Dylan Meissner created FLINK-29131:
--------------------------------------
Summary: Kubernetes operator webhook can use hostPort
Key: FLINK-29131
URL: https://issues.apache.org/jira/browse/FLINK-29131
Project: Flink
Issue Type: Improvement
Components: Kubernetes Operator
Affects Versions: kubernetes-operator-1.1.0
Reporter: Dylan Meissner
When running Flink operator on EKS cluster with Calico networking the
control-plane (managed by AWS) cannot reach the webhook. Requests to create
Flink resources fail with {_}Address is not allowed{_}.
To support this scenario with the Helm chart make changes so that we can
* Specify a hostPort value for the webhook
* Name the port that the webhook listens on
* Use the named port in the webhook service
* Add a "use" pod security policy verb to cluster role that allows hostPort
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
