Open juliusvonkohout opened 1 week ago
master
@rimolive do you remember who wanted to help with the spark operator? I think the main problem is that
it does not work with istio "sidecar.istio.io/inject": "true" https://github.com/kubeflow/manifests/blob/73cbecfe604e84dfc7c0851630a6eb5733022dea/contrib/spark/sparkapplication_example.yaml#L24C7-L24C41
We are missing a securitycontext in https://github.com/kubeflow/manifests/blob/73cbecfe604e84dfc7c0851630a6eb5733022dea/contrib/spark/sparkapplication_example.yaml and it should be upstreamed to the spark repository
securityContext: capabilities: drop: - ALL runAsUser: 185 runAsGroup: 0 runAsNonRoot: true allowPrivilegeEscalation: false seccompProfile: type: RuntimeDefault
We need to add runAsGroup:0 or 185 in the securitycontext of https://github.com/kubeflow/manifests/blob/master/contrib/spark/spark-operator/base/kustomization.yaml and we need to upstream it
We need a synchronization script in /hack derived from the current makefile
CC @GezimSejdiu
juliusvonkohout
commented
1 week ago juliusvonkohout
commented
1 week ago
Validation Checklist
Version
master
Describe your issue
@rimolive do you remember who wanted to help with the spark operator? I think the main problem is that
it does not work with istio "sidecar.istio.io/inject": "true" https://github.com/kubeflow/manifests/blob/73cbecfe604e84dfc7c0851630a6eb5733022dea/contrib/spark/sparkapplication_example.yaml#L24C7-L24C41
We are missing a securitycontext in https://github.com/kubeflow/manifests/blob/73cbecfe604e84dfc7c0851630a6eb5733022dea/contrib/spark/sparkapplication_example.yaml and it should be upstreamed to the spark repository
We need to add runAsGroup:0 or 185 in the securitycontext of https://github.com/kubeflow/manifests/blob/master/contrib/spark/spark-operator/base/kustomization.yaml and we need to upstream it
We need a synchronization script in /hack derived from the current makefile