Add RBAC

[clockworksoul]

Pointed out over at pires/kubernetes-elasticsearch-cluster#140.

Per that issue:

RBAC is now default and will be much more prominent in kube 1.8. Can you provide the RBAC yaml for this elastic search cluster?

This should include a version conditional however, so that the installation doesn't fail if RBAC is not enabled.

[sagikazarmark]

I would probably provide an opt-in for those who are still on k8s <1.8 and use RBAC.

[clockworksoul]

My working version includes the following values:

# If RBAC is enabled, a ClusterRole and ClusterRoleBinding will be created.
rbac:
  enabled: false

  # RBAC API version (currently v1, v1beta1, v1alpha1)
  apiVersion: "v1beta1"

Is this the kind of thing you have in mind?

[mikn]

@clockworksoul I would recommend using a method similar to the one used here: https://github.com/clockworksoul/helm-elasticsearch/blob/master/templates/_helpers.tpl#L21
to detect the version to use, rather than having the user themselves specify the intended API version. :)
Or even better, you could use the example here: https://docs.helm.sh/chart_template_guide/#built-in-objects
and do something like:

{{ if Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
$rbacApiVersion := "rbac.authorization.k8s.io/v1"
[...]

etc. I have however never tried this myself, but it seems like a very canonical way of doing it.

[clockworksoul]

@mikn Thanks! I'll do exactly that!