Merge pull request #8126 from enj/enj/i/disable_daemonset_carry/1536304,1501514

Undo changes to daemonset RBAC docs

Author: ahardin-rh

admin_guide/manage_rbac.adoc

@@ -712,6 +712,25 @@ Subjects:
 
 
 ifdef::openshift-enterprise,openshift-origin,atomic-registry[]
+[[admin-guide-granting-users-daemonset-permissions]]
+== Granting Users Daemonset Permissions
+
+By default, project developers do not have the permission to create
+xref:../dev_guide/daemonsets.adoc#dev-guide-daemonsets[daemonsets]. As a cluster
+administrator, you can grant them the abilities.
+
+. Create the cluster role:
++
+----
+$ oc create clusterrole daemonset-admin --verb=create,delete,get,list,update,watch --resource=daemonsets.extensions
+----
+
+. Create the local role binding:
++
+----
+$ oc adm policy add-role-to-user daemonset-admin <user>
+----
+
 [[creating-local-role]]
 == Creating a Local Role
 

dev_guide/daemonsets.adoc

@@ -24,6 +24,13 @@ For more information on daemonsets, see the link:http://kubernetes.io/docs/admin
 [[dev-guide-creating-daemonsets]]
 == Creating Daemonsets
 
+[IMPORTANT]
+====
+Before creating daemonsets, ensure you have been
+xref:../admin_guide/manage_rbac.adoc#admin-guide-granting-users-daemonset-permissions[given
+the required role by your {product-title} administrator].
+====
+
 When creating daemonsets, the `*nodeSelector*` field is used to indicate the
 nodes on which the daemonset should deploy replicas.