Docs Home
Viewing docs for
Self-ManagedNot available for BYOC

Pod-Level Customization

On this page

Ververica Platform lets you define custom Kubernetes settings for the pods that run your Flink jobs. You can attach labels, annotations, and volume mounts that apply to all pods in a deployment, and use full Kubernetes pod templates to configure JobManager and TaskManager pods independently. For example, you can add sidecar containers for logging, monitoring, or security proxies.

Pod-level customization is configured through the deployment YAML under spec.template.spec.kubernetes.

Overview

Two mechanisms are available:

MechanismYAML pathScope
Shared pod settingskubernetes.podsAll pods (JobManager and TaskManager)
Per-component pod templateskubernetes.jobManagerPodTemplate and kubernetes.taskManagerPodTemplateJobManager or TaskManager pods individually

Use shared pod settings for labels, annotations, and volume mounts you want on every pod. Use pod templates for full Kubernetes pod spec customization, including sidecar containers, init containers, and per-component labels.

Configure Shared Pod Settings

Settings under kubernetes.pods apply to all pods created by the deployment.

Labels

Attach Kubernetes labels to all Flink pods. Labels are useful for monitoring selectors, network policies, and cost allocation.

YAML
1kubernetes:
2  pods:
3    labels:
4      team: data-engineering
5      env: production

To verify that labels are applied:

BASH
1kubectl -n <NAMESPACE> get pod \
2  -l deploymentName=<DEPLOYMENT_NAME> \
3  --show-labels

Annotations

Attach Kubernetes annotations to all Flink pods. Annotations are commonly used for Prometheus scraping configuration, sidecar injectors such as Istio or Vault, and tooling metadata.

YAML
1kubernetes:
2  pods:
3    annotations:
4      monitoring.example.com/scrape: "true"

To verify that annotations are applied:

BASH
1kubectl -n <NAMESPACE> describe pod \
2  -l deploymentName=<DEPLOYMENT_NAME>,component=jobmanager

Volume Mounts

Mount additional volumes into all Flink pods. Each entry defines both the volume and the mount point.

YAML
1kubernetes:
2  pods:
3    volumeMounts:
4      - name: shared-data
5        volume:
6          name: shared-data
7          emptyDir: {}
8        volumeMount:
9          name: shared-data
10          mountPath: /opt/flink/shared-data

To verify that volumes are mounted:

BASH
1kubectl -n <NAMESPACE> describe pod \
2  -l deploymentName=<DEPLOYMENT_NAME>,component=jobmanager \
3  | grep -A4 "shared-data"

Configure Per-Component Pod Templates

kubernetes.jobManagerPodTemplate and kubernetes.taskManagerPodTemplate accept a full Kubernetes pod spec. Use these fields to configure the JobManager and TaskManager pods independently.

Component-Specific Labels

Apply labels to one component only:

YAML
1kubernetes:
2  jobManagerPodTemplate:
3    metadata:
4      labels:
5        role: jobmanager-custom
6  taskManagerPodTemplate:
7    metadata:
8      labels:
9        role: taskmanager-custom

Sidecar Containers

Add sidecar containers to run alongside the Flink process. Sidecars are useful for log shippers, monitoring agents, and security proxies, without requiring changes to the Flink image.

YAML
1kubernetes:
2  jobManagerPodTemplate:
3    spec:
4      containers:
5        - name: monitoring-sidecar
6          image: nginx:alpine
7          env:
8            - name: MONITORING_TARGET
9              value: jobmanager
10  taskManagerPodTemplate:
11    spec:
12      containers:
13        - name: monitoring-sidecar
14          image: nginx:alpine
15          env:
16            - name: MONITORING_TARGET
17              value: taskmanager

To verify that sidecar containers are running:

BASH
1# Check that both containers are ready (2/2)
2kubectl -n <NAMESPACE> get pods \
3  -l deploymentName=<DEPLOYMENT_NAME>
4
5# Inspect the sidecar on the JobManager pod
6kubectl -n <NAMESPACE> describe pod \
7  -l deploymentName=<DEPLOYMENT_NAME>,component=jobmanager \
8  | grep -A10 "monitoring-sidecar:"
9
10# Inspect the sidecar on the TaskManager pod
11kubectl -n <NAMESPACE> describe pod \
12  -l deploymentName=<DEPLOYMENT_NAME>,component=taskmanager \
13  | grep -A10 "monitoring-sidecar:"

Complete Configuration Example

The following YAML shows all supported pod customization options combined under spec.template.spec.kubernetes:

YAML
1spec:
2  template:
3    spec:
4      kubernetes:
5        pods:
6          labels:
7            team: data-engineering
8            env: production
9          annotations:
10            monitoring.example.com/purpose: my-flink-job
11          volumeMounts:
12            - name: shared-data
13              volume:
14                name: shared-data
15                emptyDir: {}
16              volumeMount:
17                name: shared-data
18                mountPath: /opt/flink/shared-data
19        jobManagerPodTemplate:
20          metadata:
21            labels:
22              role: jobmanager-custom
23          spec:
24            containers:
25              - name: monitoring-sidecar
26                image: nginx:alpine
27                env:
28                  - name: MONITORING_TARGET
29                    value: jobmanager
30        taskManagerPodTemplate:
31          metadata:
32            labels:
33              role: taskmanager-custom
34          spec:
35            containers:
36              - name: monitoring-sidecar
37                image: nginx:alpine
38                env:
39                  - name: MONITORING_TARGET
40                    value: taskmanager

Known Limitations

FieldYAML pathStatusWorkaround
securityContextkubernetes.podsBehavior unconfirmedUse jobManagerPodTemplate.spec.securityContext or taskManagerPodTemplate.spec.securityContext
nodeSelectorkubernetes.podsSilently failsUse node affinity rules instead
envkubernetes.podsAccepted but not appliedSet environment variables in sidecar containers using the pod template
imagePullSecretskubernetes.podsSilently ignoredUse jobManagerPodTemplate.spec.imagePullSecrets or taskManagerPodTemplate.spec.imagePullSecrets
Was this helpful?