diff --git a/docs/source/operators/deploy-kubernetes.md b/docs/source/operators/deploy-kubernetes.md index 48b3aaf0e..5145d2ac4 100644 --- a/docs/source/operators/deploy-kubernetes.md +++ b/docs/source/operators/deploy-kubernetes.md @@ -488,11 +488,12 @@ can override them with helm's `--set` or `--values` options. Always use `--set` | `authToken` | Optional authorization token passed in all requests (see --EnterpriseGatewayApp.auth_token) | `nil` | | `kernel.clusterRole` | Kernel cluster role created by this chart. Used if no KERNEL_NAMESPACE is provided by client. | `kernel-controller` | | `kernel.shareGatewayNamespace` | Will start kernels in the same namespace as EG if True. | `false` | +| `kernel.defaultServiceAccountName` | Service account name to use for kernel pods when no service account is specified. This service account should exist in the namespace where kernel pods are launched. | `default` | | `kernel.launchTimeout` | Timeout for kernel launching in seconds. | `60` | | `kernel.cullIdleTimeout` | Idle timeout in seconds. Default is 1 hour. | `3600` | | `kernel.cullConnected` | Whether to cull idle kernels that still have clients connected. | `false` | | `kernel.allowedKernels` | List of kernel names that are available for use. | `{r_kubernetes,...}` (see `values.yaml`) | -| `kernel.defaultKernelName` | Default kernel name should be something from the allowedKernels | `python-kubernetes` | +| `kernel.defaultKernelName` | Default kernel name should be something from the allowedKernels | `python_kubernetes` | | `kernelspecs.image` | Optional custom data image containing kernelspecs to use. Cannot be used with NFS enabled. | `nil` | | `kernelspecs.imagePullPolicy` | Kernelspecs image pull policy. | `Always` | | `nfs.enabled` | Whether NFS-mounted kernelspecs are enabled. Cannot be used with `kernelspecs.image` set. | `false` | diff --git a/etc/kubernetes/helm/enterprise-gateway/templates/deployment.yaml b/etc/kubernetes/helm/enterprise-gateway/templates/deployment.yaml index 771318a6a..a04ce7a15 100644 --- a/etc/kubernetes/helm/enterprise-gateway/templates/deployment.yaml +++ b/etc/kubernetes/helm/enterprise-gateway/templates/deployment.yaml @@ -77,6 +77,8 @@ spec: value: {{ toJson .Values.kernel.allowedKernels | squote }} - name: EG_DEFAULT_KERNEL_NAME value: {{ .Values.kernel.defaultKernelName }} + - name: EG_DEFAULT_KERNEL_SERVICE_ACCOUNT_NAME + value: {{ .Values.kernel.defaultServiceAccountName }} # Optional authorization token passed in all requests {{- if .Values.authToken }} - name: EG_AUTH_TOKEN diff --git a/etc/kubernetes/helm/enterprise-gateway/values.yaml b/etc/kubernetes/helm/enterprise-gateway/values.yaml index 493bb3ebf..38d5de9a4 100644 --- a/etc/kubernetes/helm/enterprise-gateway/values.yaml +++ b/etc/kubernetes/helm/enterprise-gateway/values.yaml @@ -108,6 +108,9 @@ kernel: - spark_python_operator # Default kernel name should be something from the allowedKernels defaultKernelName: python_kubernetes + # Service account name to use for kernel pods when no service account is specified. + # This service account should exist in the namespace where kernel pods are launched. + defaultServiceAccountName: default kernelspecs: # Optional custom data image containing kernelspecs to use.