SeldonIO · ukclivecox · Mar 29, 2018 · Mar 29, 2018 · Mar 29, 2018
diff --git a/docs/getting_started/minikube.md b/docs/getting_started/minikube.md
@@ -20,7 +20,7 @@ The following packages need to be installed on your machine.
 
 Before starting, you need to have [minikube installed](https://kubernetes.io/docs/tasks/tools/install-minikube/) on your machine.
 
-1. Start a Kubernetes local cluster in your machine using Minikube:
+1. Start a Kubernetes local cluster in your machine using Minikube with RBAC enabled:
 
     ```bash
     minikube start --memory=8000 --feature-gates=CustomResourceValidation=true
@@ -45,9 +45,12 @@ Use the charts to install the CRD and then the core components. Enabling reporti
 
     ```bash
      helm install seldon-core-crd --name seldon-core-crd \
-            --repo https://storage.googleapis.com/seldon-charts --set usage_metrics.enabled=true
+            --repo https://storage.googleapis.com/seldon-charts \
+	    --set usage_metrics.enabled=true \
+	    --set rbac.enabled=false
      helm install seldon-core --name seldon-core \
-            --repo https://storage.googleapis.com/seldon-charts
+            --repo https://storage.googleapis.com/seldon-charts \
+	    --set rbac.enabled=false
     ```
 
 Seldon Core should now be running on your cluster. You can verify if all the pods are up and running typing on command line ```helm status seldon-core``` or ```kubectl get pods```

diff --git a/helm-charts/seldon-core-analytics/templates/prometheus-deployment.json b/helm-charts/seldon-core-analytics/templates/prometheus-deployment.json
@@ -21,6 +21,9 @@
                         }
                     },
                     "spec": {
+			{{- if .Values.rbac.enabled }}
+			"serviceAccountName": "seldon",
+			{{- end }}
                         "containers": [
                             {
                                 "args": [

diff --git a/helm-charts/seldon-core-analytics/templates/prometheus-rbac.yaml b/helm-charts/seldon-core-analytics/templates/prometheus-rbac.yaml
@@ -0,0 +1,41 @@
+{{- if .Values.rbac.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: prometheus
+rules:
+- apiGroups: [""]
+  resources:
+  - nodes
+  - nodes/proxy
+  - services
+  - endpoints
+  - pods
+  verbs: ["get", "list", "watch"]
+- apiGroups:
+  - extensions
+  resources:
+  - ingresses
+  verbs: ["get", "list", "watch"]
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: prometheus
+  namespace: default
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: prometheus
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: prometheus
+subjects:
+- kind: ServiceAccount
+  name: prometheus
+  namespace: default
+{{- end }}
diff --git a/helm-charts/seldon-core-analytics/values.yaml b/helm-charts/seldon-core-analytics/values.yaml
@@ -5,3 +5,5 @@ grafana_prom_service_type: NodePort
 grafana_prom_admin_password: admin
 persistence:
   enabled: true
+rbac:
+  enabled: true
diff --git a/helm-charts/seldon-core-crd/.helmignore b/helm-charts/seldon-core-crd/.helmignore
@@ -21,7 +21,5 @@
 *.tmproj
 
 
-spartakus-config-map.json
-spartakus-rbac.json
-spartakus-volunteer-deployment.json
+
 
diff --git a/helm-charts/seldon-core-crd/templates/spartakus-rbac.json b/helm-charts/seldon-core-crd/templates/spartakus-rbac.json
@@ -1,4 +1,5 @@
 {{- if .Values.usage_metrics.enabled }}
+{{- if .Values.rbac.enabled }}
 {
     "apiVersion": "v1",
     "items": [
@@ -54,4 +55,5 @@
     "metadata": {}
 }
 {{- end }}
+{{- end }}
 
diff --git a/helm-charts/seldon-core-crd/templates/spartakus-volunteer-deployment.json b/helm-charts/seldon-core-crd/templates/spartakus-volunteer-deployment.json
@@ -53,7 +53,9 @@
                         ]
                     }
                 ],
+{{- if .Values.rbac.enabled }}
                 "serviceAccountName": "seldon-spartakus-volunteer",
+{{- end }}
                 "volumes": [
                     {
                         "configMap": {

diff --git a/helm-charts/seldon-core-crd/values.yaml b/helm-charts/seldon-core-crd/values.yaml
@@ -1,4 +1,6 @@
 usage_metrics:
   enabled: false
   database: http://seldon-core-stats.seldon.io
+rbac:
+  enabled: true
 
diff --git a/helm-charts/seldon-core/templates/apife-deployment.json b/helm-charts/seldon-core/templates/apife-deployment.json
@@ -24,7 +24,7 @@
                         }
                     },
                     "spec": {
-{{- if .Values.cluster_manager.rbac }}
+{{- if .Values.rbac.enabled }}
 			"serviceAccountName": "seldon",
 {{- end }}
                         "containers": [

diff --git a/helm-charts/seldon-core/templates/cluster-manager-deployment.yaml b/helm-charts/seldon-core/templates/cluster-manager-deployment.yaml
@@ -13,7 +13,7 @@ items:
         labels:
           app: seldon-cluster-manager-server
       spec:
-{{- if .Values.cluster_manager.rbac }}
+{{- if .Values.rbac.enabled }}
         serviceAccountName: seldon
 {{- end }}
         containers:

diff --git a/helm-charts/seldon-core/templates/rbac.yaml b/helm-charts/seldon-core/templates/rbac.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.cluster_manager.rbac }}
+{{- if .Values.rbac.enabled }}
 ---
 apiVersion: v1
 items:

diff --git a/helm-charts/seldon-core/values.yaml b/helm-charts/seldon-core/values.yaml
@@ -9,11 +9,12 @@ cluster_manager:
     pull_policy: IfNotPresent
     tag: 0.1.6_SNAPSHOT
   java_opts: ''
-  rbac: false
   spring_opts: ''
 engine:
   image:
     tag: 0.1.6_SNAPSHOT
 redis:
   image:
     tag: 4.0.1
+rbac:
+  enabled: true
diff --git a/notebooks/advanced_graphs.ipynb b/notebooks/advanced_graphs.ipynb
@@ -4,7 +4,13 @@
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "## Advanced Graphs"
+    "## Advanced Graphs\n",
+    "\n",
+    "Prequisites:\n",
+    "\n",
+    " - A running GCP Kubernetes cluster\n",
+    " - [Git clone of Seldon Core](https://github.com/SeldonIO/seldon-core)\n",
+    " - [Helm](https://github.com/kubernetes/helm)"
    ]
   },
   {
@@ -740,21 +746,21 @@
  "metadata": {
   "anaconda-cloud": {},
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.13"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.4"
   }
  },
  "nbformat": 4,

diff --git a/notebooks/benchmark_simple_model.ipynb b/notebooks/benchmark_simple_model.ipynb
@@ -146,7 +146,6 @@
    "outputs": [],
    "source": [
     "!helm install ../helm-charts/seldon-core --name seldon-core \\\n",
-    "        --set cluster_manager.rbac=true \\\n",
     "        --set apife.enabled=true \\\n",
     "        --set engine.image.tag=0.1.6_SNAPSHOT_loadtest \\\n",
     "        --set cluster_manager.image.tag=0.1.6_SNAPSHOT_loadtest\n",
@@ -418,21 +417,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.13"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.4"
   }
  },
  "nbformat": 4,

diff --git a/notebooks/epsilon_greedy_gcp.ipynb b/notebooks/epsilon_greedy_gcp.ipynb
@@ -27,7 +27,7 @@
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "What follows assumes you have a cluster running with kubernetes and kubectl pointing at it. First we will start Helm and Seldon"
+    "What follows assumes you have a cluster running with kubernetes (RBAC anabled) and kubectl pointing at it. First we will start Helm and Seldon"
    ]
   },
   {
@@ -72,7 +72,6 @@
    "outputs": [],
    "source": [
     "!helm install ../helm-charts/seldon-core --name seldon-core \\\n",
-    "        --set cluster_manager.rbac=true \\\n",
     "        --set apife_service_type=LoadBalancer \\\n",
     "        --namespace mab"
    ]
@@ -530,21 +529,21 @@
  "metadata": {
   "anaconda-cloud": {},
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.13"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.4"
   }
  },
  "nbformat": 4,

diff --git a/notebooks/ksonnet_ambassador_gcp.ipynb b/notebooks/ksonnet_ambassador_gcp.ipynb
@@ -483,21 +483,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.6"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.4"
   }
  },
  "nbformat": 4,