Github user vanzin commented on a diff in the pull request: https://github.com/apache/spark/pull/22911#discussion_r233643587 --- Diff: resource-managers/kubernetes/core/src/main/scala/org/apache/spark/deploy/k8s/features/BasicExecutorFeatureStep.scala --- @@ -144,6 +144,10 @@ private[spark] class BasicExecutorFeatureStep( .addToLimits("memory", executorMemoryQuantity) .addToRequests("cpu", executorCpuQuantity) .endResources() + .addNewEnv() + .withName(ENV_SPARK_USER) --- End diff -- If you don't do this, whatever is the OS user in the container will become the identity used to talk to Hadoop services (when kerberos is not on). In YARN, for example, that would be the "yarn" user. In k8s, with the current image, that would be "root". You probably don't want that by default. We're talking about non-secured Hadoop here, so users can easily override this stuff, but by default let's at least try to identify the user correctly.
--- --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org