[
https://issues.apache.org/jira/browse/FLINK-38097?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kumar Mallikarjuna updated FLINK-38097:
---------------------------------------
Description:
The documentation for cluster-scoped operator
([https://nightlies.apache.org/flink/flink-kubernetes-operator-docs-main/docs/operations/rbac/#cluster-scoped-flink-operator-with-jobs-running-in-other-namespaces)|https://nightlies.apache.org/flink/flink-kubernetes-operator-docs-main/docs/operations/rbac/#cluster-scoped-flink-operator-with-jobs-running-in-other-namespaces]
uses an example that lacks the privilege for the Flink runtime to add
finalizers to task manager Pods. We need to update the role to:
{code:java}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/name: flink-kubernetes-operator
app.kubernetes.io/version: 1.0.1
name: flink
rules:
...
- apiGroups:
- apps
resources:
- deployments
- deployments/finalizers # <-- Add
verbs:
- '*'{code}
For reference, see https://issues.apache.org/jira/browse/FLINK-32103.
was:
The documentation for cluster-scoped operator
([https://nightlies.apache.org/flink/flink-kubernetes-operator-docs-main/docs/operations/rbac/#cluster-scoped-flink-operator-with-jobs-running-in-other-namespaces)|https://nightlies.apache.org/flink/flink-kubernetes-operator-docs-main/docs/operations/rbac/#cluster-scoped-flink-operator-with-jobs-running-in-other-namespaces]
uses an example that lacks the privilege for the Flink runtime to add
finalizers to task manager Pods. We need to update the role to:
{code:java}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/name: flink-kubernetes-operator
app.kubernetes.io/version: 1.0.1
name: flink
rules:
...
- apiGroups:
- apps
resources:
- deployments
- deployments/finalizers
verbs:
- '*'{code}
For reference, see https://issues.apache.org/jira/browse/FLINK-32103.
> Add finalizer to custom Role example for Cluster Scoped Flink Operator
> ----------------------------------------------------------------------
>
> Key: FLINK-38097
> URL: https://issues.apache.org/jira/browse/FLINK-38097
> Project: Flink
> Issue Type: Improvement
> Components: Documentation, Kubernetes Operator
> Affects Versions: kubernetes-operator-1.12.1
> Reporter: Kumar Mallikarjuna
> Priority: Major
> Labels: documentaion
>
> The documentation for cluster-scoped operator
> ([https://nightlies.apache.org/flink/flink-kubernetes-operator-docs-main/docs/operations/rbac/#cluster-scoped-flink-operator-with-jobs-running-in-other-namespaces)|https://nightlies.apache.org/flink/flink-kubernetes-operator-docs-main/docs/operations/rbac/#cluster-scoped-flink-operator-with-jobs-running-in-other-namespaces]
> uses an example that lacks the privilege for the Flink runtime to add
> finalizers to task manager Pods. We need to update the role to:
> {code:java}
> apiVersion: rbac.authorization.k8s.io/v1
> kind: Role
> metadata:
> labels:
> app.kubernetes.io/name: flink-kubernetes-operator
> app.kubernetes.io/version: 1.0.1
> name: flink
> rules:
> ...
> - apiGroups:
> - apps
> resources:
> - deployments
> - deployments/finalizers # <-- Add
> verbs:
> - '*'{code}
> For reference, see https://issues.apache.org/jira/browse/FLINK-32103.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
