search

GoogleCloudPlatform / flink-on-k8s-operator

[DEPRECATED] Kubernetes operator for managing the lifecycle of Apache Flink and Beam applications.
Apache License 2.0
658 stars 265 forks source link

How to run JobManager and TaskManager pods as the flink user? #312

Closed a-roberts closed 4 years ago

a-roberts commented 4 years ago

Hey everyone, I can specify a security context using the Job CR great, e.g.


apiVersion: batch/v1
kind: Job
metadata:
  name: sample-job
spec:
  template:
    spec:
      # Run as flink user
      securityContext:
        runAsUser: 9999
        runAsGroup: 9999
      containers:

how can I do this for the JobManager/TaskManager in our FlinkCluster CR please? I've tried it in this format (spec.template.spec), and just under spec (at the FlinkCluster level), and also by adding the securityContext under jobManager and taskManager under its definition in the FlinkCluster.

Thanks!

thebalu commented 4 years ago

Hi, I would be interested in solving this. I have a prototype solution that exposes the setting of SecurityContexts for JM, TM and Job pods through the relevant portions of the FlinkClusterSpec. I have some questions about the process of contributing to this project, I'd like to get in touch with the maintainers if possible.