Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Allow using existing different namespaces for different users
See original GitHub issueProposed change
As of now, kubespawner uses one namespace for all user pods. It’ll be great to allow using different namespaces based on the username. So users can do additional things in their namespaces (attaching existing PVCs in the namespaces …etc)
Alternative options
NA
Who would use this feature?
Lot of enterprises will benefit from this feature as allocating different namespaces to different teams is a common practice in kubernetes and resources in existing namespaces can be effectively used.
Suggest a solution
It will be great if we can given an option to change the namespace based on the username in the pre_spawn_hook or any other equivalent.
Sample Code:
from subprocess import check_call
def my_hook(spawner):
username = spawner.user.name
spawner.namespace = "dev_namespace" if username == "dev_user" else "prod_namespace"
c.Spawner.pre_spawn_hook = my_hook
Issue Analytics
- State:
- Created 3 years ago
- Comments:7 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
At my site, we do create per-namespace serviceaccounts. On my medium-term roadmap is to make a configurable way to specify K8s resources that ride along with each user pod. We use a pre-spawn hook and some additional yaml to create those resources right now.
@praveenkanamarlapudi I’m also facing the same use case, we want to create pods per namespace(which is equal to a group of users) I added namespace selection in the form, and changed the spawner namespace to the selected namespace.
This worked, but it threw exception on missing serviceaccount on that namespace.
error looking up service account <NAMESPACE_CHOOSEN>/<SERVICE_ACCOUNT_NAME>: serviceaccount \"<SERVICE_ACCOUNT_NAME>\" not found"did you create a serviceaccount on all desired namespaces? I don’t understand the logic being it, why would I must have a serviceaccount under each namespace?
P.S I saw in docs:
This serviceaccount must already exist in the namespace the user pod is being spawned in.which validates my assumption that I need to create a serviceaccount for each namespace.
Is there a work around to it perhaps ? I don’t want to remember to create a service account for every new namespace we are creating.
@minrk @athornton I saw you guys worked on multiple user namespaces, which is similar idea maybe you have an idea.
Thanks