From e4fb9186690a9184c05b15981be7ac537ff1ab28 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Sun, 13 Sep 2020 22:34:48 -0700 Subject: [PATCH 01/41] images centralized --- .../base/admindeployment/deployment.yaml | 4 +- kustomize/base/console/deployment.yaml | 2 +- kustomize/base/datacatalog/deployment.yaml | 4 +- kustomize/base/flyte/kustomization.yaml | 40 +++++++++++++++++++ kustomize/base/propeller/deployment.yaml | 2 +- 5 files changed, 46 insertions(+), 6 deletions(-) create mode 100644 kustomize/base/flyte/kustomization.yaml diff --git a/kustomize/base/admindeployment/deployment.yaml b/kustomize/base/admindeployment/deployment.yaml index e94fcdf1ad..ab270f3911 100644 --- a/kustomize/base/admindeployment/deployment.yaml +++ b/kustomize/base/admindeployment/deployment.yaml @@ -31,7 +31,7 @@ spec: name: flyte-admin-config initContainers: - name: run-migrations - image: docker.io/lyft/flyteadmin:v0.3.5 + image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "migrate", "run"] volumeMounts: @@ -39,7 +39,7 @@ spec: mountPath: /etc/flyte/config containers: - name: flyteadmin - image: docker.io/lyft/flyteadmin:v0.3.5 + image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "serve"] ports: diff --git a/kustomize/base/console/deployment.yaml b/kustomize/base/console/deployment.yaml index 408721e5ce..01b4db1f85 100644 --- a/kustomize/base/console/deployment.yaml +++ b/kustomize/base/console/deployment.yaml @@ -23,7 +23,7 @@ spec: emptyDir: {} containers: - name: flyteconsole - image: docker.io/lyft/flyteconsole:v0.11.0 + image: flyteconsole:v0.11.0 # args: [] ports: - containerPort: 8080 diff --git a/kustomize/base/datacatalog/deployment.yaml b/kustomize/base/datacatalog/deployment.yaml index dc530d9c35..dd31fa6593 100644 --- a/kustomize/base/datacatalog/deployment.yaml +++ b/kustomize/base/datacatalog/deployment.yaml @@ -30,7 +30,7 @@ spec: name: datacatalog-config initContainers: - name: run-migrations - image: docker.io/lyft/datacatalog:v0.2.2 + image: datacatalog:v0.2.2 imagePullPolicy: IfNotPresent command: ["datacatalog", "--logtostderr", "--config", "/etc/datacatalog/config/datacatalog_config.yaml", "migrate", "run"] volumeMounts: @@ -38,7 +38,7 @@ spec: mountPath: /etc/datacatalog/config containers: - name: datacatalog - image: docker.io/lyft/datacatalog:v0.2.2 + image: datacatalog:v0.2.2 imagePullPolicy: IfNotPresent command: ["datacatalog", "--logtostderr", "--config", "/etc/datacatalog/config/datacatalog_config.yaml", "serve"] ports: diff --git a/kustomize/base/flyte/kustomization.yaml b/kustomize/base/flyte/kustomization.yaml new file mode 100644 index 0000000000..5b9d448ea2 --- /dev/null +++ b/kustomize/base/flyte/kustomization.yaml @@ -0,0 +1,40 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: flyte-test +images: + # FlyteAdmin + - name: flyteadmin # match images with this name + newTag: v0.3.5 # override the tag + newName: docker.io/lyft/flyteadmin # override the name + # FlytePropeller + - name: flytepropeller # match images with this name + newTag: 0.3.12 # override the tag + newName: docker.io/lyft/flytepropeller # override the name + # Flyte DataCatalog + - name: datacatalog # match images with this name + newTag: v0.2.2 # override the tag + newName: docker.io/lyft/datacatalog # override the name + # FlyteConsole + - name: flyteconsole # match images with this name + newTag: v0.11.0 # override the tag + newName: docker.io/lyft/flyteconsole # override the name +resources: +# global resources +- ../namespace +- ../../dependencies/database +- ../../dependencies/storage + +# user plane / control plane resources +- ../ingress +- ../../dependencies/contour_ingress_controller +- ../admindeployment +- ../datacatalog +- ../console + +# data plane resources +- ../wf_crd +- ../operators/spark +- ../adminserviceaccount +- ../propeller +- ../../dependencies/redis + diff --git a/kustomize/base/propeller/deployment.yaml b/kustomize/base/propeller/deployment.yaml index 970d90c3b1..1634408b75 100644 --- a/kustomize/base/propeller/deployment.yaml +++ b/kustomize/base/propeller/deployment.yaml @@ -31,7 +31,7 @@ spec: name: flyte-plugin-config containers: - name: flytepropeller - image: docker.io/lyft/flytepropeller:v0.3.12 + image: flytepropeller:v0.3.12 command: - flytepropeller args: From e16bb7d998df3db6648f15e7afa8c658f0eae857 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 14 Sep 2020 17:42:01 -0700 Subject: [PATCH 02/41] Clean up in configuration --- .../base/admindeployment/config/admin.yaml | 61 ++++++++ .../aa_namespace.yaml | 7 + .../ab_project-resource-quota.yaml | 10 ++ .../ac_project-copilot-dataconfig.yaml | 18 +++ .../ad_spark-role.yaml | 24 ++++ .../ae_spark-service-account.yaml | 5 + .../af_spark-role-binding.yaml | 14 ++ kustomize/base/admindeployment/config/db.yaml | 6 + .../base/admindeployment/config/logger.yaml | 3 + .../base/admindeployment/config/storage.yaml | 11 ++ .../base/admindeployment/deployment.yaml | 4 +- .../base/admindeployment/kustomization.yaml | 2 + kustomize/base/console/kustomization.yaml | 2 +- kustomize/base/datacatalog/deployment.yaml | 4 +- kustomize/base/flyte/config/admin.yaml | 61 ++++++++ .../aa_namespace.yaml | 7 + .../ab_project-resource-quota.yaml | 10 ++ .../ac_project-copilot-dataconfig.yaml | 18 +++ .../ad_spark-role.yaml | 24 ++++ .../ae_spark-service-account.yaml | 5 + .../af_spark-role-binding.yaml | 14 ++ kustomize/base/flyte/config/console.yaml | 5 + kustomize/base/flyte/config/datacatalog.yaml | 13 ++ kustomize/base/flyte/config/db.yaml | 6 + .../base/flyte/config/enabled_plugins.yaml | 7 + kustomize/base/flyte/config/logger.yaml | 3 + .../base/flyte/config/plugins/copilot.yaml | 5 + kustomize/base/flyte/config/plugins/k8s.yaml | 6 + .../base/flyte/config/plugins/qubole.yaml | 3 + .../base/flyte/config/plugins/spark.yaml | 16 +++ .../base/flyte/config/plugins/task_logs.yaml | 4 + kustomize/base/flyte/config/propeller.yaml | 48 +++++++ kustomize/base/flyte/config/storage.yaml | 11 ++ .../custom-config.yaml | 134 ++++++++++++++++++ .../deployment.yaml | 66 +++++++++ .../kustomization.yaml | 6 + .../contour_ingress_controller/namespace.yaml | 4 + .../contour_ingress_controller/rbac.yaml | 66 +++++++++ .../contour_ingress_controller/service.yaml | 17 +++ .../flyte/dependencies/database/database.yaml | 38 +++++ .../dependencies/database/kustomization.yaml | 2 + .../flyte/dependencies/redis/deployment.yaml | 56 ++++++++ .../dependencies/redis/kustomization.yaml | 3 + .../flyte/dependencies/redis/service.yaml | 16 +++ .../dependencies/storage/kustomization.yaml | 2 + .../flyte/dependencies/storage/storage.yaml | 63 ++++++++ kustomize/base/flyte/kustomization.yaml | 53 ++++++- kustomize/base/propeller/deployment.yaml | 7 +- 48 files changed, 953 insertions(+), 17 deletions(-) create mode 100644 kustomize/base/admindeployment/config/admin.yaml create mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml create mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml create mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml create mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml create mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml create mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml create mode 100644 kustomize/base/admindeployment/config/db.yaml create mode 100644 kustomize/base/admindeployment/config/logger.yaml create mode 100644 kustomize/base/admindeployment/config/storage.yaml create mode 100644 kustomize/base/flyte/config/admin.yaml create mode 100644 kustomize/base/flyte/config/clusterresource-templates/aa_namespace.yaml create mode 100644 kustomize/base/flyte/config/clusterresource-templates/ab_project-resource-quota.yaml create mode 100644 kustomize/base/flyte/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml create mode 100644 kustomize/base/flyte/config/clusterresource-templates/ad_spark-role.yaml create mode 100644 kustomize/base/flyte/config/clusterresource-templates/ae_spark-service-account.yaml create mode 100644 kustomize/base/flyte/config/clusterresource-templates/af_spark-role-binding.yaml create mode 100644 kustomize/base/flyte/config/console.yaml create mode 100644 kustomize/base/flyte/config/datacatalog.yaml create mode 100644 kustomize/base/flyte/config/db.yaml create mode 100644 kustomize/base/flyte/config/enabled_plugins.yaml create mode 100644 kustomize/base/flyte/config/logger.yaml create mode 100644 kustomize/base/flyte/config/plugins/copilot.yaml create mode 100644 kustomize/base/flyte/config/plugins/k8s.yaml create mode 100644 kustomize/base/flyte/config/plugins/qubole.yaml create mode 100644 kustomize/base/flyte/config/plugins/spark.yaml create mode 100644 kustomize/base/flyte/config/plugins/task_logs.yaml create mode 100644 kustomize/base/flyte/config/propeller.yaml create mode 100644 kustomize/base/flyte/config/storage.yaml create mode 100644 kustomize/base/flyte/dependencies/contour_ingress_controller/custom-config.yaml create mode 100644 kustomize/base/flyte/dependencies/contour_ingress_controller/deployment.yaml create mode 100644 kustomize/base/flyte/dependencies/contour_ingress_controller/kustomization.yaml create mode 100644 kustomize/base/flyte/dependencies/contour_ingress_controller/namespace.yaml create mode 100644 kustomize/base/flyte/dependencies/contour_ingress_controller/rbac.yaml create mode 100644 kustomize/base/flyte/dependencies/contour_ingress_controller/service.yaml create mode 100644 kustomize/base/flyte/dependencies/database/database.yaml create mode 100644 kustomize/base/flyte/dependencies/database/kustomization.yaml create mode 100644 kustomize/base/flyte/dependencies/redis/deployment.yaml create mode 100644 kustomize/base/flyte/dependencies/redis/kustomization.yaml create mode 100644 kustomize/base/flyte/dependencies/redis/service.yaml create mode 100644 kustomize/base/flyte/dependencies/storage/kustomization.yaml create mode 100644 kustomize/base/flyte/dependencies/storage/storage.yaml diff --git a/kustomize/base/admindeployment/config/admin.yaml b/kustomize/base/admindeployment/config/admin.yaml new file mode 100644 index 0000000000..6e775c6c54 --- /dev/null +++ b/kustomize/base/admindeployment/config/admin.yaml @@ -0,0 +1,61 @@ +server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" +flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin +remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 +task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi +domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production +cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml new file mode 100644 index 0000000000..3075aa9f9e --- /dev/null +++ b/kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: {{ namespace }} +spec: + finalizers: + - kubernetes diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml new file mode 100644 index 0000000000..ddfade3c29 --- /dev/null +++ b/kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ResourceQuota +metadata: + name: project-quota + namespace: {{ namespace }} +spec: + hard: + limits.cpu: {{ projectQuotaCpu }} + limits.memory: {{ projectQuotaMemory }} + diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml new file mode 100644 index 0000000000..cc17cb58a7 --- /dev/null +++ b/kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -0,0 +1,18 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: flyte-data-config + namespace: {{ namespace }} +data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml new file mode 100644 index 0000000000..2dc0b21b65 --- /dev/null +++ b/kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: spark-role + namespace: {{ namespace }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml new file mode 100644 index 0000000000..dddd8d2742 --- /dev/null +++ b/kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: spark + namespace: {{ namespace }} diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml new file mode 100644 index 0000000000..4b6c43bbb7 --- /dev/null +++ b/kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: spark-role-binding + namespace: {{ namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: spark-role +subjects: +- kind: ServiceAccount + name: spark + namespace: {{ namespace }} + diff --git a/kustomize/base/admindeployment/config/db.yaml b/kustomize/base/admindeployment/config/db.yaml new file mode 100644 index 0000000000..c71ee6e4bb --- /dev/null +++ b/kustomize/base/admindeployment/config/db.yaml @@ -0,0 +1,6 @@ +database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable diff --git a/kustomize/base/admindeployment/config/logger.yaml b/kustomize/base/admindeployment/config/logger.yaml new file mode 100644 index 0000000000..abe53e7359 --- /dev/null +++ b/kustomize/base/admindeployment/config/logger.yaml @@ -0,0 +1,3 @@ +logger: + show-source: true + level: 5 diff --git a/kustomize/base/admindeployment/config/storage.yaml b/kustomize/base/admindeployment/config/storage.yaml new file mode 100644 index 0000000000..16e6f52755 --- /dev/null +++ b/kustomize/base/admindeployment/config/storage.yaml @@ -0,0 +1,11 @@ +storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + diff --git a/kustomize/base/admindeployment/deployment.yaml b/kustomize/base/admindeployment/deployment.yaml index ab270f3911..9e613e2fe7 100644 --- a/kustomize/base/admindeployment/deployment.yaml +++ b/kustomize/base/admindeployment/deployment.yaml @@ -33,7 +33,7 @@ spec: - name: run-migrations image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "migrate", "run"] + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "migrate", "run"] volumeMounts: - name: config-volume mountPath: /etc/flyte/config @@ -41,7 +41,7 @@ spec: - name: flyteadmin image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "serve"] + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "serve"] ports: - containerPort: 8088 - containerPort: 8089 diff --git a/kustomize/base/admindeployment/kustomization.yaml b/kustomize/base/admindeployment/kustomization.yaml index a944d005ca..f38cebb07a 100644 --- a/kustomize/base/admindeployment/kustomization.yaml +++ b/kustomize/base/admindeployment/kustomization.yaml @@ -1,3 +1,5 @@ resources: - deployment.yaml - service.yaml + + diff --git a/kustomize/base/console/kustomization.yaml b/kustomize/base/console/kustomization.yaml index efc0d46a0b..81d586a3cd 100644 --- a/kustomize/base/console/kustomization.yaml +++ b/kustomize/base/console/kustomization.yaml @@ -1,4 +1,4 @@ resources: - deployment.yaml -- configmap.yaml - service.yaml +- configmap.yaml diff --git a/kustomize/base/datacatalog/deployment.yaml b/kustomize/base/datacatalog/deployment.yaml index dd31fa6593..65c049deb6 100644 --- a/kustomize/base/datacatalog/deployment.yaml +++ b/kustomize/base/datacatalog/deployment.yaml @@ -32,7 +32,7 @@ spec: - name: run-migrations image: datacatalog:v0.2.2 imagePullPolicy: IfNotPresent - command: ["datacatalog", "--logtostderr", "--config", "/etc/datacatalog/config/datacatalog_config.yaml", "migrate", "run"] + command: ["datacatalog", "--logtostderr", "--config", "/etc/datacatalog/config/*.yaml", "migrate", "run"] volumeMounts: - name: config-volume mountPath: /etc/datacatalog/config @@ -40,7 +40,7 @@ spec: - name: datacatalog image: datacatalog:v0.2.2 imagePullPolicy: IfNotPresent - command: ["datacatalog", "--logtostderr", "--config", "/etc/datacatalog/config/datacatalog_config.yaml", "serve"] + command: ["datacatalog", "--logtostderr", "--config", "/etc/datacatalog/config/*.yaml", "serve"] ports: - containerPort: 8088 - containerPort: 8089 diff --git a/kustomize/base/flyte/config/admin.yaml b/kustomize/base/flyte/config/admin.yaml new file mode 100644 index 0000000000..6e775c6c54 --- /dev/null +++ b/kustomize/base/flyte/config/admin.yaml @@ -0,0 +1,61 @@ +server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" +flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin +remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 +task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi +domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production +cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m diff --git a/kustomize/base/flyte/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/flyte/config/clusterresource-templates/aa_namespace.yaml new file mode 100644 index 0000000000..3075aa9f9e --- /dev/null +++ b/kustomize/base/flyte/config/clusterresource-templates/aa_namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: {{ namespace }} +spec: + finalizers: + - kubernetes diff --git a/kustomize/base/flyte/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/flyte/config/clusterresource-templates/ab_project-resource-quota.yaml new file mode 100644 index 0000000000..ddfade3c29 --- /dev/null +++ b/kustomize/base/flyte/config/clusterresource-templates/ab_project-resource-quota.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ResourceQuota +metadata: + name: project-quota + namespace: {{ namespace }} +spec: + hard: + limits.cpu: {{ projectQuotaCpu }} + limits.memory: {{ projectQuotaMemory }} + diff --git a/kustomize/base/flyte/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/flyte/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml new file mode 100644 index 0000000000..cc17cb58a7 --- /dev/null +++ b/kustomize/base/flyte/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -0,0 +1,18 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: flyte-data-config + namespace: {{ namespace }} +data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true diff --git a/kustomize/base/flyte/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/base/flyte/config/clusterresource-templates/ad_spark-role.yaml new file mode 100644 index 0000000000..2dc0b21b65 --- /dev/null +++ b/kustomize/base/flyte/config/clusterresource-templates/ad_spark-role.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: spark-role + namespace: {{ namespace }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' diff --git a/kustomize/base/flyte/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/base/flyte/config/clusterresource-templates/ae_spark-service-account.yaml new file mode 100644 index 0000000000..dddd8d2742 --- /dev/null +++ b/kustomize/base/flyte/config/clusterresource-templates/ae_spark-service-account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: spark + namespace: {{ namespace }} diff --git a/kustomize/base/flyte/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/base/flyte/config/clusterresource-templates/af_spark-role-binding.yaml new file mode 100644 index 0000000000..4b6c43bbb7 --- /dev/null +++ b/kustomize/base/flyte/config/clusterresource-templates/af_spark-role-binding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: spark-role-binding + namespace: {{ namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: spark-role +subjects: +- kind: ServiceAccount + name: spark + namespace: {{ namespace }} + diff --git a/kustomize/base/flyte/config/console.yaml b/kustomize/base/flyte/config/console.yaml new file mode 100644 index 0000000000..cb482fddd4 --- /dev/null +++ b/kustomize/base/flyte/config/console.yaml @@ -0,0 +1,5 @@ +# This determines the base url used for all console links. It must match the route specified in ingress.yaml +BASE_URL: /console +CONFIG_DIR: /etc/flyte/config +DISABLE_AUTH: "true" + diff --git a/kustomize/base/flyte/config/datacatalog.yaml b/kustomize/base/flyte/config/datacatalog.yaml new file mode 100644 index 0000000000..0ef31c10f9 --- /dev/null +++ b/kustomize/base/flyte/config/datacatalog.yaml @@ -0,0 +1,13 @@ +datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 +application: + grpcPort: 8089 +# TODO lets move this to db.yaml, but the dbname is the problem currently +database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable diff --git a/kustomize/base/flyte/config/db.yaml b/kustomize/base/flyte/config/db.yaml new file mode 100644 index 0000000000..c71ee6e4bb --- /dev/null +++ b/kustomize/base/flyte/config/db.yaml @@ -0,0 +1,6 @@ +database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable diff --git a/kustomize/base/flyte/config/enabled_plugins.yaml b/kustomize/base/flyte/config/enabled_plugins.yaml new file mode 100644 index 0000000000..1ee6e3ded3 --- /dev/null +++ b/kustomize/base/flyte/config/enabled_plugins.yaml @@ -0,0 +1,7 @@ +tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array diff --git a/kustomize/base/flyte/config/logger.yaml b/kustomize/base/flyte/config/logger.yaml new file mode 100644 index 0000000000..abe53e7359 --- /dev/null +++ b/kustomize/base/flyte/config/logger.yaml @@ -0,0 +1,3 @@ +logger: + show-source: true + level: 5 diff --git a/kustomize/base/flyte/config/plugins/copilot.yaml b/kustomize/base/flyte/config/plugins/copilot.yaml new file mode 100644 index 0000000000..9b445ba31a --- /dev/null +++ b/kustomize/base/flyte/config/plugins/copilot.yaml @@ -0,0 +1,5 @@ +plugins: + co-pilot: + name: "flyte-copilot-" + image: "docker.io/lyft/flytecopilot:v0.3.35" + start-timeout: "30s" diff --git a/kustomize/base/flyte/config/plugins/k8s.yaml b/kustomize/base/flyte/config/plugins/k8s.yaml new file mode 100644 index 0000000000..6d0f5b8365 --- /dev/null +++ b/kustomize/base/flyte/config/plugins/k8s.yaml @@ -0,0 +1,6 @@ +plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage diff --git a/kustomize/base/flyte/config/plugins/qubole.yaml b/kustomize/base/flyte/config/plugins/qubole.yaml new file mode 100644 index 0000000000..ea34d2752b --- /dev/null +++ b/kustomize/base/flyte/config/plugins/qubole.yaml @@ -0,0 +1,3 @@ +plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" diff --git a/kustomize/base/flyte/config/plugins/spark.yaml b/kustomize/base/flyte/config/plugins/spark.yaml new file mode 100644 index 0000000000..c1ffb9209a --- /dev/null +++ b/kustomize/base/flyte/config/plugins/spark.yaml @@ -0,0 +1,16 @@ +plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" diff --git a/kustomize/base/flyte/config/plugins/task_logs.yaml b/kustomize/base/flyte/config/plugins/task_logs.yaml new file mode 100644 index 0000000000..0955b59387 --- /dev/null +++ b/kustomize/base/flyte/config/plugins/task_logs.yaml @@ -0,0 +1,4 @@ +plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" diff --git a/kustomize/base/flyte/config/propeller.yaml b/kustomize/base/flyte/config/propeller.yaml new file mode 100644 index 0000000000..b1467f5746 --- /dev/null +++ b/kustomize/base/flyte/config/propeller.yaml @@ -0,0 +1,48 @@ +propeller: + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 4 + max-workflow-retries: 30 + workflow-reeval-duration: 30s + downstream-eval-duration: 30s + limit-namespace: "all" + prof-port: 10254 + metrics-prefix: flyte + enable-admin-launcher: true + leader-election: + lock-config-map: + name: propeller-leader + namespace: flyte + enabled: true + lease-duration: 15s + renew-deadline: 10s + retry-period: 2s + queue: + type: batch + batching-interval: 2s + batch-size: -1 + queue: + type: bucket + rate: 10 + capacity: 100 + sub-queue: + type: bucket + rate: 10 + capacity: 100 + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword +event: + type: admin + rate: 500 + capacity: 1000 +admin: + endpoint: flyteadmin:81 + insecure: true +catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true diff --git a/kustomize/base/flyte/config/storage.yaml b/kustomize/base/flyte/config/storage.yaml new file mode 100644 index 0000000000..16e6f52755 --- /dev/null +++ b/kustomize/base/flyte/config/storage.yaml @@ -0,0 +1,11 @@ +storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/custom-config.yaml b/kustomize/base/flyte/dependencies/contour_ingress_controller/custom-config.yaml new file mode 100644 index 0000000000..c0fcfee56a --- /dev/null +++ b/kustomize/base/flyte/dependencies/contour_ingress_controller/custom-config.yaml @@ -0,0 +1,134 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ingressroutes.contour.heptio.com + labels: + component: ingressroute +spec: + group: contour.heptio.com + version: v1beta1 + scope: Namespaced + names: + plural: ingressroutes + kind: IngressRoute + additionalPrinterColumns: + - name: FQDN + type: string + description: Fully qualified domain name + JSONPath: .spec.virtualhost.fqdn + - name: TLS Secret + type: string + description: Secret with TLS credentials + JSONPath: .spec.virtualhost.tls.secretName + - name: First route + type: string + description: First routes defined + JSONPath: .spec.routes[0].match + - name: Status + type: string + description: The current status of the IngressRoute + JSONPath: .status.currentStatus + - name: Status Description + type: string + description: Description of the current status + JSONPath: .status.description + validation: + openAPIV3Schema: + properties: + spec: + required: + - routes + properties: + virtualhost: + properties: + fqdn: + type: string + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ + aliases: + type: array + items: + type: string + pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ + strategy: + type: string + enum: + - RoundRobin + - LeastRequest + - Random + - RingHash + - Maglev + healthCheck: + type: object + required: + - path + properties: + path: + type: string + pattern: ^\/.*$ + intervalSeconds: + type: integer + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + healthyThresholdCount: + type: integer + routes: + type: array + items: + required: + - match + properties: + match: + type: string + pattern: ^\/.*$ + delegate: + type: object + required: + - name + properties: + name: + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 + namespace: + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 + services: + type: array + items: + type: object + required: + - name + - port + properties: + name: + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 + port: + type: integer + weight: + type: integer + strategy: + type: string + enum: + - RoundRobin + - WeightedLeastRequest + - Random + - RingHash + - Maglev + healthCheck: + type: object + required: + - path + properties: + path: + type: string + pattern: ^\/.*$ + intervalSeconds: + type: integer + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + healthyThresholdCount: + type: integer diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/deployment.yaml b/kustomize/base/flyte/dependencies/contour_ingress_controller/deployment.yaml new file mode 100644 index 0000000000..c24f2b504c --- /dev/null +++ b/kustomize/base/flyte/dependencies/contour_ingress_controller/deployment.yaml @@ -0,0 +1,66 @@ +# Create the actual deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: contour + namespace: heptio-contour + labels: + app: contour +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + labels: + app: contour + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8002" + prometheus.io/path: "/stats" + prometheus.io/format: "prometheus" + spec: + containers: + - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + command: ["envoy"] + args: ["-c", "/config/contour.yaml", "--service-cluster", "cluster0", "--service-node", "node0"] + volumeMounts: + - name: contour-config + mountPath: /config + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 100m + memory: 100Mi + - image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + ports: + - containerPort: 8000 + name: contour + name: contour-unknown + command: ["contour"] + args: ["serve", "--incluster", "--envoy-http-port=80", "--debug-http-port=6069"] + initContainers: + - image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + command: ["contour"] + args: ["bootstrap", "/config/contour.yaml", "--statsd-enabled"] + volumeMounts: + - name: contour-config + mountPath: /config + volumes: + - name: contour-config + emptyDir: {} + dnsPolicy: ClusterFirst + serviceAccountName: contour + terminationGracePeriodSeconds: 30 diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/kustomization.yaml b/kustomize/base/flyte/dependencies/contour_ingress_controller/kustomization.yaml new file mode 100644 index 0000000000..36ba42801d --- /dev/null +++ b/kustomize/base/flyte/dependencies/contour_ingress_controller/kustomization.yaml @@ -0,0 +1,6 @@ +resources: +- namespace.yaml +- rbac.yaml +- custom-config.yaml +- service.yaml +- deployment.yaml diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/namespace.yaml b/kustomize/base/flyte/dependencies/contour_ingress_controller/namespace.yaml new file mode 100644 index 0000000000..4be554a003 --- /dev/null +++ b/kustomize/base/flyte/dependencies/contour_ingress_controller/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: heptio-contour diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/rbac.yaml b/kustomize/base/flyte/dependencies/contour_ingress_controller/rbac.yaml new file mode 100644 index 0000000000..4492a6f80f --- /dev/null +++ b/kustomize/base/flyte/dependencies/contour_ingress_controller/rbac.yaml @@ -0,0 +1,66 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: contour + namespace: heptio-contour +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: contour +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: ["contour.heptio.com"] + resources: ["ingressroutes"] + verbs: + - get + - list + - watch + - put + - post + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: contour +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: contour +subjects: +- kind: ServiceAccount + name: contour + namespace: heptio-contour diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/service.yaml b/kustomize/base/flyte/dependencies/contour_ingress_controller/service.yaml new file mode 100644 index 0000000000..b7e10ab4af --- /dev/null +++ b/kustomize/base/flyte/dependencies/contour_ingress_controller/service.yaml @@ -0,0 +1,17 @@ +# Service +apiVersion: v1 +kind: Service +metadata: + name: contour + namespace: heptio-contour + labels: + app: contour +spec: + # use NodePort to make sure the service is accessible + type: NodePort + selector: + app: contour + ports: + - protocol: TCP + port: 80 + nodePort: 30081 diff --git a/kustomize/base/flyte/dependencies/database/database.yaml b/kustomize/base/flyte/dependencies/database/database.yaml new file mode 100644 index 0000000000..b85eea088a --- /dev/null +++ b/kustomize/base/flyte/dependencies/database/database.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: flyte +spec: + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + volumes: + - name: postgres-storage + emptyDir: {} + containers: + - image: "postgres:10.1" + name: postgres + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - name: postgres-storage + mountPath: /var/lib/postgresql/data +--- + apiVersion: v1 + kind: Service + metadata: + name: postgres + namespace: flyte + spec: + ports: + - port: 5432 + selector: + app: postgres diff --git a/kustomize/base/flyte/dependencies/database/kustomization.yaml b/kustomize/base/flyte/dependencies/database/kustomization.yaml new file mode 100644 index 0000000000..ca2ede8d46 --- /dev/null +++ b/kustomize/base/flyte/dependencies/database/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- database.yaml diff --git a/kustomize/base/flyte/dependencies/redis/deployment.yaml b/kustomize/base/flyte/dependencies/redis/deployment.yaml new file mode 100644 index 0000000000..6d02c0faac --- /dev/null +++ b/kustomize/base/flyte/dependencies/redis/deployment.yaml @@ -0,0 +1,56 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always diff --git a/kustomize/base/flyte/dependencies/redis/kustomization.yaml b/kustomize/base/flyte/dependencies/redis/kustomization.yaml new file mode 100644 index 0000000000..a944d005ca --- /dev/null +++ b/kustomize/base/flyte/dependencies/redis/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- deployment.yaml +- service.yaml diff --git a/kustomize/base/flyte/dependencies/redis/service.yaml b/kustomize/base/flyte/dependencies/redis/service.yaml new file mode 100644 index 0000000000..8c86264ae3 --- /dev/null +++ b/kustomize/base/flyte/dependencies/redis/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP diff --git a/kustomize/base/flyte/dependencies/storage/kustomization.yaml b/kustomize/base/flyte/dependencies/storage/kustomization.yaml new file mode 100644 index 0000000000..9a80610c4e --- /dev/null +++ b/kustomize/base/flyte/dependencies/storage/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- storage.yaml diff --git a/kustomize/base/flyte/dependencies/storage/storage.yaml b/kustomize/base/flyte/dependencies/storage/storage.yaml new file mode 100644 index 0000000000..d0ac2d0390 --- /dev/null +++ b/kustomize/base/flyte/dependencies/storage/storage.yaml @@ -0,0 +1,63 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: minio + namespace: flyte +spec: + selector: + matchLabels: + app: minio + template: + metadata: + labels: + app: minio + spec: + volumes: + - name: minio-storage + emptyDir: {} + containers: + - image: "minio/minio:RELEASE.2019-06-04T01-15-58Z" + name: minio + env: + - name: MINIO_ACCESS_KEY + value: minio + - name: MINIO_SECRET_KEY + value: miniostorage + args: + - server + - /data + ports: + - containerPort: 9000 + name: minio + volumeMounts: + - name: minio-storage + mountPath: /data +--- +apiVersion: v1 +kind: Service +metadata: + name: minio + namespace: flyte +spec: + externalName: minio + ports: + - port: 9000 + selector: + app: minio +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: minio + namespace: flyte + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" +spec: + rules: + - http: + paths: + - path: /minio + backend: + serviceName: minio + servicePort: 9000 diff --git a/kustomize/base/flyte/kustomization.yaml b/kustomize/base/flyte/kustomization.yaml index 5b9d448ea2..9c1b3860cb 100644 --- a/kustomize/base/flyte/kustomization.yaml +++ b/kustomize/base/flyte/kustomization.yaml @@ -1,6 +1,10 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: flyte-test + +# Override the namespace +namespace: flyte + +# Images that should be used images: # FlyteAdmin - name: flyteadmin # match images with this name @@ -8,7 +12,7 @@ images: newName: docker.io/lyft/flyteadmin # override the name # FlytePropeller - name: flytepropeller # match images with this name - newTag: 0.3.12 # override the tag + newTag: v0.3.12 # override the tag newName: docker.io/lyft/flytepropeller # override the name # Flyte DataCatalog - name: datacatalog # match images with this name @@ -18,15 +22,17 @@ images: - name: flyteconsole # match images with this name newTag: v0.11.0 # override the tag newName: docker.io/lyft/flyteconsole # override the name + +# All the resources that make up the deployment resources: # global resources - ../namespace -- ../../dependencies/database -- ../../dependencies/storage +- ./dependencies/database +- ./dependencies/storage # user plane / control plane resources - ../ingress -- ../../dependencies/contour_ingress_controller +- ./dependencies/contour_ingress_controller - ../admindeployment - ../datacatalog - ../console @@ -36,5 +42,40 @@ resources: - ../operators/spark - ../adminserviceaccount - ../propeller -- ../../dependencies/redis +- ./dependencies/redis + +configMapGenerator: +# the main admin configmap +- name: flyte-admin-config + files: + - ./config/admin.yaml + - ./config/db.yaml + - ./config/storage.yaml + - ./config/logger.yaml +# cluster resource templates +- name: clusterresource-template + files: +# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". + - ./config/clusterresource-templates/aa_namespace.yaml + - ./config/clusterresource-templates/ab_project-resource-quota.yaml + - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + - ./config/clusterresource-templates/ad_spark-role.yaml + - ./config/clusterresource-templates/ae_spark-service-account.yaml + - ./config/clusterresource-templates/af_spark-role-binding.yaml +# Flyte Propeller Configuration +- name: flyte-propeller-config + files: + - ./config/propeller.yaml + - ./config/storage.yaml + - ./config/logger.yaml +# Flyte Console Configuration +#- name: flyte-console-config +# files: +# - ./config/console.yaml + +- name: datacatalog-config + files: + - ./config/datacatalog.yaml + - ./config/storage.yaml + - ./config/logger.yaml diff --git a/kustomize/base/propeller/deployment.yaml b/kustomize/base/propeller/deployment.yaml index 1634408b75..e5074b4218 100644 --- a/kustomize/base/propeller/deployment.yaml +++ b/kustomize/base/propeller/deployment.yaml @@ -26,9 +26,6 @@ spec: - name: config-volume configMap: name: flyte-propeller-config - - name: plugin-config-volume - configMap: - name: flyte-plugin-config containers: - name: flytepropeller image: flytepropeller:v0.3.12 @@ -36,7 +33,7 @@ spec: - flytepropeller args: - --config - - /etc/flyte/config*/config.yaml + - /etc/flyte/config/*.yaml env: - name: POD_NAME valueFrom: @@ -48,5 +45,3 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/flyte/config - - name: plugin-config-volume - mountPath: /etc/flyte/config-plugin From 23321c7d74d0a8a96b2837cc162ddd4f3e01a81f Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 14 Sep 2020 22:16:57 -0700 Subject: [PATCH 03/41] Any namespace complete deployment --- kustomize/base/admindeployment/cron.yaml | 30 +++++++++ .../base/admindeployment/deployment.yaml | 18 ++++++ kustomize/base/flyte/admin/deployment.yaml | 62 +++++++++++++++++++ kustomize/base/flyte/admin/kustomization.yaml | 5 ++ .../base/flyte/config/plugins/copilot.yaml | 1 + .../flyte/dependencies/redis/deployment.yaml | 3 + kustomize/base/flyte/kustomization.yaml | 11 +++- .../base/operators/spark/kustomization.yaml | 11 +++- kustomize/base/operators/spark/webhook.yaml | 4 +- 9 files changed, 140 insertions(+), 5 deletions(-) create mode 100644 kustomize/base/admindeployment/cron.yaml create mode 100644 kustomize/base/flyte/admin/deployment.yaml create mode 100644 kustomize/base/flyte/admin/kustomization.yaml diff --git a/kustomize/base/admindeployment/cron.yaml b/kustomize/base/admindeployment/cron.yaml new file mode 100644 index 0000000000..eaf458660f --- /dev/null +++ b/kustomize/base/admindeployment/cron.yaml @@ -0,0 +1,30 @@ +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: syncresources + namespace: flyte +spec: + schedule: "*/1 * * * *" + jobTemplate: + spec: + template: + spec: + serviceAccountName: flyteadmin + containers: + - name: sync-cluster-resources + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] + volumeMounts: + - name: resource-templates + mountPath: /etc/flyte/clusterresource/templates + - name: config-volume + mountPath: /etc/flyte/config + volumes: + - name: resource-templates + configMap: + name: clusterresource-template + - name: config-volume + configMap: + name: flyte-admin-config + restartPolicy: OnFailure diff --git a/kustomize/base/admindeployment/deployment.yaml b/kustomize/base/admindeployment/deployment.yaml index 9e613e2fe7..337c09eaa8 100644 --- a/kustomize/base/admindeployment/deployment.yaml +++ b/kustomize/base/admindeployment/deployment.yaml @@ -37,6 +37,24 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/flyte/config + # Optional, These just seed the project - TODO move them to only + - name: seed-projects + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", + "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] + volumeMounts: + - name: config-volume + mountPath: /etc/flyte/config + - name: sync-cluster-resources + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] + volumeMounts: + - name: resource-templates + mountPath: /etc/flyte/clusterresource/templates + - name: config-volume + mountPath: /etc/flyte/config containers: - name: flyteadmin image: flyteadmin:v0.3.5 diff --git a/kustomize/base/flyte/admin/deployment.yaml b/kustomize/base/flyte/admin/deployment.yaml new file mode 100644 index 0000000000..7d86ee0ba1 --- /dev/null +++ b/kustomize/base/flyte/admin/deployment.yaml @@ -0,0 +1,62 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: flyteadmin + namespace: flyte +spec: + template: + spec: + volumes: + - name: resource-templates + configMap: + name: clusterresource-template + initContainers: + - name: check-db-ready + image: postgres:10.1 + command: ['sh', '-c', + 'until pg_isready -h postgres -p 5432; + do echo waiting for database; sleep 2; done;'] + - name: run-migrations + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", + "migrate", "run"] + volumeMounts: + - name: config-volume + mountPath: /etc/flyte/config + - name: seed-projects + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", + "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] + volumeMounts: + - name: config-volume + mountPath: /etc/flyte/config + - name: sync-cluster-resources + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "clusterresource", "sync"] + volumeMounts: + - name: resource-templates + mountPath: /etc/flyte/clusterresource/templates + - name: config-volume + mountPath: /etc/flyte/config + containers: + - name: flyteadmin + resources: + limits: + memory: "200Mi" + cpu: "0.1" + ephemeral-storage: "100Mi" +--- +apiVersion: v1 +kind: Service +metadata: + name: flyteadmin + namespace: flyte +spec: + ports: + - name: redoc + protocol: TCP + port: 87 + targetPort: 8087 diff --git a/kustomize/base/flyte/admin/kustomization.yaml b/kustomize/base/flyte/admin/kustomization.yaml new file mode 100644 index 0000000000..d19381398a --- /dev/null +++ b/kustomize/base/flyte/admin/kustomization.yaml @@ -0,0 +1,5 @@ +bases: +- ../../admindeployment + +patches: +- deployment.yaml diff --git a/kustomize/base/flyte/config/plugins/copilot.yaml b/kustomize/base/flyte/config/plugins/copilot.yaml index 9b445ba31a..247096e82f 100644 --- a/kustomize/base/flyte/config/plugins/copilot.yaml +++ b/kustomize/base/flyte/config/plugins/copilot.yaml @@ -1,4 +1,5 @@ plugins: + k8s: co-pilot: name: "flyte-copilot-" image: "docker.io/lyft/flytecopilot:v0.3.35" diff --git a/kustomize/base/flyte/dependencies/redis/deployment.yaml b/kustomize/base/flyte/dependencies/redis/deployment.yaml index 6d02c0faac..82067d702b 100644 --- a/kustomize/base/flyte/dependencies/redis/deployment.yaml +++ b/kustomize/base/flyte/dependencies/redis/deployment.yaml @@ -54,3 +54,6 @@ spec: name: redis-data dnsPolicy: ClusterFirst restartPolicy: Always + volumes: + - name: redis-data + emptyDir: {} diff --git a/kustomize/base/flyte/kustomization.yaml b/kustomize/base/flyte/kustomization.yaml index 9c1b3860cb..5388a70460 100644 --- a/kustomize/base/flyte/kustomization.yaml +++ b/kustomize/base/flyte/kustomization.yaml @@ -33,7 +33,7 @@ resources: # user plane / control plane resources - ../ingress - ./dependencies/contour_ingress_controller -- ../admindeployment +- ./admin/ - ../datacatalog - ../console @@ -52,6 +52,7 @@ configMapGenerator: - ./config/db.yaml - ./config/storage.yaml - ./config/logger.yaml + # cluster resource templates - name: clusterresource-template files: @@ -62,10 +63,17 @@ configMapGenerator: - ./config/clusterresource-templates/ad_spark-role.yaml - ./config/clusterresource-templates/ae_spark-service-account.yaml - ./config/clusterresource-templates/af_spark-role-binding.yaml + # Flyte Propeller Configuration - name: flyte-propeller-config files: - ./config/propeller.yaml + - ./config/enabled_plugins.yaml + - ./config/plugins/copilot.yaml + - ./config/plugins/k8s.yaml + - ./config/plugins/qubole.yaml + - ./config/plugins/spark.yaml + - ./config/plugins/task_logs.yaml - ./config/storage.yaml - ./config/logger.yaml # Flyte Console Configuration @@ -73,7 +81,6 @@ configMapGenerator: # files: # - ./config/console.yaml - - name: datacatalog-config files: - ./config/datacatalog.yaml diff --git a/kustomize/base/operators/spark/kustomization.yaml b/kustomize/base/operators/spark/kustomization.yaml index cf6196b829..235095cf3b 100644 --- a/kustomize/base/operators/spark/kustomization.yaml +++ b/kustomize/base/operators/spark/kustomization.yaml @@ -2,4 +2,13 @@ resources: - spark-operator.yaml - spark-dummy-crd.yaml - deployment.yaml -- webhook.yaml \ No newline at end of file +- webhook.yaml + +vars: + - name: NAMESPACE + objref: + kind: Deployment + name: sparkoperator + apiVersion: apps/v1 + fieldref: + fieldpath: metadata.namespace diff --git a/kustomize/base/operators/spark/webhook.yaml b/kustomize/base/operators/spark/webhook.yaml index 58139580fc..0243bafc5e 100644 --- a/kustomize/base/operators/spark/webhook.yaml +++ b/kustomize/base/operators/spark/webhook.yaml @@ -20,7 +20,7 @@ spec: - name: main image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 imagePullPolicy: IfNotPresent - command: ["/usr/bin/gencerts.sh","--namespace", "sparkoperator", "-p"] + command: ["/usr/bin/gencerts.sh","--namespace", "$(NAMESPACE)", "-p"] --- kind: Service apiVersion: v1 @@ -34,4 +34,4 @@ spec: name: webhook selector: app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 \ No newline at end of file + app.kubernetes.io/version: v2.4.0-v1beta1 From 8b2623174c53d6c9c7bc4adaba356b1f3192543f Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 14 Sep 2020 22:36:48 -0700 Subject: [PATCH 04/41] more components --- .../{ => clustersync}/cron.yaml | 2 +- .../clustersync/kustomization.yaml | 4 + .../base/admindeployment/config/admin.yaml | 61 - .../aa_namespace.yaml | 7 - .../ab_project-resource-quota.yaml | 10 - .../ac_project-copilot-dataconfig.yaml | 18 - .../ad_spark-role.yaml | 24 - .../ae_spark-service-account.yaml | 5 - .../af_spark-role-binding.yaml | 14 - kustomize/base/admindeployment/config/db.yaml | 6 - .../base/admindeployment/config/logger.yaml | 3 - .../base/admindeployment/config/storage.yaml | 11 - kustomize/base/flyte/admin/kustomization.yaml | 1 + kustomize/base/flyte/kustomization.yaml | 40 +- kustomize/base/flyte/test.yaml | 4871 +++++++++++++++++ 15 files changed, 4907 insertions(+), 170 deletions(-) rename kustomize/base/admindeployment/{ => clustersync}/cron.yaml (92%) create mode 100644 kustomize/base/admindeployment/clustersync/kustomization.yaml delete mode 100644 kustomize/base/admindeployment/config/admin.yaml delete mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml delete mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml delete mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml delete mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml delete mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml delete mode 100644 kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml delete mode 100644 kustomize/base/admindeployment/config/db.yaml delete mode 100644 kustomize/base/admindeployment/config/logger.yaml delete mode 100644 kustomize/base/admindeployment/config/storage.yaml create mode 100644 kustomize/base/flyte/test.yaml diff --git a/kustomize/base/admindeployment/cron.yaml b/kustomize/base/admindeployment/clustersync/cron.yaml similarity index 92% rename from kustomize/base/admindeployment/cron.yaml rename to kustomize/base/admindeployment/clustersync/cron.yaml index eaf458660f..0205498005 100644 --- a/kustomize/base/admindeployment/cron.yaml +++ b/kustomize/base/admindeployment/clustersync/cron.yaml @@ -14,7 +14,7 @@ spec: - name: sync-cluster-resources image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "clusterresource", "sync"] volumeMounts: - name: resource-templates mountPath: /etc/flyte/clusterresource/templates diff --git a/kustomize/base/admindeployment/clustersync/kustomization.yaml b/kustomize/base/admindeployment/clustersync/kustomization.yaml new file mode 100644 index 0000000000..bf93dcbfe2 --- /dev/null +++ b/kustomize/base/admindeployment/clustersync/kustomization.yaml @@ -0,0 +1,4 @@ +resources: +- cron.yaml + + diff --git a/kustomize/base/admindeployment/config/admin.yaml b/kustomize/base/admindeployment/config/admin.yaml deleted file mode 100644 index 6e775c6c54..0000000000 --- a/kustomize/base/admindeployment/config/admin.yaml +++ /dev/null @@ -1,61 +0,0 @@ -server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" -flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin -remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 -task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi -domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production -cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml deleted file mode 100644 index 3075aa9f9e..0000000000 --- a/kustomize/base/admindeployment/config/clusterresource-templates/aa_namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: {{ namespace }} -spec: - finalizers: - - kubernetes diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml deleted file mode 100644 index ddfade3c29..0000000000 --- a/kustomize/base/admindeployment/config/clusterresource-templates/ab_project-resource-quota.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ResourceQuota -metadata: - name: project-quota - namespace: {{ namespace }} -spec: - hard: - limits.cpu: {{ projectQuotaCpu }} - limits.memory: {{ projectQuotaMemory }} - diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml deleted file mode 100644 index cc17cb58a7..0000000000 --- a/kustomize/base/admindeployment/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml +++ /dev/null @@ -1,18 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: flyte-data-config - namespace: {{ namespace }} -data: - config.yaml: | - storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket - enable-multicontainer: true diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml deleted file mode 100644 index 2dc0b21b65..0000000000 --- a/kustomize/base/admindeployment/config/clusterresource-templates/ad_spark-role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: Role -metadata: - name: spark-role - namespace: {{ namespace }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml deleted file mode 100644 index dddd8d2742..0000000000 --- a/kustomize/base/admindeployment/config/clusterresource-templates/ae_spark-service-account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: spark - namespace: {{ namespace }} diff --git a/kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml deleted file mode 100644 index 4b6c43bbb7..0000000000 --- a/kustomize/base/admindeployment/config/clusterresource-templates/af_spark-role-binding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: RoleBinding -metadata: - name: spark-role-binding - namespace: {{ namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: spark-role -subjects: -- kind: ServiceAccount - name: spark - namespace: {{ namespace }} - diff --git a/kustomize/base/admindeployment/config/db.yaml b/kustomize/base/admindeployment/config/db.yaml deleted file mode 100644 index c71ee6e4bb..0000000000 --- a/kustomize/base/admindeployment/config/db.yaml +++ /dev/null @@ -1,6 +0,0 @@ -database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable diff --git a/kustomize/base/admindeployment/config/logger.yaml b/kustomize/base/admindeployment/config/logger.yaml deleted file mode 100644 index abe53e7359..0000000000 --- a/kustomize/base/admindeployment/config/logger.yaml +++ /dev/null @@ -1,3 +0,0 @@ -logger: - show-source: true - level: 5 diff --git a/kustomize/base/admindeployment/config/storage.yaml b/kustomize/base/admindeployment/config/storage.yaml deleted file mode 100644 index 16e6f52755..0000000000 --- a/kustomize/base/admindeployment/config/storage.yaml +++ /dev/null @@ -1,11 +0,0 @@ -storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - diff --git a/kustomize/base/flyte/admin/kustomization.yaml b/kustomize/base/flyte/admin/kustomization.yaml index d19381398a..91d0bffa07 100644 --- a/kustomize/base/flyte/admin/kustomization.yaml +++ b/kustomize/base/flyte/admin/kustomization.yaml @@ -1,5 +1,6 @@ bases: - ../../admindeployment +- ../../admindeployment/clustersync patches: - deployment.yaml diff --git a/kustomize/base/flyte/kustomization.yaml b/kustomize/base/flyte/kustomization.yaml index 5388a70460..067acb882a 100644 --- a/kustomize/base/flyte/kustomization.yaml +++ b/kustomize/base/flyte/kustomization.yaml @@ -27,23 +27,42 @@ images: resources: # global resources - ../namespace -- ./dependencies/database -- ./dependencies/storage - -# user plane / control plane resources - ../ingress -- ./dependencies/contour_ingress_controller - ./admin/ - ../datacatalog - ../console - -# data plane resources - ../wf_crd -- ../operators/spark -- ../adminserviceaccount - ../propeller +- ../adminserviceaccount + ######## + # Operators to be enabled +- ../operators/spark +- ../operators/sagemaker +- ../operators/kfoperators/pytorch + #- ../operators/kfoperators/tensorflow + ########### + # Used to store data. In production use hosted SQL Servers - e.g. Postgres (AWS RDS), Aurora postgres (AWS RDS), CLOUDSQL (GCP) etc +- ./dependencies/database + ########## + # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc +- ./dependencies/storage + ##### + # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) - ./dependencies/redis + ###### + # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's +- ./dependencies/contour_ingress_controller +############################################## +# Generate Configs +# For each component exactly one config is generated +# For every component required configs are +# 1. logger.yaml +# 2. storage.yaml +# 3. component.yaml +# +# db.yaml is required for FlyteAdmin and DataCatalog +# ############################################ configMapGenerator: # the main admin configmap - name: flyte-admin-config @@ -76,7 +95,8 @@ configMapGenerator: - ./config/plugins/task_logs.yaml - ./config/storage.yaml - ./config/logger.yaml -# Flyte Console Configuration + +# TODO Flyte Console Configuration #- name: flyte-console-config # files: # - ./config/console.yaml diff --git a/kustomize/base/flyte/test.yaml b/kustomize/base/flyte/test.yaml new file mode 100644 index 0000000000..0ef77d3408 --- /dev/null +++ b/kustomize/base/flyte/test.yaml @@ -0,0 +1,4871 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: flyte +spec: + finalizers: + - kubernetes +status: + phase: Active +--- +apiVersion: v1 +kind: Namespace +metadata: + name: heptio-contour +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: sagemaker-k8s-operator-system +--- +apiVersion: v1 +kind: Namespace +metadata: + name: sparkoperator +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: batchtransformjobs.sagemaker.aws.amazon.com +spec: + additionalPrinterColumns: + - JSONPath: .status.transformJobStatus + name: Status + type: string + - JSONPath: .metadata.creationTimestamp + format: date + name: Creation-Time + type: string + - JSONPath: .status.sageMakerTransformJobName + name: Sagemaker-Job-Name + type: string + group: sagemaker.aws.amazon.com + names: + kind: BatchTransformJob + plural: batchtransformjobs + scope: "" + subresources: + status: {} + validation: + openAPIV3Schema: + description: BatchTransformJob is the Schema for the batchtransformjobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + type: string + creationTimestamp: + description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." + properties: + pending: + description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. + items: + properties: + name: + description: name of the process that is responsible for initializing this object. + type: string + required: + - name + type: object + type: array + result: + description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, 0 if not set. + format: int32 + type: integer + details: + description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. + properties: + causes: + description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. + items: + properties: + field: + description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + type: string + message: + description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description of the cause of the error. If this value is empty there is no information available. + type: string + type: object + type: array + group: + description: The group attribute of the resource associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status of this operation. + type: string + metadata: + description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + properties: + continue: + description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. Populated by the system. Read-only. + type: string + type: object + reason: + description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + managedFields: + description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." + items: + properties: + apiVersion: + description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: Manager is an identifier of the workflow managing these fields. + type: string + operation: + description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated by the system. Read-only. + type: string + uid: + description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + spec: + properties: + batchStrategy: + type: string + dataProcessing: + properties: + JoinSource: + type: string + OutputFilter: + type: string + inputFilter: + type: string + type: object + environment: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + maxConcurrentTransforms: + format: int64 + type: integer + maxPayloadInMB: + format: int64 + type: integer + modelName: + type: string + region: + minLength: 1 + type: string + sageMakerEndpoint: + description: A custom SageMaker endpoint to use when communicating with SageMaker. + pattern: ^(https|http)://.*$ + type: string + tags: + items: + properties: + key: + minLength: 1 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + transformInput: + properties: + compressionType: + enum: + - None + - Gzip + type: string + contentType: + type: string + dataSource: + properties: + s3DataSource: + properties: + s3DataType: + enum: + - S3Prefix + - ManifestFile + - AugmentedManifestFile + type: string + s3Uri: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3DataType + - s3Uri + type: object + required: + - s3DataSource + type: object + splitType: + type: string + required: + - dataSource + type: object + transformJobName: + description: The SageMaker batchtransform job name. This is optional for the SageMaker K8s operator. If it is empty, the operator will populate it with a generated name. + maxLength: 63 + type: string + transformOutput: + properties: + accept: + type: string + assembleWith: + type: string + kmsKeyId: + type: string + s3OutputPath: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3OutputPath + type: object + transformResources: + properties: + instanceCount: + format: int64 + minimum: 1 + type: integer + instanceType: + description: Transform job has separate instance type called TransformInstanceType Keeping it string + minLength: 1 + type: string + volumeKmsKeyId: + type: string + required: + - instanceCount + - instanceType + type: object + required: + - modelName + - transformInput + - transformOutput + - transformResources + - region + type: object + status: + properties: + additional: + description: Field to store additional information, for example if we are unable to check the status we update this. + type: string + lastCheckTime: + description: The last time that we checked the status of the SageMaker job. + format: date-time + type: string + sageMakerTransformJobName: + description: SageMaker TransformJobName job name + type: string + transformJobStatus: + description: The status of the transform job. https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeTransformJob.html + type: string + type: object + type: object + versions: + - name: v1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: endpointconfigs.sagemaker.aws.amazon.com +spec: + additionalPrinterColumns: + - JSONPath: .status.status + name: Status + type: string + - JSONPath: .status.sageMakerEndpointConfigName + name: Sage-Maker-EndpointConfig-Name + type: string + group: sagemaker.aws.amazon.com + names: + kind: EndpointConfig + plural: endpointconfigs + scope: "" + subresources: + status: {} + validation: + openAPIV3Schema: + description: EndpointConfig is the Schema for the hostingdeployments API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + type: string + creationTimestamp: + description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." + properties: + pending: + description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. + items: + properties: + name: + description: name of the process that is responsible for initializing this object. + type: string + required: + - name + type: object + type: array + result: + description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, 0 if not set. + format: int32 + type: integer + details: + description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. + properties: + causes: + description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. + items: + properties: + field: + description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + type: string + message: + description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description of the cause of the error. If this value is empty there is no information available. + type: string + type: object + type: array + group: + description: The group attribute of the resource associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status of this operation. + type: string + metadata: + description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + properties: + continue: + description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. Populated by the system. Read-only. + type: string + type: object + reason: + description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + managedFields: + description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." + items: + properties: + apiVersion: + description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: Manager is an identifier of the workflow managing these fields. + type: string + operation: + description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated by the system. Read-only. + type: string + uid: + description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + spec: + properties: + kmsKeyId: + type: string + productionVariants: + items: + properties: + acceleratorType: + type: string + initialInstanceCount: + format: int64 + minimum: 1 + type: integer + initialVariantWeight: + description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. + format: int64 + type: integer + instanceType: + type: string + modelName: + minLength: 1 + type: string + variantName: + minLength: 1 + type: string + required: + - initialInstanceCount + - instanceType + - modelName + - variantName + type: object + minItems: 1 + type: array + region: + type: string + sageMakerEndpoint: + type: string + tags: + items: + properties: + key: + minLength: 1 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + required: + - productionVariants + - region + type: object + status: + properties: + additional: + description: Field to store additional information, for example if we are unable to check the status in sagemaker we update this. + type: string + endpointConfigArn: + description: The EndpointConfig ARN of the SageMaker EndpointConfig + type: string + lastUpdateTime: + description: The last time this status was updated. + format: date-time + type: string + sageMakerEndpointConfigName: + description: The name of the EndpointConfig in SageMaker. + type: string + status: + description: The status of the EndpointConfig + type: string + type: object + type: object + versions: + - name: v1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: flyteworkflows.flyte.lyft.com +spec: + group: flyte.lyft.com + names: + kind: FlyteWorkflow + plural: flyteworkflows + shortNames: + - fly + singular: flyteworkflow + scope: Namespaced + version: v1alpha1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: hostingdeployments.sagemaker.aws.amazon.com +spec: + additionalPrinterColumns: + - JSONPath: .status.endpointStatus + name: Status + type: string + - JSONPath: .status.endpointName + name: Sagemaker-endpoint-name + type: string + group: sagemaker.aws.amazon.com + names: + kind: HostingDeployment + plural: hostingdeployments + scope: "" + subresources: + status: {} + validation: + openAPIV3Schema: + description: HostingDeployment is the Schema for the hostingdeployments API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + type: string + creationTimestamp: + description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." + properties: + pending: + description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. + items: + properties: + name: + description: name of the process that is responsible for initializing this object. + type: string + required: + - name + type: object + type: array + result: + description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, 0 if not set. + format: int32 + type: integer + details: + description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. + properties: + causes: + description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. + items: + properties: + field: + description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + type: string + message: + description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description of the cause of the error. If this value is empty there is no information available. + type: string + type: object + type: array + group: + description: The group attribute of the resource associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status of this operation. + type: string + metadata: + description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + properties: + continue: + description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. Populated by the system. Read-only. + type: string + type: object + reason: + description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + managedFields: + description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." + items: + properties: + apiVersion: + description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: Manager is an identifier of the workflow managing these fields. + type: string + operation: + description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated by the system. Read-only. + type: string + uid: + description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + spec: + properties: + kmsKeyId: + type: string + models: + items: + properties: + containers: + items: + properties: + containerHostname: + type: string + environment: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + image: + type: string + modelDataUrl: + type: string + modelPackageName: + type: string + type: object + minItems: 1 + type: array + enableNetworkIsolation: + type: boolean + executionRoleArn: + minLength: 20 + type: string + name: + type: string + primaryContainer: + type: string + vpcConfig: + properties: + securityGroupIds: + items: + type: string + minItems: 1 + type: array + subnets: + items: + type: string + minItems: 1 + type: array + required: + - securityGroupIds + - subnets + type: object + required: + - name + - executionRoleArn + type: object + type: array + productionVariants: + items: + properties: + acceleratorType: + type: string + initialInstanceCount: + format: int64 + minimum: 1 + type: integer + initialVariantWeight: + description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. + format: int64 + type: integer + instanceType: + type: string + modelName: + minLength: 1 + type: string + variantName: + minLength: 1 + type: string + required: + - initialInstanceCount + - instanceType + - modelName + - variantName + type: object + minItems: 1 + type: array + region: + minLength: 1 + type: string + sageMakerEndpoint: + description: A custom SageMaker endpoint to use when communicating with SageMaker. + pattern: ^(https|http)://.*$ + type: string + tags: + items: + properties: + key: + minLength: 1 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + required: + - region + - productionVariants + - models + type: object + status: + properties: + additional: + description: This field contains additional information about failures. + type: string + creationTime: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-CreationTime + format: date-time + type: string + endpointArn: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-EndpointArn + type: string + endpointConfigName: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpoint.html#SageMaker-CreateEndpoint-request-EndpointConfigName + type: string + endpointName: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpoint.html#SageMaker-CreateEndpoint-request-EndpointName + type: string + endpointStatus: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-EndpointStatus + type: string + endpointUrl: + type: string + failureReason: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-FailureReason + type: string + lastCheckTime: + format: date-time + type: string + lastModifiedTime: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#API_DescribeEndpoint_ResponseSyntax + format: date-time + type: string + modelNames: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + productionVariants: + description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariantSummary.html + items: + properties: + currentInstanceCount: + format: int64 + type: integer + currentWeight: + description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. + format: int64 + type: integer + deployedImages: + items: + properties: + resolutionTime: + format: date-time + type: string + resolvedImage: + type: string + specifiedImage: + type: string + type: object + type: array + desiredInstanceCount: + format: int64 + type: integer + desiredWeight: + description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. + format: int64 + type: integer + variantName: + type: string + required: + - variantName + type: object + type: array + type: object + type: object + versions: + - name: v1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: hyperparametertuningjobs.sagemaker.aws.amazon.com +spec: + additionalPrinterColumns: + - JSONPath: .status.hyperParameterTuningJobStatus + name: Status + type: string + - JSONPath: .metadata.creationTimestamp + format: date + name: Creation-Time + type: string + - JSONPath: .status.trainingJobStatusCounters.completed + format: int64 + name: Completed + type: number + - JSONPath: .status.trainingJobStatusCounters.inProgress + format: int64 + name: InProgress + type: number + - JSONPath: .status.trainingJobStatusCounters.totalError + format: int64 + name: Errors + type: number + - JSONPath: .status.trainingJobStatusCounters.stopped + format: int64 + name: Stopped + type: number + - JSONPath: .status.bestTrainingJob.trainingJobName + name: Best-Training-Job + type: string + - JSONPath: .status.sageMakerHyperParameterTuningJobName + name: Sagemaker-Job-Name + type: string + group: sagemaker.aws.amazon.com + names: + kind: HyperparameterTuningJob + plural: hyperparametertuningjobs + scope: "" + subresources: + status: {} + validation: + openAPIV3Schema: + description: HyperparameterTuningJob is the Schema for the hyperparametertuningjobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + type: string + creationTimestamp: + description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." + properties: + pending: + description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. + items: + properties: + name: + description: name of the process that is responsible for initializing this object. + type: string + required: + - name + type: object + type: array + result: + description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, 0 if not set. + format: int32 + type: integer + details: + description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. + properties: + causes: + description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. + items: + properties: + field: + description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + type: string + message: + description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description of the cause of the error. If this value is empty there is no information available. + type: string + type: object + type: array + group: + description: The group attribute of the resource associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status of this operation. + type: string + metadata: + description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + properties: + continue: + description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. Populated by the system. Read-only. + type: string + type: object + reason: + description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + managedFields: + description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." + items: + properties: + apiVersion: + description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: Manager is an identifier of the workflow managing these fields. + type: string + operation: + description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated by the system. Read-only. + type: string + uid: + description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + spec: + properties: + hyperParameterTuningJobConfig: + properties: + hyperParameterTuningJobObjective: + properties: + metricName: + minLength: 1 + type: string + type: + type: string + required: + - metricName + - type + type: object + parameterRanges: + properties: + categoricalParameterRanges: + items: + properties: + name: + type: string + values: + items: + type: string + minItems: 1 + type: array + required: + - name + - values + type: object + type: array + continuousParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + required: + - maxValue + - minValue + - name + - scalingType + type: object + type: array + integerParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + required: + - maxValue + - minValue + - name + - scalingType + type: object + type: array + type: object + resourceLimits: + properties: + maxNumberOfTrainingJobs: + format: int64 + minimum: 1 + type: integer + maxParallelTrainingJobs: + format: int64 + minimum: 1 + type: integer + required: + - maxNumberOfTrainingJobs + - maxParallelTrainingJobs + type: object + strategy: + type: string + trainingJobEarlyStoppingType: + type: string + required: + - resourceLimits + - strategy + type: object + hyperParameterTuningJobName: + type: string + region: + minLength: 1 + type: string + sageMakerEndpoint: + description: A custom SageMaker endpoint to use when communicating with SageMaker. + pattern: ^(https|http)://.*$ + type: string + tags: + items: + properties: + key: + minLength: 1 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + trainingJobDefinition: + properties: + algorithmSpecification: + properties: + algorithmName: + minLength: 1 + type: string + metricDefinitions: + items: + properties: + name: + minLength: 1 + type: string + regex: + minLength: 1 + type: string + required: + - name + - regex + type: object + type: array + trainingImage: + type: string + trainingInputMode: + enum: + - File + - Pipe + type: string + required: + - trainingInputMode + type: object + checkpointConfig: + properties: + localPath: + type: string + s3Uri: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3Uri + type: object + enableInterContainerTrafficEncryption: + type: boolean + enableManagedSpotTraining: + type: boolean + enableNetworkIsolation: + type: boolean + inputDataConfig: + items: + properties: + channelName: + minLength: 1 + pattern: '[A-Za-z0-9\.\-_]+' + type: string + compressionType: + enum: + - None + - Gzip + type: string + contentType: + type: string + dataSource: + properties: + fileSystemDataSource: + properties: + directoryPath: + type: string + fileSystemAccessMode: + type: string + fileSystemId: + type: string + fileSystemType: + type: string + required: + - directoryPath + - fileSystemAccessMode + - fileSystemId + - fileSystemType + type: object + s3DataSource: + properties: + attributeNames: + items: + type: string + type: array + s3DataDistributionType: + enum: + - FullyReplicated + - ShardedByS3Key + type: string + s3DataType: + enum: + - S3Prefix + - ManifestFile + - AugmentedManifestFile + type: string + s3Uri: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3DataType + - s3Uri + type: object + type: object + inputMode: + enum: + - Pipe + - File + type: string + recordWrapperType: + type: string + shuffleConfig: + properties: + seed: + format: int64 + type: integer + required: + - seed + type: object + required: + - channelName + - dataSource + type: object + minItems: 1 + type: array + outputDataConfig: + properties: + kmsKeyId: + type: string + s3OutputPath: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3OutputPath + type: object + resourceConfig: + properties: + instanceCount: + format: int64 + minimum: 1 + type: integer + instanceType: + minLength: 1 + type: string + volumeKmsKeyId: + type: string + volumeSizeInGB: + format: int64 + minimum: 1 + type: integer + required: + - instanceCount + - instanceType + - volumeSizeInGB + type: object + roleArn: + minLength: 20 + type: string + staticHyperParameters: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + minimum: 1 + type: integer + maxWaitTimeInSeconds: + format: int64 + minimum: 1 + type: integer + type: object + vpcConfig: + properties: + securityGroupIds: + items: + type: string + minItems: 1 + type: array + subnets: + items: + type: string + minItems: 1 + type: array + required: + - securityGroupIds + - subnets + type: object + required: + - algorithmSpecification + - outputDataConfig + - resourceConfig + - roleArn + - stoppingCondition + type: object + warmStartConfig: + properties: + parentHyperParameterTuningJobs: + items: + properties: + hyperParameterTuningJobName: + minLength: 1 + type: string + type: object + minItems: 1 + type: array + warmStartType: + type: string + required: + - parentHyperParameterTuningJobs + - warmStartType + type: object + required: + - hyperParameterTuningJobConfig + - region + type: object + status: + properties: + additional: + description: Field to store additional information, for example if we are unable to check the status we update this. + type: string + bestTrainingJob: + description: A HyperParameterTrainingJobSummary object that describes the training job that completed with the best current HyperParameterTuningJobObjective. See https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeHyperParameterTuningJob.html#SageMaker-DescribeHyperParameterTuningJob-response-BestTrainingJob + properties: + creationTime: + format: date-time + type: string + failureReason: + type: string + finalHyperParameterTuningJobObjectiveMetric: + properties: + metricName: + type: string + type: + type: string + value: + description: Value is string instead of float64 to prevent bugs when deserializing onto different platforms. + type: string + type: object + objectiveStatus: + type: string + trainingEndTime: + format: date-time + type: string + trainingJobArn: + type: string + trainingJobName: + type: string + trainingJobStatus: + type: string + trainingStartTime: + format: date-time + type: string + tunedHyperParameters: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + tuningJobName: + type: string + type: object + hyperParameterTuningJobStatus: + description: The status of HyperParameterTrainingJob https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeHyperParameterTuningJob.html#SageMaker-DescribeHyperParameterTuningJob-response-HyperParameterTuningJobStatus + type: string + lastCheckTime: + description: The last time that we checked the status of the SageMaker job. + format: date-time + type: string + sageMakerHyperParameterTuningJobName: + description: SageMaker hyperparametertuning job name + type: string + trainingJobStatusCounters: + description: The TrainingJobStatusCounters object that specifies the number of training jobs, categorized by status, that this tuning job launched. https://docs.aws.amazon.com/sagemaker/latest/dg/API_TrainingJobStatusCounters.html + properties: + completed: + description: The number of completed training jobs launched by the hyperparameter tuning job. + format: int64 + type: integer + inProgress: + description: The number of in-progress training jobs launched by a hyperparameter tuning job. + format: int64 + type: integer + nonRetryableError: + description: The number of training jobs that failed and can't be retried. A failed training job can't be retried if it failed because a client error occurred. + format: int64 + type: integer + retryableError: + description: The number of training jobs that failed, but can be retried. A failed training job can be retried only if it failed because an internal service error occurred. + format: int64 + type: integer + stopped: + description: The number of training jobs launched by a hyperparameter tuning job that were manually stopped. + format: int64 + type: integer + totalError: + description: The sum of NonRetryableError and RetryableError. This is unique to the Kubernetes operator and is used to simplify the `kubectl get` output. + format: int64 + type: integer + type: object + type: object + type: object + versions: + - name: v1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + component: ingressroute + name: ingressroutes.contour.heptio.com +spec: + additionalPrinterColumns: + - JSONPath: .spec.virtualhost.fqdn + description: Fully qualified domain name + name: FQDN + type: string + - JSONPath: .spec.virtualhost.tls.secretName + description: Secret with TLS credentials + name: TLS Secret + type: string + - JSONPath: .spec.routes[0].match + description: First routes defined + name: First route + type: string + - JSONPath: .status.currentStatus + description: The current status of the IngressRoute + name: Status + type: string + - JSONPath: .status.description + description: Description of the current status + name: Status Description + type: string + group: contour.heptio.com + names: + kind: IngressRoute + plural: ingressroutes + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + routes: + items: + properties: + delegate: + properties: + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + namespace: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name + type: object + match: + pattern: ^\/.*$ + type: string + services: + items: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + port: + type: integer + strategy: + enum: + - RoundRobin + - WeightedLeastRequest + - Random + - RingHash + - Maglev + type: string + weight: + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: array + strategy: + enum: + - RoundRobin + - LeastRequest + - Random + - RingHash + - Maglev + type: string + virtualhost: + properties: + aliases: + items: + pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ + type: string + type: array + fqdn: + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ + type: string + required: + - routes + version: v1beta1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: models.sagemaker.aws.amazon.com +spec: + additionalPrinterColumns: + - JSONPath: .status.status + name: Status + type: string + - JSONPath: .status.sageMakerModelName + name: Sage-Maker-Model-Name + type: string + group: sagemaker.aws.amazon.com + names: + kind: Model + plural: models + scope: "" + subresources: + status: {} + validation: + openAPIV3Schema: + description: Model is the Schema for the hostingdeployments API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + type: string + creationTimestamp: + description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." + properties: + pending: + description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. + items: + properties: + name: + description: name of the process that is responsible for initializing this object. + type: string + required: + - name + type: object + type: array + result: + description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, 0 if not set. + format: int32 + type: integer + details: + description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. + properties: + causes: + description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. + items: + properties: + field: + description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + type: string + message: + description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description of the cause of the error. If this value is empty there is no information available. + type: string + type: object + type: array + group: + description: The group attribute of the resource associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status of this operation. + type: string + metadata: + description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + properties: + continue: + description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. Populated by the system. Read-only. + type: string + type: object + reason: + description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + managedFields: + description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." + items: + properties: + apiVersion: + description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: Manager is an identifier of the workflow managing these fields. + type: string + operation: + description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated by the system. Read-only. + type: string + uid: + description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + spec: + properties: + containers: + items: + properties: + containerHostname: + type: string + environment: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + image: + type: string + modelDataUrl: + type: string + modelPackageName: + type: string + type: object + type: array + enableNetworkIsolation: + type: boolean + executionRoleArn: + type: string + primaryContainer: + properties: + containerHostname: + type: string + environment: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + image: + type: string + modelDataUrl: + type: string + modelPackageName: + type: string + type: object + region: + type: string + sageMakerEndpoint: + type: string + tags: + items: + properties: + key: + minLength: 1 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + vpcConfig: + properties: + securityGroupIds: + items: + type: string + minItems: 1 + type: array + subnets: + items: + type: string + minItems: 1 + type: array + required: + - securityGroupIds + - subnets + type: object + required: + - executionRoleArn + - region + type: object + status: + properties: + additional: + description: Field to store additional information, for example if we are unable to check the status in sagemaker we update this. + type: string + lastUpdateTime: + description: The last time this status was updated. + format: date-time + type: string + modelArn: + description: The Model ARN of the SageMaker model + type: string + sageMakerModelName: + description: The name of the model in SageMaker. + type: string + status: + description: The status of the model. + type: string + type: object + type: object + versions: + - name: v1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: pytorchjobs.kubeflow.org +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[-1:].type + name: State + type: string + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: kubeflow.org + names: + kind: PyTorchJob + plural: pytorchjobs + singular: pytorchjob + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + pytorchReplicaSpecs: + properties: + Master: + properties: + replicas: + maximum: 1 + minimum: 1 + type: integer + Worker: + properties: + replicas: + minimum: 1 + type: integer + versions: + - name: v1 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sparkapplications.sparkoperator.k8s.io +spec: + group: sparkoperator.k8s.io + names: + kind: SparkApplication + listKind: SparkApplicationList + plural: sparkapplications + shortNames: + - sparkapp + singular: sparkapplication + scope: Namespaced + version: v1beta1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: trainingjobs.sagemaker.aws.amazon.com +spec: + additionalPrinterColumns: + - JSONPath: .status.trainingJobStatus + name: Status + type: string + - JSONPath: .status.secondaryStatus + name: Secondary-Status + type: string + - JSONPath: .metadata.creationTimestamp + format: date + name: Creation-Time + type: string + - JSONPath: .status.sageMakerTrainingJobName + name: Sagemaker-Job-Name + type: string + group: sagemaker.aws.amazon.com + names: + kind: TrainingJob + plural: trainingjobs + scope: "" + subresources: + status: {} + validation: + openAPIV3Schema: + description: TrainingJob is the Schema for the trainingjobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. + type: string + creationTimestamp: + description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" + type: string + generation: + description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." + properties: + pending: + description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. + items: + properties: + name: + description: name of the process that is responsible for initializing this object. + type: string + required: + - name + type: object + type: array + result: + description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, 0 if not set. + format: int32 + type: integer + details: + description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. + properties: + causes: + description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. + items: + properties: + field: + description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" + type: string + message: + description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description of the cause of the error. If this value is empty there is no information available. + type: string + type: object + type: array + group: + description: The group attribute of the resource associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status of this operation. + type: string + metadata: + description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + properties: + continue: + description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. Populated by the system. Read-only. + type: string + type: object + reason: + description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + type: object + required: + - pending + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + managedFields: + description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." + items: + properties: + apiVersion: + description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. + type: string + fields: + additionalProperties: true + description: Fields identifies a set of fields. + type: object + manager: + description: Manager is an identifier of the workflow managing these fields. + type: string + operation: + description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. + type: string + time: + description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' + format: date-time + type: string + type: object + type: array + name: + description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. + items: + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + type: array + resourceVersion: + description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated by the system. Read-only. + type: string + uid: + description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" + type: string + type: object + spec: + properties: + algorithmSpecification: + properties: + algorithmName: + minLength: 1 + type: string + metricDefinitions: + items: + properties: + name: + minLength: 1 + type: string + regex: + minLength: 1 + type: string + required: + - name + - regex + type: object + type: array + trainingImage: + minLength: 1 + type: string + trainingInputMode: + enum: + - File + - Pipe + type: string + required: + - trainingInputMode + type: object + checkpointConfig: + properties: + localPath: + type: string + s3Uri: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3Uri + type: object + debugHookConfig: + properties: + collectionConfigurations: + items: + properties: + collectionName: + type: string + collectionParameters: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + type: object + type: array + localPath: + type: string + ruleParameters: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + s3OutputPath: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3OutputPath + type: object + debugRuleConfigurations: + items: + properties: + instanceType: + type: string + localPath: + type: string + ruleConfigurationName: + type: string + ruleEvaluatorImage: + type: string + ruleParameters: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + s3OutputPath: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + volumeSizeInGB: + format: int64 + minimum: 1 + type: integer + required: + - ruleConfigurationName + - ruleEvaluatorImage + type: object + type: array + enableInterContainerTrafficEncryption: + type: boolean + enableManagedSpotTraining: + type: boolean + enableNetworkIsolation: + type: boolean + hyperParameters: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + inputDataConfig: + items: + properties: + channelName: + minLength: 1 + pattern: '[A-Za-z0-9\.\-_]+' + type: string + compressionType: + enum: + - None + - Gzip + type: string + contentType: + type: string + dataSource: + properties: + fileSystemDataSource: + properties: + directoryPath: + type: string + fileSystemAccessMode: + type: string + fileSystemId: + type: string + fileSystemType: + type: string + required: + - directoryPath + - fileSystemAccessMode + - fileSystemId + - fileSystemType + type: object + s3DataSource: + properties: + attributeNames: + items: + type: string + type: array + s3DataDistributionType: + enum: + - FullyReplicated + - ShardedByS3Key + type: string + s3DataType: + enum: + - S3Prefix + - ManifestFile + - AugmentedManifestFile + type: string + s3Uri: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3DataType + - s3Uri + type: object + type: object + inputMode: + enum: + - Pipe + - File + type: string + recordWrapperType: + type: string + shuffleConfig: + properties: + seed: + format: int64 + type: integer + required: + - seed + type: object + required: + - channelName + - dataSource + type: object + minItems: 1 + type: array + outputDataConfig: + properties: + kmsKeyId: + type: string + s3OutputPath: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3OutputPath + type: object + region: + minLength: 1 + type: string + resourceConfig: + properties: + instanceCount: + format: int64 + minimum: 1 + type: integer + instanceType: + minLength: 1 + type: string + volumeKmsKeyId: + type: string + volumeSizeInGB: + format: int64 + minimum: 1 + type: integer + required: + - instanceCount + - instanceType + - volumeSizeInGB + type: object + roleArn: + minLength: 20 + pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ + type: string + sageMakerEndpoint: + description: A custom SageMaker endpoint to use when communicating with SageMaker. + pattern: ^(https|http)://.*$ + type: string + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + minimum: 1 + type: integer + maxWaitTimeInSeconds: + format: int64 + minimum: 1 + type: integer + type: object + tags: + items: + properties: + key: + minLength: 1 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + tensorBoardOutputConfig: + properties: + localPath: + type: string + s3OutputPath: + pattern: ^(https|s3)://([^/]+)/?(.*)$ + type: string + required: + - s3OutputPath + type: object + trainingJobName: + description: The SageMaker training job name. This is optional for the SageMaker K8s operator. If it is empty, the operator will populate it with a generated name. + maxLength: 63 + type: string + vpcConfig: + properties: + securityGroupIds: + items: + type: string + minItems: 1 + type: array + subnets: + items: + type: string + minItems: 1 + type: array + required: + - securityGroupIds + - subnets + type: object + required: + - algorithmSpecification + - outputDataConfig + - resourceConfig + - roleArn + - region + - stoppingCondition + type: object + status: + properties: + additional: + description: Field to store additional information, for example if we are unable to check the status we update this. + type: string + cloudWatchLogUrl: + description: Cloud Watch url for training log + type: string + debugRuleEvaluationStatuses: + description: Status of rule evaluation jobs, obtained from DebugRuleEvaluationStatuses. https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrainingJob.html#sagemaker-DescribeTrainingJob-response-DebugRuleEvaluationStatuses + items: + properties: + lastModifiedTime: + format: date-time + type: string + ruleConfigurationName: + type: string + ruleEvaluationJobArn: + type: string + ruleEvaluationStatus: + type: string + statusDetail: + type: string + type: object + type: array + lastCheckTime: + description: The last time that we checked the status of the SageMaker job. + format: date-time + type: string + modelPath: + description: Full path to the training artifact (model) + type: string + sageMakerTrainingJobName: + description: SageMaker training job name + type: string + secondaryStatus: + description: The secondary, more granular status of the training job. https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeTrainingJob.html#SageMaker-DescribeTrainingJob-response-SecondaryStatus + type: string + trainingJobStatus: + description: The status of the training job. https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeTrainingJob.html#SageMaker-DescribeTrainingJob-response-TrainingJobStatus + type: string + type: object + required: + - spec + type: object + versions: + - name: v1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: contour + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: datacatalog + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flyteadmin + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flytepropeller + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/DELETE_ME + name: sagemaker-k8s-operator-default + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sparkoperator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: sagemaker-k8s-operator-leader-election-role + namespace: flyte +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flyteadmin + namespace: flyte +rules: +- apiGroups: + - "" + - flyte.lyft.com + - rbac.authorization.k8s.io + resources: + - configmaps + - flyteworkflows + - namespaces + - pods + - resourcequotas + - roles + - rolebindings + - secrets + - services + - serviceaccounts + - spark-role + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flytepropeller +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - delete + - patch +- apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - delete + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - update +- apiGroups: + - flyte.lyft.com + resources: + - flyteworkflows + verbs: + - get + - list + - watch + - create + - update + - delete + - patch + - post + - deletecollection +--- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" + name: kubeflow-pytorchjobs-admin +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" + name: kubeflow-pytorchjobs-edit +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" + name: kubeflow-pytorchjobs-view +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: sagemaker-k8s-operator-manager-role +rules: +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - batchtransformjobs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - batchtransformjobs/status + verbs: + - get + - update + - patch +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - endpointconfigs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - endpointconfigs/status + verbs: + - get + - update + - patch +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - hostingdeployments + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - hostingdeployments/status + verbs: + - get + - update + - patch +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - models + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - models/status + verbs: + - get + - update + - patch +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - endpointconfigs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - endpointconfigs/status + verbs: + - get + - update + - patch +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - hyperparametertuningjobs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - hyperparametertuningjobs/status + verbs: + - get + - update + - patch +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - models + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - models/status + verbs: + - get + - update + - patch +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - trainingjobs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - sagemaker.aws.amazon.com + resources: + - trainingjobs/status + verbs: + - get + - update + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: sagemaker-k8s-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: contour +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - contour.heptio.com + resources: + - ingressroutes + verbs: + - get + - list + - watch + - put + - post + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - events + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: sparkoperator +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + - configmaps + - secrets + verbs: + - create + - get + - delete +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - create + - get + - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - update + - delete + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - update + - delete +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - update + - delete +- apiGroups: + - sparkoperator.k8s.io + resources: + - sparkapplications + - scheduledsparkapplications + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: sagemaker-k8s-operator-leader-election-rolebinding + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: sagemaker-k8s-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: sagemaker-k8s-operator-default + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: sagemaker-k8s-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sagemaker-k8s-operator-manager-role +subjects: +- kind: ServiceAccount + name: sagemaker-k8s-operator-default + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: sagemaker-k8s-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sagemaker-k8s-operator-proxy-role +subjects: +- kind: ServiceAccount + name: sagemaker-k8s-operator-default + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flyteadmin-binding + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyteadmin +subjects: +- kind: ServiceAccount + name: flyteadmin + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flytepropeller + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flytepropeller +subjects: +- kind: ServiceAccount + name: flytepropeller + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: contour +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: contour +subjects: +- kind: ServiceAccount + name: contour + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pytorch-operator +subjects: +- kind: ServiceAccount + name: pytorch-operator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: sparkoperator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sparkoperator +subjects: +- kind: ServiceAccount + name: sparkoperator + namespace: flyte +--- +apiVersion: v1 +data: + aa_namespace.yaml: | + apiVersion: v1 + kind: Namespace + metadata: + name: {{ namespace }} + spec: + finalizers: + - kubernetes + ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ac_project-copilot-dataconfig.yaml: | + kind: ConfigMap + apiVersion: v1 + metadata: + name: flyte-data-config + namespace: {{ namespace }} + data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true + ad_spark-role.yaml: | + apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: Role + metadata: + name: spark-role + namespace: {{ namespace }} + rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - '*' + - apiGroups: + - "" + resources: + - services + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' + ae_spark-service-account.yaml: | + apiVersion: v1 + kind: ServiceAccount + metadata: + name: spark + namespace: {{ namespace }} + af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" +kind: ConfigMap +metadata: + name: clusterresource-template-kf62ttf64k + namespace: flyte +--- +apiVersion: v1 +data: + datacatalog.yaml: | + datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 + application: + grpcPort: 8089 + # TODO lets move this to db.yaml, but the dbname is the problem currently + database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable + logger.yaml: | + logger: + show-source: true + level: 5 + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + +kind: ConfigMap +metadata: + name: datacatalog-config-8h6m2b5dg6 + namespace: flyte +--- +apiVersion: v1 +data: + admin.yaml: | + server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" + flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin + remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 + task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi + domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production + cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable + logger.yaml: | + logger: + show-source: true + level: 5 + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + +kind: ConfigMap +metadata: + name: flyte-admin-config-8728tmmd5f + namespace: flyte +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config + namespace: flyte +--- +apiVersion: v1 +data: + copilot.yaml: | + plugins: + k8s: + co-pilot: + name: "flyte-copilot-" + image: "docker.io/lyft/flytecopilot:v0.3.35" + start-timeout: "30s" + enabled_plugins.yaml: | + tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array + k8s.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + logger.yaml: | + logger: + show-source: true + level: 5 + propeller.yaml: | + propeller: + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 4 + max-workflow-retries: 30 + workflow-reeval-duration: 30s + downstream-eval-duration: 30s + limit-namespace: "all" + prof-port: 10254 + metrics-prefix: flyte + enable-admin-launcher: true + leader-election: + lock-config-map: + name: propeller-leader + namespace: flyte + enabled: true + lease-duration: 15s + renew-deadline: 10s + retry-period: 2s + queue: + type: batch + batching-interval: 2s + batch-size: -1 + queue: + type: bucket + rate: 10 + capacity: 100 + sub-queue: + type: bucket + rate: 10 + capacity: 100 + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + event: + type: admin + rate: 500 + capacity: 1000 + admin: + endpoint: flyteadmin:81 + insecure: true + catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true + qubole.yaml: | + plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" + spark.yaml: | + plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + + task_logs.yaml: | + plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" +kind: ConfigMap +metadata: + name: flyte-propeller-config-gk57799d87 + namespace: flyte +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: datacatalog + namespace: flyte +spec: + ports: + - name: http + port: 88 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 89 + protocol: TCP + targetPort: 8089 + selector: + app: datacatalog +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: flyteadmin + namespace: flyte +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 81 + protocol: TCP + targetPort: 8089 + - name: redoc + port: 87 + protocol: TCP + targetPort: 8087 + selector: + app: flyteadmin +--- +apiVersion: v1 +kind: Service +metadata: + name: flyteconsole + namespace: flyte +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: flyteconsole +--- +apiVersion: v1 +kind: Service +metadata: + name: minio + namespace: flyte +spec: + externalName: minio + ports: + - port: 9000 + selector: + app: minio +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: flyte +spec: + ports: + - port: 5432 + selector: + app: postgres +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8443" + prometheus.io/scrape: "true" + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + ports: + - name: monitoring-port + port: 8443 + targetPort: 8443 + selector: + kustomize.component: pytorch-operator + name: pytorch-operator + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/port: "8443" + prometheus.io/scheme: https + prometheus.io/scrape: "true" + labels: + control-plane: controller-manager + name: sagemaker-k8s-operator-controller-manager-metrics-service + namespace: flyte +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: v1 +kind: Service +metadata: + name: spark-webhook + namespace: flyte +spec: + ports: + - name: webhook + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: datacatalog + name: datacatalog + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: datacatalog + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: datacatalog + app.kubernetes.io/name: datacatalog + app.kubernetes.io/version: 0.2.2 + spec: + containers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - serve + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: datacatalog + ports: + - containerPort: 8088 + - containerPort: 8089 + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + initContainers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - migrate + - run + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + serviceAccountName: datacatalog + volumes: + - emptyDir: {} + name: shared-data + - configMap: + name: datacatalog-config-8h6m2b5dg6 + name: config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteadmin + name: flyteadmin + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteadmin + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flyteadmin + app.kubernetes.io/name: flyteadmin + app.kubernetes.io/version: 0.3.4 + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - serve + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: flyteadmin + ports: + - containerPort: 8088 + - containerPort: 8089 + resources: + limits: + cpu: "0.1" + ephemeral-storage: 100Mi + memory: 200Mi + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + - mountPath: /etc/flyte/config + name: config-volume + - command: + - sh + - -c + - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh + env: + - name: PAGE_TITLE + value: Flyte Admin OpenAPI + - name: SPEC_URL + value: /api/v1/openapi + - name: PORT + value: "8087" + image: docker.io/redocly/redoc + imagePullPolicy: IfNotPresent + name: redoc + ports: + - containerPort: 8087 + resources: + limits: + cpu: "0.1" + memory: 200Mi + initContainers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - run + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - seed-projects + - flytesnacks + - flytetester + - flyteexamples + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: seed-projects + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + - command: + - sh + - -c + - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; + image: postgres:10.1 + name: check-db-ready + serviceAccountName: flyteadmin + volumes: + - name: shared-data + - configMap: + name: flyte-admin-config-8728tmmd5f + name: config-volume + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteconsole + name: flyteconsole + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteconsole + template: + metadata: + labels: + app: flyteconsole + app.kubernetes.io/name: flyteconsole + app.kubernetes.io/version: 0.11.0 + spec: + containers: + - envFrom: + - configMapRef: + name: flyte-console-config + image: docker.io/lyft/flyteconsole:v0.11.0 + name: flyteconsole + ports: + - containerPort: 8080 + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + volumes: + - emptyDir: {} + name: shared-data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flytepropeller + name: flytepropeller + namespace: flyte +spec: + selector: + matchLabels: + app: flytepropeller + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flytepropeller + app.kubernetes.io/name: flytepropeller + app.kubernetes.io/version: 0.3.12 + spec: + containers: + - args: + - --config + - /etc/flyte/config/*.yaml + command: + - flytepropeller + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: docker.io/lyft/flytepropeller:v0.3.12 + imagePullPolicy: IfNotPresent + name: flytepropeller + ports: + - containerPort: 10254 + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + serviceAccountName: flytepropeller + volumes: + - configMap: + name: flyte-propeller-config-gk57799d87 + name: config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: minio + namespace: flyte +spec: + selector: + matchLabels: + app: minio + template: + metadata: + labels: + app: minio + spec: + containers: + - args: + - server + - /data + env: + - name: MINIO_ACCESS_KEY + value: minio + - name: MINIO_SECRET_KEY + value: miniostorage + image: minio/minio:RELEASE.2019-06-04T01-15-58Z + name: minio + ports: + - containerPort: 9000 + name: minio + volumeMounts: + - mountPath: /data + name: minio-storage + volumes: + - emptyDir: {} + name: minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: flyte +spec: + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - image: postgres:10.1 + name: postgres + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-storage + volumes: + - emptyDir: {} + name: postgres-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + kustomize.component: pytorch-operator + name: pytorch-operator + template: + metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + spec: + containers: + - command: + - /pytorch-operator.v1 + - --alsologtostderr + - -v=1 + - --monitoring-port=8443 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f + name: pytorch-operator + serviceAccountName: pytorch-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: sagemaker-k8s-operator-controller-manager + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + - args: + - --metrics-addr=127.0.0.1:8080 + command: + - /manager + env: + - name: AWS_DEFAULT_SAGEMAKER_ENDPOINT + value: "" + image: 957583890962.dkr.ecr.us-east-1.amazonaws.com/amazon-sagemaker-operator-for-k8s:v1.1 + imagePullPolicy: Always + name: manager + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + serviceAccountName: sagemaker-k8s-operator-default + terminationGracePeriodSeconds: 10 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - args: + - -logtostderr + - -v=2 + - -controller-threads=20 + - -enable-metrics=true + - '-metrics-prefix=service:' + - -metrics-labels=task_name + - -metrics-labels=workflow_name + - -enable-webhook=true + - -webhook-svc-namespace=sparkoperator + command: + - /usr/bin/spark-operator + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: Always + name: sparkoperator-unknown + ports: + - containerPort: 10254 + - containerPort: 8080 + volumeMounts: + - mountPath: /etc/webhook-certs + name: webhook-certs + serviceAccountName: sparkoperator + volumes: + - name: webhook-certs + secret: + secretName: spark-webhook-certs +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - emptyDir: {} + name: redis-data +--- +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: syncresources + namespace: flyte +spec: + jobTemplate: + spec: + template: + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + restartPolicy: OnFailure + serviceAccountName: flyteadmin + volumes: + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates + - configMap: + name: flyte-admin-config-8728tmmd5f + name: config-volume + schedule: '*/1 * * * *' +--- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator-init + namespace: flyte +spec: + backoffLimit: 3 + template: + metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - command: + - /usr/bin/gencerts.sh + - --namespace + - flyte + - -p + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: IfNotPresent + name: main + restartPolicy: Never + serviceAccountName: sparkoperator +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: flytesystem + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /console + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /__webpack_hmr + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /api + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /healthcheck + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /v1 + - backend: + serviceName: flyteadmin + servicePort: 81 + path: /flyteidl.service.AdminService + - backend: + serviceName: flyteadmin + servicePort: 87 + path: /openapi +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: minio + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: minio + servicePort: 9000 + path: /minio From 2c4a2e04b9d8ca27e344d6fc75fbb20369bde9a4 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 14 Sep 2020 22:37:56 -0700 Subject: [PATCH 05/41] fixed kustomization --- kustomize/base/flyte/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kustomize/base/flyte/kustomization.yaml b/kustomize/base/flyte/kustomization.yaml index 067acb882a..d347e2a051 100644 --- a/kustomize/base/flyte/kustomization.yaml +++ b/kustomize/base/flyte/kustomization.yaml @@ -37,7 +37,7 @@ resources: ######## # Operators to be enabled - ../operators/spark -- ../operators/sagemaker + #- ../operators/sagemaker - ../operators/kfoperators/pytorch #- ../operators/kfoperators/tensorflow ########### From 051cf05faa3f01b936234718ec45e7bf57bba4b4 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 14 Sep 2020 22:38:33 -0700 Subject: [PATCH 06/41] updated --- kustomize/base/flyte/test.yaml | 3359 ++------------------------------ 1 file changed, 143 insertions(+), 3216 deletions(-) diff --git a/kustomize/base/flyte/test.yaml b/kustomize/base/flyte/test.yaml index 0ef77d3408..847b9e33a2 100644 --- a/kustomize/base/flyte/test.yaml +++ b/kustomize/base/flyte/test.yaml @@ -16,2343 +16,190 @@ metadata: apiVersion: v1 kind: Namespace metadata: - labels: - control-plane: controller-manager - name: sagemaker-k8s-operator-system + name: sparkoperator --- -apiVersion: v1 -kind: Namespace +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition metadata: - name: sparkoperator + name: flyteworkflows.flyte.lyft.com +spec: + group: flyte.lyft.com + names: + kind: FlyteWorkflow + plural: flyteworkflows + shortNames: + - fly + singular: flyteworkflow + scope: Namespaced + version: v1alpha1 --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - name: batchtransformjobs.sagemaker.aws.amazon.com + labels: + component: ingressroute + name: ingressroutes.contour.heptio.com spec: additionalPrinterColumns: - - JSONPath: .status.transformJobStatus - name: Status + - JSONPath: .spec.virtualhost.fqdn + description: Fully qualified domain name + name: FQDN type: string - - JSONPath: .metadata.creationTimestamp - format: date - name: Creation-Time + - JSONPath: .spec.virtualhost.tls.secretName + description: Secret with TLS credentials + name: TLS Secret + type: string + - JSONPath: .spec.routes[0].match + description: First routes defined + name: First route + type: string + - JSONPath: .status.currentStatus + description: The current status of the IngressRoute + name: Status type: string - - JSONPath: .status.sageMakerTransformJobName - name: Sagemaker-Job-Name + - JSONPath: .status.description + description: Description of the current status + name: Status Description type: string - group: sagemaker.aws.amazon.com + group: contour.heptio.com names: - kind: BatchTransformJob - plural: batchtransformjobs - scope: "" - subresources: - status: {} + kind: IngressRoute + plural: ingressroutes + scope: Namespaced validation: openAPIV3Schema: - description: BatchTransformJob is the Schema for the batchtransformjobs API properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: + spec: properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path type: object - clusterName: - description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. - type: string - creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - deletionGracePeriodSeconds: - description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. - format: int64 - type: integer - deletionTimestamp: - description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - finalizers: - description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. + routes: items: - type: string - type: array - generateName: - description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" - type: string - generation: - description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. - format: int64 - type: integer - initializers: - description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." - properties: - pending: - description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. - items: + properties: + delegate: properties: name: - description: name of the process that is responsible for initializing this object. + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + namespace: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string required: - name type: object - type: array - result: - description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - code: - description: Suggested HTTP return code for this status, 0 if not set. - format: int32 - type: integer - details: - description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. + match: + pattern: ^\/.*$ + type: string + services: + items: properties: - causes: - description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. - items: - properties: - field: - description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" - type: string - message: - description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. - type: string - reason: - description: A machine-readable description of the cause of the error. If this value is empty there is no information available. - type: string - type: object - type: array - group: - description: The group attribute of the resource associated with the status StatusReason. - type: string - kind: - description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object name: - description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ type: string - retryAfterSeconds: - description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. - format: int32 + port: type: integer - uid: - description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - message: - description: A human-readable description of the status of this operation. - type: string - metadata: - description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - properties: - continue: - description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. - type: string - resourceVersion: - description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' - type: string - selfLink: - description: selfLink is a URL representing this object. Populated by the system. Read-only. + strategy: + enum: + - RoundRobin + - WeightedLeastRequest + - Random + - RingHash + - Maglev type: string + weight: + type: integer + required: + - name + - port type: object - reason: - description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. - type: string - status: - description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' - type: string - type: object - required: - - pending - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - managedFields: - description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." - items: - properties: - apiVersion: - description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. - type: string - fields: - additionalProperties: true - description: Fields identifies a set of fields. - type: object - manager: - description: Manager is an identifier of the workflow managing these fields. - type: string - operation: - description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. - type: string - time: - description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' - format: date-time - type: string - type: object - type: array - name: - description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - namespace: - description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" - type: string - ownerReferences: - description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. - items: - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - uid: - description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string + type: array required: - - apiVersion - - kind - - name - - uid - type: object + - match type: array - resourceVersion: - description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" - type: string - selfLink: - description: SelfLink is a URL representing this object. Populated by the system. Read-only. - type: string - uid: - description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" - type: string - type: object - spec: - properties: - batchStrategy: + strategy: + enum: + - RoundRobin + - LeastRequest + - Random + - RingHash + - Maglev type: string - dataProcessing: + virtualhost: properties: - JoinSource: - type: string - OutputFilter: - type: string - inputFilter: - type: string - type: object - environment: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - maxConcurrentTransforms: - format: int64 - type: integer - maxPayloadInMB: - format: int64 - type: integer - modelName: - type: string - region: - minLength: 1 - type: string - sageMakerEndpoint: - description: A custom SageMaker endpoint to use when communicating with SageMaker. - pattern: ^(https|http)://.*$ - type: string - tags: - items: - properties: - key: - minLength: 1 - type: string - value: + aliases: + items: + pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ type: string - required: - - key - - value - type: object - type: array - transformInput: - properties: - compressionType: - enum: - - None - - Gzip - type: string - contentType: - type: string - dataSource: - properties: - s3DataSource: - properties: - s3DataType: - enum: - - S3Prefix - - ManifestFile - - AugmentedManifestFile - type: string - s3Uri: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3DataType - - s3Uri - type: object - required: - - s3DataSource - type: object - splitType: - type: string - required: - - dataSource - type: object - transformJobName: - description: The SageMaker batchtransform job name. This is optional for the SageMaker K8s operator. If it is empty, the operator will populate it with a generated name. - maxLength: 63 - type: string - transformOutput: - properties: - accept: - type: string - assembleWith: - type: string - kmsKeyId: - type: string - s3OutputPath: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3OutputPath - type: object - transformResources: - properties: - instanceCount: - format: int64 - minimum: 1 - type: integer - instanceType: - description: Transform job has separate instance type called TransformInstanceType Keeping it string - minLength: 1 - type: string - volumeKmsKeyId: + type: array + fqdn: + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ type: string - required: - - instanceCount - - instanceType - type: object required: - - modelName - - transformInput - - transformOutput - - transformResources - - region - type: object - status: - properties: - additional: - description: Field to store additional information, for example if we are unable to check the status we update this. - type: string - lastCheckTime: - description: The last time that we checked the status of the SageMaker job. - format: date-time - type: string - sageMakerTransformJobName: - description: SageMaker TransformJobName job name - type: string - transformJobStatus: - description: The status of the transform job. https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeTransformJob.html - type: string - type: object - type: object - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + - routes + version: v1beta1 --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - name: endpointconfigs.sagemaker.aws.amazon.com + name: pytorchjobs.kubeflow.org spec: additionalPrinterColumns: - - JSONPath: .status.status - name: Status - type: string - - JSONPath: .status.sageMakerEndpointConfigName - name: Sage-Maker-EndpointConfig-Name + - JSONPath: .status.conditions[-1:].type + name: State type: string - group: sagemaker.aws.amazon.com + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: kubeflow.org names: - kind: EndpointConfig - plural: endpointconfigs - scope: "" + kind: PyTorchJob + plural: pytorchjobs + singular: pytorchjob + scope: Namespaced subresources: status: {} validation: openAPIV3Schema: - description: EndpointConfig is the Schema for the hostingdeployments API properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: + spec: properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - clusterName: - description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. - type: string - creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - deletionGracePeriodSeconds: - description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. - format: int64 - type: integer - deletionTimestamp: - description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - finalizers: - description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. - items: - type: string - type: array - generateName: - description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" - type: string - generation: - description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. - format: int64 - type: integer - initializers: - description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." + pytorchReplicaSpecs: properties: - pending: - description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. - items: - properties: - name: - description: name of the process that is responsible for initializing this object. - type: string - required: - - name - type: object - type: array - result: - description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. + Master: properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - code: - description: Suggested HTTP return code for this status, 0 if not set. - format: int32 - type: integer - details: - description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. - properties: - causes: - description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. - items: - properties: - field: - description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" - type: string - message: - description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. - type: string - reason: - description: A machine-readable description of the cause of the error. If this value is empty there is no information available. - type: string - type: object - type: array - group: - description: The group attribute of the resource associated with the status StatusReason. - type: string - kind: - description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). - type: string - retryAfterSeconds: - description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. - format: int32 - type: integer - uid: - description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - message: - description: A human-readable description of the status of this operation. - type: string - metadata: - description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - properties: - continue: - description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. - type: string - resourceVersion: - description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' - type: string - selfLink: - description: selfLink is a URL representing this object. Populated by the system. Read-only. - type: string - type: object - reason: - description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. - type: string - status: - description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' - type: string - type: object - required: - - pending - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - managedFields: - description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." - items: - properties: - apiVersion: - description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. - type: string - fields: - additionalProperties: true - description: Fields identifies a set of fields. - type: object - manager: - description: Manager is an identifier of the workflow managing these fields. - type: string - operation: - description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. - type: string - time: - description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' - format: date-time - type: string - type: object - type: array - name: - description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - namespace: - description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" - type: string - ownerReferences: - description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. - items: - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - uid: - description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - required: - - apiVersion - - kind - - name - - uid - type: object - type: array - resourceVersion: - description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" - type: string - selfLink: - description: SelfLink is a URL representing this object. Populated by the system. Read-only. - type: string - uid: - description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" - type: string - type: object - spec: - properties: - kmsKeyId: - type: string - productionVariants: - items: - properties: - acceleratorType: - type: string - initialInstanceCount: - format: int64 - minimum: 1 - type: integer - initialVariantWeight: - description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. - format: int64 - type: integer - instanceType: - type: string - modelName: - minLength: 1 - type: string - variantName: - minLength: 1 - type: string - required: - - initialInstanceCount - - instanceType - - modelName - - variantName - type: object - minItems: 1 - type: array - region: - type: string - sageMakerEndpoint: - type: string - tags: - items: - properties: - key: - minLength: 1 - type: string - value: - type: string - required: - - key - - value - type: object - type: array - required: - - productionVariants - - region - type: object - status: - properties: - additional: - description: Field to store additional information, for example if we are unable to check the status in sagemaker we update this. - type: string - endpointConfigArn: - description: The EndpointConfig ARN of the SageMaker EndpointConfig - type: string - lastUpdateTime: - description: The last time this status was updated. - format: date-time - type: string - sageMakerEndpointConfigName: - description: The name of the EndpointConfig in SageMaker. - type: string - status: - description: The status of the EndpointConfig - type: string - type: object - type: object - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - version: v1alpha1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - name: hostingdeployments.sagemaker.aws.amazon.com -spec: - additionalPrinterColumns: - - JSONPath: .status.endpointStatus - name: Status - type: string - - JSONPath: .status.endpointName - name: Sagemaker-endpoint-name - type: string - group: sagemaker.aws.amazon.com - names: - kind: HostingDeployment - plural: hostingdeployments - scope: "" - subresources: - status: {} - validation: - openAPIV3Schema: - description: HostingDeployment is the Schema for the hostingdeployments API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - clusterName: - description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. - type: string - creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - deletionGracePeriodSeconds: - description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. - format: int64 - type: integer - deletionTimestamp: - description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - finalizers: - description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. - items: - type: string - type: array - generateName: - description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" - type: string - generation: - description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. - format: int64 - type: integer - initializers: - description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." - properties: - pending: - description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. - items: - properties: - name: - description: name of the process that is responsible for initializing this object. - type: string - required: - - name - type: object - type: array - result: - description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - code: - description: Suggested HTTP return code for this status, 0 if not set. - format: int32 - type: integer - details: - description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. - properties: - causes: - description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. - items: - properties: - field: - description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" - type: string - message: - description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. - type: string - reason: - description: A machine-readable description of the cause of the error. If this value is empty there is no information available. - type: string - type: object - type: array - group: - description: The group attribute of the resource associated with the status StatusReason. - type: string - kind: - description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). - type: string - retryAfterSeconds: - description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. - format: int32 - type: integer - uid: - description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - message: - description: A human-readable description of the status of this operation. - type: string - metadata: - description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - properties: - continue: - description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. - type: string - resourceVersion: - description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' - type: string - selfLink: - description: selfLink is a URL representing this object. Populated by the system. Read-only. - type: string - type: object - reason: - description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. - type: string - status: - description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' - type: string - type: object - required: - - pending - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - managedFields: - description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." - items: - properties: - apiVersion: - description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. - type: string - fields: - additionalProperties: true - description: Fields identifies a set of fields. - type: object - manager: - description: Manager is an identifier of the workflow managing these fields. - type: string - operation: - description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. - type: string - time: - description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' - format: date-time - type: string - type: object - type: array - name: - description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - namespace: - description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" - type: string - ownerReferences: - description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. - items: - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - uid: - description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - required: - - apiVersion - - kind - - name - - uid - type: object - type: array - resourceVersion: - description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" - type: string - selfLink: - description: SelfLink is a URL representing this object. Populated by the system. Read-only. - type: string - uid: - description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" - type: string - type: object - spec: - properties: - kmsKeyId: - type: string - models: - items: - properties: - containers: - items: - properties: - containerHostname: - type: string - environment: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - image: - type: string - modelDataUrl: - type: string - modelPackageName: - type: string - type: object - minItems: 1 - type: array - enableNetworkIsolation: - type: boolean - executionRoleArn: - minLength: 20 - type: string - name: - type: string - primaryContainer: - type: string - vpcConfig: - properties: - securityGroupIds: - items: - type: string - minItems: 1 - type: array - subnets: - items: - type: string - minItems: 1 - type: array - required: - - securityGroupIds - - subnets - type: object - required: - - name - - executionRoleArn - type: object - type: array - productionVariants: - items: - properties: - acceleratorType: - type: string - initialInstanceCount: - format: int64 - minimum: 1 - type: integer - initialVariantWeight: - description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. - format: int64 - type: integer - instanceType: - type: string - modelName: - minLength: 1 - type: string - variantName: - minLength: 1 - type: string - required: - - initialInstanceCount - - instanceType - - modelName - - variantName - type: object - minItems: 1 - type: array - region: - minLength: 1 - type: string - sageMakerEndpoint: - description: A custom SageMaker endpoint to use when communicating with SageMaker. - pattern: ^(https|http)://.*$ - type: string - tags: - items: - properties: - key: - minLength: 1 - type: string - value: - type: string - required: - - key - - value - type: object - type: array - required: - - region - - productionVariants - - models - type: object - status: - properties: - additional: - description: This field contains additional information about failures. - type: string - creationTime: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-CreationTime - format: date-time - type: string - endpointArn: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-EndpointArn - type: string - endpointConfigName: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpoint.html#SageMaker-CreateEndpoint-request-EndpointConfigName - type: string - endpointName: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpoint.html#SageMaker-CreateEndpoint-request-EndpointName - type: string - endpointStatus: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-EndpointStatus - type: string - endpointUrl: - type: string - failureReason: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#SageMaker-DescribeEndpoint-response-FailureReason - type: string - lastCheckTime: - format: date-time - type: string - lastModifiedTime: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeEndpoint.html#API_DescribeEndpoint_ResponseSyntax - format: date-time - type: string - modelNames: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - productionVariants: - description: https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariantSummary.html - items: - properties: - currentInstanceCount: - format: int64 - type: integer - currentWeight: - description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. - format: int64 - type: integer - deployedImages: - items: - properties: - resolutionTime: - format: date-time - type: string - resolvedImage: - type: string - specifiedImage: - type: string - type: object - type: array - desiredInstanceCount: - format: int64 - type: integer - desiredWeight: - description: We use an int64 here instead of float because floats are not supported by the Kubernetes API. The actual traffic directed to this ProductionVariant is the ratio of this variant weight to the sum of all variant weights. - format: int64 - type: integer - variantName: - type: string - required: - - variantName - type: object - type: array - type: object - type: object - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - name: hyperparametertuningjobs.sagemaker.aws.amazon.com -spec: - additionalPrinterColumns: - - JSONPath: .status.hyperParameterTuningJobStatus - name: Status - type: string - - JSONPath: .metadata.creationTimestamp - format: date - name: Creation-Time - type: string - - JSONPath: .status.trainingJobStatusCounters.completed - format: int64 - name: Completed - type: number - - JSONPath: .status.trainingJobStatusCounters.inProgress - format: int64 - name: InProgress - type: number - - JSONPath: .status.trainingJobStatusCounters.totalError - format: int64 - name: Errors - type: number - - JSONPath: .status.trainingJobStatusCounters.stopped - format: int64 - name: Stopped - type: number - - JSONPath: .status.bestTrainingJob.trainingJobName - name: Best-Training-Job - type: string - - JSONPath: .status.sageMakerHyperParameterTuningJobName - name: Sagemaker-Job-Name - type: string - group: sagemaker.aws.amazon.com - names: - kind: HyperparameterTuningJob - plural: hyperparametertuningjobs - scope: "" - subresources: - status: {} - validation: - openAPIV3Schema: - description: HyperparameterTuningJob is the Schema for the hyperparametertuningjobs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - clusterName: - description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. - type: string - creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - deletionGracePeriodSeconds: - description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. - format: int64 - type: integer - deletionTimestamp: - description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - finalizers: - description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. - items: - type: string - type: array - generateName: - description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" - type: string - generation: - description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. - format: int64 - type: integer - initializers: - description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." - properties: - pending: - description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. - items: - properties: - name: - description: name of the process that is responsible for initializing this object. - type: string - required: - - name - type: object - type: array - result: - description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - code: - description: Suggested HTTP return code for this status, 0 if not set. - format: int32 - type: integer - details: - description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. - properties: - causes: - description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. - items: - properties: - field: - description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" - type: string - message: - description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. - type: string - reason: - description: A machine-readable description of the cause of the error. If this value is empty there is no information available. - type: string - type: object - type: array - group: - description: The group attribute of the resource associated with the status StatusReason. - type: string - kind: - description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). - type: string - retryAfterSeconds: - description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. - format: int32 - type: integer - uid: - description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - message: - description: A human-readable description of the status of this operation. - type: string - metadata: - description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - properties: - continue: - description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. - type: string - resourceVersion: - description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' - type: string - selfLink: - description: selfLink is a URL representing this object. Populated by the system. Read-only. - type: string - type: object - reason: - description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. - type: string - status: - description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' - type: string - type: object - required: - - pending - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - managedFields: - description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." - items: - properties: - apiVersion: - description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. - type: string - fields: - additionalProperties: true - description: Fields identifies a set of fields. - type: object - manager: - description: Manager is an identifier of the workflow managing these fields. - type: string - operation: - description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. - type: string - time: - description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' - format: date-time - type: string - type: object - type: array - name: - description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - namespace: - description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" - type: string - ownerReferences: - description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. - items: - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - uid: - description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - required: - - apiVersion - - kind - - name - - uid - type: object - type: array - resourceVersion: - description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" - type: string - selfLink: - description: SelfLink is a URL representing this object. Populated by the system. Read-only. - type: string - uid: - description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" - type: string - type: object - spec: - properties: - hyperParameterTuningJobConfig: - properties: - hyperParameterTuningJobObjective: - properties: - metricName: - minLength: 1 - type: string - type: - type: string - required: - - metricName - - type - type: object - parameterRanges: - properties: - categoricalParameterRanges: - items: - properties: - name: - type: string - values: - items: - type: string - minItems: 1 - type: array - required: - - name - - values - type: object - type: array - continuousParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - required: - - maxValue - - minValue - - name - - scalingType - type: object - type: array - integerParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - required: - - maxValue - - minValue - - name - - scalingType - type: object - type: array - type: object - resourceLimits: - properties: - maxNumberOfTrainingJobs: - format: int64 - minimum: 1 - type: integer - maxParallelTrainingJobs: - format: int64 - minimum: 1 - type: integer - required: - - maxNumberOfTrainingJobs - - maxParallelTrainingJobs - type: object - strategy: - type: string - trainingJobEarlyStoppingType: - type: string - required: - - resourceLimits - - strategy - type: object - hyperParameterTuningJobName: - type: string - region: - minLength: 1 - type: string - sageMakerEndpoint: - description: A custom SageMaker endpoint to use when communicating with SageMaker. - pattern: ^(https|http)://.*$ - type: string - tags: - items: - properties: - key: - minLength: 1 - type: string - value: - type: string - required: - - key - - value - type: object - type: array - trainingJobDefinition: - properties: - algorithmSpecification: - properties: - algorithmName: - minLength: 1 - type: string - metricDefinitions: - items: - properties: - name: - minLength: 1 - type: string - regex: - minLength: 1 - type: string - required: - - name - - regex - type: object - type: array - trainingImage: - type: string - trainingInputMode: - enum: - - File - - Pipe - type: string - required: - - trainingInputMode - type: object - checkpointConfig: - properties: - localPath: - type: string - s3Uri: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3Uri - type: object - enableInterContainerTrafficEncryption: - type: boolean - enableManagedSpotTraining: - type: boolean - enableNetworkIsolation: - type: boolean - inputDataConfig: - items: - properties: - channelName: - minLength: 1 - pattern: '[A-Za-z0-9\.\-_]+' - type: string - compressionType: - enum: - - None - - Gzip - type: string - contentType: - type: string - dataSource: - properties: - fileSystemDataSource: - properties: - directoryPath: - type: string - fileSystemAccessMode: - type: string - fileSystemId: - type: string - fileSystemType: - type: string - required: - - directoryPath - - fileSystemAccessMode - - fileSystemId - - fileSystemType - type: object - s3DataSource: - properties: - attributeNames: - items: - type: string - type: array - s3DataDistributionType: - enum: - - FullyReplicated - - ShardedByS3Key - type: string - s3DataType: - enum: - - S3Prefix - - ManifestFile - - AugmentedManifestFile - type: string - s3Uri: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3DataType - - s3Uri - type: object - type: object - inputMode: - enum: - - Pipe - - File - type: string - recordWrapperType: - type: string - shuffleConfig: - properties: - seed: - format: int64 - type: integer - required: - - seed - type: object - required: - - channelName - - dataSource - type: object - minItems: 1 - type: array - outputDataConfig: - properties: - kmsKeyId: - type: string - s3OutputPath: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3OutputPath - type: object - resourceConfig: - properties: - instanceCount: - format: int64 - minimum: 1 - type: integer - instanceType: - minLength: 1 - type: string - volumeKmsKeyId: - type: string - volumeSizeInGB: - format: int64 - minimum: 1 - type: integer - required: - - instanceCount - - instanceType - - volumeSizeInGB - type: object - roleArn: - minLength: 20 - type: string - staticHyperParameters: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - minimum: 1 - type: integer - maxWaitTimeInSeconds: - format: int64 - minimum: 1 - type: integer - type: object - vpcConfig: - properties: - securityGroupIds: - items: - type: string - minItems: 1 - type: array - subnets: - items: - type: string - minItems: 1 - type: array - required: - - securityGroupIds - - subnets - type: object - required: - - algorithmSpecification - - outputDataConfig - - resourceConfig - - roleArn - - stoppingCondition - type: object - warmStartConfig: - properties: - parentHyperParameterTuningJobs: - items: - properties: - hyperParameterTuningJobName: - minLength: 1 - type: string - type: object - minItems: 1 - type: array - warmStartType: - type: string - required: - - parentHyperParameterTuningJobs - - warmStartType - type: object - required: - - hyperParameterTuningJobConfig - - region - type: object - status: - properties: - additional: - description: Field to store additional information, for example if we are unable to check the status we update this. - type: string - bestTrainingJob: - description: A HyperParameterTrainingJobSummary object that describes the training job that completed with the best current HyperParameterTuningJobObjective. See https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeHyperParameterTuningJob.html#SageMaker-DescribeHyperParameterTuningJob-response-BestTrainingJob - properties: - creationTime: - format: date-time - type: string - failureReason: - type: string - finalHyperParameterTuningJobObjectiveMetric: - properties: - metricName: - type: string - type: - type: string - value: - description: Value is string instead of float64 to prevent bugs when deserializing onto different platforms. - type: string - type: object - objectiveStatus: - type: string - trainingEndTime: - format: date-time - type: string - trainingJobArn: - type: string - trainingJobName: - type: string - trainingJobStatus: - type: string - trainingStartTime: - format: date-time - type: string - tunedHyperParameters: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - tuningJobName: - type: string - type: object - hyperParameterTuningJobStatus: - description: The status of HyperParameterTrainingJob https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeHyperParameterTuningJob.html#SageMaker-DescribeHyperParameterTuningJob-response-HyperParameterTuningJobStatus - type: string - lastCheckTime: - description: The last time that we checked the status of the SageMaker job. - format: date-time - type: string - sageMakerHyperParameterTuningJobName: - description: SageMaker hyperparametertuning job name - type: string - trainingJobStatusCounters: - description: The TrainingJobStatusCounters object that specifies the number of training jobs, categorized by status, that this tuning job launched. https://docs.aws.amazon.com/sagemaker/latest/dg/API_TrainingJobStatusCounters.html - properties: - completed: - description: The number of completed training jobs launched by the hyperparameter tuning job. - format: int64 - type: integer - inProgress: - description: The number of in-progress training jobs launched by a hyperparameter tuning job. - format: int64 - type: integer - nonRetryableError: - description: The number of training jobs that failed and can't be retried. A failed training job can't be retried if it failed because a client error occurred. - format: int64 - type: integer - retryableError: - description: The number of training jobs that failed, but can be retried. A failed training job can be retried only if it failed because an internal service error occurred. - format: int64 - type: integer - stopped: - description: The number of training jobs launched by a hyperparameter tuning job that were manually stopped. - format: int64 - type: integer - totalError: - description: The sum of NonRetryableError and RetryableError. This is unique to the Kubernetes operator and is used to simplify the `kubectl get` output. - format: int64 - type: integer - type: object - type: object - type: object - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - labels: - component: ingressroute - name: ingressroutes.contour.heptio.com -spec: - additionalPrinterColumns: - - JSONPath: .spec.virtualhost.fqdn - description: Fully qualified domain name - name: FQDN - type: string - - JSONPath: .spec.virtualhost.tls.secretName - description: Secret with TLS credentials - name: TLS Secret - type: string - - JSONPath: .spec.routes[0].match - description: First routes defined - name: First route - type: string - - JSONPath: .status.currentStatus - description: The current status of the IngressRoute - name: Status - type: string - - JSONPath: .status.description - description: Description of the current status - name: Status Description - type: string - group: contour.heptio.com - names: - kind: IngressRoute - plural: ingressroutes - scope: Namespaced - validation: - openAPIV3Schema: - properties: - spec: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - routes: - items: - properties: - delegate: - properties: - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - namespace: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - match: - pattern: ^\/.*$ - type: string - services: - items: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - type: integer - strategy: - enum: - - RoundRobin - - WeightedLeastRequest - - Random - - RingHash - - Maglev - type: string - weight: - type: integer - required: - - name - - port - type: object - type: array - required: - - match - type: array - strategy: - enum: - - RoundRobin - - LeastRequest - - Random - - RingHash - - Maglev - type: string - virtualhost: - properties: - aliases: - items: - pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ - type: string - type: array - fqdn: - pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ - type: string - required: - - routes - version: v1beta1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - name: models.sagemaker.aws.amazon.com -spec: - additionalPrinterColumns: - - JSONPath: .status.status - name: Status - type: string - - JSONPath: .status.sageMakerModelName - name: Sage-Maker-Model-Name - type: string - group: sagemaker.aws.amazon.com - names: - kind: Model - plural: models - scope: "" - subresources: - status: {} - validation: - openAPIV3Schema: - description: Model is the Schema for the hostingdeployments API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - clusterName: - description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. - type: string - creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - deletionGracePeriodSeconds: - description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. - format: int64 - type: integer - deletionTimestamp: - description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - finalizers: - description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. - items: - type: string - type: array - generateName: - description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" - type: string - generation: - description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. - format: int64 - type: integer - initializers: - description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." - properties: - pending: - description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. - items: - properties: - name: - description: name of the process that is responsible for initializing this object. - type: string - required: - - name - type: object - type: array - result: - description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - code: - description: Suggested HTTP return code for this status, 0 if not set. - format: int32 - type: integer - details: - description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. - properties: - causes: - description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. - items: - properties: - field: - description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" - type: string - message: - description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. - type: string - reason: - description: A machine-readable description of the cause of the error. If this value is empty there is no information available. - type: string - type: object - type: array - group: - description: The group attribute of the resource associated with the status StatusReason. - type: string - kind: - description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). - type: string - retryAfterSeconds: - description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. - format: int32 - type: integer - uid: - description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - message: - description: A human-readable description of the status of this operation. - type: string - metadata: - description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - properties: - continue: - description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. - type: string - resourceVersion: - description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' - type: string - selfLink: - description: selfLink is a URL representing this object. Populated by the system. Read-only. - type: string - type: object - reason: - description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. - type: string - status: - description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' - type: string - type: object - required: - - pending - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - managedFields: - description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." - items: - properties: - apiVersion: - description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. - type: string - fields: - additionalProperties: true - description: Fields identifies a set of fields. - type: object - manager: - description: Manager is an identifier of the workflow managing these fields. - type: string - operation: - description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. - type: string - time: - description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' - format: date-time - type: string - type: object - type: array - name: - description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - namespace: - description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" - type: string - ownerReferences: - description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. - items: - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - uid: - description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - required: - - apiVersion - - kind - - name - - uid - type: object - type: array - resourceVersion: - description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" - type: string - selfLink: - description: SelfLink is a URL representing this object. Populated by the system. Read-only. - type: string - uid: - description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" - type: string - type: object - spec: - properties: - containers: - items: - properties: - containerHostname: - type: string - environment: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - image: - type: string - modelDataUrl: - type: string - modelPackageName: - type: string - type: object - type: array - enableNetworkIsolation: - type: boolean - executionRoleArn: - type: string - primaryContainer: - properties: - containerHostname: - type: string - environment: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - image: - type: string - modelDataUrl: - type: string - modelPackageName: - type: string - type: object - region: - type: string - sageMakerEndpoint: - type: string - tags: - items: - properties: - key: - minLength: 1 - type: string - value: - type: string - required: - - key - - value - type: object - type: array - vpcConfig: - properties: - securityGroupIds: - items: - type: string - minItems: 1 - type: array - subnets: - items: - type: string - minItems: 1 - type: array - required: - - securityGroupIds - - subnets - type: object - required: - - executionRoleArn - - region - type: object - status: - properties: - additional: - description: Field to store additional information, for example if we are unable to check the status in sagemaker we update this. - type: string - lastUpdateTime: - description: The last time this status was updated. - format: date-time - type: string - modelArn: - description: The Model ARN of the SageMaker model - type: string - sageMakerModelName: - description: The name of the model in SageMaker. - type: string - status: - description: The status of the model. - type: string - type: object - type: object - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: pytorchjobs.kubeflow.org -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[-1:].type - name: State - type: string - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: kubeflow.org - names: - kind: PyTorchJob - plural: pytorchjobs - singular: pytorchjob - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - spec: - properties: - pytorchReplicaSpecs: - properties: - Master: - properties: - replicas: - maximum: 1 - minimum: 1 + replicas: + maximum: 1 + minimum: 1 type: integer Worker: properties: @@ -2367,611 +214,18 @@ spec: apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - version: v1beta1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - creationTimestamp: null - name: trainingjobs.sagemaker.aws.amazon.com -spec: - additionalPrinterColumns: - - JSONPath: .status.trainingJobStatus - name: Status - type: string - - JSONPath: .status.secondaryStatus - name: Secondary-Status - type: string - - JSONPath: .metadata.creationTimestamp - format: date - name: Creation-Time - type: string - - JSONPath: .status.sageMakerTrainingJobName - name: Sagemaker-Job-Name - type: string - group: sagemaker.aws.amazon.com - names: - kind: TrainingJob - plural: trainingjobs - scope: "" - subresources: - status: {} - validation: - openAPIV3Schema: - description: TrainingJob is the Schema for the trainingjobs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - clusterName: - description: The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. - type: string - creationTimestamp: - description: "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. \n Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - deletionGracePeriodSeconds: - description: Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. - format: int64 - type: integer - deletionTimestamp: - description: "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. \n Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata" - format: date-time - type: string - finalizers: - description: Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. - items: - type: string - type: array - generateName: - description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency" - type: string - generation: - description: A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. - format: int64 - type: integer - initializers: - description: "An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. \n When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user. \n DEPRECATED - initializers are an alpha field and will be removed in v1.15." - properties: - pending: - description: Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients. - items: - properties: - name: - description: name of the process that is responsible for initializing this object. - type: string - required: - - name - type: object - type: array - result: - description: If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - code: - description: Suggested HTTP return code for this status, 0 if not set. - format: int32 - type: integer - details: - description: Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type. - properties: - causes: - description: The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes. - items: - properties: - field: - description: "The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. \n Examples: \"name\" - the field \"name\" on the current resource \"items[0].name\" - the field \"name\" on the first array entry in \"items\"" - type: string - message: - description: A human-readable description of the cause of the error. This field may be presented as-is to a reader. - type: string - reason: - description: A machine-readable description of the cause of the error. If this value is empty there is no information available. - type: string - type: object - type: array - group: - description: The group attribute of the resource associated with the status StatusReason. - type: string - kind: - description: 'The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described). - type: string - retryAfterSeconds: - description: If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action. - format: int32 - type: integer - uid: - description: 'UID of the resource. (when there is a single resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - message: - description: A human-readable description of the status of this operation. - type: string - metadata: - description: 'Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - properties: - continue: - description: continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a consistent list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response, unless you have received this token from an error message. - type: string - resourceVersion: - description: 'String that identifies the server''s internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' - type: string - selfLink: - description: selfLink is a URL representing this object. Populated by the system. Read-only. - type: string - type: object - reason: - description: A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it. - type: string - status: - description: 'Status of the operation. One of: "Success" or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' - type: string - type: object - required: - - pending - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - managedFields: - description: "ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like \"ci-cd\". The set of fields is always in the version that the workflow used when modifying the object. \n This field is alpha and can be changed or removed without notice." - items: - properties: - apiVersion: - description: APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted. - type: string - fields: - additionalProperties: true - description: Fields identifies a set of fields. - type: object - manager: - description: Manager is an identifier of the workflow managing these fields. - type: string - operation: - description: Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'. - type: string - time: - description: Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply' - format: date-time - type: string - type: object - type: array - name: - description: 'Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - namespace: - description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces" - type: string - ownerReferences: - description: List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. - items: - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' - type: string - uid: - description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' - type: string - required: - - apiVersion - - kind - - name - - uid - type: object - type: array - resourceVersion: - description: "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. \n Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency" - type: string - selfLink: - description: SelfLink is a URL representing this object. Populated by the system. Read-only. - type: string - uid: - description: "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. \n Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids" - type: string - type: object - spec: - properties: - algorithmSpecification: - properties: - algorithmName: - minLength: 1 - type: string - metricDefinitions: - items: - properties: - name: - minLength: 1 - type: string - regex: - minLength: 1 - type: string - required: - - name - - regex - type: object - type: array - trainingImage: - minLength: 1 - type: string - trainingInputMode: - enum: - - File - - Pipe - type: string - required: - - trainingInputMode - type: object - checkpointConfig: - properties: - localPath: - type: string - s3Uri: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3Uri - type: object - debugHookConfig: - properties: - collectionConfigurations: - items: - properties: - collectionName: - type: string - collectionParameters: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - type: object - type: array - localPath: - type: string - ruleParameters: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - s3OutputPath: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3OutputPath - type: object - debugRuleConfigurations: - items: - properties: - instanceType: - type: string - localPath: - type: string - ruleConfigurationName: - type: string - ruleEvaluatorImage: - type: string - ruleParameters: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - s3OutputPath: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - volumeSizeInGB: - format: int64 - minimum: 1 - type: integer - required: - - ruleConfigurationName - - ruleEvaluatorImage - type: object - type: array - enableInterContainerTrafficEncryption: - type: boolean - enableManagedSpotTraining: - type: boolean - enableNetworkIsolation: - type: boolean - hyperParameters: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - inputDataConfig: - items: - properties: - channelName: - minLength: 1 - pattern: '[A-Za-z0-9\.\-_]+' - type: string - compressionType: - enum: - - None - - Gzip - type: string - contentType: - type: string - dataSource: - properties: - fileSystemDataSource: - properties: - directoryPath: - type: string - fileSystemAccessMode: - type: string - fileSystemId: - type: string - fileSystemType: - type: string - required: - - directoryPath - - fileSystemAccessMode - - fileSystemId - - fileSystemType - type: object - s3DataSource: - properties: - attributeNames: - items: - type: string - type: array - s3DataDistributionType: - enum: - - FullyReplicated - - ShardedByS3Key - type: string - s3DataType: - enum: - - S3Prefix - - ManifestFile - - AugmentedManifestFile - type: string - s3Uri: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3DataType - - s3Uri - type: object - type: object - inputMode: - enum: - - Pipe - - File - type: string - recordWrapperType: - type: string - shuffleConfig: - properties: - seed: - format: int64 - type: integer - required: - - seed - type: object - required: - - channelName - - dataSource - type: object - minItems: 1 - type: array - outputDataConfig: - properties: - kmsKeyId: - type: string - s3OutputPath: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3OutputPath - type: object - region: - minLength: 1 - type: string - resourceConfig: - properties: - instanceCount: - format: int64 - minimum: 1 - type: integer - instanceType: - minLength: 1 - type: string - volumeKmsKeyId: - type: string - volumeSizeInGB: - format: int64 - minimum: 1 - type: integer - required: - - instanceCount - - instanceType - - volumeSizeInGB - type: object - roleArn: - minLength: 20 - pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$ - type: string - sageMakerEndpoint: - description: A custom SageMaker endpoint to use when communicating with SageMaker. - pattern: ^(https|http)://.*$ - type: string - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - minimum: 1 - type: integer - maxWaitTimeInSeconds: - format: int64 - minimum: 1 - type: integer - type: object - tags: - items: - properties: - key: - minLength: 1 - type: string - value: - type: string - required: - - key - - value - type: object - type: array - tensorBoardOutputConfig: - properties: - localPath: - type: string - s3OutputPath: - pattern: ^(https|s3)://([^/]+)/?(.*)$ - type: string - required: - - s3OutputPath - type: object - trainingJobName: - description: The SageMaker training job name. This is optional for the SageMaker K8s operator. If it is empty, the operator will populate it with a generated name. - maxLength: 63 - type: string - vpcConfig: - properties: - securityGroupIds: - items: - type: string - minItems: 1 - type: array - subnets: - items: - type: string - minItems: 1 - type: array - required: - - securityGroupIds - - subnets - type: object - required: - - algorithmSpecification - - outputDataConfig - - resourceConfig - - roleArn - - region - - stoppingCondition - type: object - status: - properties: - additional: - description: Field to store additional information, for example if we are unable to check the status we update this. - type: string - cloudWatchLogUrl: - description: Cloud Watch url for training log - type: string - debugRuleEvaluationStatuses: - description: Status of rule evaluation jobs, obtained from DebugRuleEvaluationStatuses. https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_DescribeTrainingJob.html#sagemaker-DescribeTrainingJob-response-DebugRuleEvaluationStatuses - items: - properties: - lastModifiedTime: - format: date-time - type: string - ruleConfigurationName: - type: string - ruleEvaluationJobArn: - type: string - ruleEvaluationStatus: - type: string - statusDetail: - type: string - type: object - type: array - lastCheckTime: - description: The last time that we checked the status of the SageMaker job. - format: date-time - type: string - modelPath: - description: Full path to the training artifact (model) - type: string - sageMakerTrainingJobName: - description: SageMaker training job name - type: string - secondaryStatus: - description: The secondary, more granular status of the training job. https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeTrainingJob.html#SageMaker-DescribeTrainingJob-response-SecondaryStatus - type: string - trainingJobStatus: - description: The status of the training job. https://docs.aws.amazon.com/sagemaker/latest/dg/API_DescribeTrainingJob.html#SageMaker-DescribeTrainingJob-response-TrainingJobStatus - type: string - type: object - required: - - spec - type: object - versions: - - name: v1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + name: sparkapplications.sparkoperator.k8s.io +spec: + group: sparkoperator.k8s.io + names: + kind: SparkApplication + listKind: SparkApplicationList + plural: sparkapplications + shortNames: + - sparkapp + singular: sparkapplication + scope: Namespaced + version: v1beta1 --- apiVersion: v1 kind: ServiceAccount @@ -3008,46 +262,11 @@ metadata: --- apiVersion: v1 kind: ServiceAccount -metadata: - annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/DELETE_ME - name: sagemaker-k8s-operator-default - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount metadata: name: sparkoperator namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: sagemaker-k8s-operator-leader-election-role - namespace: flyte -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: flyteadmin @@ -3187,191 +406,6 @@ rules: - list - watch --- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: sagemaker-k8s-operator-manager-role -rules: -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - batchtransformjobs - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - batchtransformjobs/status - verbs: - - get - - update - - patch -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - endpointconfigs - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - endpointconfigs/status - verbs: - - get - - update - - patch -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - hostingdeployments - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - hostingdeployments/status - verbs: - - get - - update - - patch -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - models - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - models/status - verbs: - - get - - update - - patch -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - endpointconfigs - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - endpointconfigs/status - verbs: - - get - - update - - patch -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - hyperparametertuningjobs - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - hyperparametertuningjobs/status - verbs: - - get - - update - - patch -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - models - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - models/status - verbs: - - get - - update - - patch -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - trainingjobs - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - sagemaker.aws.amazon.com - resources: - - trainingjobs/status - verbs: - - get - - update - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: sagemaker-k8s-operator-proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: @@ -3533,46 +567,6 @@ rules: verbs: - '*' --- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: sagemaker-k8s-operator-leader-election-rolebinding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: sagemaker-k8s-operator-leader-election-role -subjects: -- kind: ServiceAccount - name: sagemaker-k8s-operator-default - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: sagemaker-k8s-operator-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sagemaker-k8s-operator-manager-role -subjects: -- kind: ServiceAccount - name: sagemaker-k8s-operator-default - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: sagemaker-k8s-operator-proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sagemaker-k8s-operator-proxy-role -subjects: -- kind: ServiceAccount - name: sagemaker-k8s-operator-default - namespace: flyte ---- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: @@ -4105,25 +1099,6 @@ spec: --- apiVersion: v1 kind: Service -metadata: - annotations: - prometheus.io/port: "8443" - prometheus.io/scheme: https - prometheus.io/scrape: "true" - labels: - control-plane: controller-manager - name: sagemaker-k8s-operator-controller-manager-metrics-service - namespace: flyte -spec: - ports: - - name: https - port: 8443 - targetPort: https - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: name: spark-webhook namespace: flyte @@ -4589,54 +1564,6 @@ spec: --- apiVersion: apps/v1 kind: Deployment -metadata: - labels: - control-plane: controller-manager - name: sagemaker-k8s-operator-controller-manager - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - control-plane: controller-manager - template: - metadata: - labels: - control-plane: controller-manager - spec: - containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - - args: - - --metrics-addr=127.0.0.1:8080 - command: - - /manager - env: - - name: AWS_DEFAULT_SAGEMAKER_ENDPOINT - value: "" - image: 957583890962.dkr.ecr.us-east-1.amazonaws.com/amazon-sagemaker-operator-for-k8s:v1.1 - imagePullPolicy: Always - name: manager - resources: - limits: - cpu: 100m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi - serviceAccountName: sagemaker-k8s-operator-default - terminationGracePeriodSeconds: 10 ---- -apiVersion: apps/v1 -kind: Deployment metadata: labels: app.kubernetes.io/name: sparkoperator From 337573d95b37bb00a6194ceda8a16dba3c4d8130 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 16 Sep 2020 14:38:24 -0700 Subject: [PATCH 07/41] updated --- kustomize/base/flyte/config/admin.yaml | 2 +- kustomize/base/flyte/config/plugins/k8s.yaml | 2 + .../flyte/dependencies/nodeport-services.yaml | 51 +++++++++++++++++++ kustomize/base/flyte/kustomization.yaml | 2 + kustomize/base/flyte/test.yaml | 46 ++++++++++++++--- 5 files changed, 96 insertions(+), 7 deletions(-) create mode 100644 kustomize/base/flyte/dependencies/nodeport-services.yaml diff --git a/kustomize/base/flyte/config/admin.yaml b/kustomize/base/flyte/config/admin.yaml index 6e775c6c54..7e75a7557e 100644 --- a/kustomize/base/flyte/config/admin.yaml +++ b/kustomize/base/flyte/config/admin.yaml @@ -55,7 +55,7 @@ cluster_resources: value: "3000Mi" development: - projectQuotaCpu: - value: "2" + value: "4" - projectQuotaMemory: value: "3000Mi" refresh: 5m diff --git a/kustomize/base/flyte/config/plugins/k8s.yaml b/kustomize/base/flyte/config/plugins/k8s.yaml index 6d0f5b8365..8fe068397f 100644 --- a/kustomize/base/flyte/config/plugins/k8s.yaml +++ b/kustomize/base/flyte/config/plugins/k8s.yaml @@ -4,3 +4,5 @@ plugins: - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - FLYTE_AWS_ACCESS_KEY_ID: minio - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi diff --git a/kustomize/base/flyte/dependencies/nodeport-services.yaml b/kustomize/base/flyte/dependencies/nodeport-services.yaml new file mode 100644 index 0000000000..6439a773fc --- /dev/null +++ b/kustomize/base/flyte/dependencies/nodeport-services.yaml @@ -0,0 +1,51 @@ +# For docker-desktop at least, the range of valid ports is 30000-32767, which is why we're constrained to these +# odd port numbers. Since the base ingress runs on 30081, the K8s dashboard runs on 30082, these just continue from there. +# These nodeports are exposed to save contributors the trouble of port forwarding when running locally. + +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgres + name: postgres-direct + namespace: flyte +spec: + ports: + - nodePort: 30083 + port: 5432 + protocol: TCP + selector: + app: postgres + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: minio + name: minio-direct + namespace: flyte +spec: + ports: + - nodePort: 30084 + port: 9000 + protocol: TCP + selector: + app: minio + type: NodePort +--- +#apiVersion: v1 +#kind: Service +#metadata: +#labels: +#k8s-app: kubernetes-dashboard +#name: dashboard-direct +#namespace: flyte +#spec: +#ports: +#- nodePort: 30082 +#port: 8443 +#protocol: TCP +#selector: +#k8s-app: kubernetes-dashboard +#type: NodePort diff --git a/kustomize/base/flyte/kustomization.yaml b/kustomize/base/flyte/kustomization.yaml index d347e2a051..3369622459 100644 --- a/kustomize/base/flyte/kustomization.yaml +++ b/kustomize/base/flyte/kustomization.yaml @@ -52,6 +52,8 @@ resources: ###### # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - ./dependencies/contour_ingress_controller + # Add node ports for ease of use locally +- ./dependencies/nodeport-services.yaml ############################################## # Generate Configs diff --git a/kustomize/base/flyte/test.yaml b/kustomize/base/flyte/test.yaml index 847b9e33a2..9b1db65c67 100644 --- a/kustomize/base/flyte/test.yaml +++ b/kustomize/base/flyte/test.yaml @@ -801,7 +801,7 @@ data: value: "3000Mi" development: - projectQuotaCpu: - value: "2" + value: "4" - projectQuotaMemory: value: "3000Mi" refresh: 5m @@ -830,7 +830,7 @@ data: kind: ConfigMap metadata: - name: flyte-admin-config-8728tmmd5f + name: flyte-admin-config-gbk8k2985m namespace: flyte --- apiVersion: v1 @@ -866,6 +866,8 @@ data: - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - FLYTE_AWS_ACCESS_KEY_ID: minio - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi logger.yaml: | logger: show-source: true @@ -959,7 +961,7 @@ data: kubernetes-url: "http://localhost:30082" kind: ConfigMap metadata: - name: flyte-propeller-config-gk57799d87 + name: flyte-propeller-config-4c748k96th namespace: flyte --- apiVersion: v1 @@ -1049,6 +1051,22 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: minio + name: minio-direct + namespace: flyte +spec: + ports: + - nodePort: 30084 + port: 9000 + protocol: TCP + selector: + app: minio + type: NodePort +--- +apiVersion: v1 +kind: Service metadata: name: postgres namespace: flyte @@ -1060,6 +1078,22 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: postgres + name: postgres-direct + namespace: flyte +spec: + ports: + - nodePort: 30083 + port: 5432 + protocol: TCP + selector: + app: postgres + type: NodePort +--- +apiVersion: v1 +kind: Service metadata: annotations: prometheus.io/path: /metrics @@ -1375,7 +1409,7 @@ spec: volumes: - name: shared-data - configMap: - name: flyte-admin-config-8728tmmd5f + name: flyte-admin-config-gbk8k2985m name: config-volume - configMap: name: clusterresource-template-kf62ttf64k @@ -1459,7 +1493,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-gk57799d87 + name: flyte-propeller-config-4c748k96th name: config-volume --- apiVersion: apps/v1 @@ -1709,7 +1743,7 @@ spec: name: clusterresource-template-kf62ttf64k name: resource-templates - configMap: - name: flyte-admin-config-8728tmmd5f + name: flyte-admin-config-gbk8k2985m name: config-volume schedule: '*/1 * * * *' --- From 91ad957e175a0adf68d218b92c63ead7851c9069 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 21 Sep 2020 11:08:36 -0700 Subject: [PATCH 08/41] Kustomize improvements --- .../base/admindeployment/kustomization.yaml | 7 +- kustomize/base/console/kustomization.yaml | 7 + kustomize/base/datacatalog/kustomization.yaml | 8 + kustomize/base/flyte/config/admin.yaml | 61 - kustomize/base/flyte/config/datacatalog.yaml | 13 - kustomize/base/flyte/test.yaml | 1832 ----------------- .../config/admin/cluster_resources.yaml | 19 + .../flyte_single_cluster/config/admin/db.yaml | 9 + .../config/admin/domain.yaml | 7 + .../config/admin/remote_data.yaml | 5 + .../config/admin/server.yaml | 21 + .../config/admin/task_resource_defaults.yaml | 9 + .../aa_namespace.yaml | 0 .../ab_project-resource-quota.yaml | 0 .../ac_project-copilot-dataconfig.yaml | 1 + .../ad_spark-role.yaml | 0 .../ae_spark-service-account.yaml | 0 .../af_spark-role-binding.yaml | 0 .../config/console.yaml | 0 .../config/datacatalog/db.yaml | 9 + .../config/datacatalog/server.yaml | 6 + .../config/enabled_plugins.yaml | 8 + .../flyte_single_cluster/config/logger.yaml | 4 + .../config/plugins/copilot.yaml | 0 .../config/plugins/k8s.yaml | 7 + .../config/plugins/task_logs.yaml | 5 + .../config/propeller/admin.yaml | 7 + .../config/propeller/catalog.yaml | 4 + .../config/propeller/core.yaml} | 11 - .../flyte_single_cluster/config/storage.yaml | 6 + .../flyte_single_cluster/kustomization.yaml | 72 + kustomize/base/propeller/kustomization.yaml | 8 + .../sandbox}/admin/deployment.yaml | 0 .../sandbox}/admin/kustomization.yaml | 0 .../admindeployment/admindeployment.yaml | 62 - .../aa_namespace.yaml | 7 - .../ad_spark-role.yaml | 24 - .../ae_spark-service-account.yaml | 5 - .../af_spark-role-binding.yaml | 14 - .../sandbox/admindeployment/cron.yaml | 30 - .../admindeployment/flyteadmin_config.yaml | 80 - .../admindeployment/kustomization.yaml | 25 - .../ab_project-resource-quota.yaml | 0 .../ac_project-copilot-dataconfig.yaml | 0 .../overlays/sandbox/config/console.yaml | 5 + .../sandbox/config/datacatalog_db.yaml | 6 + .../flyte => overlays/sandbox}/config/db.yaml | 0 .../sandbox}/config/enabled_plugins.yaml | 1 + .../sandbox}/config/logger.yaml | 2 +- .../sandbox}/config/plugins/k8s.yaml | 0 .../sandbox}/config/plugins/qubole.yaml | 0 .../sandbox}/config/plugins/spark.yaml | 0 .../sandbox}/config/plugins/task_logs.yaml | 0 .../sandbox}/config/storage.yaml | 0 .../overlays/sandbox/console/config.yaml | 12 - .../overlays/sandbox/console/console.yaml | 15 - .../sandbox/console/kustomization.yaml | 6 - .../sandbox/datacatalog/datacatalog.yaml | 30 - .../datacatalog/datacatalog_config.yaml | 28 - .../sandbox/datacatalog/kustomization.yaml | 12 - .../custom-config.yaml | 0 .../deployment.yaml | 0 .../kustomization.yaml | 0 .../contour_ingress_controller/namespace.yaml | 0 .../contour_ingress_controller/rbac.yaml | 0 .../contour_ingress_controller/service.yaml | 0 .../dependencies/database/database.yaml | 0 .../dependencies/database/kustomization.yaml | 0 .../sandbox/dependencies/kustomization.yaml | 2 - .../dependencies/nodeport-services.yaml | 0 .../dependencies/redis/deployment.yaml | 0 .../dependencies/redis/kustomization.yaml | 0 .../sandbox}/dependencies/redis/service.yaml | 0 .../sandbox/dependencies/service.yaml | 35 - .../dependencies/storage/kustomization.yaml | 0 .../dependencies/storage/storage.yaml | 0 .../overlays/sandbox/flyte/kustomization.yaml | 22 - .../sandbox}/kustomization.yaml | 55 +- .../overlays/sandbox/propeller/config.yaml | 68 - .../sandbox/propeller/kustomization.yaml | 31 - .../sandbox/propeller/plugins/config.yaml | 13 - .../propeller/plugins/container/config.yaml | 0 .../plugins/container/propeller-patch.yaml | 17 - .../propeller/plugins/qubole/config.yaml | 3 - .../plugins/qubole/propeller-patch.yaml | 20 - .../propeller/plugins/spark/config.yaml | 16 - .../plugins/spark/propeller-patch.yaml | 17 - .../overlays/sandbox/propeller/propeller.yaml | 18 - .../overlays/sandbox/redis/kustomization.yaml | 5 - kustomize/overlays/sandbox/redis/storage.yaml | 11 - 90 files changed, 252 insertions(+), 2591 deletions(-) delete mode 100644 kustomize/base/flyte/config/admin.yaml delete mode 100644 kustomize/base/flyte/config/datacatalog.yaml delete mode 100644 kustomize/base/flyte/test.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/admin/cluster_resources.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/admin/db.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/admin/domain.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/admin/remote_data.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/admin/server.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/admin/task_resource_defaults.yaml rename kustomize/base/{flyte => flyte_single_cluster}/config/clusterresource-templates/aa_namespace.yaml (100%) rename kustomize/base/{flyte => flyte_single_cluster}/config/clusterresource-templates/ab_project-resource-quota.yaml (100%) rename kustomize/{overlays/sandbox/admindeployment => base/flyte_single_cluster/config}/clusterresource-templates/ac_project-copilot-dataconfig.yaml (80%) rename kustomize/base/{flyte => flyte_single_cluster}/config/clusterresource-templates/ad_spark-role.yaml (100%) rename kustomize/base/{flyte => flyte_single_cluster}/config/clusterresource-templates/ae_spark-service-account.yaml (100%) rename kustomize/base/{flyte => flyte_single_cluster}/config/clusterresource-templates/af_spark-role-binding.yaml (100%) rename kustomize/base/{flyte => flyte_single_cluster}/config/console.yaml (100%) create mode 100644 kustomize/base/flyte_single_cluster/config/datacatalog/db.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/datacatalog/server.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/enabled_plugins.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/logger.yaml rename kustomize/base/{flyte => flyte_single_cluster}/config/plugins/copilot.yaml (100%) create mode 100644 kustomize/base/flyte_single_cluster/config/plugins/k8s.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/plugins/task_logs.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/propeller/admin.yaml create mode 100644 kustomize/base/flyte_single_cluster/config/propeller/catalog.yaml rename kustomize/base/{flyte/config/propeller.yaml => flyte_single_cluster/config/propeller/core.yaml} (82%) create mode 100644 kustomize/base/flyte_single_cluster/config/storage.yaml create mode 100644 kustomize/base/flyte_single_cluster/kustomization.yaml rename kustomize/{base/flyte => overlays/sandbox}/admin/deployment.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/admin/kustomization.yaml (100%) delete mode 100644 kustomize/overlays/sandbox/admindeployment/admindeployment.yaml delete mode 100644 kustomize/overlays/sandbox/admindeployment/clusterresource-templates/aa_namespace.yaml delete mode 100644 kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ad_spark-role.yaml delete mode 100644 kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ae_spark-service-account.yaml delete mode 100644 kustomize/overlays/sandbox/admindeployment/clusterresource-templates/af_spark-role-binding.yaml delete mode 100644 kustomize/overlays/sandbox/admindeployment/cron.yaml delete mode 100644 kustomize/overlays/sandbox/admindeployment/flyteadmin_config.yaml delete mode 100644 kustomize/overlays/sandbox/admindeployment/kustomization.yaml rename kustomize/overlays/sandbox/{admindeployment => config}/clusterresource-templates/ab_project-resource-quota.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml (100%) create mode 100644 kustomize/overlays/sandbox/config/console.yaml create mode 100644 kustomize/overlays/sandbox/config/datacatalog_db.yaml rename kustomize/{base/flyte => overlays/sandbox}/config/db.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/config/enabled_plugins.yaml (87%) rename kustomize/{base/flyte => overlays/sandbox}/config/logger.yaml (71%) rename kustomize/{base/flyte => overlays/sandbox}/config/plugins/k8s.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/config/plugins/qubole.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/config/plugins/spark.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/config/plugins/task_logs.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/config/storage.yaml (100%) delete mode 100644 kustomize/overlays/sandbox/console/config.yaml delete mode 100644 kustomize/overlays/sandbox/console/console.yaml delete mode 100644 kustomize/overlays/sandbox/console/kustomization.yaml delete mode 100644 kustomize/overlays/sandbox/datacatalog/datacatalog.yaml delete mode 100644 kustomize/overlays/sandbox/datacatalog/datacatalog_config.yaml delete mode 100644 kustomize/overlays/sandbox/datacatalog/kustomization.yaml rename kustomize/{base/flyte => overlays/sandbox}/dependencies/contour_ingress_controller/custom-config.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/contour_ingress_controller/deployment.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/contour_ingress_controller/kustomization.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/contour_ingress_controller/namespace.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/contour_ingress_controller/rbac.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/contour_ingress_controller/service.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/database/database.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/database/kustomization.yaml (100%) delete mode 100644 kustomize/overlays/sandbox/dependencies/kustomization.yaml rename kustomize/{base/flyte => overlays/sandbox}/dependencies/nodeport-services.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/redis/deployment.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/redis/kustomization.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/redis/service.yaml (100%) delete mode 100644 kustomize/overlays/sandbox/dependencies/service.yaml rename kustomize/{base/flyte => overlays/sandbox}/dependencies/storage/kustomization.yaml (100%) rename kustomize/{base/flyte => overlays/sandbox}/dependencies/storage/storage.yaml (100%) delete mode 100644 kustomize/overlays/sandbox/flyte/kustomization.yaml rename kustomize/{base/flyte => overlays/sandbox}/kustomization.yaml (56%) delete mode 100644 kustomize/overlays/sandbox/propeller/config.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/kustomization.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/plugins/config.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/plugins/container/config.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/plugins/container/propeller-patch.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/plugins/qubole/config.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/plugins/qubole/propeller-patch.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/plugins/spark/config.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/plugins/spark/propeller-patch.yaml delete mode 100644 kustomize/overlays/sandbox/propeller/propeller.yaml delete mode 100644 kustomize/overlays/sandbox/redis/kustomization.yaml delete mode 100644 kustomize/overlays/sandbox/redis/storage.yaml diff --git a/kustomize/base/admindeployment/kustomization.yaml b/kustomize/base/admindeployment/kustomization.yaml index f38cebb07a..e33164b383 100644 --- a/kustomize/base/admindeployment/kustomization.yaml +++ b/kustomize/base/admindeployment/kustomization.yaml @@ -2,4 +2,9 @@ resources: - deployment.yaml - service.yaml - +# Images that should be used +images: + # FlyteAdmin + - name: flyteadmin # match images with this name + newTag: v0.3.5 # override the tag + newName: docker.io/lyft/flyteadmin # override the name diff --git a/kustomize/base/console/kustomization.yaml b/kustomize/base/console/kustomization.yaml index 81d586a3cd..356dd045b6 100644 --- a/kustomize/base/console/kustomization.yaml +++ b/kustomize/base/console/kustomization.yaml @@ -2,3 +2,10 @@ resources: - deployment.yaml - service.yaml - configmap.yaml + +# Images that should be used +images: + # FlyteConsole + - name: flyteconsole # match images with this name + newTag: v0.11.0 # override the tag + newName: docker.io/lyft/flyteconsole # override the name diff --git a/kustomize/base/datacatalog/kustomization.yaml b/kustomize/base/datacatalog/kustomization.yaml index c38e72a98d..ace3329f36 100644 --- a/kustomize/base/datacatalog/kustomization.yaml +++ b/kustomize/base/datacatalog/kustomization.yaml @@ -2,3 +2,11 @@ resources: - rbac.yaml - deployment.yaml - service.yaml + +# Images that should be used +images: + # Flyte DataCatalog + - name: datacatalog # match images with this name + newTag: v0.2.2 # override the tag + newName: docker.io/lyft/datacatalog # override the name + diff --git a/kustomize/base/flyte/config/admin.yaml b/kustomize/base/flyte/config/admin.yaml deleted file mode 100644 index 7e75a7557e..0000000000 --- a/kustomize/base/flyte/config/admin.yaml +++ /dev/null @@ -1,61 +0,0 @@ -server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" -flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin -remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 -task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi -domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production -cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m diff --git a/kustomize/base/flyte/config/datacatalog.yaml b/kustomize/base/flyte/config/datacatalog.yaml deleted file mode 100644 index 0ef31c10f9..0000000000 --- a/kustomize/base/flyte/config/datacatalog.yaml +++ /dev/null @@ -1,13 +0,0 @@ -datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 -application: - grpcPort: 8089 -# TODO lets move this to db.yaml, but the dbname is the problem currently -database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable diff --git a/kustomize/base/flyte/test.yaml b/kustomize/base/flyte/test.yaml deleted file mode 100644 index 9b1db65c67..0000000000 --- a/kustomize/base/flyte/test.yaml +++ /dev/null @@ -1,1832 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active ---- -apiVersion: v1 -kind: Namespace -metadata: - name: heptio-contour ---- -apiVersion: v1 -kind: Namespace -metadata: - name: sparkoperator ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - version: v1alpha1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - labels: - component: ingressroute - name: ingressroutes.contour.heptio.com -spec: - additionalPrinterColumns: - - JSONPath: .spec.virtualhost.fqdn - description: Fully qualified domain name - name: FQDN - type: string - - JSONPath: .spec.virtualhost.tls.secretName - description: Secret with TLS credentials - name: TLS Secret - type: string - - JSONPath: .spec.routes[0].match - description: First routes defined - name: First route - type: string - - JSONPath: .status.currentStatus - description: The current status of the IngressRoute - name: Status - type: string - - JSONPath: .status.description - description: Description of the current status - name: Status Description - type: string - group: contour.heptio.com - names: - kind: IngressRoute - plural: ingressroutes - scope: Namespaced - validation: - openAPIV3Schema: - properties: - spec: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - routes: - items: - properties: - delegate: - properties: - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - namespace: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - match: - pattern: ^\/.*$ - type: string - services: - items: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - type: integer - strategy: - enum: - - RoundRobin - - WeightedLeastRequest - - Random - - RingHash - - Maglev - type: string - weight: - type: integer - required: - - name - - port - type: object - type: array - required: - - match - type: array - strategy: - enum: - - RoundRobin - - LeastRequest - - Random - - RingHash - - Maglev - type: string - virtualhost: - properties: - aliases: - items: - pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ - type: string - type: array - fqdn: - pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ - type: string - required: - - routes - version: v1beta1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: pytorchjobs.kubeflow.org -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[-1:].type - name: State - type: string - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: kubeflow.org - names: - kind: PyTorchJob - plural: pytorchjobs - singular: pytorchjob - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - spec: - properties: - pytorchReplicaSpecs: - properties: - Master: - properties: - replicas: - maximum: 1 - minimum: 1 - type: integer - Worker: - properties: - replicas: - minimum: 1 - type: integer - versions: - - name: v1 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - version: v1beta1 ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: contour - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: sparkoperator - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyteadmin - namespace: flyte -rules: -- apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flytepropeller -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -- apiGroups: - - '*' - resources: - - '*' - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -- apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -aggregationRule: - clusterRoleSelectors: - - matchLabels: - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" - name: kubeflow-pytorchjobs-admin -rules: [] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" - name: kubeflow-pytorchjobs-edit -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" - name: kubeflow-pytorchjobs-view -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: contour -rules: -- apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - get - - list - - watch -- apiGroups: - - contour.heptio.com - resources: - - ingressroutes - verbs: - - get - - list - - watch - - put - - post - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - '*' -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - '*' -- apiGroups: - - "" - resources: - - pods - - services - - endpoints - - events - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: sparkoperator -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - - configmaps - - secrets - verbs: - - create - - get - - delete -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - delete -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - update - - delete - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - create - - get - - update - - delete -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - get - - update - - delete -- apiGroups: - - sparkoperator.k8s.io - resources: - - sparkapplications - - scheduledsparkapplications - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: -- kind: ServiceAccount - name: flyteadmin - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: contour -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: contour -subjects: -- kind: ServiceAccount - name: contour - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: pytorch-operator -subjects: -- kind: ServiceAccount - name: pytorch-operator - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: sparkoperator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sparkoperator -subjects: -- kind: ServiceAccount - name: sparkoperator - namespace: flyte ---- -apiVersion: v1 -data: - aa_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: {{ namespace }} - spec: - finalizers: - - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" - ac_project-copilot-dataconfig.yaml: | - kind: ConfigMap - apiVersion: v1 - metadata: - name: flyte-data-config - namespace: {{ namespace }} - data: - config.yaml: | - storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket - enable-multicontainer: true - ad_spark-role.yaml: | - apiVersion: rbac.authorization.k8s.io/v1beta1 - kind: Role - metadata: - name: spark-role - namespace: {{ namespace }} - rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - '*' - - apiGroups: - - "" - resources: - - services - verbs: - - '*' - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' - ae_spark-service-account.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: spark - namespace: {{ namespace }} - af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" -kind: ConfigMap -metadata: - name: clusterresource-template-kf62ttf64k - namespace: flyte ---- -apiVersion: v1 -data: - datacatalog.yaml: | - datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 - application: - grpcPort: 8089 - # TODO lets move this to db.yaml, but the dbname is the problem currently - database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable - logger.yaml: | - logger: - show-source: true - level: 5 - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - -kind: ConfigMap -metadata: - name: datacatalog-config-8h6m2b5dg6 - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin - remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 - task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m - db.yaml: | - database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable - logger.yaml: | - logger: - show-source: true - level: 5 - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - -kind: ConfigMap -metadata: - name: flyte-admin-config-gbk8k2985m - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte ---- -apiVersion: v1 -data: - copilot.yaml: | - plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "30s" - enabled_plugins.yaml: | - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array - k8s.yaml: | - plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi - logger.yaml: | - logger: - show-source: true - level: 5 - propeller.yaml: | - propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - qubole.yaml: | - plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" - spark.yaml: | - plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - - task_logs.yaml: | - plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" -kind: ConfigMap -metadata: - name: flyte-propeller-config-4c748k96th - namespace: flyte ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: contour - name: contour - namespace: flyte -spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP - selector: - app: contour - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: datacatalog - namespace: flyte -spec: - ports: - - name: http - port: 88 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 89 - protocol: TCP - targetPort: 8089 - selector: - app: datacatalog ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: flyteadmin - namespace: flyte -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - selector: - app: flyteadmin ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte -spec: - ports: - - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole ---- -apiVersion: v1 -kind: Service -metadata: - name: minio - namespace: flyte -spec: - externalName: minio - ports: - - port: 9000 - selector: - app: minio ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - name: postgres - namespace: flyte -spec: - ports: - - port: 5432 - selector: - app: postgres ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "8443" - prometheus.io/scrape: "true" - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: flyte -spec: - ports: - - name: monitoring-port - port: 8443 - targetPort: 8443 - selector: - kustomize.component: pytorch-operator - name: pytorch-operator - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - name: spark-webhook - namespace: flyte -spec: - ports: - - name: webhook - port: 443 - targetPort: 8080 - selector: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: datacatalog - name: datacatalog - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.2.2 - spec: - containers: - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/*.yaml - - serve - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: datacatalog - ports: - - containerPort: 8088 - - containerPort: 8089 - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - initContainers: - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/*.yaml - - migrate - - run - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - serviceAccountName: datacatalog - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: datacatalog-config-8h6m2b5dg6 - name: config-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteadmin - name: flyteadmin - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.3.4 - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - serve - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: flyteadmin - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - - mountPath: /etc/flyte/config - name: config-volume - - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: Flyte Admin OpenAPI - - name: SPEC_URL - value: /api/v1/openapi - - name: PORT - value: "8087" - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - name: redoc - ports: - - containerPort: 8087 - resources: - limits: - cpu: "0.1" - memory: 200Mi - initContainers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - migrate - - run - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - migrate - - seed-projects - - flytesnacks - - flytetester - - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: seed-projects - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - command: - - sh - - -c - - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; - image: postgres:10.1 - name: check-db-ready - serviceAccountName: flyteadmin - volumes: - - name: shared-data - - configMap: - name: flyte-admin-config-gbk8k2985m - name: config-volume - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteconsole - name: flyteconsole - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.11.0 - spec: - containers: - - envFrom: - - configMapRef: - name: flyte-console-config - image: docker.io/lyft/flyteconsole:v0.11.0 - name: flyteconsole - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - volumes: - - emptyDir: {} - name: shared-data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytepropeller - name: flytepropeller - namespace: flyte -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.3.12 - spec: - containers: - - args: - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: docker.io/lyft/flytepropeller:v0.3.12 - imagePullPolicy: IfNotPresent - name: flytepropeller - ports: - - containerPort: 10254 - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - serviceAccountName: flytepropeller - volumes: - - configMap: - name: flyte-propeller-config-4c748k96th - name: config-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - namespace: flyte -spec: - selector: - matchLabels: - app: minio - template: - metadata: - labels: - app: minio - spec: - containers: - - args: - - server - - /data - env: - - name: MINIO_ACCESS_KEY - value: minio - - name: MINIO_SECRET_KEY - value: miniostorage - image: minio/minio:RELEASE.2019-06-04T01-15-58Z - name: minio - ports: - - containerPort: 9000 - name: minio - volumeMounts: - - mountPath: /data - name: minio-storage - volumes: - - emptyDir: {} - name: minio-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres - namespace: flyte -spec: - selector: - matchLabels: - app: postgres - template: - metadata: - labels: - app: postgres - spec: - containers: - - image: postgres:10.1 - name: postgres - ports: - - containerPort: 5432 - name: postgres - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-storage - volumes: - - emptyDir: {} - name: postgres-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - kustomize.component: pytorch-operator - name: pytorch-operator - template: - metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - spec: - containers: - - command: - - /pytorch-operator.v1 - - --alsologtostderr - - -v=1 - - --monitoring-port=8443 - env: - - name: MY_POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f - name: pytorch-operator - serviceAccountName: pytorch-operator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - args: - - -logtostderr - - -v=2 - - -controller-threads=20 - - -enable-metrics=true - - '-metrics-prefix=service:' - - -metrics-labels=task_name - - -metrics-labels=workflow_name - - -enable-webhook=true - - -webhook-svc-namespace=sparkoperator - command: - - /usr/bin/spark-operator - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: Always - name: sparkoperator-unknown - ports: - - containerPort: 10254 - - containerPort: 8080 - volumeMounts: - - mountPath: /etc/webhook-certs - name: webhook-certs - serviceAccountName: sparkoperator - volumes: - - name: webhook-certs - secret: - secretName: spark-webhook-certs ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: docker.io/bitnami/redis:4.0.2-r1 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always - volumes: - - emptyDir: {} - name: redis-data ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates - - configMap: - name: flyte-admin-config-gbk8k2985m - name: config-volume - schedule: '*/1 * * * *' ---- -apiVersion: batch/v1 -kind: Job -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator-init - namespace: flyte -spec: - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - command: - - /usr/bin/gencerts.sh - - --namespace - - flyte - - -p - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: IfNotPresent - name: main - restartPolicy: Never - serviceAccountName: sparkoperator ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: flytesystem - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /console - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /__webpack_hmr - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /api - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /healthcheck - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /v1 - - backend: - serviceName: flyteadmin - servicePort: 81 - path: /flyteidl.service.AdminService - - backend: - serviceName: flyteadmin - servicePort: 87 - path: /openapi ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: minio - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: minio - servicePort: 9000 - path: /minio diff --git a/kustomize/base/flyte_single_cluster/config/admin/cluster_resources.yaml b/kustomize/base/flyte_single_cluster/config/admin/cluster_resources.yaml new file mode 100644 index 0000000000..c2ff64b3c7 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/admin/cluster_resources.yaml @@ -0,0 +1,19 @@ +cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m diff --git a/kustomize/base/flyte_single_cluster/config/admin/db.yaml b/kustomize/base/flyte_single_cluster/config/admin/db.yaml new file mode 100644 index 0000000000..e47f4c44d1 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/admin/db.yaml @@ -0,0 +1,9 @@ +# This should be replaced with the db endpoint +# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc +# Or can be a self hosted Postgres in the cluster +database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable diff --git a/kustomize/base/flyte_single_cluster/config/admin/domain.yaml b/kustomize/base/flyte_single_cluster/config/admin/domain.yaml new file mode 100644 index 0000000000..9df6ef80a9 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/admin/domain.yaml @@ -0,0 +1,7 @@ +domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production diff --git a/kustomize/base/flyte_single_cluster/config/admin/remote_data.yaml b/kustomize/base/flyte_single_cluster/config/admin/remote_data.yaml new file mode 100644 index 0000000000..41719a0e66 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/admin/remote_data.yaml @@ -0,0 +1,5 @@ +remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 diff --git a/kustomize/base/flyte_single_cluster/config/admin/server.yaml b/kustomize/base/flyte_single_cluster/config/admin/server.yaml new file mode 100644 index 0000000000..414a1c2927 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/admin/server.yaml @@ -0,0 +1,21 @@ +server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" +flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin diff --git a/kustomize/base/flyte_single_cluster/config/admin/task_resource_defaults.yaml b/kustomize/base/flyte_single_cluster/config/admin/task_resource_defaults.yaml new file mode 100644 index 0000000000..8db48a1950 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/admin/task_resource_defaults.yaml @@ -0,0 +1,9 @@ +task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi diff --git a/kustomize/base/flyte/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/aa_namespace.yaml similarity index 100% rename from kustomize/base/flyte/config/clusterresource-templates/aa_namespace.yaml rename to kustomize/base/flyte_single_cluster/config/clusterresource-templates/aa_namespace.yaml diff --git a/kustomize/base/flyte/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml similarity index 100% rename from kustomize/base/flyte/config/clusterresource-templates/ab_project-resource-quota.yaml rename to kustomize/base/flyte_single_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml diff --git a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml similarity index 80% rename from kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ac_project-copilot-dataconfig.yaml rename to kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml index cc17cb58a7..716933c5d3 100644 --- a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ac_project-copilot-dataconfig.yaml +++ b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -1,3 +1,4 @@ +# TODO update the storage configuration to match the storage.yaml. Keep the enable-multicontainer: true kind: ConfigMap apiVersion: v1 metadata: diff --git a/kustomize/base/flyte/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ad_spark-role.yaml similarity index 100% rename from kustomize/base/flyte/config/clusterresource-templates/ad_spark-role.yaml rename to kustomize/base/flyte_single_cluster/config/clusterresource-templates/ad_spark-role.yaml diff --git a/kustomize/base/flyte/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ae_spark-service-account.yaml similarity index 100% rename from kustomize/base/flyte/config/clusterresource-templates/ae_spark-service-account.yaml rename to kustomize/base/flyte_single_cluster/config/clusterresource-templates/ae_spark-service-account.yaml diff --git a/kustomize/base/flyte/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/af_spark-role-binding.yaml similarity index 100% rename from kustomize/base/flyte/config/clusterresource-templates/af_spark-role-binding.yaml rename to kustomize/base/flyte_single_cluster/config/clusterresource-templates/af_spark-role-binding.yaml diff --git a/kustomize/base/flyte/config/console.yaml b/kustomize/base/flyte_single_cluster/config/console.yaml similarity index 100% rename from kustomize/base/flyte/config/console.yaml rename to kustomize/base/flyte_single_cluster/config/console.yaml diff --git a/kustomize/base/flyte_single_cluster/config/datacatalog/db.yaml b/kustomize/base/flyte_single_cluster/config/datacatalog/db.yaml new file mode 100644 index 0000000000..6ba8a5949d --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/datacatalog/db.yaml @@ -0,0 +1,9 @@ +# This should be replaced with the db endpoint +# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc +# Or can be a self hosted Postgres in the cluster +database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable diff --git a/kustomize/base/flyte_single_cluster/config/datacatalog/server.yaml b/kustomize/base/flyte_single_cluster/config/datacatalog/server.yaml new file mode 100644 index 0000000000..1cdd80c27f --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/datacatalog/server.yaml @@ -0,0 +1,6 @@ +datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 +application: + grpcPort: 8089 diff --git a/kustomize/base/flyte_single_cluster/config/enabled_plugins.yaml b/kustomize/base/flyte_single_cluster/config/enabled_plugins.yaml new file mode 100644 index 0000000000..ebf4892451 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/enabled_plugins.yaml @@ -0,0 +1,8 @@ +## +# TODO It is important to enable the plugins that you want to deploy here. +tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - k8s-array diff --git a/kustomize/base/flyte_single_cluster/config/logger.yaml b/kustomize/base/flyte_single_cluster/config/logger.yaml new file mode 100644 index 0000000000..7fc20650ec --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/logger.yaml @@ -0,0 +1,4 @@ +# TODO this is used to control the log level +logger: + show-source: true + level: 2 diff --git a/kustomize/base/flyte/config/plugins/copilot.yaml b/kustomize/base/flyte_single_cluster/config/plugins/copilot.yaml similarity index 100% rename from kustomize/base/flyte/config/plugins/copilot.yaml rename to kustomize/base/flyte_single_cluster/config/plugins/copilot.yaml diff --git a/kustomize/base/flyte_single_cluster/config/plugins/k8s.yaml b/kustomize/base/flyte_single_cluster/config/plugins/k8s.yaml new file mode 100644 index 0000000000..5097741639 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/plugins/k8s.yaml @@ -0,0 +1,7 @@ +# TODO set any custom env vars +plugins: + k8s: + default-env-vars: + - SOME_ENV_VARS: "These get passed to all containers" + default-cpus: 100m + default-memory: 100Mi diff --git a/kustomize/base/flyte_single_cluster/config/plugins/task_logs.yaml b/kustomize/base/flyte_single_cluster/config/plugins/task_logs.yaml new file mode 100644 index 0000000000..de402d2ed3 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/plugins/task_logs.yaml @@ -0,0 +1,5 @@ +# TODO this is used to enable log links in the UI. +plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" diff --git a/kustomize/base/flyte_single_cluster/config/propeller/admin.yaml b/kustomize/base/flyte_single_cluster/config/propeller/admin.yaml new file mode 100644 index 0000000000..55cf01b83b --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/propeller/admin.yaml @@ -0,0 +1,7 @@ +event: + type: admin + rate: 500 + capacity: 1000 +admin: + endpoint: flyteadmin:81 + insecure: true diff --git a/kustomize/base/flyte_single_cluster/config/propeller/catalog.yaml b/kustomize/base/flyte_single_cluster/config/propeller/catalog.yaml new file mode 100644 index 0000000000..e70e7bd770 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/propeller/catalog.yaml @@ -0,0 +1,4 @@ +catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true diff --git a/kustomize/base/flyte/config/propeller.yaml b/kustomize/base/flyte_single_cluster/config/propeller/core.yaml similarity index 82% rename from kustomize/base/flyte/config/propeller.yaml rename to kustomize/base/flyte_single_cluster/config/propeller/core.yaml index b1467f5746..4323ccd803 100644 --- a/kustomize/base/flyte/config/propeller.yaml +++ b/kustomize/base/flyte_single_cluster/config/propeller/core.yaml @@ -35,14 +35,3 @@ propeller: redis: hostPath: redis-resource-manager:6379 hostKey: mypassword -event: - type: admin - rate: 500 - capacity: 1000 -admin: - endpoint: flyteadmin:81 - insecure: true -catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true diff --git a/kustomize/base/flyte_single_cluster/config/storage.yaml b/kustomize/base/flyte_single_cluster/config/storage.yaml new file mode 100644 index 0000000000..09e6ec6dec --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/storage.yaml @@ -0,0 +1,6 @@ +# TODO This should be changed for the right storage option - e.g. +# hosted blob stores like S3, GCS, AFS etc +# k8s blob store like minio +# For all supported options look at https://github.com/lyft/flytestdlib/blob/master/storage/config.go +storage: + type: mem diff --git a/kustomize/base/flyte_single_cluster/kustomization.yaml b/kustomize/base/flyte_single_cluster/kustomization.yaml new file mode 100644 index 0000000000..bbc6c6167a --- /dev/null +++ b/kustomize/base/flyte_single_cluster/kustomization.yaml @@ -0,0 +1,72 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +# All the resources that make up the deployment +resources: +# global resources +- ../namespace +- ../ingress +- ../admindeployment +- ../datacatalog +- ../console +- ../wf_crd +- ../propeller +- ../adminserviceaccount + +############################################## +# Generate Configs +# For each component exactly one config is generated +# For every component required configs are +# 1. logger.yaml +# 2. storage.yaml +# 3. component.yaml +# +# db.yaml is required for FlyteAdmin and DataCatalog +# ############################################ +configMapGenerator: +# the main admin configmap +- name: flyte-admin-config + files: + - ./config/admin/server.yaml + - ./config/admin/db.yaml + - ./config/admin/cluster_resources.yaml + - ./config/admin/remote_data.yaml + - ./config/admin/task_resource_defaults.yaml + - ./config/storage.yaml + - ./config/logger.yaml + +# cluster resource templates +- name: clusterresource-template + files: +# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". + - ./config/clusterresource-templates/aa_namespace.yaml + - ./config/clusterresource-templates/ab_project-resource-quota.yaml + - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + - ./config/clusterresource-templates/ad_spark-role.yaml + - ./config/clusterresource-templates/ae_spark-service-account.yaml + - ./config/clusterresource-templates/af_spark-role-binding.yaml + +# Flyte Propeller Configuration +- name: flyte-propeller-config + files: + - ./config/propeller/core.yaml + - ./config/propeller/admin.yaml + - ./config/propeller/catalog.yaml + - ./config/enabled_plugins.yaml + - ./config/plugins/copilot.yaml + - ./config/plugins/k8s.yaml + - ./config/plugins/task_logs.yaml + - ./config/storage.yaml + - ./config/logger.yaml + +# TODO Flyte Console Configuration +#- name: flyte-console-config +# files: +# - ./config/console.yaml + +- name: datacatalog-config + files: + - ./config/datacatalog/server.yaml + - ./config/datacatalog/db.yaml + - ./config/storage.yaml + - ./config/logger.yaml diff --git a/kustomize/base/propeller/kustomization.yaml b/kustomize/base/propeller/kustomization.yaml index 3f090bdf48..402ee47755 100644 --- a/kustomize/base/propeller/kustomization.yaml +++ b/kustomize/base/propeller/kustomization.yaml @@ -1,3 +1,11 @@ resources: - deployment.yaml - rbac.yaml + +# Images that should be used +images: + # FlytePropeller + - name: flytepropeller # match images with this name + newTag: v0.3.12 # override the tag + newName: docker.io/lyft/flytepropeller # override the name + diff --git a/kustomize/base/flyte/admin/deployment.yaml b/kustomize/overlays/sandbox/admin/deployment.yaml similarity index 100% rename from kustomize/base/flyte/admin/deployment.yaml rename to kustomize/overlays/sandbox/admin/deployment.yaml diff --git a/kustomize/base/flyte/admin/kustomization.yaml b/kustomize/overlays/sandbox/admin/kustomization.yaml similarity index 100% rename from kustomize/base/flyte/admin/kustomization.yaml rename to kustomize/overlays/sandbox/admin/kustomization.yaml diff --git a/kustomize/overlays/sandbox/admindeployment/admindeployment.yaml b/kustomize/overlays/sandbox/admindeployment/admindeployment.yaml deleted file mode 100644 index fcb94a9898..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/admindeployment.yaml +++ /dev/null @@ -1,62 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteadmin - namespace: flyte -spec: - template: - spec: - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - initContainers: - - name: check-db-ready - image: postgres:10.1 - command: ['sh', '-c', - 'until pg_isready -h postgres -p 5432; - do echo waiting for database; sleep 2; done;'] - - name: run-migrations - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", - "migrate", "run"] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: seed-projects - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", - "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: sync-cluster-resources - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - containers: - - name: flyteadmin - resources: - limits: - memory: "200Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteadmin - namespace: flyte -spec: - ports: - - name: redoc - protocol: TCP - port: 87 - targetPort: 8087 diff --git a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/aa_namespace.yaml b/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/aa_namespace.yaml deleted file mode 100644 index 3075aa9f9e..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/aa_namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: {{ namespace }} -spec: - finalizers: - - kubernetes diff --git a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ad_spark-role.yaml b/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ad_spark-role.yaml deleted file mode 100644 index 2dc0b21b65..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ad_spark-role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: Role -metadata: - name: spark-role - namespace: {{ namespace }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' diff --git a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ae_spark-service-account.yaml deleted file mode 100644 index dddd8d2742..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ae_spark-service-account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: spark - namespace: {{ namespace }} diff --git a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/af_spark-role-binding.yaml deleted file mode 100644 index 4b6c43bbb7..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/af_spark-role-binding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: RoleBinding -metadata: - name: spark-role-binding - namespace: {{ namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: spark-role -subjects: -- kind: ServiceAccount - name: spark - namespace: {{ namespace }} - diff --git a/kustomize/overlays/sandbox/admindeployment/cron.yaml b/kustomize/overlays/sandbox/admindeployment/cron.yaml deleted file mode 100644 index 54d244cc37..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/cron.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - schedule: "*/1 * * * *" - jobTemplate: - spec: - template: - spec: - serviceAccountName: flyteadmin - containers: - - name: sync-cluster-resources - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - - name: config-volume - configMap: - name: flyte-admin-config - restartPolicy: OnFailure diff --git a/kustomize/overlays/sandbox/admindeployment/flyteadmin_config.yaml b/kustomize/overlays/sandbox/admindeployment/flyteadmin_config.yaml deleted file mode 100644 index 661eee6bf6..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/flyteadmin_config.yaml +++ /dev/null @@ -1,80 +0,0 @@ -logger: - show-source: true - level: 5 -server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" -flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin -database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable -remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 -storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" -task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi -domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production -cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m diff --git a/kustomize/overlays/sandbox/admindeployment/kustomization.yaml b/kustomize/overlays/sandbox/admindeployment/kustomization.yaml deleted file mode 100644 index efc58b6071..0000000000 --- a/kustomize/overlays/sandbox/admindeployment/kustomization.yaml +++ /dev/null @@ -1,25 +0,0 @@ -bases: -- ../../../base/admindeployment - -namespace: flyte - -resources: -- cron.yaml - -configMapGenerator: -# the main admin configmap -- name: flyte-admin-config - files: - - flyteadmin_config.yaml -# cluster resource templates -- name: clusterresource-template - files: -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - clusterresource-templates/aa_namespace.yaml - - clusterresource-templates/ab_project-resource-quota.yaml - - clusterresource-templates/ac_project-copilot-dataconfig.yaml - - clusterresource-templates/ad_spark-role.yaml - - clusterresource-templates/ae_spark-service-account.yaml - - clusterresource-templates/af_spark-role-binding.yaml -patches: -- admindeployment.yaml diff --git a/kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/overlays/sandbox/config/clusterresource-templates/ab_project-resource-quota.yaml similarity index 100% rename from kustomize/overlays/sandbox/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml rename to kustomize/overlays/sandbox/config/clusterresource-templates/ab_project-resource-quota.yaml diff --git a/kustomize/base/flyte/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/overlays/sandbox/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml similarity index 100% rename from kustomize/base/flyte/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml rename to kustomize/overlays/sandbox/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml diff --git a/kustomize/overlays/sandbox/config/console.yaml b/kustomize/overlays/sandbox/config/console.yaml new file mode 100644 index 0000000000..cb482fddd4 --- /dev/null +++ b/kustomize/overlays/sandbox/config/console.yaml @@ -0,0 +1,5 @@ +# This determines the base url used for all console links. It must match the route specified in ingress.yaml +BASE_URL: /console +CONFIG_DIR: /etc/flyte/config +DISABLE_AUTH: "true" + diff --git a/kustomize/overlays/sandbox/config/datacatalog_db.yaml b/kustomize/overlays/sandbox/config/datacatalog_db.yaml new file mode 100644 index 0000000000..76ba812d63 --- /dev/null +++ b/kustomize/overlays/sandbox/config/datacatalog_db.yaml @@ -0,0 +1,6 @@ +database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable diff --git a/kustomize/base/flyte/config/db.yaml b/kustomize/overlays/sandbox/config/db.yaml similarity index 100% rename from kustomize/base/flyte/config/db.yaml rename to kustomize/overlays/sandbox/config/db.yaml diff --git a/kustomize/base/flyte/config/enabled_plugins.yaml b/kustomize/overlays/sandbox/config/enabled_plugins.yaml similarity index 87% rename from kustomize/base/flyte/config/enabled_plugins.yaml rename to kustomize/overlays/sandbox/config/enabled_plugins.yaml index 1ee6e3ded3..d977092b35 100644 --- a/kustomize/base/flyte/config/enabled_plugins.yaml +++ b/kustomize/overlays/sandbox/config/enabled_plugins.yaml @@ -5,3 +5,4 @@ tasks: - sidecar - spark - k8s-array + - pytorch diff --git a/kustomize/base/flyte/config/logger.yaml b/kustomize/overlays/sandbox/config/logger.yaml similarity index 71% rename from kustomize/base/flyte/config/logger.yaml rename to kustomize/overlays/sandbox/config/logger.yaml index abe53e7359..a6854ed6ce 100644 --- a/kustomize/base/flyte/config/logger.yaml +++ b/kustomize/overlays/sandbox/config/logger.yaml @@ -1,3 +1,3 @@ logger: show-source: true - level: 5 + level: 2 diff --git a/kustomize/base/flyte/config/plugins/k8s.yaml b/kustomize/overlays/sandbox/config/plugins/k8s.yaml similarity index 100% rename from kustomize/base/flyte/config/plugins/k8s.yaml rename to kustomize/overlays/sandbox/config/plugins/k8s.yaml diff --git a/kustomize/base/flyte/config/plugins/qubole.yaml b/kustomize/overlays/sandbox/config/plugins/qubole.yaml similarity index 100% rename from kustomize/base/flyte/config/plugins/qubole.yaml rename to kustomize/overlays/sandbox/config/plugins/qubole.yaml diff --git a/kustomize/base/flyte/config/plugins/spark.yaml b/kustomize/overlays/sandbox/config/plugins/spark.yaml similarity index 100% rename from kustomize/base/flyte/config/plugins/spark.yaml rename to kustomize/overlays/sandbox/config/plugins/spark.yaml diff --git a/kustomize/base/flyte/config/plugins/task_logs.yaml b/kustomize/overlays/sandbox/config/plugins/task_logs.yaml similarity index 100% rename from kustomize/base/flyte/config/plugins/task_logs.yaml rename to kustomize/overlays/sandbox/config/plugins/task_logs.yaml diff --git a/kustomize/base/flyte/config/storage.yaml b/kustomize/overlays/sandbox/config/storage.yaml similarity index 100% rename from kustomize/base/flyte/config/storage.yaml rename to kustomize/overlays/sandbox/config/storage.yaml diff --git a/kustomize/overlays/sandbox/console/config.yaml b/kustomize/overlays/sandbox/console/config.yaml deleted file mode 100644 index ff292b4b62..0000000000 --- a/kustomize/overlays/sandbox/console/config.yaml +++ /dev/null @@ -1,12 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: flyte-console-config - namespace: flyte -data: - # This determines the base url used for all console links. It must match the route specified in ingress.yaml - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config - DISABLE_AUTH: "true" - # IF Port-forwardin or if Admin and Console are running on different domainsg, then this should point to the host/port of Flyteadmin - # ADMIN_API_URL: http://localhost:8089 diff --git a/kustomize/overlays/sandbox/console/console.yaml b/kustomize/overlays/sandbox/console/console.yaml deleted file mode 100644 index 9261654671..0000000000 --- a/kustomize/overlays/sandbox/console/console.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteconsole - namespace: flyte -spec: - template: - spec: - containers: - - name: flyteconsole - resources: - limits: - memory: "150Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" diff --git a/kustomize/overlays/sandbox/console/kustomization.yaml b/kustomize/overlays/sandbox/console/kustomization.yaml deleted file mode 100644 index 8ddf03bf6d..0000000000 --- a/kustomize/overlays/sandbox/console/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -bases: -- ../../../base/console - -patches: -- console.yaml -- config.yaml diff --git a/kustomize/overlays/sandbox/datacatalog/datacatalog.yaml b/kustomize/overlays/sandbox/datacatalog/datacatalog.yaml deleted file mode 100644 index 40eb2cefec..0000000000 --- a/kustomize/overlays/sandbox/datacatalog/datacatalog.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: datacatalog - namespace: flyte -spec: - template: - spec: - initContainers: - - name: check-db-ready - image: postgres:10.1 - command: ['sh', '-c', - 'until pg_isready -h postgres -p 5432; - do echo waiting for database; sleep 2; done;'] - volumeMounts: - - name: config-volume - mountPath: /etc/datacatalog/config - containers: - - name: datacatalog - resources: - limits: - memory: "200Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" ---- -apiVersion: v1 -kind: Service -metadata: - name: datacatalog - namespace: flyte diff --git a/kustomize/overlays/sandbox/datacatalog/datacatalog_config.yaml b/kustomize/overlays/sandbox/datacatalog/datacatalog_config.yaml deleted file mode 100644 index 7812ba566d..0000000000 --- a/kustomize/overlays/sandbox/datacatalog/datacatalog_config.yaml +++ /dev/null @@ -1,28 +0,0 @@ -logger: - show-source: true - level: 5 -datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 -application: - grpcPort: 8089 -storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - cache: - max_size_mbs: 10 - target_gc_percent: 100 - container: my-container - type: minio -database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable diff --git a/kustomize/overlays/sandbox/datacatalog/kustomization.yaml b/kustomize/overlays/sandbox/datacatalog/kustomization.yaml deleted file mode 100644 index 9876c444a0..0000000000 --- a/kustomize/overlays/sandbox/datacatalog/kustomization.yaml +++ /dev/null @@ -1,12 +0,0 @@ -bases: -- ../../../base/datacatalog - -namespace: flyte - -configMapGenerator: -- name: datacatalog-config - files: - - datacatalog_config.yaml - -patches: -- datacatalog.yaml diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/custom-config.yaml b/kustomize/overlays/sandbox/dependencies/contour_ingress_controller/custom-config.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/contour_ingress_controller/custom-config.yaml rename to kustomize/overlays/sandbox/dependencies/contour_ingress_controller/custom-config.yaml diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/deployment.yaml b/kustomize/overlays/sandbox/dependencies/contour_ingress_controller/deployment.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/contour_ingress_controller/deployment.yaml rename to kustomize/overlays/sandbox/dependencies/contour_ingress_controller/deployment.yaml diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/kustomization.yaml b/kustomize/overlays/sandbox/dependencies/contour_ingress_controller/kustomization.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/contour_ingress_controller/kustomization.yaml rename to kustomize/overlays/sandbox/dependencies/contour_ingress_controller/kustomization.yaml diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/namespace.yaml b/kustomize/overlays/sandbox/dependencies/contour_ingress_controller/namespace.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/contour_ingress_controller/namespace.yaml rename to kustomize/overlays/sandbox/dependencies/contour_ingress_controller/namespace.yaml diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/rbac.yaml b/kustomize/overlays/sandbox/dependencies/contour_ingress_controller/rbac.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/contour_ingress_controller/rbac.yaml rename to kustomize/overlays/sandbox/dependencies/contour_ingress_controller/rbac.yaml diff --git a/kustomize/base/flyte/dependencies/contour_ingress_controller/service.yaml b/kustomize/overlays/sandbox/dependencies/contour_ingress_controller/service.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/contour_ingress_controller/service.yaml rename to kustomize/overlays/sandbox/dependencies/contour_ingress_controller/service.yaml diff --git a/kustomize/base/flyte/dependencies/database/database.yaml b/kustomize/overlays/sandbox/dependencies/database/database.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/database/database.yaml rename to kustomize/overlays/sandbox/dependencies/database/database.yaml diff --git a/kustomize/base/flyte/dependencies/database/kustomization.yaml b/kustomize/overlays/sandbox/dependencies/database/kustomization.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/database/kustomization.yaml rename to kustomize/overlays/sandbox/dependencies/database/kustomization.yaml diff --git a/kustomize/overlays/sandbox/dependencies/kustomization.yaml b/kustomize/overlays/sandbox/dependencies/kustomization.yaml deleted file mode 100644 index 2115fea9cd..0000000000 --- a/kustomize/overlays/sandbox/dependencies/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -bases: - - ../dependencies/service.yaml diff --git a/kustomize/base/flyte/dependencies/nodeport-services.yaml b/kustomize/overlays/sandbox/dependencies/nodeport-services.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/nodeport-services.yaml rename to kustomize/overlays/sandbox/dependencies/nodeport-services.yaml diff --git a/kustomize/base/flyte/dependencies/redis/deployment.yaml b/kustomize/overlays/sandbox/dependencies/redis/deployment.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/redis/deployment.yaml rename to kustomize/overlays/sandbox/dependencies/redis/deployment.yaml diff --git a/kustomize/base/flyte/dependencies/redis/kustomization.yaml b/kustomize/overlays/sandbox/dependencies/redis/kustomization.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/redis/kustomization.yaml rename to kustomize/overlays/sandbox/dependencies/redis/kustomization.yaml diff --git a/kustomize/base/flyte/dependencies/redis/service.yaml b/kustomize/overlays/sandbox/dependencies/redis/service.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/redis/service.yaml rename to kustomize/overlays/sandbox/dependencies/redis/service.yaml diff --git a/kustomize/overlays/sandbox/dependencies/service.yaml b/kustomize/overlays/sandbox/dependencies/service.yaml deleted file mode 100644 index 875131d11f..0000000000 --- a/kustomize/overlays/sandbox/dependencies/service.yaml +++ /dev/null @@ -1,35 +0,0 @@ -# For docker-desktop at least, the range of valid ports is 30000-32767, which is why we're constrained to these -# odd port numbers. Since the base ingress runs on 30081, the K8s dashboard runs on 30082, these just continue from there. -# These nodeports are exposed to save contributors the trouble of port forwarding when running locally. - -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort diff --git a/kustomize/base/flyte/dependencies/storage/kustomization.yaml b/kustomize/overlays/sandbox/dependencies/storage/kustomization.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/storage/kustomization.yaml rename to kustomize/overlays/sandbox/dependencies/storage/kustomization.yaml diff --git a/kustomize/base/flyte/dependencies/storage/storage.yaml b/kustomize/overlays/sandbox/dependencies/storage/storage.yaml similarity index 100% rename from kustomize/base/flyte/dependencies/storage/storage.yaml rename to kustomize/overlays/sandbox/dependencies/storage/storage.yaml diff --git a/kustomize/overlays/sandbox/flyte/kustomization.yaml b/kustomize/overlays/sandbox/flyte/kustomization.yaml deleted file mode 100644 index 95a9387001..0000000000 --- a/kustomize/overlays/sandbox/flyte/kustomization.yaml +++ /dev/null @@ -1,22 +0,0 @@ -bases: -# global resources -- ../../../base/namespace -- ../../../dependencies/database -- ../../../dependencies/storage - -# user plane / control plane resources -- ../../../base/ingress -- ../../../dependencies/contour_ingress_controller -- ../admindeployment -- ../datacatalog -- ../console - -# data plane resources -- ../../../base/wf_crd -- ../../../base/operators/spark -- ../../../base/adminserviceaccount -- ../propeller -- ../redis - -# dependencies -- ../dependencies diff --git a/kustomize/base/flyte/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml similarity index 56% rename from kustomize/base/flyte/kustomization.yaml rename to kustomize/overlays/sandbox/kustomization.yaml index 3369622459..ea07631e5f 100644 --- a/kustomize/base/flyte/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -4,52 +4,23 @@ kind: Kustomization # Override the namespace namespace: flyte -# Images that should be used -images: - # FlyteAdmin - - name: flyteadmin # match images with this name - newTag: v0.3.5 # override the tag - newName: docker.io/lyft/flyteadmin # override the name - # FlytePropeller - - name: flytepropeller # match images with this name - newTag: v0.3.12 # override the tag - newName: docker.io/lyft/flytepropeller # override the name - # Flyte DataCatalog - - name: datacatalog # match images with this name - newTag: v0.2.2 # override the tag - newName: docker.io/lyft/datacatalog # override the name - # FlyteConsole - - name: flyteconsole # match images with this name - newTag: v0.11.0 # override the tag - newName: docker.io/lyft/flyteconsole # override the name +bases: +- ../../base/flyte_single_cluster + # All the resources that make up the deployment resources: -# global resources -- ../namespace -- ../ingress -- ./admin/ -- ../datacatalog -- ../console -- ../wf_crd -- ../propeller -- ../adminserviceaccount ######## # Operators to be enabled -- ../operators/spark - #- ../operators/sagemaker -- ../operators/kfoperators/pytorch - #- ../operators/kfoperators/tensorflow - ########### - # Used to store data. In production use hosted SQL Servers - e.g. Postgres (AWS RDS), Aurora postgres (AWS RDS), CLOUDSQL (GCP) etc +- ../../base/operators/spark +- ../../base/operators/kfoperators/pytorch + ############# + # Dependencies to be configured - ./dependencies/database - ########## # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc - ./dependencies/storage - ##### # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) - ./dependencies/redis - ###### # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - ./dependencies/contour_ingress_controller # Add node ports for ease of use locally @@ -68,29 +39,25 @@ resources: configMapGenerator: # the main admin configmap - name: flyte-admin-config + behavior: merge files: - - ./config/admin.yaml - ./config/db.yaml - ./config/storage.yaml - ./config/logger.yaml # cluster resource templates - name: clusterresource-template + behavior: merge files: # Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - ./config/clusterresource-templates/aa_namespace.yaml - ./config/clusterresource-templates/ab_project-resource-quota.yaml - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml - - ./config/clusterresource-templates/ad_spark-role.yaml - - ./config/clusterresource-templates/ae_spark-service-account.yaml - - ./config/clusterresource-templates/af_spark-role-binding.yaml # Flyte Propeller Configuration - name: flyte-propeller-config + behavior: merge files: - - ./config/propeller.yaml - ./config/enabled_plugins.yaml - - ./config/plugins/copilot.yaml - ./config/plugins/k8s.yaml - ./config/plugins/qubole.yaml - ./config/plugins/spark.yaml @@ -104,7 +71,7 @@ configMapGenerator: # - ./config/console.yaml - name: datacatalog-config + behavior: merge files: - - ./config/datacatalog.yaml - ./config/storage.yaml - ./config/logger.yaml diff --git a/kustomize/overlays/sandbox/propeller/config.yaml b/kustomize/overlays/sandbox/propeller/config.yaml deleted file mode 100644 index 1e699aab2f..0000000000 --- a/kustomize/overlays/sandbox/propeller/config.yaml +++ /dev/null @@ -1,68 +0,0 @@ -propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager.flyte:6379 - hostKey: mypassword -logger: - show-source: true - level: 5 -storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket -event: - type: admin - rate: 500 - capacity: 1000 -admin: - endpoint: flyteadmin:81 - insecure: true -catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array diff --git a/kustomize/overlays/sandbox/propeller/kustomization.yaml b/kustomize/overlays/sandbox/propeller/kustomization.yaml deleted file mode 100644 index 18170c1c81..0000000000 --- a/kustomize/overlays/sandbox/propeller/kustomization.yaml +++ /dev/null @@ -1,31 +0,0 @@ -bases: -- ../../../base/propeller - -namespace: flyte - -configMapGenerator: -# the main propeller configmap -- name: flyte-propeller-config - files: - - config.yaml -# the plugin-configmap -- name: flyte-plugin-config - files: - - plugins/config.yaml -# a configmap for each plugin -- name: flyte-spark-config - files: - - plugins/spark/config.yaml -- name: flyte-container-config - files: - - plugins/container/config.yaml -- name: flyte-qubole-config - files: - - plugins/qubole/config.yaml - -patches: -- propeller.yaml -# add the volumemount for each plugin configmap -- plugins/spark/propeller-patch.yaml -- plugins/container/propeller-patch.yaml -- plugins/qubole/propeller-patch.yaml diff --git a/kustomize/overlays/sandbox/propeller/plugins/config.yaml b/kustomize/overlays/sandbox/propeller/plugins/config.yaml deleted file mode 100644 index 74278e8acb..0000000000 --- a/kustomize/overlays/sandbox/propeller/plugins/config.yaml +++ /dev/null @@ -1,13 +0,0 @@ -plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "30s" diff --git a/kustomize/overlays/sandbox/propeller/plugins/container/config.yaml b/kustomize/overlays/sandbox/propeller/plugins/container/config.yaml deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/kustomize/overlays/sandbox/propeller/plugins/container/propeller-patch.yaml b/kustomize/overlays/sandbox/propeller/plugins/container/propeller-patch.yaml deleted file mode 100644 index fe9e305e28..0000000000 --- a/kustomize/overlays/sandbox/propeller/plugins/container/propeller-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - volumes: - - name: container-config-volume - configMap: - name: flyte-container-config - containers: - - name: flytepropeller - volumeMounts: - - name: container-config-volume - mountPath: /etc/flyte/config-container diff --git a/kustomize/overlays/sandbox/propeller/plugins/qubole/config.yaml b/kustomize/overlays/sandbox/propeller/plugins/qubole/config.yaml deleted file mode 100644 index ea34d2752b..0000000000 --- a/kustomize/overlays/sandbox/propeller/plugins/qubole/config.yaml +++ /dev/null @@ -1,3 +0,0 @@ -plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" diff --git a/kustomize/overlays/sandbox/propeller/plugins/qubole/propeller-patch.yaml b/kustomize/overlays/sandbox/propeller/plugins/qubole/propeller-patch.yaml deleted file mode 100644 index cd85986073..0000000000 --- a/kustomize/overlays/sandbox/propeller/plugins/qubole/propeller-patch.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# This file is only for volume mounts. The configmap itself that's being mounted is sufficiently different that -# there's no benefit to having it in this folder, since the entire thing gets overridden anyways. ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - volumes: - - name: qubole-config-volume - configMap: - name: flyte-qubole-config - containers: - - name: flytepropeller - volumeMounts: - - name: qubole-config-volume - mountPath: /etc/flyte/config-qubole diff --git a/kustomize/overlays/sandbox/propeller/plugins/spark/config.yaml b/kustomize/overlays/sandbox/propeller/plugins/spark/config.yaml deleted file mode 100644 index c1ffb9209a..0000000000 --- a/kustomize/overlays/sandbox/propeller/plugins/spark/config.yaml +++ /dev/null @@ -1,16 +0,0 @@ -plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" diff --git a/kustomize/overlays/sandbox/propeller/plugins/spark/propeller-patch.yaml b/kustomize/overlays/sandbox/propeller/plugins/spark/propeller-patch.yaml deleted file mode 100644 index a1c2aacd10..0000000000 --- a/kustomize/overlays/sandbox/propeller/plugins/spark/propeller-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - volumes: - - name: spark-config-volume - configMap: - name: flyte-spark-config - containers: - - name: flytepropeller - volumeMounts: - - name: spark-config-volume - mountPath: /etc/flyte/config-spark diff --git a/kustomize/overlays/sandbox/propeller/propeller.yaml b/kustomize/overlays/sandbox/propeller/propeller.yaml deleted file mode 100644 index 498055e6fc..0000000000 --- a/kustomize/overlays/sandbox/propeller/propeller.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - containers: - - name: flytepropeller - env: - - name: QUBOLE_API_KEY - value: notarealkey - resources: - limits: - memory: "100Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" diff --git a/kustomize/overlays/sandbox/redis/kustomization.yaml b/kustomize/overlays/sandbox/redis/kustomization.yaml deleted file mode 100644 index 12ec57311d..0000000000 --- a/kustomize/overlays/sandbox/redis/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -bases: -- ../../../dependencies/redis - -patches: -- storage.yaml diff --git a/kustomize/overlays/sandbox/redis/storage.yaml b/kustomize/overlays/sandbox/redis/storage.yaml deleted file mode 100644 index 0c5aed931b..0000000000 --- a/kustomize/overlays/sandbox/redis/storage.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - template: - spec: - volumes: - - name: redis-data - emptyDir: {} From 680100add35e57cce36759834983a13488f78c79 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 21 Sep 2020 11:19:00 -0700 Subject: [PATCH 09/41] remove dependencies --- .../custom-config.yaml | 134 ------------------ .../deployment.yaml | 66 --------- .../kustomization.yaml | 6 - .../contour_ingress_controller/namespace.yaml | 4 - .../contour_ingress_controller/rbac.yaml | 66 --------- .../contour_ingress_controller/service.yaml | 17 --- kustomize/dependencies/database/database.yaml | 38 ----- .../dependencies/database/kustomization.yaml | 2 - kustomize/dependencies/redis/deployment.yaml | 56 -------- .../dependencies/redis/kustomization.yaml | 3 - kustomize/dependencies/redis/service.yaml | 16 --- .../dependencies/storage/kustomization.yaml | 2 - kustomize/dependencies/storage/storage.yaml | 63 -------- 13 files changed, 473 deletions(-) delete mode 100644 kustomize/dependencies/contour_ingress_controller/custom-config.yaml delete mode 100644 kustomize/dependencies/contour_ingress_controller/deployment.yaml delete mode 100644 kustomize/dependencies/contour_ingress_controller/kustomization.yaml delete mode 100644 kustomize/dependencies/contour_ingress_controller/namespace.yaml delete mode 100644 kustomize/dependencies/contour_ingress_controller/rbac.yaml delete mode 100644 kustomize/dependencies/contour_ingress_controller/service.yaml delete mode 100644 kustomize/dependencies/database/database.yaml delete mode 100644 kustomize/dependencies/database/kustomization.yaml delete mode 100644 kustomize/dependencies/redis/deployment.yaml delete mode 100644 kustomize/dependencies/redis/kustomization.yaml delete mode 100644 kustomize/dependencies/redis/service.yaml delete mode 100644 kustomize/dependencies/storage/kustomization.yaml delete mode 100644 kustomize/dependencies/storage/storage.yaml diff --git a/kustomize/dependencies/contour_ingress_controller/custom-config.yaml b/kustomize/dependencies/contour_ingress_controller/custom-config.yaml deleted file mode 100644 index c0fcfee56a..0000000000 --- a/kustomize/dependencies/contour_ingress_controller/custom-config.yaml +++ /dev/null @@ -1,134 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: ingressroutes.contour.heptio.com - labels: - component: ingressroute -spec: - group: contour.heptio.com - version: v1beta1 - scope: Namespaced - names: - plural: ingressroutes - kind: IngressRoute - additionalPrinterColumns: - - name: FQDN - type: string - description: Fully qualified domain name - JSONPath: .spec.virtualhost.fqdn - - name: TLS Secret - type: string - description: Secret with TLS credentials - JSONPath: .spec.virtualhost.tls.secretName - - name: First route - type: string - description: First routes defined - JSONPath: .spec.routes[0].match - - name: Status - type: string - description: The current status of the IngressRoute - JSONPath: .status.currentStatus - - name: Status Description - type: string - description: Description of the current status - JSONPath: .status.description - validation: - openAPIV3Schema: - properties: - spec: - required: - - routes - properties: - virtualhost: - properties: - fqdn: - type: string - pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ - aliases: - type: array - items: - type: string - pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ - strategy: - type: string - enum: - - RoundRobin - - LeastRequest - - Random - - RingHash - - Maglev - healthCheck: - type: object - required: - - path - properties: - path: - type: string - pattern: ^\/.*$ - intervalSeconds: - type: integer - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - healthyThresholdCount: - type: integer - routes: - type: array - items: - required: - - match - properties: - match: - type: string - pattern: ^\/.*$ - delegate: - type: object - required: - - name - properties: - name: - type: string - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 - namespace: - type: string - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 - services: - type: array - items: - type: object - required: - - name - - port - properties: - name: - type: string - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 - port: - type: integer - weight: - type: integer - strategy: - type: string - enum: - - RoundRobin - - WeightedLeastRequest - - Random - - RingHash - - Maglev - healthCheck: - type: object - required: - - path - properties: - path: - type: string - pattern: ^\/.*$ - intervalSeconds: - type: integer - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - healthyThresholdCount: - type: integer diff --git a/kustomize/dependencies/contour_ingress_controller/deployment.yaml b/kustomize/dependencies/contour_ingress_controller/deployment.yaml deleted file mode 100644 index c24f2b504c..0000000000 --- a/kustomize/dependencies/contour_ingress_controller/deployment.yaml +++ /dev/null @@ -1,66 +0,0 @@ -# Create the actual deployment -apiVersion: apps/v1 -kind: Deployment -metadata: - name: contour - namespace: heptio-contour - labels: - app: contour -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - labels: - app: contour - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8002" - prometheus.io/path: "/stats" - prometheus.io/format: "prometheus" - spec: - containers: - - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - command: ["envoy"] - args: ["-c", "/config/contour.yaml", "--service-cluster", "cluster0", "--service-node", "node0"] - volumeMounts: - - name: contour-config - mountPath: /config - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - cpu: 100m - memory: 100Mi - - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - ports: - - containerPort: 8000 - name: contour - name: contour-unknown - command: ["contour"] - args: ["serve", "--incluster", "--envoy-http-port=80", "--debug-http-port=6069"] - initContainers: - - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - command: ["contour"] - args: ["bootstrap", "/config/contour.yaml", "--statsd-enabled"] - volumeMounts: - - name: contour-config - mountPath: /config - volumes: - - name: contour-config - emptyDir: {} - dnsPolicy: ClusterFirst - serviceAccountName: contour - terminationGracePeriodSeconds: 30 diff --git a/kustomize/dependencies/contour_ingress_controller/kustomization.yaml b/kustomize/dependencies/contour_ingress_controller/kustomization.yaml deleted file mode 100644 index 36ba42801d..0000000000 --- a/kustomize/dependencies/contour_ingress_controller/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -resources: -- namespace.yaml -- rbac.yaml -- custom-config.yaml -- service.yaml -- deployment.yaml diff --git a/kustomize/dependencies/contour_ingress_controller/namespace.yaml b/kustomize/dependencies/contour_ingress_controller/namespace.yaml deleted file mode 100644 index 4be554a003..0000000000 --- a/kustomize/dependencies/contour_ingress_controller/namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: heptio-contour diff --git a/kustomize/dependencies/contour_ingress_controller/rbac.yaml b/kustomize/dependencies/contour_ingress_controller/rbac.yaml deleted file mode 100644 index 4492a6f80f..0000000000 --- a/kustomize/dependencies/contour_ingress_controller/rbac.yaml +++ /dev/null @@ -1,66 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: contour - namespace: heptio-contour ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: contour -rules: -- apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - get - - list - - watch -- apiGroups: ["contour.heptio.com"] - resources: ["ingressroutes"] - verbs: - - get - - list - - watch - - put - - post - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: contour -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: contour -subjects: -- kind: ServiceAccount - name: contour - namespace: heptio-contour diff --git a/kustomize/dependencies/contour_ingress_controller/service.yaml b/kustomize/dependencies/contour_ingress_controller/service.yaml deleted file mode 100644 index b7e10ab4af..0000000000 --- a/kustomize/dependencies/contour_ingress_controller/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Service -apiVersion: v1 -kind: Service -metadata: - name: contour - namespace: heptio-contour - labels: - app: contour -spec: - # use NodePort to make sure the service is accessible - type: NodePort - selector: - app: contour - ports: - - protocol: TCP - port: 80 - nodePort: 30081 diff --git a/kustomize/dependencies/database/database.yaml b/kustomize/dependencies/database/database.yaml deleted file mode 100644 index b85eea088a..0000000000 --- a/kustomize/dependencies/database/database.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres - namespace: flyte -spec: - selector: - matchLabels: - app: postgres - template: - metadata: - labels: - app: postgres - spec: - volumes: - - name: postgres-storage - emptyDir: {} - containers: - - image: "postgres:10.1" - name: postgres - ports: - - containerPort: 5432 - name: postgres - volumeMounts: - - name: postgres-storage - mountPath: /var/lib/postgresql/data ---- - apiVersion: v1 - kind: Service - metadata: - name: postgres - namespace: flyte - spec: - ports: - - port: 5432 - selector: - app: postgres diff --git a/kustomize/dependencies/database/kustomization.yaml b/kustomize/dependencies/database/kustomization.yaml deleted file mode 100644 index ca2ede8d46..0000000000 --- a/kustomize/dependencies/database/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- database.yaml diff --git a/kustomize/dependencies/redis/deployment.yaml b/kustomize/dependencies/redis/deployment.yaml deleted file mode 100644 index 6d02c0faac..0000000000 --- a/kustomize/dependencies/redis/deployment.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: docker.io/bitnami/redis:4.0.2-r1 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always diff --git a/kustomize/dependencies/redis/kustomization.yaml b/kustomize/dependencies/redis/kustomization.yaml deleted file mode 100644 index a944d005ca..0000000000 --- a/kustomize/dependencies/redis/kustomization.yaml +++ /dev/null @@ -1,3 +0,0 @@ -resources: -- deployment.yaml -- service.yaml diff --git a/kustomize/dependencies/redis/service.yaml b/kustomize/dependencies/redis/service.yaml deleted file mode 100644 index 8c86264ae3..0000000000 --- a/kustomize/dependencies/redis/service.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP diff --git a/kustomize/dependencies/storage/kustomization.yaml b/kustomize/dependencies/storage/kustomization.yaml deleted file mode 100644 index 9a80610c4e..0000000000 --- a/kustomize/dependencies/storage/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- storage.yaml diff --git a/kustomize/dependencies/storage/storage.yaml b/kustomize/dependencies/storage/storage.yaml deleted file mode 100644 index d0ac2d0390..0000000000 --- a/kustomize/dependencies/storage/storage.yaml +++ /dev/null @@ -1,63 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - namespace: flyte -spec: - selector: - matchLabels: - app: minio - template: - metadata: - labels: - app: minio - spec: - volumes: - - name: minio-storage - emptyDir: {} - containers: - - image: "minio/minio:RELEASE.2019-06-04T01-15-58Z" - name: minio - env: - - name: MINIO_ACCESS_KEY - value: minio - - name: MINIO_SECRET_KEY - value: miniostorage - args: - - server - - /data - ports: - - containerPort: 9000 - name: minio - volumeMounts: - - name: minio-storage - mountPath: /data ---- -apiVersion: v1 -kind: Service -metadata: - name: minio - namespace: flyte -spec: - externalName: minio - ports: - - port: 9000 - selector: - app: minio ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: minio - namespace: flyte - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" -spec: - rules: - - http: - paths: - - path: /minio - backend: - serviceName: minio - servicePort: 9000 From f5ad4b994057dccd458cc7d9bae646d96ac2256d Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 21 Sep 2020 13:20:17 -0700 Subject: [PATCH 10/41] improved --- .../ac_project-copilot-dataconfig.yaml | 10 +----- .../config/{ => common}/logger.yaml | 0 .../config/{ => common}/storage.yaml | 0 .../config/{ => console}/console.yaml | 0 .../{ => propeller}/enabled_plugins.yaml | 0 .../{ => propeller}/plugins/copilot.yaml | 0 .../config/{ => propeller}/plugins/k8s.yaml | 0 .../{ => propeller}/plugins/task_logs.yaml | 0 .../config/propeller/resource_manager.yaml | 7 ++++ .../flyte_single_cluster/kustomization.yaml | 34 ++++++------------- .../sandbox/config/{ => admin}/db.yaml | 0 .../ad_spark-role.yaml | 0 .../ae_spark-service-account.yaml | 0 .../af_spark-role-binding.yaml | 0 .../sandbox/config/{ => common}/logger.yaml | 0 .../sandbox/config/{ => common}/storage.yaml | 0 .../db.yaml} | 0 .../{ => propeller}/enabled_plugins.yaml | 0 .../config/{ => propeller}/plugins/k8s.yaml | 0 .../{ => propeller}/plugins/qubole.yaml | 0 .../config/{ => propeller}/plugins/spark.yaml | 0 .../{ => propeller}/plugins/task_logs.yaml | 0 kustomize/overlays/sandbox/kustomization.yaml | 28 ++++++++------- .../ab_project-resource-quota.yaml | 0 .../ac_project-copilot-dataconfig.yaml | 18 ++++++++++ .../{sandbox => test}/config/console.yaml | 0 .../overlays/test/config/datacatalog_db.yaml | 6 ++++ kustomize/overlays/test/config/db.yaml | 6 ++++ .../overlays/test/config/enabled_plugins.yaml | 6 ++++ kustomize/overlays/test/config/logger.yaml | 3 ++ kustomize/overlays/test/kustomization.yaml | 10 ++++++ .../overlays/test/redis/kustomization.yaml | 5 --- kustomize/overlays/test/redis/storage.yaml | 11 ------ 33 files changed, 83 insertions(+), 61 deletions(-) rename kustomize/base/flyte_single_cluster/config/{ => common}/logger.yaml (100%) rename kustomize/base/flyte_single_cluster/config/{ => common}/storage.yaml (100%) rename kustomize/base/flyte_single_cluster/config/{ => console}/console.yaml (100%) rename kustomize/base/flyte_single_cluster/config/{ => propeller}/enabled_plugins.yaml (100%) rename kustomize/base/flyte_single_cluster/config/{ => propeller}/plugins/copilot.yaml (100%) rename kustomize/base/flyte_single_cluster/config/{ => propeller}/plugins/k8s.yaml (100%) rename kustomize/base/flyte_single_cluster/config/{ => propeller}/plugins/task_logs.yaml (100%) create mode 100644 kustomize/base/flyte_single_cluster/config/propeller/resource_manager.yaml rename kustomize/overlays/sandbox/config/{ => admin}/db.yaml (100%) rename kustomize/{base/flyte_single_cluster => overlays/sandbox}/config/clusterresource-templates/ad_spark-role.yaml (100%) rename kustomize/{base/flyte_single_cluster => overlays/sandbox}/config/clusterresource-templates/ae_spark-service-account.yaml (100%) rename kustomize/{base/flyte_single_cluster => overlays/sandbox}/config/clusterresource-templates/af_spark-role-binding.yaml (100%) rename kustomize/overlays/sandbox/config/{ => common}/logger.yaml (100%) rename kustomize/overlays/sandbox/config/{ => common}/storage.yaml (100%) rename kustomize/overlays/sandbox/config/{datacatalog_db.yaml => datacatalog/db.yaml} (100%) rename kustomize/overlays/sandbox/config/{ => propeller}/enabled_plugins.yaml (100%) rename kustomize/overlays/sandbox/config/{ => propeller}/plugins/k8s.yaml (100%) rename kustomize/overlays/sandbox/config/{ => propeller}/plugins/qubole.yaml (100%) rename kustomize/overlays/sandbox/config/{ => propeller}/plugins/spark.yaml (100%) rename kustomize/overlays/sandbox/config/{ => propeller}/plugins/task_logs.yaml (100%) rename kustomize/overlays/{sandbox => test}/config/clusterresource-templates/ab_project-resource-quota.yaml (100%) create mode 100644 kustomize/overlays/test/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml rename kustomize/overlays/{sandbox => test}/config/console.yaml (100%) create mode 100644 kustomize/overlays/test/config/datacatalog_db.yaml create mode 100644 kustomize/overlays/test/config/db.yaml create mode 100644 kustomize/overlays/test/config/enabled_plugins.yaml create mode 100644 kustomize/overlays/test/config/logger.yaml create mode 100644 kustomize/overlays/test/kustomization.yaml delete mode 100644 kustomize/overlays/test/redis/kustomization.yaml delete mode 100644 kustomize/overlays/test/redis/storage.yaml diff --git a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml index 716933c5d3..95fd74fc0c 100644 --- a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml +++ b/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -7,13 +7,5 @@ metadata: data: config.yaml: | storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket + type: mem enable-multicontainer: true diff --git a/kustomize/base/flyte_single_cluster/config/logger.yaml b/kustomize/base/flyte_single_cluster/config/common/logger.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/logger.yaml rename to kustomize/base/flyte_single_cluster/config/common/logger.yaml diff --git a/kustomize/base/flyte_single_cluster/config/storage.yaml b/kustomize/base/flyte_single_cluster/config/common/storage.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/storage.yaml rename to kustomize/base/flyte_single_cluster/config/common/storage.yaml diff --git a/kustomize/base/flyte_single_cluster/config/console.yaml b/kustomize/base/flyte_single_cluster/config/console/console.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/console.yaml rename to kustomize/base/flyte_single_cluster/config/console/console.yaml diff --git a/kustomize/base/flyte_single_cluster/config/enabled_plugins.yaml b/kustomize/base/flyte_single_cluster/config/propeller/enabled_plugins.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/enabled_plugins.yaml rename to kustomize/base/flyte_single_cluster/config/propeller/enabled_plugins.yaml diff --git a/kustomize/base/flyte_single_cluster/config/plugins/copilot.yaml b/kustomize/base/flyte_single_cluster/config/propeller/plugins/copilot.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/plugins/copilot.yaml rename to kustomize/base/flyte_single_cluster/config/propeller/plugins/copilot.yaml diff --git a/kustomize/base/flyte_single_cluster/config/plugins/k8s.yaml b/kustomize/base/flyte_single_cluster/config/propeller/plugins/k8s.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/plugins/k8s.yaml rename to kustomize/base/flyte_single_cluster/config/propeller/plugins/k8s.yaml diff --git a/kustomize/base/flyte_single_cluster/config/plugins/task_logs.yaml b/kustomize/base/flyte_single_cluster/config/propeller/plugins/task_logs.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/plugins/task_logs.yaml rename to kustomize/base/flyte_single_cluster/config/propeller/plugins/task_logs.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/resource_manager.yaml b/kustomize/base/flyte_single_cluster/config/propeller/resource_manager.yaml new file mode 100644 index 0000000000..a4601e8f2d --- /dev/null +++ b/kustomize/base/flyte_single_cluster/config/propeller/resource_manager.yaml @@ -0,0 +1,7 @@ +propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword diff --git a/kustomize/base/flyte_single_cluster/kustomization.yaml b/kustomize/base/flyte_single_cluster/kustomization.yaml index bbc6c6167a..8462cd0448 100644 --- a/kustomize/base/flyte_single_cluster/kustomization.yaml +++ b/kustomize/base/flyte_single_cluster/kustomization.yaml @@ -13,16 +13,6 @@ resources: - ../propeller - ../adminserviceaccount -############################################## -# Generate Configs -# For each component exactly one config is generated -# For every component required configs are -# 1. logger.yaml -# 2. storage.yaml -# 3. component.yaml -# -# db.yaml is required for FlyteAdmin and DataCatalog -# ############################################ configMapGenerator: # the main admin configmap - name: flyte-admin-config @@ -32,8 +22,8 @@ configMapGenerator: - ./config/admin/cluster_resources.yaml - ./config/admin/remote_data.yaml - ./config/admin/task_resource_defaults.yaml - - ./config/storage.yaml - - ./config/logger.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml # cluster resource templates - name: clusterresource-template @@ -42,9 +32,6 @@ configMapGenerator: - ./config/clusterresource-templates/aa_namespace.yaml - ./config/clusterresource-templates/ab_project-resource-quota.yaml - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml - - ./config/clusterresource-templates/ad_spark-role.yaml - - ./config/clusterresource-templates/ae_spark-service-account.yaml - - ./config/clusterresource-templates/af_spark-role-binding.yaml # Flyte Propeller Configuration - name: flyte-propeller-config @@ -52,12 +39,13 @@ configMapGenerator: - ./config/propeller/core.yaml - ./config/propeller/admin.yaml - ./config/propeller/catalog.yaml - - ./config/enabled_plugins.yaml - - ./config/plugins/copilot.yaml - - ./config/plugins/k8s.yaml - - ./config/plugins/task_logs.yaml - - ./config/storage.yaml - - ./config/logger.yaml + - ./config/propeller/resource_manager.yaml + - ./config/propeller/enabled_plugins.yaml + - ./config/propeller/plugins/copilot.yaml + - ./config/propeller/plugins/k8s.yaml + - ./config/propeller/plugins/task_logs.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml # TODO Flyte Console Configuration #- name: flyte-console-config @@ -68,5 +56,5 @@ configMapGenerator: files: - ./config/datacatalog/server.yaml - ./config/datacatalog/db.yaml - - ./config/storage.yaml - - ./config/logger.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml diff --git a/kustomize/overlays/sandbox/config/db.yaml b/kustomize/overlays/sandbox/config/admin/db.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/db.yaml rename to kustomize/overlays/sandbox/config/admin/db.yaml diff --git a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/overlays/sandbox/config/clusterresource-templates/ad_spark-role.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/clusterresource-templates/ad_spark-role.yaml rename to kustomize/overlays/sandbox/config/clusterresource-templates/ad_spark-role.yaml diff --git a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/overlays/sandbox/config/clusterresource-templates/ae_spark-service-account.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/clusterresource-templates/ae_spark-service-account.yaml rename to kustomize/overlays/sandbox/config/clusterresource-templates/ae_spark-service-account.yaml diff --git a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/overlays/sandbox/config/clusterresource-templates/af_spark-role-binding.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/clusterresource-templates/af_spark-role-binding.yaml rename to kustomize/overlays/sandbox/config/clusterresource-templates/af_spark-role-binding.yaml diff --git a/kustomize/overlays/sandbox/config/logger.yaml b/kustomize/overlays/sandbox/config/common/logger.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/logger.yaml rename to kustomize/overlays/sandbox/config/common/logger.yaml diff --git a/kustomize/overlays/sandbox/config/storage.yaml b/kustomize/overlays/sandbox/config/common/storage.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/storage.yaml rename to kustomize/overlays/sandbox/config/common/storage.yaml diff --git a/kustomize/overlays/sandbox/config/datacatalog_db.yaml b/kustomize/overlays/sandbox/config/datacatalog/db.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/datacatalog_db.yaml rename to kustomize/overlays/sandbox/config/datacatalog/db.yaml diff --git a/kustomize/overlays/sandbox/config/enabled_plugins.yaml b/kustomize/overlays/sandbox/config/propeller/enabled_plugins.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/enabled_plugins.yaml rename to kustomize/overlays/sandbox/config/propeller/enabled_plugins.yaml diff --git a/kustomize/overlays/sandbox/config/plugins/k8s.yaml b/kustomize/overlays/sandbox/config/propeller/plugins/k8s.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/plugins/k8s.yaml rename to kustomize/overlays/sandbox/config/propeller/plugins/k8s.yaml diff --git a/kustomize/overlays/sandbox/config/plugins/qubole.yaml b/kustomize/overlays/sandbox/config/propeller/plugins/qubole.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/plugins/qubole.yaml rename to kustomize/overlays/sandbox/config/propeller/plugins/qubole.yaml diff --git a/kustomize/overlays/sandbox/config/plugins/spark.yaml b/kustomize/overlays/sandbox/config/propeller/plugins/spark.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/plugins/spark.yaml rename to kustomize/overlays/sandbox/config/propeller/plugins/spark.yaml diff --git a/kustomize/overlays/sandbox/config/plugins/task_logs.yaml b/kustomize/overlays/sandbox/config/propeller/plugins/task_logs.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/plugins/task_logs.yaml rename to kustomize/overlays/sandbox/config/propeller/plugins/task_logs.yaml diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index ea07631e5f..26a0f5dae3 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -41,29 +41,31 @@ configMapGenerator: - name: flyte-admin-config behavior: merge files: - - ./config/db.yaml - - ./config/storage.yaml - - ./config/logger.yaml + - ./config/admin/db.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml # cluster resource templates - name: clusterresource-template behavior: merge files: # Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - ./config/clusterresource-templates/ab_project-resource-quota.yaml - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + - ./config/clusterresource-templates/ad_spark-role.yaml + - ./config/clusterresource-templates/ae_spark-service-account.yaml + - ./config/clusterresource-templates/af_spark-role-binding.yaml # Flyte Propeller Configuration - name: flyte-propeller-config behavior: merge files: - - ./config/enabled_plugins.yaml - - ./config/plugins/k8s.yaml - - ./config/plugins/qubole.yaml - - ./config/plugins/spark.yaml - - ./config/plugins/task_logs.yaml - - ./config/storage.yaml - - ./config/logger.yaml + - ./config/propeller/enabled_plugins.yaml + - ./config/propeller/plugins/k8s.yaml + - ./config/propeller/plugins/qubole.yaml + - ./config/propeller/plugins/spark.yaml + - ./config/propeller/plugins/task_logs.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml # TODO Flyte Console Configuration #- name: flyte-console-config @@ -73,5 +75,5 @@ configMapGenerator: - name: datacatalog-config behavior: merge files: - - ./config/storage.yaml - - ./config/logger.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml diff --git a/kustomize/overlays/sandbox/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/overlays/test/config/clusterresource-templates/ab_project-resource-quota.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/clusterresource-templates/ab_project-resource-quota.yaml rename to kustomize/overlays/test/config/clusterresource-templates/ab_project-resource-quota.yaml diff --git a/kustomize/overlays/test/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/overlays/test/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml new file mode 100644 index 0000000000..cc17cb58a7 --- /dev/null +++ b/kustomize/overlays/test/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -0,0 +1,18 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: flyte-data-config + namespace: {{ namespace }} +data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true diff --git a/kustomize/overlays/sandbox/config/console.yaml b/kustomize/overlays/test/config/console.yaml similarity index 100% rename from kustomize/overlays/sandbox/config/console.yaml rename to kustomize/overlays/test/config/console.yaml diff --git a/kustomize/overlays/test/config/datacatalog_db.yaml b/kustomize/overlays/test/config/datacatalog_db.yaml new file mode 100644 index 0000000000..76ba812d63 --- /dev/null +++ b/kustomize/overlays/test/config/datacatalog_db.yaml @@ -0,0 +1,6 @@ +database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable diff --git a/kustomize/overlays/test/config/db.yaml b/kustomize/overlays/test/config/db.yaml new file mode 100644 index 0000000000..c71ee6e4bb --- /dev/null +++ b/kustomize/overlays/test/config/db.yaml @@ -0,0 +1,6 @@ +database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable diff --git a/kustomize/overlays/test/config/enabled_plugins.yaml b/kustomize/overlays/test/config/enabled_plugins.yaml new file mode 100644 index 0000000000..0680b17710 --- /dev/null +++ b/kustomize/overlays/test/config/enabled_plugins.yaml @@ -0,0 +1,6 @@ +tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - k8s-array diff --git a/kustomize/overlays/test/config/logger.yaml b/kustomize/overlays/test/config/logger.yaml new file mode 100644 index 0000000000..abe53e7359 --- /dev/null +++ b/kustomize/overlays/test/config/logger.yaml @@ -0,0 +1,3 @@ +logger: + show-source: true + level: 5 diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml new file mode 100644 index 0000000000..a8186365c9 --- /dev/null +++ b/kustomize/overlays/test/kustomization.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +# Override the namespace +namespace: flyte + +bases: +- ../sandbox + + diff --git a/kustomize/overlays/test/redis/kustomization.yaml b/kustomize/overlays/test/redis/kustomization.yaml deleted file mode 100644 index 12ec57311d..0000000000 --- a/kustomize/overlays/test/redis/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -bases: -- ../../../dependencies/redis - -patches: -- storage.yaml diff --git a/kustomize/overlays/test/redis/storage.yaml b/kustomize/overlays/test/redis/storage.yaml deleted file mode 100644 index 0c5aed931b..0000000000 --- a/kustomize/overlays/test/redis/storage.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - template: - spec: - volumes: - - name: redis-data - emptyDir: {} From 0e39d52697b051e37bcf816311083781b832ad85 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 21 Sep 2020 17:14:06 -0700 Subject: [PATCH 11/41] Fixed test / sandbox --- .../clustersync/kustomization.yaml | 2 - .../base/admindeployment/deployment.yaml | 7 +- .../base/flyte_headless_cluster/README.md | 9 + .../config/admin/cluster_resources.yaml | 19 + .../config/admin/db.yaml | 9 + .../config/admin/domain.yaml | 7 + .../config/admin/remote_data.yaml | 5 + .../config/admin/server.yaml | 21 + .../config/admin/task_resource_defaults.yaml | 9 + .../aa_namespace.yaml | 7 + .../ab_project-resource-quota.yaml | 0 .../ac_project-copilot-dataconfig.yaml | 11 + .../config/common/logger.yaml | 4 + .../config/common/storage.yaml | 6 + .../config/console}/console.yaml | 0 .../config/datacatalog/db.yaml | 9 + .../config/datacatalog/server.yaml | 6 + .../config/propeller/admin.yaml | 7 + .../config/propeller/catalog.yaml | 4 + .../config/propeller/core.yaml} | 34 +- .../config/propeller}/enabled_plugins.yaml | 2 + .../config/propeller/plugins/copilot.yaml | 6 + .../config/propeller/plugins/k8s.yaml | 7 + .../config/propeller/plugins/task_logs.yaml | 5 + .../config/propeller/resource_manager.yaml | 7 + .../flyte_headless_cluster/kustomization.yaml | 59 + kustomize/base/flyte_single_cluster/README.md | 5 + .../flyte_single_cluster/kustomization.yaml | 51 +- kustomize/overlays/images/kustomization.yaml | 5 + kustomize/overlays/sandbox/kustomization.yaml | 75 +- kustomize/overlays/sandbox/test.yaml | 1850 +++++++++++++++++ kustomize/overlays/test/admin/deployment.yaml | 62 + .../admin/kustomization.yaml | 0 .../overlays/test/config/{ => admin}/db.yaml | 0 .../test/config/{ => common}/logger.yaml | 2 +- .../overlays/test/config/common/storage.yaml | 11 + .../db.yaml} | 0 .../test/config/propeller/plugins/k8s.yaml | 8 + .../custom-config.yaml | 134 ++ .../deployment.yaml | 66 + .../kustomization.yaml | 6 + .../contour_ingress_controller/namespace.yaml | 4 + .../contour_ingress_controller/rbac.yaml | 66 + .../contour_ingress_controller/service.yaml | 17 + .../test/dependencies/database/database.yaml | 38 + .../dependencies/database/kustomization.yaml | 2 + .../test/dependencies/nodeport-services.yaml | 51 + .../test/dependencies/redis/deployment.yaml | 59 + .../dependencies/redis/kustomization.yaml | 3 + .../test/dependencies/redis/service.yaml | 16 + .../dependencies/storage/kustomization.yaml | 2 + .../test/dependencies/storage/storage.yaml | 63 + .../overlays/test/flyte/kustomization.yaml | 13 - kustomize/overlays/test/kustomization.yaml | 65 +- .../test/propeller/kustomization.yaml | 17 - .../test/propeller/plugins/config.yaml | 14 - .../overlays/test/propeller/propeller.yaml | 15 - 57 files changed, 2806 insertions(+), 176 deletions(-) create mode 100644 kustomize/base/flyte_headless_cluster/README.md create mode 100644 kustomize/base/flyte_headless_cluster/config/admin/cluster_resources.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/admin/db.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/admin/domain.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/admin/remote_data.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/admin/server.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/admin/task_resource_defaults.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/clusterresource-templates/aa_namespace.yaml rename kustomize/{overlays/test => base/flyte_headless_cluster}/config/clusterresource-templates/ab_project-resource-quota.yaml (100%) create mode 100644 kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/common/logger.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/common/storage.yaml rename kustomize/{overlays/test/config => base/flyte_headless_cluster/config/console}/console.yaml (100%) create mode 100644 kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/datacatalog/server.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/propeller/admin.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/propeller/catalog.yaml rename kustomize/{overlays/test/propeller/config.yaml => base/flyte_headless_cluster/config/propeller/core.yaml} (55%) rename kustomize/{overlays/test/config => base/flyte_headless_cluster/config/propeller}/enabled_plugins.yaml (54%) create mode 100644 kustomize/base/flyte_headless_cluster/config/propeller/plugins/copilot.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/propeller/plugins/k8s.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/propeller/plugins/task_logs.yaml create mode 100644 kustomize/base/flyte_headless_cluster/config/propeller/resource_manager.yaml create mode 100644 kustomize/base/flyte_headless_cluster/kustomization.yaml create mode 100644 kustomize/base/flyte_single_cluster/README.md create mode 100644 kustomize/overlays/images/kustomization.yaml create mode 100644 kustomize/overlays/sandbox/test.yaml create mode 100644 kustomize/overlays/test/admin/deployment.yaml rename kustomize/overlays/{sandbox => test}/admin/kustomization.yaml (100%) rename kustomize/overlays/test/config/{ => admin}/db.yaml (100%) rename kustomize/overlays/test/config/{ => common}/logger.yaml (71%) create mode 100644 kustomize/overlays/test/config/common/storage.yaml rename kustomize/overlays/test/config/{datacatalog_db.yaml => datacatalog/db.yaml} (100%) create mode 100644 kustomize/overlays/test/config/propeller/plugins/k8s.yaml create mode 100644 kustomize/overlays/test/dependencies/contour_ingress_controller/custom-config.yaml create mode 100644 kustomize/overlays/test/dependencies/contour_ingress_controller/deployment.yaml create mode 100644 kustomize/overlays/test/dependencies/contour_ingress_controller/kustomization.yaml create mode 100644 kustomize/overlays/test/dependencies/contour_ingress_controller/namespace.yaml create mode 100644 kustomize/overlays/test/dependencies/contour_ingress_controller/rbac.yaml create mode 100644 kustomize/overlays/test/dependencies/contour_ingress_controller/service.yaml create mode 100644 kustomize/overlays/test/dependencies/database/database.yaml create mode 100644 kustomize/overlays/test/dependencies/database/kustomization.yaml create mode 100644 kustomize/overlays/test/dependencies/nodeport-services.yaml create mode 100644 kustomize/overlays/test/dependencies/redis/deployment.yaml create mode 100644 kustomize/overlays/test/dependencies/redis/kustomization.yaml create mode 100644 kustomize/overlays/test/dependencies/redis/service.yaml create mode 100644 kustomize/overlays/test/dependencies/storage/kustomization.yaml create mode 100644 kustomize/overlays/test/dependencies/storage/storage.yaml delete mode 100644 kustomize/overlays/test/flyte/kustomization.yaml delete mode 100644 kustomize/overlays/test/propeller/kustomization.yaml delete mode 100644 kustomize/overlays/test/propeller/plugins/config.yaml delete mode 100644 kustomize/overlays/test/propeller/propeller.yaml diff --git a/kustomize/base/admindeployment/clustersync/kustomization.yaml b/kustomize/base/admindeployment/clustersync/kustomization.yaml index bf93dcbfe2..1ade31b55b 100644 --- a/kustomize/base/admindeployment/clustersync/kustomization.yaml +++ b/kustomize/base/admindeployment/clustersync/kustomization.yaml @@ -1,4 +1,2 @@ resources: - cron.yaml - - diff --git a/kustomize/base/admindeployment/deployment.yaml b/kustomize/base/admindeployment/deployment.yaml index 337c09eaa8..422809a7b8 100644 --- a/kustomize/base/admindeployment/deployment.yaml +++ b/kustomize/base/admindeployment/deployment.yaml @@ -29,6 +29,9 @@ spec: - name: config-volume configMap: name: flyte-admin-config + - name: resource-templates + configMap: + name: clusterresource-template initContainers: - name: run-migrations image: flyteadmin:v0.3.5 @@ -41,7 +44,7 @@ spec: - name: seed-projects image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] volumeMounts: - name: config-volume @@ -49,7 +52,7 @@ spec: - name: sync-cluster-resources image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "clusterresource", "sync"] volumeMounts: - name: resource-templates mountPath: /etc/flyte/clusterresource/templates diff --git a/kustomize/base/flyte_headless_cluster/README.md b/kustomize/base/flyte_headless_cluster/README.md new file mode 100644 index 0000000000..ddc5573197 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/README.md @@ -0,0 +1,9 @@ +# Flyte Headless cluster + +This is a complete single cluster Flyte deployment with 2 missing features +1. FlyteConsole is not installed - No UI +2. Clustersync manager is not installed - No automatic update of projects and tenant specific information + + +## USE Cases +This configuration is useful in running integration / end to end tests diff --git a/kustomize/base/flyte_headless_cluster/config/admin/cluster_resources.yaml b/kustomize/base/flyte_headless_cluster/config/admin/cluster_resources.yaml new file mode 100644 index 0000000000..c2ff64b3c7 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/admin/cluster_resources.yaml @@ -0,0 +1,19 @@ +cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m diff --git a/kustomize/base/flyte_headless_cluster/config/admin/db.yaml b/kustomize/base/flyte_headless_cluster/config/admin/db.yaml new file mode 100644 index 0000000000..e47f4c44d1 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/admin/db.yaml @@ -0,0 +1,9 @@ +# This should be replaced with the db endpoint +# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc +# Or can be a self hosted Postgres in the cluster +database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable diff --git a/kustomize/base/flyte_headless_cluster/config/admin/domain.yaml b/kustomize/base/flyte_headless_cluster/config/admin/domain.yaml new file mode 100644 index 0000000000..9df6ef80a9 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/admin/domain.yaml @@ -0,0 +1,7 @@ +domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production diff --git a/kustomize/base/flyte_headless_cluster/config/admin/remote_data.yaml b/kustomize/base/flyte_headless_cluster/config/admin/remote_data.yaml new file mode 100644 index 0000000000..41719a0e66 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/admin/remote_data.yaml @@ -0,0 +1,5 @@ +remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 diff --git a/kustomize/base/flyte_headless_cluster/config/admin/server.yaml b/kustomize/base/flyte_headless_cluster/config/admin/server.yaml new file mode 100644 index 0000000000..414a1c2927 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/admin/server.yaml @@ -0,0 +1,21 @@ +server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" +flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin diff --git a/kustomize/base/flyte_headless_cluster/config/admin/task_resource_defaults.yaml b/kustomize/base/flyte_headless_cluster/config/admin/task_resource_defaults.yaml new file mode 100644 index 0000000000..8db48a1950 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/admin/task_resource_defaults.yaml @@ -0,0 +1,9 @@ +task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi diff --git a/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/aa_namespace.yaml new file mode 100644 index 0000000000..3075aa9f9e --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/aa_namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: {{ namespace }} +spec: + finalizers: + - kubernetes diff --git a/kustomize/overlays/test/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml similarity index 100% rename from kustomize/overlays/test/config/clusterresource-templates/ab_project-resource-quota.yaml rename to kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml new file mode 100644 index 0000000000..95fd74fc0c --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -0,0 +1,11 @@ +# TODO update the storage configuration to match the storage.yaml. Keep the enable-multicontainer: true +kind: ConfigMap +apiVersion: v1 +metadata: + name: flyte-data-config + namespace: {{ namespace }} +data: + config.yaml: | + storage: + type: mem + enable-multicontainer: true diff --git a/kustomize/base/flyte_headless_cluster/config/common/logger.yaml b/kustomize/base/flyte_headless_cluster/config/common/logger.yaml new file mode 100644 index 0000000000..7fc20650ec --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/common/logger.yaml @@ -0,0 +1,4 @@ +# TODO this is used to control the log level +logger: + show-source: true + level: 2 diff --git a/kustomize/base/flyte_headless_cluster/config/common/storage.yaml b/kustomize/base/flyte_headless_cluster/config/common/storage.yaml new file mode 100644 index 0000000000..09e6ec6dec --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/common/storage.yaml @@ -0,0 +1,6 @@ +# TODO This should be changed for the right storage option - e.g. +# hosted blob stores like S3, GCS, AFS etc +# k8s blob store like minio +# For all supported options look at https://github.com/lyft/flytestdlib/blob/master/storage/config.go +storage: + type: mem diff --git a/kustomize/overlays/test/config/console.yaml b/kustomize/base/flyte_headless_cluster/config/console/console.yaml similarity index 100% rename from kustomize/overlays/test/config/console.yaml rename to kustomize/base/flyte_headless_cluster/config/console/console.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml b/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml new file mode 100644 index 0000000000..6ba8a5949d --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml @@ -0,0 +1,9 @@ +# This should be replaced with the db endpoint +# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc +# Or can be a self hosted Postgres in the cluster +database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable diff --git a/kustomize/base/flyte_headless_cluster/config/datacatalog/server.yaml b/kustomize/base/flyte_headless_cluster/config/datacatalog/server.yaml new file mode 100644 index 0000000000..1cdd80c27f --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/datacatalog/server.yaml @@ -0,0 +1,6 @@ +datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 +application: + grpcPort: 8089 diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/admin.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/admin.yaml new file mode 100644 index 0000000000..55cf01b83b --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/propeller/admin.yaml @@ -0,0 +1,7 @@ +event: + type: admin + rate: 500 + capacity: 1000 +admin: + endpoint: flyteadmin:81 + insecure: true diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/catalog.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/catalog.yaml new file mode 100644 index 0000000000..e70e7bd770 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/propeller/catalog.yaml @@ -0,0 +1,4 @@ +catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true diff --git a/kustomize/overlays/test/propeller/config.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/core.yaml similarity index 55% rename from kustomize/overlays/test/propeller/config.yaml rename to kustomize/base/flyte_headless_cluster/config/propeller/core.yaml index 469c10a383..4323ccd803 100644 --- a/kustomize/overlays/test/propeller/config.yaml +++ b/kustomize/base/flyte_headless_cluster/config/propeller/core.yaml @@ -1,5 +1,5 @@ propeller: - rawoutput-prefix: s3://my-container/ + rawoutput-prefix: s3://my-s3-bucket/ metadata-prefix: metadata/propeller workers: 4 max-workflow-retries: 30 @@ -29,29 +29,9 @@ propeller: type: bucket rate: 10 capacity: 100 -logger: - show-source: true - level: 5 -storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket -event: - type: admin - rate: 500 - capacity: 1000 -admin: - endpoint: flyteadmin:81 - insecure: true -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword diff --git a/kustomize/overlays/test/config/enabled_plugins.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/enabled_plugins.yaml similarity index 54% rename from kustomize/overlays/test/config/enabled_plugins.yaml rename to kustomize/base/flyte_headless_cluster/config/propeller/enabled_plugins.yaml index 0680b17710..ebf4892451 100644 --- a/kustomize/overlays/test/config/enabled_plugins.yaml +++ b/kustomize/base/flyte_headless_cluster/config/propeller/enabled_plugins.yaml @@ -1,3 +1,5 @@ +## +# TODO It is important to enable the plugins that you want to deploy here. tasks: task-plugins: enabled-plugins: diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/plugins/copilot.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/plugins/copilot.yaml new file mode 100644 index 0000000000..247096e82f --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/propeller/plugins/copilot.yaml @@ -0,0 +1,6 @@ +plugins: + k8s: + co-pilot: + name: "flyte-copilot-" + image: "docker.io/lyft/flytecopilot:v0.3.35" + start-timeout: "30s" diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/plugins/k8s.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/plugins/k8s.yaml new file mode 100644 index 0000000000..5097741639 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/propeller/plugins/k8s.yaml @@ -0,0 +1,7 @@ +# TODO set any custom env vars +plugins: + k8s: + default-env-vars: + - SOME_ENV_VARS: "These get passed to all containers" + default-cpus: 100m + default-memory: 100Mi diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/plugins/task_logs.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/plugins/task_logs.yaml new file mode 100644 index 0000000000..de402d2ed3 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/propeller/plugins/task_logs.yaml @@ -0,0 +1,5 @@ +# TODO this is used to enable log links in the UI. +plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/resource_manager.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/resource_manager.yaml new file mode 100644 index 0000000000..a4601e8f2d --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/config/propeller/resource_manager.yaml @@ -0,0 +1,7 @@ +propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword diff --git a/kustomize/base/flyte_headless_cluster/kustomization.yaml b/kustomize/base/flyte_headless_cluster/kustomization.yaml new file mode 100644 index 0000000000..cad93d8191 --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/kustomization.yaml @@ -0,0 +1,59 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +# All the resources that make up the deployment +resources: +# global resources +- ../namespace +- ../ingress +- ../admindeployment +- ../datacatalog +- ../wf_crd +- ../propeller +- ../adminserviceaccount + +configMapGenerator: +# the main admin configmap +- name: flyte-admin-config + files: + - ./config/admin/server.yaml + - ./config/admin/db.yaml + - ./config/admin/cluster_resources.yaml + - ./config/admin/remote_data.yaml + - ./config/admin/task_resource_defaults.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml + +# cluster resource templates +- name: clusterresource-template + files: +# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". + - ./config/clusterresource-templates/aa_namespace.yaml + - ./config/clusterresource-templates/ab_project-resource-quota.yaml + - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + +# Flyte Propeller Configuration +- name: flyte-propeller-config + files: + - ./config/propeller/core.yaml + - ./config/propeller/admin.yaml + - ./config/propeller/catalog.yaml + - ./config/propeller/resource_manager.yaml + - ./config/propeller/enabled_plugins.yaml + - ./config/propeller/plugins/copilot.yaml + - ./config/propeller/plugins/k8s.yaml + - ./config/propeller/plugins/task_logs.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml + +# TODO Flyte Console Configuration +#- name: flyte-console-config +# files: +# - ./config/console.yaml + +- name: datacatalog-config + files: + - ./config/datacatalog/server.yaml + - ./config/datacatalog/db.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml diff --git a/kustomize/base/flyte_single_cluster/README.md b/kustomize/base/flyte_single_cluster/README.md new file mode 100644 index 0000000000..1c91e0cd32 --- /dev/null +++ b/kustomize/base/flyte_single_cluster/README.md @@ -0,0 +1,5 @@ +# Flyte Single cluster deployment mode +This allows flyte to be deployed in one Kubernetes cluster. +All components are deployed and can be configured to use dependencies based on the environment. + +To understand configuration of dependencies refer to sandbox or any cloud deployments diff --git a/kustomize/base/flyte_single_cluster/kustomization.yaml b/kustomize/base/flyte_single_cluster/kustomization.yaml index 8462cd0448..e3a7ef02dc 100644 --- a/kustomize/base/flyte_single_cluster/kustomization.yaml +++ b/kustomize/base/flyte_single_cluster/kustomization.yaml @@ -4,57 +4,12 @@ kind: Kustomization # All the resources that make up the deployment resources: # global resources -- ../namespace -- ../ingress -- ../admindeployment -- ../datacatalog +- ../flyte_headless_cluster +- ../admindeployment/clustersync - ../console -- ../wf_crd -- ../propeller -- ../adminserviceaccount - -configMapGenerator: -# the main admin configmap -- name: flyte-admin-config - files: - - ./config/admin/server.yaml - - ./config/admin/db.yaml - - ./config/admin/cluster_resources.yaml - - ./config/admin/remote_data.yaml - - ./config/admin/task_resource_defaults.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - -# cluster resource templates -- name: clusterresource-template - files: -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - ./config/clusterresource-templates/aa_namespace.yaml - - ./config/clusterresource-templates/ab_project-resource-quota.yaml - - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml - -# Flyte Propeller Configuration -- name: flyte-propeller-config - files: - - ./config/propeller/core.yaml - - ./config/propeller/admin.yaml - - ./config/propeller/catalog.yaml - - ./config/propeller/resource_manager.yaml - - ./config/propeller/enabled_plugins.yaml - - ./config/propeller/plugins/copilot.yaml - - ./config/propeller/plugins/k8s.yaml - - ./config/propeller/plugins/task_logs.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml +# configMapGenerator: # TODO Flyte Console Configuration #- name: flyte-console-config # files: # - ./config/console.yaml - -- name: datacatalog-config - files: - - ./config/datacatalog/server.yaml - - ./config/datacatalog/db.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml diff --git a/kustomize/overlays/images/kustomization.yaml b/kustomize/overlays/images/kustomization.yaml new file mode 100644 index 0000000000..b9007d8b31 --- /dev/null +++ b/kustomize/overlays/images/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +images: +- name: flyteadmin + newTag: foo diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index 26a0f5dae3..9cb5f97e2a 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -7,25 +7,27 @@ namespace: flyte bases: - ../../base/flyte_single_cluster - # All the resources that make up the deployment -resources: ######## # Operators to be enabled -- ../../base/operators/spark -- ../../base/operators/kfoperators/pytorch ############# # Dependencies to be configured -- ./dependencies/database # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc -- ./dependencies/storage # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) -- ./dependencies/redis # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's -- ./dependencies/contour_ingress_controller # Add node ports for ease of use locally +resources: +- ../../base/operators/spark +- ../../base/operators/kfoperators/pytorch +- ./dependencies/database +- ./dependencies/storage +- ./dependencies/redis +- ./dependencies/contour_ingress_controller - ./dependencies/nodeport-services.yaml +patchesStrategicMerge: +- admin/deployment.yaml + ############################################## # Generate Configs # For each component exactly one config is generated @@ -36,44 +38,45 @@ resources: # # db.yaml is required for FlyteAdmin and DataCatalog # ############################################ -configMapGenerator: # the main admin configmap -- name: flyte-admin-config - behavior: merge - files: - - ./config/admin/db.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml # cluster resource templates -- name: clusterresource-template - behavior: merge - files: # Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml - - ./config/clusterresource-templates/ad_spark-role.yaml - - ./config/clusterresource-templates/ae_spark-service-account.yaml - - ./config/clusterresource-templates/af_spark-role-binding.yaml # Flyte Propeller Configuration -- name: flyte-propeller-config - behavior: merge - files: - - ./config/propeller/enabled_plugins.yaml - - ./config/propeller/plugins/k8s.yaml - - ./config/propeller/plugins/qubole.yaml - - ./config/propeller/plugins/spark.yaml - - ./config/propeller/plugins/task_logs.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml # TODO Flyte Console Configuration #- name: flyte-console-config # files: # - ./config/console.yaml -- name: datacatalog-config - behavior: merge +configMapGenerator: +- behavior: merge + files: + - ./config/admin/db.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml + name: flyte-admin-config +- behavior: merge + files: + - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + - ./config/clusterresource-templates/ad_spark-role.yaml + - ./config/clusterresource-templates/ae_spark-service-account.yaml + - ./config/clusterresource-templates/af_spark-role-binding.yaml + name: clusterresource-template +- behavior: merge + files: + - ./config/propeller/enabled_plugins.yaml + - ./config/propeller/plugins/k8s.yaml + - ./config/propeller/plugins/qubole.yaml + - ./config/propeller/plugins/spark.yaml + - ./config/propeller/plugins/task_logs.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml + name: flyte-propeller-config +- behavior: merge files: - - ./config/common/storage.yaml - - ./config/common/logger.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml + - ./config/datacatalog/db.yaml + name: datacatalog-config diff --git a/kustomize/overlays/sandbox/test.yaml b/kustomize/overlays/sandbox/test.yaml new file mode 100644 index 0000000000..fdf62a5403 --- /dev/null +++ b/kustomize/overlays/sandbox/test.yaml @@ -0,0 +1,1850 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: flyte +spec: + finalizers: + - kubernetes +status: + phase: Active +--- +apiVersion: v1 +kind: Namespace +metadata: + name: heptio-contour +--- +apiVersion: v1 +kind: Namespace +metadata: + name: sparkoperator +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: flyteworkflows.flyte.lyft.com +spec: + group: flyte.lyft.com + names: + kind: FlyteWorkflow + plural: flyteworkflows + shortNames: + - fly + singular: flyteworkflow + scope: Namespaced + version: v1alpha1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + component: ingressroute + name: ingressroutes.contour.heptio.com +spec: + additionalPrinterColumns: + - JSONPath: .spec.virtualhost.fqdn + description: Fully qualified domain name + name: FQDN + type: string + - JSONPath: .spec.virtualhost.tls.secretName + description: Secret with TLS credentials + name: TLS Secret + type: string + - JSONPath: .spec.routes[0].match + description: First routes defined + name: First route + type: string + - JSONPath: .status.currentStatus + description: The current status of the IngressRoute + name: Status + type: string + - JSONPath: .status.description + description: Description of the current status + name: Status Description + type: string + group: contour.heptio.com + names: + kind: IngressRoute + plural: ingressroutes + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + routes: + items: + properties: + delegate: + properties: + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + namespace: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name + type: object + match: + pattern: ^\/.*$ + type: string + services: + items: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + port: + type: integer + strategy: + enum: + - RoundRobin + - WeightedLeastRequest + - Random + - RingHash + - Maglev + type: string + weight: + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: array + strategy: + enum: + - RoundRobin + - LeastRequest + - Random + - RingHash + - Maglev + type: string + virtualhost: + properties: + aliases: + items: + pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ + type: string + type: array + fqdn: + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ + type: string + required: + - routes + version: v1beta1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: pytorchjobs.kubeflow.org +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[-1:].type + name: State + type: string + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: kubeflow.org + names: + kind: PyTorchJob + plural: pytorchjobs + singular: pytorchjob + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + pytorchReplicaSpecs: + properties: + Master: + properties: + replicas: + maximum: 1 + minimum: 1 + type: integer + Worker: + properties: + replicas: + minimum: 1 + type: integer + versions: + - name: v1 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sparkapplications.sparkoperator.k8s.io +spec: + group: sparkoperator.k8s.io + names: + kind: SparkApplication + listKind: SparkApplicationList + plural: sparkapplications + shortNames: + - sparkapp + singular: sparkapplication + scope: Namespaced + version: v1beta1 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: contour + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: datacatalog + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flyteadmin + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flytepropeller + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sparkoperator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flyteadmin + namespace: flyte +rules: +- apiGroups: + - "" + - flyte.lyft.com + - rbac.authorization.k8s.io + resources: + - configmaps + - flyteworkflows + - namespaces + - pods + - resourcequotas + - roles + - rolebindings + - secrets + - services + - serviceaccounts + - spark-role + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flytepropeller +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - delete + - patch +- apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - delete + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - update +- apiGroups: + - flyte.lyft.com + resources: + - flyteworkflows + verbs: + - get + - list + - watch + - create + - update + - delete + - patch + - post + - deletecollection +--- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" + name: kubeflow-pytorchjobs-admin +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" + name: kubeflow-pytorchjobs-edit +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" + name: kubeflow-pytorchjobs-view +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: contour +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - contour.heptio.com + resources: + - ingressroutes + verbs: + - get + - list + - watch + - put + - post + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - events + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: sparkoperator +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + - configmaps + - secrets + verbs: + - create + - get + - delete +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - create + - get + - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - update + - delete + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - update + - delete +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - update + - delete +- apiGroups: + - sparkoperator.k8s.io + resources: + - sparkapplications + - scheduledsparkapplications + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flyteadmin-binding + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyteadmin +subjects: +- kind: ServiceAccount + name: flyteadmin + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flytepropeller + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flytepropeller +subjects: +- kind: ServiceAccount + name: flytepropeller + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: contour +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: contour +subjects: +- kind: ServiceAccount + name: contour + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pytorch-operator +subjects: +- kind: ServiceAccount + name: pytorch-operator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: sparkoperator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sparkoperator +subjects: +- kind: ServiceAccount + name: sparkoperator + namespace: flyte +--- +apiVersion: v1 +data: + aa_namespace.yaml: | + apiVersion: v1 + kind: Namespace + metadata: + name: {{ namespace }} + spec: + finalizers: + - kubernetes + ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ac_project-copilot-dataconfig.yaml: | + kind: ConfigMap + apiVersion: v1 + metadata: + name: flyte-data-config + namespace: {{ namespace }} + data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true + ad_spark-role.yaml: | + apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: Role + metadata: + name: spark-role + namespace: {{ namespace }} + rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - '*' + - apiGroups: + - "" + resources: + - services + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' + ae_spark-service-account.yaml: | + apiVersion: v1 + kind: ServiceAccount + metadata: + name: spark + namespace: {{ namespace }} + af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: clusterresource-template-kf62ttf64k + namespace: flyte +--- +apiVersion: v1 +data: + db.yaml: | + # This should be replaced with the db endpoint + # This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc + # Or can be a self hosted Postgres in the cluster + database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable + logger.yaml: | + logger: + show-source: true + level: 2 + server.yaml: | + datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 + application: + grpcPort: 8089 + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: datacatalog-config-kc8cgttd4k + namespace: flyte +--- +apiVersion: v1 +data: + cluster_resources.yaml: | + cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable + logger.yaml: | + logger: + show-source: true + level: 2 + remote_data.yaml: | + remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 + server.yaml: | + server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" + flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + + task_resource_defaults.yaml: | + task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: flyte-admin-config-76m7t86kf2 + namespace: flyte +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config + namespace: flyte +--- +apiVersion: v1 +data: + admin.yaml: | + event: + type: admin + rate: 500 + capacity: 1000 + admin: + endpoint: flyteadmin:81 + insecure: true + catalog.yaml: | + catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true + copilot.yaml: | + plugins: + k8s: + co-pilot: + name: "flyte-copilot-" + image: "docker.io/lyft/flytecopilot:v0.3.35" + start-timeout: "30s" + core.yaml: | + propeller: + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 4 + max-workflow-retries: 30 + workflow-reeval-duration: 30s + downstream-eval-duration: 30s + limit-namespace: "all" + prof-port: 10254 + metrics-prefix: flyte + enable-admin-launcher: true + leader-election: + lock-config-map: + name: propeller-leader + namespace: flyte + enabled: true + lease-duration: 15s + renew-deadline: 10s + retry-period: 2s + queue: + type: batch + batching-interval: 2s + batch-size: -1 + queue: + type: bucket + rate: 10 + capacity: 100 + sub-queue: + type: bucket + rate: 10 + capacity: 100 + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + enabled_plugins.yaml: | + tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array + - pytorch + k8s.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi + logger.yaml: | + logger: + show-source: true + level: 2 + qubole.yaml: | + plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" + resource_manager.yaml: | + propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + spark.yaml: | + plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + + task_logs.yaml: | + plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: flyte-propeller-config-4bgc7667bm + namespace: flyte +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: datacatalog + namespace: flyte +spec: + ports: + - name: http + port: 88 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 89 + protocol: TCP + targetPort: 8089 + selector: + app: datacatalog +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: flyteadmin + namespace: flyte +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 81 + protocol: TCP + targetPort: 8089 + - name: redoc + port: 87 + protocol: TCP + targetPort: 8087 + selector: + app: flyteadmin +--- +apiVersion: v1 +kind: Service +metadata: + name: flyteconsole + namespace: flyte +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: flyteconsole +--- +apiVersion: v1 +kind: Service +metadata: + name: minio + namespace: flyte +spec: + externalName: minio + ports: + - port: 9000 + selector: + app: minio +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: minio + name: minio-direct + namespace: flyte +spec: + ports: + - nodePort: 30084 + port: 9000 + protocol: TCP + selector: + app: minio + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: flyte +spec: + ports: + - port: 5432 + selector: + app: postgres +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgres + name: postgres-direct + namespace: flyte +spec: + ports: + - nodePort: 30083 + port: 5432 + protocol: TCP + selector: + app: postgres + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8443" + prometheus.io/scrape: "true" + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + ports: + - name: monitoring-port + port: 8443 + targetPort: 8443 + selector: + kustomize.component: pytorch-operator + name: pytorch-operator + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + name: spark-webhook + namespace: flyte +spec: + ports: + - name: webhook + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: datacatalog + name: datacatalog + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: datacatalog + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: datacatalog + app.kubernetes.io/name: datacatalog + app.kubernetes.io/version: 0.2.2 + spec: + containers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - serve + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: datacatalog + ports: + - containerPort: 8088 + - containerPort: 8089 + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + initContainers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - migrate + - run + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + serviceAccountName: datacatalog + volumes: + - emptyDir: {} + name: shared-data + - configMap: + name: datacatalog-config-kc8cgttd4k + name: config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteadmin + name: flyteadmin + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteadmin + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flyteadmin + app.kubernetes.io/name: flyteadmin + app.kubernetes.io/version: 0.3.4 + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - serve + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: flyteadmin + ports: + - containerPort: 8088 + - containerPort: 8089 + resources: + limits: + cpu: "0.1" + ephemeral-storage: 100Mi + memory: 200Mi + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + - mountPath: /etc/flyte/config + name: config-volume + - command: + - sh + - -c + - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh + env: + - name: PAGE_TITLE + value: Flyte Admin OpenAPI + - name: SPEC_URL + value: /api/v1/openapi + - name: PORT + value: "8087" + image: docker.io/redocly/redoc + imagePullPolicy: IfNotPresent + name: redoc + ports: + - containerPort: 8087 + resources: + limits: + cpu: "0.1" + memory: 200Mi + initContainers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - run + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - seed-projects + - flytesnacks + - flytetester + - flyteexamples + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: seed-projects + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + - command: + - sh + - -c + - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; + image: postgres:10.1 + name: check-db-ready + serviceAccountName: flyteadmin + volumes: + - name: shared-data + - configMap: + name: flyte-admin-config-76m7t86kf2 + name: config-volume + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteconsole + name: flyteconsole + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteconsole + template: + metadata: + labels: + app: flyteconsole + app.kubernetes.io/name: flyteconsole + app.kubernetes.io/version: 0.11.0 + spec: + containers: + - envFrom: + - configMapRef: + name: flyte-console-config + image: docker.io/lyft/flyteconsole:v0.11.0 + name: flyteconsole + ports: + - containerPort: 8080 + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + volumes: + - emptyDir: {} + name: shared-data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flytepropeller + name: flytepropeller + namespace: flyte +spec: + selector: + matchLabels: + app: flytepropeller + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flytepropeller + app.kubernetes.io/name: flytepropeller + app.kubernetes.io/version: 0.3.12 + spec: + containers: + - args: + - --config + - /etc/flyte/config/*.yaml + command: + - flytepropeller + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: docker.io/lyft/flytepropeller:v0.3.12 + imagePullPolicy: IfNotPresent + name: flytepropeller + ports: + - containerPort: 10254 + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + serviceAccountName: flytepropeller + volumes: + - configMap: + name: flyte-propeller-config-4bgc7667bm + name: config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: minio + namespace: flyte +spec: + selector: + matchLabels: + app: minio + template: + metadata: + labels: + app: minio + spec: + containers: + - args: + - server + - /data + env: + - name: MINIO_ACCESS_KEY + value: minio + - name: MINIO_SECRET_KEY + value: miniostorage + image: minio/minio:RELEASE.2019-06-04T01-15-58Z + name: minio + ports: + - containerPort: 9000 + name: minio + volumeMounts: + - mountPath: /data + name: minio-storage + volumes: + - emptyDir: {} + name: minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: flyte +spec: + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - image: postgres:10.1 + name: postgres + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-storage + volumes: + - emptyDir: {} + name: postgres-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + kustomize.component: pytorch-operator + name: pytorch-operator + template: + metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + spec: + containers: + - command: + - /pytorch-operator.v1 + - --alsologtostderr + - -v=1 + - --monitoring-port=8443 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f + name: pytorch-operator + serviceAccountName: pytorch-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - args: + - -logtostderr + - -v=2 + - -controller-threads=20 + - -enable-metrics=true + - '-metrics-prefix=service:' + - -metrics-labels=task_name + - -metrics-labels=workflow_name + - -enable-webhook=true + - -webhook-svc-namespace=sparkoperator + command: + - /usr/bin/spark-operator + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: Always + name: sparkoperator-unknown + ports: + - containerPort: 10254 + - containerPort: 8080 + volumeMounts: + - mountPath: /etc/webhook-certs + name: webhook-certs + serviceAccountName: sparkoperator + volumes: + - name: webhook-certs + secret: + secretName: spark-webhook-certs +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - emptyDir: {} + name: redis-data +--- +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: syncresources + namespace: flyte +spec: + jobTemplate: + spec: + template: + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + restartPolicy: OnFailure + serviceAccountName: flyteadmin + volumes: + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates + - configMap: + name: flyte-admin-config-76m7t86kf2 + name: config-volume + schedule: '*/1 * * * *' +--- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator-init + namespace: flyte +spec: + backoffLimit: 3 + template: + metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - command: + - /usr/bin/gencerts.sh + - --namespace + - flyte + - -p + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: IfNotPresent + name: main + restartPolicy: Never + serviceAccountName: sparkoperator +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: flytesystem + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /console + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /__webpack_hmr + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /api + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /healthcheck + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /v1 + - backend: + serviceName: flyteadmin + servicePort: 81 + path: /flyteidl.service.AdminService + - backend: + serviceName: flyteadmin + servicePort: 87 + path: /openapi +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: minio + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: minio + servicePort: 9000 + path: /minio diff --git a/kustomize/overlays/test/admin/deployment.yaml b/kustomize/overlays/test/admin/deployment.yaml new file mode 100644 index 0000000000..7d86ee0ba1 --- /dev/null +++ b/kustomize/overlays/test/admin/deployment.yaml @@ -0,0 +1,62 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: flyteadmin + namespace: flyte +spec: + template: + spec: + volumes: + - name: resource-templates + configMap: + name: clusterresource-template + initContainers: + - name: check-db-ready + image: postgres:10.1 + command: ['sh', '-c', + 'until pg_isready -h postgres -p 5432; + do echo waiting for database; sleep 2; done;'] + - name: run-migrations + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", + "migrate", "run"] + volumeMounts: + - name: config-volume + mountPath: /etc/flyte/config + - name: seed-projects + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", + "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] + volumeMounts: + - name: config-volume + mountPath: /etc/flyte/config + - name: sync-cluster-resources + image: flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "clusterresource", "sync"] + volumeMounts: + - name: resource-templates + mountPath: /etc/flyte/clusterresource/templates + - name: config-volume + mountPath: /etc/flyte/config + containers: + - name: flyteadmin + resources: + limits: + memory: "200Mi" + cpu: "0.1" + ephemeral-storage: "100Mi" +--- +apiVersion: v1 +kind: Service +metadata: + name: flyteadmin + namespace: flyte +spec: + ports: + - name: redoc + protocol: TCP + port: 87 + targetPort: 8087 diff --git a/kustomize/overlays/sandbox/admin/kustomization.yaml b/kustomize/overlays/test/admin/kustomization.yaml similarity index 100% rename from kustomize/overlays/sandbox/admin/kustomization.yaml rename to kustomize/overlays/test/admin/kustomization.yaml diff --git a/kustomize/overlays/test/config/db.yaml b/kustomize/overlays/test/config/admin/db.yaml similarity index 100% rename from kustomize/overlays/test/config/db.yaml rename to kustomize/overlays/test/config/admin/db.yaml diff --git a/kustomize/overlays/test/config/logger.yaml b/kustomize/overlays/test/config/common/logger.yaml similarity index 71% rename from kustomize/overlays/test/config/logger.yaml rename to kustomize/overlays/test/config/common/logger.yaml index abe53e7359..a6854ed6ce 100644 --- a/kustomize/overlays/test/config/logger.yaml +++ b/kustomize/overlays/test/config/common/logger.yaml @@ -1,3 +1,3 @@ logger: show-source: true - level: 5 + level: 2 diff --git a/kustomize/overlays/test/config/common/storage.yaml b/kustomize/overlays/test/config/common/storage.yaml new file mode 100644 index 0000000000..16e6f52755 --- /dev/null +++ b/kustomize/overlays/test/config/common/storage.yaml @@ -0,0 +1,11 @@ +storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + diff --git a/kustomize/overlays/test/config/datacatalog_db.yaml b/kustomize/overlays/test/config/datacatalog/db.yaml similarity index 100% rename from kustomize/overlays/test/config/datacatalog_db.yaml rename to kustomize/overlays/test/config/datacatalog/db.yaml diff --git a/kustomize/overlays/test/config/propeller/plugins/k8s.yaml b/kustomize/overlays/test/config/propeller/plugins/k8s.yaml new file mode 100644 index 0000000000..8fe068397f --- /dev/null +++ b/kustomize/overlays/test/config/propeller/plugins/k8s.yaml @@ -0,0 +1,8 @@ +plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi diff --git a/kustomize/overlays/test/dependencies/contour_ingress_controller/custom-config.yaml b/kustomize/overlays/test/dependencies/contour_ingress_controller/custom-config.yaml new file mode 100644 index 0000000000..c0fcfee56a --- /dev/null +++ b/kustomize/overlays/test/dependencies/contour_ingress_controller/custom-config.yaml @@ -0,0 +1,134 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ingressroutes.contour.heptio.com + labels: + component: ingressroute +spec: + group: contour.heptio.com + version: v1beta1 + scope: Namespaced + names: + plural: ingressroutes + kind: IngressRoute + additionalPrinterColumns: + - name: FQDN + type: string + description: Fully qualified domain name + JSONPath: .spec.virtualhost.fqdn + - name: TLS Secret + type: string + description: Secret with TLS credentials + JSONPath: .spec.virtualhost.tls.secretName + - name: First route + type: string + description: First routes defined + JSONPath: .spec.routes[0].match + - name: Status + type: string + description: The current status of the IngressRoute + JSONPath: .status.currentStatus + - name: Status Description + type: string + description: Description of the current status + JSONPath: .status.description + validation: + openAPIV3Schema: + properties: + spec: + required: + - routes + properties: + virtualhost: + properties: + fqdn: + type: string + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ + aliases: + type: array + items: + type: string + pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ + strategy: + type: string + enum: + - RoundRobin + - LeastRequest + - Random + - RingHash + - Maglev + healthCheck: + type: object + required: + - path + properties: + path: + type: string + pattern: ^\/.*$ + intervalSeconds: + type: integer + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + healthyThresholdCount: + type: integer + routes: + type: array + items: + required: + - match + properties: + match: + type: string + pattern: ^\/.*$ + delegate: + type: object + required: + - name + properties: + name: + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 + namespace: + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 + services: + type: array + items: + type: object + required: + - name + - port + properties: + name: + type: string + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ # DNS-1123 + port: + type: integer + weight: + type: integer + strategy: + type: string + enum: + - RoundRobin + - WeightedLeastRequest + - Random + - RingHash + - Maglev + healthCheck: + type: object + required: + - path + properties: + path: + type: string + pattern: ^\/.*$ + intervalSeconds: + type: integer + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + healthyThresholdCount: + type: integer diff --git a/kustomize/overlays/test/dependencies/contour_ingress_controller/deployment.yaml b/kustomize/overlays/test/dependencies/contour_ingress_controller/deployment.yaml new file mode 100644 index 0000000000..c24f2b504c --- /dev/null +++ b/kustomize/overlays/test/dependencies/contour_ingress_controller/deployment.yaml @@ -0,0 +1,66 @@ +# Create the actual deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: contour + namespace: heptio-contour + labels: + app: contour +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + labels: + app: contour + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8002" + prometheus.io/path: "/stats" + prometheus.io/format: "prometheus" + spec: + containers: + - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + command: ["envoy"] + args: ["-c", "/config/contour.yaml", "--service-cluster", "cluster0", "--service-node", "node0"] + volumeMounts: + - name: contour-config + mountPath: /config + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 100m + memory: 100Mi + - image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + ports: + - containerPort: 8000 + name: contour + name: contour-unknown + command: ["contour"] + args: ["serve", "--incluster", "--envoy-http-port=80", "--debug-http-port=6069"] + initContainers: + - image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + command: ["contour"] + args: ["bootstrap", "/config/contour.yaml", "--statsd-enabled"] + volumeMounts: + - name: contour-config + mountPath: /config + volumes: + - name: contour-config + emptyDir: {} + dnsPolicy: ClusterFirst + serviceAccountName: contour + terminationGracePeriodSeconds: 30 diff --git a/kustomize/overlays/test/dependencies/contour_ingress_controller/kustomization.yaml b/kustomize/overlays/test/dependencies/contour_ingress_controller/kustomization.yaml new file mode 100644 index 0000000000..36ba42801d --- /dev/null +++ b/kustomize/overlays/test/dependencies/contour_ingress_controller/kustomization.yaml @@ -0,0 +1,6 @@ +resources: +- namespace.yaml +- rbac.yaml +- custom-config.yaml +- service.yaml +- deployment.yaml diff --git a/kustomize/overlays/test/dependencies/contour_ingress_controller/namespace.yaml b/kustomize/overlays/test/dependencies/contour_ingress_controller/namespace.yaml new file mode 100644 index 0000000000..4be554a003 --- /dev/null +++ b/kustomize/overlays/test/dependencies/contour_ingress_controller/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: heptio-contour diff --git a/kustomize/overlays/test/dependencies/contour_ingress_controller/rbac.yaml b/kustomize/overlays/test/dependencies/contour_ingress_controller/rbac.yaml new file mode 100644 index 0000000000..4492a6f80f --- /dev/null +++ b/kustomize/overlays/test/dependencies/contour_ingress_controller/rbac.yaml @@ -0,0 +1,66 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: contour + namespace: heptio-contour +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: contour +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: ["contour.heptio.com"] + resources: ["ingressroutes"] + verbs: + - get + - list + - watch + - put + - post + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: contour +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: contour +subjects: +- kind: ServiceAccount + name: contour + namespace: heptio-contour diff --git a/kustomize/overlays/test/dependencies/contour_ingress_controller/service.yaml b/kustomize/overlays/test/dependencies/contour_ingress_controller/service.yaml new file mode 100644 index 0000000000..b7e10ab4af --- /dev/null +++ b/kustomize/overlays/test/dependencies/contour_ingress_controller/service.yaml @@ -0,0 +1,17 @@ +# Service +apiVersion: v1 +kind: Service +metadata: + name: contour + namespace: heptio-contour + labels: + app: contour +spec: + # use NodePort to make sure the service is accessible + type: NodePort + selector: + app: contour + ports: + - protocol: TCP + port: 80 + nodePort: 30081 diff --git a/kustomize/overlays/test/dependencies/database/database.yaml b/kustomize/overlays/test/dependencies/database/database.yaml new file mode 100644 index 0000000000..b85eea088a --- /dev/null +++ b/kustomize/overlays/test/dependencies/database/database.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: flyte +spec: + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + volumes: + - name: postgres-storage + emptyDir: {} + containers: + - image: "postgres:10.1" + name: postgres + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - name: postgres-storage + mountPath: /var/lib/postgresql/data +--- + apiVersion: v1 + kind: Service + metadata: + name: postgres + namespace: flyte + spec: + ports: + - port: 5432 + selector: + app: postgres diff --git a/kustomize/overlays/test/dependencies/database/kustomization.yaml b/kustomize/overlays/test/dependencies/database/kustomization.yaml new file mode 100644 index 0000000000..ca2ede8d46 --- /dev/null +++ b/kustomize/overlays/test/dependencies/database/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- database.yaml diff --git a/kustomize/overlays/test/dependencies/nodeport-services.yaml b/kustomize/overlays/test/dependencies/nodeport-services.yaml new file mode 100644 index 0000000000..6439a773fc --- /dev/null +++ b/kustomize/overlays/test/dependencies/nodeport-services.yaml @@ -0,0 +1,51 @@ +# For docker-desktop at least, the range of valid ports is 30000-32767, which is why we're constrained to these +# odd port numbers. Since the base ingress runs on 30081, the K8s dashboard runs on 30082, these just continue from there. +# These nodeports are exposed to save contributors the trouble of port forwarding when running locally. + +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgres + name: postgres-direct + namespace: flyte +spec: + ports: + - nodePort: 30083 + port: 5432 + protocol: TCP + selector: + app: postgres + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: minio + name: minio-direct + namespace: flyte +spec: + ports: + - nodePort: 30084 + port: 9000 + protocol: TCP + selector: + app: minio + type: NodePort +--- +#apiVersion: v1 +#kind: Service +#metadata: +#labels: +#k8s-app: kubernetes-dashboard +#name: dashboard-direct +#namespace: flyte +#spec: +#ports: +#- nodePort: 30082 +#port: 8443 +#protocol: TCP +#selector: +#k8s-app: kubernetes-dashboard +#type: NodePort diff --git a/kustomize/overlays/test/dependencies/redis/deployment.yaml b/kustomize/overlays/test/dependencies/redis/deployment.yaml new file mode 100644 index 0000000000..82067d702b --- /dev/null +++ b/kustomize/overlays/test/dependencies/redis/deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - name: redis-data + emptyDir: {} diff --git a/kustomize/overlays/test/dependencies/redis/kustomization.yaml b/kustomize/overlays/test/dependencies/redis/kustomization.yaml new file mode 100644 index 0000000000..a944d005ca --- /dev/null +++ b/kustomize/overlays/test/dependencies/redis/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- deployment.yaml +- service.yaml diff --git a/kustomize/overlays/test/dependencies/redis/service.yaml b/kustomize/overlays/test/dependencies/redis/service.yaml new file mode 100644 index 0000000000..8c86264ae3 --- /dev/null +++ b/kustomize/overlays/test/dependencies/redis/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP diff --git a/kustomize/overlays/test/dependencies/storage/kustomization.yaml b/kustomize/overlays/test/dependencies/storage/kustomization.yaml new file mode 100644 index 0000000000..9a80610c4e --- /dev/null +++ b/kustomize/overlays/test/dependencies/storage/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- storage.yaml diff --git a/kustomize/overlays/test/dependencies/storage/storage.yaml b/kustomize/overlays/test/dependencies/storage/storage.yaml new file mode 100644 index 0000000000..d0ac2d0390 --- /dev/null +++ b/kustomize/overlays/test/dependencies/storage/storage.yaml @@ -0,0 +1,63 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: minio + namespace: flyte +spec: + selector: + matchLabels: + app: minio + template: + metadata: + labels: + app: minio + spec: + volumes: + - name: minio-storage + emptyDir: {} + containers: + - image: "minio/minio:RELEASE.2019-06-04T01-15-58Z" + name: minio + env: + - name: MINIO_ACCESS_KEY + value: minio + - name: MINIO_SECRET_KEY + value: miniostorage + args: + - server + - /data + ports: + - containerPort: 9000 + name: minio + volumeMounts: + - name: minio-storage + mountPath: /data +--- +apiVersion: v1 +kind: Service +metadata: + name: minio + namespace: flyte +spec: + externalName: minio + ports: + - port: 9000 + selector: + app: minio +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: minio + namespace: flyte + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" +spec: + rules: + - http: + paths: + - path: /minio + backend: + serviceName: minio + servicePort: 9000 diff --git a/kustomize/overlays/test/flyte/kustomization.yaml b/kustomize/overlays/test/flyte/kustomization.yaml deleted file mode 100644 index 0aab12e539..0000000000 --- a/kustomize/overlays/test/flyte/kustomization.yaml +++ /dev/null @@ -1,13 +0,0 @@ -# tests use mostly the dev configs -# they do not need the console -bases: -- ../../../base/namespace -- ../../../base/wf_crd -- ../../../base/adminserviceaccount -- ../../../dependencies/database -- ../../../dependencies/storage -- ../propeller -- ../../sandbox/admindeployment -- ../../../dependencies/contour_ingress_controller -- ../../../base/ingress -- ../redis diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index a8186365c9..66e4c87d1e 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -5,6 +5,69 @@ kind: Kustomization namespace: flyte bases: -- ../sandbox +- ../../base/flyte_single_cluster +# All the resources that make up the deployment +resources: + ######## + # Operators to be enabled +- ../../base/operators/spark +- ../../base/operators/kfoperators/pytorch + ############# + # Dependencies to be configured +- ./dependencies/database + # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc +- ./dependencies/storage + # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) +- ./dependencies/redis + # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's +- ./dependencies/contour_ingress_controller + # Add node ports for ease of use locally +- ./dependencies/nodeport-services.yaml + +############################################## +# Generate Configs +# For each component exactly one config is generated +# For every component required configs are +# 1. logger.yaml +# 2. storage.yaml +# 3. component.yaml +# +# db.yaml is required for FlyteAdmin and DataCatalog +# ############################################ +configMapGenerator: +# the main admin configmap +- name: flyte-admin-config + behavior: merge + files: + - ./config/admin/db.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml + +# cluster resource templates +- name: clusterresource-template + behavior: merge + files: +# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". + - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + +# Flyte Propeller Configuration +- name: flyte-propeller-config + behavior: merge + files: + - ./config/propeller/plugins/k8s.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml + +# TODO Flyte Console Configuration +#- name: flyte-console-config +# files: +# - ./config/console.yaml + +- name: datacatalog-config + behavior: merge + files: + - ./config/datacatalog/db.yaml + - ./config/common/storage.yaml + - ./config/common/logger.yaml diff --git a/kustomize/overlays/test/propeller/kustomization.yaml b/kustomize/overlays/test/propeller/kustomization.yaml deleted file mode 100644 index b6a993b57c..0000000000 --- a/kustomize/overlays/test/propeller/kustomization.yaml +++ /dev/null @@ -1,17 +0,0 @@ -bases: -- ../../../base/propeller - -namespace: flyte - -configMapGenerator: -# the main propeller configmap -- name: flyte-propeller-config - files: - - config.yaml -# the plugin-configmap -- name: flyte-plugin-config - files: - - plugins/config.yaml - -patches: -- propeller.yaml diff --git a/kustomize/overlays/test/propeller/plugins/config.yaml b/kustomize/overlays/test/propeller/plugins/config.yaml deleted file mode 100644 index e1f74a1d7e..0000000000 --- a/kustomize/overlays/test/propeller/plugins/config.yaml +++ /dev/null @@ -1,14 +0,0 @@ -plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "5s" - diff --git a/kustomize/overlays/test/propeller/propeller.yaml b/kustomize/overlays/test/propeller/propeller.yaml deleted file mode 100644 index cde598b46d..0000000000 --- a/kustomize/overlays/test/propeller/propeller.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - containers: - - name: flytepropeller - resources: - limits: - memory: "100Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" From bda997f1a01e266e2de333250da334f67a9d60d1 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 21 Sep 2020 17:15:44 -0700 Subject: [PATCH 12/41] remove images --- kustomize/overlays/images/kustomization.yaml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 kustomize/overlays/images/kustomization.yaml diff --git a/kustomize/overlays/images/kustomization.yaml b/kustomize/overlays/images/kustomization.yaml deleted file mode 100644 index b9007d8b31..0000000000 --- a/kustomize/overlays/images/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: flyteadmin - newTag: foo From 16abdfb1acf0b594cdf1efdee03928193623954d Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Mon, 21 Sep 2020 22:34:19 -0700 Subject: [PATCH 13/41] GCP updated --- .../admindeployment/clustersync/cron.yaml | 5 ++ .../base/admindeployment/deployment.yaml | 11 +++ kustomize/base/console/kustomization.yaml | 7 -- kustomize/base/datacatalog/deployment.yaml | 7 ++ kustomize/base/datacatalog/kustomization.yaml | 8 -- .../config/admin/db.yaml | 1 + .../config/datacatalog/db.yaml | 1 + .../config/propeller/core.yaml | 6 -- .../flyte_headless_cluster/kustomization.yaml | 5 ++ .../base/flyte_headless_cluster/pass.txt | 1 + kustomize/base/propeller/kustomization.yaml | 8 -- .../aa_namespace.yaml | 7 -- kustomize/overlays/gcp/admin/cron.yaml | 35 -------- kustomize/overlays/gcp/admin/deployment.yaml | 51 +---------- .../overlays/gcp/admin/flyteadmin_config.yaml | 61 ------------- .../overlays/gcp/admin/kustomization.yaml | 22 ----- kustomize/overlays/gcp/config/admin/db.yaml | 6 ++ .../gcp/config/admin/remote_data.yaml | 2 + .../config/admin/task_resource_defaults.yaml | 9 ++ .../ac_project-copilot-dataconfig.yaml | 18 ++++ .../ad_spark-role.yaml | 24 ++++++ .../ae_spark-service-account.yaml | 5 ++ .../af_spark-role-binding.yaml | 14 +++ .../overlays/gcp/config/common/storage.yaml | 19 +++++ .../overlays/gcp/config/datacatalog/db.yaml | 7 ++ .../overlays/gcp/config/propeller/core.yaml | 40 +++++++++ .../gcp/config/propeller/enabled_plugins.yaml | 9 ++ .../propeller/plugins/catalog_cache.yaml | 6 ++ .../gcp/config/propeller/plugins/k8s.yaml | 8 ++ .../gcp/config/propeller/plugins/qubole.yaml | 3 + .../gcp/config/propeller/plugins/spark.yaml | 16 ++++ .../config/propeller/plugins/task_logs.yaml | 4 + kustomize/overlays/gcp/console/configmap.yaml | 8 -- .../overlays/gcp/console/deployment.yaml | 15 ---- .../overlays/gcp/console/kustomization.yaml | 7 -- kustomize/overlays/gcp/console/service.yaml | 9 -- .../gcp/datacatalog/datacatalog_config.yaml | 26 ------ .../overlays/gcp/datacatalog/deployment.yaml | 24 +----- .../gcp/datacatalog/kustomization.yaml | 16 +--- .../cloudsqlproxy/deployment.yaml | 0 .../cloudsqlproxy/kustomization.yaml | 0 .../cloudsqlproxy/service.yaml | 0 .../gcp/dependencies/redis/deployment.yaml | 59 +++++++++++++ .../gcp/dependencies/redis/kustomization.yaml | 3 + .../gcp/dependencies/redis/service.yaml | 16 ++++ .../overlays/gcp/flyte/kustomization.yaml | 14 --- kustomize/overlays/gcp/kustomization.yaml | 85 +++++++++++++++++++ kustomize/overlays/gcp/propeller/config.yaml | 60 ------------- .../overlays/gcp/propeller/deployment.yaml | 6 +- .../overlays/gcp/propeller/kustomization.yaml | 22 ----- .../gcp/propeller/plugins/config.yaml | 21 ----- kustomize/overlays/sandbox/kustomization.yaml | 19 +++++ kustomize/overlays/sandbox/test.yaml | 45 ++++++++-- 53 files changed, 452 insertions(+), 429 deletions(-) create mode 100644 kustomize/base/flyte_headless_cluster/pass.txt delete mode 100644 kustomize/overlays/gcp/admin/clusterresource-templates/aa_namespace.yaml delete mode 100644 kustomize/overlays/gcp/admin/cron.yaml delete mode 100644 kustomize/overlays/gcp/admin/flyteadmin_config.yaml delete mode 100644 kustomize/overlays/gcp/admin/kustomization.yaml create mode 100644 kustomize/overlays/gcp/config/admin/db.yaml create mode 100644 kustomize/overlays/gcp/config/admin/remote_data.yaml create mode 100644 kustomize/overlays/gcp/config/admin/task_resource_defaults.yaml create mode 100644 kustomize/overlays/gcp/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml create mode 100644 kustomize/overlays/gcp/config/clusterresource-templates/ad_spark-role.yaml create mode 100644 kustomize/overlays/gcp/config/clusterresource-templates/ae_spark-service-account.yaml create mode 100644 kustomize/overlays/gcp/config/clusterresource-templates/af_spark-role-binding.yaml create mode 100644 kustomize/overlays/gcp/config/common/storage.yaml create mode 100644 kustomize/overlays/gcp/config/datacatalog/db.yaml create mode 100644 kustomize/overlays/gcp/config/propeller/core.yaml create mode 100644 kustomize/overlays/gcp/config/propeller/enabled_plugins.yaml create mode 100644 kustomize/overlays/gcp/config/propeller/plugins/catalog_cache.yaml create mode 100644 kustomize/overlays/gcp/config/propeller/plugins/k8s.yaml create mode 100644 kustomize/overlays/gcp/config/propeller/plugins/qubole.yaml create mode 100644 kustomize/overlays/gcp/config/propeller/plugins/spark.yaml create mode 100644 kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml delete mode 100644 kustomize/overlays/gcp/console/configmap.yaml delete mode 100644 kustomize/overlays/gcp/console/deployment.yaml delete mode 100644 kustomize/overlays/gcp/console/kustomization.yaml delete mode 100644 kustomize/overlays/gcp/console/service.yaml delete mode 100644 kustomize/overlays/gcp/datacatalog/datacatalog_config.yaml rename kustomize/overlays/gcp/{ => dependencies}/cloudsqlproxy/deployment.yaml (100%) rename kustomize/overlays/gcp/{ => dependencies}/cloudsqlproxy/kustomization.yaml (100%) rename kustomize/overlays/gcp/{ => dependencies}/cloudsqlproxy/service.yaml (100%) create mode 100644 kustomize/overlays/gcp/dependencies/redis/deployment.yaml create mode 100644 kustomize/overlays/gcp/dependencies/redis/kustomization.yaml create mode 100644 kustomize/overlays/gcp/dependencies/redis/service.yaml delete mode 100644 kustomize/overlays/gcp/flyte/kustomization.yaml create mode 100644 kustomize/overlays/gcp/kustomization.yaml delete mode 100644 kustomize/overlays/gcp/propeller/config.yaml delete mode 100644 kustomize/overlays/gcp/propeller/kustomization.yaml delete mode 100644 kustomize/overlays/gcp/propeller/plugins/config.yaml diff --git a/kustomize/base/admindeployment/clustersync/cron.yaml b/kustomize/base/admindeployment/clustersync/cron.yaml index 0205498005..aea2b4b42f 100644 --- a/kustomize/base/admindeployment/clustersync/cron.yaml +++ b/kustomize/base/admindeployment/clustersync/cron.yaml @@ -20,6 +20,8 @@ spec: mountPath: /etc/flyte/clusterresource/templates - name: config-volume mountPath: /etc/flyte/config + - name: db-pass + mountPath: /etc/db volumes: - name: resource-templates configMap: @@ -27,4 +29,7 @@ spec: - name: config-volume configMap: name: flyte-admin-config + - name: db-pass + secret: + secretName: db-pass restartPolicy: OnFailure diff --git a/kustomize/base/admindeployment/deployment.yaml b/kustomize/base/admindeployment/deployment.yaml index 422809a7b8..24dae11c87 100644 --- a/kustomize/base/admindeployment/deployment.yaml +++ b/kustomize/base/admindeployment/deployment.yaml @@ -32,6 +32,9 @@ spec: - name: resource-templates configMap: name: clusterresource-template + - name: db-pass + secret: + secretName: db-pass initContainers: - name: run-migrations image: flyteadmin:v0.3.5 @@ -40,6 +43,8 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/flyte/config + - name: db-pass + mountPath: /etc/db # Optional, These just seed the project - TODO move them to only - name: seed-projects image: docker.io/lyft/flyteadmin:v0.3.5 @@ -49,6 +54,8 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/flyte/config + - name: db-pass + mountPath: /etc/db - name: sync-cluster-resources image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent @@ -58,6 +65,8 @@ spec: mountPath: /etc/flyte/clusterresource/templates - name: config-volume mountPath: /etc/flyte/config + - name: db-pass + mountPath: /etc/db containers: - name: flyteadmin image: flyteadmin:v0.3.5 @@ -71,6 +80,8 @@ spec: mountPath: /srv/flyte - name: config-volume mountPath: /etc/flyte/config + - name: db-pass + mountPath: /etc/db - name: redoc image: docker.io/redocly/redoc imagePullPolicy: IfNotPresent diff --git a/kustomize/base/console/kustomization.yaml b/kustomize/base/console/kustomization.yaml index 356dd045b6..81d586a3cd 100644 --- a/kustomize/base/console/kustomization.yaml +++ b/kustomize/base/console/kustomization.yaml @@ -2,10 +2,3 @@ resources: - deployment.yaml - service.yaml - configmap.yaml - -# Images that should be used -images: - # FlyteConsole - - name: flyteconsole # match images with this name - newTag: v0.11.0 # override the tag - newName: docker.io/lyft/flyteconsole # override the name diff --git a/kustomize/base/datacatalog/deployment.yaml b/kustomize/base/datacatalog/deployment.yaml index 65c049deb6..11d7febc0c 100644 --- a/kustomize/base/datacatalog/deployment.yaml +++ b/kustomize/base/datacatalog/deployment.yaml @@ -28,6 +28,9 @@ spec: - name: config-volume configMap: name: datacatalog-config + - name: db-pass + secret: + secretName: db-pass initContainers: - name: run-migrations image: datacatalog:v0.2.2 @@ -36,6 +39,8 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/datacatalog/config + - name: db-pass + mountPath: /etc/db containers: - name: datacatalog image: datacatalog:v0.2.2 @@ -47,3 +52,5 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/datacatalog/config + - name: db-pass + mountPath: /etc/db diff --git a/kustomize/base/datacatalog/kustomization.yaml b/kustomize/base/datacatalog/kustomization.yaml index ace3329f36..c38e72a98d 100644 --- a/kustomize/base/datacatalog/kustomization.yaml +++ b/kustomize/base/datacatalog/kustomization.yaml @@ -2,11 +2,3 @@ resources: - rbac.yaml - deployment.yaml - service.yaml - -# Images that should be used -images: - # Flyte DataCatalog - - name: datacatalog # match images with this name - newTag: v0.2.2 # override the tag - newName: docker.io/lyft/datacatalog # override the name - diff --git a/kustomize/base/flyte_headless_cluster/config/admin/db.yaml b/kustomize/base/flyte_headless_cluster/config/admin/db.yaml index e47f4c44d1..5aefbfb435 100644 --- a/kustomize/base/flyte_headless_cluster/config/admin/db.yaml +++ b/kustomize/base/flyte_headless_cluster/config/admin/db.yaml @@ -7,3 +7,4 @@ database: host: postgres dbname: postgres options: sslmode=disable + passwordPath: /etc/db/pass.txt diff --git a/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml b/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml index 6ba8a5949d..479475aa94 100644 --- a/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml +++ b/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml @@ -7,3 +7,4 @@ database: host: postgres dbname: datacatalog options: sslmode=disable + passwordPath: /etc/db/pass.txt diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/core.yaml b/kustomize/base/flyte_headless_cluster/config/propeller/core.yaml index 4323ccd803..f316fca7e3 100644 --- a/kustomize/base/flyte_headless_cluster/config/propeller/core.yaml +++ b/kustomize/base/flyte_headless_cluster/config/propeller/core.yaml @@ -29,9 +29,3 @@ propeller: type: bucket rate: 10 capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword diff --git a/kustomize/base/flyte_headless_cluster/kustomization.yaml b/kustomize/base/flyte_headless_cluster/kustomization.yaml index cad93d8191..b8c4987f24 100644 --- a/kustomize/base/flyte_headless_cluster/kustomization.yaml +++ b/kustomize/base/flyte_headless_cluster/kustomization.yaml @@ -57,3 +57,8 @@ configMapGenerator: - ./config/datacatalog/db.yaml - ./config/common/storage.yaml - ./config/common/logger.yaml + +secretGenerator: +- name: db-pass + literals: + - pass.txt="awesomesauce" diff --git a/kustomize/base/flyte_headless_cluster/pass.txt b/kustomize/base/flyte_headless_cluster/pass.txt new file mode 100644 index 0000000000..f6b1b7073b --- /dev/null +++ b/kustomize/base/flyte_headless_cluster/pass.txt @@ -0,0 +1 @@ +awesomesauce diff --git a/kustomize/base/propeller/kustomization.yaml b/kustomize/base/propeller/kustomization.yaml index 402ee47755..3f090bdf48 100644 --- a/kustomize/base/propeller/kustomization.yaml +++ b/kustomize/base/propeller/kustomization.yaml @@ -1,11 +1,3 @@ resources: - deployment.yaml - rbac.yaml - -# Images that should be used -images: - # FlytePropeller - - name: flytepropeller # match images with this name - newTag: v0.3.12 # override the tag - newName: docker.io/lyft/flytepropeller # override the name - diff --git a/kustomize/overlays/gcp/admin/clusterresource-templates/aa_namespace.yaml b/kustomize/overlays/gcp/admin/clusterresource-templates/aa_namespace.yaml deleted file mode 100644 index 3075aa9f9e..0000000000 --- a/kustomize/overlays/gcp/admin/clusterresource-templates/aa_namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: {{ namespace }} -spec: - finalizers: - - kubernetes diff --git a/kustomize/overlays/gcp/admin/cron.yaml b/kustomize/overlays/gcp/admin/cron.yaml deleted file mode 100644 index 2aad5186d2..0000000000 --- a/kustomize/overlays/gcp/admin/cron.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - schedule: "*/1 * * * *" - jobTemplate: - spec: - template: - spec: - serviceAccountName: flyteadmin - containers: - - name: sync-cluster-resources - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - - name: db-user-pass - mountPath: /etc/gcp - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - - name: config-volume - configMap: - name: flyte-admin-config - - name: db-user-pass - secret: - secretName: db-user-pass - restartPolicy: OnFailure diff --git a/kustomize/overlays/gcp/admin/deployment.yaml b/kustomize/overlays/gcp/admin/deployment.yaml index f8b6a29814..b581a3dba1 100644 --- a/kustomize/overlays/gcp/admin/deployment.yaml +++ b/kustomize/overlays/gcp/admin/deployment.yaml @@ -6,55 +6,10 @@ metadata: spec: template: spec: - serviceAccountName: flyteadmin - initContainers: - - name: check-db-ready - image: postgres:10.1 - imagePullPolicy: IfNotPresent - command: ['sh', '-c', - 'until pg_isready -h cloudsqlproxy -p 5432; - do echo waiting for database; sleep 2; done;'] - - name: run-migrations - volumeMounts: - - name: db-user-pass - mountPath: /etc/gcp - - name: seed-projects - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", - "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: db-user-pass - mountPath: /etc/gcp - - name: sync-cluster-resources - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - - name: db-user-pass - mountPath: /etc/gcp - containers: - name: flyteadmin - volumeMounts: - - name: db-user-pass - mountPath: /etc/gcp resources: limits: - memory: "200Mi" - cpu: "1" - ephemeral-storage: "100Mi" - volumes: - - name: db-user-pass - secret: - secretName: db-user-pass - - name: resource-templates - configMap: - name: clusterresource-template - + memory: "1Gi" + cpu: "2" + ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/gcp/admin/flyteadmin_config.yaml b/kustomize/overlays/gcp/admin/flyteadmin_config.yaml deleted file mode 100644 index b44fef3939..0000000000 --- a/kustomize/overlays/gcp/admin/flyteadmin_config.yaml +++ /dev/null @@ -1,61 +0,0 @@ -logger: - show-source: true - level: 5 -server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # TODO: use real origin - - http://flyte.example.com -flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin -database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: flyte - options: "sslmode=disable" - passwordPath: /etc/gcp/db_pwd.txt -remoteData: - scheme: "gcp" -storage: - type: stow - stow: - kind: google - config: - json: "" - # TODO: replace with the GCP project ID - project_id: - scopes: https://www.googleapis.com/auth/devstorage.read_write - container: "flyte" -task_resources: - defaults: - cpu: 1000m - memory: 1000Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi -task_type_whitelist: {} -domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production -cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - refresh: 5m diff --git a/kustomize/overlays/gcp/admin/kustomization.yaml b/kustomize/overlays/gcp/admin/kustomization.yaml deleted file mode 100644 index f960e431ee..0000000000 --- a/kustomize/overlays/gcp/admin/kustomization.yaml +++ /dev/null @@ -1,22 +0,0 @@ -bases: -- ../../../base/admindeployment - -namespace: flyte - -resources: -- cron.yaml - -configMapGenerator: -# the main admin configmap -- name: flyte-admin-config - files: - - flyteadmin_config.yaml -# cluster resource templates -- name: clusterresource-template - files: -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - clusterresource-templates/aa_namespace.yaml - -patches: -- deployment.yaml -- service.yaml diff --git a/kustomize/overlays/gcp/config/admin/db.yaml b/kustomize/overlays/gcp/config/admin/db.yaml new file mode 100644 index 0000000000..4e2741221d --- /dev/null +++ b/kustomize/overlays/gcp/config/admin/db.yaml @@ -0,0 +1,6 @@ +database: + port: 5432 + username: flyte + host: cloudsqlproxy + dbname: flyte + passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/gcp/config/admin/remote_data.yaml b/kustomize/overlays/gcp/config/admin/remote_data.yaml new file mode 100644 index 0000000000..8af409c9a4 --- /dev/null +++ b/kustomize/overlays/gcp/config/admin/remote_data.yaml @@ -0,0 +1,2 @@ +remoteData: + scheme: "gcp" diff --git a/kustomize/overlays/gcp/config/admin/task_resource_defaults.yaml b/kustomize/overlays/gcp/config/admin/task_resource_defaults.yaml new file mode 100644 index 0000000000..38079d47da --- /dev/null +++ b/kustomize/overlays/gcp/config/admin/task_resource_defaults.yaml @@ -0,0 +1,9 @@ +task_resources: + defaults: + cpu: 1000m + memory: 1000Mi + storage: 1000Mi + limits: + cpu: 2 + memory: 2G + storage: 2000Mi diff --git a/kustomize/overlays/gcp/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/overlays/gcp/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml new file mode 100644 index 0000000000..cc17cb58a7 --- /dev/null +++ b/kustomize/overlays/gcp/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -0,0 +1,18 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: flyte-data-config + namespace: {{ namespace }} +data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true diff --git a/kustomize/overlays/gcp/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/overlays/gcp/config/clusterresource-templates/ad_spark-role.yaml new file mode 100644 index 0000000000..2dc0b21b65 --- /dev/null +++ b/kustomize/overlays/gcp/config/clusterresource-templates/ad_spark-role.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: spark-role + namespace: {{ namespace }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' diff --git a/kustomize/overlays/gcp/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/overlays/gcp/config/clusterresource-templates/ae_spark-service-account.yaml new file mode 100644 index 0000000000..dddd8d2742 --- /dev/null +++ b/kustomize/overlays/gcp/config/clusterresource-templates/ae_spark-service-account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: spark + namespace: {{ namespace }} diff --git a/kustomize/overlays/gcp/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/overlays/gcp/config/clusterresource-templates/af_spark-role-binding.yaml new file mode 100644 index 0000000000..4b6c43bbb7 --- /dev/null +++ b/kustomize/overlays/gcp/config/clusterresource-templates/af_spark-role-binding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: spark-role-binding + namespace: {{ namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: spark-role +subjects: +- kind: ServiceAccount + name: spark + namespace: {{ namespace }} + diff --git a/kustomize/overlays/gcp/config/common/storage.yaml b/kustomize/overlays/gcp/config/common/storage.yaml new file mode 100644 index 0000000000..6d678d0bbc --- /dev/null +++ b/kustomize/overlays/gcp/config/common/storage.yaml @@ -0,0 +1,19 @@ +storage: + type: stow + stow: + kind: google + config: + json: "" + # TODO: replace with the GCP project ID + project_id: + scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store + container: "flyte" + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size + cache: + max_size_mbs: 512 + target_gc_percent: 70 + limits: + maxDownloadMBs: 10 diff --git a/kustomize/overlays/gcp/config/datacatalog/db.yaml b/kustomize/overlays/gcp/config/datacatalog/db.yaml new file mode 100644 index 0000000000..abfb330459 --- /dev/null +++ b/kustomize/overlays/gcp/config/datacatalog/db.yaml @@ -0,0 +1,7 @@ +database: + port: 5432 + username: flyte + host: cloudsqlproxy + dbname: datacatalog + options: "sslmode=disable" + passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/gcp/config/propeller/core.yaml b/kustomize/overlays/gcp/config/propeller/core.yaml new file mode 100644 index 0000000000..baa8c6b261 --- /dev/null +++ b/kustomize/overlays/gcp/config/propeller/core.yaml @@ -0,0 +1,40 @@ +propeller: + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 40 + gc-interval: 12h + max-workflow-retries: 50 + workflow-reeval-duration: 30s + downstream-eval-duration: 30s + limit-namespace: "all" + prof-port: 10254 + metrics-prefix: flyte + enable-admin-launcher: true + leader-election: + lock-config-map: + name: propeller-leader + namespace: flyte + enabled: true + lease-duration: 15s + renew-deadline: 10s + retry-period: 2s + kube-client-config: + qps: 100 + burst: 25 + timeout: 30s + queue: + type: batch + batching-interval: 2s + batch-size: -1 + queue: + type: maxof + rate: 100 + capacity: 1000 + base-delay: 5s + max-delay: 120s + sub-queue: + type: bucket + rate: 100 + capacity: 1000 + workflowStore: + policy: "ResourceVersionCache" diff --git a/kustomize/overlays/gcp/config/propeller/enabled_plugins.yaml b/kustomize/overlays/gcp/config/propeller/enabled_plugins.yaml new file mode 100644 index 0000000000..63dddf24ae --- /dev/null +++ b/kustomize/overlays/gcp/config/propeller/enabled_plugins.yaml @@ -0,0 +1,9 @@ +tasks: + max-plugin-phase-versions: 1000000 + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array + - pytorch diff --git a/kustomize/overlays/gcp/config/propeller/plugins/catalog_cache.yaml b/kustomize/overlays/gcp/config/propeller/plugins/catalog_cache.yaml new file mode 100644 index 0000000000..3678fbbc89 --- /dev/null +++ b/kustomize/overlays/gcp/config/propeller/plugins/catalog_cache.yaml @@ -0,0 +1,6 @@ +plugins: + catalogCache: + reader: + maxItems: 10000 + writer: + maxItems: 10000 diff --git a/kustomize/overlays/gcp/config/propeller/plugins/k8s.yaml b/kustomize/overlays/gcp/config/propeller/plugins/k8s.yaml new file mode 100644 index 0000000000..8fe068397f --- /dev/null +++ b/kustomize/overlays/gcp/config/propeller/plugins/k8s.yaml @@ -0,0 +1,8 @@ +plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi diff --git a/kustomize/overlays/gcp/config/propeller/plugins/qubole.yaml b/kustomize/overlays/gcp/config/propeller/plugins/qubole.yaml new file mode 100644 index 0000000000..ea34d2752b --- /dev/null +++ b/kustomize/overlays/gcp/config/propeller/plugins/qubole.yaml @@ -0,0 +1,3 @@ +plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" diff --git a/kustomize/overlays/gcp/config/propeller/plugins/spark.yaml b/kustomize/overlays/gcp/config/propeller/plugins/spark.yaml new file mode 100644 index 0000000000..c1ffb9209a --- /dev/null +++ b/kustomize/overlays/gcp/config/propeller/plugins/spark.yaml @@ -0,0 +1,16 @@ +plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" diff --git a/kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml new file mode 100644 index 0000000000..0955b59387 --- /dev/null +++ b/kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml @@ -0,0 +1,4 @@ +plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" diff --git a/kustomize/overlays/gcp/console/configmap.yaml b/kustomize/overlays/gcp/console/configmap.yaml deleted file mode 100644 index 52e2d1f70f..0000000000 --- a/kustomize/overlays/gcp/console/configmap.yaml +++ /dev/null @@ -1,8 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: flyte-console-config - namespace: flyte -data: - # TODO: use the internal load balancer IP or the DNS name associated with it if any - ADMIN_API_URL: http://flyteadmin-internal-lb diff --git a/kustomize/overlays/gcp/console/deployment.yaml b/kustomize/overlays/gcp/console/deployment.yaml deleted file mode 100644 index 9261654671..0000000000 --- a/kustomize/overlays/gcp/console/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteconsole - namespace: flyte -spec: - template: - spec: - containers: - - name: flyteconsole - resources: - limits: - memory: "150Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" diff --git a/kustomize/overlays/gcp/console/kustomization.yaml b/kustomize/overlays/gcp/console/kustomization.yaml deleted file mode 100644 index 709a239847..0000000000 --- a/kustomize/overlays/gcp/console/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -bases: -- ../../../base/console - -patches: -- deployment.yaml -- service.yaml -- configmap.yaml diff --git a/kustomize/overlays/gcp/console/service.yaml b/kustomize/overlays/gcp/console/service.yaml deleted file mode 100644 index 39de673275..0000000000 --- a/kustomize/overlays/gcp/console/service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte - annotations: - cloud.google.com/load-balancer-type: Internal -spec: - type: LoadBalancer diff --git a/kustomize/overlays/gcp/datacatalog/datacatalog_config.yaml b/kustomize/overlays/gcp/datacatalog/datacatalog_config.yaml deleted file mode 100644 index 3dc8b01689..0000000000 --- a/kustomize/overlays/gcp/datacatalog/datacatalog_config.yaml +++ /dev/null @@ -1,26 +0,0 @@ -logger: - show-source: true - level: 5 -datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 -application: - grpcPort: 8089 -storage: - type: stow - stow: - kind: google - config: - json: "" - # TODO: replace with the GCP project ID - project_id: - scopes: https://www.googleapis.com/auth/devstorage.read_write - container: "flyte" -database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: datacatalog - options: "sslmode=disable" - passwordPath: /etc/gcp/db_pwd.txt diff --git a/kustomize/overlays/gcp/datacatalog/deployment.yaml b/kustomize/overlays/gcp/datacatalog/deployment.yaml index 4b554a07e0..1035dac5a0 100644 --- a/kustomize/overlays/gcp/datacatalog/deployment.yaml +++ b/kustomize/overlays/gcp/datacatalog/deployment.yaml @@ -6,28 +6,10 @@ metadata: spec: template: spec: - initContainers: - - name: check-db-ready - image: postgres:10.1 - imagePullPolicy: IfNotPresent - command: ['sh', '-c', - 'until pg_isready -h cloudsqlproxy -p 5432; - do echo waiting for database; sleep 2; done;'] - - name: run-migrations - volumeMounts: - - name: db-user-pass - mountPath: /etc/gcp containers: - name: datacatalog resources: limits: - memory: "200Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" - volumeMounts: - - name: db-user-pass - mountPath: /etc/gcp - volumes: - - name: db-user-pass - secret: - secretName: db-user-pass + memory: "1Gi" + cpu: "2" + ephemeral-storage: "1000Mi" diff --git a/kustomize/overlays/gcp/datacatalog/kustomization.yaml b/kustomize/overlays/gcp/datacatalog/kustomization.yaml index b6dfb1c176..96588e8106 100644 --- a/kustomize/overlays/gcp/datacatalog/kustomization.yaml +++ b/kustomize/overlays/gcp/datacatalog/kustomization.yaml @@ -1,15 +1,5 @@ -bases: -- ../../../base/datacatalog - -namespace: flyte - -configMapGenerator: -- name: datacatalog-config - files: - - datacatalog_config.yaml +resources: + - service.yaml patches: -- deployment.yaml - -resources: -- service.yaml + - deployment.yaml diff --git a/kustomize/overlays/gcp/cloudsqlproxy/deployment.yaml b/kustomize/overlays/gcp/dependencies/cloudsqlproxy/deployment.yaml similarity index 100% rename from kustomize/overlays/gcp/cloudsqlproxy/deployment.yaml rename to kustomize/overlays/gcp/dependencies/cloudsqlproxy/deployment.yaml diff --git a/kustomize/overlays/gcp/cloudsqlproxy/kustomization.yaml b/kustomize/overlays/gcp/dependencies/cloudsqlproxy/kustomization.yaml similarity index 100% rename from kustomize/overlays/gcp/cloudsqlproxy/kustomization.yaml rename to kustomize/overlays/gcp/dependencies/cloudsqlproxy/kustomization.yaml diff --git a/kustomize/overlays/gcp/cloudsqlproxy/service.yaml b/kustomize/overlays/gcp/dependencies/cloudsqlproxy/service.yaml similarity index 100% rename from kustomize/overlays/gcp/cloudsqlproxy/service.yaml rename to kustomize/overlays/gcp/dependencies/cloudsqlproxy/service.yaml diff --git a/kustomize/overlays/gcp/dependencies/redis/deployment.yaml b/kustomize/overlays/gcp/dependencies/redis/deployment.yaml new file mode 100644 index 0000000000..82067d702b --- /dev/null +++ b/kustomize/overlays/gcp/dependencies/redis/deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - name: redis-data + emptyDir: {} diff --git a/kustomize/overlays/gcp/dependencies/redis/kustomization.yaml b/kustomize/overlays/gcp/dependencies/redis/kustomization.yaml new file mode 100644 index 0000000000..a944d005ca --- /dev/null +++ b/kustomize/overlays/gcp/dependencies/redis/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- deployment.yaml +- service.yaml diff --git a/kustomize/overlays/gcp/dependencies/redis/service.yaml b/kustomize/overlays/gcp/dependencies/redis/service.yaml new file mode 100644 index 0000000000..8c86264ae3 --- /dev/null +++ b/kustomize/overlays/gcp/dependencies/redis/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP diff --git a/kustomize/overlays/gcp/flyte/kustomization.yaml b/kustomize/overlays/gcp/flyte/kustomization.yaml deleted file mode 100644 index 17f2337120..0000000000 --- a/kustomize/overlays/gcp/flyte/kustomization.yaml +++ /dev/null @@ -1,14 +0,0 @@ -bases: -# global resources -- ../../../base/namespace -- ../cloudsqlproxy - -# user plane / control plane resources -- ../admin -- ../console -- ../datacatalog - -# data plane resources -- ../../../base/wf_crd -- ../../../base/adminserviceaccount -- ../propeller diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml new file mode 100644 index 0000000000..29ea49aca6 --- /dev/null +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -0,0 +1,85 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +# Override the namespace +namespace: flyte + +bases: +- ../../base/flyte_single_cluster + +# All the resources that make up the deployment +- datacatalog/service.yaml +- propeller/service.yaml + ######## + # Operators to be enabled + ############# + # Dependencies to be configured + # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc + # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) + # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's + # Add node ports for ease of use locally +resources: +- ../../base/operators/spark +- ../../base/operators/kfoperators/pytorch +- ./dependencies/cloudsqlproxy + # Optional dependency +- ./dependencies/redis + +patchesStrategicMerge: +- admin/deployment.yaml +- admin/service.yaml +- datacatalog/deployment.yaml +- propeller/deployment.yaml + +# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". + +configMapGenerator: +- behavior: merge + files: + - ./config/admin/db.yaml + - ./config/admin/remote_data.yaml + - ./config/admin/task_resource_defaults.yaml + - ./config/common/storage.yaml + name: flyte-admin-config +- behavior: merge + files: + - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + - ./config/clusterresource-templates/ad_spark-role.yaml + - ./config/clusterresource-templates/ae_spark-service-account.yaml + - ./config/clusterresource-templates/af_spark-role-binding.yaml + name: clusterresource-template +- behavior: merge + files: + - ./config/propeller/core.yaml + - ./config/propeller/enabled_plugins.yaml + - ./config/propeller/plugins/catalog_cache.yaml + - ./config/propeller/plugins/k8s.yaml + - ./config/propeller/plugins/qubole.yaml + - ./config/propeller/plugins/spark.yaml + - ./config/propeller/plugins/task_logs.yaml + - ./config/common/storage.yaml + name: flyte-propeller-config +- behavior: merge + files: + - ./config/common/storage.yaml + - ./config/datacatalog/db.yaml + name: datacatalog-config + +# Images that should be used +images: + # FlyteAdmin + - name: flyteadmin # match images with this name + newTag: v0.3.5 # override the tag + newName: docker.io/lyft/flyteadmin # override the name + # FlyteConsole + - name: flyteconsole # match images with this name + newTag: v0.11.0 # override the tag + newName: docker.io/lyft/flyteconsole # override the namep + # Flyte DataCatalog + - name: datacatalog # match images with this name + newTag: v0.2.2 # override the tag + newName: docker.io/lyft/datacatalog # override the name + # FlytePropeller + - name: flytepropeller # match images with this name + newTag: v0.3.12 # override the tag + newName: docker.io/lyft/flytepropeller # override the name diff --git a/kustomize/overlays/gcp/propeller/config.yaml b/kustomize/overlays/gcp/propeller/config.yaml deleted file mode 100644 index ae5a8d455c..0000000000 --- a/kustomize/overlays/gcp/propeller/config.yaml +++ /dev/null @@ -1,60 +0,0 @@ -propeller: - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 -logger: - show-source: true - level: 5 -storage: - type: stow - stow: - kind: google - config: - json: "" - # TODO: replace with the GCP project ID - project_id: - scopes: https://www.googleapis.com/auth/devstorage.read_write - container: "flyte" -event: - type: admin - rate: 500 - capacity: 1000 -admin: - endpoint: flyteadmin:81 - insecure: true -catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array diff --git a/kustomize/overlays/gcp/propeller/deployment.yaml b/kustomize/overlays/gcp/propeller/deployment.yaml index e66adcb272..9a46601b53 100644 --- a/kustomize/overlays/gcp/propeller/deployment.yaml +++ b/kustomize/overlays/gcp/propeller/deployment.yaml @@ -10,6 +10,6 @@ spec: - name: flytepropeller resources: limits: - memory: "1000Mi" - cpu: "1" - ephemeral-storage: "1000Mi" + memory: "4Gi" + cpu: "2" + ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/gcp/propeller/kustomization.yaml b/kustomize/overlays/gcp/propeller/kustomization.yaml deleted file mode 100644 index 8da778e87a..0000000000 --- a/kustomize/overlays/gcp/propeller/kustomization.yaml +++ /dev/null @@ -1,22 +0,0 @@ -bases: -- ../../../base/propeller - -namespace: flyte - -configMapGenerator: -# the main propeller configmap -- name: flyte-propeller-config - files: - - config.yaml -# the plugin-configmap -- name: flyte-plugin-config - files: - - plugins/config.yaml -# a configmap for each plugin - -patches: -- deployment.yaml -# add the volumemount for each plugin configmap - -resources: -- service.yaml diff --git a/kustomize/overlays/gcp/propeller/plugins/config.yaml b/kustomize/overlays/gcp/propeller/plugins/config.yaml deleted file mode 100644 index 2f6440df91..0000000000 --- a/kustomize/overlays/gcp/propeller/plugins/config.yaml +++ /dev/null @@ -1,21 +0,0 @@ -plugins: - logs: - # Log links can link to multiple options - # #1 Kubernetes dashboard - kubernetes-enabled: false - # #2 GCP stackdriver - stackdriver-enabled: true - # TODO: replace with the GCP project ID - gcp-project: - stackdriver-logresourcename: k8s_container - k8s: - default-annotations: - # Example annotation that will be applied to every k8s resource launched - - flyte.lyft.net/deployment: gke - # Example Environment variables that will be applied to every container executed on k8s - default-env-vars: - - FLYTE_CLOUD_PLATFORM: gcp - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "30s" diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index 9cb5f97e2a..b299dc2674 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -80,3 +80,22 @@ configMapGenerator: - ./config/common/logger.yaml - ./config/datacatalog/db.yaml name: datacatalog-config + +# Images that should be used +images: + # FlyteAdmin + - name: flyteadmin # match images with this name + newTag: v0.3.5 # override the tag + newName: docker.io/lyft/flyteadmin # override the name + # FlyteConsole + - name: flyteconsole # match images with this name + newTag: v0.11.0 # override the tag + newName: docker.io/lyft/flyteconsole # override the namep + # Flyte DataCatalog + - name: datacatalog # match images with this name + newTag: v0.2.2 # override the tag + newName: docker.io/lyft/datacatalog # override the name + # FlytePropeller + - name: flytepropeller # match images with this name + newTag: v0.3.12 # override the tag + newName: docker.io/lyft/flytepropeller # override the name diff --git a/kustomize/overlays/sandbox/test.yaml b/kustomize/overlays/sandbox/test.yaml index fdf62a5403..5b7abcc2f5 100644 --- a/kustomize/overlays/sandbox/test.yaml +++ b/kustomize/overlays/sandbox/test.yaml @@ -709,9 +709,6 @@ metadata: apiVersion: v1 data: db.yaml: | - # This should be replaced with the db endpoint - # This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc - # Or can be a self hosted Postgres in the cluster database: port: 5432 username: postgres @@ -745,7 +742,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: datacatalog-config-kc8cgttd4k + name: datacatalog-config-dcg96ktb98 namespace: flyte --- apiVersion: v1 @@ -983,6 +980,15 @@ metadata: namespace: flyte --- apiVersion: v1 +data: + pass.txt: YXdlc29tZXNhdWNl +kind: Secret +metadata: + name: db-pass-8mb4h2b9hf + namespace: flyte +type: Opaque +--- +apiVersion: v1 kind: Service metadata: labels: @@ -1284,6 +1290,8 @@ spec: volumeMounts: - mountPath: /etc/datacatalog/config name: config-volume + - mountPath: /etc/db + name: db-pass initContainers: - command: - datacatalog @@ -1298,13 +1306,18 @@ spec: volumeMounts: - mountPath: /etc/datacatalog/config name: config-volume + - mountPath: /etc/db + name: db-pass serviceAccountName: datacatalog volumes: - emptyDir: {} name: shared-data - configMap: - name: datacatalog-config-kc8cgttd4k + name: datacatalog-config-dcg96ktb98 name: config-volume + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf --- apiVersion: apps/v1 kind: Deployment @@ -1352,6 +1365,8 @@ spec: name: shared-data - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - sh - -c @@ -1380,12 +1395,14 @@ spec: - /etc/flyte/config/*.yaml - migrate - run - image: flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr @@ -1396,12 +1413,14 @@ spec: - flytesnacks - flytetester - flyteexamples - image: flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent name: seed-projects volumeMounts: - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr @@ -1409,7 +1428,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: @@ -1417,6 +1436,8 @@ spec: name: resource-templates - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - sh - -c @@ -1432,6 +1453,9 @@ spec: - configMap: name: clusterresource-template-kf62ttf64k name: resource-templates + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf --- apiVersion: apps/v1 kind: Deployment @@ -1754,6 +1778,8 @@ spec: name: resource-templates - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass restartPolicy: OnFailure serviceAccountName: flyteadmin volumes: @@ -1763,6 +1789,9 @@ spec: - configMap: name: flyte-admin-config-76m7t86kf2 name: config-volume + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf schedule: '*/1 * * * *' --- apiVersion: batch/v1 From f9fc08aff586851be8b5bf46a8dc5d9cf4251b0b Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Tue, 22 Sep 2020 09:05:07 -0700 Subject: [PATCH 14/41] README.md --- kustomize/README.md | 6 ++++++ kustomize/base/README.md | 9 +++++++++ kustomize/base/flyte_single_cluster/README.md | 6 ++++++ kustomize/overlays/README.md | 4 ++++ kustomize/overlays/gcp/README.md | 1 + kustomize/overlays/gcp/kustomization.yaml | 7 +++++++ kustomize/overlays/gcp/pass.txt | 1 + kustomize/overlays/sandbox/README.md | 3 +++ 8 files changed, 37 insertions(+) create mode 100644 kustomize/README.md create mode 100644 kustomize/base/README.md create mode 100644 kustomize/overlays/README.md create mode 100644 kustomize/overlays/gcp/pass.txt create mode 100644 kustomize/overlays/sandbox/README.md diff --git a/kustomize/README.md b/kustomize/README.md new file mode 100644 index 0000000000..1d23e81b8e --- /dev/null +++ b/kustomize/README.md @@ -0,0 +1,6 @@ +# Install Flyte using Kustomize + +[Kustomize](https://kubectl.docs.kubernetes.io/pages/reference/kustomize.html) + +[Base Components](./base) +[Overlays](./overlays) diff --git a/kustomize/base/README.md b/kustomize/base/README.md new file mode 100644 index 0000000000..06fcc02d05 --- /dev/null +++ b/kustomize/base/README.md @@ -0,0 +1,9 @@ +[Back to main menu](../) +# Base Components for Flyte +These deployments provide individual deployment units of the Flyte Backend. + +As a user it might be preferable to use the `flyte_single_cluster` deployment base to create an overlay on top of, or directly edit on top of one of the existing overlays. + +[flyte_single_cluster](./flyte_single_cluster) + + diff --git a/kustomize/base/flyte_single_cluster/README.md b/kustomize/base/flyte_single_cluster/README.md index 1c91e0cd32..0fd138dc3f 100644 --- a/kustomize/base/flyte_single_cluster/README.md +++ b/kustomize/base/flyte_single_cluster/README.md @@ -1,5 +1,11 @@ +[Back to Base components menu](../) # Flyte Single cluster deployment mode This allows flyte to be deployed in one Kubernetes cluster. All components are deployed and can be configured to use dependencies based on the environment. To understand configuration of dependencies refer to sandbox or any cloud deployments + +## Overlays using the single cluster mode +1. [Sandbox Overlay](../../overlays/sandbox) +1. [GCP SingleCluster Overlay](../../overlays/gcp) +1. [EKS SingleCluster Overlay](../../overlays/eks) diff --git a/kustomize/overlays/README.md b/kustomize/overlays/README.md new file mode 100644 index 0000000000..dbd82831c7 --- /dev/null +++ b/kustomize/overlays/README.md @@ -0,0 +1,4 @@ +# Deploy Flyte using one of the given overlays + +1. [Sandbox](./sandbox) +1. [GCP](./gcp) diff --git a/kustomize/overlays/gcp/README.md b/kustomize/overlays/gcp/README.md index 07ce8ceabe..afda4f464e 100644 --- a/kustomize/overlays/gcp/README.md +++ b/kustomize/overlays/gcp/README.md @@ -1,3 +1,4 @@ +[All Overlays](./) # Google Cloud Platform Overlay This overlay serves as an example to bootstrap Flyte setup on Google Cloud Platform (GCP). It is not diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index 29ea49aca6..d01a095a6a 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -65,6 +65,13 @@ configMapGenerator: - ./config/datacatalog/db.yaml name: datacatalog-config +########### +# Use this to record the password for the Google CloudSQL Database +secretGenerator: +- name: db-pass + literals: + - pass.txt="awesomesauce" + # Images that should be used images: # FlyteAdmin diff --git a/kustomize/overlays/gcp/pass.txt b/kustomize/overlays/gcp/pass.txt new file mode 100644 index 0000000000..f6b1b7073b --- /dev/null +++ b/kustomize/overlays/gcp/pass.txt @@ -0,0 +1 @@ +awesomesauce diff --git a/kustomize/overlays/sandbox/README.md b/kustomize/overlays/sandbox/README.md new file mode 100644 index 0000000000..85c7c0afae --- /dev/null +++ b/kustomize/overlays/sandbox/README.md @@ -0,0 +1,3 @@ +[All overlays](../) +# Flyte Sandbox deployment - Kustomize overlay +TBD From 0e040bacc2a5eec6a29ad10077f98e35d5d20458 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 09:39:24 -0700 Subject: [PATCH 15/41] GCP & test done --- .../flyte_headless_cluster/kustomization.yaml | 1 + kustomize/overlays/gcp/kustomization.yaml | 3 +- kustomize/overlays/sandbox/test.yaml | 1879 ----------------- .../test/dependencies/nodeport-services.yaml | 51 - kustomize/overlays/test/kustomization.yaml | 18 +- 5 files changed, 4 insertions(+), 1948 deletions(-) delete mode 100644 kustomize/overlays/sandbox/test.yaml delete mode 100644 kustomize/overlays/test/dependencies/nodeport-services.yaml diff --git a/kustomize/base/flyte_headless_cluster/kustomization.yaml b/kustomize/base/flyte_headless_cluster/kustomization.yaml index b8c4987f24..11eaa439a2 100644 --- a/kustomize/base/flyte_headless_cluster/kustomization.yaml +++ b/kustomize/base/flyte_headless_cluster/kustomization.yaml @@ -17,6 +17,7 @@ configMapGenerator: - name: flyte-admin-config files: - ./config/admin/server.yaml + - ./config/admin/domain.yaml - ./config/admin/db.yaml - ./config/admin/cluster_resources.yaml - ./config/admin/remote_data.yaml diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index d01a095a6a..6e36e56964 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -69,8 +69,9 @@ configMapGenerator: # Use this to record the password for the Google CloudSQL Database secretGenerator: - name: db-pass + behavior: merge literals: - - pass.txt="awesomesauce" + - pass.txt="yourpassword" # Images that should be used images: diff --git a/kustomize/overlays/sandbox/test.yaml b/kustomize/overlays/sandbox/test.yaml deleted file mode 100644 index 5b7abcc2f5..0000000000 --- a/kustomize/overlays/sandbox/test.yaml +++ /dev/null @@ -1,1879 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active ---- -apiVersion: v1 -kind: Namespace -metadata: - name: heptio-contour ---- -apiVersion: v1 -kind: Namespace -metadata: - name: sparkoperator ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - version: v1alpha1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - labels: - component: ingressroute - name: ingressroutes.contour.heptio.com -spec: - additionalPrinterColumns: - - JSONPath: .spec.virtualhost.fqdn - description: Fully qualified domain name - name: FQDN - type: string - - JSONPath: .spec.virtualhost.tls.secretName - description: Secret with TLS credentials - name: TLS Secret - type: string - - JSONPath: .spec.routes[0].match - description: First routes defined - name: First route - type: string - - JSONPath: .status.currentStatus - description: The current status of the IngressRoute - name: Status - type: string - - JSONPath: .status.description - description: Description of the current status - name: Status Description - type: string - group: contour.heptio.com - names: - kind: IngressRoute - plural: ingressroutes - scope: Namespaced - validation: - openAPIV3Schema: - properties: - spec: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - routes: - items: - properties: - delegate: - properties: - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - namespace: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - match: - pattern: ^\/.*$ - type: string - services: - items: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - type: integer - strategy: - enum: - - RoundRobin - - WeightedLeastRequest - - Random - - RingHash - - Maglev - type: string - weight: - type: integer - required: - - name - - port - type: object - type: array - required: - - match - type: array - strategy: - enum: - - RoundRobin - - LeastRequest - - Random - - RingHash - - Maglev - type: string - virtualhost: - properties: - aliases: - items: - pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ - type: string - type: array - fqdn: - pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ - type: string - required: - - routes - version: v1beta1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: pytorchjobs.kubeflow.org -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[-1:].type - name: State - type: string - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: kubeflow.org - names: - kind: PyTorchJob - plural: pytorchjobs - singular: pytorchjob - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - spec: - properties: - pytorchReplicaSpecs: - properties: - Master: - properties: - replicas: - maximum: 1 - minimum: 1 - type: integer - Worker: - properties: - replicas: - minimum: 1 - type: integer - versions: - - name: v1 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - version: v1beta1 ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: contour - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: sparkoperator - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyteadmin - namespace: flyte -rules: -- apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flytepropeller -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -- apiGroups: - - '*' - resources: - - '*' - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -- apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -aggregationRule: - clusterRoleSelectors: - - matchLabels: - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" - name: kubeflow-pytorchjobs-admin -rules: [] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" - name: kubeflow-pytorchjobs-edit -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" - name: kubeflow-pytorchjobs-view -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: contour -rules: -- apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - get - - list - - watch -- apiGroups: - - contour.heptio.com - resources: - - ingressroutes - verbs: - - get - - list - - watch - - put - - post - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - '*' -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - '*' -- apiGroups: - - "" - resources: - - pods - - services - - endpoints - - events - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: sparkoperator -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - - configmaps - - secrets - verbs: - - create - - get - - delete -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - delete -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - update - - delete - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - create - - get - - update - - delete -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - get - - update - - delete -- apiGroups: - - sparkoperator.k8s.io - resources: - - sparkapplications - - scheduledsparkapplications - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: -- kind: ServiceAccount - name: flyteadmin - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: contour -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: contour -subjects: -- kind: ServiceAccount - name: contour - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: pytorch-operator -subjects: -- kind: ServiceAccount - name: pytorch-operator - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: sparkoperator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sparkoperator -subjects: -- kind: ServiceAccount - name: sparkoperator - namespace: flyte ---- -apiVersion: v1 -data: - aa_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: {{ namespace }} - spec: - finalizers: - - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" - ac_project-copilot-dataconfig.yaml: | - kind: ConfigMap - apiVersion: v1 - metadata: - name: flyte-data-config - namespace: {{ namespace }} - data: - config.yaml: | - storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket - enable-multicontainer: true - ad_spark-role.yaml: | - apiVersion: rbac.authorization.k8s.io/v1beta1 - kind: Role - metadata: - name: spark-role - namespace: {{ namespace }} - rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - '*' - - apiGroups: - - "" - resources: - - services - verbs: - - '*' - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' - ae_spark-service-account.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: spark - namespace: {{ namespace }} - af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: clusterresource-template-kf62ttf64k - namespace: flyte ---- -apiVersion: v1 -data: - db.yaml: | - database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable - logger.yaml: | - logger: - show-source: true - level: 2 - server.yaml: | - datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 - application: - grpcPort: 8089 - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: datacatalog-config-dcg96ktb98 - namespace: flyte ---- -apiVersion: v1 -data: - cluster_resources.yaml: | - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m - db.yaml: | - database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable - logger.yaml: | - logger: - show-source: true - level: 2 - remote_data.yaml: | - remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 - server.yaml: | - server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - - task_resource_defaults.yaml: | - task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: flyte-admin-config-76m7t86kf2 - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog.yaml: | - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - copilot.yaml: | - plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "30s" - core.yaml: | - propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword - enabled_plugins.yaml: | - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array - - pytorch - k8s.yaml: | - plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi - logger.yaml: | - logger: - show-source: true - level: 2 - qubole.yaml: | - plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" - resource_manager.yaml: | - propeller: - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword - spark.yaml: | - plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - - task_logs.yaml: | - plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: flyte-propeller-config-4bgc7667bm - namespace: flyte ---- -apiVersion: v1 -data: - pass.txt: YXdlc29tZXNhdWNl -kind: Secret -metadata: - name: db-pass-8mb4h2b9hf - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: contour - name: contour - namespace: flyte -spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP - selector: - app: contour - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: datacatalog - namespace: flyte -spec: - ports: - - name: http - port: 88 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 89 - protocol: TCP - targetPort: 8089 - selector: - app: datacatalog ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: flyteadmin - namespace: flyte -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - selector: - app: flyteadmin ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte -spec: - ports: - - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole ---- -apiVersion: v1 -kind: Service -metadata: - name: minio - namespace: flyte -spec: - externalName: minio - ports: - - port: 9000 - selector: - app: minio ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - name: postgres - namespace: flyte -spec: - ports: - - port: 5432 - selector: - app: postgres ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "8443" - prometheus.io/scrape: "true" - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: flyte -spec: - ports: - - name: monitoring-port - port: 8443 - targetPort: 8443 - selector: - kustomize.component: pytorch-operator - name: pytorch-operator - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - name: spark-webhook - namespace: flyte -spec: - ports: - - name: webhook - port: 443 - targetPort: 8080 - selector: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: datacatalog - name: datacatalog - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.2.2 - spec: - containers: - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/*.yaml - - serve - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: datacatalog - ports: - - containerPort: 8088 - - containerPort: 8089 - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/*.yaml - - migrate - - run - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - serviceAccountName: datacatalog - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: datacatalog-config-dcg96ktb98 - name: config-volume - - name: db-pass - secret: - secretName: db-pass-8mb4h2b9hf ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteadmin - name: flyteadmin - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.3.4 - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - serve - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: flyteadmin - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: Flyte Admin OpenAPI - - name: SPEC_URL - value: /api/v1/openapi - - name: PORT - value: "8087" - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - name: redoc - ports: - - containerPort: 8087 - resources: - limits: - cpu: "0.1" - memory: 200Mi - initContainers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - migrate - - run - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - migrate - - seed-projects - - flytesnacks - - flytetester - - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: seed-projects - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - sh - - -c - - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; - image: postgres:10.1 - name: check-db-ready - serviceAccountName: flyteadmin - volumes: - - name: shared-data - - configMap: - name: flyte-admin-config-76m7t86kf2 - name: config-volume - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates - - name: db-pass - secret: - secretName: db-pass-8mb4h2b9hf ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteconsole - name: flyteconsole - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.11.0 - spec: - containers: - - envFrom: - - configMapRef: - name: flyte-console-config - image: docker.io/lyft/flyteconsole:v0.11.0 - name: flyteconsole - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - volumes: - - emptyDir: {} - name: shared-data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytepropeller - name: flytepropeller - namespace: flyte -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.3.12 - spec: - containers: - - args: - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: docker.io/lyft/flytepropeller:v0.3.12 - imagePullPolicy: IfNotPresent - name: flytepropeller - ports: - - containerPort: 10254 - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - serviceAccountName: flytepropeller - volumes: - - configMap: - name: flyte-propeller-config-4bgc7667bm - name: config-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - namespace: flyte -spec: - selector: - matchLabels: - app: minio - template: - metadata: - labels: - app: minio - spec: - containers: - - args: - - server - - /data - env: - - name: MINIO_ACCESS_KEY - value: minio - - name: MINIO_SECRET_KEY - value: miniostorage - image: minio/minio:RELEASE.2019-06-04T01-15-58Z - name: minio - ports: - - containerPort: 9000 - name: minio - volumeMounts: - - mountPath: /data - name: minio-storage - volumes: - - emptyDir: {} - name: minio-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres - namespace: flyte -spec: - selector: - matchLabels: - app: postgres - template: - metadata: - labels: - app: postgres - spec: - containers: - - image: postgres:10.1 - name: postgres - ports: - - containerPort: 5432 - name: postgres - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-storage - volumes: - - emptyDir: {} - name: postgres-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - kustomize.component: pytorch-operator - name: pytorch-operator - template: - metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - spec: - containers: - - command: - - /pytorch-operator.v1 - - --alsologtostderr - - -v=1 - - --monitoring-port=8443 - env: - - name: MY_POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f - name: pytorch-operator - serviceAccountName: pytorch-operator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - args: - - -logtostderr - - -v=2 - - -controller-threads=20 - - -enable-metrics=true - - '-metrics-prefix=service:' - - -metrics-labels=task_name - - -metrics-labels=workflow_name - - -enable-webhook=true - - -webhook-svc-namespace=sparkoperator - command: - - /usr/bin/spark-operator - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: Always - name: sparkoperator-unknown - ports: - - containerPort: 10254 - - containerPort: 8080 - volumeMounts: - - mountPath: /etc/webhook-certs - name: webhook-certs - serviceAccountName: sparkoperator - volumes: - - name: webhook-certs - secret: - secretName: spark-webhook-certs ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: docker.io/bitnami/redis:4.0.2-r1 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always - volumes: - - emptyDir: {} - name: redis-data ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates - - configMap: - name: flyte-admin-config-76m7t86kf2 - name: config-volume - - name: db-pass - secret: - secretName: db-pass-8mb4h2b9hf - schedule: '*/1 * * * *' ---- -apiVersion: batch/v1 -kind: Job -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator-init - namespace: flyte -spec: - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - command: - - /usr/bin/gencerts.sh - - --namespace - - flyte - - -p - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: IfNotPresent - name: main - restartPolicy: Never - serviceAccountName: sparkoperator ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: flytesystem - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /console - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /__webpack_hmr - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /api - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /healthcheck - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /v1 - - backend: - serviceName: flyteadmin - servicePort: 81 - path: /flyteidl.service.AdminService - - backend: - serviceName: flyteadmin - servicePort: 87 - path: /openapi ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: minio - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: minio - servicePort: 9000 - path: /minio diff --git a/kustomize/overlays/test/dependencies/nodeport-services.yaml b/kustomize/overlays/test/dependencies/nodeport-services.yaml deleted file mode 100644 index 6439a773fc..0000000000 --- a/kustomize/overlays/test/dependencies/nodeport-services.yaml +++ /dev/null @@ -1,51 +0,0 @@ -# For docker-desktop at least, the range of valid ports is 30000-32767, which is why we're constrained to these -# odd port numbers. Since the base ingress runs on 30081, the K8s dashboard runs on 30082, these just continue from there. -# These nodeports are exposed to save contributors the trouble of port forwarding when running locally. - -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort ---- -#apiVersion: v1 -#kind: Service -#metadata: -#labels: -#k8s-app: kubernetes-dashboard -#name: dashboard-direct -#namespace: flyte -#spec: -#ports: -#- nodePort: 30082 -#port: 8443 -#protocol: TCP -#selector: -#k8s-app: kubernetes-dashboard -#type: NodePort diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index 66e4c87d1e..a609e37b69 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -5,15 +5,11 @@ kind: Kustomization namespace: flyte bases: -- ../../base/flyte_single_cluster +- ../../base/flyte_headless_cluster # All the resources that make up the deployment resources: - ######## - # Operators to be enabled -- ../../base/operators/spark -- ../../base/operators/kfoperators/pytorch ############# # Dependencies to be configured - ./dependencies/database @@ -23,19 +19,7 @@ resources: - ./dependencies/redis # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - ./dependencies/contour_ingress_controller - # Add node ports for ease of use locally -- ./dependencies/nodeport-services.yaml -############################################## -# Generate Configs -# For each component exactly one config is generated -# For every component required configs are -# 1. logger.yaml -# 2. storage.yaml -# 3. component.yaml -# -# db.yaml is required for FlyteAdmin and DataCatalog -# ############################################ configMapGenerator: # the main admin configmap - name: flyte-admin-config From 0b8daefb494f15af76c00bab75336efd8c8ab3e5 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 10:23:40 -0700 Subject: [PATCH 16/41] More changes --- kustomize/overlays/eks/README.md | 103 ++++++++++++++++++ kustomize/overlays/eks/admin/deployment.yaml | 15 +++ kustomize/overlays/eks/admin/service.yaml | 28 +++++ .../overlays/eks/admin/serviceaccount.yaml | 8 ++ kustomize/overlays/eks/config/admin/db.yaml | 7 ++ .../eks/config/admin/remote_data.yaml | 6 + .../config/admin/task_resource_defaults.yaml | 9 ++ .../ac_project-copilot-dataconfig.yaml | 18 +++ .../ad_spark-role.yaml | 24 ++++ .../ae_spark-service-account.yaml | 5 + .../af_spark-role-binding.yaml | 14 +++ .../overlays/eks/config/common/storage.yaml | 19 ++++ .../overlays/eks/config/datacatalog/db.yaml | 7 ++ .../overlays/eks/config/propeller/core.yaml | 40 +++++++ .../eks/config/propeller/enabled_plugins.yaml | 9 ++ .../propeller/plugins/catalog_cache.yaml | 6 + .../eks/config/propeller/plugins/k8s.yaml | 8 ++ .../eks/config/propeller/plugins/qubole.yaml | 3 + .../propeller/plugins/spark.yaml} | 0 .../config/propeller/plugins/task_logs.yaml | 4 + kustomize/overlays/eks/console/service.yaml | 19 +++- .../overlays/eks/datacatalog/deployment.yaml | 15 +++ .../eks/datacatalog/kustomization.yaml | 16 +-- .../overlays/eks/datacatalog/service.yaml | 12 +- .../eks/dependencies/alb_ingress/README.md | 1 + .../eks/dependencies/alb_ingress/ingress.yaml | 47 ++++++++ .../eks/dependencies/redis/deployment.yaml | 59 ++++++++++ .../eks/dependencies/redis/kustomization.yaml | 3 + .../eks/dependencies/redis/service.yaml | 16 +++ kustomize/overlays/eks/ingress/ingress.yaml | 10 ++ kustomize/overlays/eks/kustomization.yaml | 96 ++++++++++++++++ .../overlays/eks/propeller/deployment.yaml | 15 +++ kustomize/overlays/eks/propeller/service.yaml | 15 +++ .../eks/propeller/serviceaccount.yaml | 2 +- .../admindeployment/admindeployment.yaml | 0 .../aa_namespace.yaml | 0 .../ab_project-resource-quota.yaml | 0 .../admindeployment/cron.yaml | 0 .../admindeployment/flyteadmin_config.yaml | 0 .../admindeployment/kustomization.yaml | 0 .../admindeployment/service.yaml | 0 .../admindeployment/serviceaccount.yaml | 0 .../{eks => eks_old}/console/console.yaml | 0 .../console/kustomization.yaml | 0 .../overlays/eks_old/console/service.yaml | 8 ++ .../datacatalog/datacatalog.yaml | 0 .../datacatalog/datacatalog_config.yaml | 0 .../eks_old/datacatalog/kustomization.yaml | 15 +++ .../overlays/eks_old/datacatalog/service.yaml | 7 ++ .../datacatalog/serviceaccount.yaml | 0 .../{eks => eks_old}/flyte/ingress.yaml | 0 .../{eks => eks_old}/flyte/kustomization.yaml | 0 .../{eks => eks_old}/propeller/config.yaml | 0 .../propeller/kustomization.yaml | 0 .../propeller/plugins/config.yaml | 0 .../propeller/plugins/container/config.yaml | 0 .../plugins/container/propeller-patch.yaml | 0 .../propeller/plugins/spark/config.yaml | 16 +++ .../plugins/spark/propeller-patch.yaml | 0 .../{eks => eks_old}/propeller/propeller.yaml | 0 .../eks_old/propeller/serviceaccount.yaml | 8 ++ .../{eks => eks_old}/redis/kustomization.yaml | 0 .../{eks => eks_old}/redis/storage.yaml | 0 kustomize/overlays/gcp/console/service.yaml | 19 ++++ kustomize/overlays/gcp/kustomization.yaml | 1 + kustomize/overlays/gcp/pass.txt | 1 - 66 files changed, 715 insertions(+), 19 deletions(-) create mode 100644 kustomize/overlays/eks/README.md create mode 100644 kustomize/overlays/eks/admin/deployment.yaml create mode 100644 kustomize/overlays/eks/admin/service.yaml create mode 100644 kustomize/overlays/eks/admin/serviceaccount.yaml create mode 100644 kustomize/overlays/eks/config/admin/db.yaml create mode 100644 kustomize/overlays/eks/config/admin/remote_data.yaml create mode 100644 kustomize/overlays/eks/config/admin/task_resource_defaults.yaml create mode 100644 kustomize/overlays/eks/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml create mode 100644 kustomize/overlays/eks/config/clusterresource-templates/ad_spark-role.yaml create mode 100644 kustomize/overlays/eks/config/clusterresource-templates/ae_spark-service-account.yaml create mode 100644 kustomize/overlays/eks/config/clusterresource-templates/af_spark-role-binding.yaml create mode 100644 kustomize/overlays/eks/config/common/storage.yaml create mode 100644 kustomize/overlays/eks/config/datacatalog/db.yaml create mode 100644 kustomize/overlays/eks/config/propeller/core.yaml create mode 100644 kustomize/overlays/eks/config/propeller/enabled_plugins.yaml create mode 100644 kustomize/overlays/eks/config/propeller/plugins/catalog_cache.yaml create mode 100644 kustomize/overlays/eks/config/propeller/plugins/k8s.yaml create mode 100644 kustomize/overlays/eks/config/propeller/plugins/qubole.yaml rename kustomize/overlays/eks/{propeller/plugins/spark/config.yaml => config/propeller/plugins/spark.yaml} (100%) create mode 100644 kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml create mode 100644 kustomize/overlays/eks/datacatalog/deployment.yaml create mode 100644 kustomize/overlays/eks/dependencies/alb_ingress/README.md create mode 100644 kustomize/overlays/eks/dependencies/alb_ingress/ingress.yaml create mode 100644 kustomize/overlays/eks/dependencies/redis/deployment.yaml create mode 100644 kustomize/overlays/eks/dependencies/redis/kustomization.yaml create mode 100644 kustomize/overlays/eks/dependencies/redis/service.yaml create mode 100644 kustomize/overlays/eks/ingress/ingress.yaml create mode 100644 kustomize/overlays/eks/kustomization.yaml create mode 100644 kustomize/overlays/eks/propeller/deployment.yaml create mode 100644 kustomize/overlays/eks/propeller/service.yaml rename kustomize/overlays/{eks => eks_old}/admindeployment/admindeployment.yaml (100%) rename kustomize/overlays/{eks => eks_old}/admindeployment/clusterresource-templates/aa_namespace.yaml (100%) rename kustomize/overlays/{eks => eks_old}/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml (100%) rename kustomize/overlays/{eks => eks_old}/admindeployment/cron.yaml (100%) rename kustomize/overlays/{eks => eks_old}/admindeployment/flyteadmin_config.yaml (100%) rename kustomize/overlays/{eks => eks_old}/admindeployment/kustomization.yaml (100%) rename kustomize/overlays/{eks => eks_old}/admindeployment/service.yaml (100%) rename kustomize/overlays/{eks => eks_old}/admindeployment/serviceaccount.yaml (100%) rename kustomize/overlays/{eks => eks_old}/console/console.yaml (100%) rename kustomize/overlays/{eks => eks_old}/console/kustomization.yaml (100%) create mode 100644 kustomize/overlays/eks_old/console/service.yaml rename kustomize/overlays/{eks => eks_old}/datacatalog/datacatalog.yaml (100%) rename kustomize/overlays/{eks => eks_old}/datacatalog/datacatalog_config.yaml (100%) create mode 100644 kustomize/overlays/eks_old/datacatalog/kustomization.yaml create mode 100644 kustomize/overlays/eks_old/datacatalog/service.yaml rename kustomize/overlays/{eks => eks_old}/datacatalog/serviceaccount.yaml (100%) rename kustomize/overlays/{eks => eks_old}/flyte/ingress.yaml (100%) rename kustomize/overlays/{eks => eks_old}/flyte/kustomization.yaml (100%) rename kustomize/overlays/{eks => eks_old}/propeller/config.yaml (100%) rename kustomize/overlays/{eks => eks_old}/propeller/kustomization.yaml (100%) rename kustomize/overlays/{eks => eks_old}/propeller/plugins/config.yaml (100%) rename kustomize/overlays/{eks => eks_old}/propeller/plugins/container/config.yaml (100%) rename kustomize/overlays/{eks => eks_old}/propeller/plugins/container/propeller-patch.yaml (100%) create mode 100644 kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml rename kustomize/overlays/{eks => eks_old}/propeller/plugins/spark/propeller-patch.yaml (100%) rename kustomize/overlays/{eks => eks_old}/propeller/propeller.yaml (100%) create mode 100644 kustomize/overlays/eks_old/propeller/serviceaccount.yaml rename kustomize/overlays/{eks => eks_old}/redis/kustomization.yaml (100%) rename kustomize/overlays/{eks => eks_old}/redis/storage.yaml (100%) create mode 100644 kustomize/overlays/gcp/console/service.yaml delete mode 100644 kustomize/overlays/gcp/pass.txt diff --git a/kustomize/overlays/eks/README.md b/kustomize/overlays/eks/README.md new file mode 100644 index 0000000000..20d5660d64 --- /dev/null +++ b/kustomize/overlays/eks/README.md @@ -0,0 +1,103 @@ +[All Overlays](./) +# Amazon Webservices Elastic Kubernetes Service Overlay + +This overlay serves as an example to bootstrap Flyte setup on AWS. It is not +designed to work out of the box due to the need of AWS resources. Please follow the instruction +below to further configure. + +_Hint_: searching `TODO:` through this directory would help to understand what needs to be done. + +## AWS RDS + +[Cloud SQL](https://cloud.google.com/sql) is used as persistence layer. To set it up, please +follow standard GCP documentation. + +A few things are required for this overlay to function: + +* Two databases named as `flyte` and `datacatalog` +* A database user named as `flyte` +* Password of the database user should be uploaded to GKE as a k8s secret named as `db-user-pass` + containing of a file named as `db_pwd.txt`of which the content is the plain text password +* Service account(s) associated with `flyteadmin` and `datacatalog` pods (either as GKE cluster + service account or through workload identity) should have `Cloud SQL Editor` role + +To securely access Cloud SQL instance, [Cloud SQL +Proxy](https://cloud.google.com/sql/docs/postgres/connect-admin-proxy) is launched as a pod sitting +in between Flyte and Cloud SQL instance. + +The kustomization files can be found under [cloudsqlproxy](cloudsqlproxy). Please note that one +needs to replace `` and `` accordingly in +[cloudsqlproxy/deployment.yaml](cloudsqlproxy/deployment.yaml). + +## FlyteAdmin + +flyteadmin configuration is kept as similar as [sandbox](../sandbox) overlay, with only necessary +modifications such as database, storage and CORS. + +If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. + +For storage layer, a few things needs to be done: + +* Create a GCS bucket named as `flyte` in a GCP project +* Replace `` in [admin/flyteadmin_config.yaml](admin/flyteadmin_config.yaml) with the + GCP project ID + +For CORS to work properly, one needs to use real origin in +[admin/flyteadmin_config.yaml](admin/flyteadmin_config.yaml) `server -> security -> allowedOrigins`. + +flyteadmin (including metrics endpoint) is exposed as a service using [internal load +balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). + +## FlyteConsole + +[flyteconsole configmap](console/configmap.yaml) needs to be updated with flyteadmin internal load +balancer IP address or the DNS name associated with it if any. + +flyteconsole is exposed as a service using [internal load +balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). + +## flytepropeller + +flytepropeller configuration is kept as similar as [sandbox](../sandbox) overlay, with only +necessary modifications such as storage. + +For storage layer, a few things needs to be done: + +* Create a GCS bucket named as `flyte` in a GCP project (skip this if already done) +* Replace `` in [propeller/config.yaml](propeller/config.yaml) with the + GCP project ID +* Replace `` in [propeller/plugins/config.yaml](propeller/plugins/config.yaml) with the + GCP project ID + +By default, three plugins are enabled: + +* container +* k8s-array +* sidecar + +flytepropeller metrics endpoint is exposed as a service using [internal load +balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). + +## DataCatalog + +datacatalog configuration is kept as similar as [sandbox](../sandbox) overlay, with only +necessary modifications such as database and storage. + +If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. + +For storage layer, a few things needs to be done: + +* Create a GCS bucket named as `flyte` in a GCP project (skip this if already done) +* Replace `` in [datacatalog/datacatalog_config.yaml](propeller/config.yaml) with the + GCP project ID + +datacatalog metrics endpoint is exposed as a service using [internal load +balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). + + +## Now ship it + +``` shell +make +kubectl apply -f deployment/gcp/flyte_generated.yaml +``` diff --git a/kustomize/overlays/eks/admin/deployment.yaml b/kustomize/overlays/eks/admin/deployment.yaml new file mode 100644 index 0000000000..b581a3dba1 --- /dev/null +++ b/kustomize/overlays/eks/admin/deployment.yaml @@ -0,0 +1,15 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: flyteadmin + namespace: flyte +spec: + template: + spec: + containers: + - name: flyteadmin + resources: + limits: + memory: "1Gi" + cpu: "2" + ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/eks/admin/service.yaml b/kustomize/overlays/eks/admin/service.yaml new file mode 100644 index 0000000000..de61a74fde --- /dev/null +++ b/kustomize/overlays/eks/admin/service.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" + # TODO add security groups + service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: "sg-...,sg-...,sg-..." + # TODO alter domain + external-dns.alpha.kubernetes.io/hostname: "flyteadmin.subdomain.mydomain.com" + name: flyteadmin + namespace: flyte +spec: + loadBalancerSourceRanges: + # TODO change source ip range if desired + - 0.0.0.0 + ports: + # TODO do multiple ports work for ELB + - name: http + port: 80 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 80 + protocol: TCP + targetPort: 8089 + selector: + app: flyteadmin + type: LoadBalancer diff --git a/kustomize/overlays/eks/admin/serviceaccount.yaml b/kustomize/overlays/eks/admin/serviceaccount.yaml new file mode 100644 index 0000000000..cf30eaa74a --- /dev/null +++ b/kustomize/overlays/eks/admin/serviceaccount.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flyteadmin + namespace: flyte + annotations: + eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" + diff --git a/kustomize/overlays/eks/config/admin/db.yaml b/kustomize/overlays/eks/config/admin/db.yaml new file mode 100644 index 0000000000..d44ef2329d --- /dev/null +++ b/kustomize/overlays/eks/config/admin/db.yaml @@ -0,0 +1,7 @@ +database: + port: 5432 + username: flyte + # TODO Change this to match aurora or rds postgres endpoint + host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com + dbname: flyte + passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/eks/config/admin/remote_data.yaml b/kustomize/overlays/eks/config/admin/remote_data.yaml new file mode 100644 index 0000000000..5e56e0740e --- /dev/null +++ b/kustomize/overlays/eks/config/admin/remote_data.yaml @@ -0,0 +1,6 @@ +remoteData: + # TODO change this to match the region of the s3 bucket + region: "us-west-2" + scheme: aws + signedUrls: + durationMinutes: 3 diff --git a/kustomize/overlays/eks/config/admin/task_resource_defaults.yaml b/kustomize/overlays/eks/config/admin/task_resource_defaults.yaml new file mode 100644 index 0000000000..38079d47da --- /dev/null +++ b/kustomize/overlays/eks/config/admin/task_resource_defaults.yaml @@ -0,0 +1,9 @@ +task_resources: + defaults: + cpu: 1000m + memory: 1000Mi + storage: 1000Mi + limits: + cpu: 2 + memory: 2G + storage: 2000Mi diff --git a/kustomize/overlays/eks/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/overlays/eks/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml new file mode 100644 index 0000000000..cc17cb58a7 --- /dev/null +++ b/kustomize/overlays/eks/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml @@ -0,0 +1,18 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: flyte-data-config + namespace: {{ namespace }} +data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true diff --git a/kustomize/overlays/eks/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/overlays/eks/config/clusterresource-templates/ad_spark-role.yaml new file mode 100644 index 0000000000..2dc0b21b65 --- /dev/null +++ b/kustomize/overlays/eks/config/clusterresource-templates/ad_spark-role.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: spark-role + namespace: {{ namespace }} +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' diff --git a/kustomize/overlays/eks/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/overlays/eks/config/clusterresource-templates/ae_spark-service-account.yaml new file mode 100644 index 0000000000..dddd8d2742 --- /dev/null +++ b/kustomize/overlays/eks/config/clusterresource-templates/ae_spark-service-account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: spark + namespace: {{ namespace }} diff --git a/kustomize/overlays/eks/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/overlays/eks/config/clusterresource-templates/af_spark-role-binding.yaml new file mode 100644 index 0000000000..4b6c43bbb7 --- /dev/null +++ b/kustomize/overlays/eks/config/clusterresource-templates/af_spark-role-binding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: spark-role-binding + namespace: {{ namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: spark-role +subjects: +- kind: ServiceAccount + name: spark + namespace: {{ namespace }} + diff --git a/kustomize/overlays/eks/config/common/storage.yaml b/kustomize/overlays/eks/config/common/storage.yaml new file mode 100644 index 0000000000..6d678d0bbc --- /dev/null +++ b/kustomize/overlays/eks/config/common/storage.yaml @@ -0,0 +1,19 @@ +storage: + type: stow + stow: + kind: google + config: + json: "" + # TODO: replace with the GCP project ID + project_id: + scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store + container: "flyte" + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size + cache: + max_size_mbs: 512 + target_gc_percent: 70 + limits: + maxDownloadMBs: 10 diff --git a/kustomize/overlays/eks/config/datacatalog/db.yaml b/kustomize/overlays/eks/config/datacatalog/db.yaml new file mode 100644 index 0000000000..6be110650d --- /dev/null +++ b/kustomize/overlays/eks/config/datacatalog/db.yaml @@ -0,0 +1,7 @@ +database: + port: 5432 + username: flyte + # TODO Change this to match aurora or rds postgres endpoint + host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com + dbname: flytedatacatalog + passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/eks/config/propeller/core.yaml b/kustomize/overlays/eks/config/propeller/core.yaml new file mode 100644 index 0000000000..baa8c6b261 --- /dev/null +++ b/kustomize/overlays/eks/config/propeller/core.yaml @@ -0,0 +1,40 @@ +propeller: + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 40 + gc-interval: 12h + max-workflow-retries: 50 + workflow-reeval-duration: 30s + downstream-eval-duration: 30s + limit-namespace: "all" + prof-port: 10254 + metrics-prefix: flyte + enable-admin-launcher: true + leader-election: + lock-config-map: + name: propeller-leader + namespace: flyte + enabled: true + lease-duration: 15s + renew-deadline: 10s + retry-period: 2s + kube-client-config: + qps: 100 + burst: 25 + timeout: 30s + queue: + type: batch + batching-interval: 2s + batch-size: -1 + queue: + type: maxof + rate: 100 + capacity: 1000 + base-delay: 5s + max-delay: 120s + sub-queue: + type: bucket + rate: 100 + capacity: 1000 + workflowStore: + policy: "ResourceVersionCache" diff --git a/kustomize/overlays/eks/config/propeller/enabled_plugins.yaml b/kustomize/overlays/eks/config/propeller/enabled_plugins.yaml new file mode 100644 index 0000000000..63dddf24ae --- /dev/null +++ b/kustomize/overlays/eks/config/propeller/enabled_plugins.yaml @@ -0,0 +1,9 @@ +tasks: + max-plugin-phase-versions: 1000000 + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array + - pytorch diff --git a/kustomize/overlays/eks/config/propeller/plugins/catalog_cache.yaml b/kustomize/overlays/eks/config/propeller/plugins/catalog_cache.yaml new file mode 100644 index 0000000000..3678fbbc89 --- /dev/null +++ b/kustomize/overlays/eks/config/propeller/plugins/catalog_cache.yaml @@ -0,0 +1,6 @@ +plugins: + catalogCache: + reader: + maxItems: 10000 + writer: + maxItems: 10000 diff --git a/kustomize/overlays/eks/config/propeller/plugins/k8s.yaml b/kustomize/overlays/eks/config/propeller/plugins/k8s.yaml new file mode 100644 index 0000000000..8fe068397f --- /dev/null +++ b/kustomize/overlays/eks/config/propeller/plugins/k8s.yaml @@ -0,0 +1,8 @@ +plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi diff --git a/kustomize/overlays/eks/config/propeller/plugins/qubole.yaml b/kustomize/overlays/eks/config/propeller/plugins/qubole.yaml new file mode 100644 index 0000000000..ea34d2752b --- /dev/null +++ b/kustomize/overlays/eks/config/propeller/plugins/qubole.yaml @@ -0,0 +1,3 @@ +plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" diff --git a/kustomize/overlays/eks/propeller/plugins/spark/config.yaml b/kustomize/overlays/eks/config/propeller/plugins/spark.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/plugins/spark/config.yaml rename to kustomize/overlays/eks/config/propeller/plugins/spark.yaml diff --git a/kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml new file mode 100644 index 0000000000..0955b59387 --- /dev/null +++ b/kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml @@ -0,0 +1,4 @@ +plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" diff --git a/kustomize/overlays/eks/console/service.yaml b/kustomize/overlays/eks/console/service.yaml index 489e8602e5..7dcaed5d8b 100644 --- a/kustomize/overlays/eks/console/service.yaml +++ b/kustomize/overlays/eks/console/service.yaml @@ -1,8 +1,23 @@ apiVersion: v1 kind: Service metadata: + annotations: + service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" + # TODO add your security groups here + service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: "sg-....,sg-...,sg-..." + # TODO add your external dns here + external-dns.alpha.kubernetes.io/hostname: "flyte.subdomain.mydomain.com" name: flyteconsole namespace: flyte spec: - type: NodePort - + loadBalancerSourceRanges: + # TODO limit source ranges if you want + - 0.0.0.0 + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: flyteconsole + type: LoadBalancer diff --git a/kustomize/overlays/eks/datacatalog/deployment.yaml b/kustomize/overlays/eks/datacatalog/deployment.yaml new file mode 100644 index 0000000000..1035dac5a0 --- /dev/null +++ b/kustomize/overlays/eks/datacatalog/deployment.yaml @@ -0,0 +1,15 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: datacatalog + namespace: flyte +spec: + template: + spec: + containers: + - name: datacatalog + resources: + limits: + memory: "1Gi" + cpu: "2" + ephemeral-storage: "1000Mi" diff --git a/kustomize/overlays/eks/datacatalog/kustomization.yaml b/kustomize/overlays/eks/datacatalog/kustomization.yaml index 4b3dec4857..96588e8106 100644 --- a/kustomize/overlays/eks/datacatalog/kustomization.yaml +++ b/kustomize/overlays/eks/datacatalog/kustomization.yaml @@ -1,15 +1,5 @@ -bases: -- ../../../base/datacatalog - -namespace: flyte - -configMapGenerator: -- name: datacatalog-config - files: - - datacatalog_config.yaml +resources: + - service.yaml patches: -- datacatalog.yaml -- serviceaccount.yaml -- service.yaml - + - deployment.yaml diff --git a/kustomize/overlays/eks/datacatalog/service.yaml b/kustomize/overlays/eks/datacatalog/service.yaml index 6d25a0f086..70e95295ab 100644 --- a/kustomize/overlays/eks/datacatalog/service.yaml +++ b/kustomize/overlays/eks/datacatalog/service.yaml @@ -1,7 +1,15 @@ apiVersion: v1 kind: Service metadata: - name: datacatalog + name: datacatalog-metrics namespace: flyte + annotations: + cloud.google.com/load-balancer-type: Internal spec: - type: NodePort + selector: + app: datacatalog + type: LoadBalancer + ports: + - name: http-metrics + protocol: TCP + port: 10254 diff --git a/kustomize/overlays/eks/dependencies/alb_ingress/README.md b/kustomize/overlays/eks/dependencies/alb_ingress/README.md new file mode 100644 index 0000000000..4d6403e0fe --- /dev/null +++ b/kustomize/overlays/eks/dependencies/alb_ingress/README.md @@ -0,0 +1 @@ +# :construction: Instructions to deploy ALB Ingress controller diff --git a/kustomize/overlays/eks/dependencies/alb_ingress/ingress.yaml b/kustomize/overlays/eks/dependencies/alb_ingress/ingress.yaml new file mode 100644 index 0000000000..69ed75f223 --- /dev/null +++ b/kustomize/overlays/eks/dependencies/alb_ingress/ingress.yaml @@ -0,0 +1,47 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: "flytesystem" + namespace: "flyte" + annotations: + # TODO ALB can only be used for REST non grpc endpoints + kubernetes.io/ingress.class: alb + alb.ingress.kubernetes.io/tags: service_instance=production + alb.ingress.kubernetes.io/scheme: internet-facing + labels: + app: flyteadmin +spec: + rules: + - http: + paths: + - path: /console + backend: + serviceName: flyteconsole + servicePort: 80 + - path: /console/* + backend: + serviceName: flyteconsole + servicePort: 80 + - path: /api/* + backend: + serviceName: flyteadmin + servicePort: 80 + - path: /healthcheck + backend: + serviceName: flyteadmin + servicePort: 80 + - path: /v1/* + backend: + serviceName: flyteadmin + servicePort: 80 + # NOTE: Port 81 in flyteadmin is the GRPC server port for + # FlyteAdmin. + - path: /flyteidl.service.AdminService/* + backend: + serviceName: flyteadmin + servicePort: 81 + # Port 87 in FlyteAdmin maps to the redoc container. + - path: /openapi/* + backend: + serviceName: flyteadmin + servicePort: 87 diff --git a/kustomize/overlays/eks/dependencies/redis/deployment.yaml b/kustomize/overlays/eks/dependencies/redis/deployment.yaml new file mode 100644 index 0000000000..82067d702b --- /dev/null +++ b/kustomize/overlays/eks/dependencies/redis/deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - name: redis-data + emptyDir: {} diff --git a/kustomize/overlays/eks/dependencies/redis/kustomization.yaml b/kustomize/overlays/eks/dependencies/redis/kustomization.yaml new file mode 100644 index 0000000000..a944d005ca --- /dev/null +++ b/kustomize/overlays/eks/dependencies/redis/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- deployment.yaml +- service.yaml diff --git a/kustomize/overlays/eks/dependencies/redis/service.yaml b/kustomize/overlays/eks/dependencies/redis/service.yaml new file mode 100644 index 0000000000..8c86264ae3 --- /dev/null +++ b/kustomize/overlays/eks/dependencies/redis/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP diff --git a/kustomize/overlays/eks/ingress/ingress.yaml b/kustomize/overlays/eks/ingress/ingress.yaml new file mode 100644 index 0000000000..e6d36dfa8f --- /dev/null +++ b/kustomize/overlays/eks/ingress/ingress.yaml @@ -0,0 +1,10 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: flytesystem + namespace: flyte + annotations: + # TODO ALB can only be used for REST non grpc endpoints + kubernetes.io/ingress.class: alb + alb.ingress.kubernetes.io/tags: service_instance=production + alb.ingress.kubernetes.io/scheme: internet-facing diff --git a/kustomize/overlays/eks/kustomization.yaml b/kustomize/overlays/eks/kustomization.yaml new file mode 100644 index 0000000000..e698a40316 --- /dev/null +++ b/kustomize/overlays/eks/kustomization.yaml @@ -0,0 +1,96 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +# Override the namespace +namespace: flyte + +bases: +- ../../base/flyte_single_cluster + +# All the resources that make up the deployment + ######## + # Operators to be enabled + ############# + # Dependencies to be configured + # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc + # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) + # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's + # Add node ports for ease of use locally +resources: +- ../../base/operators/spark +- ../../base/operators/kfoperators/pytorch + # TODO Fix deployment of alb_ingress controller + #- ./dependencies/alb_ingress + # Optional dependency +- ./dependencies/redis + +patchesStrategicMerge: +- admin/deployment.yaml +- admin/service.yaml +- admin/serviceaccount.yaml +- datacatalog/deployment.yaml +- propeller/deployment.yaml +- propeller/serviceaccount.yaml +- ingress/ingress.yaml +- console/service.yaml + +# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". + +configMapGenerator: +- behavior: merge + files: + - ./config/admin/db.yaml + - ./config/admin/remote_data.yaml + - ./config/admin/task_resource_defaults.yaml + - ./config/common/storage.yaml + name: flyte-admin-config +- behavior: merge + files: + - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml + - ./config/clusterresource-templates/ad_spark-role.yaml + - ./config/clusterresource-templates/ae_spark-service-account.yaml + - ./config/clusterresource-templates/af_spark-role-binding.yaml + name: clusterresource-template +- behavior: merge + files: + - ./config/propeller/core.yaml + - ./config/propeller/enabled_plugins.yaml + - ./config/propeller/plugins/catalog_cache.yaml + - ./config/propeller/plugins/k8s.yaml + - ./config/propeller/plugins/qubole.yaml + - ./config/propeller/plugins/spark.yaml + - ./config/propeller/plugins/task_logs.yaml + - ./config/common/storage.yaml + name: flyte-propeller-config +- behavior: merge + files: + - ./config/common/storage.yaml + - ./config/datacatalog/db.yaml + name: datacatalog-config + +########### +# Use this to record the password for the Google CloudSQL Database +secretGenerator: +- name: db-pass + behavior: merge + literals: + - pass.txt="yourpassword" + +# Images that should be used +images: + # FlyteAdmin + - name: flyteadmin # match images with this name + newTag: v0.3.5 # override the tag + newName: docker.io/lyft/flyteadmin # override the name + # FlyteConsole + - name: flyteconsole # match images with this name + newTag: v0.11.0 # override the tag + newName: docker.io/lyft/flyteconsole # override the namep + # Flyte DataCatalog + - name: datacatalog # match images with this name + newTag: v0.2.2 # override the tag + newName: docker.io/lyft/datacatalog # override the name + # FlytePropeller + - name: flytepropeller # match images with this name + newTag: v0.3.12 # override the tag + newName: docker.io/lyft/flytepropeller # override the name diff --git a/kustomize/overlays/eks/propeller/deployment.yaml b/kustomize/overlays/eks/propeller/deployment.yaml new file mode 100644 index 0000000000..9a46601b53 --- /dev/null +++ b/kustomize/overlays/eks/propeller/deployment.yaml @@ -0,0 +1,15 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: flytepropeller + namespace: flyte +spec: + template: + spec: + containers: + - name: flytepropeller + resources: + limits: + memory: "4Gi" + cpu: "2" + ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/eks/propeller/service.yaml b/kustomize/overlays/eks/propeller/service.yaml new file mode 100644 index 0000000000..e80a8746e6 --- /dev/null +++ b/kustomize/overlays/eks/propeller/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: flytepropeller + namespace: flyte + annotations: + cloud.google.com/load-balancer-type: Internal +spec: + type: LoadBalancer + selector: + app: flytepropeller + ports: + - name: http-metrics + protocol: TCP + port: 10254 diff --git a/kustomize/overlays/eks/propeller/serviceaccount.yaml b/kustomize/overlays/eks/propeller/serviceaccount.yaml index 9f10dc3935..9272749c4b 100644 --- a/kustomize/overlays/eks/propeller/serviceaccount.yaml +++ b/kustomize/overlays/eks/propeller/serviceaccount.yaml @@ -1,8 +1,8 @@ ---- apiVersion: v1 kind: ServiceAccount metadata: name: flytepropeller namespace: flyte annotations: + # TODO the role to use eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" diff --git a/kustomize/overlays/eks/admindeployment/admindeployment.yaml b/kustomize/overlays/eks_old/admindeployment/admindeployment.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/admindeployment.yaml rename to kustomize/overlays/eks_old/admindeployment/admindeployment.yaml diff --git a/kustomize/overlays/eks/admindeployment/clusterresource-templates/aa_namespace.yaml b/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/aa_namespace.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/clusterresource-templates/aa_namespace.yaml rename to kustomize/overlays/eks_old/admindeployment/clusterresource-templates/aa_namespace.yaml diff --git a/kustomize/overlays/eks/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml rename to kustomize/overlays/eks_old/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml diff --git a/kustomize/overlays/eks/admindeployment/cron.yaml b/kustomize/overlays/eks_old/admindeployment/cron.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/cron.yaml rename to kustomize/overlays/eks_old/admindeployment/cron.yaml diff --git a/kustomize/overlays/eks/admindeployment/flyteadmin_config.yaml b/kustomize/overlays/eks_old/admindeployment/flyteadmin_config.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/flyteadmin_config.yaml rename to kustomize/overlays/eks_old/admindeployment/flyteadmin_config.yaml diff --git a/kustomize/overlays/eks/admindeployment/kustomization.yaml b/kustomize/overlays/eks_old/admindeployment/kustomization.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/kustomization.yaml rename to kustomize/overlays/eks_old/admindeployment/kustomization.yaml diff --git a/kustomize/overlays/eks/admindeployment/service.yaml b/kustomize/overlays/eks_old/admindeployment/service.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/service.yaml rename to kustomize/overlays/eks_old/admindeployment/service.yaml diff --git a/kustomize/overlays/eks/admindeployment/serviceaccount.yaml b/kustomize/overlays/eks_old/admindeployment/serviceaccount.yaml similarity index 100% rename from kustomize/overlays/eks/admindeployment/serviceaccount.yaml rename to kustomize/overlays/eks_old/admindeployment/serviceaccount.yaml diff --git a/kustomize/overlays/eks/console/console.yaml b/kustomize/overlays/eks_old/console/console.yaml similarity index 100% rename from kustomize/overlays/eks/console/console.yaml rename to kustomize/overlays/eks_old/console/console.yaml diff --git a/kustomize/overlays/eks/console/kustomization.yaml b/kustomize/overlays/eks_old/console/kustomization.yaml similarity index 100% rename from kustomize/overlays/eks/console/kustomization.yaml rename to kustomize/overlays/eks_old/console/kustomization.yaml diff --git a/kustomize/overlays/eks_old/console/service.yaml b/kustomize/overlays/eks_old/console/service.yaml new file mode 100644 index 0000000000..489e8602e5 --- /dev/null +++ b/kustomize/overlays/eks_old/console/service.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Service +metadata: + name: flyteconsole + namespace: flyte +spec: + type: NodePort + diff --git a/kustomize/overlays/eks/datacatalog/datacatalog.yaml b/kustomize/overlays/eks_old/datacatalog/datacatalog.yaml similarity index 100% rename from kustomize/overlays/eks/datacatalog/datacatalog.yaml rename to kustomize/overlays/eks_old/datacatalog/datacatalog.yaml diff --git a/kustomize/overlays/eks/datacatalog/datacatalog_config.yaml b/kustomize/overlays/eks_old/datacatalog/datacatalog_config.yaml similarity index 100% rename from kustomize/overlays/eks/datacatalog/datacatalog_config.yaml rename to kustomize/overlays/eks_old/datacatalog/datacatalog_config.yaml diff --git a/kustomize/overlays/eks_old/datacatalog/kustomization.yaml b/kustomize/overlays/eks_old/datacatalog/kustomization.yaml new file mode 100644 index 0000000000..4b3dec4857 --- /dev/null +++ b/kustomize/overlays/eks_old/datacatalog/kustomization.yaml @@ -0,0 +1,15 @@ +bases: +- ../../../base/datacatalog + +namespace: flyte + +configMapGenerator: +- name: datacatalog-config + files: + - datacatalog_config.yaml + +patches: +- datacatalog.yaml +- serviceaccount.yaml +- service.yaml + diff --git a/kustomize/overlays/eks_old/datacatalog/service.yaml b/kustomize/overlays/eks_old/datacatalog/service.yaml new file mode 100644 index 0000000000..6d25a0f086 --- /dev/null +++ b/kustomize/overlays/eks_old/datacatalog/service.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Service +metadata: + name: datacatalog + namespace: flyte +spec: + type: NodePort diff --git a/kustomize/overlays/eks/datacatalog/serviceaccount.yaml b/kustomize/overlays/eks_old/datacatalog/serviceaccount.yaml similarity index 100% rename from kustomize/overlays/eks/datacatalog/serviceaccount.yaml rename to kustomize/overlays/eks_old/datacatalog/serviceaccount.yaml diff --git a/kustomize/overlays/eks/flyte/ingress.yaml b/kustomize/overlays/eks_old/flyte/ingress.yaml similarity index 100% rename from kustomize/overlays/eks/flyte/ingress.yaml rename to kustomize/overlays/eks_old/flyte/ingress.yaml diff --git a/kustomize/overlays/eks/flyte/kustomization.yaml b/kustomize/overlays/eks_old/flyte/kustomization.yaml similarity index 100% rename from kustomize/overlays/eks/flyte/kustomization.yaml rename to kustomize/overlays/eks_old/flyte/kustomization.yaml diff --git a/kustomize/overlays/eks/propeller/config.yaml b/kustomize/overlays/eks_old/propeller/config.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/config.yaml rename to kustomize/overlays/eks_old/propeller/config.yaml diff --git a/kustomize/overlays/eks/propeller/kustomization.yaml b/kustomize/overlays/eks_old/propeller/kustomization.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/kustomization.yaml rename to kustomize/overlays/eks_old/propeller/kustomization.yaml diff --git a/kustomize/overlays/eks/propeller/plugins/config.yaml b/kustomize/overlays/eks_old/propeller/plugins/config.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/plugins/config.yaml rename to kustomize/overlays/eks_old/propeller/plugins/config.yaml diff --git a/kustomize/overlays/eks/propeller/plugins/container/config.yaml b/kustomize/overlays/eks_old/propeller/plugins/container/config.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/plugins/container/config.yaml rename to kustomize/overlays/eks_old/propeller/plugins/container/config.yaml diff --git a/kustomize/overlays/eks/propeller/plugins/container/propeller-patch.yaml b/kustomize/overlays/eks_old/propeller/plugins/container/propeller-patch.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/plugins/container/propeller-patch.yaml rename to kustomize/overlays/eks_old/propeller/plugins/container/propeller-patch.yaml diff --git a/kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml b/kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml new file mode 100644 index 0000000000..c1ffb9209a --- /dev/null +++ b/kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml @@ -0,0 +1,16 @@ +plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" diff --git a/kustomize/overlays/eks/propeller/plugins/spark/propeller-patch.yaml b/kustomize/overlays/eks_old/propeller/plugins/spark/propeller-patch.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/plugins/spark/propeller-patch.yaml rename to kustomize/overlays/eks_old/propeller/plugins/spark/propeller-patch.yaml diff --git a/kustomize/overlays/eks/propeller/propeller.yaml b/kustomize/overlays/eks_old/propeller/propeller.yaml similarity index 100% rename from kustomize/overlays/eks/propeller/propeller.yaml rename to kustomize/overlays/eks_old/propeller/propeller.yaml diff --git a/kustomize/overlays/eks_old/propeller/serviceaccount.yaml b/kustomize/overlays/eks_old/propeller/serviceaccount.yaml new file mode 100644 index 0000000000..9f10dc3935 --- /dev/null +++ b/kustomize/overlays/eks_old/propeller/serviceaccount.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flytepropeller + namespace: flyte + annotations: + eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" diff --git a/kustomize/overlays/eks/redis/kustomization.yaml b/kustomize/overlays/eks_old/redis/kustomization.yaml similarity index 100% rename from kustomize/overlays/eks/redis/kustomization.yaml rename to kustomize/overlays/eks_old/redis/kustomization.yaml diff --git a/kustomize/overlays/eks/redis/storage.yaml b/kustomize/overlays/eks_old/redis/storage.yaml similarity index 100% rename from kustomize/overlays/eks/redis/storage.yaml rename to kustomize/overlays/eks_old/redis/storage.yaml diff --git a/kustomize/overlays/gcp/console/service.yaml b/kustomize/overlays/gcp/console/service.yaml new file mode 100644 index 0000000000..2d3ad158aa --- /dev/null +++ b/kustomize/overlays/gcp/console/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + cloud.google.com/load-balancer-type: Internal + name: flyteconsole + namespace: flyte +spec: + selector: + app: flyteconsole + type: LoadBalancer + ports: + - name: redoc + protocol: TCP + port: 87 + targetPort: 8087 + - name: http-metrics + protocol: TCP + port: 10254 diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index 6e36e56964..8d6cb5e251 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -30,6 +30,7 @@ patchesStrategicMerge: - admin/service.yaml - datacatalog/deployment.yaml - propeller/deployment.yaml +- console/service.yaml # Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". diff --git a/kustomize/overlays/gcp/pass.txt b/kustomize/overlays/gcp/pass.txt deleted file mode 100644 index f6b1b7073b..0000000000 --- a/kustomize/overlays/gcp/pass.txt +++ /dev/null @@ -1 +0,0 @@ -awesomesauce From 751489efdb2950e6509719b8e74762f50f187ece Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 10:24:55 -0700 Subject: [PATCH 17/41] Remove old EKS --- .../admindeployment/admindeployment.yaml | 57 --------------- .../aa_namespace.yaml | 7 -- .../ab_project-resource-quota.yaml | 10 --- .../eks_old/admindeployment/cron.yaml | 30 -------- .../admindeployment/flyteadmin_config.yaml | 72 ------------------- .../admindeployment/kustomization.yaml | 26 ------- .../eks_old/admindeployment/service.yaml | 21 ------ .../admindeployment/serviceaccount.yaml | 9 --- .../overlays/eks_old/console/console.yaml | 15 ---- .../eks_old/console/kustomization.yaml | 7 -- .../overlays/eks_old/console/service.yaml | 8 --- .../eks_old/datacatalog/datacatalog.yaml | 21 ------ .../datacatalog/datacatalog_config.yaml | 25 ------- .../eks_old/datacatalog/kustomization.yaml | 15 ---- .../overlays/eks_old/datacatalog/service.yaml | 7 -- .../eks_old/datacatalog/serviceaccount.yaml | 9 --- kustomize/overlays/eks_old/flyte/ingress.yaml | 51 ------------- .../overlays/eks_old/flyte/kustomization.yaml | 15 ---- .../overlays/eks_old/propeller/config.yaml | 68 ------------------ .../eks_old/propeller/kustomization.yaml | 27 ------- .../eks_old/propeller/plugins/config.yaml | 9 --- .../propeller/plugins/container/config.yaml | 0 .../plugins/container/propeller-patch.yaml | 17 ----- .../propeller/plugins/spark/config.yaml | 16 ----- .../plugins/spark/propeller-patch.yaml | 17 ----- .../overlays/eks_old/propeller/propeller.yaml | 18 ----- .../eks_old/propeller/serviceaccount.yaml | 8 --- .../overlays/eks_old/redis/kustomization.yaml | 5 -- kustomize/overlays/eks_old/redis/storage.yaml | 11 --- 29 files changed, 601 deletions(-) delete mode 100644 kustomize/overlays/eks_old/admindeployment/admindeployment.yaml delete mode 100644 kustomize/overlays/eks_old/admindeployment/clusterresource-templates/aa_namespace.yaml delete mode 100644 kustomize/overlays/eks_old/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml delete mode 100644 kustomize/overlays/eks_old/admindeployment/cron.yaml delete mode 100644 kustomize/overlays/eks_old/admindeployment/flyteadmin_config.yaml delete mode 100644 kustomize/overlays/eks_old/admindeployment/kustomization.yaml delete mode 100644 kustomize/overlays/eks_old/admindeployment/service.yaml delete mode 100644 kustomize/overlays/eks_old/admindeployment/serviceaccount.yaml delete mode 100644 kustomize/overlays/eks_old/console/console.yaml delete mode 100644 kustomize/overlays/eks_old/console/kustomization.yaml delete mode 100644 kustomize/overlays/eks_old/console/service.yaml delete mode 100644 kustomize/overlays/eks_old/datacatalog/datacatalog.yaml delete mode 100644 kustomize/overlays/eks_old/datacatalog/datacatalog_config.yaml delete mode 100644 kustomize/overlays/eks_old/datacatalog/kustomization.yaml delete mode 100644 kustomize/overlays/eks_old/datacatalog/service.yaml delete mode 100644 kustomize/overlays/eks_old/datacatalog/serviceaccount.yaml delete mode 100644 kustomize/overlays/eks_old/flyte/ingress.yaml delete mode 100644 kustomize/overlays/eks_old/flyte/kustomization.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/config.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/kustomization.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/plugins/config.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/plugins/container/config.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/plugins/container/propeller-patch.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/plugins/spark/propeller-patch.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/propeller.yaml delete mode 100644 kustomize/overlays/eks_old/propeller/serviceaccount.yaml delete mode 100644 kustomize/overlays/eks_old/redis/kustomization.yaml delete mode 100644 kustomize/overlays/eks_old/redis/storage.yaml diff --git a/kustomize/overlays/eks_old/admindeployment/admindeployment.yaml b/kustomize/overlays/eks_old/admindeployment/admindeployment.yaml deleted file mode 100644 index ee8a1ca166..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/admindeployment.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteadmin - namespace: flyte -spec: - template: - spec: - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - initContainers: - - name: run-migrations - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", - "migrate", "run"] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: seed-projects - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", - "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: sync-cluster-resources - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - containers: - - name: flyteadmin - resources: - limits: - memory: "200Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteadmin - namespace: flyte -spec: - ports: - - name: redoc - protocol: TCP - port: 87 - targetPort: 8087 diff --git a/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/aa_namespace.yaml b/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/aa_namespace.yaml deleted file mode 100644 index 3075aa9f9e..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/aa_namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: {{ namespace }} -spec: - finalizers: - - kubernetes diff --git a/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml deleted file mode 100644 index ddfade3c29..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/clusterresource-templates/ab_project-resource-quota.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ResourceQuota -metadata: - name: project-quota - namespace: {{ namespace }} -spec: - hard: - limits.cpu: {{ projectQuotaCpu }} - limits.memory: {{ projectQuotaMemory }} - diff --git a/kustomize/overlays/eks_old/admindeployment/cron.yaml b/kustomize/overlays/eks_old/admindeployment/cron.yaml deleted file mode 100644 index 54d244cc37..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/cron.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - schedule: "*/1 * * * *" - jobTemplate: - spec: - template: - spec: - serviceAccountName: flyteadmin - containers: - - name: sync-cluster-resources - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/flyteadmin_config.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - - name: config-volume - configMap: - name: flyte-admin-config - restartPolicy: OnFailure diff --git a/kustomize/overlays/eks_old/admindeployment/flyteadmin_config.yaml b/kustomize/overlays/eks_old/admindeployment/flyteadmin_config.yaml deleted file mode 100644 index bdd3c17a1e..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/flyteadmin_config.yaml +++ /dev/null @@ -1,72 +0,0 @@ -logger: - show-source: true - level: 5 -server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: false -flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" -database: - port: 5432 - username: flyteadmin - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flyteadmin - password: spongebob -remoteData: - region: "us-west-2" - scheme: aws - signedUrls: - durationMinutes: 3 -storage: - type: s3 - connection: - auth-type: iam - region: us-west-2 - cache: - max_size_mbs: 64 - target_gc_percent: 70 - container: "flyte-admin" -task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi -domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production -cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m diff --git a/kustomize/overlays/eks_old/admindeployment/kustomization.yaml b/kustomize/overlays/eks_old/admindeployment/kustomization.yaml deleted file mode 100644 index 4af90e4d6f..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/kustomization.yaml +++ /dev/null @@ -1,26 +0,0 @@ -bases: -- ../../../base/admindeployment -- ../../../base/adminserviceaccount - -namespace: flyte - -resources: -- cron.yaml - -configMapGenerator: -# the main admin configmap -- name: flyte-admin-config - files: - - flyteadmin_config.yaml -# cluster resource templates -- name: clusterresource-template - files: -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - clusterresource-templates/aa_namespace.yaml - - clusterresource-templates/ab_project-resource-quota.yaml - -patches: -- admindeployment.yaml -- serviceaccount.yaml -- service.yaml - diff --git a/kustomize/overlays/eks_old/admindeployment/service.yaml b/kustomize/overlays/eks_old/admindeployment/service.yaml deleted file mode 100644 index f1a8e793bc..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: - service.beta.kubernetes.io/aws-load-balancer-internal: 'true' - name: flyteadmin - namespace: flyte -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - selector: - app: flyteadmin - type: LoadBalancer - diff --git a/kustomize/overlays/eks_old/admindeployment/serviceaccount.yaml b/kustomize/overlays/eks_old/admindeployment/serviceaccount.yaml deleted file mode 100644 index 5e0f4b2982..0000000000 --- a/kustomize/overlays/eks_old/admindeployment/serviceaccount.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte - annotations: - eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" - diff --git a/kustomize/overlays/eks_old/console/console.yaml b/kustomize/overlays/eks_old/console/console.yaml deleted file mode 100644 index 9261654671..0000000000 --- a/kustomize/overlays/eks_old/console/console.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteconsole - namespace: flyte -spec: - template: - spec: - containers: - - name: flyteconsole - resources: - limits: - memory: "150Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" diff --git a/kustomize/overlays/eks_old/console/kustomization.yaml b/kustomize/overlays/eks_old/console/kustomization.yaml deleted file mode 100644 index d1a84577b7..0000000000 --- a/kustomize/overlays/eks_old/console/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -bases: -- ../../../base/console - -patches: -- console.yaml -- service.yaml - diff --git a/kustomize/overlays/eks_old/console/service.yaml b/kustomize/overlays/eks_old/console/service.yaml deleted file mode 100644 index 489e8602e5..0000000000 --- a/kustomize/overlays/eks_old/console/service.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte -spec: - type: NodePort - diff --git a/kustomize/overlays/eks_old/datacatalog/datacatalog.yaml b/kustomize/overlays/eks_old/datacatalog/datacatalog.yaml deleted file mode 100644 index d6f705314a..0000000000 --- a/kustomize/overlays/eks_old/datacatalog/datacatalog.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: datacatalog - namespace: flyte -spec: - template: - spec: - containers: - - name: datacatalog - resources: - limits: - memory: "200Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" ---- -apiVersion: v1 -kind: Service -metadata: - name: datacatalog - namespace: flyte diff --git a/kustomize/overlays/eks_old/datacatalog/datacatalog_config.yaml b/kustomize/overlays/eks_old/datacatalog/datacatalog_config.yaml deleted file mode 100644 index e746c62e69..0000000000 --- a/kustomize/overlays/eks_old/datacatalog/datacatalog_config.yaml +++ /dev/null @@ -1,25 +0,0 @@ -logger: - show-source: true - level: 5 -datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 -application: - grpcPort: 8089 -database: - port: 5432 - username: flyteadmin - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flytedatacatalog - password: spongebob -storage: - type: s3 - connection: - auth-type: iam - region: us-west-2 - cache: - max_size_mbs: 64 - target_gc_percent: 70 - container: "flyte-datacatalog" - diff --git a/kustomize/overlays/eks_old/datacatalog/kustomization.yaml b/kustomize/overlays/eks_old/datacatalog/kustomization.yaml deleted file mode 100644 index 4b3dec4857..0000000000 --- a/kustomize/overlays/eks_old/datacatalog/kustomization.yaml +++ /dev/null @@ -1,15 +0,0 @@ -bases: -- ../../../base/datacatalog - -namespace: flyte - -configMapGenerator: -- name: datacatalog-config - files: - - datacatalog_config.yaml - -patches: -- datacatalog.yaml -- serviceaccount.yaml -- service.yaml - diff --git a/kustomize/overlays/eks_old/datacatalog/service.yaml b/kustomize/overlays/eks_old/datacatalog/service.yaml deleted file mode 100644 index 6d25a0f086..0000000000 --- a/kustomize/overlays/eks_old/datacatalog/service.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: datacatalog - namespace: flyte -spec: - type: NodePort diff --git a/kustomize/overlays/eks_old/datacatalog/serviceaccount.yaml b/kustomize/overlays/eks_old/datacatalog/serviceaccount.yaml deleted file mode 100644 index e2dba9c418..0000000000 --- a/kustomize/overlays/eks_old/datacatalog/serviceaccount.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte - annotations: - eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" - diff --git a/kustomize/overlays/eks_old/flyte/ingress.yaml b/kustomize/overlays/eks_old/flyte/ingress.yaml deleted file mode 100644 index 633206240a..0000000000 --- a/kustomize/overlays/eks_old/flyte/ingress.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: "flytesystem" - namespace: "flyte" - annotations: - kubernetes.io/ingress.class: alb - alb.ingress.kubernetes.io/tags: service_instance=production - alb.ingress.kubernetes.io/scheme: internet-facing - labels: - app: flyteadmin -spec: - rules: - - http: - paths: - - path: /console - backend: - serviceName: flyteconsole - servicePort: 80 - - path: /console/* - backend: - serviceName: flyteconsole - servicePort: 80 - # This is useful only for sandbox mode and should be templatized/removed in non-sandbox environments - - path: /__webpack_hmr - backend: - serviceName: flyteconsole - servicePort: 80 - - path: /api/* - backend: - serviceName: flyteadmin - servicePort: 80 - - path: /healthcheck - backend: - serviceName: flyteadmin - servicePort: 80 - - path: /v1/* - backend: - serviceName: flyteadmin - servicePort: 80 - # NOTE: Port 81 in flyteadmin is the GRPC server port for - # FlyteAdmin. - - path: /flyteidl.service.AdminService/* - backend: - serviceName: flyteadmin - servicePort: 81 - # Port 87 in FlyteAdmin maps to the redoc container. - - path: /openapi/* - backend: - serviceName: flyteadmin - servicePort: 87 diff --git a/kustomize/overlays/eks_old/flyte/kustomization.yaml b/kustomize/overlays/eks_old/flyte/kustomization.yaml deleted file mode 100644 index 4563a007e2..0000000000 --- a/kustomize/overlays/eks_old/flyte/kustomization.yaml +++ /dev/null @@ -1,15 +0,0 @@ -bases: -# global resources -- ../../../base/namespace - -# user plane / control plane resources -- ../admindeployment -- ../datacatalog -- ../console - -# data plane resources -- ../../../base/wf_crd -- ../propeller -- ../redis - -- ingress.yaml diff --git a/kustomize/overlays/eks_old/propeller/config.yaml b/kustomize/overlays/eks_old/propeller/config.yaml deleted file mode 100644 index b2a205c287..0000000000 --- a/kustomize/overlays/eks_old/propeller/config.yaml +++ /dev/null @@ -1,68 +0,0 @@ -propeller: - rawoutput-prefix: s3://flyte-outputs - metadata-prefix: propeller/eks - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager.flyte:6379 - hostKey: mypassword -logger: - show-source: true - level: 5 -storage: - type: s3 - connection: - auth-type: iam - region: us-west-2 - cache: - max_size_mbs: 1024 - target_gc_percent: 70 - container: "flyte-metadata" - limits: - maxDownloadMBs: 10 -event: - type: admin - rate: 500 - capacity: 1000 -admin: - endpoint: flyteadmin:81 - insecure: true -catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array diff --git a/kustomize/overlays/eks_old/propeller/kustomization.yaml b/kustomize/overlays/eks_old/propeller/kustomization.yaml deleted file mode 100644 index 2826649424..0000000000 --- a/kustomize/overlays/eks_old/propeller/kustomization.yaml +++ /dev/null @@ -1,27 +0,0 @@ -bases: -- ../../../base/propeller - -namespace: flyte - -configMapGenerator: -# the main propeller configmap -- name: flyte-propeller-config - files: - - config.yaml -# the plugin-configmap -- name: flyte-plugin-config - files: - - plugins/config.yaml -# a configmap for each plugin -- name: flyte-spark-config - files: - - plugins/spark/config.yaml -- name: flyte-container-config - files: - - plugins/container/config.yaml - -patches: -- serviceaccount.yaml -# add the volumemount for each plugin configmap -- plugins/spark/propeller-patch.yaml -- plugins/container/propeller-patch.yaml diff --git a/kustomize/overlays/eks_old/propeller/plugins/config.yaml b/kustomize/overlays/eks_old/propeller/plugins/config.yaml deleted file mode 100644 index a2237e1f9a..0000000000 --- a/kustomize/overlays/eks_old/propeller/plugins/config.yaml +++ /dev/null @@ -1,9 +0,0 @@ -plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" - k8s: - default-env-vars: - - AWS_RETRY_MODE: standard - - AWS_METADATA_SERVICE_TIMEOUT: 5 - - AWS_METADATA_SERVICE_NUM_ATTEMPTS: 20 diff --git a/kustomize/overlays/eks_old/propeller/plugins/container/config.yaml b/kustomize/overlays/eks_old/propeller/plugins/container/config.yaml deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/kustomize/overlays/eks_old/propeller/plugins/container/propeller-patch.yaml b/kustomize/overlays/eks_old/propeller/plugins/container/propeller-patch.yaml deleted file mode 100644 index fe9e305e28..0000000000 --- a/kustomize/overlays/eks_old/propeller/plugins/container/propeller-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - volumes: - - name: container-config-volume - configMap: - name: flyte-container-config - containers: - - name: flytepropeller - volumeMounts: - - name: container-config-volume - mountPath: /etc/flyte/config-container diff --git a/kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml b/kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml deleted file mode 100644 index c1ffb9209a..0000000000 --- a/kustomize/overlays/eks_old/propeller/plugins/spark/config.yaml +++ /dev/null @@ -1,16 +0,0 @@ -plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" diff --git a/kustomize/overlays/eks_old/propeller/plugins/spark/propeller-patch.yaml b/kustomize/overlays/eks_old/propeller/plugins/spark/propeller-patch.yaml deleted file mode 100644 index a1c2aacd10..0000000000 --- a/kustomize/overlays/eks_old/propeller/plugins/spark/propeller-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - volumes: - - name: spark-config-volume - configMap: - name: flyte-spark-config - containers: - - name: flytepropeller - volumeMounts: - - name: spark-config-volume - mountPath: /etc/flyte/config-spark diff --git a/kustomize/overlays/eks_old/propeller/propeller.yaml b/kustomize/overlays/eks_old/propeller/propeller.yaml deleted file mode 100644 index 498055e6fc..0000000000 --- a/kustomize/overlays/eks_old/propeller/propeller.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - containers: - - name: flytepropeller - env: - - name: QUBOLE_API_KEY - value: notarealkey - resources: - limits: - memory: "100Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" diff --git a/kustomize/overlays/eks_old/propeller/serviceaccount.yaml b/kustomize/overlays/eks_old/propeller/serviceaccount.yaml deleted file mode 100644 index 9f10dc3935..0000000000 --- a/kustomize/overlays/eks_old/propeller/serviceaccount.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte - annotations: - eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" diff --git a/kustomize/overlays/eks_old/redis/kustomization.yaml b/kustomize/overlays/eks_old/redis/kustomization.yaml deleted file mode 100644 index 12ec57311d..0000000000 --- a/kustomize/overlays/eks_old/redis/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -bases: -- ../../../dependencies/redis - -patches: -- storage.yaml diff --git a/kustomize/overlays/eks_old/redis/storage.yaml b/kustomize/overlays/eks_old/redis/storage.yaml deleted file mode 100644 index 0c5aed931b..0000000000 --- a/kustomize/overlays/eks_old/redis/storage.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - template: - spec: - volumes: - - name: redis-data - emptyDir: {} From c25781eca0a8775b0b06717bcb254260d8c3f63f Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 10:57:49 -0700 Subject: [PATCH 18/41] More refactoring --- .../complete}/README.md | 0 .../complete}/config/admin/cluster_resources.yaml | 0 .../complete}/config/admin/db.yaml | 0 .../complete}/config/admin/domain.yaml | 0 .../complete}/config/admin/remote_data.yaml | 0 .../complete}/config/admin/server.yaml | 0 .../config/admin/task_resource_defaults.yaml | 0 .../clusterresource-templates/aa_namespace.yaml | 0 .../ab_project-resource-quota.yaml | 0 .../ac_project-copilot-dataconfig.yaml | 0 .../complete}/config/common/logger.yaml | 0 .../complete}/config/common/storage.yaml | 0 .../complete}/config/console/console.yaml | 0 .../complete}/config/datacatalog/db.yaml | 0 .../complete}/config/datacatalog/server.yaml | 0 .../complete}/config/propeller/admin.yaml | 0 .../complete}/config/propeller/catalog.yaml | 0 .../complete}/config/propeller/core.yaml | 0 .../config/propeller/enabled_plugins.yaml | 0 .../config/propeller/plugins/copilot.yaml | 0 .../complete}/config/propeller/plugins/k8s.yaml | 0 .../config/propeller/plugins/task_logs.yaml | 0 .../config/propeller/resource_manager.yaml | 0 .../complete}/kustomization.yaml | 6 +++--- .../headless}/README.md | 0 .../headless}/config/admin/cluster_resources.yaml | 0 .../headless}/config/admin/db.yaml | 0 .../headless}/config/admin/domain.yaml | 0 .../headless}/config/admin/remote_data.yaml | 0 .../headless}/config/admin/server.yaml | 0 .../config/admin/task_resource_defaults.yaml | 0 .../clusterresource-templates/aa_namespace.yaml | 0 .../ab_project-resource-quota.yaml | 0 .../ac_project-copilot-dataconfig.yaml | 0 .../headless}/config/common/logger.yaml | 0 .../headless}/config/common/storage.yaml | 0 .../headless}/config/console/console.yaml | 0 .../headless}/config/datacatalog/db.yaml | 0 .../headless}/config/datacatalog/server.yaml | 0 .../headless}/config/propeller/admin.yaml | 0 .../headless}/config/propeller/catalog.yaml | 0 .../headless}/config/propeller/core.yaml | 0 .../config/propeller/enabled_plugins.yaml | 0 .../config/propeller/plugins/copilot.yaml | 0 .../headless}/config/propeller/plugins/k8s.yaml | 0 .../config/propeller/plugins/task_logs.yaml | 0 .../config/propeller/resource_manager.yaml | 0 .../headless}/kustomization.yaml | 14 +++++++------- .../headless}/pass.txt | 0 kustomize/overlays/eks/kustomization.yaml | 2 +- kustomize/overlays/gcp/kustomization.yaml | 2 +- kustomize/overlays/sandbox/kustomization.yaml | 2 +- kustomize/overlays/test/kustomization.yaml | 2 +- 53 files changed, 14 insertions(+), 14 deletions(-) rename kustomize/base/{flyte_single_cluster => single_cluster/complete}/README.md (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/admin/cluster_resources.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/complete}/config/admin/db.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/admin/domain.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/admin/remote_data.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/admin/server.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/admin/task_resource_defaults.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/clusterresource-templates/aa_namespace.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/clusterresource-templates/ab_project-resource-quota.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/common/logger.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/common/storage.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/console/console.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/complete}/config/datacatalog/db.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/datacatalog/server.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/propeller/admin.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/propeller/catalog.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/complete}/config/propeller/core.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/propeller/enabled_plugins.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/propeller/plugins/copilot.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/propeller/plugins/k8s.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/propeller/plugins/task_logs.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/complete}/config/propeller/resource_manager.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/complete}/kustomization.yaml (78%) rename kustomize/base/{flyte_headless_cluster => single_cluster/headless}/README.md (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/admin/cluster_resources.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/headless}/config/admin/db.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/admin/domain.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/admin/remote_data.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/admin/server.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/admin/task_resource_defaults.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/clusterresource-templates/aa_namespace.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/clusterresource-templates/ab_project-resource-quota.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/common/logger.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/common/storage.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/console/console.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/headless}/config/datacatalog/db.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/datacatalog/server.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/propeller/admin.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/propeller/catalog.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/headless}/config/propeller/core.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/propeller/enabled_plugins.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/propeller/plugins/copilot.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/propeller/plugins/k8s.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/propeller/plugins/task_logs.yaml (100%) rename kustomize/base/{flyte_single_cluster => single_cluster/headless}/config/propeller/resource_manager.yaml (100%) rename kustomize/base/{flyte_headless_cluster => single_cluster/headless}/kustomization.yaml (92%) rename kustomize/base/{flyte_headless_cluster => single_cluster/headless}/pass.txt (100%) diff --git a/kustomize/base/flyte_single_cluster/README.md b/kustomize/base/single_cluster/complete/README.md similarity index 100% rename from kustomize/base/flyte_single_cluster/README.md rename to kustomize/base/single_cluster/complete/README.md diff --git a/kustomize/base/flyte_headless_cluster/config/admin/cluster_resources.yaml b/kustomize/base/single_cluster/complete/config/admin/cluster_resources.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/admin/cluster_resources.yaml rename to kustomize/base/single_cluster/complete/config/admin/cluster_resources.yaml diff --git a/kustomize/base/flyte_single_cluster/config/admin/db.yaml b/kustomize/base/single_cluster/complete/config/admin/db.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/admin/db.yaml rename to kustomize/base/single_cluster/complete/config/admin/db.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/admin/domain.yaml b/kustomize/base/single_cluster/complete/config/admin/domain.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/admin/domain.yaml rename to kustomize/base/single_cluster/complete/config/admin/domain.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/admin/remote_data.yaml b/kustomize/base/single_cluster/complete/config/admin/remote_data.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/admin/remote_data.yaml rename to kustomize/base/single_cluster/complete/config/admin/remote_data.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/admin/server.yaml b/kustomize/base/single_cluster/complete/config/admin/server.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/admin/server.yaml rename to kustomize/base/single_cluster/complete/config/admin/server.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/admin/task_resource_defaults.yaml b/kustomize/base/single_cluster/complete/config/admin/task_resource_defaults.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/admin/task_resource_defaults.yaml rename to kustomize/base/single_cluster/complete/config/admin/task_resource_defaults.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/single_cluster/complete/config/clusterresource-templates/aa_namespace.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/clusterresource-templates/aa_namespace.yaml rename to kustomize/base/single_cluster/complete/config/clusterresource-templates/aa_namespace.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/single_cluster/complete/config/clusterresource-templates/ab_project-resource-quota.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml rename to kustomize/base/single_cluster/complete/config/clusterresource-templates/ab_project-resource-quota.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/single_cluster/complete/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml rename to kustomize/base/single_cluster/complete/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/common/logger.yaml b/kustomize/base/single_cluster/complete/config/common/logger.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/common/logger.yaml rename to kustomize/base/single_cluster/complete/config/common/logger.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/common/storage.yaml b/kustomize/base/single_cluster/complete/config/common/storage.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/common/storage.yaml rename to kustomize/base/single_cluster/complete/config/common/storage.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/console/console.yaml b/kustomize/base/single_cluster/complete/config/console/console.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/console/console.yaml rename to kustomize/base/single_cluster/complete/config/console/console.yaml diff --git a/kustomize/base/flyte_single_cluster/config/datacatalog/db.yaml b/kustomize/base/single_cluster/complete/config/datacatalog/db.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/datacatalog/db.yaml rename to kustomize/base/single_cluster/complete/config/datacatalog/db.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/datacatalog/server.yaml b/kustomize/base/single_cluster/complete/config/datacatalog/server.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/datacatalog/server.yaml rename to kustomize/base/single_cluster/complete/config/datacatalog/server.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/admin.yaml b/kustomize/base/single_cluster/complete/config/propeller/admin.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/admin.yaml rename to kustomize/base/single_cluster/complete/config/propeller/admin.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/catalog.yaml b/kustomize/base/single_cluster/complete/config/propeller/catalog.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/catalog.yaml rename to kustomize/base/single_cluster/complete/config/propeller/catalog.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/core.yaml b/kustomize/base/single_cluster/complete/config/propeller/core.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/core.yaml rename to kustomize/base/single_cluster/complete/config/propeller/core.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/enabled_plugins.yaml b/kustomize/base/single_cluster/complete/config/propeller/enabled_plugins.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/enabled_plugins.yaml rename to kustomize/base/single_cluster/complete/config/propeller/enabled_plugins.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/plugins/copilot.yaml b/kustomize/base/single_cluster/complete/config/propeller/plugins/copilot.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/plugins/copilot.yaml rename to kustomize/base/single_cluster/complete/config/propeller/plugins/copilot.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/plugins/k8s.yaml b/kustomize/base/single_cluster/complete/config/propeller/plugins/k8s.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/plugins/k8s.yaml rename to kustomize/base/single_cluster/complete/config/propeller/plugins/k8s.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/plugins/task_logs.yaml b/kustomize/base/single_cluster/complete/config/propeller/plugins/task_logs.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/plugins/task_logs.yaml rename to kustomize/base/single_cluster/complete/config/propeller/plugins/task_logs.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/resource_manager.yaml b/kustomize/base/single_cluster/complete/config/propeller/resource_manager.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/resource_manager.yaml rename to kustomize/base/single_cluster/complete/config/propeller/resource_manager.yaml diff --git a/kustomize/base/flyte_single_cluster/kustomization.yaml b/kustomize/base/single_cluster/complete/kustomization.yaml similarity index 78% rename from kustomize/base/flyte_single_cluster/kustomization.yaml rename to kustomize/base/single_cluster/complete/kustomization.yaml index e3a7ef02dc..ece387ce0e 100644 --- a/kustomize/base/flyte_single_cluster/kustomization.yaml +++ b/kustomize/base/single_cluster/complete/kustomization.yaml @@ -4,9 +4,9 @@ kind: Kustomization # All the resources that make up the deployment resources: # global resources -- ../flyte_headless_cluster -- ../admindeployment/clustersync -- ../console +- ../headless +- ../../admindeployment/clustersync +- ../../console # configMapGenerator: # TODO Flyte Console Configuration diff --git a/kustomize/base/flyte_headless_cluster/README.md b/kustomize/base/single_cluster/headless/README.md similarity index 100% rename from kustomize/base/flyte_headless_cluster/README.md rename to kustomize/base/single_cluster/headless/README.md diff --git a/kustomize/base/flyte_single_cluster/config/admin/cluster_resources.yaml b/kustomize/base/single_cluster/headless/config/admin/cluster_resources.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/admin/cluster_resources.yaml rename to kustomize/base/single_cluster/headless/config/admin/cluster_resources.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/admin/db.yaml b/kustomize/base/single_cluster/headless/config/admin/db.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/admin/db.yaml rename to kustomize/base/single_cluster/headless/config/admin/db.yaml diff --git a/kustomize/base/flyte_single_cluster/config/admin/domain.yaml b/kustomize/base/single_cluster/headless/config/admin/domain.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/admin/domain.yaml rename to kustomize/base/single_cluster/headless/config/admin/domain.yaml diff --git a/kustomize/base/flyte_single_cluster/config/admin/remote_data.yaml b/kustomize/base/single_cluster/headless/config/admin/remote_data.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/admin/remote_data.yaml rename to kustomize/base/single_cluster/headless/config/admin/remote_data.yaml diff --git a/kustomize/base/flyte_single_cluster/config/admin/server.yaml b/kustomize/base/single_cluster/headless/config/admin/server.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/admin/server.yaml rename to kustomize/base/single_cluster/headless/config/admin/server.yaml diff --git a/kustomize/base/flyte_single_cluster/config/admin/task_resource_defaults.yaml b/kustomize/base/single_cluster/headless/config/admin/task_resource_defaults.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/admin/task_resource_defaults.yaml rename to kustomize/base/single_cluster/headless/config/admin/task_resource_defaults.yaml diff --git a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/single_cluster/headless/config/clusterresource-templates/aa_namespace.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/clusterresource-templates/aa_namespace.yaml rename to kustomize/base/single_cluster/headless/config/clusterresource-templates/aa_namespace.yaml diff --git a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/single_cluster/headless/config/clusterresource-templates/ab_project-resource-quota.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/clusterresource-templates/ab_project-resource-quota.yaml rename to kustomize/base/single_cluster/headless/config/clusterresource-templates/ab_project-resource-quota.yaml diff --git a/kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/single_cluster/headless/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml rename to kustomize/base/single_cluster/headless/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml diff --git a/kustomize/base/flyte_single_cluster/config/common/logger.yaml b/kustomize/base/single_cluster/headless/config/common/logger.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/common/logger.yaml rename to kustomize/base/single_cluster/headless/config/common/logger.yaml diff --git a/kustomize/base/flyte_single_cluster/config/common/storage.yaml b/kustomize/base/single_cluster/headless/config/common/storage.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/common/storage.yaml rename to kustomize/base/single_cluster/headless/config/common/storage.yaml diff --git a/kustomize/base/flyte_single_cluster/config/console/console.yaml b/kustomize/base/single_cluster/headless/config/console/console.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/console/console.yaml rename to kustomize/base/single_cluster/headless/config/console/console.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml b/kustomize/base/single_cluster/headless/config/datacatalog/db.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/datacatalog/db.yaml rename to kustomize/base/single_cluster/headless/config/datacatalog/db.yaml diff --git a/kustomize/base/flyte_single_cluster/config/datacatalog/server.yaml b/kustomize/base/single_cluster/headless/config/datacatalog/server.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/datacatalog/server.yaml rename to kustomize/base/single_cluster/headless/config/datacatalog/server.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/admin.yaml b/kustomize/base/single_cluster/headless/config/propeller/admin.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/admin.yaml rename to kustomize/base/single_cluster/headless/config/propeller/admin.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/catalog.yaml b/kustomize/base/single_cluster/headless/config/propeller/catalog.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/catalog.yaml rename to kustomize/base/single_cluster/headless/config/propeller/catalog.yaml diff --git a/kustomize/base/flyte_headless_cluster/config/propeller/core.yaml b/kustomize/base/single_cluster/headless/config/propeller/core.yaml similarity index 100% rename from kustomize/base/flyte_headless_cluster/config/propeller/core.yaml rename to kustomize/base/single_cluster/headless/config/propeller/core.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/enabled_plugins.yaml b/kustomize/base/single_cluster/headless/config/propeller/enabled_plugins.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/enabled_plugins.yaml rename to kustomize/base/single_cluster/headless/config/propeller/enabled_plugins.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/plugins/copilot.yaml b/kustomize/base/single_cluster/headless/config/propeller/plugins/copilot.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/plugins/copilot.yaml rename to kustomize/base/single_cluster/headless/config/propeller/plugins/copilot.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/plugins/k8s.yaml b/kustomize/base/single_cluster/headless/config/propeller/plugins/k8s.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/plugins/k8s.yaml rename to kustomize/base/single_cluster/headless/config/propeller/plugins/k8s.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/plugins/task_logs.yaml b/kustomize/base/single_cluster/headless/config/propeller/plugins/task_logs.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/plugins/task_logs.yaml rename to kustomize/base/single_cluster/headless/config/propeller/plugins/task_logs.yaml diff --git a/kustomize/base/flyte_single_cluster/config/propeller/resource_manager.yaml b/kustomize/base/single_cluster/headless/config/propeller/resource_manager.yaml similarity index 100% rename from kustomize/base/flyte_single_cluster/config/propeller/resource_manager.yaml rename to kustomize/base/single_cluster/headless/config/propeller/resource_manager.yaml diff --git a/kustomize/base/flyte_headless_cluster/kustomization.yaml b/kustomize/base/single_cluster/headless/kustomization.yaml similarity index 92% rename from kustomize/base/flyte_headless_cluster/kustomization.yaml rename to kustomize/base/single_cluster/headless/kustomization.yaml index 11eaa439a2..0a863fab06 100644 --- a/kustomize/base/flyte_headless_cluster/kustomization.yaml +++ b/kustomize/base/single_cluster/headless/kustomization.yaml @@ -4,13 +4,13 @@ kind: Kustomization # All the resources that make up the deployment resources: # global resources -- ../namespace -- ../ingress -- ../admindeployment -- ../datacatalog -- ../wf_crd -- ../propeller -- ../adminserviceaccount +- ../../namespace +- ../../ingress +- ../../admindeployment +- ../../datacatalog +- ../../wf_crd +- ../../propeller +- ../../adminserviceaccount configMapGenerator: # the main admin configmap diff --git a/kustomize/base/flyte_headless_cluster/pass.txt b/kustomize/base/single_cluster/headless/pass.txt similarity index 100% rename from kustomize/base/flyte_headless_cluster/pass.txt rename to kustomize/base/single_cluster/headless/pass.txt diff --git a/kustomize/overlays/eks/kustomization.yaml b/kustomize/overlays/eks/kustomization.yaml index e698a40316..6f467be5f5 100644 --- a/kustomize/overlays/eks/kustomization.yaml +++ b/kustomize/overlays/eks/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization namespace: flyte bases: -- ../../base/flyte_single_cluster +- ../../base/single_cluster/complete # All the resources that make up the deployment ######## diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index 8d6cb5e251..b93608bb9f 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization namespace: flyte bases: -- ../../base/flyte_single_cluster +- ../../base/single_cluster/complete # All the resources that make up the deployment - datacatalog/service.yaml diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index b299dc2674..3c710b76ba 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization namespace: flyte bases: -- ../../base/flyte_single_cluster +- ../../base/single_cluster/complete # All the resources that make up the deployment ######## diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index a609e37b69..eaa968eaca 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization namespace: flyte bases: -- ../../base/flyte_headless_cluster +- ../../base/single_cluster/headless # All the resources that make up the deployment From 0a0467c9cd9ffba2fa73398ef2543b72361bc2e7 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 10:59:39 -0700 Subject: [PATCH 19/41] wip --- deployment/sandbox/flyte_generated.yaml | 1686 ----------------------- script/kustomize.sh | 2 +- 2 files changed, 1 insertion(+), 1687 deletions(-) diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml index 47c57ac6fb..e69de29bb2 100644 --- a/deployment/sandbox/flyte_generated.yaml +++ b/deployment/sandbox/flyte_generated.yaml @@ -1,1686 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active ---- -apiVersion: v1 -kind: Namespace -metadata: - name: heptio-contour ---- -apiVersion: v1 -kind: Namespace -metadata: - name: sparkoperator ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - version: v1alpha1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - labels: - component: ingressroute - name: ingressroutes.contour.heptio.com -spec: - additionalPrinterColumns: - - JSONPath: .spec.virtualhost.fqdn - description: Fully qualified domain name - name: FQDN - type: string - - JSONPath: .spec.virtualhost.tls.secretName - description: Secret with TLS credentials - name: TLS Secret - type: string - - JSONPath: .spec.routes[0].match - description: First routes defined - name: First route - type: string - - JSONPath: .status.currentStatus - description: The current status of the IngressRoute - name: Status - type: string - - JSONPath: .status.description - description: Description of the current status - name: Status Description - type: string - group: contour.heptio.com - names: - kind: IngressRoute - plural: ingressroutes - scope: Namespaced - validation: - openAPIV3Schema: - properties: - spec: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - routes: - items: - properties: - delegate: - properties: - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - namespace: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - match: - pattern: ^\/.*$ - type: string - services: - items: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - type: integer - strategy: - enum: - - RoundRobin - - WeightedLeastRequest - - Random - - RingHash - - Maglev - type: string - weight: - type: integer - required: - - name - - port - type: object - type: array - required: - - match - type: array - strategy: - enum: - - RoundRobin - - LeastRequest - - Random - - RingHash - - Maglev - type: string - virtualhost: - properties: - aliases: - items: - pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ - type: string - type: array - fqdn: - pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ - type: string - required: - - routes - version: v1beta1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - version: v1beta1 ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: contour - namespace: heptio-contour ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyteadmin - namespace: flyte -rules: -- apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flytepropeller -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -- apiGroups: - - '*' - resources: - - '*' - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -- apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: contour -rules: -- apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - get - - list - - watch -- apiGroups: - - contour.heptio.com - resources: - - ingressroutes - verbs: - - get - - list - - watch - - put - - post - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: sparkoperator -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - - configmaps - - secrets - verbs: - - create - - get - - delete -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - delete -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - update - - delete - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - create - - get - - update - - delete -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - get - - update - - delete -- apiGroups: - - sparkoperator.k8s.io - resources: - - sparkapplications - - scheduledsparkapplications - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: -- kind: ServiceAccount - name: flyteadmin - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: contour -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: contour -subjects: -- kind: ServiceAccount - name: contour - namespace: heptio-contour ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: sparkoperator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sparkoperator -subjects: -- kind: ServiceAccount - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: v1 -data: - aa_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: {{ namespace }} - spec: - finalizers: - - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n - \ name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: - {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" - ac_project-copilot-dataconfig.yaml: | - kind: ConfigMap - apiVersion: v1 - metadata: - name: flyte-data-config - namespace: {{ namespace }} - data: - config.yaml: | - storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket - enable-multicontainer: true - ad_spark-role.yaml: | - apiVersion: rbac.authorization.k8s.io/v1beta1 - kind: Role - metadata: - name: spark-role - namespace: {{ namespace }} - rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - '*' - - apiGroups: - - "" - resources: - - services - verbs: - - '*' - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' - ae_spark-service-account.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: spark - namespace: {{ namespace }} - af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: - RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace - }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- - kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" -kind: ConfigMap -metadata: - name: clusterresource-template-kf62ttf64k - namespace: flyte ---- -apiVersion: v1 -data: - datacatalog_config.yaml: | - logger: - show-source: true - level: 5 - datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 - application: - grpcPort: 8089 - storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - cache: - max_size_mbs: 10 - target_gc_percent: 100 - container: my-container - type: minio - database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable -kind: ConfigMap -metadata: - name: datacatalog-config-5g5bbg2k49 - namespace: flyte ---- -apiVersion: v1 -data: - flyteadmin_config.yaml: | - logger: - show-source: true - level: 5 - server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin - database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable - remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m -kind: ConfigMap -metadata: - name: flyte-admin-config-42k268hb6k - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config - DISABLE_AUTH: "true" -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: "" -kind: ConfigMap -metadata: - name: flyte-container-config-5k78b9cm42 - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | - plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "30s" -kind: ConfigMap -metadata: - name: flyte-plugin-config-f6t7mt8tkg - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | - propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager.flyte:6379 - hostKey: mypassword - logger: - show-source: true - level: 5 - storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array -kind: ConfigMap -metadata: - name: flyte-propeller-config-97gh25f525 - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | - plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" -kind: ConfigMap -metadata: - name: flyte-qubole-config-9tcd8mk2c2 - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | - plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" -kind: ConfigMap -metadata: - name: flyte-spark-config-h72bmtggc2 - namespace: flyte ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: datacatalog - namespace: flyte -spec: - ports: - - name: http - port: 88 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 89 - protocol: TCP - targetPort: 8089 - selector: - app: datacatalog ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: flyteadmin - namespace: flyte -spec: - ports: - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - selector: - app: flyteadmin ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte -spec: - ports: - - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole ---- -apiVersion: v1 -kind: Service -metadata: - name: minio - namespace: flyte -spec: - externalName: minio - ports: - - port: 9000 - selector: - app: minio ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - name: postgres - namespace: flyte -spec: - ports: - - port: 5432 - selector: - app: postgres ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP - selector: - app: contour - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - name: spark-webhook - namespace: sparkoperator -spec: - ports: - - name: webhook - port: 443 - targetPort: 8080 - selector: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: datacatalog - name: datacatalog - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.2.2 - spec: - containers: - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/datacatalog_config.yaml - - serve - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: datacatalog - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - initContainers: - - command: - - sh - - -c - - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep - 2; done; - image: postgres:10.1 - name: check-db-ready - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/datacatalog_config.yaml - - migrate - - run - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - serviceAccountName: datacatalog - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: datacatalog-config-5g5bbg2k49 - name: config-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteadmin - name: flyteadmin - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.3.4 - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/flyteadmin_config.yaml - - serve - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: flyteadmin - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - - mountPath: /etc/flyte/config - name: config-volume - - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: Flyte Admin OpenAPI - - name: SPEC_URL - value: /api/v1/openapi - - name: PORT - value: "8087" - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - name: redoc - ports: - - containerPort: 8087 - resources: - limits: - cpu: "0.1" - memory: 200Mi - initContainers: - - command: - - sh - - -c - - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep - 2; done; - image: postgres:10.1 - name: check-db-ready - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/flyteadmin_config.yaml - - migrate - - run - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/flyteadmin_config.yaml - - migrate - - seed-projects - - flytesnacks - - flytetester - - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: seed-projects - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/flyteadmin_config.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates - - emptyDir: {} - name: shared-data - - configMap: - name: flyte-admin-config-42k268hb6k - name: config-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteconsole - name: flyteconsole - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.11.0 - spec: - containers: - - envFrom: - - configMapRef: - name: flyte-console-config - image: docker.io/lyft/flyteconsole:v0.11.0 - name: flyteconsole - ports: - - containerPort: 8080 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 150Mi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - volumes: - - emptyDir: {} - name: shared-data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytepropeller - name: flytepropeller - namespace: flyte -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.3.12 - spec: - containers: - - args: - - --config - - /etc/flyte/config*/config.yaml - command: - - flytepropeller - env: - - name: QUBOLE_API_KEY - value: notarealkey - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: docker.io/lyft/flytepropeller:v0.3.12 - imagePullPolicy: IfNotPresent - name: flytepropeller - ports: - - containerPort: 10254 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 100Mi - volumeMounts: - - mountPath: /etc/flyte/config-qubole - name: qubole-config-volume - - mountPath: /etc/flyte/config-container - name: container-config-volume - - mountPath: /etc/flyte/config-spark - name: spark-config-volume - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/flyte/config-plugin - name: plugin-config-volume - serviceAccountName: flytepropeller - volumes: - - configMap: - name: flyte-qubole-config-9tcd8mk2c2 - name: qubole-config-volume - - configMap: - name: flyte-container-config-5k78b9cm42 - name: container-config-volume - - configMap: - name: flyte-spark-config-h72bmtggc2 - name: spark-config-volume - - configMap: - name: flyte-propeller-config-97gh25f525 - name: config-volume - - configMap: - name: flyte-plugin-config-f6t7mt8tkg - name: plugin-config-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - namespace: flyte -spec: - selector: - matchLabels: - app: minio - template: - metadata: - labels: - app: minio - spec: - containers: - - args: - - server - - /data - env: - - name: MINIO_ACCESS_KEY - value: minio - - name: MINIO_SECRET_KEY - value: miniostorage - image: minio/minio:RELEASE.2019-06-04T01-15-58Z - name: minio - ports: - - containerPort: 9000 - name: minio - volumeMounts: - - mountPath: /data - name: minio-storage - volumes: - - emptyDir: {} - name: minio-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres - namespace: flyte -spec: - selector: - matchLabels: - app: postgres - template: - metadata: - labels: - app: postgres - spec: - containers: - - image: postgres:10.1 - name: postgres - ports: - - containerPort: 5432 - name: postgres - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-storage - volumes: - - emptyDir: {} - name: postgres-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator - namespace: sparkoperator -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - args: - - -logtostderr - - -v=2 - - -controller-threads=20 - - -enable-metrics=true - - '-metrics-prefix=service:' - - -metrics-labels=task_name - - -metrics-labels=workflow_name - - -enable-webhook=true - - -webhook-svc-namespace=sparkoperator - command: - - /usr/bin/spark-operator - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: Always - name: sparkoperator-unknown - ports: - - containerPort: 10254 - - containerPort: 8080 - volumeMounts: - - mountPath: /etc/webhook-certs - name: webhook-certs - serviceAccountName: sparkoperator - volumes: - - name: webhook-certs - secret: - secretName: spark-webhook-certs ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: docker.io/bitnami/redis:4.0.2-r1 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always - volumes: - - emptyDir: {} - name: redis-data ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/flyteadmin_config.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates - - configMap: - name: flyte-admin-config-42k268hb6k - name: config-volume - schedule: '*/1 * * * *' ---- -apiVersion: batch/v1 -kind: Job -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator-init - namespace: sparkoperator -spec: - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - command: - - /usr/bin/gencerts.sh - - --namespace - - sparkoperator - - -p - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: IfNotPresent - name: main - restartPolicy: Never - serviceAccountName: sparkoperator ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: flytesystem - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /console - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /__webpack_hmr - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /api - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /healthcheck - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /v1 - - backend: - serviceName: flyteadmin - servicePort: 81 - path: /flyteidl.service.AdminService - - backend: - serviceName: flyteadmin - servicePort: 87 - path: /openapi ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: minio - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: minio - servicePort: 9000 - path: /minio diff --git a/script/kustomize.sh b/script/kustomize.sh index b9d6266bdd..24c4459f4f 100755 --- a/script/kustomize.sh +++ b/script/kustomize.sh @@ -9,7 +9,7 @@ KUSTOMIZE_IMAGE="lyft/kustomizer:v3.1.0" for deployment in ${DEPLOYMENT}; do docker run -v "${DIR}/../kustomize":/kustomize "$KUSTOMIZE_IMAGE" kustomize build \ - "overlays/${deployment}/flyte" \ + "overlays/${deployment}" \ > "${DIR}/../deployment/${deployment}/flyte_generated.yaml" done From d8bd19fbbc3bd3dc012cb12d51727bb65c2f37ad Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 14:33:45 -0700 Subject: [PATCH 20/41] added workflow to generate --- .github/workflows/main.yml | 32 + deployment/eks/flyte_generated.yaml | 986 +++++++++--- deployment/gcp/flyte_generated.yaml | 1038 ++++++++++--- deployment/sandbox/flyte_generated.yaml | 1881 +++++++++++++++++++++++ deployment/test/flyte_generated.yaml | 659 ++++---- script/generate_kustomize.sh | 10 + script/kustomize.sh | 2 +- 7 files changed, 3938 insertions(+), 670 deletions(-) create mode 100644 .github/workflows/main.yml create mode 100644 script/generate_kustomize.sh diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000000..fc07fa80fe --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,32 @@ +# This is a basic workflow to help you get started with Actions + +name: CI + +# Controls when the action will run. Triggers the workflow on push or pull request +# events but only for the master branch +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + - name: Run Kubernetes tools + uses: stefanprodan/kube-tools@v1 + with: + kustomize: 3.5.5 + command: | + SCRIPT=script/generate_kustomize.sh + echo "Running Kustomizer" + ./${SCRIPT} + echo "Kustomizer run completed" diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index b1daf82f09..1ba4d9253f 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -8,6 +8,11 @@ spec: status: phase: Active --- +apiVersion: v1 +kind: Namespace +metadata: + name: sparkoperator +--- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -23,11 +28,68 @@ spec: scope: Namespaced version: v1alpha1 --- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: pytorchjobs.kubeflow.org +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[-1:].type + name: State + type: string + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: kubeflow.org + names: + kind: PyTorchJob + plural: pytorchjobs + singular: pytorchjob + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + pytorchReplicaSpecs: + properties: + Master: + properties: + replicas: + maximum: 1 + minimum: 1 + type: integer + Worker: + properties: + replicas: + minimum: 1 + type: integer + versions: + - name: v1 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sparkapplications.sparkoperator.k8s.io +spec: + group: sparkoperator.k8s.io + names: + kind: SparkApplication + listKind: SparkApplicationList + plural: sparkapplications + shortNames: + - sparkapp + singular: sparkapplication + scope: Namespaced + version: v1beta1 +--- apiVersion: v1 kind: ServiceAccount metadata: - annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::111222333456:role/flyte-operator name: datacatalog namespace: flyte --- @@ -47,6 +109,21 @@ metadata: name: flytepropeller namespace: flyte --- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sparkoperator + namespace: flyte +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -132,6 +209,172 @@ rules: - post - deletecollection --- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" + name: kubeflow-pytorchjobs-admin +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" + name: kubeflow-pytorchjobs-edit +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" + name: kubeflow-pytorchjobs-view +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - events + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: sparkoperator +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + - configmaps + - secrets + verbs: + - create + - get + - delete +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - create + - get + - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - update + - delete + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - update + - delete +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - update + - delete +- apiGroups: + - sparkoperator.k8s.io + resources: + - sparkapplications + - scheduledsparkapplications + verbs: + - '*' +--- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: @@ -160,6 +403,35 @@ subjects: name: flytepropeller namespace: flyte --- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pytorch-operator +subjects: +- kind: ServiceAccount + name: pytorch-operator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: sparkoperator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sparkoperator +subjects: +- kind: ServiceAccount + name: sparkoperator + namespace: flyte +--- apiVersion: v1 data: aa_namespace.yaml: | @@ -170,60 +442,177 @@ data: spec: finalizers: - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n - \ name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: - {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ac_project-copilot-dataconfig.yaml: | + kind: ConfigMap + apiVersion: v1 + metadata: + name: flyte-data-config + namespace: {{ namespace }} + data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true + ad_spark-role.yaml: | + apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: Role + metadata: + name: spark-role + namespace: {{ namespace }} + rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - '*' + - apiGroups: + - "" + resources: + - services + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' + ae_spark-service-account.yaml: | + apiVersion: v1 + kind: ServiceAccount + metadata: + name: spark + namespace: {{ namespace }} + af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" kind: ConfigMap metadata: - name: clusterresource-template-m2kccc465f + annotations: {} + labels: {} + name: clusterresource-template-kf62ttf64k namespace: flyte --- apiVersion: v1 data: - datacatalog_config.yaml: |+ + db.yaml: | + database: + port: 5432 + username: flyte + # TODO Change this to match aurora or rds postgres endpoint + host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com + dbname: flytedatacatalog + passwordPath: /etc/db/pass.txt + logger.yaml: | + # TODO this is used to control the log level logger: show-source: true - level: 5 + level: 2 + server.yaml: | datacatalog: storage-prefix: metadata/datacatalog metrics-scope: "datacatalog" profiler-port: 10254 application: grpcPort: 8089 - database: - port: 5432 - username: flyteadmin - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flytedatacatalog - password: spongebob + storage.yaml: | storage: - type: s3 - connection: - auth-type: iam - region: us-west-2 + type: stow + stow: + kind: google + config: + json: "" + # TODO: replace with the GCP project ID + project_id: + scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store + container: "flyte" + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size cache: - max_size_mbs: 64 + max_size_mbs: 512 target_gc_percent: 70 - container: "flyte-datacatalog" - + limits: + maxDownloadMBs: 10 kind: ConfigMap metadata: - name: datacatalog-config-86hg5m74g6 + annotations: {} + labels: {} + name: datacatalog-config-2tbm82k5t8 namespace: flyte --- apiVersion: v1 data: - flyteadmin_config.yaml: | + cluster_resources.yaml: | + cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m + db.yaml: | + database: + port: 5432 + username: flyte + # TODO Change this to match aurora or rds postgres endpoint + host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com + dbname: flyte + passwordPath: /etc/db/pass.txt + domain.yaml: | + domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production + logger.yaml: | + # TODO this is used to control the log level logger: show-source: true - level: 5 + level: 2 + remote_data.yaml: | + remoteData: + # TODO change this to match the region of the s3 bucket + region: "us-west-2" + scheme: aws + signedUrls: + durationMinutes: 3 + server.yaml: | server: httpPort: 8088 grpcPort: 8089 security: secure: false useAuth: false - allowCors: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" flyteadmin: roleNameKey: "iam.amazonaws.com/role" profilerPort: 10254 @@ -231,64 +620,43 @@ data: metadataStoragePrefix: - "metadata" - "admin" - database: - port: 5432 - username: flyteadmin - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flyteadmin - password: spongebob - remoteData: - region: "us-west-2" - scheme: aws - signedUrls: - durationMinutes: 3 + testing: + host: http://flyteadmin + storage.yaml: | storage: - type: s3 - connection: - auth-type: iam - region: us-west-2 + type: stow + stow: + kind: google + config: + json: "" + # TODO: replace with the GCP project ID + project_id: + scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store + container: "flyte" + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size cache: - max_size_mbs: 64 + max_size_mbs: 512 target_gc_percent: 70 - container: "flyte-admin" + limits: + maxDownloadMBs: 10 + task_resource_defaults.yaml: | task_resources: defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi + cpu: 1000m + memory: 1000Mi + storage: 1000Mi limits: cpu: 2 memory: 2G - storage: 20Mi - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m + storage: 2000Mi kind: ConfigMap metadata: - name: flyte-admin-config-2kctm97m74 + annotations: {} + labels: {} + name: flyte-admin-config-7dc4c2gt9f namespace: flyte --- apiVersion: v1 @@ -302,37 +670,34 @@ metadata: --- apiVersion: v1 data: - config.yaml: "" -kind: ConfigMap -metadata: - name: flyte-container-config-5k78b9cm42 - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | + admin.yaml: | + event: + type: admin + rate: 500 + capacity: 1000 + admin: + endpoint: flyteadmin:81 + insecure: true + catalog.yaml: | + catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true + catalog_cache.yaml: "plugins:\n catalogCache: \n reader:\n maxItems: 10000\n writer:\n maxItems: 10000\n" + copilot.yaml: | plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" k8s: - default-env-vars: - - AWS_RETRY_MODE: standard - - AWS_METADATA_SERVICE_TIMEOUT: 5 - - AWS_METADATA_SERVICE_NUM_ATTEMPTS: 20 -kind: ConfigMap -metadata: - name: flyte-plugin-config-dh9hm6bf64 - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | + co-pilot: + name: "flyte-copilot-" + image: "docker.io/lyft/flytecopilot:v0.3.35" + start-timeout: "30s" + core.yaml: | propeller: - rawoutput-prefix: s3://flyte-outputs - metadata-prefix: propeller/eks - workers: 4 - max-workflow-retries: 30 + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 40 + gc-interval: 12h + max-workflow-retries: 50 workflow-reeval-duration: 30s downstream-eval-duration: 30s limit-namespace: "all" @@ -347,63 +712,63 @@ data: lease-duration: 15s renew-deadline: 10s retry-period: 2s + kube-client-config: + qps: 100 + burst: 25 + timeout: 30s queue: type: batch batching-interval: 2s batch-size: -1 queue: - type: bucket - rate: 10 - capacity: 100 + type: maxof + rate: 100 + capacity: 1000 + base-delay: 5s + max-delay: 120s sub-queue: type: bucket - rate: 10 - capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager.flyte:6379 - hostKey: mypassword - logger: - show-source: true - level: 5 - storage: - type: s3 - connection: - auth-type: iam - region: us-west-2 - cache: - max_size_mbs: 1024 - target_gc_percent: 70 - container: "flyte-metadata" - limits: - maxDownloadMBs: 10 - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true + rate: 100 + capacity: 1000 + workflowStore: + policy: "ResourceVersionCache" + enabled_plugins.yaml: | tasks: + max-plugin-phase-versions: 1000000 task-plugins: enabled-plugins: - container - sidecar + - spark - k8s-array -kind: ConfigMap -metadata: - name: flyte-propeller-config-f55btmdgmg - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | + - pytorch + k8s.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi + logger.yaml: | + # TODO this is used to control the log level + logger: + show-source: true + level: 2 + qubole.yaml: | + plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" + resource_manager.yaml: | + propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + spark.yaml: | plugins: spark: spark-config-default: @@ -420,12 +785,50 @@ data: - spark.blacklist.enabled: "true" - spark.blacklist.timeout: "5m" - spark.task.maxfailures: "8" + storage.yaml: | + storage: + type: stow + stow: + kind: google + config: + json: "" + # TODO: replace with the GCP project ID + project_id: + scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store + container: "flyte" + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size + cache: + max_size_mbs: 512 + target_gc_percent: 70 + limits: + maxDownloadMBs: 10 + task_logs.yaml: | + plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" kind: ConfigMap metadata: - name: flyte-spark-config-h72bmtggc2 + annotations: {} + labels: {} + name: flyte-propeller-config-9mmhk7f684 namespace: flyte --- apiVersion: v1 +data: + pass.txt: eW91cnBhc3N3b3Jk +kind: Secret +metadata: + annotations: {} + labels: {} + name: db-pass-kdm4d5fcfb + namespace: flyte +type: Opaque +--- +apiVersion: v1 kind: Service metadata: annotations: @@ -444,17 +847,20 @@ spec: targetPort: 8089 selector: app: datacatalog - type: NodePort --- apiVersion: v1 kind: Service metadata: annotations: contour.heptio.com/upstream-protocol.h2c: grpc - service.beta.kubernetes.io/aws-load-balancer-internal: "true" + external-dns.alpha.kubernetes.io/hostname: flyteadmin.subdomain.mydomain.com + service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" + service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: sg-...,sg-...,sg-... name: flyteadmin namespace: flyte spec: + loadBalancerSourceRanges: + - 0.0.0.0 ports: - name: http port: 80 @@ -464,10 +870,6 @@ spec: port: 81 protocol: TCP targetPort: 8089 - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 selector: app: flyteadmin type: LoadBalancer @@ -475,16 +877,45 @@ spec: apiVersion: v1 kind: Service metadata: + annotations: + external-dns.alpha.kubernetes.io/hostname: flyte.subdomain.mydomain.com + service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" + service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: sg-....,sg-...,sg-... name: flyteconsole namespace: flyte spec: + loadBalancerSourceRanges: + - 0.0.0.0 ports: - - port: 80 + - name: http + port: 80 protocol: TCP targetPort: 8080 selector: app: flyteconsole - type: NodePort + type: LoadBalancer +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8443" + prometheus.io/scrape: "true" + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + ports: + - name: monitoring-port + port: 8443 + targetPort: 8443 + selector: + kustomize.component: pytorch-operator + name: pytorch-operator + type: ClusterIP --- apiVersion: v1 kind: Service @@ -503,6 +934,20 @@ spec: app: redis-resource-manager type: ClusterIP --- +apiVersion: v1 +kind: Service +metadata: + name: spark-webhook + namespace: flyte +spec: + ports: + - name: webhook + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -531,7 +976,7 @@ spec: - datacatalog - --logtostderr - --config - - /etc/datacatalog/config/datacatalog_config.yaml + - /etc/datacatalog/config/*.yaml - serve image: docker.io/lyft/datacatalog:v0.2.2 imagePullPolicy: IfNotPresent @@ -541,18 +986,20 @@ spec: - containerPort: 8089 resources: limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi + cpu: "2" + ephemeral-storage: 1000Mi + memory: 1Gi volumeMounts: - mountPath: /etc/datacatalog/config name: config-volume + - mountPath: /etc/db + name: db-pass initContainers: - command: - datacatalog - --logtostderr - --config - - /etc/datacatalog/config/datacatalog_config.yaml + - /etc/datacatalog/config/*.yaml - migrate - run image: docker.io/lyft/datacatalog:v0.2.2 @@ -561,13 +1008,17 @@ spec: volumeMounts: - mountPath: /etc/datacatalog/config name: config-volume + - mountPath: /etc/db + name: db-pass serviceAccountName: datacatalog volumes: - - emptyDir: {} - name: shared-data + - name: shared-data - configMap: - name: datacatalog-config-86hg5m74g6 + name: datacatalog-config-2tbm82k5t8 name: config-volume + - name: db-pass + secret: + secretName: db-pass-kdm4d5fcfb --- apiVersion: apps/v1 kind: Deployment @@ -597,7 +1048,7 @@ spec: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - serve image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent @@ -607,14 +1058,16 @@ spec: - containerPort: 8089 resources: limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi + cpu: "2" + ephemeral-storage: 1Gi + memory: 1Gi volumeMounts: - mountPath: /srv/flyte name: shared-data - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - sh - -c @@ -640,7 +1093,7 @@ spec: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - migrate - run image: docker.io/lyft/flyteadmin:v0.3.5 @@ -649,11 +1102,13 @@ spec: volumeMounts: - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - migrate - seed-projects - flytesnacks @@ -665,11 +1120,13 @@ spec: volumeMounts: - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - clusterresource - sync image: docker.io/lyft/flyteadmin:v0.3.5 @@ -680,16 +1137,20 @@ spec: name: resource-templates - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass serviceAccountName: flyteadmin volumes: + - name: shared-data - configMap: - name: clusterresource-template-m2kccc465f - name: resource-templates - - emptyDir: {} - name: shared-data - - configMap: - name: flyte-admin-config-2kctm97m74 + name: flyte-admin-config-7dc4c2gt9f name: config-volume + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates + - name: db-pass + secret: + secretName: db-pass-kdm4d5fcfb --- apiVersion: apps/v1 kind: Deployment @@ -718,11 +1179,6 @@ spec: name: flyteconsole ports: - containerPort: 8080 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 150Mi volumeMounts: - mountPath: /srv/flyte name: shared-data @@ -755,7 +1211,7 @@ spec: containers: - args: - --config - - /etc/flyte/config*/config.yaml + - /etc/flyte/config/*.yaml command: - flytepropeller env: @@ -768,29 +1224,111 @@ spec: name: flytepropeller ports: - containerPort: 10254 + resources: + limits: + cpu: "2" + ephemeral-storage: 1Gi + memory: 4Gi volumeMounts: - - mountPath: /etc/flyte/config-container - name: container-config-volume - - mountPath: /etc/flyte/config-spark - name: spark-config-volume - mountPath: /etc/flyte/config name: config-volume - - mountPath: /etc/flyte/config-plugin - name: plugin-config-volume serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-container-config-5k78b9cm42 - name: container-config-volume - - configMap: - name: flyte-spark-config-h72bmtggc2 - name: spark-config-volume - - configMap: - name: flyte-propeller-config-f55btmdgmg + name: flyte-propeller-config-9mmhk7f684 name: config-volume - - configMap: - name: flyte-plugin-config-dh9hm6bf64 - name: plugin-config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + kustomize.component: pytorch-operator + name: pytorch-operator + template: + metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + spec: + containers: + - command: + - /pytorch-operator.v1 + - --alsologtostderr + - -v=1 + - --monitoring-port=8443 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f + name: pytorch-operator + serviceAccountName: pytorch-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - args: + - -logtostderr + - -v=2 + - -controller-threads=20 + - -enable-metrics=true + - '-metrics-prefix=service:' + - -metrics-labels=task_name + - -metrics-labels=workflow_name + - -enable-webhook=true + - -webhook-svc-namespace=sparkoperator + command: + - /usr/bin/spark-operator + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: Always + name: sparkoperator-unknown + ports: + - containerPort: 10254 + - containerPort: 8080 + volumeMounts: + - mountPath: /etc/webhook-certs + name: webhook-certs + serviceAccountName: sparkoperator + volumes: + - name: webhook-certs + secret: + secretName: spark-webhook-certs --- apiVersion: apps/v1 kind: StatefulSet @@ -867,7 +1405,7 @@ spec: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - clusterresource - sync image: docker.io/lyft/flyteadmin:v0.3.5 @@ -878,17 +1416,50 @@ spec: name: resource-templates - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass restartPolicy: OnFailure serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template-m2kccc465f + name: clusterresource-template-kf62ttf64k name: resource-templates - configMap: - name: flyte-admin-config-2kctm97m74 + name: flyte-admin-config-7dc4c2gt9f name: config-volume + - name: db-pass + secret: + secretName: db-pass-kdm4d5fcfb schedule: '*/1 * * * *' --- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator-init + namespace: flyte +spec: + backoffLimit: 3 + template: + metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - command: + - /usr/bin/gencerts.sh + - --namespace + - flyte + - -p + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: IfNotPresent + name: main + restartPolicy: Never + serviceAccountName: sparkoperator +--- apiVersion: extensions/v1beta1 kind: Ingress metadata: @@ -896,8 +1467,7 @@ metadata: alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/tags: service_instance=production kubernetes.io/ingress.class: alb - labels: - app: flyteadmin + nginx.ingress.kubernetes.io/ssl-redirect: "false" name: flytesystem namespace: flyte spec: @@ -908,10 +1478,6 @@ spec: serviceName: flyteconsole servicePort: 80 path: /console - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /console/* - backend: serviceName: flyteconsole servicePort: 80 @@ -919,7 +1485,7 @@ spec: - backend: serviceName: flyteadmin servicePort: 80 - path: /api/* + path: /api - backend: serviceName: flyteadmin servicePort: 80 @@ -927,12 +1493,12 @@ spec: - backend: serviceName: flyteadmin servicePort: 80 - path: /v1/* + path: /v1 - backend: serviceName: flyteadmin servicePort: 81 - path: /flyteidl.service.AdminService/* + path: /flyteidl.service.AdminService - backend: serviceName: flyteadmin servicePort: 87 - path: /openapi/* + path: /openapi diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index e5d688bf5a..2f5c89fad0 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -8,6 +8,11 @@ spec: status: phase: Active --- +apiVersion: v1 +kind: Namespace +metadata: + name: sparkoperator +--- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -23,6 +28,65 @@ spec: scope: Namespaced version: v1alpha1 --- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: pytorchjobs.kubeflow.org +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[-1:].type + name: State + type: string + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: kubeflow.org + names: + kind: PyTorchJob + plural: pytorchjobs + singular: pytorchjob + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + pytorchReplicaSpecs: + properties: + Master: + properties: + replicas: + maximum: 1 + minimum: 1 + type: integer + Worker: + properties: + replicas: + minimum: 1 + type: integer + versions: + - name: v1 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sparkapplications.sparkoperator.k8s.io +spec: + group: sparkoperator.k8s.io + names: + kind: SparkApplication + listKind: SparkApplicationList + plural: sparkapplications + shortNames: + - sparkapp + singular: sparkapplication + scope: Namespaced + version: v1beta1 +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -41,6 +105,21 @@ metadata: name: flytepropeller namespace: flyte --- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sparkoperator + namespace: flyte +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -126,6 +205,172 @@ rules: - post - deletecollection --- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" + name: kubeflow-pytorchjobs-admin +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" + name: kubeflow-pytorchjobs-edit +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" + name: kubeflow-pytorchjobs-view +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - events + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: sparkoperator +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + - configmaps + - secrets + verbs: + - create + - get + - delete +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - create + - get + - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - update + - delete + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - update + - delete +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - update + - delete +- apiGroups: + - sparkoperator.k8s.io + resources: + - sparkapplications + - scheduledsparkapplications + verbs: + - '*' +--- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: @@ -154,6 +399,35 @@ subjects: name: flytepropeller namespace: flyte --- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pytorch-operator +subjects: +- kind: ServiceAccount + name: pytorch-operator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: sparkoperator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sparkoperator +subjects: +- kind: ServiceAccount + name: sparkoperator + namespace: flyte +--- apiVersion: v1 data: aa_namespace.yaml: | @@ -164,23 +438,88 @@ data: spec: finalizers: - kubernetes + ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ac_project-copilot-dataconfig.yaml: | + kind: ConfigMap + apiVersion: v1 + metadata: + name: flyte-data-config + namespace: {{ namespace }} + data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true + ad_spark-role.yaml: | + apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: Role + metadata: + name: spark-role + namespace: {{ namespace }} + rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - '*' + - apiGroups: + - "" + resources: + - services + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' + ae_spark-service-account.yaml: | + apiVersion: v1 + kind: ServiceAccount + metadata: + name: spark + namespace: {{ namespace }} + af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" kind: ConfigMap metadata: - name: clusterresource-template-dgc9fcm2kh + annotations: {} + labels: {} + name: clusterresource-template-kf62ttf64k namespace: flyte --- apiVersion: v1 data: - datacatalog_config.yaml: | + db.yaml: | + database: + port: 5432 + username: flyte + host: cloudsqlproxy + dbname: datacatalog + options: "sslmode=disable" + passwordPath: /etc/db/pass.txt + logger.yaml: | + # TODO this is used to control the log level logger: show-source: true - level: 5 + level: 2 + server.yaml: | datacatalog: storage-prefix: metadata/datacatalog metrics-scope: "datacatalog" profiler-port: 10254 application: grpcPort: 8089 + storage.yaml: | storage: type: stow stow: @@ -190,25 +529,69 @@ data: # TODO: replace with the GCP project ID project_id: scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store container: "flyte" - database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: datacatalog - options: "sslmode=disable" - passwordPath: /etc/gcp/db_pwd.txt + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size + cache: + max_size_mbs: 512 + target_gc_percent: 70 + limits: + maxDownloadMBs: 10 kind: ConfigMap metadata: - name: datacatalog-config-9b44c6f976 + annotations: {} + labels: {} + name: datacatalog-config-f58d6c6kmf namespace: flyte --- apiVersion: v1 data: - flyteadmin_config.yaml: | + cluster_resources.yaml: | + cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m + db.yaml: | + database: + port: 5432 + username: flyte + host: cloudsqlproxy + dbname: flyte + passwordPath: /etc/db/pass.txt + domain.yaml: | + domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production + logger.yaml: | + # TODO this is used to control the log level logger: show-source: true - level: 5 + level: 2 + remote_data.yaml: | + remoteData: + scheme: "gcp" + server.yaml: | server: httpPort: 8088 grpcPort: 8089 @@ -217,8 +600,10 @@ data: useAuth: false allowCors: true allowedOrigins: - # TODO: use real origin - - http://flyte.example.com + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" flyteadmin: roleNameKey: "iam.amazonaws.com/role" profilerPort: 10254 @@ -228,15 +613,7 @@ data: - "admin" testing: host: http://flyteadmin - database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: flyte - options: "sslmode=disable" - passwordPath: /etc/gcp/db_pwd.txt - remoteData: - scheme: "gcp" + storage.yaml: | storage: type: stow stow: @@ -246,35 +623,35 @@ data: # TODO: replace with the GCP project ID project_id: scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store container: "flyte" + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size + cache: + max_size_mbs: 512 + target_gc_percent: 70 + limits: + maxDownloadMBs: 10 + task_resource_defaults.yaml: | task_resources: defaults: cpu: 1000m memory: 1000Mi - storage: 5Mi + storage: 1000Mi limits: cpu: 2 memory: 2G - storage: 20Mi - task_type_whitelist: {} - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - refresh: 5m + storage: 2000Mi kind: ConfigMap metadata: - name: flyte-admin-config-9k6mm9665h + annotations: {} + labels: {} + name: flyte-admin-config-47tcf7gdg9 namespace: flyte --- apiVersion: v1 data: - ADMIN_API_URL: http://flyteadmin-internal-lb BASE_URL: /console CONFIG_DIR: /etc/flyte/config kind: ConfigMap @@ -284,40 +661,34 @@ metadata: --- apiVersion: v1 data: - config.yaml: | + admin.yaml: | + event: + type: admin + rate: 500 + capacity: 1000 + admin: + endpoint: flyteadmin:81 + insecure: true + catalog.yaml: | + catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true + catalog_cache.yaml: "plugins:\n catalogCache: \n reader:\n maxItems: 10000\n writer:\n maxItems: 10000\n" + copilot.yaml: | plugins: - logs: - # Log links can link to multiple options - # #1 Kubernetes dashboard - kubernetes-enabled: false - # #2 GCP stackdriver - stackdriver-enabled: true - # TODO: replace with the GCP project ID - gcp-project: - stackdriver-logresourcename: k8s_container k8s: - default-annotations: - # Example annotation that will be applied to every k8s resource launched - - flyte.lyft.net/deployment: gke - # Example Environment variables that will be applied to every container executed on k8s - default-env-vars: - - FLYTE_CLOUD_PLATFORM: gcp co-pilot: name: "flyte-copilot-" image: "docker.io/lyft/flytecopilot:v0.3.35" start-timeout: "30s" -kind: ConfigMap -metadata: - name: flyte-plugin-config-88gb5kg2gc - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | + core.yaml: | propeller: + rawoutput-prefix: s3://my-s3-bucket/ metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 + workers: 40 + gc-interval: 12h + max-workflow-retries: 50 workflow-reeval-duration: 30s downstream-eval-duration: 30s limit-namespace: "all" @@ -332,21 +703,80 @@ data: lease-duration: 15s renew-deadline: 10s retry-period: 2s + kube-client-config: + qps: 100 + burst: 25 + timeout: 30s queue: type: batch batching-interval: 2s batch-size: -1 queue: - type: bucket - rate: 10 - capacity: 100 + type: maxof + rate: 100 + capacity: 1000 + base-delay: 5s + max-delay: 120s sub-queue: type: bucket - rate: 10 - capacity: 100 + rate: 100 + capacity: 1000 + workflowStore: + policy: "ResourceVersionCache" + enabled_plugins.yaml: | + tasks: + max-plugin-phase-versions: 1000000 + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array + - pytorch + k8s.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi + logger.yaml: | + # TODO this is used to control the log level logger: show-source: true - level: 5 + level: 2 + qubole.yaml: | + plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" + resource_manager.yaml: | + propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + spark.yaml: | + plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" + storage.yaml: | storage: type: stow stow: @@ -356,28 +786,38 @@ data: # TODO: replace with the GCP project ID project_id: scopes: https://www.googleapis.com/auth/devstorage.read_write + # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store container: "flyte" - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array + # NOTE this cache configuration is purely for propeller. But since we are having a common storage + # config, we are configuring this value. In production create a separate storage config for + # propeller and increase the cache size + cache: + max_size_mbs: 512 + target_gc_percent: 70 + limits: + maxDownloadMBs: 10 + task_logs.yaml: | + plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" kind: ConfigMap metadata: - name: flyte-propeller-config-hbtgkfm7gg + annotations: {} + labels: {} + name: flyte-propeller-config-9mmhk7f684 + namespace: flyte +--- +apiVersion: v1 +data: + pass.txt: eW91cnBhc3N3b3Jk +kind: Secret +metadata: + annotations: {} + labels: {} + name: db-pass-kdm4d5fcfb namespace: flyte +type: Opaque --- apiVersion: v1 kind: Service @@ -438,13 +878,6 @@ metadata: namespace: flyte spec: ports: - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - - name: http-metrics - port: 10254 - protocol: TCP - name: http port: 80 protocol: TCP @@ -453,6 +886,13 @@ spec: port: 81 protocol: TCP targetPort: 8089 + - name: redoc + port: 87 + protocol: TCP + targetPort: 8087 + - name: http-metrics + port: 10254 + protocol: TCP selector: app: flyteadmin type: LoadBalancer @@ -469,6 +909,13 @@ spec: - port: 80 protocol: TCP targetPort: 8080 + - name: redoc + port: 87 + protocol: TCP + targetPort: 8087 + - name: http-metrics + port: 10254 + protocol: TCP selector: app: flyteconsole type: LoadBalancer @@ -489,6 +936,59 @@ spec: app: flytepropeller type: LoadBalancer --- +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8443" + prometheus.io/scrape: "true" + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + ports: + - name: monitoring-port + port: 8443 + targetPort: 8443 + selector: + kustomize.component: pytorch-operator + name: pytorch-operator + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + name: spark-webhook + namespace: flyte +spec: + ports: + - name: webhook + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -544,7 +1044,7 @@ spec: - datacatalog - --logtostderr - --config - - /etc/datacatalog/config/datacatalog_config.yaml + - /etc/datacatalog/config/*.yaml - serve image: docker.io/lyft/datacatalog:v0.2.2 imagePullPolicy: IfNotPresent @@ -554,48 +1054,39 @@ spec: - containerPort: 8089 resources: limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi + cpu: "2" + ephemeral-storage: 1000Mi + memory: 1Gi volumeMounts: - - mountPath: /etc/gcp - name: db-user-pass - mountPath: /etc/datacatalog/config name: config-volume + - mountPath: /etc/db + name: db-pass initContainers: - - command: - - sh - - -c - - until pg_isready -h cloudsqlproxy -p 5432; do echo waiting for database; - sleep 2; done; - image: postgres:10.1 - imagePullPolicy: IfNotPresent - name: check-db-ready - command: - datacatalog - --logtostderr - --config - - /etc/datacatalog/config/datacatalog_config.yaml + - /etc/datacatalog/config/*.yaml - migrate - run image: docker.io/lyft/datacatalog:v0.2.2 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: - - mountPath: /etc/gcp - name: db-user-pass - mountPath: /etc/datacatalog/config name: config-volume + - mountPath: /etc/db + name: db-pass serviceAccountName: datacatalog volumes: - - name: db-user-pass - secret: - secretName: db-user-pass - - emptyDir: {} - name: shared-data + - name: shared-data - configMap: - name: datacatalog-config-9b44c6f976 + name: datacatalog-config-f58d6c6kmf name: config-volume + - name: db-pass + secret: + secretName: db-pass-kdm4d5fcfb --- apiVersion: apps/v1 kind: Deployment @@ -625,7 +1116,7 @@ spec: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - serve image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent @@ -635,16 +1126,16 @@ spec: - containerPort: 8089 resources: limits: - cpu: "1" - ephemeral-storage: 100Mi - memory: 200Mi + cpu: "2" + ephemeral-storage: 1Gi + memory: 1Gi volumeMounts: - - mountPath: /etc/gcp - name: db-user-pass - mountPath: /srv/flyte name: shared-data - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - sh - -c @@ -666,34 +1157,26 @@ spec: cpu: "0.1" memory: 200Mi initContainers: - - command: - - sh - - -c - - until pg_isready -h cloudsqlproxy -p 5432; do echo waiting for database; - sleep 2; done; - image: postgres:10.1 - imagePullPolicy: IfNotPresent - name: check-db-ready - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - migrate - run image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: - - mountPath: /etc/gcp - name: db-user-pass - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - migrate - seed-projects - flytesnacks @@ -705,13 +1188,13 @@ spec: volumeMounts: - mountPath: /etc/flyte/config name: config-volume - - mountPath: /etc/gcp - name: db-user-pass + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - clusterresource - sync image: docker.io/lyft/flyteadmin:v0.3.5 @@ -722,21 +1205,20 @@ spec: name: resource-templates - mountPath: /etc/flyte/config name: config-volume - - mountPath: /etc/gcp - name: db-user-pass + - mountPath: /etc/db + name: db-pass serviceAccountName: flyteadmin volumes: - - name: db-user-pass - secret: - secretName: db-user-pass + - name: shared-data - configMap: - name: clusterresource-template-dgc9fcm2kh - name: resource-templates - - emptyDir: {} - name: shared-data - - configMap: - name: flyte-admin-config-9k6mm9665h + name: flyte-admin-config-47tcf7gdg9 name: config-volume + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates + - name: db-pass + secret: + secretName: db-pass-kdm4d5fcfb --- apiVersion: apps/v1 kind: Deployment @@ -765,11 +1247,6 @@ spec: name: flyteconsole ports: - containerPort: 8080 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 150Mi volumeMounts: - mountPath: /srv/flyte name: shared-data @@ -802,7 +1279,7 @@ spec: containers: - args: - --config - - /etc/flyte/config*/config.yaml + - /etc/flyte/config/*.yaml command: - flytepropeller env: @@ -817,22 +1294,169 @@ spec: - containerPort: 10254 resources: limits: - cpu: "1" - ephemeral-storage: 1000Mi - memory: 1000Mi + cpu: "2" + ephemeral-storage: 1Gi + memory: 4Gi volumeMounts: - mountPath: /etc/flyte/config name: config-volume - - mountPath: /etc/flyte/config-plugin - name: plugin-config-volume serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-hbtgkfm7gg + name: flyte-propeller-config-9mmhk7f684 name: config-volume - - configMap: - name: flyte-plugin-config-88gb5kg2gc - name: plugin-config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + kustomize.component: pytorch-operator + name: pytorch-operator + template: + metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + spec: + containers: + - command: + - /pytorch-operator.v1 + - --alsologtostderr + - -v=1 + - --monitoring-port=8443 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f + name: pytorch-operator + serviceAccountName: pytorch-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - args: + - -logtostderr + - -v=2 + - -controller-threads=20 + - -enable-metrics=true + - '-metrics-prefix=service:' + - -metrics-labels=task_name + - -metrics-labels=workflow_name + - -enable-webhook=true + - -webhook-svc-namespace=sparkoperator + command: + - /usr/bin/spark-operator + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: Always + name: sparkoperator-unknown + ports: + - containerPort: 10254 + - containerPort: 8080 + volumeMounts: + - mountPath: /etc/webhook-certs + name: webhook-certs + serviceAccountName: sparkoperator + volumes: + - name: webhook-certs + secret: + secretName: spark-webhook-certs +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - emptyDir: {} + name: redis-data --- apiVersion: batch/v1beta1 kind: CronJob @@ -849,7 +1473,7 @@ spec: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - clusterresource - sync image: docker.io/lyft/flyteadmin:v0.3.5 @@ -860,18 +1484,86 @@ spec: name: resource-templates - mountPath: /etc/flyte/config name: config-volume - - mountPath: /etc/gcp - name: db-user-pass + - mountPath: /etc/db + name: db-pass restartPolicy: OnFailure serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template-dgc9fcm2kh + name: clusterresource-template-kf62ttf64k name: resource-templates - configMap: - name: flyte-admin-config-9k6mm9665h + name: flyte-admin-config-47tcf7gdg9 name: config-volume - - name: db-user-pass + - name: db-pass secret: - secretName: db-user-pass + secretName: db-pass-kdm4d5fcfb schedule: '*/1 * * * *' +--- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator-init + namespace: flyte +spec: + backoffLimit: 3 + template: + metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - command: + - /usr/bin/gencerts.sh + - --namespace + - flyte + - -p + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: IfNotPresent + name: main + restartPolicy: Never + serviceAccountName: sparkoperator +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: flytesystem + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /console + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /__webpack_hmr + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /api + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /healthcheck + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /v1 + - backend: + serviceName: flyteadmin + servicePort: 81 + path: /flyteidl.service.AdminService + - backend: + serviceName: flyteadmin + servicePort: 87 + path: /openapi diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml index e69de29bb2..969af405de 100644 --- a/deployment/sandbox/flyte_generated.yaml +++ b/deployment/sandbox/flyte_generated.yaml @@ -0,0 +1,1881 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: flyte +spec: + finalizers: + - kubernetes +status: + phase: Active +--- +apiVersion: v1 +kind: Namespace +metadata: + name: heptio-contour +--- +apiVersion: v1 +kind: Namespace +metadata: + name: sparkoperator +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: flyteworkflows.flyte.lyft.com +spec: + group: flyte.lyft.com + names: + kind: FlyteWorkflow + plural: flyteworkflows + shortNames: + - fly + singular: flyteworkflow + scope: Namespaced + version: v1alpha1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + component: ingressroute + name: ingressroutes.contour.heptio.com +spec: + additionalPrinterColumns: + - JSONPath: .spec.virtualhost.fqdn + description: Fully qualified domain name + name: FQDN + type: string + - JSONPath: .spec.virtualhost.tls.secretName + description: Secret with TLS credentials + name: TLS Secret + type: string + - JSONPath: .spec.routes[0].match + description: First routes defined + name: First route + type: string + - JSONPath: .status.currentStatus + description: The current status of the IngressRoute + name: Status + type: string + - JSONPath: .status.description + description: Description of the current status + name: Status Description + type: string + group: contour.heptio.com + names: + kind: IngressRoute + plural: ingressroutes + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + routes: + items: + properties: + delegate: + properties: + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + namespace: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name + type: object + match: + pattern: ^\/.*$ + type: string + services: + items: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + port: + type: integer + strategy: + enum: + - RoundRobin + - WeightedLeastRequest + - Random + - RingHash + - Maglev + type: string + weight: + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: array + strategy: + enum: + - RoundRobin + - LeastRequest + - Random + - RingHash + - Maglev + type: string + virtualhost: + properties: + aliases: + items: + pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ + type: string + type: array + fqdn: + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ + type: string + required: + - routes + version: v1beta1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: pytorchjobs.kubeflow.org +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[-1:].type + name: State + type: string + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: kubeflow.org + names: + kind: PyTorchJob + plural: pytorchjobs + singular: pytorchjob + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + pytorchReplicaSpecs: + properties: + Master: + properties: + replicas: + maximum: 1 + minimum: 1 + type: integer + Worker: + properties: + replicas: + minimum: 1 + type: integer + versions: + - name: v1 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sparkapplications.sparkoperator.k8s.io +spec: + group: sparkoperator.k8s.io + names: + kind: SparkApplication + listKind: SparkApplicationList + plural: sparkapplications + shortNames: + - sparkapp + singular: sparkapplication + scope: Namespaced + version: v1beta1 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: contour + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: datacatalog + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flyteadmin + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flytepropeller + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sparkoperator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flyteadmin + namespace: flyte +rules: +- apiGroups: + - "" + - flyte.lyft.com + - rbac.authorization.k8s.io + resources: + - configmaps + - flyteworkflows + - namespaces + - pods + - resourcequotas + - roles + - rolebindings + - secrets + - services + - serviceaccounts + - spark-role + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flytepropeller +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - delete + - patch +- apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - delete + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - update +- apiGroups: + - flyte.lyft.com + resources: + - flyteworkflows + verbs: + - get + - list + - watch + - create + - update + - delete + - patch + - post + - deletecollection +--- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" + name: kubeflow-pytorchjobs-admin +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" + name: kubeflow-pytorchjobs-edit +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" + name: kubeflow-pytorchjobs-view +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: contour +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - contour.heptio.com + resources: + - ingressroutes + verbs: + - get + - list + - watch + - put + - post + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - events + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: sparkoperator +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + - configmaps + - secrets + verbs: + - create + - get + - delete +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - create + - get + - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - update + - delete + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - update + - delete +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - update + - delete +- apiGroups: + - sparkoperator.k8s.io + resources: + - sparkapplications + - scheduledsparkapplications + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flyteadmin-binding + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyteadmin +subjects: +- kind: ServiceAccount + name: flyteadmin + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flytepropeller + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flytepropeller +subjects: +- kind: ServiceAccount + name: flytepropeller + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: contour +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: contour +subjects: +- kind: ServiceAccount + name: contour + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pytorch-operator +subjects: +- kind: ServiceAccount + name: pytorch-operator + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: sparkoperator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sparkoperator +subjects: +- kind: ServiceAccount + name: sparkoperator + namespace: flyte +--- +apiVersion: v1 +data: + aa_namespace.yaml: | + apiVersion: v1 + kind: Namespace + metadata: + name: {{ namespace }} + spec: + finalizers: + - kubernetes + ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ac_project-copilot-dataconfig.yaml: | + kind: ConfigMap + apiVersion: v1 + metadata: + name: flyte-data-config + namespace: {{ namespace }} + data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true + ad_spark-role.yaml: | + apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: Role + metadata: + name: spark-role + namespace: {{ namespace }} + rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - '*' + - apiGroups: + - "" + resources: + - services + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' + ae_spark-service-account.yaml: | + apiVersion: v1 + kind: ServiceAccount + metadata: + name: spark + namespace: {{ namespace }} + af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: clusterresource-template-kf62ttf64k + namespace: flyte +--- +apiVersion: v1 +data: + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable + logger.yaml: | + logger: + show-source: true + level: 2 + server.yaml: | + datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 + application: + grpcPort: 8089 + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: datacatalog-config-dcg96ktb98 + namespace: flyte +--- +apiVersion: v1 +data: + cluster_resources.yaml: | + cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable + domain.yaml: | + domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production + logger.yaml: | + logger: + show-source: true + level: 2 + remote_data.yaml: | + remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 + server.yaml: | + server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" + flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + + task_resource_defaults.yaml: | + task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: flyte-admin-config-d9gm4tcktm + namespace: flyte +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config + namespace: flyte +--- +apiVersion: v1 +data: + admin.yaml: | + event: + type: admin + rate: 500 + capacity: 1000 + admin: + endpoint: flyteadmin:81 + insecure: true + catalog.yaml: | + catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true + copilot.yaml: | + plugins: + k8s: + co-pilot: + name: "flyte-copilot-" + image: "docker.io/lyft/flytecopilot:v0.3.35" + start-timeout: "30s" + core.yaml: | + propeller: + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 4 + max-workflow-retries: 30 + workflow-reeval-duration: 30s + downstream-eval-duration: 30s + limit-namespace: "all" + prof-port: 10254 + metrics-prefix: flyte + enable-admin-launcher: true + leader-election: + lock-config-map: + name: propeller-leader + namespace: flyte + enabled: true + lease-duration: 15s + renew-deadline: 10s + retry-period: 2s + queue: + type: batch + batching-interval: 2s + batch-size: -1 + queue: + type: bucket + rate: 10 + capacity: 100 + sub-queue: + type: bucket + rate: 10 + capacity: 100 + enabled_plugins.yaml: | + tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array + - pytorch + k8s.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi + logger.yaml: | + logger: + show-source: true + level: 2 + qubole.yaml: | + plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" + resource_manager.yaml: | + propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + spark.yaml: | + plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + + task_logs.yaml: | + plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: flyte-propeller-config-hddmcg6mgh + namespace: flyte +--- +apiVersion: v1 +data: + pass.txt: YXdlc29tZXNhdWNl +kind: Secret +metadata: + name: db-pass-8mb4h2b9hf + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: datacatalog + namespace: flyte +spec: + ports: + - name: http + port: 88 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 89 + protocol: TCP + targetPort: 8089 + selector: + app: datacatalog +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: flyteadmin + namespace: flyte +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 81 + protocol: TCP + targetPort: 8089 + - name: redoc + port: 87 + protocol: TCP + targetPort: 8087 + selector: + app: flyteadmin +--- +apiVersion: v1 +kind: Service +metadata: + name: flyteconsole + namespace: flyte +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: flyteconsole +--- +apiVersion: v1 +kind: Service +metadata: + name: minio + namespace: flyte +spec: + externalName: minio + ports: + - port: 9000 + selector: + app: minio +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: minio + name: minio-direct + namespace: flyte +spec: + ports: + - nodePort: 30084 + port: 9000 + protocol: TCP + selector: + app: minio + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: flyte +spec: + ports: + - port: 5432 + selector: + app: postgres +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgres + name: postgres-direct + namespace: flyte +spec: + ports: + - nodePort: 30083 + port: 5432 + protocol: TCP + selector: + app: postgres + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8443" + prometheus.io/scrape: "true" + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + ports: + - name: monitoring-port + port: 8443 + targetPort: 8443 + selector: + kustomize.component: pytorch-operator + name: pytorch-operator + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + name: spark-webhook + namespace: flyte +spec: + ports: + - name: webhook + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: datacatalog + name: datacatalog + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: datacatalog + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: datacatalog + app.kubernetes.io/name: datacatalog + app.kubernetes.io/version: 0.2.2 + spec: + containers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - serve + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: datacatalog + ports: + - containerPort: 8088 + - containerPort: 8089 + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + - mountPath: /etc/db + name: db-pass + initContainers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - migrate + - run + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + - mountPath: /etc/db + name: db-pass + serviceAccountName: datacatalog + volumes: + - emptyDir: {} + name: shared-data + - configMap: + name: datacatalog-config-dcg96ktb98 + name: config-volume + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteadmin + name: flyteadmin + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteadmin + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flyteadmin + app.kubernetes.io/name: flyteadmin + app.kubernetes.io/version: 0.3.4 + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - serve + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: flyteadmin + ports: + - containerPort: 8088 + - containerPort: 8089 + resources: + limits: + cpu: "0.1" + ephemeral-storage: 100Mi + memory: 200Mi + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - sh + - -c + - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh + env: + - name: PAGE_TITLE + value: Flyte Admin OpenAPI + - name: SPEC_URL + value: /api/v1/openapi + - name: PORT + value: "8087" + image: docker.io/redocly/redoc + imagePullPolicy: IfNotPresent + name: redoc + ports: + - containerPort: 8087 + resources: + limits: + cpu: "0.1" + memory: 200Mi + initContainers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - run + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - seed-projects + - flytesnacks + - flytetester + - flyteexamples + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: seed-projects + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - sh + - -c + - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; + image: postgres:10.1 + name: check-db-ready + serviceAccountName: flyteadmin + volumes: + - name: shared-data + - configMap: + name: flyte-admin-config-d9gm4tcktm + name: config-volume + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteconsole + name: flyteconsole + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteconsole + template: + metadata: + labels: + app: flyteconsole + app.kubernetes.io/name: flyteconsole + app.kubernetes.io/version: 0.11.0 + spec: + containers: + - envFrom: + - configMapRef: + name: flyte-console-config + image: docker.io/lyft/flyteconsole:v0.11.0 + name: flyteconsole + ports: + - containerPort: 8080 + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + volumes: + - emptyDir: {} + name: shared-data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flytepropeller + name: flytepropeller + namespace: flyte +spec: + selector: + matchLabels: + app: flytepropeller + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flytepropeller + app.kubernetes.io/name: flytepropeller + app.kubernetes.io/version: 0.3.12 + spec: + containers: + - args: + - --config + - /etc/flyte/config/*.yaml + command: + - flytepropeller + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: docker.io/lyft/flytepropeller:v0.3.12 + imagePullPolicy: IfNotPresent + name: flytepropeller + ports: + - containerPort: 10254 + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + serviceAccountName: flytepropeller + volumes: + - configMap: + name: flyte-propeller-config-hddmcg6mgh + name: config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: minio + namespace: flyte +spec: + selector: + matchLabels: + app: minio + template: + metadata: + labels: + app: minio + spec: + containers: + - args: + - server + - /data + env: + - name: MINIO_ACCESS_KEY + value: minio + - name: MINIO_SECRET_KEY + value: miniostorage + image: minio/minio:RELEASE.2019-06-04T01-15-58Z + name: minio + ports: + - containerPort: 9000 + name: minio + volumeMounts: + - mountPath: /data + name: minio-storage + volumes: + - emptyDir: {} + name: minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: flyte +spec: + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - image: postgres:10.1 + name: postgres + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-storage + volumes: + - emptyDir: {} + name: postgres-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + kustomize.component: pytorch-operator + name: pytorch-operator + template: + metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + spec: + containers: + - command: + - /pytorch-operator.v1 + - --alsologtostderr + - -v=1 + - --monitoring-port=8443 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f + name: pytorch-operator + serviceAccountName: pytorch-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - args: + - -logtostderr + - -v=2 + - -controller-threads=20 + - -enable-metrics=true + - '-metrics-prefix=service:' + - -metrics-labels=task_name + - -metrics-labels=workflow_name + - -enable-webhook=true + - -webhook-svc-namespace=sparkoperator + command: + - /usr/bin/spark-operator + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: Always + name: sparkoperator-unknown + ports: + - containerPort: 10254 + - containerPort: 8080 + volumeMounts: + - mountPath: /etc/webhook-certs + name: webhook-certs + serviceAccountName: sparkoperator + volumes: + - name: webhook-certs + secret: + secretName: spark-webhook-certs +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - emptyDir: {} + name: redis-data +--- +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: syncresources + namespace: flyte +spec: + jobTemplate: + spec: + template: + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + restartPolicy: OnFailure + serviceAccountName: flyteadmin + volumes: + - configMap: + name: clusterresource-template-kf62ttf64k + name: resource-templates + - configMap: + name: flyte-admin-config-d9gm4tcktm + name: config-volume + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf + schedule: '*/1 * * * *' +--- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator-init + namespace: flyte +spec: + backoffLimit: 3 + template: + metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - command: + - /usr/bin/gencerts.sh + - --namespace + - flyte + - -p + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: IfNotPresent + name: main + restartPolicy: Never + serviceAccountName: sparkoperator +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: flytesystem + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /console + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /__webpack_hmr + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /api + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /healthcheck + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /v1 + - backend: + serviceName: flyteadmin + servicePort: 81 + path: /flyteidl.service.AdminService + - backend: + serviceName: flyteadmin + servicePort: 87 + path: /openapi +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: minio + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: minio + servicePort: 9000 + path: /minio diff --git a/deployment/test/flyte_generated.yaml b/deployment/test/flyte_generated.yaml index b2af084966..7341682687 100644 --- a/deployment/test/flyte_generated.yaml +++ b/deployment/test/flyte_generated.yaml @@ -166,20 +166,26 @@ spec: apiVersion: v1 kind: ServiceAccount metadata: - name: flyteadmin + name: contour namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flytepropeller + name: datacatalog namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: contour - namespace: heptio-contour + name: flyteadmin + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flytepropeller + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -355,7 +361,7 @@ roleRef: subjects: - kind: ServiceAccount name: contour - namespace: heptio-contour + namespace: flyte --- apiVersion: v1 data: @@ -367,9 +373,7 @@ data: spec: finalizers: - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n - \ name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: - {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" ac_project-copilot-dataconfig.yaml: | kind: ConfigMap apiVersion: v1 @@ -389,52 +393,100 @@ data: type: minio container: my-s3-bucket enable-multicontainer: true - ad_spark-role.yaml: | - apiVersion: rbac.authorization.k8s.io/v1beta1 - kind: Role - metadata: - name: spark-role - namespace: {{ namespace }} - rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - '*' - - apiGroups: - - "" - resources: - - services - verbs: - - '*' - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' - ae_spark-service-account.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: spark - namespace: {{ namespace }} - af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: - RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace - }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- - kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" kind: ConfigMap metadata: - name: clusterresource-template-kf62ttf64k + annotations: {} + labels: {} + name: clusterresource-template-9mbg4b2fhc namespace: flyte --- apiVersion: v1 data: - flyteadmin_config.yaml: | + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable + logger.yaml: | logger: show-source: true - level: 5 + level: 2 + server.yaml: | + datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 + application: + grpcPort: 8089 + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: datacatalog-config-dcg96ktb98 + namespace: flyte +--- +apiVersion: v1 +data: + cluster_resources.yaml: | + cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable + domain.yaml: | + domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production + logger.yaml: | + logger: + show-source: true + level: 2 + remote_data.yaml: | + remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 + server.yaml: | server: httpPort: 8088 grpcPort: 8089 @@ -456,17 +508,7 @@ data: - "admin" testing: host: http://flyteadmin - database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable - remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 + storage.yaml: |+ storage: type: minio connection: @@ -477,6 +519,8 @@ data: endpoint: http://minio.flyte.svc.cluster.local:9000 region: us-east-1 container: "my-s3-bucket" + + task_resource_defaults.yaml: | task_resources: defaults: cpu: 100m @@ -486,64 +530,38 @@ data: cpu: 2 memory: 2G storage: 20Mi - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m kind: ConfigMap metadata: - name: flyte-admin-config-42k268hb6k + annotations: {} + labels: {} + name: flyte-admin-config-d9gm4tcktm namespace: flyte --- apiVersion: v1 data: - config.yaml: |+ + admin.yaml: | + event: + type: admin + rate: 500 + capacity: 1000 + admin: + endpoint: flyteadmin:81 + insecure: true + catalog.yaml: | + catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true + copilot.yaml: | plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage co-pilot: name: "flyte-copilot-" image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "5s" - -kind: ConfigMap -metadata: - name: flyte-plugin-config-ckftmk9b6k - namespace: flyte ---- -apiVersion: v1 -data: - config.yaml: | + start-timeout: "30s" + core.yaml: | propeller: - rawoutput-prefix: s3://my-container/ + rawoutput-prefix: s3://my-s3-bucket/ metadata-prefix: metadata/propeller workers: 4 max-workflow-retries: 30 @@ -573,50 +591,115 @@ data: type: bucket rate: 10 capacity: 100 + enabled_plugins.yaml: | + ## + # TODO It is important to enable the plugins that you want to deploy here. + tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - k8s-array + k8s.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi + logger.yaml: | logger: show-source: true - level: 5 + level: 2 + resource_manager.yaml: | + propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + storage.yaml: |+ storage: + type: minio connection: access-key: minio auth-type: accesskey + secret-key: miniostorage disable-ssl: true endpoint: http://minio.flyte.svc.cluster.local:9000 region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array + container: "my-s3-bucket" + + task_logs.yaml: | + # TODO this is used to enable log links in the UI. + plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" kind: ConfigMap metadata: - name: flyte-propeller-config-2m8ffmc746 + annotations: {} + labels: {} + name: flyte-propeller-config-g274b8cg57 namespace: flyte --- apiVersion: v1 +data: + pass.txt: YXdlc29tZXNhdWNl +kind: Secret +metadata: + name: db-pass-8mb4h2b9hf + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 kind: Service metadata: annotations: contour.heptio.com/upstream-protocol.h2c: grpc - name: flyteadmin + name: datacatalog namespace: flyte spec: ports: - - name: redoc - port: 87 + - name: http + port: 88 protocol: TCP - targetPort: 8087 + targetPort: 8088 + - name: grpc + port: 89 + protocol: TCP + targetPort: 8089 + selector: + app: datacatalog +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: flyteadmin + namespace: flyte +spec: + ports: - name: http port: 80 protocol: TCP @@ -668,21 +751,155 @@ spec: app: redis-resource-manager type: ClusterIP --- -apiVersion: v1 -kind: Service +apiVersion: apps/v1 +kind: Deployment metadata: labels: app: contour name: contour - namespace: heptio-contour + namespace: flyte spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP + replicas: 1 selector: - app: contour - type: NodePort + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: datacatalog + name: datacatalog + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: datacatalog + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: datacatalog + app.kubernetes.io/name: datacatalog + app.kubernetes.io/version: 0.2.2 + spec: + containers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - serve + image: datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: datacatalog + ports: + - containerPort: 8088 + - containerPort: 8089 + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + - mountPath: /etc/db + name: db-pass + initContainers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - migrate + - run + image: datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + - mountPath: /etc/db + name: db-pass + serviceAccountName: datacatalog + volumes: + - emptyDir: {} + name: shared-data + - configMap: + name: datacatalog-config-dcg96ktb98 + name: config-volume + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf --- apiVersion: apps/v1 kind: Deployment @@ -712,7 +929,7 @@ spec: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - serve image: docker.io/lyft/flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent @@ -720,16 +937,13 @@ spec: ports: - containerPort: 8088 - containerPort: 8089 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi volumeMounts: - mountPath: /srv/flyte name: shared-data - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - sh - -c @@ -751,18 +965,11 @@ spec: cpu: "0.1" memory: 200Mi initContainers: - - command: - - sh - - -c - - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep - 2; done; - image: postgres:10.1 - name: check-db-ready - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - migrate - run image: docker.io/lyft/flyteadmin:v0.3.5 @@ -771,11 +978,13 @@ spec: volumeMounts: - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - migrate - seed-projects - flytesnacks @@ -787,11 +996,13 @@ spec: volumeMounts: - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass - command: - flyteadmin - --logtostderr - --config - - /etc/flyte/config/flyteadmin_config.yaml + - /etc/flyte/config/*.yaml - clusterresource - sync image: docker.io/lyft/flyteadmin:v0.3.5 @@ -802,16 +1013,21 @@ spec: name: resource-templates - mountPath: /etc/flyte/config name: config-volume + - mountPath: /etc/db + name: db-pass serviceAccountName: flyteadmin volumes: - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates - emptyDir: {} name: shared-data - configMap: - name: flyte-admin-config-42k268hb6k + name: flyte-admin-config-d9gm4tcktm name: config-volume + - configMap: + name: clusterresource-template-9mbg4b2fhc + name: resource-templates + - name: db-pass + secret: + secretName: db-pass-8mb4h2b9hf --- apiVersion: apps/v1 kind: Deployment @@ -838,7 +1054,7 @@ spec: containers: - args: - --config - - /etc/flyte/config*/config.yaml + - /etc/flyte/config/*.yaml command: - flytepropeller env: @@ -846,29 +1062,19 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - image: docker.io/lyft/flytepropeller:v0.3.12 + image: flytepropeller:v0.3.12 imagePullPolicy: IfNotPresent name: flytepropeller ports: - containerPort: 10254 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 100Mi volumeMounts: - mountPath: /etc/flyte/config name: config-volume - - mountPath: /etc/flyte/config-plugin - name: plugin-config-volume serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-2m8ffmc746 + name: flyte-propeller-config-g274b8cg57 name: config-volume - - configMap: - name: flyte-plugin-config-ckftmk9b6k - name: plugin-config-volume --- apiVersion: apps/v1 kind: Deployment @@ -933,88 +1139,6 @@ spec: name: postgres-storage --- apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 kind: StatefulSet metadata: name: redis @@ -1074,43 +1198,6 @@ spec: - emptyDir: {} name: redis-data --- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/flyteadmin_config.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-kf62ttf64k - name: resource-templates - - configMap: - name: flyte-admin-config-42k268hb6k - name: config-volume - schedule: '*/1 * * * *' ---- apiVersion: extensions/v1beta1 kind: Ingress metadata: diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh new file mode 100644 index 0000000000..983be8f772 --- /dev/null +++ b/script/generate_kustomize.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +set -ex + +DEPLOYMENT=${1:-sandbox test eks gcp} +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" + +for deployment in ${DEPLOYMENT}; do + kustomize build kustomize/overlays/${deployment} > ${DIR}/../deployment/${deployment}/flyte_generated.yaml +done diff --git a/script/kustomize.sh b/script/kustomize.sh index 24c4459f4f..f3fd2b5f8b 100755 --- a/script/kustomize.sh +++ b/script/kustomize.sh @@ -5,7 +5,7 @@ set -ex DEPLOYMENT=${1:-sandbox test eks gcp} DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" -KUSTOMIZE_IMAGE="lyft/kustomizer:v3.1.0" +KUSTOMIZE_IMAGE="lyft/kustomizer:v3.3.0" for deployment in ${DEPLOYMENT}; do docker run -v "${DIR}/../kustomize":/kustomize "$KUSTOMIZE_IMAGE" kustomize build \ From 346532649e62a75b179a4c442288830a56344cfc Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 14:35:37 -0700 Subject: [PATCH 21/41] Fixed workflow name --- .github/workflows/{main.yml => ci.yml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename .github/workflows/{main.yml => ci.yml} (88%) diff --git a/.github/workflows/main.yml b/.github/workflows/ci.yml similarity index 88% rename from .github/workflows/main.yml rename to .github/workflows/ci.yml index fc07fa80fe..a7b0686c3d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/ci.yml @@ -1,4 +1,4 @@ -# This is a basic workflow to help you get started with Actions +# This is a basic workflow to perform CI on flyte repo name: CI @@ -6,9 +6,9 @@ name: CI # events but only for the master branch on: push: - branches: [ master ] + branches: + - master pull_request: - branches: [ master ] # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: From a3575c590c4bb08cbaddd5eb9279418b9f936b03 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 14:37:43 -0700 Subject: [PATCH 22/41] update makefile --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 31f4c518bb..854100e5b0 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ .PHONY: kustomize kustomize: - bash script/kustomize.sh + bash script/generate_kustomize.sh .PHONY: deploy_sandbox deploy_sandbox: From 91163a3e61991dadd3c456436fbf07a65d41c1a1 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 14:44:34 -0700 Subject: [PATCH 23/41] format --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a7b0686c3d..ec2ceb3e32 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,8 +6,8 @@ name: CI # events but only for the master branch on: push: - branches: - - master + branches: + - master pull_request: # A workflow run is made up of one or more jobs that can run sequentially or in parallel From 194ab754afd89a725fe32912c3bad283b9fc7cf3 Mon Sep 17 00:00:00 2001 From: Ketan Umare <16888709+kumare3@users.noreply.github.com> Date: Wed, 23 Sep 2020 14:49:16 -0700 Subject: [PATCH 24/41] Update ci.yml --- .github/workflows/ci.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ec2ceb3e32..a183c0257d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,8 +25,4 @@ jobs: uses: stefanprodan/kube-tools@v1 with: kustomize: 3.5.5 - command: | - SCRIPT=script/generate_kustomize.sh - echo "Running Kustomizer" - ./${SCRIPT} - echo "Kustomizer run completed" + run: script/generate_kustomize.sh From 54c1a7eada544da63e2f22e9a5ed8b3ee4a97ee8 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 14:53:48 -0700 Subject: [PATCH 25/41] command --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a183c0257d..fffee28385 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,4 +25,4 @@ jobs: uses: stefanprodan/kube-tools@v1 with: kustomize: 3.5.5 - run: script/generate_kustomize.sh + command: script/generate_kustomize.sh From 1a736c9bd56224ed06bff38fe3f92dad1144e7e4 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 14:58:23 -0700 Subject: [PATCH 26/41] script updated --- script/generate_kustomize.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 script/generate_kustomize.sh diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh old mode 100644 new mode 100755 From ab38fa1974d6c949739819a1cbc45a6d966205f4 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 15:01:50 -0700 Subject: [PATCH 27/41] remove kustomize check --- .github/workflows/tests.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a47ce210b6..074c61fa1d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -9,8 +9,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - - name: Kustomize and diff - run: DELTA_CHECK=true make kustomize - uses: engineerd/setup-kind@v0.4.0 - name: End2End env: From f5bf26a01ad4b4eade7126c2fa8c2388d859b399 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 15:58:44 -0700 Subject: [PATCH 28/41] Generate kustomize --- script/generate_kustomize.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh index 983be8f772..7ca241abe4 100755 --- a/script/generate_kustomize.sh +++ b/script/generate_kustomize.sh @@ -2,6 +2,10 @@ set -ex +echo "Install Kustomize" +curl -s "https://raw.githubusercontent.com/\ +kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash + DEPLOYMENT=${1:-sandbox test eks gcp} DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" From f469a4373edbd26b65a9581b0720f2543d33f2ab Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 16:04:11 -0700 Subject: [PATCH 29/41] Update kustomize --- .github/workflows/ci.yml | 28 ---------------------------- .github/workflows/tests.yml | 2 ++ script/generate_kustomize.sh | 16 ++++++++++++++++ script/kustomize.sh | 30 ------------------------------ 4 files changed, 18 insertions(+), 58 deletions(-) delete mode 100644 .github/workflows/ci.yml delete mode 100755 script/kustomize.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index fffee28385..0000000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,28 +0,0 @@ -# This is a basic workflow to perform CI on flyte repo - -name: CI - -# Controls when the action will run. Triggers the workflow on push or pull request -# events but only for the master branch -on: - push: - branches: - - master - pull_request: - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel -jobs: - # This workflow contains a single job called "build" - build: - # The type of runner that the job will run on - runs-on: ubuntu-latest - - # Steps represent a sequence of tasks that will be executed as part of the job - steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v2 - - name: Run Kubernetes tools - uses: stefanprodan/kube-tools@v1 - with: - kustomize: 3.5.5 - command: script/generate_kustomize.sh diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 074c61fa1d..a47ce210b6 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -9,6 +9,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 + - name: Kustomize and diff + run: DELTA_CHECK=true make kustomize - uses: engineerd/setup-kind@v0.4.0 - name: End2End env: diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh index 7ca241abe4..b7168d768b 100755 --- a/script/generate_kustomize.sh +++ b/script/generate_kustomize.sh @@ -12,3 +12,19 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" for deployment in ${DEPLOYMENT}; do kustomize build kustomize/overlays/${deployment} > ${DIR}/../deployment/${deployment}/flyte_generated.yaml done + +# This section is used by GitHub workflow to ensure that the generation step was run +if [ -n "$DELTA_CHECK" ]; then + DIRTY=$(git status --porcelain) + if [ -n "$DIRTY" ]; then + echo "FAILED: kustomize code updated without commiting generated code." + echo "Ensure make kustomize has run and all changes are committed." + DIFF=$(git diff) + echo "diff detected: $DIFF" + DIFF=$(git diff --name-only) + echo "files different: $DIFF" + exit 1 + else + echo "SUCCESS: Generated code is up to date." + fi +fi diff --git a/script/kustomize.sh b/script/kustomize.sh deleted file mode 100755 index f3fd2b5f8b..0000000000 --- a/script/kustomize.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -DEPLOYMENT=${1:-sandbox test eks gcp} - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" -KUSTOMIZE_IMAGE="lyft/kustomizer:v3.3.0" - -for deployment in ${DEPLOYMENT}; do - docker run -v "${DIR}/../kustomize":/kustomize "$KUSTOMIZE_IMAGE" kustomize build \ - "overlays/${deployment}" \ - > "${DIR}/../deployment/${deployment}/flyte_generated.yaml" -done - -# This section is used by GitHub workflow to ensure that the generation step was run -if [ -n "$DELTA_CHECK" ]; then - DIRTY=$(git status --porcelain) - if [ -n "$DIRTY" ]; then - echo "FAILED: kustomize code updated without commiting generated code." - echo "Ensure make kustomize has run and all changes are committed." - DIFF=$(git diff) - echo "diff detected: $DIFF" - DIFF=$(git diff --name-only) - echo "files different: $DIFF" - exit 1 - else - echo "SUCCESS: Generated code is up to date." - fi -fi From c1a9ea279989101c62abcde829356eb939ef9f5c Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 17:23:00 -0700 Subject: [PATCH 30/41] updated --- .gitignore | 1 + deployment/eks/flyte_generated.yaml | 114 +- deployment/gcp/flyte_generated.yaml | 114 +- deployment/sandbox/flyte_generated.yaml | 319 ++- deployment/test/flyte_generated.yaml | 226 +- kustomize/base/README.md | 4 +- kustomize/base/namespace/namespace.yaml | 6 - kustomize/base/single_cluster/README.md | 11 + kustomize/overlays/eks/kustomization.yaml | 2 +- kustomize/overlays/gcp/kustomization.yaml | 2 +- kustomize/overlays/sandbox/kustomization.yaml | 24 +- kustomize/overlays/sandbox/test.yaml | 1872 +++++++++++++++++ kustomize/overlays/test/kustomization.yaml | 2 +- script/generate_kustomize.sh | 11 +- 14 files changed, 2268 insertions(+), 440 deletions(-) create mode 100644 kustomize/base/single_cluster/README.md create mode 100644 kustomize/overlays/sandbox/test.yaml diff --git a/.gitignore b/.gitignore index 110b865f7c..25dff9d99e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ .idea _build/ +_bin/ build/ .vscode/ *.swp diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index 1ba4d9253f..31b357d939 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -2,11 +2,6 @@ apiVersion: v1 kind: Namespace metadata: name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active --- apiVersion: v1 kind: Namespace @@ -116,13 +111,13 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow --- apiVersion: v1 kind: ServiceAccount metadata: name: sparkoperator - namespace: flyte + namespace: sparkoperator --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -417,7 +412,7 @@ roleRef: subjects: - kind: ServiceAccount name: pytorch-operator - namespace: flyte + namespace: kubeflow --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -430,6 +425,15 @@ roleRef: subjects: - kind: ServiceAccount name: sparkoperator + namespace: sparkoperator +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config namespace: flyte --- apiVersion: v1 @@ -498,8 +502,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: clusterresource-template-kf62ttf64k - namespace: flyte + name: clusterresource-template-tkdkkt4cb5 --- apiVersion: v1 data: @@ -547,8 +550,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: datacatalog-config-2tbm82k5t8 - namespace: flyte + name: datacatalog-config-2bb94tc5b5 --- apiVersion: v1 data: @@ -656,17 +658,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-admin-config-7dc4c2gt9f - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte + name: flyte-admin-config-g79597h75m --- apiVersion: v1 data: @@ -814,8 +806,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-propeller-config-9mmhk7f684 - namespace: flyte + name: flyte-propeller-config-fgt6tg929g --- apiVersion: v1 data: @@ -824,8 +815,7 @@ kind: Secret metadata: annotations: {} labels: {} - name: db-pass-kdm4d5fcfb - namespace: flyte + name: db-pass-bthd2588cc type: Opaque --- apiVersion: v1 @@ -897,6 +887,23 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service metadata: annotations: prometheus.io/path: /metrics @@ -906,7 +913,7 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow spec: ports: - name: monitoring-port @@ -919,26 +926,9 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service metadata: name: spark-webhook - namespace: flyte + namespace: sparkoperator spec: ports: - name: webhook @@ -1012,13 +1002,14 @@ spec: name: db-pass serviceAccountName: datacatalog volumes: - - name: shared-data + - emptyDir: {} + name: shared-data - configMap: - name: datacatalog-config-2tbm82k5t8 + name: datacatalog-config name: config-volume - name: db-pass secret: - secretName: db-pass-kdm4d5fcfb + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1141,16 +1132,17 @@ spec: name: db-pass serviceAccountName: flyteadmin volumes: - - name: shared-data + - emptyDir: {} + name: shared-data - configMap: - name: flyte-admin-config-7dc4c2gt9f + name: flyte-admin-config name: config-volume - configMap: - name: clusterresource-template-kf62ttf64k + name: clusterresource-template name: resource-templates - name: db-pass secret: - secretName: db-pass-kdm4d5fcfb + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1235,7 +1227,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-9mmhk7f684 + name: flyte-propeller-config name: config-volume --- apiVersion: apps/v1 @@ -1244,7 +1236,7 @@ metadata: labels: kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow spec: replicas: 1 selector: @@ -1283,7 +1275,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator - namespace: flyte + namespace: sparkoperator spec: replicas: 1 selector: @@ -1422,14 +1414,14 @@ spec: serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template-kf62ttf64k + name: clusterresource-template name: resource-templates - configMap: - name: flyte-admin-config-7dc4c2gt9f + name: flyte-admin-config name: config-volume - name: db-pass secret: - secretName: db-pass-kdm4d5fcfb + secretName: db-pass schedule: '*/1 * * * *' --- apiVersion: batch/v1 @@ -1439,7 +1431,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator-init - namespace: flyte + namespace: sparkoperator spec: backoffLimit: 3 template: @@ -1452,7 +1444,7 @@ spec: - command: - /usr/bin/gencerts.sh - --namespace - - flyte + - sparkoperator - -p image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 imagePullPolicy: IfNotPresent diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index 2f5c89fad0..17cdf42e27 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -2,11 +2,6 @@ apiVersion: v1 kind: Namespace metadata: name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active --- apiVersion: v1 kind: Namespace @@ -112,13 +107,13 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow --- apiVersion: v1 kind: ServiceAccount metadata: name: sparkoperator - namespace: flyte + namespace: sparkoperator --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -413,7 +408,7 @@ roleRef: subjects: - kind: ServiceAccount name: pytorch-operator - namespace: flyte + namespace: kubeflow --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -426,6 +421,15 @@ roleRef: subjects: - kind: ServiceAccount name: sparkoperator + namespace: sparkoperator +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config namespace: flyte --- apiVersion: v1 @@ -494,8 +498,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: clusterresource-template-kf62ttf64k - namespace: flyte + name: clusterresource-template-tkdkkt4cb5 --- apiVersion: v1 data: @@ -543,8 +546,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: datacatalog-config-f58d6c6kmf - namespace: flyte + name: datacatalog-config-d56hkd9229 --- apiVersion: v1 data: @@ -647,17 +649,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-admin-config-47tcf7gdg9 - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte + name: flyte-admin-config-678t259tk4 --- apiVersion: v1 data: @@ -805,8 +797,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-propeller-config-9mmhk7f684 - namespace: flyte + name: flyte-propeller-config-fgt6tg929g --- apiVersion: v1 data: @@ -815,8 +806,7 @@ kind: Secret metadata: annotations: {} labels: {} - name: db-pass-kdm4d5fcfb - namespace: flyte + name: db-pass-bthd2588cc type: Opaque --- apiVersion: v1 @@ -938,6 +928,23 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service metadata: annotations: prometheus.io/path: /metrics @@ -947,7 +954,7 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow spec: ports: - name: monitoring-port @@ -960,26 +967,9 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service metadata: name: spark-webhook - namespace: flyte + namespace: sparkoperator spec: ports: - name: webhook @@ -1080,13 +1070,14 @@ spec: name: db-pass serviceAccountName: datacatalog volumes: - - name: shared-data + - emptyDir: {} + name: shared-data - configMap: - name: datacatalog-config-f58d6c6kmf + name: datacatalog-config name: config-volume - name: db-pass secret: - secretName: db-pass-kdm4d5fcfb + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1209,16 +1200,17 @@ spec: name: db-pass serviceAccountName: flyteadmin volumes: - - name: shared-data + - emptyDir: {} + name: shared-data - configMap: - name: flyte-admin-config-47tcf7gdg9 + name: flyte-admin-config name: config-volume - configMap: - name: clusterresource-template-kf62ttf64k + name: clusterresource-template name: resource-templates - name: db-pass secret: - secretName: db-pass-kdm4d5fcfb + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1303,7 +1295,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-9mmhk7f684 + name: flyte-propeller-config name: config-volume --- apiVersion: apps/v1 @@ -1312,7 +1304,7 @@ metadata: labels: kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow spec: replicas: 1 selector: @@ -1351,7 +1343,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator - namespace: flyte + namespace: sparkoperator spec: replicas: 1 selector: @@ -1490,14 +1482,14 @@ spec: serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template-kf62ttf64k + name: clusterresource-template name: resource-templates - configMap: - name: flyte-admin-config-47tcf7gdg9 + name: flyte-admin-config name: config-volume - name: db-pass secret: - secretName: db-pass-kdm4d5fcfb + secretName: db-pass schedule: '*/1 * * * *' --- apiVersion: batch/v1 @@ -1507,7 +1499,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator-init - namespace: flyte + namespace: sparkoperator spec: backoffLimit: 3 template: @@ -1520,7 +1512,7 @@ spec: - command: - /usr/bin/gencerts.sh - --namespace - - flyte + - sparkoperator - -p image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 imagePullPolicy: IfNotPresent diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml index 969af405de..0dada43f3c 100644 --- a/deployment/sandbox/flyte_generated.yaml +++ b/deployment/sandbox/flyte_generated.yaml @@ -2,11 +2,6 @@ apiVersion: v1 kind: Namespace metadata: name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active --- apiVersion: v1 kind: Namespace @@ -230,26 +225,26 @@ spec: apiVersion: v1 kind: ServiceAccount metadata: - name: contour + name: datacatalog namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: datacatalog + name: flyteadmin namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flyteadmin + name: flytepropeller namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flytepropeller - namespace: flyte + name: contour + namespace: heptio-contour --- apiVersion: v1 kind: ServiceAccount @@ -258,13 +253,13 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow --- apiVersion: v1 kind: ServiceAccount metadata: name: sparkoperator - namespace: flyte + namespace: sparkoperator --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -606,7 +601,7 @@ roleRef: subjects: - kind: ServiceAccount name: contour - namespace: flyte + namespace: heptio-contour --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -622,7 +617,7 @@ roleRef: subjects: - kind: ServiceAccount name: pytorch-operator - namespace: flyte + namespace: kubeflow --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -635,6 +630,15 @@ roleRef: subjects: - kind: ServiceAccount name: sparkoperator + namespace: sparkoperator +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config namespace: flyte --- apiVersion: v1 @@ -703,8 +707,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: clusterresource-template-kf62ttf64k - namespace: flyte + name: clusterresource-template-tkdkkt4cb5 --- apiVersion: v1 data: @@ -742,8 +745,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: datacatalog-config-dcg96ktb98 - namespace: flyte + name: datacatalog-config-64k8dg9gck --- apiVersion: v1 data: @@ -840,17 +842,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-admin-config-d9gm4tcktm - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte + name: flyte-admin-config-c96tt5m6b7 --- apiVersion: v1 data: @@ -978,36 +970,18 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-propeller-config-hddmcg6mgh - namespace: flyte + name: flyte-propeller-config-88kbgkkfbd --- apiVersion: v1 data: pass.txt: YXdlc29tZXNhdWNl kind: Secret metadata: - name: db-pass-8mb4h2b9hf - namespace: flyte + name: db-pass-9dgchhk2bm type: Opaque --- apiVersion: v1 kind: Service -metadata: - labels: - app: contour - name: contour - namespace: flyte -spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP - selector: - app: contour - type: NodePort ---- -apiVersion: v1 -kind: Service metadata: annotations: contour.heptio.com/upstream-protocol.h2c: grpc @@ -1120,6 +1094,39 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: contour + name: contour + namespace: heptio-contour +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 +kind: Service metadata: annotations: prometheus.io/path: /metrics @@ -1129,7 +1136,7 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow spec: ports: - name: monitoring-port @@ -1142,26 +1149,9 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service metadata: name: spark-webhook - namespace: flyte + namespace: sparkoperator spec: ports: - name: webhook @@ -1173,88 +1163,6 @@ spec: --- apiVersion: apps/v1 kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 -kind: Deployment metadata: labels: app: datacatalog @@ -1315,11 +1223,11 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: datacatalog-config-dcg96ktb98 + name: datacatalog-config name: config-volume - name: db-pass secret: - secretName: db-pass-8mb4h2b9hf + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1448,16 +1356,17 @@ spec: name: check-db-ready serviceAccountName: flyteadmin volumes: - - name: shared-data + - emptyDir: {} + name: shared-data - configMap: - name: flyte-admin-config-d9gm4tcktm + name: flyte-admin-config name: config-volume - configMap: - name: clusterresource-template-kf62ttf64k + name: clusterresource-template name: resource-templates - name: db-pass secret: - secretName: db-pass-8mb4h2b9hf + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1537,7 +1446,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-hddmcg6mgh + name: flyte-propeller-config name: config-volume --- apiVersion: apps/v1 @@ -1604,11 +1513,93 @@ spec: --- apiVersion: apps/v1 kind: Deployment +metadata: + labels: + app: contour + name: contour + namespace: heptio-contour +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 +kind: Deployment metadata: labels: kustomize.component: pytorch-operator name: pytorch-operator - namespace: flyte + namespace: kubeflow spec: replicas: 1 selector: @@ -1647,7 +1638,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator - namespace: flyte + namespace: sparkoperator spec: replicas: 1 selector: @@ -1786,14 +1777,14 @@ spec: serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template-kf62ttf64k + name: clusterresource-template name: resource-templates - configMap: - name: flyte-admin-config-d9gm4tcktm + name: flyte-admin-config name: config-volume - name: db-pass secret: - secretName: db-pass-8mb4h2b9hf + secretName: db-pass schedule: '*/1 * * * *' --- apiVersion: batch/v1 @@ -1803,7 +1794,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator-init - namespace: flyte + namespace: sparkoperator spec: backoffLimit: 3 template: @@ -1816,7 +1807,7 @@ spec: - command: - /usr/bin/gencerts.sh - --namespace - - flyte + - sparkoperator - -p image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 imagePullPolicy: IfNotPresent diff --git a/deployment/test/flyte_generated.yaml b/deployment/test/flyte_generated.yaml index 7341682687..ed14f923d0 100644 --- a/deployment/test/flyte_generated.yaml +++ b/deployment/test/flyte_generated.yaml @@ -2,11 +2,6 @@ apiVersion: v1 kind: Namespace metadata: name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active --- apiVersion: v1 kind: Namespace @@ -166,26 +161,26 @@ spec: apiVersion: v1 kind: ServiceAccount metadata: - name: contour + name: datacatalog namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: datacatalog + name: flyteadmin namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flyteadmin + name: flytepropeller namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flytepropeller - namespace: flyte + name: contour + namespace: heptio-contour --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -361,7 +356,7 @@ roleRef: subjects: - kind: ServiceAccount name: contour - namespace: flyte + namespace: heptio-contour --- apiVersion: v1 data: @@ -397,8 +392,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: clusterresource-template-9mbg4b2fhc - namespace: flyte + name: clusterresource-template-dtg8ff28mt --- apiVersion: v1 data: @@ -436,8 +430,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: datacatalog-config-dcg96ktb98 - namespace: flyte + name: datacatalog-config-64k8dg9gck --- apiVersion: v1 data: @@ -534,8 +527,7 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-admin-config-d9gm4tcktm - namespace: flyte + name: flyte-admin-config-c96tt5m6b7 --- apiVersion: v1 data: @@ -643,36 +635,18 @@ kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-propeller-config-g274b8cg57 - namespace: flyte + name: flyte-propeller-config-tdbd9tb7dh --- apiVersion: v1 data: pass.txt: YXdlc29tZXNhdWNl kind: Secret metadata: - name: db-pass-8mb4h2b9hf - namespace: flyte + name: db-pass-9dgchhk2bm type: Opaque --- apiVersion: v1 kind: Service -metadata: - labels: - app: contour - name: contour - namespace: flyte -spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP - selector: - app: contour - type: NodePort ---- -apiVersion: v1 -kind: Service metadata: annotations: contour.heptio.com/upstream-protocol.h2c: grpc @@ -751,87 +725,21 @@ spec: app: redis-resource-manager type: ClusterIP --- -apiVersion: apps/v1 -kind: Deployment +apiVersion: v1 +kind: Service metadata: labels: app: contour name: contour - namespace: flyte + namespace: heptio-contour spec: - replicas: 1 + ports: + - nodePort: 30081 + port: 80 + protocol: TCP selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config + app: contour + type: NodePort --- apiVersion: apps/v1 kind: Deployment @@ -895,11 +803,11 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: datacatalog-config-dcg96ktb98 + name: datacatalog-config name: config-volume - name: db-pass secret: - secretName: db-pass-8mb4h2b9hf + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1020,14 +928,14 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: flyte-admin-config-d9gm4tcktm + name: flyte-admin-config name: config-volume - configMap: - name: clusterresource-template-9mbg4b2fhc + name: clusterresource-template name: resource-templates - name: db-pass secret: - secretName: db-pass-8mb4h2b9hf + secretName: db-pass --- apiVersion: apps/v1 kind: Deployment @@ -1073,7 +981,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-g274b8cg57 + name: flyte-propeller-config name: config-volume --- apiVersion: apps/v1 @@ -1139,6 +1047,88 @@ spec: name: postgres-storage --- apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: contour + name: contour + namespace: heptio-contour +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 kind: StatefulSet metadata: name: redis diff --git a/kustomize/base/README.md b/kustomize/base/README.md index 06fcc02d05..2c38e39715 100644 --- a/kustomize/base/README.md +++ b/kustomize/base/README.md @@ -2,8 +2,8 @@ # Base Components for Flyte These deployments provide individual deployment units of the Flyte Backend. -As a user it might be preferable to use the `flyte_single_cluster` deployment base to create an overlay on top of, or directly edit on top of one of the existing overlays. +As a user it might be preferable to use the `single_cluster` deployment base to create an overlay on top of, or directly edit on top of one of the existing overlays. -[flyte_single_cluster](./flyte_single_cluster) +[Single Cluster Flyte Deployment configuration](./single_cluster) diff --git a/kustomize/base/namespace/namespace.yaml b/kustomize/base/namespace/namespace.yaml index a5328890f7..ca27d7f885 100644 --- a/kustomize/base/namespace/namespace.yaml +++ b/kustomize/base/namespace/namespace.yaml @@ -2,9 +2,3 @@ apiVersion: v1 kind: Namespace metadata: name: flyte -spec: - finalizers: - - kubernetes -status: - phase: Active ---- diff --git a/kustomize/base/single_cluster/README.md b/kustomize/base/single_cluster/README.md new file mode 100644 index 0000000000..0fd138dc3f --- /dev/null +++ b/kustomize/base/single_cluster/README.md @@ -0,0 +1,11 @@ +[Back to Base components menu](../) +# Flyte Single cluster deployment mode +This allows flyte to be deployed in one Kubernetes cluster. +All components are deployed and can be configured to use dependencies based on the environment. + +To understand configuration of dependencies refer to sandbox or any cloud deployments + +## Overlays using the single cluster mode +1. [Sandbox Overlay](../../overlays/sandbox) +1. [GCP SingleCluster Overlay](../../overlays/gcp) +1. [EKS SingleCluster Overlay](../../overlays/eks) diff --git a/kustomize/overlays/eks/kustomization.yaml b/kustomize/overlays/eks/kustomization.yaml index 6f467be5f5..16cb7a6d21 100644 --- a/kustomize/overlays/eks/kustomization.yaml +++ b/kustomize/overlays/eks/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -namespace: flyte +#namespace: flyte bases: - ../../base/single_cluster/complete diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index b93608bb9f..1992696894 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -namespace: flyte +#namespace: flyte bases: - ../../base/single_cluster/complete diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index 3c710b76ba..28a83f7477 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -namespace: flyte +#namespace: flyte bases: - ../../base/single_cluster/complete @@ -28,28 +28,6 @@ resources: patchesStrategicMerge: - admin/deployment.yaml -############################################## -# Generate Configs -# For each component exactly one config is generated -# For every component required configs are -# 1. logger.yaml -# 2. storage.yaml -# 3. component.yaml -# -# db.yaml is required for FlyteAdmin and DataCatalog -# ############################################ -# the main admin configmap - -# cluster resource templates -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - -# Flyte Propeller Configuration - -# TODO Flyte Console Configuration -#- name: flyte-console-config -# files: -# - ./config/console.yaml - configMapGenerator: - behavior: merge files: diff --git a/kustomize/overlays/sandbox/test.yaml b/kustomize/overlays/sandbox/test.yaml new file mode 100644 index 0000000000..0dada43f3c --- /dev/null +++ b/kustomize/overlays/sandbox/test.yaml @@ -0,0 +1,1872 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: flyte +--- +apiVersion: v1 +kind: Namespace +metadata: + name: heptio-contour +--- +apiVersion: v1 +kind: Namespace +metadata: + name: sparkoperator +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: flyteworkflows.flyte.lyft.com +spec: + group: flyte.lyft.com + names: + kind: FlyteWorkflow + plural: flyteworkflows + shortNames: + - fly + singular: flyteworkflow + scope: Namespaced + version: v1alpha1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + component: ingressroute + name: ingressroutes.contour.heptio.com +spec: + additionalPrinterColumns: + - JSONPath: .spec.virtualhost.fqdn + description: Fully qualified domain name + name: FQDN + type: string + - JSONPath: .spec.virtualhost.tls.secretName + description: Secret with TLS credentials + name: TLS Secret + type: string + - JSONPath: .spec.routes[0].match + description: First routes defined + name: First route + type: string + - JSONPath: .status.currentStatus + description: The current status of the IngressRoute + name: Status + type: string + - JSONPath: .status.description + description: Description of the current status + name: Status Description + type: string + group: contour.heptio.com + names: + kind: IngressRoute + plural: ingressroutes + scope: Namespaced + validation: + openAPIV3Schema: + properties: + spec: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + routes: + items: + properties: + delegate: + properties: + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + namespace: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name + type: object + match: + pattern: ^\/.*$ + type: string + services: + items: + properties: + healthCheck: + properties: + healthyThresholdCount: + type: integer + intervalSeconds: + type: integer + path: + pattern: ^\/.*$ + type: string + timeoutSeconds: + type: integer + unhealthyThresholdCount: + type: integer + required: + - path + type: object + name: + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + port: + type: integer + strategy: + enum: + - RoundRobin + - WeightedLeastRequest + - Random + - RingHash + - Maglev + type: string + weight: + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: array + strategy: + enum: + - RoundRobin + - LeastRequest + - Random + - RingHash + - Maglev + type: string + virtualhost: + properties: + aliases: + items: + pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ + type: string + type: array + fqdn: + pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ + type: string + required: + - routes + version: v1beta1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: pytorchjobs.kubeflow.org +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[-1:].type + name: State + type: string + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: kubeflow.org + names: + kind: PyTorchJob + plural: pytorchjobs + singular: pytorchjob + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + pytorchReplicaSpecs: + properties: + Master: + properties: + replicas: + maximum: 1 + minimum: 1 + type: integer + Worker: + properties: + replicas: + minimum: 1 + type: integer + versions: + - name: v1 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sparkapplications.sparkoperator.k8s.io +spec: + group: sparkoperator.k8s.io + names: + kind: SparkApplication + listKind: SparkApplicationList + plural: sparkapplications + shortNames: + - sparkapp + singular: sparkapplication + scope: Namespaced + version: v1beta1 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: datacatalog + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flyteadmin + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flytepropeller + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: contour + namespace: heptio-contour +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: kubeflow +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sparkoperator + namespace: sparkoperator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flyteadmin + namespace: flyte +rules: +- apiGroups: + - "" + - flyte.lyft.com + - rbac.authorization.k8s.io + resources: + - configmaps + - flyteworkflows + - namespaces + - pods + - resourcequotas + - roles + - rolebindings + - secrets + - services + - serviceaccounts + - spark-role + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: flytepropeller +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - delete + - patch +- apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch + - create + - update + - delete + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - create + - delete + - update +- apiGroups: + - flyte.lyft.com + resources: + - flyteworkflows + verbs: + - get + - list + - watch + - create + - update + - delete + - patch + - post + - deletecollection +--- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" + name: kubeflow-pytorchjobs-admin +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" + name: kubeflow-pytorchjobs-edit +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kustomize.component: pytorch-operator + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" + name: kubeflow-pytorchjobs-view +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: contour +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - contour.heptio.com + resources: + - ingressroutes + verbs: + - get + - list + - watch + - put + - post + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +rules: +- apiGroups: + - kubeflow.org + resources: + - pytorchjobs + - pytorchjobs/status + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - events + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: sparkoperator +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +- apiGroups: + - "" + resources: + - services + - configmaps + - secrets + verbs: + - create + - get + - delete +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - create + - get + - delete +- apiGroups: + - "" + resources: + - nodes + verbs: + - get +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - update + - delete + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - update + - delete +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - update + - delete +- apiGroups: + - sparkoperator.k8s.io + resources: + - sparkapplications + - scheduledsparkapplications + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flyteadmin-binding + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyteadmin +subjects: +- kind: ServiceAccount + name: flyteadmin + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: flytepropeller + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flytepropeller +subjects: +- kind: ServiceAccount + name: flytepropeller + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: contour +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: contour +subjects: +- kind: ServiceAccount + name: contour + namespace: heptio-contour +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pytorch-operator +subjects: +- kind: ServiceAccount + name: pytorch-operator + namespace: kubeflow +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: sparkoperator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: sparkoperator +subjects: +- kind: ServiceAccount + name: sparkoperator + namespace: sparkoperator +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config + namespace: flyte +--- +apiVersion: v1 +data: + aa_namespace.yaml: | + apiVersion: v1 + kind: Namespace + metadata: + name: {{ namespace }} + spec: + finalizers: + - kubernetes + ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" + ac_project-copilot-dataconfig.yaml: | + kind: ConfigMap + apiVersion: v1 + metadata: + name: flyte-data-config + namespace: {{ namespace }} + data: + config.yaml: | + storage: + connection: + access-key: minio + auth-type: accesskey + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + secret-key: miniostorage + type: minio + container: my-s3-bucket + enable-multicontainer: true + ad_spark-role.yaml: | + apiVersion: rbac.authorization.k8s.io/v1beta1 + kind: Role + metadata: + name: spark-role + namespace: {{ namespace }} + rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - '*' + - apiGroups: + - "" + resources: + - services + verbs: + - '*' + - apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' + ae_spark-service-account.yaml: | + apiVersion: v1 + kind: ServiceAccount + metadata: + name: spark + namespace: {{ namespace }} + af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: clusterresource-template-tkdkkt4cb5 +--- +apiVersion: v1 +data: + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: datacatalog + options: sslmode=disable + logger.yaml: | + logger: + show-source: true + level: 2 + server.yaml: | + datacatalog: + storage-prefix: metadata/datacatalog + metrics-scope: "datacatalog" + profiler-port: 10254 + application: + grpcPort: 8089 + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: datacatalog-config-64k8dg9gck +--- +apiVersion: v1 +data: + cluster_resources.yaml: | + cluster_resources: + templatePath: "/etc/flyte/clusterresource/templates" + customData: + production: + - projectQuotaCpu: + value: "5" + - projectQuotaMemory: + value: "4000Mi" + staging: + - projectQuotaCpu: + value: "2" + - projectQuotaMemory: + value: "3000Mi" + development: + - projectQuotaCpu: + value: "4" + - projectQuotaMemory: + value: "3000Mi" + refresh: 5m + db.yaml: | + database: + port: 5432 + username: postgres + host: postgres + dbname: postgres + options: sslmode=disable + domain.yaml: | + domains: + - id: development + name: development + - id: staging + name: staging + - id: production + name: production + logger.yaml: | + logger: + show-source: true + level: 2 + remote_data.yaml: | + remoteData: + region: "us-east-1" + scheme: "local" + signedUrls: + durationMinutes: 3 + server.yaml: | + server: + httpPort: 8088 + grpcPort: 8089 + security: + secure: false + useAuth: false + allowCors: true + allowedOrigins: + # Accepting all domains for Sandbox installation + - "*" + allowedHeaders: + - "Content-Type" + flyteadmin: + roleNameKey: "iam.amazonaws.com/role" + profilerPort: 10254 + metricsScope: "flyte:" + metadataStoragePrefix: + - "metadata" + - "admin" + testing: + host: http://flyteadmin + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + + task_resource_defaults.yaml: | + task_resources: + defaults: + cpu: 100m + memory: 100Mi + storage: 5Mi + limits: + cpu: 2 + memory: 2G + storage: 20Mi +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: flyte-admin-config-c96tt5m6b7 +--- +apiVersion: v1 +data: + admin.yaml: | + event: + type: admin + rate: 500 + capacity: 1000 + admin: + endpoint: flyteadmin:81 + insecure: true + catalog.yaml: | + catalog-cache: + endpoint: datacatalog:89 + type: datacatalog + insecure: true + copilot.yaml: | + plugins: + k8s: + co-pilot: + name: "flyte-copilot-" + image: "docker.io/lyft/flytecopilot:v0.3.35" + start-timeout: "30s" + core.yaml: | + propeller: + rawoutput-prefix: s3://my-s3-bucket/ + metadata-prefix: metadata/propeller + workers: 4 + max-workflow-retries: 30 + workflow-reeval-duration: 30s + downstream-eval-duration: 30s + limit-namespace: "all" + prof-port: 10254 + metrics-prefix: flyte + enable-admin-launcher: true + leader-election: + lock-config-map: + name: propeller-leader + namespace: flyte + enabled: true + lease-duration: 15s + renew-deadline: 10s + retry-period: 2s + queue: + type: batch + batching-interval: 2s + batch-size: -1 + queue: + type: bucket + rate: 10 + capacity: 100 + sub-queue: + type: bucket + rate: 10 + capacity: 100 + enabled_plugins.yaml: | + tasks: + task-plugins: + enabled-plugins: + - container + - sidecar + - spark + - k8s-array + - pytorch + k8s.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + default-cpus: 100m + default-memory: 100Mi + logger.yaml: | + logger: + show-source: true + level: 2 + qubole.yaml: | + plugins: + qubole: + quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" + resource_manager.yaml: | + propeller: + resourcemanager: + type: redis + resourceMaxQuota: 10000 + redis: + hostPath: redis-resource-manager:6379 + hostKey: mypassword + spark.yaml: | + plugins: + spark: + spark-config-default: + - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" + - spark.kubernetes.allocation.batch.size: "50" + - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" + - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" + - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" + - spark.hadoop.fs.s3a.multipart.threshold: "536870912" + - spark.blacklist.enabled: "true" + - spark.blacklist.timeout: "5m" + - spark.task.maxfailures: "8" + storage.yaml: |+ + storage: + type: minio + connection: + access-key: minio + auth-type: accesskey + secret-key: miniostorage + disable-ssl: true + endpoint: http://minio.flyte.svc.cluster.local:9000 + region: us-east-1 + container: "my-s3-bucket" + + task_logs.yaml: | + plugins: + logs: + kubernetes-enabled: true + kubernetes-url: "http://localhost:30082" +kind: ConfigMap +metadata: + annotations: {} + labels: {} + name: flyte-propeller-config-88kbgkkfbd +--- +apiVersion: v1 +data: + pass.txt: YXdlc29tZXNhdWNl +kind: Secret +metadata: + name: db-pass-9dgchhk2bm +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: datacatalog + namespace: flyte +spec: + ports: + - name: http + port: 88 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 89 + protocol: TCP + targetPort: 8089 + selector: + app: datacatalog +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + contour.heptio.com/upstream-protocol.h2c: grpc + name: flyteadmin + namespace: flyte +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8088 + - name: grpc + port: 81 + protocol: TCP + targetPort: 8089 + - name: redoc + port: 87 + protocol: TCP + targetPort: 8087 + selector: + app: flyteadmin +--- +apiVersion: v1 +kind: Service +metadata: + name: flyteconsole + namespace: flyte +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: flyteconsole +--- +apiVersion: v1 +kind: Service +metadata: + name: minio + namespace: flyte +spec: + externalName: minio + ports: + - port: 9000 + selector: + app: minio +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: minio + name: minio-direct + namespace: flyte +spec: + ports: + - nodePort: 30084 + port: 9000 + protocol: TCP + selector: + app: minio + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: flyte +spec: + ports: + - port: 5432 + selector: + app: postgres +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgres + name: postgres-direct + namespace: flyte +spec: + ports: + - nodePort: 30083 + port: 5432 + protocol: TCP + selector: + app: postgres + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: contour + name: contour + namespace: heptio-contour +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8443" + prometheus.io/scrape: "true" + labels: + app: pytorch-operator + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: kubeflow +spec: + ports: + - name: monitoring-port + port: 8443 + targetPort: 8443 + selector: + kustomize.component: pytorch-operator + name: pytorch-operator + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + name: spark-webhook + namespace: sparkoperator +spec: + ports: + - name: webhook + port: 443 + targetPort: 8080 + selector: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: datacatalog + name: datacatalog + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: datacatalog + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: datacatalog + app.kubernetes.io/name: datacatalog + app.kubernetes.io/version: 0.2.2 + spec: + containers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - serve + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: datacatalog + ports: + - containerPort: 8088 + - containerPort: 8089 + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + - mountPath: /etc/db + name: db-pass + initContainers: + - command: + - datacatalog + - --logtostderr + - --config + - /etc/datacatalog/config/*.yaml + - migrate + - run + image: docker.io/lyft/datacatalog:v0.2.2 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/datacatalog/config + name: config-volume + - mountPath: /etc/db + name: db-pass + serviceAccountName: datacatalog + volumes: + - emptyDir: {} + name: shared-data + - configMap: + name: datacatalog-config + name: config-volume + - name: db-pass + secret: + secretName: db-pass +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteadmin + name: flyteadmin + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteadmin + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flyteadmin + app.kubernetes.io/name: flyteadmin + app.kubernetes.io/version: 0.3.4 + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - serve + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: flyteadmin + ports: + - containerPort: 8088 + - containerPort: 8089 + resources: + limits: + cpu: "0.1" + ephemeral-storage: 100Mi + memory: 200Mi + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - sh + - -c + - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh + env: + - name: PAGE_TITLE + value: Flyte Admin OpenAPI + - name: SPEC_URL + value: /api/v1/openapi + - name: PORT + value: "8087" + image: docker.io/redocly/redoc + imagePullPolicy: IfNotPresent + name: redoc + ports: + - containerPort: 8087 + resources: + limits: + cpu: "0.1" + memory: 200Mi + initContainers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - run + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: run-migrations + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - migrate + - seed-projects + - flytesnacks + - flytetester + - flyteexamples + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: seed-projects + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + - command: + - sh + - -c + - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; + image: postgres:10.1 + name: check-db-ready + serviceAccountName: flyteadmin + volumes: + - emptyDir: {} + name: shared-data + - configMap: + name: flyte-admin-config + name: config-volume + - configMap: + name: clusterresource-template + name: resource-templates + - name: db-pass + secret: + secretName: db-pass +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flyteconsole + name: flyteconsole + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: flyteconsole + template: + metadata: + labels: + app: flyteconsole + app.kubernetes.io/name: flyteconsole + app.kubernetes.io/version: 0.11.0 + spec: + containers: + - envFrom: + - configMapRef: + name: flyte-console-config + image: docker.io/lyft/flyteconsole:v0.11.0 + name: flyteconsole + ports: + - containerPort: 8080 + volumeMounts: + - mountPath: /srv/flyte + name: shared-data + volumes: + - emptyDir: {} + name: shared-data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: flytepropeller + name: flytepropeller + namespace: flyte +spec: + selector: + matchLabels: + app: flytepropeller + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app: flytepropeller + app.kubernetes.io/name: flytepropeller + app.kubernetes.io/version: 0.3.12 + spec: + containers: + - args: + - --config + - /etc/flyte/config/*.yaml + command: + - flytepropeller + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: docker.io/lyft/flytepropeller:v0.3.12 + imagePullPolicy: IfNotPresent + name: flytepropeller + ports: + - containerPort: 10254 + volumeMounts: + - mountPath: /etc/flyte/config + name: config-volume + serviceAccountName: flytepropeller + volumes: + - configMap: + name: flyte-propeller-config + name: config-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: minio + namespace: flyte +spec: + selector: + matchLabels: + app: minio + template: + metadata: + labels: + app: minio + spec: + containers: + - args: + - server + - /data + env: + - name: MINIO_ACCESS_KEY + value: minio + - name: MINIO_SECRET_KEY + value: miniostorage + image: minio/minio:RELEASE.2019-06-04T01-15-58Z + name: minio + ports: + - containerPort: 9000 + name: minio + volumeMounts: + - mountPath: /data + name: minio-storage + volumes: + - emptyDir: {} + name: minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: flyte +spec: + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - image: postgres:10.1 + name: postgres + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-storage + volumes: + - emptyDir: {} + name: postgres-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: contour + name: contour + namespace: heptio-contour +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + namespace: kubeflow +spec: + replicas: 1 + selector: + matchLabels: + kustomize.component: pytorch-operator + name: pytorch-operator + template: + metadata: + labels: + kustomize.component: pytorch-operator + name: pytorch-operator + spec: + containers: + - command: + - /pytorch-operator.v1 + - --alsologtostderr + - -v=1 + - --monitoring-port=8443 + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f + name: pytorch-operator + serviceAccountName: pytorch-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator + namespace: sparkoperator +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + strategy: + type: Recreate + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scrape: "true" + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - args: + - -logtostderr + - -v=2 + - -controller-threads=20 + - -enable-metrics=true + - '-metrics-prefix=service:' + - -metrics-labels=task_name + - -metrics-labels=workflow_name + - -enable-webhook=true + - -webhook-svc-namespace=sparkoperator + command: + - /usr/bin/spark-operator + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: Always + name: sparkoperator-unknown + ports: + - containerPort: 10254 + - containerPort: 8080 + volumeMounts: + - mountPath: /etc/webhook-certs + name: webhook-certs + serviceAccountName: sparkoperator + volumes: + - name: webhook-certs + secret: + secretName: spark-webhook-certs +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: redis-resource-manager + serviceName: redis-resource-manager + template: + metadata: + labels: + app: redis-resource-manager + spec: + containers: + - env: + - name: REDIS_PASSWORD + value: mypassword + image: docker.io/bitnami/redis:4.0.2-r1 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: redis-resource-manager + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 200m + memory: 128Mi + volumeMounts: + - mountPath: /bitnami + name: redis-data + dnsPolicy: ClusterFirst + restartPolicy: Always + volumes: + - emptyDir: {} + name: redis-data +--- +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: syncresources + namespace: flyte +spec: + jobTemplate: + spec: + template: + spec: + containers: + - command: + - flyteadmin + - --logtostderr + - --config + - /etc/flyte/config/*.yaml + - clusterresource + - sync + image: docker.io/lyft/flyteadmin:v0.3.5 + imagePullPolicy: IfNotPresent + name: sync-cluster-resources + volumeMounts: + - mountPath: /etc/flyte/clusterresource/templates + name: resource-templates + - mountPath: /etc/flyte/config + name: config-volume + - mountPath: /etc/db + name: db-pass + restartPolicy: OnFailure + serviceAccountName: flyteadmin + volumes: + - configMap: + name: clusterresource-template + name: resource-templates + - configMap: + name: flyte-admin-config + name: config-volume + - name: db-pass + secret: + secretName: db-pass + schedule: '*/1 * * * *' +--- +apiVersion: batch/v1 +kind: Job +metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + name: sparkoperator-init + namespace: sparkoperator +spec: + backoffLimit: 3 + template: + metadata: + labels: + app.kubernetes.io/name: sparkoperator + app.kubernetes.io/version: v2.4.0-v1beta1 + spec: + containers: + - command: + - /usr/bin/gencerts.sh + - --namespace + - sparkoperator + - -p + image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 + imagePullPolicy: IfNotPresent + name: main + restartPolicy: Never + serviceAccountName: sparkoperator +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: flytesystem + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /console + - backend: + serviceName: flyteconsole + servicePort: 80 + path: /__webpack_hmr + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /api + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /healthcheck + - backend: + serviceName: flyteadmin + servicePort: 80 + path: /v1 + - backend: + serviceName: flyteadmin + servicePort: 81 + path: /flyteidl.service.AdminService + - backend: + serviceName: flyteadmin + servicePort: 87 + path: /openapi +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: minio + namespace: flyte +spec: + rules: + - http: + paths: + - backend: + serviceName: minio + servicePort: 9000 + path: /minio diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index eaa968eaca..d2a14cf25a 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -namespace: flyte +# namespace: flyte bases: - ../../base/single_cluster/headless diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh index b7168d768b..54749d573b 100755 --- a/script/generate_kustomize.sh +++ b/script/generate_kustomize.sh @@ -2,15 +2,22 @@ set -ex -echo "Install Kustomize" +echo "Installing Kustomize" +mkdir -p _bin; cd _bin; rm kustomize; curl -s "https://raw.githubusercontent.com/\ kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash +cd - +# All the overlays to be built DEPLOYMENT=${1:-sandbox test eks gcp} + +KUSTOMIZE=_bin/kustomize +KUSTOMIZE_OVERLAYS_ROOT=kustomize/overlays + DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" for deployment in ${DEPLOYMENT}; do - kustomize build kustomize/overlays/${deployment} > ${DIR}/../deployment/${deployment}/flyte_generated.yaml + ${KUSTOMIZE} build ${KUSTOMIZE_OVERLAYS_ROOT}/${deployment} > ${DIR}/../deployment/${deployment}/flyte_generated.yaml done # This section is used by GitHub workflow to ensure that the generation step was run From ee1809b76d47ddb5734728f4c93a8d23d0f7d63a Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 17:44:08 -0700 Subject: [PATCH 31/41] Improved README --- kustomize/README.md | 13 ++- kustomize/base/README.md | 12 ++- kustomize/base/operators/README.md | 1 + kustomize/base/single_cluster/README.md | 4 +- .../base/single_cluster/complete/README.md | 11 +-- kustomize/overlays/README.md | 8 +- kustomize/overlays/eks/README.md | 79 +------------------ kustomize/overlays/gcp/README.md | 2 +- kustomize/overlays/sandbox/README.md | 3 +- 9 files changed, 40 insertions(+), 93 deletions(-) create mode 100644 kustomize/base/operators/README.md diff --git a/kustomize/README.md b/kustomize/README.md index 1d23e81b8e..ea843ccb47 100644 --- a/kustomize/README.md +++ b/kustomize/README.md @@ -1,6 +1,13 @@ # Install Flyte using Kustomize +Flyte can be deployed to a kubernetes cluster using a generated deployment yaml file. This file is generated using [Kustomize](https://kubectl.docs.kubernetes.io/pages/reference/kustomize.html). +Please refer to Kustomize documentation to see how it works. -[Kustomize](https://kubectl.docs.kubernetes.io/pages/reference/kustomize.html) +In brief, Kustomize allows composing a deployment yaml using multiple components. In Flyte all the core components are listed under [Base Components](./base). The Base components also consist of +a composed set of components that can be deployed to a [Single Kubernetes cluster](./base/single_cluster). This deployment configures various components using [Flyte Configuration +system](todo). -[Base Components](./base) -[Overlays](./overlays) +The *Single Cluster* configuration on its own is not deployable. But indiviudal [overlays](./overlays) are deployable. + +Refer to +1. [Base Components](./base): If you want to build your own overlay start here +1. [overlays](./Overlays): If you want to build on top of an existing overlay start here diff --git a/kustomize/base/README.md b/kustomize/base/README.md index 2c38e39715..b0bb224d24 100644 --- a/kustomize/base/README.md +++ b/kustomize/base/README.md @@ -4,6 +4,16 @@ These deployments provide individual deployment units of the Flyte Backend. As a user it might be preferable to use the `single_cluster` deployment base to create an overlay on top of, or directly edit on top of one of the existing overlays. -[Single Cluster Flyte Deployment configuration](./single_cluster) +## To create a new flyte overlay for one K8s cluster + Start here +- [Single Cluster Flyte Deployment configuration](./single_cluster) +## To create a completely custom overlay refer to components +1. FlyteAdmin [Deployment](./admindeployment) | [ServiceAccount](./adminserviceaccount) +1. [Core Flyte namespace creation](./namespace) +1. [FlytePropeller](./propeller) & its [CRD](./wf_crd) +1. [DataCatalog](./datacatalog) +1. [FlyteConsole](./console) +1. [Overall Ingress for Flyte (optional)](./ingress) +1. [Additional plugin components for Flyte using K8s operators](./operators) diff --git a/kustomize/base/operators/README.md b/kustomize/base/operators/README.md new file mode 100644 index 0000000000..4f6516eb9d --- /dev/null +++ b/kustomize/base/operators/README.md @@ -0,0 +1 @@ +# Install plugins diff --git a/kustomize/base/single_cluster/README.md b/kustomize/base/single_cluster/README.md index 0fd138dc3f..2acf9a208c 100644 --- a/kustomize/base/single_cluster/README.md +++ b/kustomize/base/single_cluster/README.md @@ -5,7 +5,9 @@ All components are deployed and can be configured to use dependencies based on t To understand configuration of dependencies refer to sandbox or any cloud deployments -## Overlays using the single cluster mode +Overlays using the single cluster mode 1. [Sandbox Overlay](../../overlays/sandbox) 1. [GCP SingleCluster Overlay](../../overlays/gcp) 1. [EKS SingleCluster Overlay](../../overlays/eks) + +These overlays are based on [Flyte Single Cluster deployment Configuration base](./complete) diff --git a/kustomize/base/single_cluster/complete/README.md b/kustomize/base/single_cluster/complete/README.md index 0fd138dc3f..ae9fa2af49 100644 --- a/kustomize/base/single_cluster/complete/README.md +++ b/kustomize/base/single_cluster/complete/README.md @@ -1,11 +1,6 @@ [Back to Base components menu](../) # Flyte Single cluster deployment mode -This allows flyte to be deployed in one Kubernetes cluster. -All components are deployed and can be configured to use dependencies based on the environment. +This provides a complete deployment of Flyte onto a single K8s cluster -To understand configuration of dependencies refer to sandbox or any cloud deployments - -## Overlays using the single cluster mode -1. [Sandbox Overlay](../../overlays/sandbox) -1. [GCP SingleCluster Overlay](../../overlays/gcp) -1. [EKS SingleCluster Overlay](../../overlays/eks) +# Configuration +all the configs are in ./config folder diff --git a/kustomize/overlays/README.md b/kustomize/overlays/README.md index dbd82831c7..2db1865db8 100644 --- a/kustomize/overlays/README.md +++ b/kustomize/overlays/README.md @@ -1,4 +1,8 @@ # Deploy Flyte using one of the given overlays -1. [Sandbox](./sandbox) -1. [GCP](./gcp) +To start a deployment use one of the following overlays as a starting point. If you are just playing around with Flyte, use Sandbox overlay - and preferably the pre-generated yaml - available +[here](../../deployment/sandbox/flyte_generated.yaml) + +1. [Sandbox](./sandbox) : A pre-configured overlay to deploy a complete standalone cluster onto a local k8s cluster +1. [GCP](./gcp): An almost configured overlay to deploy a production ready cluster to GCP. Some modifications needed for your environment +1. [EKS](./eks): An almost configured overlay to deploy a production ready cluster to AWS. Some modifications needed for your environment diff --git a/kustomize/overlays/eks/README.md b/kustomize/overlays/eks/README.md index 20d5660d64..26a0c3728f 100644 --- a/kustomize/overlays/eks/README.md +++ b/kustomize/overlays/eks/README.md @@ -1,5 +1,5 @@ [All Overlays](./) -# Amazon Webservices Elastic Kubernetes Service Overlay +# :construction: Amazon Webservices Elastic Kubernetes Service Overlay This overlay serves as an example to bootstrap Flyte setup on AWS. It is not designed to work out of the box due to the need of AWS resources. Please follow the instruction @@ -9,91 +9,18 @@ _Hint_: searching `TODO:` through this directory would help to understand what n ## AWS RDS -[Cloud SQL](https://cloud.google.com/sql) is used as persistence layer. To set it up, please -follow standard GCP documentation. - -A few things are required for this overlay to function: - -* Two databases named as `flyte` and `datacatalog` -* A database user named as `flyte` -* Password of the database user should be uploaded to GKE as a k8s secret named as `db-user-pass` - containing of a file named as `db_pwd.txt`of which the content is the plain text password -* Service account(s) associated with `flyteadmin` and `datacatalog` pods (either as GKE cluster - service account or through workload identity) should have `Cloud SQL Editor` role - -To securely access Cloud SQL instance, [Cloud SQL -Proxy](https://cloud.google.com/sql/docs/postgres/connect-admin-proxy) is launched as a pod sitting -in between Flyte and Cloud SQL instance. - -The kustomization files can be found under [cloudsqlproxy](cloudsqlproxy). Please note that one -needs to replace `` and `` accordingly in -[cloudsqlproxy/deployment.yaml](cloudsqlproxy/deployment.yaml). ## FlyteAdmin -flyteadmin configuration is kept as similar as [sandbox](../sandbox) overlay, with only necessary -modifications such as database, storage and CORS. - -If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. - -For storage layer, a few things needs to be done: - -* Create a GCS bucket named as `flyte` in a GCP project -* Replace `` in [admin/flyteadmin_config.yaml](admin/flyteadmin_config.yaml) with the - GCP project ID - -For CORS to work properly, one needs to use real origin in -[admin/flyteadmin_config.yaml](admin/flyteadmin_config.yaml) `server -> security -> allowedOrigins`. - -flyteadmin (including metrics endpoint) is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). ## FlyteConsole -[flyteconsole configmap](console/configmap.yaml) needs to be updated with flyteadmin internal load -balancer IP address or the DNS name associated with it if any. - -flyteconsole is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). - -## flytepropeller - -flytepropeller configuration is kept as similar as [sandbox](../sandbox) overlay, with only -necessary modifications such as storage. - -For storage layer, a few things needs to be done: - -* Create a GCS bucket named as `flyte` in a GCP project (skip this if already done) -* Replace `` in [propeller/config.yaml](propeller/config.yaml) with the - GCP project ID -* Replace `` in [propeller/plugins/config.yaml](propeller/plugins/config.yaml) with the - GCP project ID - -By default, three plugins are enabled: - -* container -* k8s-array -* sidecar - -flytepropeller metrics endpoint is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). ## DataCatalog -datacatalog configuration is kept as similar as [sandbox](../sandbox) overlay, with only -necessary modifications such as database and storage. - -If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. - -For storage layer, a few things needs to be done: - -* Create a GCS bucket named as `flyte` in a GCP project (skip this if already done) -* Replace `` in [datacatalog/datacatalog_config.yaml](propeller/config.yaml) with the - GCP project ID - -datacatalog metrics endpoint is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). +## Build it +Refer to previous documentation ## Now ship it diff --git a/kustomize/overlays/gcp/README.md b/kustomize/overlays/gcp/README.md index afda4f464e..5e58dff57a 100644 --- a/kustomize/overlays/gcp/README.md +++ b/kustomize/overlays/gcp/README.md @@ -1,5 +1,5 @@ [All Overlays](./) -# Google Cloud Platform Overlay +# :construction: Google Cloud Platform Overlay This overlay serves as an example to bootstrap Flyte setup on Google Cloud Platform (GCP). It is not designed to work out of the box due to the need of GCP resources. Please follow the instruction diff --git a/kustomize/overlays/sandbox/README.md b/kustomize/overlays/sandbox/README.md index 85c7c0afae..82dbef46f1 100644 --- a/kustomize/overlays/sandbox/README.md +++ b/kustomize/overlays/sandbox/README.md @@ -1,3 +1,4 @@ [All overlays](../) # Flyte Sandbox deployment - Kustomize overlay -TBD +This module creates a standalone Flyte cluster with all its dependencies. This is a great starting point for trying out Flyte and experimenting with Flyte. The overlay can be Kustomized and made to +scale higher, but as is is not intended for production use From 720081adaf8308a23ea5f565d7fb71140ab473e5 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Wed, 23 Sep 2020 22:00:42 -0700 Subject: [PATCH 32/41] update script --- script/generate_kustomize.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh index 54749d573b..b49626e2af 100755 --- a/script/generate_kustomize.sh +++ b/script/generate_kustomize.sh @@ -3,7 +3,12 @@ set -ex echo "Installing Kustomize" -mkdir -p _bin; cd _bin; rm kustomize; +KUSTOMIZE=_bin/kustomize + +if [ -f ${KUSTOMIZE} ]; then + rm ${KUSTOMIZE} +fi +mkdir -p _bin; cd _bin curl -s "https://raw.githubusercontent.com/\ kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash cd - @@ -11,7 +16,6 @@ cd - # All the overlays to be built DEPLOYMENT=${1:-sandbox test eks gcp} -KUSTOMIZE=_bin/kustomize KUSTOMIZE_OVERLAYS_ROOT=kustomize/overlays DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" From 22b13e5de68d39411ec4f402fb79f9de844ab4ee Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 11:32:54 -0700 Subject: [PATCH 33/41] update test images --- deployment/test/flyte_generated.yaml | 6 +++--- kustomize/overlays/test/kustomization.yaml | 19 +++++++++++++++++++ 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/deployment/test/flyte_generated.yaml b/deployment/test/flyte_generated.yaml index ed14f923d0..8c9a240e09 100644 --- a/deployment/test/flyte_generated.yaml +++ b/deployment/test/flyte_generated.yaml @@ -771,7 +771,7 @@ spec: - --config - /etc/datacatalog/config/*.yaml - serve - image: datacatalog:v0.2.2 + image: docker.io/lyft/datacatalog:v0.2.2 imagePullPolicy: IfNotPresent name: datacatalog ports: @@ -790,7 +790,7 @@ spec: - /etc/datacatalog/config/*.yaml - migrate - run - image: datacatalog:v0.2.2 + image: docker.io/lyft/datacatalog:v0.2.2 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: @@ -970,7 +970,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - image: flytepropeller:v0.3.12 + image: docker.io/lyft/flytepropeller:v0.3.12 imagePullPolicy: IfNotPresent name: flytepropeller ports: diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index d2a14cf25a..a117eb761b 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -55,3 +55,22 @@ configMapGenerator: - ./config/datacatalog/db.yaml - ./config/common/storage.yaml - ./config/common/logger.yaml + +# Images that should be used +images: + # FlyteAdmin + - name: flyteadmin # match images with this name + newTag: v0.3.5 # override the tag + newName: docker.io/lyft/flyteadmin # override the name + # FlyteConsole + - name: flyteconsole # match images with this name + newTag: v0.11.0 # override the tag + newName: docker.io/lyft/flyteconsole # override the namep + # Flyte DataCatalog + - name: datacatalog # match images with this name + newTag: v0.2.2 # override the tag + newName: docker.io/lyft/datacatalog # override the name + # FlytePropeller + - name: flytepropeller # match images with this name + newTag: v0.3.12 # override the tag + newName: docker.io/lyft/flytepropeller # override the name From cbdc9f6da94c5e6058d75b1e913b6f543c017c34 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 15:01:08 -0700 Subject: [PATCH 34/41] updated --- deployment/eks/flyte_generated.yaml | 2 +- deployment/gcp/flyte_generated.yaml | 2 +- deployment/sandbox/flyte_generated.yaml | 8 ++++---- kustomize/overlays/eks/kustomization.yaml | 2 +- kustomize/overlays/gcp/kustomization.yaml | 2 +- kustomize/overlays/sandbox/kustomization.yaml | 2 +- kustomize/overlays/test/kustomization.yaml | 2 +- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index 31b357d939..7bd555c73b 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -1400,7 +1400,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index 17cdf42e27..ad9704a1d7 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -1468,7 +1468,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml index 0dada43f3c..0371137b0b 100644 --- a/deployment/sandbox/flyte_generated.yaml +++ b/deployment/sandbox/flyte_generated.yaml @@ -1305,7 +1305,7 @@ spec: - /etc/flyte/config/*.yaml - migrate - run - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: @@ -1323,7 +1323,7 @@ spec: - flytesnacks - flytetester - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: seed-projects volumeMounts: @@ -1338,7 +1338,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: @@ -1763,7 +1763,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: diff --git a/kustomize/overlays/eks/kustomization.yaml b/kustomize/overlays/eks/kustomization.yaml index 16cb7a6d21..d3bde7dffd 100644 --- a/kustomize/overlays/eks/kustomization.yaml +++ b/kustomize/overlays/eks/kustomization.yaml @@ -80,7 +80,7 @@ secretGenerator: images: # FlyteAdmin - name: flyteadmin # match images with this name - newTag: v0.3.5 # override the tag + newTag: v0.3.6 # override the tag newName: docker.io/lyft/flyteadmin # override the name # FlyteConsole - name: flyteconsole # match images with this name diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index 1992696894..515563cbac 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -78,7 +78,7 @@ secretGenerator: images: # FlyteAdmin - name: flyteadmin # match images with this name - newTag: v0.3.5 # override the tag + newTag: v0.3.6 # override the tag newName: docker.io/lyft/flyteadmin # override the name # FlyteConsole - name: flyteconsole # match images with this name diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index 28a83f7477..cb37639c37 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -63,7 +63,7 @@ configMapGenerator: images: # FlyteAdmin - name: flyteadmin # match images with this name - newTag: v0.3.5 # override the tag + newTag: v0.3.6 # override the tag newName: docker.io/lyft/flyteadmin # override the name # FlyteConsole - name: flyteconsole # match images with this name diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index a117eb761b..4052ebc3e9 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -60,7 +60,7 @@ configMapGenerator: images: # FlyteAdmin - name: flyteadmin # match images with this name - newTag: v0.3.5 # override the tag + newTag: v0.3.6 # override the tag newName: docker.io/lyft/flyteadmin # override the name # FlyteConsole - name: flyteconsole # match images with this name From c8f6ffe07f4abab60a4b0282659ad9ebd24cb6a5 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 15:25:20 -0700 Subject: [PATCH 35/41] try again --- deployment/eks/flyte_generated.yaml | 4 ++-- deployment/gcp/flyte_generated.yaml | 4 ++-- deployment/sandbox/flyte_generated.yaml | 2 +- deployment/test/flyte_generated.yaml | 23 +++++++++++++++---- .../base/admindeployment/kustomization.yaml | 7 ------ .../overlays/test/admin/kustomization.yaml | 6 ----- kustomize/overlays/test/kustomization.yaml | 3 +++ 7 files changed, 27 insertions(+), 22 deletions(-) delete mode 100644 kustomize/overlays/test/admin/kustomization.yaml diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index 7bd555c73b..3c5de1e2f2 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -1041,7 +1041,7 @@ spec: - --config - /etc/flyte/config/*.yaml - serve - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: flyteadmin ports: @@ -1087,7 +1087,7 @@ spec: - /etc/flyte/config/*.yaml - migrate - run - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index ad9704a1d7..520d79d64b 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -1109,7 +1109,7 @@ spec: - --config - /etc/flyte/config/*.yaml - serve - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: flyteadmin ports: @@ -1155,7 +1155,7 @@ spec: - /etc/flyte/config/*.yaml - migrate - run - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml index 0371137b0b..866ac608a8 100644 --- a/deployment/sandbox/flyte_generated.yaml +++ b/deployment/sandbox/flyte_generated.yaml @@ -1259,7 +1259,7 @@ spec: - --config - /etc/flyte/config/*.yaml - serve - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: flyteadmin ports: diff --git a/deployment/test/flyte_generated.yaml b/deployment/test/flyte_generated.yaml index 8c9a240e09..def84f5599 100644 --- a/deployment/test/flyte_generated.yaml +++ b/deployment/test/flyte_generated.yaml @@ -682,6 +682,10 @@ spec: port: 81 protocol: TCP targetPort: 8089 + - name: redoc + port: 87 + protocol: TCP + targetPort: 8087 selector: app: flyteadmin --- @@ -839,12 +843,17 @@ spec: - --config - /etc/flyte/config/*.yaml - serve - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: flyteadmin ports: - containerPort: 8088 - containerPort: 8089 + resources: + limits: + cpu: "0.1" + ephemeral-storage: 100Mi + memory: 200Mi volumeMounts: - mountPath: /srv/flyte name: shared-data @@ -880,7 +889,7 @@ spec: - /etc/flyte/config/*.yaml - migrate - run - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: run-migrations volumeMounts: @@ -898,7 +907,7 @@ spec: - flytesnacks - flytetester - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: seed-projects volumeMounts: @@ -913,7 +922,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: @@ -923,6 +932,12 @@ spec: name: config-volume - mountPath: /etc/db name: db-pass + - command: + - sh + - -c + - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; + image: postgres:10.1 + name: check-db-ready serviceAccountName: flyteadmin volumes: - emptyDir: {} diff --git a/kustomize/base/admindeployment/kustomization.yaml b/kustomize/base/admindeployment/kustomization.yaml index e33164b383..a944d005ca 100644 --- a/kustomize/base/admindeployment/kustomization.yaml +++ b/kustomize/base/admindeployment/kustomization.yaml @@ -1,10 +1,3 @@ resources: - deployment.yaml - service.yaml - -# Images that should be used -images: - # FlyteAdmin - - name: flyteadmin # match images with this name - newTag: v0.3.5 # override the tag - newName: docker.io/lyft/flyteadmin # override the name diff --git a/kustomize/overlays/test/admin/kustomization.yaml b/kustomize/overlays/test/admin/kustomization.yaml deleted file mode 100644 index 91d0bffa07..0000000000 --- a/kustomize/overlays/test/admin/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -bases: -- ../../admindeployment -- ../../admindeployment/clustersync - -patches: -- deployment.yaml diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index 4052ebc3e9..8f2ca61ff7 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -20,6 +20,9 @@ resources: # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - ./dependencies/contour_ingress_controller +patches: + - ./admin/deployment.yaml + configMapGenerator: # the main admin configmap - name: flyte-admin-config From 69b9bd476e746c115547de50723eb089fc575625 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 15:32:28 -0700 Subject: [PATCH 36/41] removed wrong tags --- deployment/eks/flyte_generated.yaml | 4 +- deployment/gcp/flyte_generated.yaml | 4 +- .../base/admindeployment/deployment.yaml | 4 +- kustomize/overlays/sandbox/test.yaml | 1872 ----------------- 4 files changed, 6 insertions(+), 1878 deletions(-) delete mode 100644 kustomize/overlays/sandbox/test.yaml diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index 3c5de1e2f2..bf037eb5be 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -1105,7 +1105,7 @@ spec: - flytesnacks - flytetester - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: seed-projects volumeMounts: @@ -1120,7 +1120,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index 520d79d64b..8d2fccee4f 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -1173,7 +1173,7 @@ spec: - flytesnacks - flytetester - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: seed-projects volumeMounts: @@ -1188,7 +1188,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.5 + image: docker.io/lyft/flyteadmin:v0.3.6 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: diff --git a/kustomize/base/admindeployment/deployment.yaml b/kustomize/base/admindeployment/deployment.yaml index 24dae11c87..3cd287bf9a 100644 --- a/kustomize/base/admindeployment/deployment.yaml +++ b/kustomize/base/admindeployment/deployment.yaml @@ -47,7 +47,7 @@ spec: mountPath: /etc/db # Optional, These just seed the project - TODO move them to only - name: seed-projects - image: docker.io/lyft/flyteadmin:v0.3.5 + image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "migrate", "seed-projects", "flytesnacks", "flytetester", "flyteexamples"] @@ -57,7 +57,7 @@ spec: - name: db-pass mountPath: /etc/db - name: sync-cluster-resources - image: docker.io/lyft/flyteadmin:v0.3.5 + image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent command: ["flyteadmin", "--logtostderr", "--config", "/etc/flyte/config/*.yaml", "clusterresource", "sync"] volumeMounts: diff --git a/kustomize/overlays/sandbox/test.yaml b/kustomize/overlays/sandbox/test.yaml deleted file mode 100644 index 0dada43f3c..0000000000 --- a/kustomize/overlays/sandbox/test.yaml +++ /dev/null @@ -1,1872 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte ---- -apiVersion: v1 -kind: Namespace -metadata: - name: heptio-contour ---- -apiVersion: v1 -kind: Namespace -metadata: - name: sparkoperator ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - version: v1alpha1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - labels: - component: ingressroute - name: ingressroutes.contour.heptio.com -spec: - additionalPrinterColumns: - - JSONPath: .spec.virtualhost.fqdn - description: Fully qualified domain name - name: FQDN - type: string - - JSONPath: .spec.virtualhost.tls.secretName - description: Secret with TLS credentials - name: TLS Secret - type: string - - JSONPath: .spec.routes[0].match - description: First routes defined - name: First route - type: string - - JSONPath: .status.currentStatus - description: The current status of the IngressRoute - name: Status - type: string - - JSONPath: .status.description - description: Description of the current status - name: Status Description - type: string - group: contour.heptio.com - names: - kind: IngressRoute - plural: ingressroutes - scope: Namespaced - validation: - openAPIV3Schema: - properties: - spec: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - routes: - items: - properties: - delegate: - properties: - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - namespace: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - match: - pattern: ^\/.*$ - type: string - services: - items: - properties: - healthCheck: - properties: - healthyThresholdCount: - type: integer - intervalSeconds: - type: integer - path: - pattern: ^\/.*$ - type: string - timeoutSeconds: - type: integer - unhealthyThresholdCount: - type: integer - required: - - path - type: object - name: - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - type: integer - strategy: - enum: - - RoundRobin - - WeightedLeastRequest - - Random - - RingHash - - Maglev - type: string - weight: - type: integer - required: - - name - - port - type: object - type: array - required: - - match - type: array - strategy: - enum: - - RoundRobin - - LeastRequest - - Random - - RingHash - - Maglev - type: string - virtualhost: - properties: - aliases: - items: - pattern: ^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$ - type: string - type: array - fqdn: - pattern: ^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-z]{2,}$ - type: string - required: - - routes - version: v1beta1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: pytorchjobs.kubeflow.org -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[-1:].type - name: State - type: string - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: kubeflow.org - names: - kind: PyTorchJob - plural: pytorchjobs - singular: pytorchjob - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - spec: - properties: - pytorchReplicaSpecs: - properties: - Master: - properties: - replicas: - maximum: 1 - minimum: 1 - type: integer - Worker: - properties: - replicas: - minimum: 1 - type: integer - versions: - - name: v1 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - version: v1beta1 ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: contour - namespace: heptio-contour ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyteadmin - namespace: flyte -rules: -- apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flytepropeller -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -- apiGroups: - - '*' - resources: - - '*' - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -- apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -aggregationRule: - clusterRoleSelectors: - - matchLabels: - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" - name: kubeflow-pytorchjobs-admin -rules: [] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" - name: kubeflow-pytorchjobs-edit -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" - name: kubeflow-pytorchjobs-view -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: contour -rules: -- apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - get - - list - - watch -- apiGroups: - - contour.heptio.com - resources: - - ingressroutes - verbs: - - get - - list - - watch - - put - - post - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - '*' -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - '*' -- apiGroups: - - "" - resources: - - pods - - services - - endpoints - - events - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: sparkoperator -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - - configmaps - - secrets - verbs: - - create - - get - - delete -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - delete -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - update - - delete - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - create - - get - - update - - delete -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - get - - update - - delete -- apiGroups: - - sparkoperator.k8s.io - resources: - - sparkapplications - - scheduledsparkapplications - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: -- kind: ServiceAccount - name: flyteadmin - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: contour -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: contour -subjects: -- kind: ServiceAccount - name: contour - namespace: heptio-contour ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: pytorch-operator -subjects: -- kind: ServiceAccount - name: pytorch-operator - namespace: kubeflow ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: sparkoperator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sparkoperator -subjects: -- kind: ServiceAccount - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte ---- -apiVersion: v1 -data: - aa_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: {{ namespace }} - spec: - finalizers: - - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" - ac_project-copilot-dataconfig.yaml: | - kind: ConfigMap - apiVersion: v1 - metadata: - name: flyte-data-config - namespace: {{ namespace }} - data: - config.yaml: | - storage: - connection: - access-key: minio - auth-type: accesskey - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - secret-key: miniostorage - type: minio - container: my-s3-bucket - enable-multicontainer: true - ad_spark-role.yaml: | - apiVersion: rbac.authorization.k8s.io/v1beta1 - kind: Role - metadata: - name: spark-role - namespace: {{ namespace }} - rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - '*' - - apiGroups: - - "" - resources: - - services - verbs: - - '*' - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' - ae_spark-service-account.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: spark - namespace: {{ namespace }} - af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1beta1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: clusterresource-template-tkdkkt4cb5 ---- -apiVersion: v1 -data: - db.yaml: | - database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable - logger.yaml: | - logger: - show-source: true - level: 2 - server.yaml: | - datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 - application: - grpcPort: 8089 - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: datacatalog-config-64k8dg9gck ---- -apiVersion: v1 -data: - cluster_resources.yaml: | - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m - db.yaml: | - database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable - domain.yaml: | - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - logger.yaml: | - logger: - show-source: true - level: 2 - remote_data.yaml: | - remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 - server.yaml: | - server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - - task_resource_defaults.yaml: | - task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: flyte-admin-config-c96tt5m6b7 ---- -apiVersion: v1 -data: - admin.yaml: | - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog.yaml: | - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - copilot.yaml: | - plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "30s" - core.yaml: | - propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 - enabled_plugins.yaml: | - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array - - pytorch - k8s.yaml: | - plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi - logger.yaml: | - logger: - show-source: true - level: 2 - qubole.yaml: | - plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" - resource_manager.yaml: | - propeller: - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword - spark.yaml: | - plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - - task_logs.yaml: | - plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" -kind: ConfigMap -metadata: - annotations: {} - labels: {} - name: flyte-propeller-config-88kbgkkfbd ---- -apiVersion: v1 -data: - pass.txt: YXdlc29tZXNhdWNl -kind: Secret -metadata: - name: db-pass-9dgchhk2bm -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: datacatalog - namespace: flyte -spec: - ports: - - name: http - port: 88 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 89 - protocol: TCP - targetPort: 8089 - selector: - app: datacatalog ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: flyteadmin - namespace: flyte -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - selector: - app: flyteadmin ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte -spec: - ports: - - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole ---- -apiVersion: v1 -kind: Service -metadata: - name: minio - namespace: flyte -spec: - externalName: minio - ports: - - port: 9000 - selector: - app: minio ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - name: postgres - namespace: flyte -spec: - ports: - - port: 5432 - selector: - app: postgres ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP - selector: - app: contour - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "8443" - prometheus.io/scrape: "true" - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow -spec: - ports: - - name: monitoring-port - port: 8443 - targetPort: 8443 - selector: - kustomize.component: pytorch-operator - name: pytorch-operator - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - name: spark-webhook - namespace: sparkoperator -spec: - ports: - - name: webhook - port: 443 - targetPort: 8080 - selector: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: datacatalog - name: datacatalog - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.2.2 - spec: - containers: - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/*.yaml - - serve - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: datacatalog - ports: - - containerPort: 8088 - - containerPort: 8089 - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - datacatalog - - --logtostderr - - --config - - /etc/datacatalog/config/*.yaml - - migrate - - run - image: docker.io/lyft/datacatalog:v0.2.2 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - serviceAccountName: datacatalog - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: datacatalog-config - name: config-volume - - name: db-pass - secret: - secretName: db-pass ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteadmin - name: flyteadmin - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.3.4 - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - serve - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: flyteadmin - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: Flyte Admin OpenAPI - - name: SPEC_URL - value: /api/v1/openapi - - name: PORT - value: "8087" - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - name: redoc - ports: - - containerPort: 8087 - resources: - limits: - cpu: "0.1" - memory: 200Mi - initContainers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - migrate - - run - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - migrate - - seed-projects - - flytesnacks - - flytetester - - flyteexamples - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: seed-projects - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - sh - - -c - - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; - image: postgres:10.1 - name: check-db-ready - serviceAccountName: flyteadmin - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: flyte-admin-config - name: config-volume - - configMap: - name: clusterresource-template - name: resource-templates - - name: db-pass - secret: - secretName: db-pass ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteconsole - name: flyteconsole - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.11.0 - spec: - containers: - - envFrom: - - configMapRef: - name: flyte-console-config - image: docker.io/lyft/flyteconsole:v0.11.0 - name: flyteconsole - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - volumes: - - emptyDir: {} - name: shared-data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytepropeller - name: flytepropeller - namespace: flyte -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.3.12 - spec: - containers: - - args: - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: docker.io/lyft/flytepropeller:v0.3.12 - imagePullPolicy: IfNotPresent - name: flytepropeller - ports: - - containerPort: 10254 - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - serviceAccountName: flytepropeller - volumes: - - configMap: - name: flyte-propeller-config - name: config-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - namespace: flyte -spec: - selector: - matchLabels: - app: minio - template: - metadata: - labels: - app: minio - spec: - containers: - - args: - - server - - /data - env: - - name: MINIO_ACCESS_KEY - value: minio - - name: MINIO_SECRET_KEY - value: miniostorage - image: minio/minio:RELEASE.2019-06-04T01-15-58Z - name: minio - ports: - - containerPort: 9000 - name: minio - volumeMounts: - - mountPath: /data - name: minio-storage - volumes: - - emptyDir: {} - name: minio-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres - namespace: flyte -spec: - selector: - matchLabels: - app: postgres - template: - metadata: - labels: - app: postgres - spec: - containers: - - image: postgres:10.1 - name: postgres - ports: - - containerPort: 5432 - name: postgres - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-storage - volumes: - - emptyDir: {} - name: postgres-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow -spec: - replicas: 1 - selector: - matchLabels: - kustomize.component: pytorch-operator - name: pytorch-operator - template: - metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - spec: - containers: - - command: - - /pytorch-operator.v1 - - --alsologtostderr - - -v=1 - - --monitoring-port=8443 - env: - - name: MY_POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f - name: pytorch-operator - serviceAccountName: pytorch-operator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator - namespace: sparkoperator -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - args: - - -logtostderr - - -v=2 - - -controller-threads=20 - - -enable-metrics=true - - '-metrics-prefix=service:' - - -metrics-labels=task_name - - -metrics-labels=workflow_name - - -enable-webhook=true - - -webhook-svc-namespace=sparkoperator - command: - - /usr/bin/spark-operator - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: Always - name: sparkoperator-unknown - ports: - - containerPort: 10254 - - containerPort: 8080 - volumeMounts: - - mountPath: /etc/webhook-certs - name: webhook-certs - serviceAccountName: sparkoperator - volumes: - - name: webhook-certs - secret: - secretName: spark-webhook-certs ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: docker.io/bitnami/redis:4.0.2-r1 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always - volumes: - - emptyDir: {} - name: redis-data ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --logtostderr - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: docker.io/lyft/flyteadmin:v0.3.5 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template - name: resource-templates - - configMap: - name: flyte-admin-config - name: config-volume - - name: db-pass - secret: - secretName: db-pass - schedule: '*/1 * * * *' ---- -apiVersion: batch/v1 -kind: Job -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - name: sparkoperator-init - namespace: sparkoperator -spec: - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.0-v1beta1 - spec: - containers: - - command: - - /usr/bin/gencerts.sh - - --namespace - - sparkoperator - - -p - image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 - imagePullPolicy: IfNotPresent - name: main - restartPolicy: Never - serviceAccountName: sparkoperator ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: flytesystem - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /console - - backend: - serviceName: flyteconsole - servicePort: 80 - path: /__webpack_hmr - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /api - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /healthcheck - - backend: - serviceName: flyteadmin - servicePort: 80 - path: /v1 - - backend: - serviceName: flyteadmin - servicePort: 81 - path: /flyteidl.service.AdminService - - backend: - serviceName: flyteadmin - servicePort: 87 - path: /openapi ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: minio - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - serviceName: minio - servicePort: 9000 - path: /minio From 6dc60dade0be8b2d245efcbca39304721d5f4cb8 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 17:04:35 -0700 Subject: [PATCH 37/41] version of kustomize pinned --- Makefile | 2 +- deployment/eks/flyte_generated.yaml | 95 +++--- deployment/gcp/flyte_generated.yaml | 95 +++--- deployment/sandbox/flyte_generated.yaml | 303 +++++++++--------- deployment/test/flyte_generated.yaml | 211 ++++++------ kustomize/overlays/eks/kustomization.yaml | 2 +- kustomize/overlays/gcp/kustomization.yaml | 2 +- kustomize/overlays/sandbox/kustomization.yaml | 2 +- kustomize/overlays/test/kustomization.yaml | 4 +- script/generate_kustomize.sh | 3 +- 10 files changed, 370 insertions(+), 349 deletions(-) diff --git a/Makefile b/Makefile index 854100e5b0..9c340800be 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ .PHONY: kustomize kustomize: - bash script/generate_kustomize.sh + KUSTOMIZE_VERSION=3.8.2 bash script/generate_kustomize.sh .PHONY: deploy_sandbox deploy_sandbox: diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index bf037eb5be..3278070ea6 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -111,13 +111,13 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: name: sparkoperator - namespace: sparkoperator + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -412,7 +412,7 @@ roleRef: subjects: - kind: ServiceAccount name: pytorch-operator - namespace: kubeflow + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -425,15 +425,6 @@ roleRef: subjects: - kind: ServiceAccount name: sparkoperator - namespace: sparkoperator ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config namespace: flyte --- apiVersion: v1 @@ -503,6 +494,7 @@ metadata: annotations: {} labels: {} name: clusterresource-template-tkdkkt4cb5 + namespace: flyte --- apiVersion: v1 data: @@ -551,6 +543,7 @@ metadata: annotations: {} labels: {} name: datacatalog-config-2bb94tc5b5 + namespace: flyte --- apiVersion: v1 data: @@ -659,6 +652,16 @@ metadata: annotations: {} labels: {} name: flyte-admin-config-g79597h75m + namespace: flyte +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config + namespace: flyte --- apiVersion: v1 data: @@ -807,6 +810,7 @@ metadata: annotations: {} labels: {} name: flyte-propeller-config-fgt6tg929g + namespace: flyte --- apiVersion: v1 data: @@ -816,6 +820,7 @@ metadata: annotations: {} labels: {} name: db-pass-bthd2588cc + namespace: flyte type: Opaque --- apiVersion: v1 @@ -887,23 +892,6 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service metadata: annotations: prometheus.io/path: /metrics @@ -913,7 +901,7 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte spec: ports: - name: monitoring-port @@ -926,9 +914,26 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service metadata: name: spark-webhook - namespace: sparkoperator + namespace: flyte spec: ports: - name: webhook @@ -1005,11 +1010,11 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: datacatalog-config + name: datacatalog-config-2bb94tc5b5 name: config-volume - name: db-pass secret: - secretName: db-pass + secretName: db-pass-bthd2588cc --- apiVersion: apps/v1 kind: Deployment @@ -1135,14 +1140,14 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: flyte-admin-config + name: flyte-admin-config-g79597h75m name: config-volume - configMap: - name: clusterresource-template + name: clusterresource-template-tkdkkt4cb5 name: resource-templates - name: db-pass secret: - secretName: db-pass + secretName: db-pass-bthd2588cc --- apiVersion: apps/v1 kind: Deployment @@ -1227,7 +1232,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config + name: flyte-propeller-config-fgt6tg929g name: config-volume --- apiVersion: apps/v1 @@ -1236,7 +1241,7 @@ metadata: labels: kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte spec: replicas: 1 selector: @@ -1275,7 +1280,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator - namespace: sparkoperator + namespace: flyte spec: replicas: 1 selector: @@ -1400,7 +1405,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.6 + image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: @@ -1414,14 +1419,14 @@ spec: serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template + name: clusterresource-template-tkdkkt4cb5 name: resource-templates - configMap: - name: flyte-admin-config + name: flyte-admin-config-g79597h75m name: config-volume - name: db-pass secret: - secretName: db-pass + secretName: db-pass-bthd2588cc schedule: '*/1 * * * *' --- apiVersion: batch/v1 @@ -1431,7 +1436,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator-init - namespace: sparkoperator + namespace: flyte spec: backoffLimit: 3 template: @@ -1444,7 +1449,7 @@ spec: - command: - /usr/bin/gencerts.sh - --namespace - - sparkoperator + - flyte - -p image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 imagePullPolicy: IfNotPresent diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index 8d2fccee4f..b85ada1253 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -107,13 +107,13 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: name: sparkoperator - namespace: sparkoperator + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -408,7 +408,7 @@ roleRef: subjects: - kind: ServiceAccount name: pytorch-operator - namespace: kubeflow + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -421,15 +421,6 @@ roleRef: subjects: - kind: ServiceAccount name: sparkoperator - namespace: sparkoperator ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config namespace: flyte --- apiVersion: v1 @@ -499,6 +490,7 @@ metadata: annotations: {} labels: {} name: clusterresource-template-tkdkkt4cb5 + namespace: flyte --- apiVersion: v1 data: @@ -547,6 +539,7 @@ metadata: annotations: {} labels: {} name: datacatalog-config-d56hkd9229 + namespace: flyte --- apiVersion: v1 data: @@ -650,6 +643,16 @@ metadata: annotations: {} labels: {} name: flyte-admin-config-678t259tk4 + namespace: flyte +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config + namespace: flyte --- apiVersion: v1 data: @@ -798,6 +801,7 @@ metadata: annotations: {} labels: {} name: flyte-propeller-config-fgt6tg929g + namespace: flyte --- apiVersion: v1 data: @@ -807,6 +811,7 @@ metadata: annotations: {} labels: {} name: db-pass-bthd2588cc + namespace: flyte type: Opaque --- apiVersion: v1 @@ -928,23 +933,6 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service metadata: annotations: prometheus.io/path: /metrics @@ -954,7 +942,7 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte spec: ports: - name: monitoring-port @@ -967,9 +955,26 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service metadata: name: spark-webhook - namespace: sparkoperator + namespace: flyte spec: ports: - name: webhook @@ -1073,11 +1078,11 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: datacatalog-config + name: datacatalog-config-d56hkd9229 name: config-volume - name: db-pass secret: - secretName: db-pass + secretName: db-pass-bthd2588cc --- apiVersion: apps/v1 kind: Deployment @@ -1203,14 +1208,14 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: flyte-admin-config + name: flyte-admin-config-678t259tk4 name: config-volume - configMap: - name: clusterresource-template + name: clusterresource-template-tkdkkt4cb5 name: resource-templates - name: db-pass secret: - secretName: db-pass + secretName: db-pass-bthd2588cc --- apiVersion: apps/v1 kind: Deployment @@ -1295,7 +1300,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config + name: flyte-propeller-config-fgt6tg929g name: config-volume --- apiVersion: apps/v1 @@ -1304,7 +1309,7 @@ metadata: labels: kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte spec: replicas: 1 selector: @@ -1343,7 +1348,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator - namespace: sparkoperator + namespace: flyte spec: replicas: 1 selector: @@ -1468,7 +1473,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.6 + image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: @@ -1482,14 +1487,14 @@ spec: serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template + name: clusterresource-template-tkdkkt4cb5 name: resource-templates - configMap: - name: flyte-admin-config + name: flyte-admin-config-678t259tk4 name: config-volume - name: db-pass secret: - secretName: db-pass + secretName: db-pass-bthd2588cc schedule: '*/1 * * * *' --- apiVersion: batch/v1 @@ -1499,7 +1504,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator-init - namespace: sparkoperator + namespace: flyte spec: backoffLimit: 3 template: @@ -1512,7 +1517,7 @@ spec: - command: - /usr/bin/gencerts.sh - --namespace - - sparkoperator + - flyte - -p image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 imagePullPolicy: IfNotPresent diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml index 866ac608a8..28da561aa1 100644 --- a/deployment/sandbox/flyte_generated.yaml +++ b/deployment/sandbox/flyte_generated.yaml @@ -225,26 +225,26 @@ spec: apiVersion: v1 kind: ServiceAccount metadata: - name: datacatalog + name: contour namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flyteadmin + name: datacatalog namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flytepropeller + name: flyteadmin namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: contour - namespace: heptio-contour + name: flytepropeller + namespace: flyte --- apiVersion: v1 kind: ServiceAccount @@ -253,13 +253,13 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: name: sparkoperator - namespace: sparkoperator + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -601,7 +601,7 @@ roleRef: subjects: - kind: ServiceAccount name: contour - namespace: heptio-contour + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -617,7 +617,7 @@ roleRef: subjects: - kind: ServiceAccount name: pytorch-operator - namespace: kubeflow + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -630,15 +630,6 @@ roleRef: subjects: - kind: ServiceAccount name: sparkoperator - namespace: sparkoperator ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config namespace: flyte --- apiVersion: v1 @@ -708,6 +699,7 @@ metadata: annotations: {} labels: {} name: clusterresource-template-tkdkkt4cb5 + namespace: flyte --- apiVersion: v1 data: @@ -746,6 +738,7 @@ metadata: annotations: {} labels: {} name: datacatalog-config-64k8dg9gck + namespace: flyte --- apiVersion: v1 data: @@ -843,6 +836,16 @@ metadata: annotations: {} labels: {} name: flyte-admin-config-c96tt5m6b7 + namespace: flyte +--- +apiVersion: v1 +data: + BASE_URL: /console + CONFIG_DIR: /etc/flyte/config +kind: ConfigMap +metadata: + name: flyte-console-config + namespace: flyte --- apiVersion: v1 data: @@ -971,6 +974,7 @@ metadata: annotations: {} labels: {} name: flyte-propeller-config-88kbgkkfbd + namespace: flyte --- apiVersion: v1 data: @@ -978,10 +982,27 @@ data: kind: Secret metadata: name: db-pass-9dgchhk2bm + namespace: flyte type: Opaque --- apiVersion: v1 kind: Service +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 +kind: Service metadata: annotations: contour.heptio.com/upstream-protocol.h2c: grpc @@ -1094,39 +1115,6 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP - selector: - app: contour - type: NodePort ---- -apiVersion: v1 -kind: Service metadata: annotations: prometheus.io/path: /metrics @@ -1136,7 +1124,7 @@ metadata: app: pytorch-operator kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte spec: ports: - name: monitoring-port @@ -1149,9 +1137,26 @@ spec: --- apiVersion: v1 kind: Service +metadata: + labels: + app: redis-resource-manager + name: redis-resource-manager + namespace: flyte +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis-resource-manager + type: ClusterIP +--- +apiVersion: v1 +kind: Service metadata: name: spark-webhook - namespace: sparkoperator + namespace: flyte spec: ports: - name: webhook @@ -1163,6 +1168,88 @@ spec: --- apiVersion: apps/v1 kind: Deployment +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config +--- +apiVersion: apps/v1 +kind: Deployment metadata: labels: app: datacatalog @@ -1223,11 +1310,11 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: datacatalog-config + name: datacatalog-config-64k8dg9gck name: config-volume - name: db-pass secret: - secretName: db-pass + secretName: db-pass-9dgchhk2bm --- apiVersion: apps/v1 kind: Deployment @@ -1359,14 +1446,14 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: flyte-admin-config + name: flyte-admin-config-c96tt5m6b7 name: config-volume - configMap: - name: clusterresource-template + name: clusterresource-template-tkdkkt4cb5 name: resource-templates - name: db-pass secret: - secretName: db-pass + secretName: db-pass-9dgchhk2bm --- apiVersion: apps/v1 kind: Deployment @@ -1446,7 +1533,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config + name: flyte-propeller-config-88kbgkkfbd name: config-volume --- apiVersion: apps/v1 @@ -1513,93 +1600,11 @@ spec: --- apiVersion: apps/v1 kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 -kind: Deployment metadata: labels: kustomize.component: pytorch-operator name: pytorch-operator - namespace: kubeflow + namespace: flyte spec: replicas: 1 selector: @@ -1638,7 +1643,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator - namespace: sparkoperator + namespace: flyte spec: replicas: 1 selector: @@ -1763,7 +1768,7 @@ spec: - /etc/flyte/config/*.yaml - clusterresource - sync - image: docker.io/lyft/flyteadmin:v0.3.6 + image: flyteadmin:v0.3.5 imagePullPolicy: IfNotPresent name: sync-cluster-resources volumeMounts: @@ -1777,14 +1782,14 @@ spec: serviceAccountName: flyteadmin volumes: - configMap: - name: clusterresource-template + name: clusterresource-template-tkdkkt4cb5 name: resource-templates - configMap: - name: flyte-admin-config + name: flyte-admin-config-c96tt5m6b7 name: config-volume - name: db-pass secret: - secretName: db-pass + secretName: db-pass-9dgchhk2bm schedule: '*/1 * * * *' --- apiVersion: batch/v1 @@ -1794,7 +1799,7 @@ metadata: app.kubernetes.io/name: sparkoperator app.kubernetes.io/version: v2.4.0-v1beta1 name: sparkoperator-init - namespace: sparkoperator + namespace: flyte spec: backoffLimit: 3 template: @@ -1807,7 +1812,7 @@ spec: - command: - /usr/bin/gencerts.sh - --namespace - - sparkoperator + - flyte - -p image: gcr.io/spark-operator/spark-operator:v2.4.0-v1beta1-0.9.0 imagePullPolicy: IfNotPresent diff --git a/deployment/test/flyte_generated.yaml b/deployment/test/flyte_generated.yaml index def84f5599..37d69ad7ab 100644 --- a/deployment/test/flyte_generated.yaml +++ b/deployment/test/flyte_generated.yaml @@ -161,26 +161,26 @@ spec: apiVersion: v1 kind: ServiceAccount metadata: - name: datacatalog + name: contour namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flyteadmin + name: datacatalog namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: flytepropeller + name: flyteadmin namespace: flyte --- apiVersion: v1 kind: ServiceAccount metadata: - name: contour - namespace: heptio-contour + name: flytepropeller + namespace: flyte --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -356,7 +356,7 @@ roleRef: subjects: - kind: ServiceAccount name: contour - namespace: heptio-contour + namespace: flyte --- apiVersion: v1 data: @@ -393,6 +393,7 @@ metadata: annotations: {} labels: {} name: clusterresource-template-dtg8ff28mt + namespace: flyte --- apiVersion: v1 data: @@ -431,6 +432,7 @@ metadata: annotations: {} labels: {} name: datacatalog-config-64k8dg9gck + namespace: flyte --- apiVersion: v1 data: @@ -528,6 +530,7 @@ metadata: annotations: {} labels: {} name: flyte-admin-config-c96tt5m6b7 + namespace: flyte --- apiVersion: v1 data: @@ -636,6 +639,7 @@ metadata: annotations: {} labels: {} name: flyte-propeller-config-tdbd9tb7dh + namespace: flyte --- apiVersion: v1 data: @@ -643,10 +647,27 @@ data: kind: Secret metadata: name: db-pass-9dgchhk2bm + namespace: flyte type: Opaque --- apiVersion: v1 kind: Service +metadata: + labels: + app: contour + name: contour + namespace: flyte +spec: + ports: + - nodePort: 30081 + port: 80 + protocol: TCP + selector: + app: contour + type: NodePort +--- +apiVersion: v1 +kind: Service metadata: annotations: contour.heptio.com/upstream-protocol.h2c: grpc @@ -729,21 +750,87 @@ spec: app: redis-resource-manager type: ClusterIP --- -apiVersion: v1 -kind: Service +apiVersion: apps/v1 +kind: Deployment metadata: labels: app: contour name: contour - namespace: heptio-contour + namespace: flyte spec: - ports: - - nodePort: 30081 - port: 80 - protocol: TCP + replicas: 1 selector: - app: contour - type: NodePort + matchLabels: + app: contour + template: + metadata: + annotations: + prometheus.io/format: prometheus + prometheus.io/path: /stats + prometheus.io/port: "8002" + prometheus.io/scrape: "true" + labels: + app: contour + spec: + containers: + - args: + - -c + - /config/contour.yaml + - --service-cluster + - cluster0 + - --service-node + - node0 + command: + - envoy + image: docker.io/envoyproxy/envoy-alpine:v1.6.0 + name: envoy-envoyingressv1 + ports: + - containerPort: 80 + name: http + - containerPort: 8002 + name: statsd + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /config + name: contour-config + - args: + - serve + - --incluster + - --envoy-http-port=80 + - --debug-http-port=6069 + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: contour-unknown + ports: + - containerPort: 8000 + name: contour + dnsPolicy: ClusterFirst + initContainers: + - args: + - bootstrap + - /config/contour.yaml + - --statsd-enabled + command: + - contour + image: gcr.io/heptio-images/contour:v0.6.1 + imagePullPolicy: Always + name: envoy-initconfig + volumeMounts: + - mountPath: /config + name: contour-config + serviceAccountName: contour + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: contour-config --- apiVersion: apps/v1 kind: Deployment @@ -807,11 +894,11 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: datacatalog-config + name: datacatalog-config-64k8dg9gck name: config-volume - name: db-pass secret: - secretName: db-pass + secretName: db-pass-9dgchhk2bm --- apiVersion: apps/v1 kind: Deployment @@ -943,14 +1030,14 @@ spec: - emptyDir: {} name: shared-data - configMap: - name: flyte-admin-config + name: flyte-admin-config-c96tt5m6b7 name: config-volume - configMap: - name: clusterresource-template + name: clusterresource-template-dtg8ff28mt name: resource-templates - name: db-pass secret: - secretName: db-pass + secretName: db-pass-9dgchhk2bm --- apiVersion: apps/v1 kind: Deployment @@ -996,7 +1083,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config + name: flyte-propeller-config-tdbd9tb7dh name: config-volume --- apiVersion: apps/v1 @@ -1062,88 +1149,6 @@ spec: name: postgres-storage --- apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: heptio-contour -spec: - replicas: 1 - selector: - matchLabels: - app: contour - template: - metadata: - annotations: - prometheus.io/format: prometheus - prometheus.io/path: /stats - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - containers: - - args: - - -c - - /config/contour.yaml - - --service-cluster - - cluster0 - - --service-node - - node0 - command: - - envoy - image: docker.io/envoyproxy/envoy-alpine:v1.6.0 - name: envoy-envoyingressv1 - ports: - - containerPort: 80 - name: http - - containerPort: 8002 - name: statsd - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /config - name: contour-config - - args: - - serve - - --incluster - - --envoy-http-port=80 - - --debug-http-port=6069 - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: contour-unknown - ports: - - containerPort: 8000 - name: contour - dnsPolicy: ClusterFirst - initContainers: - - args: - - bootstrap - - /config/contour.yaml - - --statsd-enabled - command: - - contour - image: gcr.io/heptio-images/contour:v0.6.1 - imagePullPolicy: Always - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: contour-config - serviceAccountName: contour - terminationGracePeriodSeconds: 30 - volumes: - - emptyDir: {} - name: contour-config ---- -apiVersion: apps/v1 kind: StatefulSet metadata: name: redis diff --git a/kustomize/overlays/eks/kustomization.yaml b/kustomize/overlays/eks/kustomization.yaml index d3bde7dffd..28aee85a88 100644 --- a/kustomize/overlays/eks/kustomization.yaml +++ b/kustomize/overlays/eks/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -#namespace: flyte +namespace: flyte bases: - ../../base/single_cluster/complete diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml index 515563cbac..4e34047a70 100644 --- a/kustomize/overlays/gcp/kustomization.yaml +++ b/kustomize/overlays/gcp/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -#namespace: flyte +namespace: flyte bases: - ../../base/single_cluster/complete diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml index cb37639c37..17c28a35c7 100644 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ b/kustomize/overlays/sandbox/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -#namespace: flyte +namespace: flyte bases: - ../../base/single_cluster/complete diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml index 8f2ca61ff7..57ac7e9416 100644 --- a/kustomize/overlays/test/kustomization.yaml +++ b/kustomize/overlays/test/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Override the namespace -# namespace: flyte +namespace: flyte bases: - ../../base/single_cluster/headless @@ -36,7 +36,7 @@ configMapGenerator: - name: clusterresource-template behavior: merge files: -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". + # Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - ./config/clusterresource-templates/ac_project-copilot-dataconfig.yaml # Flyte Propeller Configuration diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh index b49626e2af..52700e1db5 100755 --- a/script/generate_kustomize.sh +++ b/script/generate_kustomize.sh @@ -4,13 +4,14 @@ set -ex echo "Installing Kustomize" KUSTOMIZE=_bin/kustomize +KUSTOMIZE_VERSION=${KUSTOMIZE_VERSION:-3.8.1} if [ -f ${KUSTOMIZE} ]; then rm ${KUSTOMIZE} fi mkdir -p _bin; cd _bin curl -s "https://raw.githubusercontent.com/\ -kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash +kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -s ${KUSTOMIZE_VERSION} cd - # All the overlays to be built From 0fecda383ea39ed2ea5f4e830016220abd0c423f Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 17:08:33 -0700 Subject: [PATCH 38/41] Everything gets deployed to flyte namespace --- end2end/execute.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/end2end/execute.sh b/end2end/execute.sh index 39cd11e4e1..455b8bdecf 100755 --- a/end2end/execute.sh +++ b/end2end/execute.sh @@ -35,7 +35,7 @@ function wait_for_flyte_deploys() { echo "" kubectl -n flyte rollout status deployment minio echo "" - kubectl -n heptio-contour rollout status deployment contour + kubectl -n flyte rollout status deployment contour echo "" echo "Flyte deployed in $SECONDS seconds." From be49efc2ec21feadbb3261662134f10a78aa2c74 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 21:57:02 -0700 Subject: [PATCH 39/41] Configuration --- kustomize/base/single_cluster/README.md | 2 + .../base/single_cluster/complete/README.md | 7 ++-- .../config/admin/cluster_resources.yaml | 19 ---------- .../complete/config/admin/db.yaml | 9 ----- .../complete/config/admin/domain.yaml | 7 ---- .../complete/config/admin/remote_data.yaml | 5 --- .../complete/config/admin/server.yaml | 21 ----------- .../config/admin/task_resource_defaults.yaml | 9 ----- .../aa_namespace.yaml | 7 ---- .../ab_project-resource-quota.yaml | 10 ----- .../ac_project-copilot-dataconfig.yaml | 11 ------ .../complete/config/common/logger.yaml | 4 -- .../complete/config/common/storage.yaml | 6 --- .../complete/config/console/console.yaml | 5 --- .../complete/config/datacatalog/db.yaml | 9 ----- .../complete/config/datacatalog/server.yaml | 6 --- .../complete/config/propeller/admin.yaml | 7 ---- .../complete/config/propeller/catalog.yaml | 4 -- .../complete/config/propeller/core.yaml | 37 ------------------- .../config/propeller/enabled_plugins.yaml | 8 ---- .../config/propeller/plugins/copilot.yaml | 6 --- .../config/propeller/plugins/k8s.yaml | 7 ---- .../config/propeller/plugins/task_logs.yaml | 5 --- .../config/propeller/resource_manager.yaml | 7 ---- .../complete/kustomization.yaml | 4 +- 25 files changed, 9 insertions(+), 213 deletions(-) delete mode 100644 kustomize/base/single_cluster/complete/config/admin/cluster_resources.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/admin/db.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/admin/domain.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/admin/remote_data.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/admin/server.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/admin/task_resource_defaults.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/clusterresource-templates/aa_namespace.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/clusterresource-templates/ab_project-resource-quota.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/common/logger.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/common/storage.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/console/console.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/datacatalog/db.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/datacatalog/server.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/admin.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/catalog.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/core.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/enabled_plugins.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/plugins/copilot.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/plugins/k8s.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/plugins/task_logs.yaml delete mode 100644 kustomize/base/single_cluster/complete/config/propeller/resource_manager.yaml diff --git a/kustomize/base/single_cluster/README.md b/kustomize/base/single_cluster/README.md index 2acf9a208c..2934642945 100644 --- a/kustomize/base/single_cluster/README.md +++ b/kustomize/base/single_cluster/README.md @@ -11,3 +11,5 @@ Overlays using the single cluster mode 1. [EKS SingleCluster Overlay](../../overlays/eks) These overlays are based on [Flyte Single Cluster deployment Configuration base](./complete) + +The complete per component configuration for Flyte can be found [here](./headless/config) diff --git a/kustomize/base/single_cluster/complete/README.md b/kustomize/base/single_cluster/complete/README.md index ae9fa2af49..052104b66e 100644 --- a/kustomize/base/single_cluster/complete/README.md +++ b/kustomize/base/single_cluster/complete/README.md @@ -1,6 +1,7 @@ [Back to Base components menu](../) # Flyte Single cluster deployment mode -This provides a complete deployment of Flyte onto a single K8s cluster +This provides a complete deployment of Flyte onto a single K8s cluster, it is based on [Headless Cluster](../headless). +The configuration for this deployment is also completely managed in the Headless Cluster configuration. + +This overlay just adds to resource - Sync controller and Flyte Console -# Configuration -all the configs are in ./config folder diff --git a/kustomize/base/single_cluster/complete/config/admin/cluster_resources.yaml b/kustomize/base/single_cluster/complete/config/admin/cluster_resources.yaml deleted file mode 100644 index c2ff64b3c7..0000000000 --- a/kustomize/base/single_cluster/complete/config/admin/cluster_resources.yaml +++ /dev/null @@ -1,19 +0,0 @@ -cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refresh: 5m diff --git a/kustomize/base/single_cluster/complete/config/admin/db.yaml b/kustomize/base/single_cluster/complete/config/admin/db.yaml deleted file mode 100644 index e47f4c44d1..0000000000 --- a/kustomize/base/single_cluster/complete/config/admin/db.yaml +++ /dev/null @@ -1,9 +0,0 @@ -# This should be replaced with the db endpoint -# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc -# Or can be a self hosted Postgres in the cluster -database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable diff --git a/kustomize/base/single_cluster/complete/config/admin/domain.yaml b/kustomize/base/single_cluster/complete/config/admin/domain.yaml deleted file mode 100644 index 9df6ef80a9..0000000000 --- a/kustomize/base/single_cluster/complete/config/admin/domain.yaml +++ /dev/null @@ -1,7 +0,0 @@ -domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production diff --git a/kustomize/base/single_cluster/complete/config/admin/remote_data.yaml b/kustomize/base/single_cluster/complete/config/admin/remote_data.yaml deleted file mode 100644 index 41719a0e66..0000000000 --- a/kustomize/base/single_cluster/complete/config/admin/remote_data.yaml +++ /dev/null @@ -1,5 +0,0 @@ -remoteData: - region: "us-east-1" - scheme: "local" - signedUrls: - durationMinutes: 3 diff --git a/kustomize/base/single_cluster/complete/config/admin/server.yaml b/kustomize/base/single_cluster/complete/config/admin/server.yaml deleted file mode 100644 index 414a1c2927..0000000000 --- a/kustomize/base/single_cluster/complete/config/admin/server.yaml +++ /dev/null @@ -1,21 +0,0 @@ -server: - httpPort: 8088 - grpcPort: 8089 - security: - secure: false - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" -flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - profilerPort: 10254 - metricsScope: "flyte:" - metadataStoragePrefix: - - "metadata" - - "admin" - testing: - host: http://flyteadmin diff --git a/kustomize/base/single_cluster/complete/config/admin/task_resource_defaults.yaml b/kustomize/base/single_cluster/complete/config/admin/task_resource_defaults.yaml deleted file mode 100644 index 8db48a1950..0000000000 --- a/kustomize/base/single_cluster/complete/config/admin/task_resource_defaults.yaml +++ /dev/null @@ -1,9 +0,0 @@ -task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 2G - storage: 20Mi diff --git a/kustomize/base/single_cluster/complete/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/single_cluster/complete/config/clusterresource-templates/aa_namespace.yaml deleted file mode 100644 index 3075aa9f9e..0000000000 --- a/kustomize/base/single_cluster/complete/config/clusterresource-templates/aa_namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: {{ namespace }} -spec: - finalizers: - - kubernetes diff --git a/kustomize/base/single_cluster/complete/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/single_cluster/complete/config/clusterresource-templates/ab_project-resource-quota.yaml deleted file mode 100644 index ddfade3c29..0000000000 --- a/kustomize/base/single_cluster/complete/config/clusterresource-templates/ab_project-resource-quota.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ResourceQuota -metadata: - name: project-quota - namespace: {{ namespace }} -spec: - hard: - limits.cpu: {{ projectQuotaCpu }} - limits.memory: {{ projectQuotaMemory }} - diff --git a/kustomize/base/single_cluster/complete/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml b/kustomize/base/single_cluster/complete/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml deleted file mode 100644 index 95fd74fc0c..0000000000 --- a/kustomize/base/single_cluster/complete/config/clusterresource-templates/ac_project-copilot-dataconfig.yaml +++ /dev/null @@ -1,11 +0,0 @@ -# TODO update the storage configuration to match the storage.yaml. Keep the enable-multicontainer: true -kind: ConfigMap -apiVersion: v1 -metadata: - name: flyte-data-config - namespace: {{ namespace }} -data: - config.yaml: | - storage: - type: mem - enable-multicontainer: true diff --git a/kustomize/base/single_cluster/complete/config/common/logger.yaml b/kustomize/base/single_cluster/complete/config/common/logger.yaml deleted file mode 100644 index 7fc20650ec..0000000000 --- a/kustomize/base/single_cluster/complete/config/common/logger.yaml +++ /dev/null @@ -1,4 +0,0 @@ -# TODO this is used to control the log level -logger: - show-source: true - level: 2 diff --git a/kustomize/base/single_cluster/complete/config/common/storage.yaml b/kustomize/base/single_cluster/complete/config/common/storage.yaml deleted file mode 100644 index 09e6ec6dec..0000000000 --- a/kustomize/base/single_cluster/complete/config/common/storage.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# TODO This should be changed for the right storage option - e.g. -# hosted blob stores like S3, GCS, AFS etc -# k8s blob store like minio -# For all supported options look at https://github.com/lyft/flytestdlib/blob/master/storage/config.go -storage: - type: mem diff --git a/kustomize/base/single_cluster/complete/config/console/console.yaml b/kustomize/base/single_cluster/complete/config/console/console.yaml deleted file mode 100644 index cb482fddd4..0000000000 --- a/kustomize/base/single_cluster/complete/config/console/console.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# This determines the base url used for all console links. It must match the route specified in ingress.yaml -BASE_URL: /console -CONFIG_DIR: /etc/flyte/config -DISABLE_AUTH: "true" - diff --git a/kustomize/base/single_cluster/complete/config/datacatalog/db.yaml b/kustomize/base/single_cluster/complete/config/datacatalog/db.yaml deleted file mode 100644 index 6ba8a5949d..0000000000 --- a/kustomize/base/single_cluster/complete/config/datacatalog/db.yaml +++ /dev/null @@ -1,9 +0,0 @@ -# This should be replaced with the db endpoint -# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc -# Or can be a self hosted Postgres in the cluster -database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable diff --git a/kustomize/base/single_cluster/complete/config/datacatalog/server.yaml b/kustomize/base/single_cluster/complete/config/datacatalog/server.yaml deleted file mode 100644 index 1cdd80c27f..0000000000 --- a/kustomize/base/single_cluster/complete/config/datacatalog/server.yaml +++ /dev/null @@ -1,6 +0,0 @@ -datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 -application: - grpcPort: 8089 diff --git a/kustomize/base/single_cluster/complete/config/propeller/admin.yaml b/kustomize/base/single_cluster/complete/config/propeller/admin.yaml deleted file mode 100644 index 55cf01b83b..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/admin.yaml +++ /dev/null @@ -1,7 +0,0 @@ -event: - type: admin - rate: 500 - capacity: 1000 -admin: - endpoint: flyteadmin:81 - insecure: true diff --git a/kustomize/base/single_cluster/complete/config/propeller/catalog.yaml b/kustomize/base/single_cluster/complete/config/propeller/catalog.yaml deleted file mode 100644 index e70e7bd770..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/catalog.yaml +++ /dev/null @@ -1,4 +0,0 @@ -catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true diff --git a/kustomize/base/single_cluster/complete/config/propeller/core.yaml b/kustomize/base/single_cluster/complete/config/propeller/core.yaml deleted file mode 100644 index 4323ccd803..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/core.yaml +++ /dev/null @@ -1,37 +0,0 @@ -propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: bucket - rate: 10 - capacity: 100 - sub-queue: - type: bucket - rate: 10 - capacity: 100 - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword diff --git a/kustomize/base/single_cluster/complete/config/propeller/enabled_plugins.yaml b/kustomize/base/single_cluster/complete/config/propeller/enabled_plugins.yaml deleted file mode 100644 index ebf4892451..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/enabled_plugins.yaml +++ /dev/null @@ -1,8 +0,0 @@ -## -# TODO It is important to enable the plugins that you want to deploy here. -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array diff --git a/kustomize/base/single_cluster/complete/config/propeller/plugins/copilot.yaml b/kustomize/base/single_cluster/complete/config/propeller/plugins/copilot.yaml deleted file mode 100644 index 247096e82f..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/plugins/copilot.yaml +++ /dev/null @@ -1,6 +0,0 @@ -plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "docker.io/lyft/flytecopilot:v0.3.35" - start-timeout: "30s" diff --git a/kustomize/base/single_cluster/complete/config/propeller/plugins/k8s.yaml b/kustomize/base/single_cluster/complete/config/propeller/plugins/k8s.yaml deleted file mode 100644 index 5097741639..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/plugins/k8s.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# TODO set any custom env vars -plugins: - k8s: - default-env-vars: - - SOME_ENV_VARS: "These get passed to all containers" - default-cpus: 100m - default-memory: 100Mi diff --git a/kustomize/base/single_cluster/complete/config/propeller/plugins/task_logs.yaml b/kustomize/base/single_cluster/complete/config/propeller/plugins/task_logs.yaml deleted file mode 100644 index de402d2ed3..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/plugins/task_logs.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# TODO this is used to enable log links in the UI. -plugins: - logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" diff --git a/kustomize/base/single_cluster/complete/config/propeller/resource_manager.yaml b/kustomize/base/single_cluster/complete/config/propeller/resource_manager.yaml deleted file mode 100644 index a4601e8f2d..0000000000 --- a/kustomize/base/single_cluster/complete/config/propeller/resource_manager.yaml +++ /dev/null @@ -1,7 +0,0 @@ -propeller: - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword diff --git a/kustomize/base/single_cluster/complete/kustomization.yaml b/kustomize/base/single_cluster/complete/kustomization.yaml index ece387ce0e..54a1f14d87 100644 --- a/kustomize/base/single_cluster/complete/kustomization.yaml +++ b/kustomize/base/single_cluster/complete/kustomization.yaml @@ -1,10 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +bases: +- ../headless + # All the resources that make up the deployment resources: # global resources -- ../headless - ../../admindeployment/clustersync - ../../console From 141f94cd89cd96d918fcc3136e3610b6d01f7e1d Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 22:30:06 -0700 Subject: [PATCH 40/41] Updated --- kustomize/overlays/eks/README.md | 57 ++++++++++++-- .../config/propeller/plugins/task_logs.yaml | 10 ++- kustomize/overlays/gcp/README.md | 78 +++++++++---------- .../config/propeller/plugins/task_logs.yaml | 10 ++- 4 files changed, 101 insertions(+), 54 deletions(-) diff --git a/kustomize/overlays/eks/README.md b/kustomize/overlays/eks/README.md index 26a0c3728f..f85be8c6cf 100644 --- a/kustomize/overlays/eks/README.md +++ b/kustomize/overlays/eks/README.md @@ -1,5 +1,5 @@ [All Overlays](./) -# :construction: Amazon Webservices Elastic Kubernetes Service Overlay +# :construction: Amazon EKS deployment This overlay serves as an example to bootstrap Flyte setup on AWS. It is not designed to work out of the box due to the need of AWS resources. Please follow the instruction @@ -7,20 +7,63 @@ below to further configure. _Hint_: searching `TODO:` through this directory would help to understand what needs to be done. -## AWS RDS +## Amazon RDS / Amazon Aurora +A few things are required for this overlay to function: -## FlyteAdmin +* Two databases named as `flyte` and `datacatalog` +* A database user named as `flyte` +* Password of the database user can be added to either to [kustomization.yaml](kustomization.yaml) or you can create a new file and change the secretGenerator tag to use files. (Refer to kustomize documentation) +* Service account(s) associated with `flyteadmin` and `datacatalog` pods (either as GKE cluster + service account or through workload identity) should have `Cloud SQL Editor` role +## Create S3 bucket +1. Create a S3 bucket named as `flyte` (if other name replace it next) +1. Replace in [config/common/storage.yaml](config/common/storage.yaml) if using a bucket other than Flyte then replace the bucket name too -## FlyteConsole +## flyteadmin +flyteadmin configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](config/admin/db.yaml) -## DataCatalog +**Advanced / OPTIONAL** +1. The default CORS setting in flyteAdmin allows cross origin requests. A more secure way would be to allow requests only from the expected domain. To do this, you will have to create a new *server.yaml* +similar to [base/single_cluster/headless/config](../../base/single_cluster/headless/config) under config/admin and then set +`server -> security -> allowedOrigins`. +## flyteconsole -## Build it -Refer to previous documentation +[flyteconsole configmap](console/config.yaml) needs to be updated with flyteadmin internal load +balancer IP address or the DNS name associated with it if any. + +flyteconsole is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). + +## flytepropeller + +flytepropeller configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to the config for performance tuning and logs +For logs configuration Replace `` in [config/propeller/plugins/task_logs.yaml](config/propeller/plugins/task_logs.yaml) to use CloudWatch + +Some important points + +* Storage configuration is shared with Admin and Catalog. Ideally in production Propeller should have its own configuration with real high cache size. + +* By default, three plugins are enabled: +1. container +2. k8s-array +3. sidecar + +## datacatalog + +datacatalog configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](config/datacatalog/db.yaml) + + +## How to build your overlay +To build your overlay there are 2 options +1. Build it in your own repo Example coming soon :construction: +1. hack it in your clone of Flyte repo in place of EKS overlay. In this case just navigate to the root of the repo and run +```bash +$ make kustomize +``` +If all goes well a new overlay composite should be generated in [/deployment/eks/flyte_generated.yaml](../../../deployment/eks/flyte_generated.yaml) ## Now ship it diff --git a/kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml index 0955b59387..6e46cde9c2 100644 --- a/kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml +++ b/kustomize/overlays/eks/config/propeller/plugins/task_logs.yaml @@ -1,4 +1,10 @@ plugins: logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" + # Log links can link to multiple options + # #1 Kubernetes dashboard is disabled in GCP + kubernetes-enabled: false + # #2 AWS Cloudwatch + cloudwatch-enabled: true + # TODO Add region and log group + cloudwatch-region: + cloudwatch-log-group: diff --git a/kustomize/overlays/gcp/README.md b/kustomize/overlays/gcp/README.md index 5e58dff57a..89078c4f4a 100644 --- a/kustomize/overlays/gcp/README.md +++ b/kustomize/overlays/gcp/README.md @@ -1,5 +1,5 @@ [All Overlays](./) -# :construction: Google Cloud Platform Overlay +# :beta: Google Cloud Platform Overlay This overlay serves as an example to bootstrap Flyte setup on Google Cloud Platform (GCP). It is not designed to work out of the box due to the need of GCP resources. Please follow the instruction @@ -16,8 +16,7 @@ A few things are required for this overlay to function: * Two databases named as `flyte` and `datacatalog` * A database user named as `flyte` -* Password of the database user should be uploaded to GKE as a k8s secret named as `db-user-pass` - containing of a file named as `db_pwd.txt`of which the content is the plain text password +* Password of the database user can be added to either to [kustomization.yaml](kustomization.yaml) or you can create a new file and change the secretGenerator tag to use files. (Refer to kustomize documentation) * Service account(s) associated with `flyteadmin` and `datacatalog` pods (either as GKE cluster service account or through workload identity) should have `Cloud SQL Editor` role @@ -25,76 +24,69 @@ To securely access Cloud SQL instance, [Cloud SQL Proxy](https://cloud.google.com/sql/docs/postgres/connect-admin-proxy) is launched as a pod sitting in between Flyte and Cloud SQL instance. -The kustomization files can be found under [cloudsqlproxy](cloudsqlproxy). Please note that one +The kustomization files can be found under [cloudsqlproxy](dependencies/cloudsqlproxy/). Please note that one needs to replace `` and `` accordingly in -[cloudsqlproxy/deployment.yaml](cloudsqlproxy/deployment.yaml). +[dependencies/cloudsqlproxy/deployment.yaml](cloudsqlproxy/deployment.yaml). + +## Create GCS Storage +1. Create a GCS bucket named as `flyte` in a GCP project. +1. Replace `` in [config/common/storage.yaml](config/common/storage.yaml) with the GCP project ID and if using a bucket other than Flyte then replace the bucket name too ## flyteadmin -flyteadmin configuration is kept as similar as [sandbox](../sandbox) overlay, with only necessary -modifications such as database, storage and CORS. +flyteadmin configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](config/admin/db.yaml) If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. -For storage layer, a few things needs to be done: - -* Create a GCS bucket named as `flyte` in a GCP project -* Replace `` in [admin/flyteadmin_config.yaml](admin/flyteadmin_config.yaml) with the - GCP project ID - -For CORS to work properly, one needs to use real origin in -[admin/flyteadmin_config.yaml](admin/flyteadmin_config.yaml) `server -> security -> allowedOrigins`. +**Advanced / OPTIONAL** +1. The default CORS setting in flyteAdmin allows cross origin requests. A more secure way would be to allow requests only from the expected domain. To do this, you will have to create a new *server.yaml* +similar to [base/single_cluster/headless/config](../../base/single_cluster/headless/config) under config/admin and then set +`server -> security -> allowedOrigins`. -flyteadmin (including metrics endpoint) is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). +1. flyteadmin (including metrics endpoint) is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). ## flyteconsole -[flyteconsole configmap](console/configmap.yaml) needs to be updated with flyteadmin internal load +[flyteconsole configmap](console/config.yaml) needs to be updated with flyteadmin internal load balancer IP address or the DNS name associated with it if any. -flyteconsole is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). +flyteconsole is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). ## flytepropeller -flytepropeller configuration is kept as similar as [sandbox](../sandbox) overlay, with only -necessary modifications such as storage. +flytepropeller configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to the config for performance tuning and logs +For logs configuration Replace `` in [config/propeller/plugins/task_logs.yaml](config/propeller/plugins/task_logs.yaml) with the GCP project ID -For storage layer, a few things needs to be done: +Some important points -* Create a GCS bucket named as `flyte` in a GCP project (skip this if already done) -* Replace `` in [propeller/config.yaml](propeller/config.yaml) with the - GCP project ID -* Replace `` in [propeller/plugins/config.yaml](propeller/plugins/config.yaml) with the - GCP project ID +* Storage configuration is shared with Admin and Catalog. Ideally in production Propeller should have its own configuration with real high cache size. -By default, three plugins are enabled: +* By default, three plugins are enabled: +1. container +2. k8s-array +3. sidecar -* container -* k8s-array -* sidecar - -flytepropeller metrics endpoint is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). +* flytepropeller metrics endpoint is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). ## datacatalog -datacatalog configuration is kept as similar as [sandbox](../sandbox) overlay, with only -necessary modifications such as database and storage. +datacatalog configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](config/datacatalog/db.yaml) If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. -For storage layer, a few things needs to be done: - -* Create a GCS bucket named as `flyte` in a GCP project (skip this if already done) -* Replace `` in [datacatalog/datacatalog_config.yaml](propeller/config.yaml) with the - GCP project ID - datacatalog metrics endpoint is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). +## How to build your overlay +To build your overlay there are 2 options +1. Build it in your own repo Example coming soon :construction: +1. hack it in your clone of Flyte repo in place of GCP overlay. In this case just navigate to the root of the repo and run +```bash +$ make kustomize +``` +If all goes well a new overlay composite should be generated in [/deployment/gcp/flyte_generated.yaml](../../../deployment/gcp/flyte_generated.yaml) + ## Now ship it ``` shell diff --git a/kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml index 0955b59387..5a9d0714c5 100644 --- a/kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml +++ b/kustomize/overlays/gcp/config/propeller/plugins/task_logs.yaml @@ -1,4 +1,10 @@ plugins: logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" + # Log links can link to multiple options + # #1 Kubernetes dashboard is disabled in GCP + kubernetes-enabled: false + # #2 GCP stackdriver + stackdriver-enabled: true + # TODO: replace with the GCP project ID + gcp-project: + stackdriver-logresourcename: k8s_container From b0504d7a76e70d5cf2e4fddc98c3031534f6cb43 Mon Sep 17 00:00:00 2001 From: Ketan Umare Date: Thu, 24 Sep 2020 22:31:15 -0700 Subject: [PATCH 41/41] updated gcp and eks --- deployment/eks/flyte_generated.yaml | 14 ++++++++++---- deployment/gcp/flyte_generated.yaml | 14 ++++++++++---- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml index 3278070ea6..aed8bb7dc7 100644 --- a/deployment/eks/flyte_generated.yaml +++ b/deployment/eks/flyte_generated.yaml @@ -803,13 +803,19 @@ data: task_logs.yaml: | plugins: logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" + # Log links can link to multiple options + # #1 Kubernetes dashboard is disabled in GCP + kubernetes-enabled: false + # #2 AWS Cloudwatch + cloudwatch-enabled: true + # TODO Add region and log group + cloudwatch-region: + cloudwatch-log-group: kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-propeller-config-fgt6tg929g + name: flyte-propeller-config-9fctd4tc4f namespace: flyte --- apiVersion: v1 @@ -1232,7 +1238,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-fgt6tg929g + name: flyte-propeller-config-9fctd4tc4f name: config-volume --- apiVersion: apps/v1 diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml index b85ada1253..eaec403649 100644 --- a/deployment/gcp/flyte_generated.yaml +++ b/deployment/gcp/flyte_generated.yaml @@ -794,13 +794,19 @@ data: task_logs.yaml: | plugins: logs: - kubernetes-enabled: true - kubernetes-url: "http://localhost:30082" + # Log links can link to multiple options + # #1 Kubernetes dashboard is disabled in GCP + kubernetes-enabled: false + # #2 GCP stackdriver + stackdriver-enabled: true + # TODO: replace with the GCP project ID + gcp-project: + stackdriver-logresourcename: k8s_container kind: ConfigMap metadata: annotations: {} labels: {} - name: flyte-propeller-config-fgt6tg929g + name: flyte-propeller-config-6tcff5htc2 namespace: flyte --- apiVersion: v1 @@ -1300,7 +1306,7 @@ spec: serviceAccountName: flytepropeller volumes: - configMap: - name: flyte-propeller-config-fgt6tg929g + name: flyte-propeller-config-6tcff5htc2 name: config-volume --- apiVersion: apps/v1