diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index e47d98fb0e..ef7948aac0 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -8777,7 +8777,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - image: ghcr.io/flyteorg/flytepropeller:v0.5.13 + image: ghcr.io/flyteorg/flytepropeller:v0.6.1 imagePullPolicy: IfNotPresent name: flytepropeller ports: diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index 0d9b307eff..a8bd2185e7 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -8809,7 +8809,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - image: ghcr.io/flyteorg/flytepropeller:v0.5.13 + image: ghcr.io/flyteorg/flytepropeller:v0.6.1 imagePullPolicy: IfNotPresent name: flytepropeller ports: diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml index 3f5300cebd..c03aa0572c 100644 --- a/deployment/sandbox/flyte_generated.yaml +++ b/deployment/sandbox/flyte_generated.yaml @@ -5,6 +5,11 @@ metadata: --- apiVersion: v1 kind: Namespace +metadata: + name: kubernetes-dashboard +--- +apiVersion: v1 +kind: Namespace metadata: name: projectcontour --- @@ -1595,6 +1600,14 @@ metadata: --- apiVersion: v1 kind: ServiceAccount +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +--- +apiVersion: v1 +kind: ServiceAccount metadata: name: contour namespace: projectcontour @@ -1613,6 +1626,57 @@ metadata: --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +rules: +- apiGroups: + - "" + resourceNames: + - kubernetes-dashboard-key-holder + - kubernetes-dashboard-certs + - kubernetes-dashboard-csrf + resources: + - secrets + verbs: + - get + - update + - delete +- apiGroups: + - "" + resourceNames: + - kubernetes-dashboard-settings + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - "" + resourceNames: + - heapster + - dashboard-metrics-scraper + resources: + - services + verbs: + - proxy +- apiGroups: + - "" + resourceNames: + - heapster + - 'http:heapster:' + - 'https:heapster:' + - dashboard-metrics-scraper + - http:dashboard-metrics-scraper + resources: + - services/proxy + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role metadata: name: contour-certgen namespace: projectcontour @@ -1824,6 +1888,39 @@ rules: - deletecollection --- apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard +rules: +- apiGroups: + - metrics.k8s.io + resources: + - pods + - nodes + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubernetes-dashboard +subjects: +- kind: ServiceAccount + name: kubernetes-dashboard + namespace: kubernetes-dashboard +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: contour @@ -1850,6 +1947,32 @@ subjects: name: contour namespace: projectcontour --- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubernetes-dashboard +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubernetes-dashboard +subjects: +- kind: ServiceAccount + name: kubernetes-dashboard + namespace: kubernetes-dashboard +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubernetes-dashboard-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: kubernetes-dashboard + namespace: kubernetes-dashboard +--- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: @@ -2157,13 +2280,21 @@ data: plugins: logs: kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" + kubernetes-template-uri: "http://localhost:30082/#/log/{{ .namespace }}/{{ .podName }}/pod?namespace={{ .namespace }}" kind: ConfigMap metadata: - name: flyte-propeller-config-94gbkmm6cm + name: flyte-propeller-config-492gkfhbgk namespace: flyte --- apiVersion: v1 +kind: ConfigMap +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-settings + namespace: kubernetes-dashboard +--- +apiVersion: v1 data: contour.yaml: | # @@ -2295,6 +2426,26 @@ metadata: type: Opaque --- apiVersion: v1 +data: + csrf: "" +kind: Secret +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-csrf + namespace: kubernetes-dashboard +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-key-holder + namespace: kubernetes-dashboard +type: Opaque +--- +apiVersion: v1 kind: Service metadata: annotations: @@ -2408,6 +2559,38 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + k8s-app: dashboard-metrics-scraper + name: dashboard-metrics-scraper + namespace: kubernetes-dashboard +spec: + ports: + - port: 8000 + targetPort: 8000 + selector: + k8s-app: dashboard-metrics-scraper +--- +apiVersion: v1 +kind: Service +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +spec: + ports: + - name: http + nodePort: 30082 + port: 80 + protocol: TCP + targetPort: 9090 + selector: + k8s-app: kubernetes-dashboard + type: NodePort +--- +apiVersion: v1 +kind: Service metadata: name: contour namespace: projectcontour @@ -2715,7 +2898,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - image: ghcr.io/flyteorg/flytepropeller:v0.5.13 + image: ghcr.io/flyteorg/flytepropeller:v0.6.1 imagePullPolicy: IfNotPresent name: flytepropeller ports: @@ -2726,7 +2909,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-94gbkmm6cm + name: flyte-propeller-config-492gkfhbgk name: config-volume --- apiVersion: apps/v1 @@ -2796,6 +2979,110 @@ spec: --- apiVersion: apps/v1 kind: Deployment +metadata: + labels: + k8s-app: dashboard-metrics-scraper + name: dashboard-metrics-scraper + namespace: kubernetes-dashboard +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + k8s-app: dashboard-metrics-scraper + template: + metadata: + annotations: + seccomp.security.alpha.kubernetes.io/pod: runtime/default + labels: + k8s-app: dashboard-metrics-scraper + spec: + containers: + - image: kubernetesui/metrics-scraper:v1.0.6 + livenessProbe: + httpGet: + path: / + port: 8000 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 30 + name: dashboard-metrics-scraper + ports: + - containerPort: 8000 + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 2001 + runAsUser: 1001 + volumeMounts: + - mountPath: /tmp + name: tmp-volume + nodeSelector: + kubernetes.io/os: linux + serviceAccountName: kubernetes-dashboard + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + volumes: + - emptyDir: {} + name: tmp-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + k8s-app: kubernetes-dashboard + template: + metadata: + labels: + k8s-app: kubernetes-dashboard + spec: + containers: + - args: + - --namespace=kubernetes-dashboard + - --enable-insecure-login + - --enable-skip-login + - --disable-settings-authorizer + image: kubernetesui/dashboard:v2.2.0 + livenessProbe: + httpGet: + path: / + port: 9090 + initialDelaySeconds: 30 + timeoutSeconds: 30 + name: kubernetes-dashboard + ports: + - containerPort: 9090 + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 2001 + runAsUser: 1001 + volumeMounts: + - mountPath: /tmp + name: tmp-volume + nodeSelector: + kubernetes.io/os: linux + serviceAccountName: kubernetes-dashboard + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + volumes: + - emptyDir: {} + name: tmp-volume +--- +apiVersion: apps/v1 +kind: Deployment metadata: labels: app: contour diff --git a/deployment/test/flyte_generated.yaml b/deployment/test/flyte_generated.yaml index 794dde417f..fff5821755 100644 --- a/deployment/test/flyte_generated.yaml +++ b/deployment/test/flyte_generated.yaml @@ -415,15 +415,9 @@ data: region: us-east-1 container: "my-s3-bucket" - task_logs.yaml: | - # TODO this is used to enable log links in the UI. - plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" kind: ConfigMap metadata: - name: flyte-propeller-config-569h4b5459 + name: flyte-propeller-config-ttk5h2hkmg namespace: flyte --- apiVersion: v1 @@ -741,7 +735,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - image: ghcr.io/flyteorg/flytepropeller:v0.5.13 + image: ghcr.io/flyteorg/flytepropeller:v0.6.1 imagePullPolicy: IfNotPresent name: flytepropeller ports: @@ -752,7 +746,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-569h4b5459 + name: flyte-propeller-config-ttk5h2hkmg name: config-volume --- apiVersion: apps/v1 diff --git a/docker/sandbox/Dockerfile b/docker/sandbox/Dockerfile index 7211cb74fd..f8d21909ad 100644 --- a/docker/sandbox/Dockerfile +++ b/docker/sandbox/Dockerfile @@ -50,7 +50,7 @@ VOLUME /var/lib/cni VOLUME /var/log # Expose Flyte ports -EXPOSE 30081 30084 +EXPOSE 30081 30082 30084 ENTRYPOINT ["tini", "flyte-entrypoint.sh"] @@ -76,6 +76,6 @@ VOLUME /var/lib/cni VOLUME /var/log # Expose Flyte ports -EXPOSE 30081 30084 +EXPOSE 30081 30082 30084 ENTRYPOINT ["tini", "flyte-entrypoint.sh"] diff --git a/kustomize/base/addons/kubernetes_dashboard/clusterrolebinding.yaml b/kustomize/base/addons/kubernetes_dashboard/clusterrolebinding.yaml new file mode 100644 index 0000000000..76fd3fc503 --- /dev/null +++ b/kustomize/base/addons/kubernetes_dashboard/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubernetes-dashboard-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: kubernetes-dashboard + namespace: kubernetes-dashboard diff --git a/kustomize/base/addons/kubernetes_dashboard/deployment.yaml b/kustomize/base/addons/kubernetes_dashboard/deployment.yaml new file mode 100644 index 0000000000..49299fec08 --- /dev/null +++ b/kustomize/base/addons/kubernetes_dashboard/deployment.yaml @@ -0,0 +1,15 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: kubernetes-dashboard + namespace: kubernetes-dashboard +spec: + template: + spec: + containers: + - name: kubernetes-dashboard + args: + - --namespace=kubernetes-dashboard + - --enable-insecure-login + - --enable-skip-login + - --disable-settings-authorizer diff --git a/kustomize/base/addons/kubernetes_dashboard/kustomization.yaml b/kustomize/base/addons/kubernetes_dashboard/kustomization.yaml new file mode 100644 index 0000000000..22384dfe0f --- /dev/null +++ b/kustomize/base/addons/kubernetes_dashboard/kustomization.yaml @@ -0,0 +1,7 @@ +resources: + # TODO (jeev): Figure out how to rev this automatically +- https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/alternative.yaml +- clusterrolebinding.yaml +patchesStrategicMerge: +- deployment.yaml +- service.yaml diff --git a/kustomize/base/addons/kubernetes_dashboard/service.yaml b/kustomize/base/addons/kubernetes_dashboard/service.yaml new file mode 100644 index 0000000000..c08a9308c8 --- /dev/null +++ b/kustomize/base/addons/kubernetes_dashboard/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: kubernetes-dashboard + namespace: kubernetes-dashboard +spec: + type: NodePort + ports: + - port: 80 + name: http + protocol: TCP + nodePort: 30082 diff --git a/kustomize/base/single_cluster/headless/config/propeller/plugins/task_logs.yaml b/kustomize/base/single_cluster/headless/config/propeller/plugins/task_logs.yaml deleted file mode 100644 index de402d2ed3..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/plugins/task_logs.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# TODO this is used to enable log links in the UI. -plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" diff --git a/kustomize/base/single_cluster/headless/kustomization.yaml b/kustomize/base/single_cluster/headless/kustomization.yaml index 0a863fab06..4373a33e41 100644 --- a/kustomize/base/single_cluster/headless/kustomization.yaml +++ b/kustomize/base/single_cluster/headless/kustomization.yaml @@ -43,7 +43,6 @@ configMapGenerator: - ./config/propeller/enabled_plugins.yaml - ./config/propeller/plugins/copilot.yaml - ./config/propeller/plugins/k8s.yaml - - ./config/propeller/plugins/task_logs.yaml - ./config/common/storage.yaml - ./config/common/logger.yaml diff --git a/kustomize/overlays/eks/kustomization.yaml b/kustomize/overlays/eks/kustomization.yaml index fa35ea88e7..6a9e8fe92b 100644 --- a/kustomize/overlays/eks/kustomization.yaml +++ b/kustomize/overlays/eks/kustomization.yaml @@ -35,5 +35,5 @@ images: newName: ghcr.io/lyft/datacatalog # override the name # FlytePropeller - name: flytepropeller # match images with this name - newTag: v0.5.13 # override the tag + newTag: v0.6.1 # override the tag newName: ghcr.io/flyteorg/flytepropeller # override the name diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index 5e4de67b08..3ed3f8e8eb 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -34,5 +34,5 @@ images: newName: ghcr.io/lyft/datacatalog # override the name # FlytePropeller - name: flytepropeller # match images with this name - newTag: v0.5.13 # override the tag + newTag: v0.6.1 # override the tag newName: ghcr.io/flyteorg/flytepropeller # override the name diff --git a/kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml index 0955b59387..2768f8c95d 100644 --- a/kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml +++ b/kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml @@ -1,4 +1,4 @@ plugins: logs: kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" + kubernetes-template-uri: "http://localhost:30082/#/log/{{ .namespace }}/{{ .podName }}/pod?namespace={{ .namespace }}" diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index b3f1f9a6d7..ada55b8166 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -13,6 +13,7 @@ bases: # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's # Add node ports for ease of use locally - ../../base/addons/database +- ../../base/addons/kubernetes_dashboard - ../../base/addons/storage - ../../base/addons/contour_ingress_controller @@ -35,7 +36,7 @@ images: newName: ghcr.io/lyft/datacatalog # override the name # FlytePropeller - name: flytepropeller # match images with this name - newTag: v0.5.13 # override the tag + newTag: v0.6.1 # override the tag newName: ghcr.io/flyteorg/flytepropeller # override the name # Override postgres image to use alpine based (rather smaller) docker image - name: postgres diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index 2a2b6b805b..e63c217a7f 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -31,7 +31,7 @@ images: newName: ghcr.io/lyft/datacatalog # override the name # FlytePropeller - name: flytepropeller # match images with this name - newTag: v0.5.13 # override the tag + newTag: v0.6.1 # override the tag newName: ghcr.io/flyteorg/flytepropeller # override the name # Override postgres image to use alpine based (rather smaller) docker image - name: postgres diff --git a/rsts/tutorials/first_run.rst b/rsts/tutorials/first_run.rst index d403e5d0a9..d2b9693bc3 100644 --- a/rsts/tutorials/first_run.rst +++ b/rsts/tutorials/first_run.rst @@ -12,7 +12,7 @@ Flyte enables scalable, reproducable and reliable orchestration of massively lar With `docker installed `__, run this command: :: - docker run --rm --privileged -p 30081:30081 -p 30084:30084 ghcr.io/flyteorg/flyte-sandbox + docker run --rm --privileged -p 30081:30081 -p 30082:30082 -p 30084:30084 ghcr.io/flyteorg/flyte-sandbox This creates a local Flyte sandbox. Once the sandbox is ready, you should see the following message: ``Flyte is ready! Flyte UI is available at http://localhost:30081/console``. Go ahead and visit http://localhost:30081/console.