banzai-charts icon indicating copy to clipboard operation
banzai-charts copied to clipboard

Published 20 hours ago verified publisher icon banzaicloud

Unable to use secret that contains files in K8s

Open NGL91 opened this issue 4 years ago • 0 comments

Describe the bug

It seems to be unable for working with secret contain files in K8S

Steps to reproduce the issue:

In GCP k8s cluster, create a secret that contains the google cloud service account file https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-files-from-a-pod Screen Shot 2020-11-23 at 14 00 14

Install helm chart https://artifacthub.io/packages/helm/banzaicloud-stable/spark-hs with sparkEventLogStorage.secretName point to newly created secret

Expected behavior

New spark-hs service failed to read /opt/spark/conf/secret/google.json

Screen Shot 2020-11-23 at 14 01 35

Additional context

If I change manually in the template deployment from

- name: secret-volume
    mountPath: /opt/spark/conf/secret/google.json
    subPath: google.json

to

- name: secret-volume
 mountPath: /opt/spark/conf/secret/
 readOnly: true

The files from secret are created

NGL91 avatar Nov 23 '20 07:11 NGL91