You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2019/04/05 21:09:00 UTC
[jira] [Commented] (AIRFLOW-3274) Add run_as_user and fs_group
security context options for KubernetesExecutor
[ https://issues.apache.org/jira/browse/AIRFLOW-3274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16811257#comment-16811257 ]
ASF subversion and git services commented on AIRFLOW-3274:
----------------------------------------------------------
Commit 9b33f9b8ec0705f354df039abf37686baeeea679 in airflow's branch refs/heads/master from Philippe Gagnon
[ https://gitbox.apache.org/repos/asf?p=airflow.git;h=9b33f9b ]
[AIRFLOW-3274] Add run_as_user and fs_group options for Kubernetes (#4648)
> Add run_as_user and fs_group security context options for KubernetesExecutor
> ----------------------------------------------------------------------------
>
> Key: AIRFLOW-3274
> URL: https://issues.apache.org/jira/browse/AIRFLOW-3274
> Project: Apache Airflow
> Issue Type: Improvement
> Components: kubernetes, scheduler
> Reporter: Philippe Gagnon
> Priority: Major
> Fix For: 1.10.3
>
>
> At this time it is not possible to add `run_as_user` or `fs_group` securityContext options to worker pods when using KubernetesExecutor. This makes it harder to use KubernetesExecutor on clusters with pod security policies which do not allow containers to run as root.
> I have already implemented this functionality for my internal use and will propose a PR soon.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)