Version 1.9. This version is no longer supported. For more information, see the version support policy. For information about how to upgrade to version 1.10, see Upgrading Anthos on bare metal in the 1.10 documentation.

Available supported versions: 1.16 | 1.15 | 1.14

RBAC permissions for system components

Anthos clusters on bare metal deploys Pods to your nodes that have elevated RBAC permissions such as the ability to modify all Deployments and to read all cluster Secrets. These permissions are required for Anthos clusters on bare metal to function correctly.

The following table lists all Anthos clusters on bare metal components with elevated permissions:

ais
anet-operator
anthos-cluster-operator
anthos-multinet-controller
cap-controller-manager
capi-controller-manager
capi-kubeadm-bootstrap-controller-manager
cdi-operator
cert-manager-cainjector
cert-manager-webhook
cert-manager
cluster-metrics-webhook
csi-snapshot-controller
istio-ingress
istiod
kube-state-metrics
localpv
metallb-controller
metrics-server-operator
metrics-server
network-controller-manager
sp-anthos-static-provisioner
stackdriver-operator
virt-api
virt-controller
virt-handler
virt-operator
vm-controller-controller-manager
vmruntime-controller-manager