operator icon indicating copy to clipboard operation
operator copied to clipboard

Published 20 hours ago verified publisher icon VictoriaMetrics

[Question] Set kubernetes serviceaccount annotations used by vmagent

Open apolegoshko opened this issue 3 years ago • 2 comments

Hey there,

In AWS EKS we're using iam role annotations for kubernetes service account to provide access to aws resources. One of serviceaccounts is vmagent. We provision vmagent from vmoperator, so operator is responsible for creating vmagent related resources. After reviewing vmagent spec https://docs.victoriametrics.com/operator/api.html#vmagentspec I was not able to find how to annotate serviceaccount. So after operator creates the vmagent I have to go to the cluster and manually annotate serviceaccount and restart vmagent to apply changes.

Is it possible to annotate vmagent serviceaccount as part of provisioning by vmoperator ?

Thanks in advance.

apolegoshko avatar Oct 11 '22 08:10 apolegoshko

Hello, Only way for now, define annotations at VMAgent object. Operator propagates it to the every resource, that it creates.

E.g.

kind: VMAgent
metadata:
 name: metrics
 annotations:
     "eks-irsa-annotation": "some-arn"

Internally, we're using external service accounts and adding needed annotations to it.

f41gh7 avatar Oct 11 '22 15:10 f41gh7

So it will propagate it to deployment, serviceaccount, etc. everything that is creating by vmagent object ? Good to know, thank you. Probably we should also create serviceaccount separately. Feel free to resolve this issue.

apolegoshko avatar Oct 11 '22 15:10 apolegoshko