add ability to choose ingress creation for Kserve RawDeployment #1230
Conversation
|
Skipping CI for Draft Pull Request. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: zdtsw The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
i put this on hold because of the dependent PRs are not merged yet. |
VedantMahabaleshwarkar
force-pushed
the
j-10291
branch
from
540e23d
to
0f1a36c
Compare
|
New changes are detected. LGTM label has been removed. |
VedantMahabaleshwarkar
changed the title
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## incubation #1230 +/- ##
=============================================
Coverage ? 18.91%
=============================================
Files ? 30
Lines ? 2670
Branches ? 0
=============================================
Hits ? 505
Misses ? 2103
Partials ? 62 ☔ View full report in Codecov by Sentry. |
VedantMahabaleshwarkar
force-pushed
the
j-10291
branch
2 times, most recently
from
49da6af
to
37122a5
Compare
bundle/manifests/datasciencecluster.opendatahub.io_datascienceclusters.yaml
Outdated
Show resolved
Hide resolved
| @@ -25,18 +25,22 @@ const ( | |||
| func (k *Kserve) setupKserveConfig(ctx context.Context, cli client.Client, logger logr.Logger, dscispec *dsciv1.DSCInitializationSpec) error { | |||
| // as long as Kserve.Serving is not 'Removed', we will setup the dependencies | |||
|
|
|||
| var defaultDeploymentMode DefaultDeploymentMode | |||
| var disableIngressCreation bool | |||
There was a problem hiding this comment.
The name is misleading since it states disable but can mean both yes and no. It should be isDisable or something which indicates it's a flag (only variable name in the code).
There was a problem hiding this comment.
I agree that the name is confusing but since this variable is setting the field ingress["disableIngressCreation"] that is why I named it to match.
There was a problem hiding this comment.
Then it should be something like disableIngressCreationValue
| @@ -25,18 +25,22 @@ const ( | |||
| func (k *Kserve) setupKserveConfig(ctx context.Context, cli client.Client, logger logr.Logger, dscispec *dsciv1.DSCInitializationSpec) error { | |||
| // as long as Kserve.Serving is not 'Removed', we will setup the dependencies | |||
|
|
|||
| var defaultDeploymentMode DefaultDeploymentMode | |||
There was a problem hiding this comment.
Since it selects mode from default to Serverless, the name may be misleading. Probably, it is developmentMode now? I do not remember details where the default mode can be changed, so ignore if I'm wrong.
There was a problem hiding this comment.
the field is called deploymentMode in Kserve so we are keeping the terminology consistent. The options for deploymentMode are RawDeployment or Serverless
There was a problem hiding this comment.
So, you confirmed that variable defaultDeploymentMode should be called deploymentMode.
components/kserve/kserve.go
Outdated
| @@ -54,6 +54,8 @@ type Kserve struct { | |||
| // This field is optional. If no default deployment mode is specified, Kserve will use Serverless mode. | |||
| // +kubebuilder:validation:Enum=Serverless;RawDeployment | |||
| DefaultDeploymentMode DefaultDeploymentMode `json:"defaultDeploymentMode,omitempty"` | |||
| // +kubebuilder:validation:Type:bool | |||
| DisableIngressCreation bool `json:"disableIngressCreation,omitempty"` | |||
There was a problem hiding this comment.
As per the Open Shift API guidelines, boolean should be avoided if not strictly necessary.
To follow other conventions, eventually this option could be defined as an enum, like ingress: Managed|Unmanaged with its default value set of Managed, which to me seems to be more clear and avoid using negative names
There was a problem hiding this comment.
Changed it to be a enum
…et cluster domain Signed-off-by: Vedant Mahabaleshwarkar <[email protected]>
VedantMahabaleshwarkar
force-pushed
the
j-10291
branch
from
37122a5
to
9ed325b
Compare
Signed-off-by: Vedant Mahabaleshwarkar <[email protected]>
| // Removed: Route creation is disabled globally. In this configuration it is not possible for an individual | ||
| // InferenceService to opt in to having a Route created automatically. | ||
| // +kubebuilder:validation:Enum=Managed;Removed | ||
| RawRouteCreation operatorv1.ManagementState `json:"rawRouteCreation,omitempty"` |
There was a problem hiding this comment.
Maybe, expose the configuration with the same name as in our ConfigMap? I'm not seeing beneficial renaming it.
There was a problem hiding this comment.
The suggestion was made here,
disclaimer: I don't have any strong opinion.
There was a problem hiding this comment.
Well... we already started by using the same name with defaultDeploymentMode one. So, I'd simply lean towards using the same names as in the ConfigMap.
Additionally, sometimes we recommend manually modifying our ConfigMap. So, having a different name than in the ConfigMap will be confusing.
But yes, I think it is quite unfortunate that KServe project is using booleans, while OpenShift recommendation is to not use them.
There was a problem hiding this comment.
Additionally, sometimes we recommend manually modifying our ConfigMap. So, having a different name than in the ConfigMap will be confusing.
What would be the expected behavior in this case ? I think that if we make such option visible through the platform APIs, then the config map should not be touched by the end user otherwise it would become very confusing (IMHO)
There was a problem hiding this comment.
Typically, the ConfigMap is going to be rolled back by the operator. So, in the default state, it is true that the user cannot touch the ConfigMap.
If the users needs to do manual changes, a special annotation is required: opendatahub.io/managed. With the annotation, the operator will no longer touch the ConfigMap and these fields in the DSC will be useless. Even upgrades won't receive the updated manifests. Currently, docs do not mention the annotation, so IMO this is only for special cases. I do agree that having two ways of configuration is confusing.
I do not know what are the future plans around the annotation, TBH. I simply know that if we ever document it, we will need to maintain in our docs what's our supported ConfigMap, and what we support users from modifying.
There was a problem hiding this comment.
@danielezonca @terrytangyuan any thoughts here? my initial preference was to match the upstream configmap but then we'd be violating openshift API guidelines. I don't have a strong preference either way right now
| } | ||
| ingressData["ingressDomain"] = clusterDomain |
There was a problem hiding this comment.
I'd think that we should always ensure that the domain is correctly configured. So, probably this should be outside the if.
| @@ -25,18 +25,18 @@ const ( | |||
| func (k *Kserve) setupKserveConfig(ctx context.Context, cli client.Client, logger logr.Logger, dscispec *dsciv1.DSCInitializationSpec) error { | |||
| // as long as Kserve.Serving is not 'Removed', we will setup the dependencies | |||
|
|
|||
| defaultDeploymentMode := k.DefaultDeploymentMode | |||
There was a problem hiding this comment.
In reality, this is changing the outcome and doesn't look right.
Previously
- When Knative is available:
- If the user does not specify a default deployment mode:
- We configure Serverless as the default mode.
- We enable creation of the ingress.
- If the user specifies a default mode:
- We respect the user specified default deployment mode.
- We disable creation of the ingress if the user specified Raw. Otherwise, we enable it.
- If the user does not specify a default deployment mode:
- When Knative is NOT available:
- If the user does not specify a default deployment mode:
- We configure Raw as the default mode.
- We disable creation of the ingress.
- If the user specifies a default mode:
- If the user specified Serverless as default mode, we stop reconciliation with an error.
- Because of the previous, the user can only specify Raw. So, we use Raw.
- We disable creation of the ingress.
- If the user does not specify a default deployment mode:
Now
- When Knative is available:
- If the user does not specify a default deployment mode:
- We configure Serverless as the default mode.
- We disable the ingress if the user didn't specify a config. Otherwise, we use the user config.
- The default is different from the previous state, as there is no conditional.
- If the user specifies a default mode:
- We respect the user specified default deployment mode.
- We disable the ingress if the user didn't specify a config. Otherwise, we use the user config.
- The default is different from the previous state, as there is no conditional.
- If the user does not specify a default deployment mode:
- When Knative is NOT available:
- If the user does not specify a default deployment mode:
- We take Serverless as the default mode. Then, we return an error with our own default.
- This is quite wrong, IMO.
- We take Serverless as the default mode. Then, we return an error with our own default.
- If the user specifies a default mode:
- If the user specified Serverless as default mode, we stop reconciliation with an error.
- Because of the previous, the user can only specify Raw. So, we use Raw.
- We disable the ingress if the user didn't specify a config. Otherwise, we use the user config.
- This one looks OK.
- If the user does not specify a default deployment mode:
Generally speaking, any upgrade of a previous install will receive an updated config which, IMO, shouldn't happen. We should be backwards compatible here.
| defaultDeploymentMode = Serverless | ||
| } | ||
| disableIngressCreation := true | ||
| if k.RawRouteCreation == operatorv1.Managed { |
There was a problem hiding this comment.
what would happen(assume the new field is called "rawRouteCreation" for now) , when user set
kserve:
managementState: Managed
defaultDeploymentMode: RawDeployment
rawRouteCreation: Removed
serving:
ingressGateway:
certificate:
type: OpenshiftDefaultIngress
managementState: Managed
name: knative-serving
Description
Fixes : https://issues.redhat.com/browse/RHOAIENG-10291
disableIngressCreationflag ininferenceservice-configtruedisableIngressCreation. Default is true, if user has set a value then that value will be used.ingressDomainininferenceservice-configto the clusterDomainMerge after opendatahub-io/odh-model-controller#274 and opendatahub-io/kserve#419
How Has This Been Tested?
Deploy custom operator+kserve+odh-model-controller:
Using custom fork+branch to be able to apply the CRD changes along with the custom operator image
--
git clone [email protected]:VedantMahabaleshwarkar/opendatahub-operator.git--
cd opendatahub-operator--
git checkout origin/j-10291--
make deploy -e IMG=quay.io/vedantm/opendatahub-operator:latest -e OPERATOR_NAMESPACE=opendatahub-operator-systemTo test Inference with auth:
-- Create any kserve isvc+SR
-- isvc should have annotation :
"serving.kserve.io/deploymentMode" : RawDeployment-- isvc should have label:
"networking.kserve.io/odh-auth": "true"To test Inference without auth:
-- remove isvc label
"networking.kserve.io/odh-auth": "true"To test disabling route for a particular ISVC
-- Create any kserve isvc+SR
-- isvc should have annotation :
"serving.kserve.io/deploymentMode" : RawDeployment-- isvc should have label :
"networking.kserve.io/visibility": "cluster-local"Screenshot or short clip
Merge criteria