From 7e18c5b5f426755cd92e775ddcdef6127c6deda9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabio=20Gr=C3=A4tz?= Date: Wed, 30 Oct 2024 21:15:55 -0500 Subject: [PATCH] Fix: Make appProtocols optional flyte flyteadmin and flyteconsole services in helm chart MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fabio Grätz --- charts/flyte-core/README.md | 4 ++-- charts/flyte-core/templates/admin/service.yaml | 8 ++++++++ charts/flyte-core/templates/console/service.yaml | 2 ++ charts/flyte-core/values.yaml | 4 ++++ deployment/eks/flyte_aws_scheduler_helm_generated.yaml | 5 ----- deployment/eks/flyte_helm_controlplane_generated.yaml | 5 ----- deployment/eks/flyte_helm_generated.yaml | 5 ----- deployment/gcp/flyte_helm_controlplane_generated.yaml | 5 ----- deployment/gcp/flyte_helm_generated.yaml | 5 ----- deployment/sandbox/flyte_helm_generated.yaml | 5 ----- docker/sandbox-bundled/manifests/complete-agent.yaml | 9 ++++++--- docker/sandbox-bundled/manifests/complete.yaml | 9 ++++++--- docker/sandbox-bundled/manifests/dev.yaml | 4 ++-- 13 files changed, 30 insertions(+), 40 deletions(-) diff --git a/charts/flyte-core/README.md b/charts/flyte-core/README.md index ba0d2a792d..de878649b5 100644 --- a/charts/flyte-core/README.md +++ b/charts/flyte-core/README.md @@ -176,7 +176,7 @@ helm install gateway bitnami/contour -n flyte | flyteadmin.resources | object | `{"limits":{"cpu":"250m","ephemeral-storage":"100Mi","memory":"500Mi"},"requests":{"cpu":"10m","ephemeral-storage":"50Mi","memory":"50Mi"}}` | Default resources requests and limits for Flyteadmin deployment | | flyteadmin.secrets | object | `{}` | | | flyteadmin.securityContext | object | `{"fsGroup":65534,"fsGroupChangePolicy":"Always","runAsNonRoot":true,"runAsUser":1001,"seLinuxOptions":{"type":"spc_t"}}` | Sets securityContext for flyteadmin pod(s). | -| flyteadmin.service | object | `{"additionalPorts":[],"annotations":{"projectcontour.io/upstream-protocol.h2c":"grpc"},"loadBalancerSourceRanges":[],"type":"ClusterIP"}` | Service settings for Flyteadmin | +| flyteadmin.service | object | `{"additionalPorts":[],"annotations":{"projectcontour.io/upstream-protocol.h2c":"grpc"},"appProtocols":{"enabled":false},"loadBalancerSourceRanges":[],"type":"ClusterIP"}` | Service settings for Flyteadmin | | flyteadmin.service.additionalPorts | list | `[]` | Appends additional ports to the service spec. | | flyteadmin.serviceAccount | object | `{"alwaysCreate":false,"annotations":{},"clusterRole":{"apiGroups":["","flyte.lyft.com","rbac.authorization.k8s.io"],"resources":["configmaps","flyteworkflows","namespaces","pods","resourcequotas","roles","rolebindings","secrets","services","serviceaccounts","spark-role","limitranges"],"verbs":["*"]},"create":true,"createClusterRole":true,"imagePullSecrets":[]}` | Configuration for service accounts for FlyteAdmin | | flyteadmin.serviceAccount.alwaysCreate | bool | `false` | Should a service account always be created for flyteadmin even without an actual flyteadmin deployment running (e.g. for multi-cluster setups) | @@ -219,7 +219,7 @@ helm install gateway bitnami/contour -n flyte | flyteconsole.replicaCount | int | `1` | Replicas count for Flyteconsole deployment | | flyteconsole.resources | object | `{"limits":{"cpu":"500m","memory":"250Mi"},"requests":{"cpu":"10m","memory":"50Mi"}}` | Default resources requests and limits for Flyteconsole deployment | | flyteconsole.securityContext | object | `{"fsGroupChangePolicy":"OnRootMismatch","runAsNonRoot":true,"runAsUser":1000,"seLinuxOptions":{"type":"spc_t"}}` | Sets securityContext for flyteconsole pod(s). | -| flyteconsole.service | object | `{"annotations":{},"type":"ClusterIP"}` | Service settings for Flyteconsole | +| flyteconsole.service | object | `{"annotations":{},"appProtocols":{"enabled":false},"type":"ClusterIP"}` | Service settings for Flyteconsole | | flyteconsole.serviceMonitor | object | `{"enabled":false,"interval":"60s","labels":{},"scrapeTimeout":"30s"}` | Settings for flyteconsole service monitor | | flyteconsole.serviceMonitor.enabled | bool | `false` | If enabled create the flyteconsole service monitor | | flyteconsole.serviceMonitor.interval | string | `"60s"` | Sets the interval at which metrics will be scraped by prometheus | diff --git a/charts/flyte-core/templates/admin/service.yaml b/charts/flyte-core/templates/admin/service.yaml index 9974fcdc4d..26e85c97f2 100644 --- a/charts/flyte-core/templates/admin/service.yaml +++ b/charts/flyte-core/templates/admin/service.yaml @@ -20,22 +20,30 @@ spec: - name: http port: 80 protocol: TCP + {{- if .Values.flyteadmin.service.appProtocols.enabled }} appProtocol: TCP + {{- end }} targetPort: 8088 - name: grpc port: 81 protocol: TCP # intentionally set to TCP instead of grpc + {{- if .Values.flyteadmin.service.appProtocols.enabled }} appProtocol: TCP + {{- end }} targetPort: 8089 - name: redoc protocol: TCP + {{- if .Values.flyteadmin.service.appProtocols.enabled }} appProtocol: TCP + {{- end }} port: 87 targetPort: 8087 - name: http-metrics protocol: TCP + {{- if .Values.flyteadmin.service.appProtocols.enabled }} appProtocol: TCP + {{- end }} port: 10254 {{- with .Values.flyteadmin.service.additionalPorts -}} {{ tpl (toYaml .) $ | nindent 4 }} diff --git a/charts/flyte-core/templates/console/service.yaml b/charts/flyte-core/templates/console/service.yaml index 7760cb6fcc..756fa0c7c9 100644 --- a/charts/flyte-core/templates/console/service.yaml +++ b/charts/flyte-core/templates/console/service.yaml @@ -16,7 +16,9 @@ spec: - name: http port: 80 protocol: TCP + {{- if .Values.flyteconsole.service.appProtocols.enabled }} appProtocol: TCP + {{- end }} targetPort: 8080 {{- if .Values.flyteconsole.serviceMonitor.enabled }} - name: http-metrics diff --git a/charts/flyte-core/values.yaml b/charts/flyte-core/values.yaml index 2eb9ff876a..02fe89a5bd 100755 --- a/charts/flyte-core/values.yaml +++ b/charts/flyte-core/values.yaml @@ -50,6 +50,8 @@ flyteadmin: - flyteexamples # -- Service settings for Flyteadmin service: + appProtocols: + enabled: false annotations: projectcontour.io/upstream-protocol.h2c: grpc type: ClusterIP @@ -407,6 +409,8 @@ flyteconsole: memory: 50Mi # -- Service settings for Flyteconsole service: + appProtocols: + enabled: false annotations: {} type: ClusterIP # -- Annotations for Flyteconsole pods diff --git a/deployment/eks/flyte_aws_scheduler_helm_generated.yaml b/deployment/eks/flyte_aws_scheduler_helm_generated.yaml index d7cb3500d6..71a3328681 100644 --- a/deployment/eks/flyte_aws_scheduler_helm_generated.yaml +++ b/deployment/eks/flyte_aws_scheduler_helm_generated.yaml @@ -751,22 +751,18 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8088 - name: grpc port: 81 protocol: TCP # intentionally set to TCP instead of grpc - appProtocol: TCP targetPort: 8089 - name: redoc protocol: TCP - appProtocol: TCP port: 87 targetPort: 8087 - name: http-metrics protocol: TCP - appProtocol: TCP port: 10254 selector: app.kubernetes.io/name: flyteadmin @@ -789,7 +785,6 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8080 selector: app.kubernetes.io/name: flyteconsole diff --git a/deployment/eks/flyte_helm_controlplane_generated.yaml b/deployment/eks/flyte_helm_controlplane_generated.yaml index 60ca7d1720..ad96bd5c73 100644 --- a/deployment/eks/flyte_helm_controlplane_generated.yaml +++ b/deployment/eks/flyte_helm_controlplane_generated.yaml @@ -474,22 +474,18 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8088 - name: grpc port: 81 protocol: TCP # intentionally set to TCP instead of grpc - appProtocol: TCP targetPort: 8089 - name: redoc protocol: TCP - appProtocol: TCP port: 87 targetPort: 8087 - name: http-metrics protocol: TCP - appProtocol: TCP port: 10254 selector: app.kubernetes.io/name: flyteadmin @@ -512,7 +508,6 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8080 selector: app.kubernetes.io/name: flyteconsole diff --git a/deployment/eks/flyte_helm_generated.yaml b/deployment/eks/flyte_helm_generated.yaml index 5e0ae72ec2..b568f084b3 100644 --- a/deployment/eks/flyte_helm_generated.yaml +++ b/deployment/eks/flyte_helm_generated.yaml @@ -782,22 +782,18 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8088 - name: grpc port: 81 protocol: TCP # intentionally set to TCP instead of grpc - appProtocol: TCP targetPort: 8089 - name: redoc protocol: TCP - appProtocol: TCP port: 87 targetPort: 8087 - name: http-metrics protocol: TCP - appProtocol: TCP port: 10254 selector: app.kubernetes.io/name: flyteadmin @@ -820,7 +816,6 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8080 selector: app.kubernetes.io/name: flyteconsole diff --git a/deployment/gcp/flyte_helm_controlplane_generated.yaml b/deployment/gcp/flyte_helm_controlplane_generated.yaml index 29367a5b37..56714541d9 100644 --- a/deployment/gcp/flyte_helm_controlplane_generated.yaml +++ b/deployment/gcp/flyte_helm_controlplane_generated.yaml @@ -488,22 +488,18 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8088 - name: grpc port: 81 protocol: TCP # intentionally set to TCP instead of grpc - appProtocol: TCP targetPort: 8089 - name: redoc protocol: TCP - appProtocol: TCP port: 87 targetPort: 8087 - name: http-metrics protocol: TCP - appProtocol: TCP port: 10254 selector: app.kubernetes.io/name: flyteadmin @@ -526,7 +522,6 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8080 selector: app.kubernetes.io/name: flyteconsole diff --git a/deployment/gcp/flyte_helm_generated.yaml b/deployment/gcp/flyte_helm_generated.yaml index ce1f64c1df..249392fab4 100644 --- a/deployment/gcp/flyte_helm_generated.yaml +++ b/deployment/gcp/flyte_helm_generated.yaml @@ -804,22 +804,18 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8088 - name: grpc port: 81 protocol: TCP # intentionally set to TCP instead of grpc - appProtocol: TCP targetPort: 8089 - name: redoc protocol: TCP - appProtocol: TCP port: 87 targetPort: 8087 - name: http-metrics protocol: TCP - appProtocol: TCP port: 10254 selector: app.kubernetes.io/name: flyteadmin @@ -842,7 +838,6 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8080 selector: app.kubernetes.io/name: flyteconsole diff --git a/deployment/sandbox/flyte_helm_generated.yaml b/deployment/sandbox/flyte_helm_generated.yaml index 22b4855352..792496d0c9 100644 --- a/deployment/sandbox/flyte_helm_generated.yaml +++ b/deployment/sandbox/flyte_helm_generated.yaml @@ -6145,22 +6145,18 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8088 - name: grpc port: 81 protocol: TCP # intentionally set to TCP instead of grpc - appProtocol: TCP targetPort: 8089 - name: redoc protocol: TCP - appProtocol: TCP port: 87 targetPort: 8087 - name: http-metrics protocol: TCP - appProtocol: TCP port: 10254 selector: app.kubernetes.io/name: flyteadmin @@ -6183,7 +6179,6 @@ spec: - name: http port: 80 protocol: TCP - appProtocol: TCP targetPort: 8080 selector: app.kubernetes.io/name: flyteconsole diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index a460033647..898e63903a 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -444,6 +444,9 @@ data: disabled: false seedProjects: - flytesnacks + seedProjectsWithDetails: + - description: Default project setup. + name: flytesnacks dataCatalog: disabled: false propeller: @@ -816,7 +819,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: M0MwZjRDRlRMRVg5eFlNWA== + haSharedSecret: TUttbEp1V0RUSjlEUkY0QQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1247,7 +1250,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: dc6e26fec37cad413a92bf06f2840ea1e497284312275ff06e22b152dee1566b + checksum/configuration: a823eaadac5f3a4358c8acf628ebeb3719f88312af520d2c253de2579dff262d checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1413,7 +1416,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 49b88f7ed6b4bec4cdb0305c1d990514d9b75690607d7ae75d5862da9a3b2a29 + checksum/secret: d27ec2de54b15cbb9f6adc5d36bf033944855a02b8683bb0317e31a21925c149 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 88cd06ac2c..c11ac19522 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -433,6 +433,9 @@ data: disabled: false seedProjects: - flytesnacks + seedProjectsWithDetails: + - description: Default project setup. + name: flytesnacks dataCatalog: disabled: false propeller: @@ -798,7 +801,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: ekx6Z2kxS3FBYjV5dExlMw== + haSharedSecret: RWxUWVBuVUJQVEwwNE1ldw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1196,7 +1199,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: a6f3ea502338c626b7824453ce7dc8b6fcd441d68865c075e2e74d797bc607fa + checksum/configuration: c2649df6bcb523f120c73b0fdeec5d9516f555eab12e4eae78b04dea2cf2abae checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1362,7 +1365,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 9b64bfe991cd6ce4394fa9c2651b0bbfe4834024ece293b3ac9688111d6fe5d3 + checksum/secret: 92a61660e6abb39096fad304998c3f9044f2ee13f4e68350c0948d62805e7b76 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index e524e13ae1..ccc9890a1a 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: MW90empzaUNBd2FlV09QSw== + haSharedSecret: ZFVlRUU4R0RPbnQ5eWE3Vg== proxyPassword: "" proxyUsername: "" kind: Secret @@ -934,7 +934,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: ba78cd87d2f6685980b95bd20913088b3a07fa48e9a414693277e3df134710ad + checksum/secret: 22d4532a02325a0694117e610c05523b87aa61a923e5fd5ede32278e9dcdeb4c labels: app: docker-registry release: flyte-sandbox