(DEPRECATED) Apache Flink User Mailing List archive.

Re: Native K8S IAM Role?

Classic

List

Threaded

3 messages Options

Yang Wang

Re: Native K8S IAM Role?

Hi kevin,

If you mean to add annotations for Flink native K8s session pods, you could use "kubernetes.jobmanager.annotations"

and "kubernetes.taskmanager.annotations"[1]. However, they are only supported from release-1.11. Maybe you could

wait for a little bit more time, 1.11 will be released soon. And we add more features for native K8s integration in 1.11

(e.g. application mode, label, annotation, toleration, etc.).

[1]. https://ci.apache.org/projects/flink/flink-docs-master/ops/config.html#kubernetes

Best,

Yang

Bohinski, Kevin <[hidden email]> 于2020年6月26日周五上午3:09写道：

Hi,

How do we attach an IAM role to the native K8S sessions?

Typically for our other pods we use the following in our yamls:

spec:

template:

    metadata:

      annotations:

        iam.amazonaws.com/role: ROLE_ARN

Best

kevin

Re: [EXTERNAL] Re: Native K8S IAM Role?

Hi Yang,

Awesome, looking forward to 1.11!

In the meantime, we are using a mutating web hook in case anyone else is facing this...

Best,

kevin

From: Yang Wang <[hidden email]>
Date: Saturday, June 27, 2020 at 11:23 PM
To: "Bohinski, Kevin" <[hidden email]>
Cc: "[hidden email]" <[hidden email]>
Subject: [EXTERNAL] Re: Native K8S IAM Role?

Hi kevin,

If you mean to add annotations for Flink native K8s session pods, you could use "kubernetes.jobmanager.annotations"

and "kubernetes.taskmanager.annotations"[1]. However, they are only supported from release-1.11. Maybe you could

wait for a little bit more time, 1.11 will be released soon. And we add more features for native K8s integration in 1.11

(e.g. application mode, label, annotation, toleration, etc.).

[1]. https://ci.apache.org/projects/flink/flink-docs-master/ops/config.html#kubernetes

Best,

Yang

Bohinski, Kevin <[hidden email]> 于2020年6月26日周五上午3:09写道：

Hi,

How do we attach an IAM role to the native K8S sessions?

Typically for our other pods we use the following in our yamls:

spec:

template:

    metadata:

      annotations:

        iam.amazonaws.com/role: ROLE_ARN

Best

kevin

Yang Wang

Re: [EXTERNAL] Re: Native K8S IAM Role?

Using a webhook is really a good direction to support some unreleased Flink native

k8s features. We are doing the same thing internally.

Best,

Yang

Bohinski, Kevin <[hidden email]> 于2020年6月29日周一上午3:09写道：

Hi Yang,

Awesome, looking forward to 1.11!

In the meantime, we are using a mutating web hook in case anyone else is facing this...

Best,

kevin

From: Yang Wang <[hidden email]>
Date: Saturday, June 27, 2020 at 11:23 PM
To: "Bohinski, Kevin" <[hidden email]>
Cc: "[hidden email]" <[hidden email]>
Subject: [EXTERNAL] Re: Native K8S IAM Role?

Hi kevin,

If you mean to add annotations for Flink native K8s session pods, you could use "kubernetes.jobmanager.annotations"

and "kubernetes.taskmanager.annotations"[1]. However, they are only supported from release-1.11. Maybe you could

wait for a little bit more time, 1.11 will be released soon. And we add more features for native K8s integration in 1.11

(e.g. application mode, label, annotation, toleration, etc.).

[1]. https://ci.apache.org/projects/flink/flink-docs-master/ops/config.html#kubernetes

Best,

Yang

Bohinski, Kevin <[hidden email]> 于2020年6月26日周五上午3:09写道：

Hi,

How do we attach an IAM role to the native K8S sessions?

Typically for our other pods we use the following in our yamls:

spec:

template:

    metadata:

      annotations:

        iam.amazonaws.com/role: ROLE_ARN

Best

kevin