Hi Are there any instructions on how to add an additional k8 Flyte #ask-the-community

Hi! Are there any instructions on how to add an ad...

Derek Yu

05/04/2023, 2:18 PM

Hi! Are there any instructions on how to add an additional k8s resource in the gcp values

templates

section here? I tried adding a

rolebinding

resource, but it didn't work. Not sure if there's a special naming convention for the key, or some missing permissions perhaps.

Derek Yu

05/04/2023, 2:32 PM

I've searched slack, and see I may need to add rbac rules in the values file to allow the "cluster resource manager" to allow it to provision things?

Samhita Alla

05/05/2023, 2:10 PM

cc @jeev / @Yee

jeev

05/05/2023, 2:46 PM

rolebindings should be allowed according to this: https://github.com/flyteorg/flyte/blob/c66d37ca9fce42ffb4a0c1550583665873862b0a/charts/flyte-core/templates/admin/rbac.yaml#L37 what serviceaccount is the cluster resource manager using?

Derek Yu

05/14/2023, 5:50 AM

@jeev is the cluster resource manager running in flyteadmin? I see flyteadmin is using a service account bound to the clusterrole you linked above

Derek Yu

05/14/2023, 5:51 AM

Also, wondering if the template key names have some naming convention that needs to be followed..notice there is "aa_, or ab_" etc prefixes

jeev

05/14/2023, 5:58 AM

there is an option to run it standalone or part of flyteadmin i believe. the naming convention is for sorting purposes. if you don't care about order of creation, it shouldnt matter.

Derek Yu

05/14/2023, 7:27 AM

ah okay I found the issue, the cluster resource manager was trying to create a rolebinding with a role which it didn't have access to. The creation of the rolebinding worked after I gave the flyteadmin sa access to the relevant role. Thanks for your help @jeev

150 Views

Open in Slack

Previous Next