Initial the codes of fate-operator (kubeflow#7)

* Add LaynePeng as fate-operator project owner.

Signed-off-by: Layne Peng <[email protected]>

* Add readme file to introduce the project.

Signed-off-by: Layne Peng <[email protected]>

* fate-operator WIP version.

Signed-off-by: Layne Peng <[email protected]>

Author: LaynePeng

.gitignore

@@ -0,0 +1,17 @@
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+*.idea
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+bin/

Dockerfile

@@ -0,0 +1,27 @@
+# Build the manager binary
+FROM golang:1.13 as builder
+
+WORKDIR /workspace
+# Copy the Go Modules manifests
+COPY go.mod go.mod
+COPY go.sum go.sum
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN go mod download
+
+# Copy the go source
+COPY main.go main.go
+COPY api/ api/
+COPY controllers/ controllers/
+
+# Build
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go
+
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+FROM gcr.io/distroless/static:nonroot
+WORKDIR /
+COPY --from=builder /workspace/manager .
+USER nonroot:nonroot
+
+ENTRYPOINT ["/manager"]

Makefile

@@ -0,0 +1,80 @@
+
+# Image URL to use all building/pushing image targets
+IMG ?= federatedai/fate-controller:latest
+# Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
+CRD_OPTIONS ?= "crd:trivialVersions=true"
+
+# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
+ifeq (,$(shell go env GOBIN))
+GOBIN=$(shell go env GOPATH)/bin
+else
+GOBIN=$(shell go env GOBIN)
+endif
+
+all: manager
+
+# Run tests
+test: generate fmt vet manifests
+	go test ./... -coverprofile cover.out
+
+# Build manager binary
+manager: generate fmt vet
+	go build -o bin/manager main.go
+
+# Run against the configured Kubernetes cluster in ~/.kube/config
+run: generate fmt vet manifests
+	go run ./main.go
+
+# Install CRDs into a cluster
+install: manifests
+	kustomize build config/crd | kubectl apply -f -
+
+# Uninstall CRDs from a cluster
+uninstall: manifests
+	kustomize build config/crd | kubectl delete -f -
+
+# Deploy controller in the configured Kubernetes cluster in ~/.kube/config
+deploy: manifests
+	cd config/manager && kustomize edit set image controller=${IMG}
+	kustomize build config/default | kubectl apply -f -
+
+# Generate manifests e.g. CRD, RBAC etc.
+manifests: controller-gen
+	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
+
+# Run go fmt against code
+fmt:
+	go fmt ./...
+
+# Run go vet against code
+vet:
+	go vet ./...
+
+# Generate code
+generate: controller-gen
+	$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."
+
+# Build the docker image
+docker-build: test
+	docker build . -t ${IMG}
+
+# Push the docker image
+docker-push:
+	docker push ${IMG}
+
+# find or download controller-gen
+# download controller-gen if necessary
+controller-gen:
+ifeq (, $(shell which controller-gen))
+	@{ \
+	set -e ;\
+	CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
+	cd $$CONTROLLER_GEN_TMP_DIR ;\
+	go mod init tmp ;\
+	go get sigs.k8s.io/controller-tools/cmd/[email protected] ;\
+	rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
+	}
+CONTROLLER_GEN=$(GOBIN)/controller-gen
+else
+CONTROLLER_GEN=$(shell which controller-gen)
+endif

PROJECT

@@ -0,0 +1,13 @@
+domain: kubefate.net
+repo: fate-operator
+resources:
+- group: app
+  kind: FateJob
+  version: v1beta1
+- group: app
+  kind: FateCluster
+  version: v1beta1
+- group: app
+  kind: Kubefate
+  version: v1beta1
+version: "2"

README.md

@@ -1,9 +1,11 @@
 # fate-operator: Kubernetes Operator for FATE (Federated AI Technology Enabler)
 ## Overview
 
-**fate-operator will be ready soon.**
+The FATE-Operator makes it easy to deploy and run federated machine learning (FML) jobs on Kubernetes. It is a early version, all suggestions and feature requests are valueables for us. Raising issues is appreciate. 
 
-All suggestions are welcome. If you willing to disucss fedearted machine learning or know anything about this project, raise issue or email me: [email protected]
+## Background
+
+FML is a machine learning setting where many clients (e.g. mobile devices or organizations) collaboratively train a model under the coordination of a central server while keeping the training data decentralized. Only the encrypted mediate parameters are exchanged between clients with MPC or homomorphic encryption.
 
 ## Background
 
@@ -20,6 +22,65 @@ More technologies of Federated machine learning, please refer to [Reference sect
 
 **The design proposal of fate-operator can be found in [kubeflow/community/fate-operator-proposal.md](https://github.com/kubeflow/community/blob/master/proposals/fate-operator-proposal.md).**
 
+## Quick user guide
+
+### Installation
+The fate-operator can be installed by following steps.
+
+#### Install CRDs to Kubernetes
+```bash
+$ make install 
+```
+
+#### Uninstall CRDs from Kubernetes
+```bash
+$ make uninstall 
+```
+
+#### Building controller images
+The Docker images are built and pushed to Dockerhub. 
+[fate-operator](https://hub.docker.com/r/federatedai/fate-controller)
+
+Alternatively, we can build the images manually by commands,
+```bash
+$ make docker-build
+```
+
+#### Deploying controller
+```bash
+$ make deploy
+```
+
+### Deploying KubeFATE
+KubeFATE is the infrastructure management service for multiple FATE clusters in one organization. It will only deploy once. To deploy a KubeFATE service, we use the YAML refer to [app_v1beta1_kubefate.yaml](./config/samples/app_v1beta1_kubefate.yaml) as an example,
+
+```bash
+$ kubectl create -f ./config/samples/app_v1beta1_kubefate.yaml
+```
+
+### Deploying FATE
+FATE is the cluster we run FML jobs. To deploy a FATE cluster, we use YAML refer to [app_v1beta1_fatecluster.yaml](./config/samples/app_v1beta1_fatecluster.yaml) as an example,
+```bash
+$ kubectl create -f ./config/samples/app_v1beta1_fatecluster.yaml
+```
+
+### Submitting an FML Job
+Once KubeFATE and FATE cluster deployed, we can submit a FML job with `FateJob` config file. In current version, the FATE Job is defined by `DSL pipeline` and `Module Config` two parts. The details refer to [app_v1beta1_fatejob.yaml](./config/samples/app_v1beta1_fatejob.yaml). 
+```bash
+kubectl create -f ./config/samples/app_v1beta1_fatejob.yaml
+```
+In this example, only a `secure add` operation will be processed. For more example, we can refer to [FATE Examples](https://github.com/FederatedAI/FATE/tree/master/examples/federatedml-1.x-examples). In each example, the files end with `_dsl`, e.g. https://github.com/FederatedAI/FATE/blob/master/examples/federatedml-1.x-examples/hetero_linear_regression/test_hetero_linr_cv_job_dsl.json is the job pipeline and what should be put in `pipeline` field; and the files end with `_conf`, e.g. https://github.com/FederatedAI/FATE/blob/master/examples/federatedml-1.x-examples/hetero_linear_regression/test_hetero_linr_cv_job_conf.json is the config of each components and what should be put in `modulesConf` field.
+
+### Checking created resource status
+The status of created resource can be monitor with `kubectl get` command,
+```bash
+$ kubectl get kubefate,fatecluster,fatejob -A -o yaml
+```
+
+## Reference
+1. Qiang Yang, Yang Liu, Tianjian Chen, and Yongxin Tong. Federated machine learning: Concept and applications. CoRR, abs/1902.04885, 2019. URL http://arxiv.org/abs/1902.04885
+2. Peter Kairouz et al. Advances and open problems in federated learning. arXiv preprint arXiv:1912.04977
+
 ## Reference
 1. Qiang Yang, Yang Liu, Tianjian Chen, and Yongxin Tong. Federated machine learning: Concept and applications. CoRR, abs/1902.04885, 2019. URL http://arxiv.org/abs/1902.04885
-2. Peter Kairouz et al. Advances and open problems in federated learning. arXiv preprint arXiv:1912.04977
+2. Peter Kairouz et al. Advances and open problems in federated learning. arXiv preprint arXiv:1912.04977

api/v1beta1/fatecluster_types.go

@@ -0,0 +1,154 @@
+/*
+ * Copyright 2019-2020 VMware, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * you may obtain a copy of the License at
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package v1beta1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// FateClusterSpec defines the desired state of FateCluster
+type FateClusterSpec struct {
+	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+
+	ClusterSpec *ClusterSpec           `json:"clusterSpec,omitempty"`
+	Kubefate    KubefateNamespacedName `json:"kubefate,omitempty"`
+	ClusterData string                 `json:"clusterData,omitempty"`
+}
+
+type KubefateNamespacedName struct {
+	Name      string `json:"name,omitempty"`
+	Namespace string `json:"namespace,omitempty"`
+}
+
+// FateClusterStatus defines the observed state of FateCluster
+type FateClusterStatus struct {
+	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+	Status            string `json:"status,omitempty"`
+	KubefateJobId     string `json:"jobId,omitempty"`
+	KubefateClusterId string `json:"clusterId,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:printcolumn:name="PartyId",type=string,JSONPath=`.spec.clusterSpec.partyId`
+// +kubebuilder:printcolumn:name="status",type=string,JSONPath=`.status.status`
+
+// FateCluster is the Schema for the fateclusters API
+type FateCluster struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   FateClusterSpec   `json:"spec,omitempty"`
+	Status FateClusterStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// FateClusterList contains a list of FateCluster
+type FateClusterList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []FateCluster `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&FateCluster{}, &FateClusterList{})
+}
+
+type Istio struct {
+	Enabled bool `json:"enabled,omitempty"`
+}
+
+type Exchange struct {
+	IP   string `json:"ip,omitempty"`
+	Port int32  `json:"port,omitempty"`
+}
+
+type PartyList struct {
+	PartyID   int32  `json:"partyId,omitempty"`
+	PartyIP   string `json:"partyIp,omitempty"`
+	PartyPort int32  `json:"partyPort,omitempty"`
+}
+
+type NodeSelector struct {
+}
+
+type Rollsite struct {
+	Type         string       `json:"type,omitempty"`
+	NodePort     int32        `json:"nodePort,omitempty"`
+	Exchange     Exchange     `json:"exchange,omitempty"`
+	PartyList    []PartyList  `json:"partyList,omitempty"`
+	NodeSelector NodeSelector `json:"nodeSelector,omitempty"`
+}
+
+type List struct {
+	Name                     string       `json:"name,omitempty"`
+	NodeSelector             NodeSelector `json:"nodeSelector,omitempty"`
+	SessionProcessorsPerNode int32        `json:"sessionProcessorsPerNode,omitempty"`
+	SubPath                  string       `json:"subPath,omitempty"`
+	ExistingClaim            string       `json:"existingClaim,omitempty"`
+	StorageClass             string       `json:"storageClass,omitempty"`
+	AccessMode               string       `json:"accessMode,omitempty"`
+	Size                     string       `json:"size,omitempty"`
+}
+
+type Nodemanager struct {
+	Count                    int32  `json:"count,omitempty"`
+	SessionProcessorsPerNode int32  `json:"sessionProcessorsPerNode"`
+	List                     []List `json:"list,omitempty"`
+}
+
+type Python struct {
+	FateflowType     string `json:"fateflowType,omitempty"`
+	FateflowNodePort int32  `json:"fateflowNodePort,omitempty"`
+	// +kubebuilder:default:={}
+	NodeSelector NodeSelector `json:"nodeSelector,omitempty"`
+}
+
+type Mysql struct {
+	NodeSelector  NodeSelector `json:"nodeSelector,omitempty"`
+	IP            string       `json:"ip,omitempty"`
+	Port          int32        `json:"port,omitempty"`
+	Database      string       `json:"database,omitempty"`
+	User          string       `json:"user,omitempty"`
+	Password      string       `json:"password,omitempty"`
+	SubPath       string       `json:"subPath,omitempty"`
+	ExistingClaim string       `json:"existingClaim,omitempty"`
+	StorageClass  string       `json:"storageClass,omitempty"`
+	AccessMode    string       `json:"accessMode,omitempty"`
+	Size          string       `json:"size,omitempty"`
+}
+type ClusterSpec struct {
+	Name         string      `json:"name,omitempty"`
+	Namespace    string      `json:"namespace,omitempty"`
+	ChartName    string      `json:"chartName"`
+	ChartVersion string      `json:"chartVersion"`
+	PartyID      int32       `json:"partyId"`
+	Registry     string      `json:"registry,omitempty"`
+	PullPolicy   string      `json:"pullPolicy,omitempty"`
+	Persistence  bool        `json:"persistence,omitempty"`
+	Istio        Istio       `json:"istio,omitempty"`
+	Modules      []string    `json:"modules,omitempty"`
+	Rollsite     Rollsite    `json:"rollsite,omitempty"`
+	Nodemanager  Nodemanager `json:"nodemanager"`
+	Python       Python      `json:"python,omitempty"`
+	Mysql        Mysql       `json:"mysql,omitempty"`
+	ServingIP    string      `json:"servingIp,omitempty"`
+	ServingPort  int32       `json:"servingPort,omitempty"`
+}