From c8252e281f522a9e7d81cd9cda6513d569402e36 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Sat, 16 Sep 2023 16:48:34 +0800 Subject: [PATCH 01/12] enable agent Signed-off-by: Future Outlier --- docker/sandbox-bundled/Makefile | 4 + .../bootstrap/cmd/bootstrap/main.go | 15 +- .../complete-agent/kustomization.yaml | 12 + .../manifests/complete-agent.yaml | 1902 +++++++++++++++++ .../sandbox-bundled/manifests/complete.yaml | 4 +- docker/sandbox-bundled/manifests/dev.yaml | 4 +- 6 files changed, 1933 insertions(+), 8 deletions(-) create mode 100644 docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml create mode 100644 docker/sandbox-bundled/manifests/complete-agent.yaml diff --git a/docker/sandbox-bundled/Makefile b/docker/sandbox-bundled/Makefile index 709c04caf2..e1ae3062d1 100644 --- a/docker/sandbox-bundled/Makefile +++ b/docker/sandbox-bundled/Makefile @@ -27,6 +27,10 @@ manifests: --enable-helm \ --load-restrictor=LoadRestrictionsNone \ kustomize/dev > manifests/dev.yaml + kustomize build \ + --enable-helm \ + --load-restrictor=LoadRestrictionsNone \ + kustomize/complete-agent > manifests/complete-agent.yaml .PHONY: build build: flyte manifests diff --git a/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go b/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go index 82bae88151..949fb7f657 100644 --- a/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go +++ b/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go @@ -17,13 +17,15 @@ const ( clusterResourceTemplatesConfigMapName = "flyte-sandbox-extra-cluster-resource-templates" deploymentName = "flyte-sandbox" devModeEnvVar = "FLYTE_DEV" + completeAgentModeEnvVar = "FLYTE_COMPLETE_AGENT" dockerHost = "host.docker.internal" namespace = "flyte" // Template paths - devTemplatePath = "/var/lib/rancher/k3s/server/manifests-staging/dev.yaml" - fullTemplatePath = "/var/lib/rancher/k3s/server/manifests-staging/complete.yaml" - renderedManifestPath = "/var/lib/rancher/k3s/server/manifests/flyte.yaml" + devTemplatePath = "/var/lib/rancher/k3s/server/manifests-staging/dev.yaml" + fullTemplatePath = "/var/lib/rancher/k3s/server/manifests-staging/complete.yaml" + fullAgentTemplatePath = "/var/lib/rancher/k3s/server/manifests-staging/complete-agent.yaml" + renderedManifestPath = "/var/lib/rancher/k3s/server/manifests/flyte.yaml" ) func main() { @@ -35,7 +37,12 @@ func main() { } else { // If we are not running in dev mode, look for user-specified configuration // to load into the sandbox deployment - tmplPath = fullTemplatePath + if os.Getenv(completeAgentModeEnvVar) == "True" { + tmplPath = fullAgentTemplatePath + } else { + tmplPath = fullTemplatePath + } + cOpts := config.LoaderOpts{ ConfigurationConfigMapName: configurationConfigMapName, ClusterResourceTemplatesConfigMapName: clusterResourceTemplatesConfigMapName, diff --git a/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml new file mode 100644 index 0000000000..4abd1d093c --- /dev/null +++ b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml @@ -0,0 +1,12 @@ +helmGlobals: + chartHome: ../../../../charts +helmCharts: +- name: flyte-sandbo x + releaseName: flyte-sandbox + namespace: flyte +- name: flyteagent + releaseName: flyteagent + namespace: flyte +namespace: flyte +resources: +- ../namespace.yaml diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml new file mode 100644 index 0000000000..2514e7f1b9 --- /dev/null +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -0,0 +1,1902 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +--- +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +secrets: +- name: flyte-sandbox-minio +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + name: flyteagent + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +rules: +- apiGroups: + - "" + resourceNames: + - kubernetes-dashboard-key-holder + - kubernetes-dashboard-certs + - kubernetes-dashboard-csrf + resources: + - secrets + verbs: + - get + - update + - delete +- apiGroups: + - "" + resourceNames: + - kubernetes-dashboard-settings + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - "" + resourceNames: + - heapster + - dashboard-metrics-scraper + resources: + - services + verbs: + - proxy +- apiGroups: + - "" + resourceNames: + - heapster + - 'http:heapster:' + - 'https:heapster:' + - dashboard-metrics-scraper + - http:dashboard-metrics-scraper + resources: + - services/proxy + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-cluster-role + namespace: flyte +rules: +- apiGroups: + - "" + resources: + - namespaces + - resourcequotas + - secrets + verbs: + - create + - get + - list + - patch + - update +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - podtemplates + verbs: + - get + - list + - watch +- apiGroups: + - flyte.lyft.com + resources: + - flyteworkflows + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - post + - update + - watch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - list +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - list + - patch + - update +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard-readonly +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - pods + - replicationcontrollers + - replicationcontrollers/scale + - serviceaccounts + - services + - nodes + - persistentvolumeclaims + - persistentvolumes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - deployments/scale + - replicasets + - replicasets/scale + - statefulsets + verbs: + - get + - list + - watch +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch +- apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/scale + - ingresses + - networkpolicies + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - get + - list + - watch +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + - volumeattachments + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - roles + - rolebindings + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: flyte-sandbox-kubernetes-dashboard +subjects: +- kind: ServiceAccount + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-cluster-role-binding + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyte-sandbox-cluster-role +subjects: +- kind: ServiceAccount + name: flyte-sandbox + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard-readonly +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyte-sandbox-kubernetes-dashboard-readonly +subjects: +- kind: ServiceAccount + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +--- +apiVersion: v1 +data: + namespace.yaml: | + apiVersion: v1 + kind: Namespace + metadata: + name: '{{ namespace }}' +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-cluster-resource-templates + namespace: flyte +--- +apiVersion: v1 +data: + 000-core.yaml: | + admin: + endpoint: localhost:8089 + insecure: true + catalog-cache: + endpoint: localhost:8081 + insecure: true + type: datacatalog + cluster_resources: + standaloneDeployment: false + templatePath: /etc/flyte/cluster-resource-templates + logger: + show-source: true + level: 6 + propeller: + create-flyteworkflow-crd: true + webhook: + certDir: /var/run/flyte/certs + localCert: true + secretName: flyte-sandbox-webhook-secret + serviceName: flyte-sandbox-webhook + servicePort: 443 + flyte: + admin: + disableClusterResourceManager: false + disableScheduler: false + disabled: false + seedProjects: + - flytesnacks + dataCatalog: + disabled: false + propeller: + disableWebhook: false + disabled: false + 001-plugins.yaml: | + tasks: + task-plugins: + default-for-task-types: + container: container + container_array: k8s-array + sidecar: sidecar + enabled-plugins: + - container + - sidecar + - k8s-array + plugins: + logs: + kubernetes-enabled: true + kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} + cloudwatch-enabled: false + stackdriver-enabled: false + k8s: + co-pilot: + image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.33" + k8s-array: + logs: + config: + kubernetes-enabled: true + kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} + cloudwatch-enabled: false + stackdriver-enabled: false + 002-database.yaml: | + database: + postgres: + username: postgres + host: flyte-sandbox-postgresql + port: 5432 + dbname: flyte + options: "sslmode=disable" + 003-storage.yaml: | + propeller: + rawoutput-prefix: s3://my-s3-bucket/data + storage: + type: stow + stow: + kind: s3 + config: + region: us-east-1 + disable_ssl: true + v2_signing: true + endpoint: http://flyte-sandbox-minio.flyte:9000 + auth_type: accesskey + container: my-s3-bucket + 100-inline-config.yaml: | + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: http://flyte-sandbox-minio.flyte:9000 + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + storage: + signedURL: + stowConfigOverride: + endpoint: http://localhost:30002 + task_resources: + defaults: + cpu: 500m + ephemeralStorage: 0 + gpu: 0 + memory: 1Gi + limits: + cpu: 0 + ephemeralStorage: 0 + gpu: 0 + memory: 0 +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-config + namespace: flyte +--- +apiVersion: v1 +data: + config.yml: |- + health: + storagedriver: + enabled: true + interval: 10s + threshold: 3 + http: + addr: :5000 + debug: + addr: :5001 + prometheus: + enabled: false + path: /metrics + headers: + X-Content-Type-Options: + - nosniff + log: + fields: + service: registry + storage: + cache: + blobdescriptor: inmemory + version: 0.1 +kind: ConfigMap +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry-config + namespace: flyte +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: flyte-sandbox-extra-cluster-resource-templates + namespace: flyte +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: flyte-sandbox-extra-config + namespace: flyte +--- +apiVersion: v1 +data: + envoy.yaml: | + admin: + access_log_path: /dev/stdout + static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 8000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + codec_type: AUTO + upgrade_configs: + - upgrade_type: websocket + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + path: "/" + redirect: + path_redirect: "/console/" + - match: + prefix: "/.well-known" + route: + cluster: flyte + - match: + prefix: "/__webpack_hmr" + route: + cluster: flyte + - match: + prefix: "/api" + route: + cluster: flyte + - match: + prefix: "/callback" + route: + cluster: flyte + - match: + prefix: "/config" + route: + cluster: flyte + - match: + prefix: "/console" + route: + cluster: flyte + - match: + prefix: "/healthcheck" + route: + cluster: flyte + - match: + prefix: "/login" + route: + cluster: flyte + - match: + prefix: "/logout" + route: + cluster: flyte + - match: + prefix: "/me" + route: + cluster: flyte + - match: + prefix: "/oauth2" + route: + cluster: flyte + - match: + prefix: "/v1" + route: + cluster: flyte + - match: + prefix: "/flyteidl.service.AdminService" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.AuthMetadataService" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.DataProxyService" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.IdentityService" + route: + cluster: flyte_grpc + - match: + prefix: "/grpc.health.v1.Health" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.SignalService" + route: + cluster: flyte_grpc + - match: + path: "/kubernetes-dashboard" + redirect: + path_redirect: "/kubernetes-dashboard/" + - match: + prefix: "/kubernetes-dashboard/" + route: + cluster: kubernetes-dashboard + prefix_rewrite: / + - match: + path: "/minio" + redirect: + path_redirect: "/minio/" + - match: + prefix: "/minio/" + route: + cluster: minio + prefix_rewrite: / + http_filters: + - name: envoy.filters.http.router + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + clusters: + - name: flyte + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: flyte + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-http + port_value: 8088 + - name: flyte_grpc + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + http2_protocol_options: {} + load_assignment: + cluster_name: flyte_grpc + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-grpc + port_value: 8089 + - name: kubernetes-dashboard + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: kubernetes-dashboard + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-kubernetes-dashboard + port_value: 80 + - name: minio + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: minio + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-minio + port_value: 9001 +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-proxy-config + namespace: flyte +--- +apiVersion: v1 +data: null +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: kubernetes-dashboard-settings + namespace: flyte +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-config-secret + namespace: flyte +stringData: + 012-database-secrets.yaml: | + database: + postgres: + password: "postgres" + 013-storage-secrets.yaml: | + storage: + stow: + config: + access_key_id: "minio" + secret_key: "miniostorage" +type: Opaque +--- +apiVersion: v1 +data: + haSharedSecret: Wkk0bHJhdWM3UTd4RXROcg== + proxyPassword: "" + proxyUsername: "" +kind: Secret +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry-secret + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard-certs + namespace: flyte +type: Opaque +--- +apiVersion: v1 +data: + root-password: bWluaW9zdG9yYWdl + root-user: bWluaW8= +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +type: Opaque +--- +apiVersion: v1 +data: + postgres-password: cG9zdGdyZXM= +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + namespace: flyte +type: Opaque +--- +apiVersion: v1 +data: + username: User +kind: Secret +metadata: + name: flyteagent + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: kubernetes-dashboard-csrf + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: kubernetes-dashboard-key-holder + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry + namespace: flyte +spec: + ports: + - name: http-5000 + nodePort: 30000 + port: 5000 + protocol: TCP + targetPort: 5000 + selector: + app: docker-registry + release: flyte-sandbox + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-grpc + namespace: flyte +spec: + ports: + - name: grpc + nodePort: null + port: 8089 + targetPort: grpc + selector: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-http + namespace: flyte +spec: + ports: + - name: http + nodePort: null + port: 8088 + targetPort: http + selector: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + kubernetes.io/cluster-service: "true" + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +spec: + ports: + - name: http + port: 80 + targetPort: http + selector: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: kubernetes-dashboard + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +spec: + externalTrafficPolicy: Cluster + ports: + - name: minio-api + nodePort: 30002 + port: 9000 + targetPort: minio-api + - name: minio-console + port: 9001 + targetPort: minio-console + selector: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: minio + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + namespace: flyte +spec: + externalTrafficPolicy: Cluster + ports: + - name: tcp-postgresql + nodePort: 30001 + port: 5432 + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" + name: flyte-sandbox-postgresql-hl + namespace: flyte +spec: + clusterIP: None + ports: + - name: tcp-postgresql + port: 5432 + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-proxy + namespace: flyte +spec: + ports: + - name: http + nodePort: 30080 + port: 8000 + protocol: TCP + selector: + app.kubernetes.io/component: proxy + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-webhook + namespace: flyte +spec: + ports: + - name: webhook + port: 443 + targetPort: webhook + selector: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + projectcontour.io/upstream-protocol.h2c: grpc + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + name: flyteagent + namespace: flyte +spec: + ports: + - name: agent-grpc + port: 8000 + protocol: TCP + targetPort: agent-grpc + selector: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/name: flyteagent + type: ClusterIP +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-db-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1Gi + hostPath: + path: /var/lib/flyte/storage/db + storageClassName: manual +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-minio-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1Gi + hostPath: + path: /var/lib/flyte/storage/minio + storageClassName: manual +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-db-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: manual + volumeName: flyte-sandbox-db-storage +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-minio-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: manual + volumeName: flyte-sandbox-minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + strategy: + type: Recreate + template: + metadata: + annotations: + checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 + checksum/configuration: 2bc4d1f1b07e67182a10a59b5eeb2c8dda57d8f0d98d3869fa6e773518690cac + checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 + labels: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + spec: + containers: + - args: + - start + - --config + - /etc/flyte/config.d/*.yaml + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: flyte-binary:sandbox + imagePullPolicy: Never + livenessProbe: + httpGet: + path: /healthcheck + port: http + name: flyte + ports: + - containerPort: 8088 + name: http + - containerPort: 8089 + name: grpc + - containerPort: 9443 + name: webhook + readinessProbe: + httpGet: + path: /healthcheck + port: http + volumeMounts: + - mountPath: /etc/flyte/cluster-resource-templates + name: cluster-resource-templates + - mountPath: /etc/flyte/config.d + name: config + - mountPath: /var/run/flyte + name: state + initContainers: + - args: + - | + until pg_isready \ + -h flyte-sandbox-postgresql \ + -p 5432 \ + -U postgres + do + echo waiting for database + sleep 0.1 + done + command: + - sh + - -ec + image: bitnami/postgresql:sandbox + imagePullPolicy: Never + name: wait-for-db + serviceAccountName: flyte-sandbox + volumes: + - name: cluster-resource-templates + projected: + sources: + - configMap: + name: flyte-sandbox-cluster-resource-templates + - configMap: + name: flyte-sandbox-extra-cluster-resource-templates + - name: config + projected: + sources: + - configMap: + name: flyte-sandbox-config + - secret: + name: flyte-sandbox-config-secret + - configMap: + name: flyte-sandbox-extra-config + - emptyDir: {} + name: state +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-buildkit + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: buildkit + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + template: + metadata: + labels: + app.kubernetes.io/component: buildkit + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + spec: + containers: + - args: + - --addr + - unix:///run/buildkit/buildkitd.sock + - --addr + - tcp://0.0.0.0:30003 + image: moby/buildkit:sandbox + imagePullPolicy: Never + livenessProbe: + exec: + command: + - buildctl + - debug + - workers + initialDelaySeconds: 5 + periodSeconds: 30 + name: buildkit + ports: + - containerPort: 30003 + name: tcp + protocol: TCP + readinessProbe: + exec: + command: + - buildctl + - debug + - workers + initialDelaySeconds: 5 + periodSeconds: 30 + securityContext: + privileged: true + hostNetwork: true +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry + namespace: flyte +spec: + minReadySeconds: 5 + replicas: 1 + selector: + matchLabels: + app: docker-registry + release: flyte-sandbox + template: + metadata: + annotations: + checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 + checksum/secret: 0a7b278f743f402f95522ae31ffcdd234736e8641f46a784381dc36c2005a125 + labels: + app: docker-registry + release: flyte-sandbox + spec: + containers: + - command: + - /bin/registry + - serve + - /etc/docker/registry/config.yml + env: + - name: REGISTRY_HTTP_SECRET + valueFrom: + secretKeyRef: + key: haSharedSecret + name: flyte-sandbox-docker-registry-secret + - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY + value: /var/lib/registry + image: registry:sandbox + imagePullPolicy: Never + livenessProbe: + httpGet: + path: / + port: 5000 + name: docker-registry + ports: + - containerPort: 5000 + readinessProbe: + httpGet: + path: / + port: 5000 + resources: {} + volumeMounts: + - mountPath: /etc/docker/registry + name: flyte-sandbox-docker-registry-config + - mountPath: /var/lib/registry/ + name: data + securityContext: + fsGroup: 1000 + runAsUser: 1000 + volumes: + - configMap: + name: flyte-sandbox-docker-registry-config + name: flyte-sandbox-docker-registry-config + - emptyDir: {} + name: data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: kubernetes-dashboard + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + annotations: null + labels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + spec: + containers: + - args: + - --namespace=flyte + - --metrics-provider=none + - --enable-insecure-login + - --enable-skip-login + image: kubernetesui/dashboard:sandbox + imagePullPolicy: Never + livenessProbe: + httpGet: + path: / + port: 9090 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 30 + name: kubernetes-dashboard + ports: + - containerPort: 9090 + name: http + protocol: TCP + resources: + limits: + cpu: 2 + memory: 200Mi + requests: + cpu: 100m + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 2001 + runAsUser: 1001 + volumeMounts: + - mountPath: /certs + name: kubernetes-dashboard-certs + - mountPath: /tmp + name: tmp-volume + securityContext: + seccompProfile: + type: RuntimeDefault + serviceAccountName: flyte-sandbox-kubernetes-dashboard + volumes: + - name: kubernetes-dashboard-certs + secret: + secretName: flyte-sandbox-kubernetes-dashboard-certs + - emptyDir: {} + name: tmp-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +spec: + selector: + matchLabels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: minio + strategy: + type: Recreate + template: + metadata: + annotations: + checksum/credentials-secret: c199ac45f9d95d97966921c814d6c8b38cbf7416458e19cbe6d001a04c264448 + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + spec: + affinity: + nodeAffinity: null + podAffinity: null + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: minio + topologyKey: kubernetes.io/hostname + weight: 1 + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: MINIO_SCHEME + value: http + - name: MINIO_FORCE_NEW_KEYS + value: "no" + - name: MINIO_ROOT_USER + valueFrom: + secretKeyRef: + key: root-user + name: flyte-sandbox-minio + - name: MINIO_ROOT_PASSWORD + valueFrom: + secretKeyRef: + key: root-password + name: flyte-sandbox-minio + - name: MINIO_DEFAULT_BUCKETS + value: my-s3-bucket + - name: MINIO_BROWSER + value: "on" + - name: MINIO_PROMETHEUS_AUTH_TYPE + value: public + - name: MINIO_CONSOLE_PORT_NUMBER + value: "9001" + - name: MINIO_BROWSER_REDIRECT_URL + value: http://localhost:30080/minio + envFrom: null + image: docker.io/bitnami/minio:sandbox + imagePullPolicy: Never + livenessProbe: + failureThreshold: 5 + httpGet: + path: /minio/health/live + port: minio-api + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + name: minio + ports: + - containerPort: 9000 + name: minio-api + protocol: TCP + - containerPort: 9001 + name: minio-console + protocol: TCP + readinessProbe: + failureThreshold: 5 + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: minio-api + timeoutSeconds: 1 + resources: + limits: {} + requests: {} + securityContext: + runAsNonRoot: true + runAsUser: 1001 + volumeMounts: + - mountPath: /data + name: data + initContainers: + - command: + - /bin/bash + - -ec + - | + chown -R 1001:1001 /data + image: docker.io/bitnami/bitnami-shell:sandbox + imagePullPolicy: Never + name: volume-permissions + resources: + limits: {} + requests: {} + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /data + name: data + securityContext: + fsGroup: 1001 + serviceAccountName: flyte-sandbox-minio + volumes: + - name: data + persistentVolumeClaim: + claimName: flyte-sandbox-minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-proxy + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: proxy + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + template: + metadata: + labels: + app.kubernetes.io/component: proxy + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + spec: + containers: + - image: envoyproxy/envoy:sandbox + imagePullPolicy: Never + name: proxy + ports: + - containerPort: 8000 + name: http + volumeMounts: + - mountPath: /etc/envoy + name: config + volumes: + - configMap: + name: flyte-sandbox-proxy-config + name: config +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + name: flyteagent + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/name: flyteagent + template: + metadata: + annotations: null + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + spec: + containers: + - command: + - pyflyte + - serve + image: ghcr.io/flyteorg/flyteagent:1.8.3 + imagePullPolicy: IfNotPresent + name: flyteagent + ports: + - containerPort: 8000 + name: agent-grpc + resources: + limits: + cpu: 500m + ephemeral-storage: 200Mi + memory: 200Mi + requests: + cpu: 500m + ephemeral-storage: 200Mi + memory: 200Mi + volumeMounts: + - mountPath: /etc/secrets + name: flyteagent + serviceAccountName: flyteagent + volumes: + - name: flyteagent + secret: + secretName: flyteagent +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + serviceName: flyte-sandbox-postgresql-hl + template: + metadata: + annotations: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + spec: + affinity: + nodeAffinity: null + podAffinity: null + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: flyte-sandbox-postgresql + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:sandbox + imagePullPolicy: Never + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: {} + requests: + cpu: 250m + memory: 256Mi + securityContext: + runAsUser: 1001 + volumeMounts: + - mountPath: /bitnami/postgresql + name: data + hostIPC: false + hostNetwork: false + initContainers: + - command: + - /bin/sh + - -ec + - | + chown 1001:1001 /bitnami/postgresql + mkdir -p /bitnami/postgresql/data + chmod 700 /bitnami/postgresql/data + find /bitnami/postgresql -mindepth 1 -maxdepth 1 -not -name "conf" -not -name ".snapshot" -not -name "lost+found" | \ + xargs -r chown -R 1001:1001 + image: docker.io/bitnami/bitnami-shell:sandbox + imagePullPolicy: Never + name: init-chmod-data + resources: + limits: {} + requests: {} + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /bitnami/postgresql + name: data + securityContext: + fsGroup: 1001 + serviceAccountName: default + volumes: + - name: data + persistentVolumeClaim: + claimName: flyte-sandbox-db-storage + updateStrategy: + rollingUpdate: {} + type: RollingUpdate diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index cf20d9ccf1..ae6071a9c5 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -795,7 +795,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: TGdrZ2VYQmlCclY1RExvUw== + haSharedSecret: dEhERHJjMFJMZTQ1VmRZRQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1356,7 +1356,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 34825f00a546f73cde04e45e718db7db8a29791c6ef58537f56f9270ee81dc01 + checksum/secret: 2c457828175cb85d46a954dce3ceaac2fe4d020acc45df6efb6bf1777bfaa6cd labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 20c5f697a2..04e0def05c 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: Z2ZnWkdRNVI0VFBBd3JPQg== + haSharedSecret: SHVzUjJSS2R1cGQ5elNUVQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 12ce3d2a71b191032acdc8fc14085540cf192208f4bb213ec39a2ff2b3862d88 + checksum/secret: 071ef7fd9ebde8f72641e92adb05c4e623d604a871aec6c2e20191dab38bbfba labels: app: docker-registry release: flyte-sandbox From 6824366f164360cb40b9751749438215175f5bb6 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Sun, 17 Sep 2023 17:15:14 +0800 Subject: [PATCH 02/12] update flyteagent kustomization Signed-off-by: Future Outlier --- docker/sandbox-bundled/Makefile | 1 + .../kustomize/complete-agent/kustomization.yaml | 2 +- docker/sandbox-bundled/manifests/complete-agent.yaml | 4 ++-- docker/sandbox-bundled/manifests/complete.yaml | 4 ++-- docker/sandbox-bundled/manifests/dev.yaml | 4 ++-- 5 files changed, 8 insertions(+), 7 deletions(-) diff --git a/docker/sandbox-bundled/Makefile b/docker/sandbox-bundled/Makefile index e1ae3062d1..9ae4197673 100644 --- a/docker/sandbox-bundled/Makefile +++ b/docker/sandbox-bundled/Makefile @@ -19,6 +19,7 @@ flyte: manifests: mkdir -p manifests helm dependency update ../../charts/flyte-sandbox + helm dependency update ../../charts/flyteagent kustomize build \ --enable-helm \ --load-restrictor=LoadRestrictionsNone \ diff --git a/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml index 4abd1d093c..3c6d5c6e5e 100644 --- a/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml +++ b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml @@ -1,7 +1,7 @@ helmGlobals: chartHome: ../../../../charts helmCharts: -- name: flyte-sandbo x +- name: flyte-sandbox releaseName: flyte-sandbox namespace: flyte - name: flyteagent diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 2514e7f1b9..48b97e55d5 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -806,7 +806,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: Wkk0bHJhdWM3UTd4RXROcg== + haSharedSecret: OEFRSVFiSjJLN1VYb2tlYg== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1399,7 +1399,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 0a7b278f743f402f95522ae31ffcdd234736e8641f46a784381dc36c2005a125 + checksum/secret: ca45138c582a88b6d2e4154a1a467456b34ae94a7bf8198ab8e1a99543c51c0a labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index ae6071a9c5..3aefa4f551 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -795,7 +795,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: dEhERHJjMFJMZTQ1VmRZRQ== + haSharedSecret: UTZnNk9QWThXZExVVTM2SA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1356,7 +1356,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 2c457828175cb85d46a954dce3ceaac2fe4d020acc45df6efb6bf1777bfaa6cd + checksum/secret: 0d0f36e984e18629ff6f0c903cab1dbd3a020705d41ec2222fa93e4ab6af4e99 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 04e0def05c..9651825b86 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: SHVzUjJSS2R1cGQ5elNUVQ== + haSharedSecret: N3IwMFR6blpSb0htajVuZA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 071ef7fd9ebde8f72641e92adb05c4e623d604a871aec6c2e20191dab38bbfba + checksum/secret: 02674b66491c6bdf20073a25b6f3b01743cc8f6f4c9c287a5afb72026346dbb1 labels: app: docker-registry release: flyte-sandbox From 65ee2f372e008ffe9d7e10e04a07a1e74098c14f Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Sun, 17 Sep 2023 19:42:11 +0800 Subject: [PATCH 03/12] add agent-servie key in enabled plugins Signed-off-by: Future Outlier --- docker/sandbox-bundled/manifests/complete-agent.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 48b97e55d5..4043ded74c 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -456,6 +456,7 @@ data: container_array: k8s-array sidecar: sidecar enabled-plugins: + - agent-service - container - sidecar - k8s-array From 620b81788c3975e4fa11989ea6de9699d721c1e3 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Sun, 17 Sep 2023 20:03:35 +0800 Subject: [PATCH 04/12] add flyte agent patch Signed-off-by: Future Outlier --- .../complete-agent/flyteagent_patch.yaml | 33 +++++++++++++++++++ .../complete-agent/kustomization.yaml | 7 ++++ .../manifests/complete-agent.yaml | 4 +-- .../sandbox-bundled/manifests/complete.yaml | 4 +-- docker/sandbox-bundled/manifests/dev.yaml | 4 +-- 5 files changed, 46 insertions(+), 6 deletions(-) create mode 100644 docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml diff --git a/docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml b/docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml new file mode 100644 index 0000000000..6553649ae7 --- /dev/null +++ b/docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: flyte-sandbox-config +data: + 001-plugins.yaml: | + tasks: + task-plugins: + default-for-task-types: + container: container + container_array: k8s-array + sidecar: sidecar + enabled-plugins: + - agent-service + - container + - sidecar + - k8s-array + plugins: + logs: + kubernetes-enabled: true + kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} + cloudwatch-enabled: false + stackdriver-enabled: false + k8s: + co-pilot: + image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.33" + k8s-array: + logs: + config: + kubernetes-enabled: true + kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} + cloudwatch-enabled: false + stackdriver-enabled: false diff --git a/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml index 3c6d5c6e5e..640dd430df 100644 --- a/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml +++ b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml @@ -10,3 +10,10 @@ helmCharts: namespace: flyte resources: - ../namespace.yaml + +patches: + - path: ./flyteagent_patch.yaml + target: + kind: ConfigMap + name: flyte-sandbox-config + diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 4043ded74c..0f33835ada 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -807,7 +807,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: OEFRSVFiSjJLN1VYb2tlYg== + haSharedSecret: NXl3SE1KUGNtSkhhSzRvZw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1400,7 +1400,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: ca45138c582a88b6d2e4154a1a467456b34ae94a7bf8198ab8e1a99543c51c0a + checksum/secret: 0320675aa65bc42cb25ac844bb59fee74e49647b65669c21f2dfa3e39c597810 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 3aefa4f551..531b832c16 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -795,7 +795,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: UTZnNk9QWThXZExVVTM2SA== + haSharedSecret: bWxDVllzS0hSMEJQZ1gzRw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1356,7 +1356,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 0d0f36e984e18629ff6f0c903cab1dbd3a020705d41ec2222fa93e4ab6af4e99 + checksum/secret: afc08c65d94baab28d716ec39643a79f8441760856b59764bc61205459e64d1f labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 9651825b86..56290e715d 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: N3IwMFR6blpSb0htajVuZA== + haSharedSecret: R1BqenhQZWNVSXdjUnRGbQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 02674b66491c6bdf20073a25b6f3b01743cc8f6f4c9c287a5afb72026346dbb1 + checksum/secret: e65a7cfaef722d164cb5a04c2e6f49daf8e2a76de4737dfd05c5120b833fd65f labels: app: docker-registry release: flyte-sandbox From 2f100e5aec59ffd5c6180e5e9d7e490a488ff898 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Wed, 20 Sep 2023 22:20:01 +0800 Subject: [PATCH 05/12] Update helm chart and remove patch Signed-off-by: Future Outlier --- charts/flyte-binary/values.yaml | 3 +- .../complete-agent/flyteagent_patch.yaml | 33 ------------------- .../complete-agent/kustomization.yaml | 7 ---- .../manifests/complete-agent.yaml | 8 ++--- .../sandbox-bundled/manifests/complete.yaml | 7 ++-- docker/sandbox-bundled/manifests/dev.yaml | 4 +-- 6 files changed, 11 insertions(+), 51 deletions(-) delete mode 100644 docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml diff --git a/charts/flyte-binary/values.yaml b/charts/flyte-binary/values.yaml index 932ca9cca8..2fa1f4c63b 100644 --- a/charts/flyte-binary/values.yaml +++ b/charts/flyte-binary/values.yaml @@ -382,8 +382,7 @@ enabled_plugins: - container - sidecar - k8s-array - # -- Uncomment to enable agent service - # - agent-service + - agent-service default-for-task-types: container: container sidecar: sidecar diff --git a/docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml b/docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml deleted file mode 100644 index 6553649ae7..0000000000 --- a/docker/sandbox-bundled/kustomize/complete-agent/flyteagent_patch.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: flyte-sandbox-config -data: - 001-plugins.yaml: | - tasks: - task-plugins: - default-for-task-types: - container: container - container_array: k8s-array - sidecar: sidecar - enabled-plugins: - - agent-service - - container - - sidecar - - k8s-array - plugins: - logs: - kubernetes-enabled: true - kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} - cloudwatch-enabled: false - stackdriver-enabled: false - k8s: - co-pilot: - image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.33" - k8s-array: - logs: - config: - kubernetes-enabled: true - kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} - cloudwatch-enabled: false - stackdriver-enabled: false diff --git a/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml index 640dd430df..3c6d5c6e5e 100644 --- a/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml +++ b/docker/sandbox-bundled/kustomize/complete-agent/kustomization.yaml @@ -10,10 +10,3 @@ helmCharts: namespace: flyte resources: - ../namespace.yaml - -patches: - - path: ./flyteagent_patch.yaml - target: - kind: ConfigMap - name: flyte-sandbox-config - diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 0f33835ada..c081e95b6a 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -456,10 +456,10 @@ data: container_array: k8s-array sidecar: sidecar enabled-plugins: - - agent-service - container - sidecar - k8s-array + - agent-service plugins: logs: kubernetes-enabled: true @@ -807,7 +807,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: NXl3SE1KUGNtSkhhSzRvZw== + haSharedSecret: eVY3MzFRdjVuTUtVNkJ2Tw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1237,7 +1237,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 2bc4d1f1b07e67182a10a59b5eeb2c8dda57d8f0d98d3869fa6e773518690cac + checksum/configuration: 7f44628a274eee8a93d71643705b34f0d5ae672b350c64fa9ea5b20a03de604d checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1400,7 +1400,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 0320675aa65bc42cb25ac844bb59fee74e49647b65669c21f2dfa3e39c597810 + checksum/secret: d773d0c3d533f1e32c4708e7d20fdd350cd6026517194a0e9f2525f1e8dc3a4a labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 531b832c16..616f5629d6 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -448,6 +448,7 @@ data: - container - sidecar - k8s-array + - agent-service plugins: logs: kubernetes-enabled: true @@ -795,7 +796,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: bWxDVllzS0hSMEJQZ1gzRw== + haSharedSecret: eUp3NTVTZ3RpRUp0NEhBNQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1193,7 +1194,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 2bc4d1f1b07e67182a10a59b5eeb2c8dda57d8f0d98d3869fa6e773518690cac + checksum/configuration: 7f44628a274eee8a93d71643705b34f0d5ae672b350c64fa9ea5b20a03de604d checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1356,7 +1357,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: afc08c65d94baab28d716ec39643a79f8441760856b59764bc61205459e64d1f + checksum/secret: 4870c07b2cab42edd7ea782204e2ad225d2c82d5c4f3f74aebd59a6f76293591 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 56290e715d..b9f1cd9e51 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: R1BqenhQZWNVSXdjUnRGbQ== + haSharedSecret: Y1dWb0I2NXpmSUxtZFJBRA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: e65a7cfaef722d164cb5a04c2e6f49daf8e2a76de4737dfd05c5120b833fd65f + checksum/secret: 9cfe892587af60802fd5c44efb44f44fca5ca5f5081a3f04c1ba944029aca54e labels: app: docker-registry release: flyte-sandbox From 1a2102656421c382d96b300f9e8980b1bfb97d39 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Thu, 21 Sep 2023 08:42:48 +0800 Subject: [PATCH 06/12] add agentService Signed-off-by: Future Outlier --- charts/flyte-binary/values.yaml | 7 ++++--- docker/sandbox-bundled/manifests/complete-agent.yaml | 10 +++++++--- docker/sandbox-bundled/manifests/complete.yaml | 10 +++++++--- 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/charts/flyte-binary/values.yaml b/charts/flyte-binary/values.yaml index 2fa1f4c63b..c893d8f3c2 100644 --- a/charts/flyte-binary/values.yaml +++ b/charts/flyte-binary/values.yaml @@ -151,11 +151,12 @@ configuration: # tag CoPilot sidecar image tag tag: v0.0.33 # FLYTECOPILOT_TAG # agentService Flyte Agent configuration - agentService: {} + agentService: + defaultAgent: + endpoint: "dns:///flyteagent.flyte.svc.cluster.local:8000" + insecure: true # Uncomment and modify to include configuration for Flyte Agent # defaultGrpcEndpoint: agent-service.agent-namespace:8000 - # supportedTaskTypes: - # - custom_task_type # externalConfigMap Specify an existing, external ConfigMap to use as configuration for Flyte # If set, no Flyte configuration will be generated by this chart externalConfigMap: "" diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index c081e95b6a..f9f21bca90 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -476,6 +476,10 @@ data: kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} cloudwatch-enabled: false stackdriver-enabled: false + agent-service: + defaultAgent: + endpoint: dns:///flyteagent.flyte.svc.cluster.local:8000 + insecure: true 002-database.yaml: | database: postgres: @@ -807,7 +811,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: eVY3MzFRdjVuTUtVNkJ2Tw== + haSharedSecret: OVMxRkQ3eTRSSFIzb1BwNw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1237,7 +1241,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 7f44628a274eee8a93d71643705b34f0d5ae672b350c64fa9ea5b20a03de604d + checksum/configuration: 454886716e03425f5b6980d658280a5c9d2dd9b73767ab8e080ba381b97efc95 checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1400,7 +1404,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: d773d0c3d533f1e32c4708e7d20fdd350cd6026517194a0e9f2525f1e8dc3a4a + checksum/secret: 5bbe0cc7953f85ea716803f63f0621812aba5ca65b0cd4663650d9ee01071830 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 616f5629d6..1c263bfbe2 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -465,6 +465,10 @@ data: kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} cloudwatch-enabled: false stackdriver-enabled: false + agent-service: + defaultAgent: + endpoint: dns:///flyteagent.flyte.svc.cluster.local:8000 + insecure: true 002-database.yaml: | database: postgres: @@ -796,7 +800,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: eUp3NTVTZ3RpRUp0NEhBNQ== + haSharedSecret: d1B5UTNPWVBoRjA4UGFhYw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1194,7 +1198,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 7f44628a274eee8a93d71643705b34f0d5ae672b350c64fa9ea5b20a03de604d + checksum/configuration: 454886716e03425f5b6980d658280a5c9d2dd9b73767ab8e080ba381b97efc95 checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1357,7 +1361,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 4870c07b2cab42edd7ea782204e2ad225d2c82d5c4f3f74aebd59a6f76293591 + checksum/secret: 750125a1cf681cdd45d59c2ff0f2cfb69349e246452fff3387bb1d65f5706794 labels: app: docker-registry release: flyte-sandbox From a97a42265541482d2bdf5d7e0ffdf01b5c85a509 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Thu, 21 Sep 2023 11:10:39 +0800 Subject: [PATCH 07/12] add task timeout Signed-off-by: Future Outlier --- charts/flyte-binary/values.yaml | 3 +++ docker/sandbox-bundled/manifests/complete-agent.yaml | 9 ++++++--- docker/sandbox-bundled/manifests/complete.yaml | 9 ++++++--- docker/sandbox-bundled/manifests/dev.yaml | 4 ++-- 4 files changed, 17 insertions(+), 8 deletions(-) diff --git a/charts/flyte-binary/values.yaml b/charts/flyte-binary/values.yaml index c893d8f3c2..d831815e5f 100644 --- a/charts/flyte-binary/values.yaml +++ b/charts/flyte-binary/values.yaml @@ -155,6 +155,9 @@ configuration: defaultAgent: endpoint: "dns:///flyteagent.flyte.svc.cluster.local:8000" insecure: true + timeouts: + GetTask: 10s + defaultTimeout: 10s # Uncomment and modify to include configuration for Flyte Agent # defaultGrpcEndpoint: agent-service.agent-namespace:8000 # externalConfigMap Specify an existing, external ConfigMap to use as configuration for Flyte diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index f9f21bca90..2a593b20e2 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -478,8 +478,11 @@ data: stackdriver-enabled: false agent-service: defaultAgent: + defaultTimeout: 10s endpoint: dns:///flyteagent.flyte.svc.cluster.local:8000 insecure: true + timeouts: + GetTask: 10s 002-database.yaml: | database: postgres: @@ -811,7 +814,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: OVMxRkQ3eTRSSFIzb1BwNw== + haSharedSecret: bG8wM0N5bko0eGtTeXR3VA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1241,7 +1244,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 454886716e03425f5b6980d658280a5c9d2dd9b73767ab8e080ba381b97efc95 + checksum/configuration: d8bf73644712bd050aa462a0478b0c779bd6d170645efe98feb5ffcacf52010e checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1404,7 +1407,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 5bbe0cc7953f85ea716803f63f0621812aba5ca65b0cd4663650d9ee01071830 + checksum/secret: 0e903dc801d2d56962db092f2a87ab3ac2ff7ad2c63c9010b0f4d2d7b62ee991 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 1c263bfbe2..dc4fe87ffd 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -467,8 +467,11 @@ data: stackdriver-enabled: false agent-service: defaultAgent: + defaultTimeout: 10s endpoint: dns:///flyteagent.flyte.svc.cluster.local:8000 insecure: true + timeouts: + GetTask: 10s 002-database.yaml: | database: postgres: @@ -800,7 +803,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: d1B5UTNPWVBoRjA4UGFhYw== + haSharedSecret: NGdxVlh5RUFDQ2VUdTlqNA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1198,7 +1201,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 454886716e03425f5b6980d658280a5c9d2dd9b73767ab8e080ba381b97efc95 + checksum/configuration: d8bf73644712bd050aa462a0478b0c779bd6d170645efe98feb5ffcacf52010e checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1361,7 +1364,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 750125a1cf681cdd45d59c2ff0f2cfb69349e246452fff3387bb1d65f5706794 + checksum/secret: 24742f705403480bc843cf5c699f70632a9699fbdf771ad34a1672a448ffc14d labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index b9f1cd9e51..0c2ad54483 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: Y1dWb0I2NXpmSUxtZFJBRA== + haSharedSecret: VVVDd08zZmw3d3NkV3o3dA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 9cfe892587af60802fd5c44efb44f44fca5ca5f5081a3f04c1ba944029aca54e + checksum/secret: 91877d32644e12d6cfebcc9c65192104dac73b183b4235af08d041d93a160cec labels: app: docker-registry release: flyte-sandbox From 0479cc745a73a8446a598793b1535db4b3b72e49 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Wed, 27 Sep 2023 21:40:32 +0800 Subject: [PATCH 08/12] make helm Signed-off-by: Future Outlier --- .../flyte_sandbox_binary_helm_generated.yaml | 10 +++++++++- docker/sandbox-bundled/manifests/complete-agent.yaml | 4 ++-- docker/sandbox-bundled/manifests/complete.yaml | 4 ++-- docker/sandbox-bundled/manifests/dev.yaml | 4 ++-- 4 files changed, 15 insertions(+), 7 deletions(-) diff --git a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml index a99bc9c6fa..aa2db3faba 100644 --- a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml +++ b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml @@ -108,6 +108,7 @@ data: - container - sidecar - k8s-array + - agent-service plugins: logs: kubernetes-enabled: false @@ -122,6 +123,13 @@ data: kubernetes-enabled: false cloudwatch-enabled: false stackdriver-enabled: false + agent-service: + defaultAgent: + defaultTimeout: 10s + endpoint: dns:///flyteagent.flyte.svc.cluster.local:8000 + insecure: true + timeouts: + GetTask: 10s 002-database.yaml: | database: postgres: @@ -357,7 +365,7 @@ spec: app.kubernetes.io/instance: flyte app.kubernetes.io/component: flyte-binary annotations: - checksum/configuration: 3a6da0d987dcab9f9e03a74a9300098f001c51c6407662e71dd96603f14ad068 + checksum/configuration: f4333bb3da12fa253033b0797e1380d38c1ac9b60d8998e7170d9eecbb397bb4 checksum/configuration-secret: d5d93f4e67780b21593dc3799f0f6682aab0765e708e4020939975d14d44f929 checksum/cluster-resource-templates: 7dfa59f3d447e9c099b8f8ffad3af466fecbc9cf9f8c97295d9634254a55d4ae spec: diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 2a593b20e2..0780bb5b57 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -814,7 +814,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: bG8wM0N5bko0eGtTeXR3VA== + haSharedSecret: bzRZSkZTS1ZleXlCUUJNTA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1407,7 +1407,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 0e903dc801d2d56962db092f2a87ab3ac2ff7ad2c63c9010b0f4d2d7b62ee991 + checksum/secret: 15c81ab2a1897ff8695808087385766accafd54576f22a85773047617ee892cb labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index dc4fe87ffd..508d420c8e 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -803,7 +803,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: NGdxVlh5RUFDQ2VUdTlqNA== + haSharedSecret: QW12cVpyYVJFcGxsYnIxVQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1364,7 +1364,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 24742f705403480bc843cf5c699f70632a9699fbdf771ad34a1672a448ffc14d + checksum/secret: e1bc0a74f69aa6fc0c0bfdfe1138bfcf03828798ae29d84cfc2fc15bb0c2e27d labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 0c2ad54483..2e55849ed6 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: VVVDd08zZmw3d3NkV3o3dA== + haSharedSecret: RFBqME0zYXZONWpNTTA0eg== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 91877d32644e12d6cfebcc9c65192104dac73b183b4235af08d041d93a160cec + checksum/secret: 200c6b6f941dbfd54aeb651fcf2ea8e2a8ef742669a39e740077f3413c2f2284 labels: app: docker-registry release: flyte-sandbox From 5dab35f7b85078365014491a2e15c6bad5c197d3 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Thu, 28 Sep 2023 10:12:13 +0800 Subject: [PATCH 09/12] update helm README.md Signed-off-by: Future Outlier --- charts/flyte-binary/README.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/charts/flyte-binary/README.md b/charts/flyte-binary/README.md index 46b62377a9..e38a49fe32 100644 --- a/charts/flyte-binary/README.md +++ b/charts/flyte-binary/README.md @@ -21,7 +21,10 @@ Chart for basic single Flyte executable deployment | clusterResourceTemplates.labels | object | `{}` | | | commonAnnotations | object | `{}` | | | commonLabels | object | `{}` | | -| configuration.agentService | object | `{}` | | +| configuration.agentService.defaultAgent.defaultTimeout | string | `"10s"` | | +| configuration.agentService.defaultAgent.endpoint | string | `"dns:///flyteagent.flyte.svc.cluster.local:8000"` | | +| configuration.agentService.defaultAgent.insecure | bool | `true` | | +| configuration.agentService.defaultAgent.timeouts.GetTask | string | `"10s"` | | | configuration.annotations | object | `{}` | | | configuration.auth.authorizedUris | list | `[]` | | | configuration.auth.clientSecretsExternalSecretRef | string | `""` | | @@ -103,9 +106,9 @@ Chart for basic single Flyte executable deployment | deployment.waitForDB.image.pullPolicy | string | `"IfNotPresent"` | | | deployment.waitForDB.image.repository | string | `"postgres"` | | | deployment.waitForDB.image.tag | string | `"15-alpine"` | | -| enabled_plugins.tasks | object | `{"task-plugins":{"default-for-task-types":{"container":"container","container_array":"k8s-array","sidecar":"sidecar"},"enabled-plugins":["container","sidecar","k8s-array"]}}` | Tasks specific configuration [structure](https://pkg.go.dev/github.com/flyteorg/flytepropeller/pkg/controller/nodes/task/config#GetConfig) | -| enabled_plugins.tasks.task-plugins | object | `{"default-for-task-types":{"container":"container","container_array":"k8s-array","sidecar":"sidecar"},"enabled-plugins":["container","sidecar","k8s-array"]}` | Plugins configuration, [structure](https://pkg.go.dev/github.com/flyteorg/flytepropeller/pkg/controller/nodes/task/config#TaskPluginConfig) | -| enabled_plugins.tasks.task-plugins.enabled-plugins | list | `["container","sidecar","k8s-array"]` | [Enabled Plugins](https://pkg.go.dev/github.com/lyft/flyteplugins/go/tasks/config#Config). Enable sagemaker*, athena if you install the backend plugins | +| enabled_plugins.tasks | object | `{"task-plugins":{"default-for-task-types":{"container":"container","container_array":"k8s-array","sidecar":"sidecar"},"enabled-plugins":["container","sidecar","k8s-array","agent-service"]}}` | Tasks specific configuration [structure](https://pkg.go.dev/github.com/flyteorg/flytepropeller/pkg/controller/nodes/task/config#GetConfig) | +| enabled_plugins.tasks.task-plugins | object | `{"default-for-task-types":{"container":"container","container_array":"k8s-array","sidecar":"sidecar"},"enabled-plugins":["container","sidecar","k8s-array","agent-service"]}` | Plugins configuration, [structure](https://pkg.go.dev/github.com/flyteorg/flytepropeller/pkg/controller/nodes/task/config#TaskPluginConfig) | +| enabled_plugins.tasks.task-plugins.enabled-plugins | list | `["container","sidecar","k8s-array","agent-service"]` | [Enabled Plugins](https://pkg.go.dev/github.com/lyft/flyteplugins/go/tasks/config#Config). Enable sagemaker*, athena if you install the backend plugins | | flyte-core-components.admin.disableClusterResourceManager | bool | `false` | | | flyte-core-components.admin.disableScheduler | bool | `false` | | | flyte-core-components.admin.disabled | bool | `false` | | From b55d1f417748d06ba67feae9eeb6698f95ac65a6 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Sat, 30 Sep 2023 17:14:28 +0800 Subject: [PATCH 10/12] checksum Signed-off-by: Future Outlier --- .../sandbox-binary/flyte_sandbox_binary_helm_generated.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml index 906e741fbb..9e353751a2 100644 --- a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml +++ b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml @@ -365,7 +365,7 @@ spec: app.kubernetes.io/instance: flyte app.kubernetes.io/component: flyte-binary annotations: - checksum/configuration: 528ce4a42638a7810c99802dfd49525967db2a99dbc1019544b7799de2490b61 + checksum/configuration: 0013697bb41cc77503be1dbdbfde5b2cca7e46e390e8f168dab063c124dadf0b checksum/configuration-secret: d5d93f4e67780b21593dc3799f0f6682aab0765e708e4020939975d14d44f929 checksum/cluster-resource-templates: 7dfa59f3d447e9c099b8f8ffad3af466fecbc9cf9f8c97295d9634254a55d4ae spec: From 69a2e62ba4d3b17163e62210022be5724f626c64 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Sat, 7 Oct 2023 00:37:54 +0800 Subject: [PATCH 11/12] update supported task type Signed-off-by: Future Outlier --- charts/flyte-binary/README.md | 2 ++ charts/flyte-binary/values.yaml | 3 +++ .../flyte_sandbox_binary_helm_generated.yaml | 5 ++++- .../sandbox-bundled/manifests/complete-agent.yaml | 13 ++++++++----- docker/sandbox-bundled/manifests/complete.yaml | 9 ++++++--- docker/sandbox-bundled/manifests/dev.yaml | 4 ++-- 6 files changed, 25 insertions(+), 11 deletions(-) diff --git a/charts/flyte-binary/README.md b/charts/flyte-binary/README.md index 33182413ac..98badb3799 100644 --- a/charts/flyte-binary/README.md +++ b/charts/flyte-binary/README.md @@ -25,6 +25,8 @@ Chart for basic single Flyte executable deployment | configuration.agentService.defaultAgent.endpoint | string | `"dns:///flyteagent.flyte.svc.cluster.local:8000"` | | | configuration.agentService.defaultAgent.insecure | bool | `true` | | | configuration.agentService.defaultAgent.timeouts.GetTask | string | `"10s"` | | +| configuration.agentService.supportedTaskTypes[0] | string | `"custom_task_type"` | | +| configuration.agentService.supportedTaskTypes[1] | string | `"default_task"` | | | configuration.annotations | object | `{}` | | | configuration.auth.authorizedUris | list | `[]` | | | configuration.auth.clientSecretsExternalSecretRef | string | `""` | | diff --git a/charts/flyte-binary/values.yaml b/charts/flyte-binary/values.yaml index 12d1772975..01d4efae2a 100644 --- a/charts/flyte-binary/values.yaml +++ b/charts/flyte-binary/values.yaml @@ -159,6 +159,9 @@ configuration: GetTask: 10s defaultTimeout: 10s # Uncomment and modify to include configuration for Flyte Agent + supportedTaskTypes: + - custom_task_type + - default_task # defaultGrpcEndpoint: agent-service.agent-namespace:8000 # externalConfigMap Specify an existing, external ConfigMap to use as configuration for Flyte # If set, no Flyte configuration will be generated by this chart diff --git a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml index 9e353751a2..b0aac878dd 100644 --- a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml +++ b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml @@ -130,6 +130,9 @@ data: insecure: true timeouts: GetTask: 10s + supportedTaskTypes: + - custom_task_type + - default_task 002-database.yaml: | database: postgres: @@ -365,7 +368,7 @@ spec: app.kubernetes.io/instance: flyte app.kubernetes.io/component: flyte-binary annotations: - checksum/configuration: 0013697bb41cc77503be1dbdbfde5b2cca7e46e390e8f168dab063c124dadf0b + checksum/configuration: ca166b824b050aad2cc47d8250af2ea34163c5cacf4a3d43885a6d938a47d26f checksum/configuration-secret: d5d93f4e67780b21593dc3799f0f6682aab0765e708e4020939975d14d44f929 checksum/cluster-resource-templates: 7dfa59f3d447e9c099b8f8ffad3af466fecbc9cf9f8c97295d9634254a55d4ae spec: diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 0780bb5b57..4c4eb1f03c 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -468,7 +468,7 @@ data: stackdriver-enabled: false k8s: co-pilot: - image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.33" + image: "cr.flyte.org/flyteorg/flytecopilot:v1.9.4" k8s-array: logs: config: @@ -483,6 +483,9 @@ data: insecure: true timeouts: GetTask: 10s + supportedTaskTypes: + - custom_task_type + - default_task 002-database.yaml: | database: postgres: @@ -814,7 +817,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: bzRZSkZTS1ZleXlCUUJNTA== + haSharedSecret: R3N1WE9Zc2YxR0VjNEFYWQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1244,7 +1247,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: d8bf73644712bd050aa462a0478b0c779bd6d170645efe98feb5ffcacf52010e + checksum/configuration: 0b3ee539fc9f10b911b7c8df1ad9dd268ff499d8b465378bc9b66699424d622d checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1407,7 +1410,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 15c81ab2a1897ff8695808087385766accafd54576f22a85773047617ee892cb + checksum/secret: 0918d405038ca24be8d685294ff2bba76ce79d7effd91f54b0b6058bbed28073 labels: app: docker-registry release: flyte-sandbox @@ -1736,7 +1739,7 @@ spec: - command: - pyflyte - serve - image: ghcr.io/flyteorg/flyteagent:1.8.3 + image: ghcr.io/flyteorg/flyteagent:1.9.1 imagePullPolicy: IfNotPresent name: flyteagent ports: diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 26ec680c0c..9052fbe208 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -472,6 +472,9 @@ data: insecure: true timeouts: GetTask: 10s + supportedTaskTypes: + - custom_task_type + - default_task 002-database.yaml: | database: postgres: @@ -803,7 +806,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: bzd6QlVrSG9ya1c0MUxBWg== + haSharedSecret: b1VZcTk3TmJJVzVxYnVkQg== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1201,7 +1204,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 91f9c46efb44022473a71c6c25bc6ef20190610644a48f81a9c0e1ae01c2a73d + checksum/configuration: 0b3ee539fc9f10b911b7c8df1ad9dd268ff499d8b465378bc9b66699424d622d checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1364,7 +1367,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: c60195b739184d9ad0f4dd231ec9b2bdbedcbc835c4651806c1fa32d29279994 + checksum/secret: b7aa313e69b7363aa5adac288a3545016d13626a41cef3f71edd47a3d81021c2 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 164a867eb7..6b2a5d29eb 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: S3hhYmcwb1E0enNmZXpHQw== + haSharedSecret: NDFacXpCN1pVTXJFM3JQMQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 32e8e4864e56d8e05e03763b1e04dc6c1821c30c5079087b39a02c1348560d34 + checksum/secret: 068846f8216674aff2a23096866e8284719e390e06950100961d0b97cca58e8d labels: app: docker-registry release: flyte-sandbox From db5adb1a5ed6838a6f39e18d6b9dcc5482fe68c4 Mon Sep 17 00:00:00 2001 From: Future Outlier Date: Sat, 7 Oct 2023 14:01:53 +0800 Subject: [PATCH 12/12] update key value Signed-off-by: Future Outlier --- charts/flyte-binary/README.md | 3 +-- charts/flyte-binary/values.yaml | 2 -- .../flyte_sandbox_binary_helm_generated.yaml | 3 +-- docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go | 7 +++---- docker/sandbox-bundled/manifests/complete-agent.yaml | 7 +++---- docker/sandbox-bundled/manifests/complete.yaml | 7 +++---- docker/sandbox-bundled/manifests/dev.yaml | 4 ++-- 7 files changed, 13 insertions(+), 20 deletions(-) diff --git a/charts/flyte-binary/README.md b/charts/flyte-binary/README.md index 98badb3799..d6d9a3bb6a 100644 --- a/charts/flyte-binary/README.md +++ b/charts/flyte-binary/README.md @@ -25,8 +25,7 @@ Chart for basic single Flyte executable deployment | configuration.agentService.defaultAgent.endpoint | string | `"dns:///flyteagent.flyte.svc.cluster.local:8000"` | | | configuration.agentService.defaultAgent.insecure | bool | `true` | | | configuration.agentService.defaultAgent.timeouts.GetTask | string | `"10s"` | | -| configuration.agentService.supportedTaskTypes[0] | string | `"custom_task_type"` | | -| configuration.agentService.supportedTaskTypes[1] | string | `"default_task"` | | +| configuration.agentService.supportedTaskTypes[0] | string | `"default_task"` | | | configuration.annotations | object | `{}` | | | configuration.auth.authorizedUris | list | `[]` | | | configuration.auth.clientSecretsExternalSecretRef | string | `""` | | diff --git a/charts/flyte-binary/values.yaml b/charts/flyte-binary/values.yaml index 01d4efae2a..84ffe00112 100644 --- a/charts/flyte-binary/values.yaml +++ b/charts/flyte-binary/values.yaml @@ -160,9 +160,7 @@ configuration: defaultTimeout: 10s # Uncomment and modify to include configuration for Flyte Agent supportedTaskTypes: - - custom_task_type - default_task - # defaultGrpcEndpoint: agent-service.agent-namespace:8000 # externalConfigMap Specify an existing, external ConfigMap to use as configuration for Flyte # If set, no Flyte configuration will be generated by this chart externalConfigMap: "" diff --git a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml index b0aac878dd..bb5e0cd675 100644 --- a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml +++ b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml @@ -131,7 +131,6 @@ data: timeouts: GetTask: 10s supportedTaskTypes: - - custom_task_type - default_task 002-database.yaml: | database: @@ -368,7 +367,7 @@ spec: app.kubernetes.io/instance: flyte app.kubernetes.io/component: flyte-binary annotations: - checksum/configuration: ca166b824b050aad2cc47d8250af2ea34163c5cacf4a3d43885a6d938a47d26f + checksum/configuration: d220769393e7acbe0372fdccbf3d588797864ec934661f08912e88ec084cdfde checksum/configuration-secret: d5d93f4e67780b21593dc3799f0f6682aab0765e708e4020939975d14d44f929 checksum/cluster-resource-templates: 7dfa59f3d447e9c099b8f8ffad3af466fecbc9cf9f8c97295d9634254a55d4ae spec: diff --git a/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go b/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go index 949fb7f657..6afee0e82c 100644 --- a/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go +++ b/docker/sandbox-bundled/bootstrap/cmd/bootstrap/main.go @@ -17,7 +17,7 @@ const ( clusterResourceTemplatesConfigMapName = "flyte-sandbox-extra-cluster-resource-templates" deploymentName = "flyte-sandbox" devModeEnvVar = "FLYTE_DEV" - completeAgentModeEnvVar = "FLYTE_COMPLETE_AGENT" + disableAgentModeEnvVar = "DISABLE_AGENT" dockerHost = "host.docker.internal" namespace = "flyte" @@ -37,9 +37,8 @@ func main() { } else { // If we are not running in dev mode, look for user-specified configuration // to load into the sandbox deployment - if os.Getenv(completeAgentModeEnvVar) == "True" { - tmplPath = fullAgentTemplatePath - } else { + tmplPath = fullAgentTemplatePath + if os.Getenv(disableAgentModeEnvVar) == "True" { tmplPath = fullTemplatePath } diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 4c4eb1f03c..b18c5ac84e 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -484,7 +484,6 @@ data: timeouts: GetTask: 10s supportedTaskTypes: - - custom_task_type - default_task 002-database.yaml: | database: @@ -817,7 +816,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: R3N1WE9Zc2YxR0VjNEFYWQ== + haSharedSecret: R2JRWFVRYThnRFVLbHpuSA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1247,7 +1246,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 0b3ee539fc9f10b911b7c8df1ad9dd268ff499d8b465378bc9b66699424d622d + checksum/configuration: b765a68950c83acd0c069dac2a6569cf2b0f0f76a2760eea3561d1d04d6be831 checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1410,7 +1409,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 0918d405038ca24be8d685294ff2bba76ce79d7effd91f54b0b6058bbed28073 + checksum/secret: 0ee1553aec7c03152a0a44e7b1a82985795774412a779f7b607a57e59f42c8ef labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 9052fbe208..d7f6e8b0cc 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -473,7 +473,6 @@ data: timeouts: GetTask: 10s supportedTaskTypes: - - custom_task_type - default_task 002-database.yaml: | database: @@ -806,7 +805,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: b1VZcTk3TmJJVzVxYnVkQg== + haSharedSecret: d1l6eWRCOXBJcFhiNEo5QQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1204,7 +1203,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: 0b3ee539fc9f10b911b7c8df1ad9dd268ff499d8b465378bc9b66699424d622d + checksum/configuration: b765a68950c83acd0c069dac2a6569cf2b0f0f76a2760eea3561d1d04d6be831 checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1367,7 +1366,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: b7aa313e69b7363aa5adac288a3545016d13626a41cef3f71edd47a3d81021c2 + checksum/secret: 2f5b6d46fd3276b5b25c8a537298beb6943b13b0b21900db8b2da23e166f0593 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 6b2a5d29eb..4f3f0592e8 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: NDFacXpCN1pVTXJFM3JQMQ== + haSharedSecret: UkFsUVRMRndZeTNJUVNFSA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -933,7 +933,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 068846f8216674aff2a23096866e8284719e390e06950100961d0b97cca58e8d + checksum/secret: 25a046ef1aaf34ffb59f7b92554e1cfd0015b9a11f7f165ce06bba31e3bced1b labels: app: docker-registry release: flyte-sandbox