[Enhancement]: Support HostPath as a Volume for KafkaConnect #10688
Comments
|
Can you elaborate more on the use case? How it will be used, what will it enable etc.? Also, do you understand that the hostpath will be the same in every single pod? |
|
Also, can't you already do it through PV and PVC? Create a hostPath PV, PVC to map to the PV and moount the PVC into the Pods? Or does this not work for some reason? |
We are using spire agent to generate attestable workload identities for security reasons. So in this case, as illustrated in the figure above, spire-agent is deployed as DaemonSet and exposes API via Unix Domain Socket. For the Kafka Connect pod, we need UDS mounted from the host path. An example, apiVersion: apps/v1
kind: Deployment
metadata:
name: ft-connect-cluster-connect
namespace: strimzi
spec:
template:
spec:
containers:
- volumeMounts:
- mountPath: /run/spire/sockets
name: ext-conf-spire-volume
volumes:
- hostPath:
path: /run/spire/sockets
type: ''
name: ext-conf-spire-volume
Sure. In the case described above, all pods on the same node will call the same UDS deployed on this given node. |
|
The diagram shows Envoy running in the Pod and consuming it. So how will you get it there? We do not support that. Also, what about using the host path through the PV? |
|
Triaged on 17/10/2024: @lujiajing1126 we would like to understand the use case better, if you are facing any additional issues, limitations and why the Jakub's suggestion would not work in your case. |
Related problem
In the current
AdditionalVolumeimplementation, onlySecret,ConfigMap,EmptyDirand PVC are supported. In some cases, for example,spiffe(https://spiffe.io/) needs UDS for communication between DaemonSet pod and application pod, e.g. KafkaConnect pod.Suggested solution
Add
HostPathsupport to the AdditionalVolume and related utils.Alternatives
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: