potiuk commented on PR #35748:
URL: https://github.com/apache/airflow/pull/35748#issuecomment-1819032429
I think we have ways to generate different resources for 1.28+ . I believe
helm takes K8s version into account when generating resources. Look in our
chart I think we have a few cases of that
I also think native sidecar is the long term way to go. It's been long time
in the making - KEP for it has been discussed for 3 years at least - and it
handles many edge cases and hides a lot of complexity under the hood of simple
label.
Also the 1) case is complex to develop and has limitations - need to open
TCP/IP port or having write access from airflow components to the shared
filesystem also impact security properties of this setup. Currently you just
need read access from worker side to the filesystem abnd you do not need
TCP/iP connection - so both proposals are also weakening the isolation (though
not as much as shared process does). So I'd say we should treat native
side-containers as THE solution and the others are merely workarounds for
versions of kubernwtes that do not have native side containers yet.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
