wassname/ray
1
0
Fork 0
mirror of https://github.com/wassname/ray.git synced 2026-06-27 21:53:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

[autoscaler] Also grant roles to worker nodes

Browse Source
This commit is contained in:
Eric Liang
2018-10-24 13:57:36 -07:00
committed by GitHub
parent 7c1fd19fd9
commit 55d161b49f
2 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
python/ray/autoscaler/aws/config.py
+1
View File
@@ -101,6 +101,7 @@ def _configure_iam_role(config):
logger.info("Role not specified for head node, using {}".format(
profile.arn))
config["head_node"]["IamInstanceProfile"] = {"Arn": profile.arn}
config["worker_nodes"]["IamInstanceProfile"] = {"Arn": profile.arn}
return config
python/ray/autoscaler/gcp/config.py
+8 -4
View File
@@ -168,12 +168,16 @@ def _configure_iam_role(config):
_add_iam_policy_binding(service_account, DEFAULT_SERVICE_ACCOUNT_ROLES)
# NOTE: The amount of access is determined by the scope + IAM
# role of the service account. Even if the cloud-platform scope
# gives (scope) access to the whole cloud-platform, the service
# account is limited by the IAM rights specified below.
config["head_node"]["serviceAccounts"] = [{
"email": service_account["email"],
# NOTE: The amount of access is determined by the scope + IAM
# role of the service account. Even if the cloud-platform scope
# gives (scope) access to the whole cloud-platform, the service
# account is limited by the IAM rights specified below.
"scopes": ["https://www.googleapis.com/auth/cloud-platform"]
}]
config["worker_nodes"]["serviceAccounts"] = [{
"email": service_account["email"],
"scopes": ["https://www.googleapis.com/auth/cloud-platform"]
}]