Using a webhook is really a good direction to support some unreleased Flink native k8s features. We are doing the same thing internally.
Best, Yang Bohinski, Kevin <kevin_bohin...@comcast.com> 于2020年6月29日周一 上午3:09写道: > Hi Yang, > > > > Awesome, looking forward to 1.11! > > In the meantime, we are using a mutating web hook in case anyone else is > facing this... > > > > Best, > > kevin > > > > > > *From: *Yang Wang <danrtsey...@gmail.com> > *Date: *Saturday, June 27, 2020 at 11:23 PM > *To: *"Bohinski, Kevin" <kevin_bohin...@comcast.com> > *Cc: *"user@flink.apache.org" <user@flink.apache.org> > *Subject: *[EXTERNAL] Re: Native K8S IAM Role? > > > > Hi kevin, > > > > If you mean to add annotations for Flink native K8s session pods, you > could use "kubernetes.jobmanager.annotations" > > and "kubernetes.taskmanager.annotations"[1]. However, they are only > supported from release-1.11. Maybe you could > > wait for a little bit more time, 1.11 will be released soon. And we add > more features for native K8s integration in 1.11 > > (e.g. application mode, label, annotation, toleration, etc.). > > > > > > [1]. > https://ci.apache.org/projects/flink/flink-docs-master/ops/config.html#kubernetes > <https://urldefense.com/v3/__https:/ci.apache.org/projects/flink/flink-docs-master/ops/config.html*kubernetes__;Iw!!CQl3mcHX2A!ULDBt0kuUlwSJPYMoWXSBl4cXonhzeMiAFpUtVsP4Am1G77FpT6rl8o35FxdplLVN6GdDQ$> > > > > Best, > > Yang > > > > Bohinski, Kevin <kevin_bohin...@comcast.com> 于2020年6月26日周五 上午3:09写道: > > Hi, > > > > How do we attach an IAM role to the native K8S sessions? > > > > Typically for our other pods we use the following in our yamls: > > spec: > > template: > > metadata: > > annotations: > > iam.amazonaws.com/role > <https://urldefense.com/v3/__http:/iam.amazonaws.com/role__;!!CQl3mcHX2A!ULDBt0kuUlwSJPYMoWXSBl4cXonhzeMiAFpUtVsP4Am1G77FpT6rl8o35FxdplKlhJ55SA$>: > ROLE_ARN > > > > Best > > kevin > >
