Kubernetes
Task runner that executes a task inside a pod in a Kubernetes cluster.
: : alert{type="info"} This plugin is only available in the Enterprise Edition (EE). : :
This task runner is container-based so the containerImage property must be set to be able to use it.
To access the task's working directory, use the {{workingDir}} Pebble expression or the WORKING_DIR environment variable. Input files and namespace files will be available in this directory.
To generate output files you can either use the outputFiles task's property and create a file with the same name in the task's working directory, or create any file in the output directory which can be accessed by the {{outputDir}} Pebble expression or the OUTPUT_DIR environment variables.
Note that when the Kestra Worker running this task is terminated, the pod will still runs until completion, then after restarting, the Worker will resume processing on the existing pod unless resume is set to false.
If your cluster is configure with RBAC, you need to configure the service account running your pod need to have the following authorizations:
- pods: get, create, delete, watch, list
- pods/log: get, watch As an example, here is a role that grant those authorizations:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: task-runner
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "create", "delete", "watch", "list"]
- apiGroups: [""]
resources: ["pods/logs"]
verbs: ["get", "watch"]
type: "io.kestra.plugin.ee.kubernetes.runner.Kubernetes"Execute a Shell command.
id: new-shell
namespace: company.team
tasks:
- id: shell
type: io.kestra.plugin.scripts.shell.Commands
taskRunner:
type: io.kestra.plugin.ee.kubernetes.runner.Kubernetes
commands:
- echo "Hello World"Pass input files to the task, execute a Shell command, then retrieve output files.
id: new-shell-with-file
namespace: company.team
inputs:
- id: file
type: FILE
tasks:
- id: shell
type: io.kestra.plugin.scripts.shell.Commands
inputFiles:
data.txt: "{{ inputs.file }}"
outputFiles:
- out.txt
containerImage: centos
taskRunner:
type: io.kestra.plugin.ee.kubernetes.runner.Kubernetes
commands:
- cp {{ workingDir }}/data.txt {{ workingDir }}/out.txtAdditional YAML spec for the container.
The namespace where the pod will be created.
Additional YAML spec for the pod.
The image pull policy for a container image and the tag of the image, which affect when Docker attempts to pull (download) the specified image.
The additional duration to wait for logs to arrive after pod completion.
As logs are not retrieved in real time, we cannot guarantee that we have fetched all logs when the pod complete, therefore we wait for a fixed amount of time to fetch late logs.
The maximum duration to wait for the pod completion unless the task timeout property is set which will take precedence over this property.
The maximum duration to wait until the pod is created.
This timeout is the maximum time that Kubernetes scheduler can take to
- schedule the pod
- pull the pod image
- and start the pod.
The configuration of the target Kubernetes cluster.
The configuration of the file sidecar container that handle download and upload of files.
The pod custom labels
Kestra will add default labels to the pod with execution and flow identifiers.
Node selector for pod scheduling
Kestra will assign the pod to the nodes you want (see https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/)
The pod custom resources
The name of the service account.
The image used for the file sidecar container.
The API version
CA certificate as data
CA certificate as file path
Client certificate as data
Client certificate as a file path
Client key encryption algorithm
default is RSA
Client key as data
Client key as a file path
Client key passphrase
Key store file
Key store passphrase
The url to the Kubernetes API
The namespace used
Oauth token
Oauth token provider
Password
Truststore file
Truststore passphrase
Username