[jira] [Comment Edited] (SPARK-24232) Allow referring to kubernetes secrets as env variable

Fri, 11 May 2018 13:13:22 -0700 

    [ 
https://issues.apache.org/jira/browse/SPARK-24232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16472572#comment-16472572
 ] 

Stavros Kontopoulos edited comment on SPARK-24232 at 5/11/18 8:12 PM:
----------------------------------------------------------------------

Ok I understand that need for users not to be surprised or we shouldnt break 
UX. A name though like spark.kubernetes.driver.secretKeyRef.SomeName is not 
self-explanatory as it does not add much from a semantics perspective compared 
to spark.kubernetes.driver.secrets.SomeName. I know secretKeyRef is used also 
in the Pods spec for env secrets, but personally I dont see it really that 
readable, but ok for people used to k8s might ring a bell fast ;) . Btw yeah 
executor secrets need fix as well. Will proceed with a new property, thanx.


was (Author: skonto):
Ok I understand that need for users not to be surprised or we shouldnt break 
UX. A name though like spark.kubernetes.driver.secretKeyRef.SomeName is not 
self-explanatory as it does not add much from a semantics perspective compared 
to spark.kubernetes.driver.secrets.SomeName. I know secretKeyRef is used also 
in the Pods spec for env secrets, but personally I dont see it really that 
readable, but ok for people used to k8s might ring a bell fast ;) . Btw yeah 
executor secrets need fix as well. Will proceed with a new property.

> Allow referring to kubernetes secrets as env variable
> -----------------------------------------------------
>
>                 Key: SPARK-24232
>                 URL: https://issues.apache.org/jira/browse/SPARK-24232
>             Project: Spark
>          Issue Type: New Feature
>          Components: Kubernetes
>    Affects Versions: 2.3.0
>            Reporter: Dharmesh Kakadia
>            Priority: Major
>
> Allow referring to kubernetes secrets in the driver process via environment 
> variables. This will allow developers to use secretes without leaking them in 
> the code and at the same time secrets can be decoupled and managed 
> separately. This can be used to refer to passwords, certificates etc while 
> talking to other service (jdbc passwords, storage keys etc).
> So, at the deployment time, something like 
> ``spark.kubernetes.driver.secretKeyRef.[EnvName]=<key>`` can be specified 
> which will make [EnvName].[key] available as an environment variable and in 
> the code its always referred as env variable [key].



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

Reply via email to