Create RBAC role YAMLs and documentation #500
Comments
|
@foxish @kimoonkim Regarding RBAC roles for the RSS and shuffle service, is there any customization needed or they are well taken care of by the default role/service account used by the pods of them? AFAIK, none of them need write access the API server. Correct me if I'm wrong. |
|
One thing that jumps out to me. The shuffle service relies on |
|
@kimoonkim I also found this doc, which also seems related. |
|
Ah. That doc seems very relevant. Thanks for sharing it! |
|
Probably not the scope of this issue. But I was wondering if we should also think about human accounts and the role bindings they need to run Spark jobs and these other services. I am personally using the cluster admin account for myself, but not every user will have access to that in a large org. |
|
I agree that we should think about non-admin user account, which is likely much more common in production environment in large clusters. |
This PR reverts back to using Scala 2.11 * Revert "Fix distribution publish to scala 2.12 apache-spark-on-k8s#478" * Revert "[SPARK-25956] Make Scala 2.12 as default Scala version in Spark 3.0"
We need RBAC roles associated with each component - shuffle service, RSS.
Also, need instructions to setup service accounts for driver and executor pods.
The text was updated successfully, but these errors were encountered: