image_repo }}/library/registry"
 registry_image_tag: "2.7.1"
-metrics_server_version: "v0.5.2"
+metrics_server_version: "v0.6.1"
 metrics_server_image_repo: "{{ kube_image_repo }}/metrics-server/metrics-server"
 metrics_server_image_tag: "{{ metrics_server_version }}"
 local_volume_provisioner_image_repo: "{{ kube_image_repo }}/sig-storage/local-volume-provisioner"
diff --git a/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2
index c3e085c72..3d9ea8118 100644
--- a/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2
+++ b/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2
@@ -10,9 +10,7 @@ rules:
     resources:
       - pods
       - nodes
-      - nodes/stats
-      - namespaces
-      - configmaps
+      - nodes/metrics
     verbs:
       - get
       - list
-- 
GitLab