Add userspace chart and docs

This allows easy creation of user namespaces with limited permissions.

cluster-readonly.yaml

@@ -0,0 +1,30 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cluster-readonly
+rules:
+- apiGroups:
+    - ""
+    - rbac.authorization.k8s.io
+    - storage.k8s.io
+    - networking.k8s.io
+    - traefik.containo.us
+  resources: 
+    - storageclasses
+  verbs: 
+    - list
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: cluster-readonly
+subjects:
+- kind: Group
+  name: user
+  apiGroup: ""
+roleRef:
+  kind: ClusterRole
+  name: cluster-readonly
+  apiGroup: ""