Gallardot commented on issue #16685: URL: https://github.com/apache/dolphinscheduler/issues/16685#issuecomment-2453031728
> you are generally rigth... but there are complex situation (like a bank) where hundreds of different applications will have to share the same cluster, and those cases are not manageable with an aproach "one size fits all"... they give some guidelines and let developers sort out. > > In my case, we use a DB (provided by the cloud vendor) that is connectable only via sidecar container (that work as a proxy), while another sidecar container keeps some general settings. My sidecar containers are "always on", but since the kubernetes job ends when all "main" containers are done... we have a case of "main + sidecar". > > At the moment, we are evaluating dolphin; if we'll decide to continue, I'll probably implement a variation of the current kubernetes task (maybe in the GUI we can add a selector "adavanced mode" and a wide textbox, to let the user write his own YAML file... something similar to what you did in the "cluster configuration" part). Of course, if you guide me enough, the outcome can be something solid and good enough to be pulled in your main repository... @giovannidalloglio First, I believe that this scenario makes sense and is a beneficial feature for the K8S task. However, allowing users to write the entire YAML file of a `Job` can introduce issues such as security risks and excessive flexibility, which can require a lot of work. Therefore, I propose to provide an advanced mode that allows users to write only the [initContainer](https://kubernetes.io/docs/concepts/workloads/pods/sidecar-containers/#jobs-with-sidecar-containers) sections. This is a balanced approach. This change does not greatly affect security. It's just a small number of changes. However, I still have a question: does storage need to be shared between containers, i.e., do we need to mount volumes? cc: @SbloodyS @EricGao888 @Radeity @ruanwenjun -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
