You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2019/04/05 21:09:00 UTC

[jira] [Commented] (AIRFLOW-3274) Add run_as_user and fs_group security context options for KubernetesExecutor

    [ https://issues.apache.org/jira/browse/AIRFLOW-3274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16811257#comment-16811257 ] 

ASF subversion and git services commented on AIRFLOW-3274:
----------------------------------------------------------

Commit 9b33f9b8ec0705f354df039abf37686baeeea679 in airflow's branch refs/heads/master from Philippe Gagnon
[ https://gitbox.apache.org/repos/asf?p=airflow.git;h=9b33f9b ]

[AIRFLOW-3274] Add run_as_user and fs_group options for Kubernetes (#4648)



> Add run_as_user and fs_group security context options for KubernetesExecutor
> ----------------------------------------------------------------------------
>
>                 Key: AIRFLOW-3274
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-3274
>             Project: Apache Airflow
>          Issue Type: Improvement
>          Components: kubernetes, scheduler
>            Reporter: Philippe Gagnon
>            Priority: Major
>             Fix For: 1.10.3
>
>
> At this time it is not possible to add `run_as_user` or `fs_group` securityContext options to worker pods when using KubernetesExecutor. This makes it harder to use KubernetesExecutor on clusters with pod security policies which do not allow containers to run as root.
> I have already implemented this functionality for my internal use and will propose a PR soon.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)