search

dragonflydb / dragonfly-operator

A Kubernetes operator to install and manage Dragonfly instances.
https://www.dragonflydb.io/docs/managing-dragonfly/operator/installation
Apache License 2.0
146 stars 34 forks source link

Set podSecurityContext for the dragonfly custom resource #229

Open sisrael-dn opened 3 months ago

sisrael-dn commented 3 months ago

Hello,

Right now the dragonfly crd doesn't seem to support setting any podSecurityContext (correct me if I'm wrong) which will be passed for the pods running dragonfly. Would it it possible to add this please?

So We can create for example something like:

apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
  labels:
    app.kubernetes.io/name: dragonfly-sample
    app.kubernetes.io/instance: dragonfly
    app.kubernetes.io/part-of: dragonfly-operator
    app.kubernetes.io/managed-by: helm
    app.kubernetes.io/created-by: dragonfly-operator
  name: dragonfly-sample
spec:
  podSecurityContext:
    capabilities:
      add: ["IPC_LOCK"]
Pothulapati commented 3 months ago

Hey @sisrael-dn, You are right that we don't support setting podSecurityContext through Dragonfly resource for Dragonfly pods.

This isn't a high priority right now, Can you raise a PR to add this configuration into https://github.com/dragonflydb/dragonfly-operator/blob/main/api/v1alpha1/dragonfly_types.go#L28

sisrael-dn commented 3 months ago

Hi @Pothulapati , I understand, thank you for pointing me to the right place to add it. I'll try to raise a PR as suggested when I'll have some free time (:

jonathon2nd commented 1 day ago

This will be needed to fix Weird error 1 switching to epoll

https://github.com/dragonflydb/dragonfly/issues/4042

Or maybe not? image