You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@flink.apache.org by "Dylan Meissner (Jira)" <ji...@apache.org> on 2022/08/29 13:13:00 UTC
[jira] [Created] (FLINK-29131) Kubernetes operator webhook can use hostPort
Dylan Meissner created FLINK-29131:
--------------------------------------
Summary: Kubernetes operator webhook can use hostPort
Key: FLINK-29131
URL: https://issues.apache.org/jira/browse/FLINK-29131
Project: Flink
Issue Type: Improvement
Components: Kubernetes Operator
Affects Versions: kubernetes-operator-1.1.0
Reporter: Dylan Meissner
When running Flink operator on EKS cluster with Calico networking the control-plane (managed by AWS) cannot reach the webhook. Requests to create Flink resources fail with {_}Address is not allowed{_}.
To support this scenario with the Helm chart make changes so that we can
* Specify a hostPort value for the webhook
* Name the port that the webhook listens on
* Use the named port in the webhook service
* Add a "use" pod security policy verb to cluster role that allows hostPort
--
This message was sent by Atlassian Jira
(v8.20.10#820010)