Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.14.0, 1.15.0
Description
From FLINK-18971,we can mount kerberos krb5 conf file to pod with path /etc/krb5.conf,however if the krb5 conf file is not named krb5.conf (e.g named mykrb5.conf),the mount path /etc/krb5.conf in pod will be an empty directory, not a file that we expect.
root@mykrb5-conf-test-6dd5c76f87-vfwh5:/# ls /etc/krb5.conf/ -la total 8 drwxrwxrwx 2 root root 4096 Sep 8 10:42 . drwxr-xr-x 1 root root 4096 Sep 8 10:42 ..
The reason is that, the code in KerberosMountDecrator#decroateFlinkPod, we create the deployment like this:
... volumeMounts: - mountPath: /etc/krb5.conf name: my-krb5conf-volume subPath: krb5.conf ... volumes: - configMap: defaultMode: 420 items: - key: mykrb5.conf path: mykrb5.conf name: my-krb5conf name: my-krb5conf-volume
path value should be set to const value "krb5.conf", not the file name that user provide (path: mykrb5.conf).
we can use the yaml description file attachment to reproduce the problem. mykrb5conf.yaml
Attachments
Attachments
Issue Links
- links to