Document URL: https://docs.openshift.com/container-platform/3.7/admin_guide/manage_rbac.html#admin-guide-granting-users-daemonset-permissions and https://docs.openshift.com/container-platform/3.9/admin_guide/manage_rbac.html#admin-guide-granting-users-daemonset-permissions Section Number and Name: Cluster Administration/Managing Role-based Access Control (RBAC)/Granting Users Daemonset Permissions Describe the issue: The cluster role example is missing the verb 'patch'. Without patch, the user will not be able to successfully do 'oc edit daemonset' which presumably is the intended way of editing the daemonsets. Suggestions for improvement: <code> oc create clusterrole daemonset-admin --verb=create,delete,get,list,update,watch --resource=daemonsets.extensions </code> Should be: <code> oc create clusterrole daemonset-admin --verb=create,delete,get,list,update,watch,patch --resource=daemonsets.extensions </code> Also, it would be nice if this section contained a third step that showed the full oc edit daemonset command. Eg: <code> oc edit daemonset <daemonset_name> </code> Additional information:
This section was removed from 3.9, so it applies to only 3.7.
David and I had a chat over email, and I understand the request for `oc edit daemonset <daemonset_name>`. @Chuan Yu, I have a few questions. 1) Do you think that it's appropriate to add `oc edit daemonset <daemonset_name>` to https://docs.openshift.com/container-platform/3.7/dev_guide/daemonsets.html? That topic makes it sound like you'd need to edit the daemonset, delete the existing pods/nodes, and make new ones to apply the change. 2) Does the change on this PR look good to you: https://github.com/openshift/openshift-docs/pull/9701
1) Yes, add and patch should be same operation to the resource, leave the patch here is OK. 2) The changes LGTM.
Thank you very much! I merged the change and am waiting for it to go live.
This change is live on docs.openshift: https://docs.openshift.com/container-platform/3.7/admin_guide/manage_rbac.html#admin-guide-granting-users-daemonset-permissions And on the portal: https://access.redhat.com/documentation/en-us/openshift_container_platform/3.7/html-single/cluster_administration/#admin-guide-granting-users-daemonset-permissions