Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-33005 Kubernetes GA Preparation
  3. SPARK-32235

Kubernetes Configuration to set Service Account to Executors

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Minor
    • Resolution: Duplicate
    • 3.0.0
    • None
    • Kubernetes
    • None

    Description

      Some cloud providers use Service Accounts to provide resource authorization (one example is described here https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/) and for this we need to be able to set Service Accounts to the executors.

      My idea for development of this feature would be to have a configuration like "spark.kubernetes.authenticate.executor.serviceAccountName" in order to set the executors Service Account, this way it could be possible to allow only certain accesses to the driver and others to the executors or the same access (user's choice).

      I am creating this issue so the maintainers can write opinions first, but I intend to create a pull request to address this issue also.

      Attachments

        Issue Links

          is fixed by

          Sub-task - The sub-task of the issue SPARK-30122 Allow setting serviceAccountName for executor pods

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              pedro.rossi Pedro Rossi
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: