[FLINK-24212] kerberos krb5.conf file is mounted as empty directory, not the expected file - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.14.0, 1.15.0
Fix Version/s: 1.14.0, 1.15.0
Component/s: Deployment / Kubernetes
Labels:
- pull-request-available

Description

From ~~FLINK-18971~~，we can mount kerberos krb5 conf file to pod with path /etc/krb5.conf，however if the krb5 conf file is not named krb5.conf (e.g named mykrb5.conf)，the mount path /etc/krb5.conf in pod will be an empty directory, not a file that we expect.

root@mykrb5-conf-test-6dd5c76f87-vfwh5:/# ls /etc/krb5.conf/ -la
total 8
drwxrwxrwx 2 root root 4096 Sep  8 10:42 .
drwxr-xr-x 1 root root 4096 Sep  8 10:42 ..

The reason is that, the code in KerberosMountDecrator#decroateFlinkPod, we create the deployment like this:

...
        volumeMounts:
        - mountPath: /etc/krb5.conf
          name: my-krb5conf-volume
          subPath: krb5.conf    
...
      volumes:
      - configMap:
          defaultMode: 420
          items:
          - key: mykrb5.conf
            path: mykrb5.conf
          name: my-krb5conf
        name: my-krb5conf-volume

path value should be set to const value "krb5.conf", not the file name that user provide (path: mykrb5.conf).

we can use the yaml description file attachment to reproduce the problem. mykrb5conf.yaml

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

mykrb5conf.yaml
08/Sep/21 11:10
2 kB
LiuZeshan

Issue Links

links to

GitHub Pull Request #17198

Activity

People

Assignee:: LiuZeshan

Reporter:: LiuZeshan

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 08/Sep/21 11:10

Updated:: 30/Nov/21 20:37

Resolved:: 14/Sep/21 01:59