Provide option for kubernetes to watch only a specific namespace (#433)

docs/k8s-deployment.yaml

@@ -6,7 +6,7 @@ metadata:
   name: mc-router
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
+kind: Role
 metadata:
   name: services-watcher
 rules:
@@ -14,11 +14,14 @@ rules:
     resources: ["services"]
     verbs: ["watch","list"]
   - apiGroups: ["apps"]
-    resources: ["statefulsets", "statefulsets/scale"]
+    resources: ["statefulsets"]
     verbs: ["watch","list","get","update"]
+  - apiGroups: ["apps"]
+    resources: ["statefulsets/scale"]
+    verbs: ["get","update"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
 metadata:
   name: mc-router-services-watcher
 subjects:
@@ -26,7 +29,7 @@ subjects:
     name: mc-router
     namespace: default
 roleRef:
-  kind: ClusterRole
+  kind: Role
   name: services-watcher
   apiGroup: rbac.authorization.k8s.io
 ---
@@ -35,7 +38,7 @@ kind: Deployment
 metadata:
   labels:
     app: mc-router
-  name: mc-router-deployment
+  name: mc-router
 spec:
   selector:
     matchLabels:
@@ -56,6 +59,11 @@ spec:
           - --api-binding
           - :8080
           - --in-kube-cluster
+        env:
+          - name: KUBE_NAMESPACE
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
         ports:
         - name: proxy
           containerPort: 25565