From 1523e156c531b8268c754e2d13dcd8cfcceca84c Mon Sep 17 00:00:00 2001 From: Ryan Lo Date: Sun, 10 Mar 2024 14:07:59 +0800 Subject: [PATCH 1/2] remove kustomize Signed-off-by: Ryan Lo --- .github/workflows/generate_flyte_manifest.yml | 6 - .github/workflows/tests.yml | 10 - Makefile | 4 - deployment/eks/flyte_generated.yaml | 9526 ---------------- deployment/gcp/flyte_generated.yaml | 9553 ----------------- deployment/sandbox/flyte_generated.yaml | 3965 ------- kustomize/README.md | 13 - kustomize/base/README.md | 19 - .../base/addons/cloudsqlproxy/deployment.yaml | 26 - .../addons/cloudsqlproxy/kustomization.yaml | 3 - .../base/addons/cloudsqlproxy/service.yaml | 12 - .../kustomization.yaml | 4 - .../contour_ingress_controller/service.yaml | 14 - kustomize/base/addons/database/database.yaml | 41 - .../base/addons/database/kustomization.yaml | 2 - .../clusterrolebinding.yaml | 12 - .../kubernetes_dashboard/deployment.yaml | 15 - .../kubernetes_dashboard/kustomization.yaml | 7 - .../addons/kubernetes_dashboard/service.yaml | 12 - kustomize/base/addons/redis/deployment.yaml | 59 - .../base/addons/redis/kustomization.yaml | 3 - kustomize/base/addons/redis/service.yaml | 16 - .../base/addons/storage/kustomization.yaml | 2 - kustomize/base/addons/storage/storage.yaml | 74 - .../base/admindeployment/auth_secret.yaml | 6 - .../admindeployment/clustersync/cron.yaml | 35 - .../clustersync/kustomization.yaml | 2 - .../base/admindeployment/deployment.yaml | 157 - .../base/admindeployment/kustomization.yaml | 4 - kustomize/base/admindeployment/service.yaml | 25 - .../adminserviceaccount.yaml | 50 - .../adminserviceaccount/kustomization.yaml | 2 - kustomize/base/console/configmap.yaml | 10 - kustomize/base/console/deployment.yaml | 38 - kustomize/base/console/kustomization.yaml | 4 - kustomize/base/console/service.yaml | 14 - kustomize/base/datacatalog/deployment.yaml | 60 - kustomize/base/datacatalog/kustomization.yaml | 4 - kustomize/base/datacatalog/rbac.yaml | 5 - kustomize/base/datacatalog/service.yaml | 24 - kustomize/base/ingress/ingress.yaml | 193 - kustomize/base/ingress/kustomization.yaml | 5 - kustomize/base/namespace/kustomization.yaml | 2 - kustomize/base/namespace/namespace.yaml | 4 - kustomize/base/operators/README.md | 1 - .../kfoperators/namespace/kustomization.yaml | 2 - .../kfoperators/namespace/namespace.yaml | 4 - .../kfoperators/pytorch/kustomization.yaml | 4 - .../kfoperators/tensorflow/kustomization.yaml | 4 - .../operators/sagemaker/kustomization.yaml | 4 - .../base/operators/spark/deployment.yaml | 51 - .../base/operators/spark/kustomization.yaml | 15 - .../spark/scheduledsparkapplications-crd.yaml | 3762 ------- .../base/operators/spark/spark-operator.yaml | 56 - .../spark/sparkapplications-crd.yaml | 3771 ------- kustomize/base/operators/spark/webhook.yaml | 36 - kustomize/base/pod_webhook/deployment.yaml | 83 - kustomize/base/pod_webhook/kustomization.yaml | 5 - kustomize/base/pod_webhook/rbac.yaml | 42 - kustomize/base/pod_webhook/secret.yaml | 6 - kustomize/base/pod_webhook/service.yaml | 20 - kustomize/base/propeller/auth_secret.yaml | 8 - kustomize/base/propeller/deployment.yaml | 60 - kustomize/base/propeller/kustomization.yaml | 4 - kustomize/base/propeller/rbac.yaml | 89 - .../base/schedulerdeployment/configmap.yaml | 31 - .../base/schedulerdeployment/deployment.yaml | 72 - .../schedulerdeployment/kustomization.yaml | 3 - kustomize/base/single_cluster/README.md | 15 - .../base/single_cluster/complete/README.md | 7 - .../complete/kustomization.yaml | 17 - .../base/single_cluster/headless/README.md | 9 - .../config/admin/cluster_resources.yaml | 19 - .../headless/config/admin/db.yaml | 10 - .../headless/config/admin/domain.yaml | 7 - .../headless/config/admin/server.yaml | 43 - .../config/admin/task_resource_defaults.yaml | 10 - .../aa_namespace.yaml | 7 - .../ab_project-resource-quota.yaml | 10 - .../headless/config/common/logger.yaml | 4 - .../headless/config/common/storage.yaml | 6 - .../headless/config/console/console.yaml | 3 - .../headless/config/datacatalog/db.yaml | 10 - .../headless/config/datacatalog/server.yaml | 6 - .../headless/config/propeller/admin.yaml | 7 - .../headless/config/propeller/catalog.yaml | 4 - .../headless/config/propeller/core.yaml | 36 - .../config/propeller/enabled_plugins.yaml | 8 - .../config/propeller/plugins/copilot.yaml | 6 - .../config/propeller/plugins/k8s.yaml | 7 - .../config/propeller/resource_manager.yaml | 7 - .../headless/kustomization.yaml | 63 - kustomize/base/wf_crd/kustomization.yaml | 2 - kustomize/base/wf_crd/wf_crd.yaml | 28 - kustomize/overlays/README.md | 7 - kustomize/overlays/eks/README.md | 73 - .../overlays/eks/flyte/admin/deployment.yaml | 15 - .../overlays/eks/flyte/admin/service.yaml | 28 - .../eks/flyte/admin/serviceaccount.yaml | 8 - .../overlays/eks/flyte/config/admin/db.yaml | 7 - .../config/admin/task_resource_defaults.yaml | 10 - .../ad_spark-role.yaml | 24 - .../ae_spark-service-account.yaml | 5 - .../af_spark-role-binding.yaml | 14 - .../eks/flyte/config/common/storage.yaml | 17 - .../eks/flyte/config/datacatalog/db.yaml | 7 - .../eks/flyte/config/propeller/core.yaml | 40 - .../config/propeller/enabled_plugins.yaml | 15 - .../propeller/plugins/catalog_cache.yaml | 6 - .../flyte/config/propeller/plugins/k8s.yaml | 8 - .../config/propeller/plugins/qubole.yaml | 3 - .../flyte/config/propeller/plugins/spark.yaml | 20 - .../config/propeller/plugins/task_logs.yaml | 10 - .../overlays/eks/flyte/console/service.yaml | 23 - .../eks/flyte/datacatalog/deployment.yaml | 15 - .../eks/flyte/datacatalog/service.yaml | 15 - .../overlays/eks/flyte/ingress/README.md | 5 - .../overlays/eks/flyte/ingress/ingress.yaml | 157 - .../eks/flyte/ingress/ingress_grpc.yaml | 52 - .../eks/flyte/ingress/kustomization.yaml | 6 - .../overlays/eks/flyte/kustomization.yaml | 62 - .../eks/flyte/propeller/deployment.yaml | 15 - .../overlays/eks/flyte/propeller/service.yaml | 15 - .../eks/flyte/propeller/serviceaccount.yaml | 8 - kustomize/overlays/eks/kustomization.yaml | 51 - kustomize/overlays/gcp/README.md | 95 - .../overlays/gcp/flyte/admin/deployment.yaml | 15 - .../overlays/gcp/flyte/admin/service.yaml | 17 - .../overlays/gcp/flyte/config/admin/db.yaml | 6 - .../config/admin/task_resource_defaults.yaml | 10 - .../ad_spark-role.yaml | 24 - .../ae_spark-service-account.yaml | 5 - .../af_spark-role-binding.yaml | 14 - .../gcp/flyte/config/common/storage.yaml | 19 - .../gcp/flyte/config/datacatalog/db.yaml | 7 - .../gcp/flyte/config/propeller/core.yaml | 40 - .../config/propeller/enabled_plugins.yaml | 15 - .../propeller/plugins/catalog_cache.yaml | 6 - .../flyte/config/propeller/plugins/k8s.yaml | 8 - .../config/propeller/plugins/qubole.yaml | 3 - .../flyte/config/propeller/plugins/spark.yaml | 16 - .../config/propeller/plugins/task_logs.yaml | 10 - .../overlays/gcp/flyte/console/service.yaml | 19 - .../gcp/flyte/datacatalog/deployment.yaml | 15 - .../gcp/flyte/datacatalog/service.yaml | 15 - .../overlays/gcp/flyte/kustomization.yaml | 59 - .../gcp/flyte/propeller/deployment.yaml | 15 - .../overlays/gcp/flyte/propeller/service.yaml | 15 - kustomize/overlays/gcp/kustomization.yaml | 53 - kustomize/overlays/sandbox/README.md | 4 - .../sandbox/flyte/admin/deployment.yaml | 105 - .../sandbox/flyte/config/admin/db.yaml | 6 - .../config/admin/task_resource_defaults.yaml | 10 - .../ad_spark-role.yaml | 24 - .../ae_spark-service-account.yaml | 5 - .../af_spark-role-binding.yaml | 13 - .../sandbox/flyte/config/common/logger.yaml | 3 - .../sandbox/flyte/config/common/storage.yaml | 11 - .../sandbox/flyte/config/datacatalog/db.yaml | 6 - .../config/propeller/enabled_plugins.yaml | 10 - .../flyte/config/propeller/plugins/k8s.yaml | 8 - .../config/propeller/plugins/task_logs.yaml | 4 - .../config/propeller/resource_manager.yaml | 3 - .../overlays/sandbox/flyte/kustomization.yaml | 41 - .../flyte/propeller/webhook-secret.yaml | 10 - .../sandbox/flyte/propeller/webhook.yaml | 18 - kustomize/overlays/sandbox/kustomization.yaml | 55 - .../overlays/sandbox/nodeport-services.yaml | 51 - .../overlays/test/flyte/admin/deployment.yaml | 64 - .../overlays/test/flyte/config/admin/db.yaml | 6 - .../test/flyte/config/common/logger.yaml | 3 - .../test/flyte/config/common/storage.yaml | 11 - .../test/flyte/config/datacatalog/db.yaml | 6 - .../config/propeller/enabled_plugins.yaml | 10 - .../flyte/config/propeller/plugins/k8s.yaml | 8 - .../config/propeller/resource_manager.yaml | 3 - .../overlays/test/flyte/kustomization.yaml | 42 - kustomize/overlays/test/kustomization.yaml | 49 - script/generate_kustomize.sh | 42 - script/release.sh | 6 - 180 files changed, 34405 deletions(-) delete mode 100644 deployment/eks/flyte_generated.yaml delete mode 100644 deployment/gcp/flyte_generated.yaml delete mode 100644 deployment/sandbox/flyte_generated.yaml delete mode 100644 kustomize/README.md delete mode 100644 kustomize/base/README.md delete mode 100644 kustomize/base/addons/cloudsqlproxy/deployment.yaml delete mode 100644 kustomize/base/addons/cloudsqlproxy/kustomization.yaml delete mode 100644 kustomize/base/addons/cloudsqlproxy/service.yaml delete mode 100644 kustomize/base/addons/contour_ingress_controller/kustomization.yaml delete mode 100644 kustomize/base/addons/contour_ingress_controller/service.yaml delete mode 100644 kustomize/base/addons/database/database.yaml delete mode 100644 kustomize/base/addons/database/kustomization.yaml delete mode 100644 kustomize/base/addons/kubernetes_dashboard/clusterrolebinding.yaml delete mode 100644 kustomize/base/addons/kubernetes_dashboard/deployment.yaml delete mode 100644 kustomize/base/addons/kubernetes_dashboard/kustomization.yaml delete mode 100644 kustomize/base/addons/kubernetes_dashboard/service.yaml delete mode 100644 kustomize/base/addons/redis/deployment.yaml delete mode 100644 kustomize/base/addons/redis/kustomization.yaml delete mode 100644 kustomize/base/addons/redis/service.yaml delete mode 100644 kustomize/base/addons/storage/kustomization.yaml delete mode 100644 kustomize/base/addons/storage/storage.yaml delete mode 100644 kustomize/base/admindeployment/auth_secret.yaml delete mode 100644 kustomize/base/admindeployment/clustersync/cron.yaml delete mode 100644 kustomize/base/admindeployment/clustersync/kustomization.yaml delete mode 100644 kustomize/base/admindeployment/deployment.yaml delete mode 100644 kustomize/base/admindeployment/kustomization.yaml delete mode 100644 kustomize/base/admindeployment/service.yaml delete mode 100644 kustomize/base/adminserviceaccount/adminserviceaccount.yaml delete mode 100644 kustomize/base/adminserviceaccount/kustomization.yaml delete mode 100644 kustomize/base/console/configmap.yaml delete mode 100644 kustomize/base/console/deployment.yaml delete mode 100644 kustomize/base/console/kustomization.yaml delete mode 100644 kustomize/base/console/service.yaml delete mode 100644 kustomize/base/datacatalog/deployment.yaml delete mode 100644 kustomize/base/datacatalog/kustomization.yaml delete mode 100644 kustomize/base/datacatalog/rbac.yaml delete mode 100644 kustomize/base/datacatalog/service.yaml delete mode 100644 kustomize/base/ingress/ingress.yaml delete mode 100644 kustomize/base/ingress/kustomization.yaml delete mode 100644 kustomize/base/namespace/kustomization.yaml delete mode 100644 kustomize/base/namespace/namespace.yaml delete mode 100644 kustomize/base/operators/README.md delete mode 100644 kustomize/base/operators/kfoperators/namespace/kustomization.yaml delete mode 100644 kustomize/base/operators/kfoperators/namespace/namespace.yaml delete mode 100644 kustomize/base/operators/kfoperators/pytorch/kustomization.yaml delete mode 100644 kustomize/base/operators/kfoperators/tensorflow/kustomization.yaml delete mode 100644 kustomize/base/operators/sagemaker/kustomization.yaml delete mode 100644 kustomize/base/operators/spark/deployment.yaml delete mode 100644 kustomize/base/operators/spark/kustomization.yaml delete mode 100644 kustomize/base/operators/spark/scheduledsparkapplications-crd.yaml delete mode 100644 kustomize/base/operators/spark/spark-operator.yaml delete mode 100644 kustomize/base/operators/spark/sparkapplications-crd.yaml delete mode 100644 kustomize/base/operators/spark/webhook.yaml delete mode 100644 kustomize/base/pod_webhook/deployment.yaml delete mode 100644 kustomize/base/pod_webhook/kustomization.yaml delete mode 100644 kustomize/base/pod_webhook/rbac.yaml delete mode 100644 kustomize/base/pod_webhook/secret.yaml delete mode 100644 kustomize/base/pod_webhook/service.yaml delete mode 100644 kustomize/base/propeller/auth_secret.yaml delete mode 100644 kustomize/base/propeller/deployment.yaml delete mode 100644 kustomize/base/propeller/kustomization.yaml delete mode 100644 kustomize/base/propeller/rbac.yaml delete mode 100644 kustomize/base/schedulerdeployment/configmap.yaml delete mode 100644 kustomize/base/schedulerdeployment/deployment.yaml delete mode 100644 kustomize/base/schedulerdeployment/kustomization.yaml delete mode 100644 kustomize/base/single_cluster/README.md delete mode 100644 kustomize/base/single_cluster/complete/README.md delete mode 100644 kustomize/base/single_cluster/complete/kustomization.yaml delete mode 100644 kustomize/base/single_cluster/headless/README.md delete mode 100644 kustomize/base/single_cluster/headless/config/admin/cluster_resources.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/admin/db.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/admin/domain.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/admin/server.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/admin/task_resource_defaults.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/clusterresource-templates/aa_namespace.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/clusterresource-templates/ab_project-resource-quota.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/common/logger.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/common/storage.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/console/console.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/datacatalog/db.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/datacatalog/server.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/propeller/admin.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/propeller/catalog.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/propeller/core.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/propeller/enabled_plugins.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/propeller/plugins/copilot.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/propeller/plugins/k8s.yaml delete mode 100644 kustomize/base/single_cluster/headless/config/propeller/resource_manager.yaml delete mode 100644 kustomize/base/single_cluster/headless/kustomization.yaml delete mode 100644 kustomize/base/wf_crd/kustomization.yaml delete mode 100644 kustomize/base/wf_crd/wf_crd.yaml delete mode 100644 kustomize/overlays/README.md delete mode 100644 kustomize/overlays/eks/README.md delete mode 100644 kustomize/overlays/eks/flyte/admin/deployment.yaml delete mode 100644 kustomize/overlays/eks/flyte/admin/service.yaml delete mode 100644 kustomize/overlays/eks/flyte/admin/serviceaccount.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/admin/db.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/admin/task_resource_defaults.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/clusterresource-templates/ad_spark-role.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/clusterresource-templates/ae_spark-service-account.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/clusterresource-templates/af_spark-role-binding.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/common/storage.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/datacatalog/db.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/propeller/core.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/propeller/enabled_plugins.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/propeller/plugins/catalog_cache.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/propeller/plugins/k8s.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/propeller/plugins/qubole.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/propeller/plugins/spark.yaml delete mode 100644 kustomize/overlays/eks/flyte/config/propeller/plugins/task_logs.yaml delete mode 100644 kustomize/overlays/eks/flyte/console/service.yaml delete mode 100644 kustomize/overlays/eks/flyte/datacatalog/deployment.yaml delete mode 100644 kustomize/overlays/eks/flyte/datacatalog/service.yaml delete mode 100644 kustomize/overlays/eks/flyte/ingress/README.md delete mode 100644 kustomize/overlays/eks/flyte/ingress/ingress.yaml delete mode 100644 kustomize/overlays/eks/flyte/ingress/ingress_grpc.yaml delete mode 100644 kustomize/overlays/eks/flyte/ingress/kustomization.yaml delete mode 100644 kustomize/overlays/eks/flyte/kustomization.yaml delete mode 100644 kustomize/overlays/eks/flyte/propeller/deployment.yaml delete mode 100644 kustomize/overlays/eks/flyte/propeller/service.yaml delete mode 100644 kustomize/overlays/eks/flyte/propeller/serviceaccount.yaml delete mode 100644 kustomize/overlays/eks/kustomization.yaml delete mode 100644 kustomize/overlays/gcp/README.md delete mode 100644 kustomize/overlays/gcp/flyte/admin/deployment.yaml delete mode 100644 kustomize/overlays/gcp/flyte/admin/service.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/admin/db.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/admin/task_resource_defaults.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/clusterresource-templates/ad_spark-role.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/clusterresource-templates/ae_spark-service-account.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/clusterresource-templates/af_spark-role-binding.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/common/storage.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/datacatalog/db.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/propeller/core.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/propeller/enabled_plugins.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/propeller/plugins/catalog_cache.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/propeller/plugins/k8s.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/propeller/plugins/qubole.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/propeller/plugins/spark.yaml delete mode 100644 kustomize/overlays/gcp/flyte/config/propeller/plugins/task_logs.yaml delete mode 100644 kustomize/overlays/gcp/flyte/console/service.yaml delete mode 100644 kustomize/overlays/gcp/flyte/datacatalog/deployment.yaml delete mode 100644 kustomize/overlays/gcp/flyte/datacatalog/service.yaml delete mode 100644 kustomize/overlays/gcp/flyte/kustomization.yaml delete mode 100644 kustomize/overlays/gcp/flyte/propeller/deployment.yaml delete mode 100644 kustomize/overlays/gcp/flyte/propeller/service.yaml delete mode 100644 kustomize/overlays/gcp/kustomization.yaml delete mode 100644 kustomize/overlays/sandbox/README.md delete mode 100644 kustomize/overlays/sandbox/flyte/admin/deployment.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/admin/db.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/admin/task_resource_defaults.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ad_spark-role.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ae_spark-service-account.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/clusterresource-templates/af_spark-role-binding.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/common/logger.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/common/storage.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/datacatalog/db.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/propeller/enabled_plugins.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/propeller/plugins/k8s.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/config/propeller/resource_manager.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/kustomization.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/propeller/webhook-secret.yaml delete mode 100644 kustomize/overlays/sandbox/flyte/propeller/webhook.yaml delete mode 100644 kustomize/overlays/sandbox/kustomization.yaml delete mode 100644 kustomize/overlays/sandbox/nodeport-services.yaml delete mode 100644 kustomize/overlays/test/flyte/admin/deployment.yaml delete mode 100644 kustomize/overlays/test/flyte/config/admin/db.yaml delete mode 100644 kustomize/overlays/test/flyte/config/common/logger.yaml delete mode 100644 kustomize/overlays/test/flyte/config/common/storage.yaml delete mode 100644 kustomize/overlays/test/flyte/config/datacatalog/db.yaml delete mode 100644 kustomize/overlays/test/flyte/config/propeller/enabled_plugins.yaml delete mode 100644 kustomize/overlays/test/flyte/config/propeller/plugins/k8s.yaml delete mode 100644 kustomize/overlays/test/flyte/config/propeller/resource_manager.yaml delete mode 100644 kustomize/overlays/test/flyte/kustomization.yaml delete mode 100644 kustomize/overlays/test/kustomization.yaml delete mode 100755 script/generate_kustomize.sh diff --git a/.github/workflows/generate_flyte_manifest.yml b/.github/workflows/generate_flyte_manifest.yml index e0c9c589ab..b2cdb2f2d6 100644 --- a/.github/workflows/generate_flyte_manifest.yml +++ b/.github/workflows/generate_flyte_manifest.yml @@ -23,7 +23,6 @@ jobs: VERSION: ${{ github.event.inputs.next-version }} run: | make release_automation - make kustomize make helm - name: Create Pull Request id: cpr @@ -39,17 +38,12 @@ jobs: title: 'Update Flyte components' body: | Updated flyte deployment - - Updated GCP Flyte kustomize generated manifest file - - Updated EKS Flyte kustomize generated manifest file - - Updated Sandbox Flyte kustomize generated manifest file - - Updated TEST Flyte kustomize generated manifest file - Updated GCP Flyte helm generated manifest file - Updated EKS Flyte helm generated manifest file - Updated Sandbox Flyte helm generated manifest file - Updated TEST Flyte helm generated manifest file - Auto-generated by [flyte-bot] labels: | - kustomize helm team-reviewers: | flyte-maintainers diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 831beda79d..28813360de 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -70,16 +70,6 @@ jobs: conda activate monodocs-env make docs - generate_kustomize: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: actions/setup-go@v2 - with: - go-version: "1.21" - - name: Kustomize and diff - run: DELTA_CHECK=true make kustomize - generate_helm: runs-on: ubuntu-latest steps: diff --git a/Makefile b/Makefile index 64af820787..3f35139289 100644 --- a/Makefile +++ b/Makefile @@ -30,10 +30,6 @@ linux_compile: cmd/single/dist update_boilerplate: @boilerplate/update.sh -.PHONY: kustomize -kustomize: - KUSTOMIZE_VERSION=3.9.2 bash script/generate_kustomize.sh - .PHONY: helm helm: ## Generate K8s Manifest from Helm Charts. bash script/generate_helm.sh diff --git a/deployment/eks/flyte_generated.yaml b/deployment/eks/flyte_generated.yaml deleted file mode 100644 index b4ee31f106..0000000000 --- a/deployment/eks/flyte_generated.yaml +++ /dev/null @@ -1,9526 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte ---- -apiVersion: v1 -kind: Namespace -metadata: - name: kubeflow ---- -apiVersion: v1 -kind: Namespace -metadata: - name: sparkoperator ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (unknown) - creationTimestamp: null - name: scheduledsparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: ScheduledSparkApplication - listKind: ScheduledSparkApplicationList - plural: scheduledsparkapplications - shortNames: - - scheduledsparkapp - singular: scheduledsparkapplication - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - concurrencyPolicy: - type: string - failedRunHistoryLimit: - format: int32 - type: integer - schedule: - type: string - successfulRunHistoryLimit: - format: int32 - type: integer - suspend: - type: boolean - template: - properties: - arguments: - items: - type: string - type: array - batchScheduler: - type: string - batchSchedulerOptions: - properties: - priorityClassName: - type: string - queue: - type: string - type: object - deps: - properties: - files: - items: - type: string - type: array - jars: - items: - type: string - type: array - pyFiles: - items: - type: string - type: array - type: object - driver: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - podName: - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - serviceAccount: - type: string - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - executor: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - deleteOnTermination: - type: boolean - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - instances: - format: int32 - minimum: 1 - type: integer - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - failureRetries: - format: int32 - type: integer - hadoopConf: - additionalProperties: - type: string - type: object - hadoopConfigMap: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - type: string - type: array - mainApplicationFile: - type: string - mainClass: - type: string - memoryOverheadFactor: - type: string - mode: - enum: - - cluster - - client - type: string - monitoring: - properties: - exposeDriverMetrics: - type: boolean - exposeExecutorMetrics: - type: boolean - metricsProperties: - type: string - metricsPropertiesFile: - type: string - prometheus: - properties: - configFile: - type: string - configuration: - type: string - jmxExporterJar: - type: string - port: - format: int32 - maximum: 49151 - minimum: 1024 - type: integer - required: - - jmxExporterJar - type: object - required: - - exposeDriverMetrics - - exposeExecutorMetrics - type: object - nodeSelector: - additionalProperties: - type: string - type: object - pythonVersion: - enum: - - "2" - - "3" - type: string - restartPolicy: - properties: - onFailureRetries: - format: int32 - minimum: 0 - type: integer - onFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - onSubmissionFailureRetries: - format: int32 - minimum: 0 - type: integer - onSubmissionFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - type: - enum: - - Never - - Always - - OnFailure - type: string - type: object - retryInterval: - format: int64 - type: integer - serviceAccount: - type: string - sparkConf: - additionalProperties: - type: string - type: object - sparkConfigMap: - type: string - sparkVersion: - type: string - timeToLiveSeconds: - format: int64 - type: integer - type: - enum: - - Java - - Python - - Scala - - R - type: string - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - type: string - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - driver - - executor - - sparkVersion - - type - type: object - required: - - schedule - - template - type: object - status: - properties: - lastRun: - format: date-time - nullable: true - type: string - lastRunName: - type: string - nextRun: - format: date-time - nullable: true - type: string - pastFailedRunNames: - items: - type: string - type: array - pastSuccessfulRunNames: - items: - type: string - type: array - reason: - type: string - scheduleState: - type: string - type: object - required: - - metadata - - spec - type: object - version: v1beta2 - versions: - - name: v1beta2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (unknown) - creationTimestamp: null - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - arguments: - items: - type: string - type: array - batchScheduler: - type: string - batchSchedulerOptions: - properties: - priorityClassName: - type: string - queue: - type: string - type: object - deps: - properties: - files: - items: - type: string - type: array - jars: - items: - type: string - type: array - pyFiles: - items: - type: string - type: array - type: object - driver: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - podName: - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - serviceAccount: - type: string - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - executor: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - deleteOnTermination: - type: boolean - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - instances: - format: int32 - minimum: 1 - type: integer - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - failureRetries: - format: int32 - type: integer - hadoopConf: - additionalProperties: - type: string - type: object - hadoopConfigMap: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - type: string - type: array - mainApplicationFile: - type: string - mainClass: - type: string - memoryOverheadFactor: - type: string - mode: - enum: - - cluster - - client - type: string - monitoring: - properties: - exposeDriverMetrics: - type: boolean - exposeExecutorMetrics: - type: boolean - metricsProperties: - type: string - metricsPropertiesFile: - type: string - prometheus: - properties: - configFile: - type: string - configuration: - type: string - jmxExporterJar: - type: string - port: - format: int32 - maximum: 49151 - minimum: 1024 - type: integer - required: - - jmxExporterJar - type: object - required: - - exposeDriverMetrics - - exposeExecutorMetrics - type: object - nodeSelector: - additionalProperties: - type: string - type: object - pythonVersion: - enum: - - "2" - - "3" - type: string - restartPolicy: - properties: - onFailureRetries: - format: int32 - minimum: 0 - type: integer - onFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - onSubmissionFailureRetries: - format: int32 - minimum: 0 - type: integer - onSubmissionFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - type: - enum: - - Never - - Always - - OnFailure - type: string - type: object - retryInterval: - format: int64 - type: integer - serviceAccount: - type: string - sparkConf: - additionalProperties: - type: string - type: object - sparkConfigMap: - type: string - sparkVersion: - type: string - timeToLiveSeconds: - format: int64 - type: integer - type: - enum: - - Java - - Python - - Scala - - R - type: string - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - type: string - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - driver - - executor - - sparkVersion - - type - type: object - status: - properties: - applicationState: - properties: - errorMessage: - type: string - state: - type: string - required: - - state - type: object - driverInfo: - properties: - podName: - type: string - webUIAddress: - type: string - webUIIngressAddress: - type: string - webUIIngressName: - type: string - webUIPort: - format: int32 - type: integer - webUIServiceName: - type: string - type: object - executionAttempts: - format: int32 - type: integer - executorState: - additionalProperties: - type: string - type: object - sparkApplicationId: - type: string - submissionAttempts: - format: int32 - type: integer - submissionID: - type: string - submissionTime: - format: date-time - nullable: true - type: string - terminationTime: - format: date-time - nullable: true - type: string - required: - - driverInfo - type: object - required: - - metadata - - spec - type: object - version: v1beta2 - versions: - - name: v1beta2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: pytorchjobs.kubeflow.org -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[-1:].type - name: State - type: string - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: kubeflow.org - names: - kind: PyTorchJob - plural: pytorchjobs - singular: pytorchjob - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - spec: - properties: - pytorchReplicaSpecs: - properties: - Master: - properties: - replicas: - maximum: 1 - minimum: 1 - type: integer - Worker: - properties: - replicas: - minimum: 1 - type: integer - versions: - - name: v1 - served: true - storage: true ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyte-pod-webhook - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::111222333456:role/flyte-operator - name: flyteadmin - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::111222333456:role/flyte-operator - name: flytepropeller - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyte-pod-webhook - namespace: flyte -rules: -- apiGroups: - - '*' - resources: - - mutatingwebhookconfigurations - - secrets - - pods - - replicasets/finalizers - verbs: - - get - - create - - update - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyteadmin - namespace: flyte -rules: -- apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flytepropeller -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -- apiGroups: - - '*' - resources: - - '*' - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -- apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - - flyteworkflows/finalizers - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -aggregationRule: - clusterRoleSelectors: - - matchLabels: - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" - name: kubeflow-pytorchjobs-admin -rules: [] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" - name: kubeflow-pytorchjobs-edit -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" - name: kubeflow-pytorchjobs-view -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: sparkoperator -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - - configmaps - - secrets - verbs: - - create - - get - - delete -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - delete -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - update - - delete - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - create - - get - - update - - delete -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - get - - update - - delete -- apiGroups: - - sparkoperator.k8s.io - resources: - - sparkapplications - - scheduledsparkapplications - - sparkapplications/status - - scheduledsparkapplications/status - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - '*' -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - '*' -- apiGroups: - - "" - resources: - - pods - - services - - endpoints - - events - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flyte-pod-webhook - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyte-pod-webhook -subjects: -- kind: ServiceAccount - name: flyte-pod-webhook - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: -- kind: ServiceAccount - name: flyteadmin - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: sparkoperator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sparkoperator -subjects: -- kind: ServiceAccount - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: pytorch-operator -subjects: -- kind: ServiceAccount - name: pytorch-operator - namespace: kubeflow ---- -apiVersion: v1 -data: - aa_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: {{ namespace }} - spec: - finalizers: - - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" - ad_spark-role.yaml: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - metadata: - name: spark-role - namespace: {{ namespace }} - rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - '*' - - apiGroups: - - "" - resources: - - services - verbs: - - '*' - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' - ae_spark-service-account.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: spark - namespace: {{ namespace }} - af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" -kind: ConfigMap -metadata: - name: clusterresource-template-4fbh4bk26k - namespace: flyte ---- -apiVersion: v1 -data: - db.yaml: | - database: - port: 5432 - username: flyte - # TODO Change this to match aurora or rds postgres endpoint - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flytedatacatalog - passwordPath: /etc/db/pass.txt - logger.yaml: | - # TODO this is used to control the log level - logger: - show-source: true - level: 2 - server.yaml: | - datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 - application: - grpcPort: 8089 - storage.yaml: | - storage: - type: stow - stow: - kind: s3 - config: - auth_type: iam - region: us-east-2 - # TODO replace with the container (bucket) in s3 used by Flyte as intermediate store - container: "flyte-demo" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 -kind: ConfigMap -metadata: - name: datacatalog-config-fktmhdgfk8 - namespace: flyte ---- -apiVersion: v1 -data: - cluster_resources.yaml: | - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refreshInterval: 1m - db.yaml: | - database: - port: 5432 - username: flyte - # TODO Change this to match aurora or rds postgres endpoint - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flyte - passwordPath: /etc/db/pass.txt - domain.yaml: | - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - logger.yaml: | - # TODO this is used to control the log level - logger: - show-source: true - level: 2 - server.yaml: | - server: - httpPort: 8088 - grpcPort: 8089 - security: - # Controls whether to serve requests over SSL/TLS. - secure: false - # Controls whether to enforce authentication. Follow the guide in https://docs.flyte.org/ on how to setup authentication. - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - - "flyte-authorization" - auth: - authorizedUris: - # This should point at your public http Uri. - - https://localhost:30081 - # This will be used by internal services in the same namespace as flyteadmin - - http://flyteadmin:80 - # This will be used by internal services in the same cluster but different namespaces - - http://flyteadmin.flyte.svc.cluster.local:80 - - # Controls app authentication config - appAuth: - thirdPartyConfig: - flyteClient: - clientId: flytectl - redirectUri: https://localhost:53593/callback - scopes: - - offline - - all - # Controls user authentication - userAuth: - openId: - baseUrl: https://accounts.google.com - scopes: - - profile - - openid - clientId: 657465813211-6eog7ek7li5k7i7fvgv2921075063hpe.apps.googleusercontent.com - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - storage.yaml: | - storage: - type: stow - stow: - kind: s3 - config: - auth_type: iam - region: us-east-2 - # TODO replace with the container (bucket) in s3 used by Flyte as intermediate store - container: "flyte-demo" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 - task_resource_defaults.yaml: | - task_resources: - defaults: - cpu: 1000m - memory: 1000Mi - storage: 1000Mi - limits: - cpu: 2 - memory: 8Gi - storage: 2000Mi - gpu: 1 -kind: ConfigMap -metadata: - name: flyte-admin-config-29g4dtt8tc - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog.yaml: | - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - catalog_cache.yaml: "plugins:\n catalogCache: \n reader:\n maxItems: 10000\n writer:\n maxItems: 10000\n" - copilot.yaml: | - plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.15" - start-timeout: "30s" - core.yaml: | - propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 40 - gc-interval: 12h - max-workflow-retries: 50 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - kube-client-config: - qps: 100 - burst: 25 - timeout: 30s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: maxof - rate: 100 - capacity: 1000 - base-delay: 5s - max-delay: 120s - sub-queue: - type: bucket - rate: 100 - capacity: 1000 - workflowStore: - policy: "ResourceVersionCache" - enabled_plugins.yaml: | - tasks: - max-plugin-phase-versions: 1000000 - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array - - pytorch - default-for-task-types: - container: container - sidecar: sidecar - spark: spark - container_array: k8s-array - pytorch: pytorch - k8s.yaml: | - plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi - logger.yaml: | - # TODO this is used to control the log level - logger: - show-source: true - level: 2 - qubole.yaml: | - plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" - resource_manager.yaml: | - propeller: - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword - spark.yaml: | - plugins: - spark: - spark-config-default: - # We override the default credentials chain provider for Hadoop so that - # it can use the serviceAccount based IAM role or ec2 metadata based. - # This is more in line with how AWS works - - spark.hadoop.fs.s3a.aws.credentials.provider: "com.amazonaws.auth.DefaultAWSCredentialsProviderChain" - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" - storage.yaml: | - storage: - type: stow - stow: - kind: s3 - config: - auth_type: iam - region: us-east-2 - # TODO replace with the container (bucket) in s3 used by Flyte as intermediate store - container: "flyte-demo" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 - task_logs.yaml: | - plugins: - logs: - # Log links can link to multiple options - # #1 Kubernetes dashboard is disabled in GCP - kubernetes-enabled: false - # #2 AWS Cloudwatch - cloudwatch-enabled: true - # TODO Add region and log group - cloudwatch-region: - cloudwatch-log-group: -kind: ConfigMap -metadata: - name: flyte-propeller-config-dtkccdkch8 - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - admin: - clientId: flytepropeller - clientSecretLocation: /etc/secrets/client_secret - endpoint: flyteadmin:81 - insecure: true - event: - capacity: 1000 - rate: 500 - type: admin - db.yaml: | - database: - dbname: postgres - host: postgres - port: 5432 - username: postgres - logger.yaml: | - logger: - level: 4 - show-source: true -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: flytescheduler - helm.sh/chart: flyte-v0.1.10 - name: flyte-scheduler-config - namespace: flyte ---- -apiVersion: v1 -data: - pass.txt: eW91cnBhc3N3b3Jk -kind: Secret -metadata: - name: db-pass-bthd2588cc - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-admin-auth - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-pod-webhook - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-secret-auth - namespace: flyte -stringData: - client_secret: foobar -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: datacatalog - namespace: flyte -spec: - ports: - - name: http - port: 88 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 89 - protocol: TCP - targetPort: 8089 - selector: - app: datacatalog ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - cloud.google.com/load-balancer-type: Internal - name: datacatalog-metrics - namespace: flyte -spec: - ports: - - name: http-metrics - port: 10254 - protocol: TCP - selector: - app: datacatalog - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - projectcontour.io/upstream-protocol.h2c: grpc - name: flyte-pod-webhook - namespace: flyte -spec: - ports: - - name: https - port: 443 - protocol: TCP - targetPort: 9443 - selector: - app: flyte-pod-webhook ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - external-dns.alpha.kubernetes.io/hostname: flyteadmin.subdomain.mydomain.com - projectcontour.io/upstream-protocol.h2c: grpc - service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" - service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: sg-...,sg-...,sg-... - name: flyteadmin - namespace: flyte -spec: - loadBalancerSourceRanges: - - 0.0.0.0 - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - selector: - app: flyteadmin - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - external-dns.alpha.kubernetes.io/hostname: flyte.subdomain.mydomain.com - service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" - service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: sg-....,sg-...,sg-... - name: flyteconsole - namespace: flyte -spec: - loadBalancerSourceRanges: - - 0.0.0.0 - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - cloud.google.com/load-balancer-type: Internal - name: flytepropeller - namespace: flyte -spec: - ports: - - name: http-metrics - port: 10254 - protocol: TCP - selector: - app: flytepropeller - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "8443" - prometheus.io/scrape: "true" - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow -spec: - ports: - - name: monitoring-port - port: 8443 - targetPort: 8443 - selector: - kustomize.component: pytorch-operator - name: pytorch-operator - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - name: spark-webhook - namespace: sparkoperator -spec: - ports: - - name: webhook - port: 443 - targetPort: 8080 - selector: - app.kubernetes.io/name: sparkoperator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: datacatalog - name: datacatalog - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.3.0 - spec: - containers: - - command: - - datacatalog - - --config - - /etc/datacatalog/config/*.yaml - - serve - image: cr.flyte.org/flyteorg/datacatalog:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: datacatalog - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "2" - ephemeral-storage: 1000Mi - memory: 1Gi - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - datacatalog - - --config - - /etc/datacatalog/config/*.yaml - - migrate - - run - image: cr.flyte.org/flyteorg/datacatalog:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: datacatalog - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: datacatalog-config-fktmhdgfk8 - name: config-volume - - name: db-pass - secret: - secretName: db-pass-bthd2588cc ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyte-pod-webhook - name: flyte-pod-webhook - namespace: flyte -spec: - selector: - matchLabels: - app: flyte-pod-webhook - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyte-pod-webhook - app.kubernetes.io/name: flyte-pod-webhook - app.kubernetes.io/version: 0.5.13 - spec: - containers: - - args: - - webhook - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: webhook - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - readOnly: true - - mountPath: /etc/webhook/certs - name: webhook-certs - readOnly: true - initContainers: - - args: - - webhook - - init-certs - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: generate-secrets - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flyte-pod-webhook - volumes: - - configMap: - name: flyte-propeller-config-dtkccdkch8 - name: config-volume - - name: webhook-certs - secret: - secretName: flyte-pod-webhook ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteadmin - name: flyteadmin - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.4.13 - spec: - containers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - serve - image: cr.flyte.org/flyteorg/flyteadmin:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: flyteadmin - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "2" - ephemeral-storage: 1Gi - memory: 1Gi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - mountPath: /etc/secrets/ - name: auth - - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: Flyte Admin OpenAPI - - name: SPEC_URL - value: /api/v1/openapi - - name: PORT - value: "8087" - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - name: redoc - ports: - - containerPort: 8087 - resources: - limits: - cpu: "0.1" - memory: 200Mi - initContainers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - migrate - - run - image: cr.flyte.org/flyteorg/flyteadmin:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - migrate - - seed-projects - - flytesnacks - - flytetester - - flyteexamples - image: cr.flyte.org/flyteorg/flyteadmin:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: seed-projects - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: cr.flyte.org/flyteorg/flyteadmin:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - args: - - flyteadmin --config=/etc/flyte/config/*.yaml secrets init --localPath /etc/scratch/secrets && flyteadmin --config=/etc/flyte/config/*.yaml secrets create --fromPath /etc/scratch/secrets - command: - - /bin/sh - - -c - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flyteadmin:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: generate-secrets - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/scratch - name: scratch - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flyteadmin - volumes: - - emptyDir: {} - name: shared-data - - emptyDir: {} - name: scratch - - configMap: - name: flyte-admin-config-29g4dtt8tc - name: config-volume - - configMap: - name: clusterresource-template-4fbh4bk26k - name: resource-templates - - name: db-pass - secret: - secretName: db-pass-bthd2588cc - - name: auth - secret: - secretName: flyte-admin-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteconsole - name: flyteconsole - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.19.0 - spec: - containers: - - envFrom: - - configMapRef: - name: flyte-console-config - image: cr.flyte.org/flyteorg/flyteconsole:v1.11.0 - name: flyteconsole - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - securityContext: - fsGroupChangePolicy: Always - runAsUser: 1000 - volumes: - - emptyDir: {} - name: shared-data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytepropeller - name: flytepropeller - namespace: flyte -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.7.1 - spec: - containers: - - args: - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: flytepropeller - ports: - - containerPort: 10254 - resources: - limits: - cpu: "2" - ephemeral-storage: 1Gi - memory: 4Gi - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/secrets/ - name: auth - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flytepropeller - volumes: - - configMap: - name: flyte-propeller-config-dtkccdkch8 - name: config-volume - - name: auth - secret: - secretName: flyte-secret-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytescheduler - name: flytescheduler - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flytescheduler - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytescheduler - app.kubernetes.io/name: flytescheduler - app.kubernetes.io/version: 0.3.4 - spec: - containers: - - command: - - flytescheduler - - run - - --config - - /etc/flyte/config/*.yaml - image: cr.flyte.org/flyteorg/flytescheduler:v0.6.49 - imagePullPolicy: IfNotPresent - name: flytescheduler - resources: - limits: - cpu: 250m - ephemeral-storage: 100Mi - memory: 500Mi - requests: - cpu: 10m - ephemeral-storage: 50Mi - memory: 50Mi - volumeMounts: - - mountPath: /etc/secrets/ - name: auth - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - flytescheduler - - precheck - - --config - - /etc/flyte/config/*.yaml - image: cr.flyte.org/flyteorg/flytescheduler:v0.6.49 - imagePullPolicy: IfNotPresent - name: flytescheduler-check - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - serviceAccountName: flyteadmin - volumes: - - configMap: - name: flyte-scheduler-config - name: config-volume - - name: db-pass - secret: - secretName: db-pass-bthd2588cc - - name: auth - secret: - secretName: flyte-secret-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow -spec: - replicas: 1 - selector: - matchLabels: - kustomize.component: pytorch-operator - name: pytorch-operator - template: - metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - spec: - containers: - - command: - - /pytorch-operator.v1 - - --alsologtostderr - - -v=1 - - --monitoring-port=8443 - env: - - name: MY_POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f - name: pytorch-operator - serviceAccountName: pytorch-operator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - name: sparkoperator - namespace: sparkoperator -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sparkoperator - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - spec: - containers: - - args: - - -logtostderr - - -v=2 - - -controller-threads=20 - - -enable-metrics=true - - '-metrics-prefix=service:' - - -metrics-labels=task_name - - -metrics-labels=workflow_name - - -enable-webhook=true - - -webhook-svc-namespace=sparkoperator - command: - - /usr/bin/spark-operator - image: gcr.io/spark-operator/spark-operator:v1beta2-1.1.2-2.4.5 - imagePullPolicy: Always - name: sparkoperator-unknown - ports: - - containerPort: 10254 - - containerPort: 8080 - volumeMounts: - - mountPath: /etc/webhook-certs - name: webhook-certs - serviceAccountName: sparkoperator - volumes: - - name: webhook-certs - secret: - secretName: spark-webhook-certs ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: ecr.flyte.org/bitnami/redis:6.2.5-debian-10-r59 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always - volumes: - - emptyDir: {} - name: redis-data ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: cr.flyte.org/flyteorg/flyteadmin:v1.11.0-b1 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-4fbh4bk26k - name: resource-templates - - configMap: - name: flyte-admin-config-29g4dtt8tc - name: config-volume - - name: db-pass - secret: - secretName: db-pass-bthd2588cc - schedule: '*/1 * * * *' ---- -apiVersion: batch/v1 -kind: Job -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - name: sparkoperator-init - namespace: sparkoperator -spec: - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - spec: - containers: - - command: - - /usr/bin/gencerts.sh - - --namespace - - sparkoperator - - -p - image: gcr.io/spark-operator/spark-operator:v1beta2-1.1.2-2.4.5 - imagePullPolicy: IfNotPresent - name: main - restartPolicy: Never - serviceAccountName: sparkoperator ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' - alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:111111111111:certificate/e92fefd8-6197-4249-a524-431d611c9af6 - alb.ingress.kubernetes.io/group.name: flytesystem - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/tags: service_instance=production - kubernetes.io/ingress.class: alb - labels: - app: flyteadmin - name: flytesystem - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - service: - name: ssl-redirect - port: - name: use-annotation - path: /* - pathType: ImplementationSpecific - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /console - pathType: ImplementationSpecific - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /console/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /api/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /healthcheck - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /v1/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 87 - path: /openapi/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /.well-known/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /login - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /login/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /logout - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /logout/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /callback - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /callback/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /me - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /config - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /config/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /oauth2 - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /oauth2/* - pathType: ImplementationSpecific ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' - alb.ingress.kubernetes.io/backend-protocol-version: GRPC - alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:111111111111:certificate/e92fefd8-6197-4249-a524-431d611c9af6 - alb.ingress.kubernetes.io/group.name: flytesystem - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/tags: service_instance=production - kubernetes.io/ingress.class: alb - nginx.ingress.kubernetes.io/ssl-redirect: "false" - labels: - app: flyteadmin - name: flytesystem-grpc - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.SignalService/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AdminService/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AuthMetadataService/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.IdentityService/* - pathType: ImplementationSpecific diff --git a/deployment/gcp/flyte_generated.yaml b/deployment/gcp/flyte_generated.yaml deleted file mode 100644 index 01d708d860..0000000000 --- a/deployment/gcp/flyte_generated.yaml +++ /dev/null @@ -1,9553 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte ---- -apiVersion: v1 -kind: Namespace -metadata: - name: kubeflow ---- -apiVersion: v1 -kind: Namespace -metadata: - name: sparkoperator ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (unknown) - creationTimestamp: null - name: scheduledsparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: ScheduledSparkApplication - listKind: ScheduledSparkApplicationList - plural: scheduledsparkapplications - shortNames: - - scheduledsparkapp - singular: scheduledsparkapplication - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - concurrencyPolicy: - type: string - failedRunHistoryLimit: - format: int32 - type: integer - schedule: - type: string - successfulRunHistoryLimit: - format: int32 - type: integer - suspend: - type: boolean - template: - properties: - arguments: - items: - type: string - type: array - batchScheduler: - type: string - batchSchedulerOptions: - properties: - priorityClassName: - type: string - queue: - type: string - type: object - deps: - properties: - files: - items: - type: string - type: array - jars: - items: - type: string - type: array - pyFiles: - items: - type: string - type: array - type: object - driver: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - podName: - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - serviceAccount: - type: string - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - executor: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - deleteOnTermination: - type: boolean - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - instances: - format: int32 - minimum: 1 - type: integer - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - failureRetries: - format: int32 - type: integer - hadoopConf: - additionalProperties: - type: string - type: object - hadoopConfigMap: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - type: string - type: array - mainApplicationFile: - type: string - mainClass: - type: string - memoryOverheadFactor: - type: string - mode: - enum: - - cluster - - client - type: string - monitoring: - properties: - exposeDriverMetrics: - type: boolean - exposeExecutorMetrics: - type: boolean - metricsProperties: - type: string - metricsPropertiesFile: - type: string - prometheus: - properties: - configFile: - type: string - configuration: - type: string - jmxExporterJar: - type: string - port: - format: int32 - maximum: 49151 - minimum: 1024 - type: integer - required: - - jmxExporterJar - type: object - required: - - exposeDriverMetrics - - exposeExecutorMetrics - type: object - nodeSelector: - additionalProperties: - type: string - type: object - pythonVersion: - enum: - - "2" - - "3" - type: string - restartPolicy: - properties: - onFailureRetries: - format: int32 - minimum: 0 - type: integer - onFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - onSubmissionFailureRetries: - format: int32 - minimum: 0 - type: integer - onSubmissionFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - type: - enum: - - Never - - Always - - OnFailure - type: string - type: object - retryInterval: - format: int64 - type: integer - serviceAccount: - type: string - sparkConf: - additionalProperties: - type: string - type: object - sparkConfigMap: - type: string - sparkVersion: - type: string - timeToLiveSeconds: - format: int64 - type: integer - type: - enum: - - Java - - Python - - Scala - - R - type: string - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - type: string - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - driver - - executor - - sparkVersion - - type - type: object - required: - - schedule - - template - type: object - status: - properties: - lastRun: - format: date-time - nullable: true - type: string - lastRunName: - type: string - nextRun: - format: date-time - nullable: true - type: string - pastFailedRunNames: - items: - type: string - type: array - pastSuccessfulRunNames: - items: - type: string - type: array - reason: - type: string - scheduleState: - type: string - type: object - required: - - metadata - - spec - type: object - version: v1beta2 - versions: - - name: v1beta2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (unknown) - creationTimestamp: null - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - arguments: - items: - type: string - type: array - batchScheduler: - type: string - batchSchedulerOptions: - properties: - priorityClassName: - type: string - queue: - type: string - type: object - deps: - properties: - files: - items: - type: string - type: array - jars: - items: - type: string - type: array - pyFiles: - items: - type: string - type: array - type: object - driver: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - podName: - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - serviceAccount: - type: string - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - executor: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - deleteOnTermination: - type: boolean - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - instances: - format: int32 - minimum: 1 - type: integer - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - failureRetries: - format: int32 - type: integer - hadoopConf: - additionalProperties: - type: string - type: object - hadoopConfigMap: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - type: string - type: array - mainApplicationFile: - type: string - mainClass: - type: string - memoryOverheadFactor: - type: string - mode: - enum: - - cluster - - client - type: string - monitoring: - properties: - exposeDriverMetrics: - type: boolean - exposeExecutorMetrics: - type: boolean - metricsProperties: - type: string - metricsPropertiesFile: - type: string - prometheus: - properties: - configFile: - type: string - configuration: - type: string - jmxExporterJar: - type: string - port: - format: int32 - maximum: 49151 - minimum: 1024 - type: integer - required: - - jmxExporterJar - type: object - required: - - exposeDriverMetrics - - exposeExecutorMetrics - type: object - nodeSelector: - additionalProperties: - type: string - type: object - pythonVersion: - enum: - - "2" - - "3" - type: string - restartPolicy: - properties: - onFailureRetries: - format: int32 - minimum: 0 - type: integer - onFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - onSubmissionFailureRetries: - format: int32 - minimum: 0 - type: integer - onSubmissionFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - type: - enum: - - Never - - Always - - OnFailure - type: string - type: object - retryInterval: - format: int64 - type: integer - serviceAccount: - type: string - sparkConf: - additionalProperties: - type: string - type: object - sparkConfigMap: - type: string - sparkVersion: - type: string - timeToLiveSeconds: - format: int64 - type: integer - type: - enum: - - Java - - Python - - Scala - - R - type: string - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - type: string - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - driver - - executor - - sparkVersion - - type - type: object - status: - properties: - applicationState: - properties: - errorMessage: - type: string - state: - type: string - required: - - state - type: object - driverInfo: - properties: - podName: - type: string - webUIAddress: - type: string - webUIIngressAddress: - type: string - webUIIngressName: - type: string - webUIPort: - format: int32 - type: integer - webUIServiceName: - type: string - type: object - executionAttempts: - format: int32 - type: integer - executorState: - additionalProperties: - type: string - type: object - sparkApplicationId: - type: string - submissionAttempts: - format: int32 - type: integer - submissionID: - type: string - submissionTime: - format: date-time - nullable: true - type: string - terminationTime: - format: date-time - nullable: true - type: string - required: - - driverInfo - type: object - required: - - metadata - - spec - type: object - version: v1beta2 - versions: - - name: v1beta2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: pytorchjobs.kubeflow.org -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[-1:].type - name: State - type: string - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: kubeflow.org - names: - kind: PyTorchJob - plural: pytorchjobs - singular: pytorchjob - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - spec: - properties: - pytorchReplicaSpecs: - properties: - Master: - properties: - replicas: - maximum: 1 - minimum: 1 - type: integer - Worker: - properties: - replicas: - minimum: 1 - type: integer - versions: - - name: v1 - served: true - storage: true ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyte-pod-webhook - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyte-pod-webhook - namespace: flyte -rules: -- apiGroups: - - '*' - resources: - - mutatingwebhookconfigurations - - secrets - - pods - - replicasets/finalizers - verbs: - - get - - create - - update - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyteadmin - namespace: flyte -rules: -- apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flytepropeller -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -- apiGroups: - - '*' - resources: - - '*' - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -- apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - - flyteworkflows/finalizers - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -aggregationRule: - clusterRoleSelectors: - - matchLabels: - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" - name: kubeflow-pytorchjobs-admin -rules: [] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-pytorchjobs-admin: "true" - name: kubeflow-pytorchjobs-edit -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kustomize.component: pytorch-operator - rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" - name: kubeflow-pytorchjobs-view -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: sparkoperator -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - - configmaps - - secrets - verbs: - - create - - get - - delete -- apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - delete -- apiGroups: - - "" - resources: - - nodes - verbs: - - get -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - update - - delete - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - create - - get - - update - - delete -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - get - - update - - delete -- apiGroups: - - sparkoperator.k8s.io - resources: - - sparkapplications - - scheduledsparkapplications - - sparkapplications/status - - scheduledsparkapplications/status - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -rules: -- apiGroups: - - kubeflow.org - resources: - - pytorchjobs - - pytorchjobs/status - verbs: - - '*' -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - '*' -- apiGroups: - - "" - resources: - - pods - - services - - endpoints - - events - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flyte-pod-webhook - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyte-pod-webhook -subjects: -- kind: ServiceAccount - name: flyte-pod-webhook - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: -- kind: ServiceAccount - name: flyteadmin - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: sparkoperator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: sparkoperator -subjects: -- kind: ServiceAccount - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: pytorch-operator -subjects: -- kind: ServiceAccount - name: pytorch-operator - namespace: kubeflow ---- -apiVersion: v1 -data: - aa_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: {{ namespace }} - spec: - finalizers: - - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" - ad_spark-role.yaml: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - metadata: - name: spark-role - namespace: {{ namespace }} - rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - '*' - - apiGroups: - - "" - resources: - - services - verbs: - - '*' - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' - ae_spark-service-account.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: spark - namespace: {{ namespace }} - af_spark-role-binding.yaml: "apiVersion: rbac.authorization.k8s.io/v1\nkind: RoleBinding\nmetadata:\n name: spark-role-binding\n namespace: {{ namespace }} \nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: Role\n name: spark-role\nsubjects:\n- kind: ServiceAccount\n name: spark\n namespace: {{ namespace }}\n\n" -kind: ConfigMap -metadata: - name: clusterresource-template-4fbh4bk26k - namespace: flyte ---- -apiVersion: v1 -data: - db.yaml: | - database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: datacatalog - options: "sslmode=disable" - passwordPath: /etc/db/pass.txt - logger.yaml: | - # TODO this is used to control the log level - logger: - show-source: true - level: 2 - server.yaml: | - datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 - application: - grpcPort: 8089 - storage.yaml: | - storage: - type: stow - stow: - kind: google - config: - json: "" - # TODO: replace with the GCP project ID - project_id: - scopes: https://www.googleapis.com/auth/cloud-platform - # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store - container: "flyte" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 -kind: ConfigMap -metadata: - name: datacatalog-config-mk4gcdf6db - namespace: flyte ---- -apiVersion: v1 -data: - cluster_resources.yaml: | - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refreshInterval: 1m - db.yaml: | - database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: flyte - passwordPath: /etc/db/pass.txt - domain.yaml: | - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - logger.yaml: | - # TODO this is used to control the log level - logger: - show-source: true - level: 2 - server.yaml: | - server: - httpPort: 8088 - grpcPort: 8089 - security: - # Controls whether to serve requests over SSL/TLS. - secure: false - # Controls whether to enforce authentication. Follow the guide in https://docs.flyte.org/ on how to setup authentication. - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - - "flyte-authorization" - auth: - authorizedUris: - # This should point at your public http Uri. - - https://localhost:30081 - # This will be used by internal services in the same namespace as flyteadmin - - http://flyteadmin:80 - # This will be used by internal services in the same cluster but different namespaces - - http://flyteadmin.flyte.svc.cluster.local:80 - - # Controls app authentication config - appAuth: - thirdPartyConfig: - flyteClient: - clientId: flytectl - redirectUri: https://localhost:53593/callback - scopes: - - offline - - all - # Controls user authentication - userAuth: - openId: - baseUrl: https://accounts.google.com - scopes: - - profile - - openid - clientId: 657465813211-6eog7ek7li5k7i7fvgv2921075063hpe.apps.googleusercontent.com - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - storage.yaml: | - storage: - type: stow - stow: - kind: google - config: - json: "" - # TODO: replace with the GCP project ID - project_id: - scopes: https://www.googleapis.com/auth/cloud-platform - # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store - container: "flyte" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 - task_resource_defaults.yaml: | - task_resources: - defaults: - cpu: 1000m - memory: 1000Mi - storage: 1000Mi - limits: - cpu: 2 - memory: 8Gi - storage: 2000Mi - gpu: 1 -kind: ConfigMap -metadata: - name: flyte-admin-config-gf99k75c82 - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog.yaml: | - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - catalog_cache.yaml: "plugins:\n catalogCache: \n reader:\n maxItems: 10000\n writer:\n maxItems: 10000\n" - copilot.yaml: | - plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.15" - start-timeout: "30s" - core.yaml: | - propeller: - rawoutput-prefix: gs://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 40 - gc-interval: 12h - max-workflow-retries: 50 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - kube-client-config: - qps: 100 - burst: 25 - timeout: 30s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: maxof - rate: 100 - capacity: 1000 - base-delay: 5s - max-delay: 120s - sub-queue: - type: bucket - rate: 100 - capacity: 1000 - workflowStore: - policy: "ResourceVersionCache" - enabled_plugins.yaml: | - tasks: - max-plugin-phase-versions: 1000000 - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array - - pytorch - default-for-task-types: - container: container - sidecar: sidecar - spark: spark - container_array: k8s-array - pytorch: pytorch - k8s.yaml: | - plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi - logger.yaml: | - # TODO this is used to control the log level - logger: - show-source: true - level: 2 - qubole.yaml: | - plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" - resource_manager.yaml: | - propeller: - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword - spark.yaml: | - plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" - storage.yaml: | - storage: - type: stow - stow: - kind: google - config: - json: "" - # TODO: replace with the GCP project ID - project_id: - scopes: https://www.googleapis.com/auth/cloud-platform - # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store - container: "flyte" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 - task_logs.yaml: | - plugins: - logs: - # Log links can link to multiple options - # #1 Kubernetes dashboard is disabled in GCP - kubernetes-enabled: false - # #2 GCP stackdriver - stackdriver-enabled: true - # TODO: replace with the GCP project ID - gcp-project: - stackdriver-logresourcename: k8s_container -kind: ConfigMap -metadata: - name: flyte-propeller-config-kgbdtkgf56 - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - admin: - clientId: flytepropeller - clientSecretLocation: /etc/secrets/client_secret - endpoint: flyteadmin:81 - insecure: true - event: - capacity: 1000 - rate: 500 - type: admin - db.yaml: | - database: - dbname: postgres - host: postgres - port: 5432 - username: postgres - logger.yaml: | - logger: - level: 4 - show-source: true -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: flytescheduler - helm.sh/chart: flyte-v0.1.10 - name: flyte-scheduler-config - namespace: flyte ---- -apiVersion: v1 -data: - pass.txt: eW91cnBhc3N3b3Jk -kind: Secret -metadata: - name: db-pass-bthd2588cc - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-admin-auth - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-pod-webhook - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-secret-auth - namespace: flyte -stringData: - client_secret: foobar -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - name: cloudsqlproxy - namespace: flyte -spec: - ports: - - name: http - port: 5432 - protocol: TCP - selector: - app: cloudsqlproxy ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: datacatalog - namespace: flyte -spec: - ports: - - name: http - port: 88 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 89 - protocol: TCP - targetPort: 8089 - selector: - app: datacatalog ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - cloud.google.com/load-balancer-type: Internal - name: datacatalog-metrics - namespace: flyte -spec: - ports: - - name: http-metrics - port: 10254 - protocol: TCP - selector: - app: datacatalog - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - projectcontour.io/upstream-protocol.h2c: grpc - name: flyte-pod-webhook - namespace: flyte -spec: - ports: - - name: https - port: 443 - protocol: TCP - targetPort: 9443 - selector: - app: flyte-pod-webhook ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - cloud.google.com/load-balancer-type: Internal - projectcontour.io/upstream-protocol.h2c: grpc - name: flyteadmin - namespace: flyte -spec: - ports: - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - - name: http-metrics - port: 10254 - protocol: TCP - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - selector: - app: flyteadmin - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - cloud.google.com/load-balancer-type: Internal - name: flyteconsole - namespace: flyte -spec: - ports: - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - - name: http-metrics - port: 10254 - protocol: TCP - - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - cloud.google.com/load-balancer-type: Internal - name: flytepropeller - namespace: flyte -spec: - ports: - - name: http-metrics - port: 10254 - protocol: TCP - selector: - app: flytepropeller - type: LoadBalancer ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "8443" - prometheus.io/scrape: "true" - labels: - app: pytorch-operator - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow -spec: - ports: - - name: monitoring-port - port: 8443 - targetPort: 8443 - selector: - kustomize.component: pytorch-operator - name: pytorch-operator - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - name: spark-webhook - namespace: sparkoperator -spec: - ports: - - name: webhook - port: 443 - targetPort: 8080 - selector: - app.kubernetes.io/name: sparkoperator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: cloudsqlproxy - name: cloudsqlproxy - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: cloudsqlproxy - template: - metadata: - labels: - app: cloudsqlproxy - spec: - containers: - - command: - - /cloud_sql_proxy - - -instances=::flyte=tcp:0.0.0.0:5432 - image: gcr.io/cloudsql-docker/gce-proxy:1.16 - imagePullPolicy: IfNotPresent - name: cloudsql-proxy - ports: - - containerPort: 5432 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: datacatalog - name: datacatalog - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.3.0 - spec: - containers: - - command: - - datacatalog - - --config - - /etc/datacatalog/config/*.yaml - - serve - image: cr.flyte.org/flyteorg/datacatalog:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: datacatalog - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "2" - ephemeral-storage: 1000Mi - memory: 1Gi - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - datacatalog - - --config - - /etc/datacatalog/config/*.yaml - - migrate - - run - image: cr.flyte.org/flyteorg/datacatalog:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: datacatalog - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: datacatalog-config-mk4gcdf6db - name: config-volume - - name: db-pass - secret: - secretName: db-pass-bthd2588cc ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyte-pod-webhook - name: flyte-pod-webhook - namespace: flyte -spec: - selector: - matchLabels: - app: flyte-pod-webhook - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyte-pod-webhook - app.kubernetes.io/name: flyte-pod-webhook - app.kubernetes.io/version: 0.5.13 - spec: - containers: - - args: - - webhook - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: webhook - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - readOnly: true - - mountPath: /etc/webhook/certs - name: webhook-certs - readOnly: true - initContainers: - - args: - - webhook - - init-certs - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: generate-secrets - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flyte-pod-webhook - volumes: - - configMap: - name: flyte-propeller-config-kgbdtkgf56 - name: config-volume - - name: webhook-certs - secret: - secretName: flyte-pod-webhook ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteadmin - name: flyteadmin - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.4.13 - spec: - containers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - serve - image: cr.flyte.org/flyteorg/flyteadmin:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: flyteadmin - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "2" - ephemeral-storage: 1Gi - memory: 1Gi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - mountPath: /etc/secrets/ - name: auth - - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: Flyte Admin OpenAPI - - name: SPEC_URL - value: /api/v1/openapi - - name: PORT - value: "8087" - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - name: redoc - ports: - - containerPort: 8087 - resources: - limits: - cpu: "0.1" - memory: 200Mi - initContainers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - migrate - - run - image: cr.flyte.org/flyteorg/flyteadmin:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - migrate - - seed-projects - - flytesnacks - - flytetester - - flyteexamples - image: cr.flyte.org/flyteorg/flyteadmin:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: seed-projects - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: cr.flyte.org/flyteorg/flyteadmin:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - args: - - flyteadmin --config=/etc/flyte/config/*.yaml secrets init --localPath /etc/scratch/secrets && flyteadmin --config=/etc/flyte/config/*.yaml secrets create --fromPath /etc/scratch/secrets - command: - - /bin/sh - - -c - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flyteadmin:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: generate-secrets - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/scratch - name: scratch - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flyteadmin - volumes: - - emptyDir: {} - name: shared-data - - emptyDir: {} - name: scratch - - configMap: - name: flyte-admin-config-gf99k75c82 - name: config-volume - - configMap: - name: clusterresource-template-4fbh4bk26k - name: resource-templates - - name: db-pass - secret: - secretName: db-pass-bthd2588cc - - name: auth - secret: - secretName: flyte-admin-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteconsole - name: flyteconsole - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.19.0 - spec: - containers: - - envFrom: - - configMapRef: - name: flyte-console-config - image: cr.flyte.org/flyteorg/flyteconsole:v1.10.2 - name: flyteconsole - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - securityContext: - fsGroupChangePolicy: Always - runAsUser: 1000 - volumes: - - emptyDir: {} - name: shared-data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytepropeller - name: flytepropeller - namespace: flyte -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.7.1 - spec: - containers: - - args: - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: flytepropeller - ports: - - containerPort: 10254 - resources: - limits: - cpu: "2" - ephemeral-storage: 1Gi - memory: 4Gi - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/secrets/ - name: auth - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flytepropeller - volumes: - - configMap: - name: flyte-propeller-config-kgbdtkgf56 - name: config-volume - - name: auth - secret: - secretName: flyte-secret-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytescheduler - name: flytescheduler - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flytescheduler - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytescheduler - app.kubernetes.io/name: flytescheduler - app.kubernetes.io/version: 0.3.4 - spec: - containers: - - command: - - flytescheduler - - run - - --config - - /etc/flyte/config/*.yaml - image: cr.flyte.org/flyteorg/flytescheduler:v0.6.49 - imagePullPolicy: IfNotPresent - name: flytescheduler - resources: - limits: - cpu: 250m - ephemeral-storage: 100Mi - memory: 500Mi - requests: - cpu: 10m - ephemeral-storage: 50Mi - memory: 50Mi - volumeMounts: - - mountPath: /etc/secrets/ - name: auth - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - flytescheduler - - precheck - - --config - - /etc/flyte/config/*.yaml - image: cr.flyte.org/flyteorg/flytescheduler:v0.6.49 - imagePullPolicy: IfNotPresent - name: flytescheduler-check - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - serviceAccountName: flyteadmin - volumes: - - configMap: - name: flyte-scheduler-config - name: config-volume - - name: db-pass - secret: - secretName: db-pass-bthd2588cc - - name: auth - secret: - secretName: flyte-secret-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - namespace: kubeflow -spec: - replicas: 1 - selector: - matchLabels: - kustomize.component: pytorch-operator - name: pytorch-operator - template: - metadata: - labels: - kustomize.component: pytorch-operator - name: pytorch-operator - spec: - containers: - - command: - - /pytorch-operator.v1 - - --alsologtostderr - - -v=1 - - --monitoring-port=8443 - env: - - name: MY_POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: gcr.io/kubeflow-images-public/pytorch-operator:v1.0.0-g047cf0f - name: pytorch-operator - serviceAccountName: pytorch-operator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - name: sparkoperator - namespace: sparkoperator -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sparkoperator - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - spec: - containers: - - args: - - -logtostderr - - -v=2 - - -controller-threads=20 - - -enable-metrics=true - - '-metrics-prefix=service:' - - -metrics-labels=task_name - - -metrics-labels=workflow_name - - -enable-webhook=true - - -webhook-svc-namespace=sparkoperator - command: - - /usr/bin/spark-operator - image: gcr.io/spark-operator/spark-operator:v1beta2-1.1.2-2.4.5 - imagePullPolicy: Always - name: sparkoperator-unknown - ports: - - containerPort: 10254 - - containerPort: 8080 - volumeMounts: - - mountPath: /etc/webhook-certs - name: webhook-certs - serviceAccountName: sparkoperator - volumes: - - name: webhook-certs - secret: - secretName: spark-webhook-certs ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: ecr.flyte.org/bitnami/redis:6.2.5-debian-10-r59 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always - volumes: - - emptyDir: {} - name: redis-data ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: cr.flyte.org/flyteorg/flyteadmin:v1.10.7-b2 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-4fbh4bk26k - name: resource-templates - - configMap: - name: flyte-admin-config-gf99k75c82 - name: config-volume - - name: db-pass - secret: - secretName: db-pass-bthd2588cc - schedule: '*/1 * * * *' ---- -apiVersion: batch/v1 -kind: Job -metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - name: sparkoperator-init - namespace: sparkoperator -spec: - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - spec: - containers: - - command: - - /usr/bin/gencerts.sh - - --namespace - - sparkoperator - - -p - image: gcr.io/spark-operator/spark-operator:v1beta2-1.1.2-2.4.5 - imagePullPolicy: IfNotPresent - name: main - restartPolicy: Never - serviceAccountName: sparkoperator ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/app-root: /console - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: flytesystem - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /__webpack_hmr - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AdminService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AuthMetadataService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.IdentityService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.SignalService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 87 - path: /openapi - pathType: ImplementationSpecific - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /console - pathType: ImplementationSpecific - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /console/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /api - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /api/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /healthcheck - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /v1/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 87 - path: /openapi/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /.well-known/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /login - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /login/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /logout - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /logout/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /callback - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /callback/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /me - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /config - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /config/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /oauth2 - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /oauth2/* - pathType: ImplementationSpecific diff --git a/deployment/sandbox/flyte_generated.yaml b/deployment/sandbox/flyte_generated.yaml deleted file mode 100644 index cac33303fd..0000000000 --- a/deployment/sandbox/flyte_generated.yaml +++ /dev/null @@ -1,3965 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte ---- -apiVersion: v1 -kind: Namespace -metadata: - name: kubernetes-dashboard ---- -apiVersion: v1 -kind: Namespace -metadata: - name: projectcontour ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null - name: extensionservices.projectcontour.io -spec: - group: projectcontour.io - names: - kind: ExtensionService - listKind: ExtensionServiceList - plural: extensionservices - shortNames: - - extensionservice - - extensionservices - singular: extensionservice - preserveUnknownFields: false - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ExtensionService is the schema for the Contour extension services API. An ExtensionService resource binds a network service to the Contour API so that Contour API features can be implemented by collaborating components. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ExtensionServiceSpec defines the desired state of an ExtensionService resource. - properties: - loadBalancerPolicy: - description: The policy for load balancing GRPC service requests. Note that the `Cookie` and `RequestHash` load balancing strategies cannot be used here. - properties: - requestHashPolicies: - description: RequestHashPolicies contains a list of hash policies to apply when the `RequestHash` load balancing strategy is chosen. If an element of the supplied list of hash policies is invalid, it will be ignored. If the list of hash policies is empty after validation, the load balancing strategy will fall back the the default `RoundRobin`. - items: - description: RequestHashPolicy contains configuration for an individual hash policy on a request attribute. - properties: - headerHashOptions: - description: HeaderHashOptions should be set when request header hash based load balancing is desired. It must be the only hash option field set, otherwise this request hash policy object will be ignored. - properties: - headerName: - description: HeaderName is the name of the HTTP request header that will be used to calculate the hash key. If the header specified is not present on a request, no hash will be produced. - minLength: 1 - type: string - type: object - terminal: - description: Terminal is a flag that allows for short-circuiting computing of a hash for a given request. If set to true, and the request attribute specified in the attribute hash options is present, no further hash policies will be used to calculate a hash for the request. - type: boolean - type: object - type: array - strategy: - description: Strategy specifies the policy used to balance requests across the pool of backend pods. Valid policy names are `Random`, `RoundRobin`, `WeightedLeastRequest`, `Cookie`, and `RequestHash`. If an unknown strategy name is specified or no policy is supplied, the default `RoundRobin` policy is used. - type: string - type: object - protocol: - description: Protocol may be used to specify (or override) the protocol used to reach this Service. Values may be tls, h2, h2c. If omitted, protocol-selection falls back on Service annotations. - enum: - - h2 - - h2c - type: string - protocolVersion: - description: This field sets the version of the GRPC protocol that Envoy uses to send requests to the extension service. Since Contour always uses the v3 Envoy API, this is currently fixed at "v3". However, other protocol options will be available in future. - enum: - - v3 - type: string - services: - description: Services specifies the set of Kubernetes Service resources that receive GRPC extension API requests. If no weights are specified for any of the entries in this array, traffic will be spread evenly across all the services. Otherwise, traffic is balanced proportionally to the Weight field in each entry. - items: - description: ExtensionServiceTarget defines an Kubernetes Service to target with extension service traffic. - properties: - name: - description: Name is the name of Kubernetes service that will accept service traffic. - type: string - port: - description: Port (defined as Integer) to proxy traffic to since a service can have multiple defined. - exclusiveMaximum: true - maximum: 65536 - minimum: 1 - type: integer - weight: - description: Weight defines proportion of traffic to balance to the Kubernetes Service. - format: int32 - type: integer - required: - - name - - port - type: object - minItems: 1 - type: array - timeoutPolicy: - description: The timeout policy for requests to the services. - properties: - idle: - description: Timeout after which, if there are no active requests for this route, the connection between Envoy and the backend or Envoy and the external client will be closed. If not specified, there is no per-route idle timeout, though a connection manager-wide stream_idle_timeout default of 5m still applies. - pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ - type: string - response: - description: Timeout for receiving a response from the server after processing a request from client. If not supplied, Envoy's default value of 15s applies. - pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ - type: string - type: object - validation: - description: UpstreamValidation defines how to verify the backend service's certificate - properties: - caSecret: - description: Name of the Kubernetes secret be used to validate the certificate presented by the backend - type: string - subjectName: - description: Key which is expected to be present in the 'subjectAltName' of the presented certificate - type: string - required: - - caSecret - - subjectName - type: object - required: - - services - type: object - status: - description: ExtensionServiceStatus defines the observed state of an ExtensionService resource. - properties: - conditions: - description: "Conditions contains the current status of the ExtensionService resource. \n Contour will update a single condition, `Valid`, that is in normal-true polarity. \n Contour will not modify any other Conditions set in this block, in case some other controller wants to add a Condition." - items: - description: "DetailedCondition is an extension of the normal Kubernetes conditions, with two extra fields to hold sub-conditions, which provide more detailed reasons for the state (True or False) of the condition. \n `errors` holds information about sub-conditions which are fatal to that condition and render its state False. \n `warnings` holds information about sub-conditions which are not fatal to that condition and do not force the state to be False. \n Remember that Conditions have a type, a status, and a reason. \n The type is the type of the condition, the most important one in this CRD set is `Valid`. `Valid` is a positive-polarity condition: when it is `status: true` there are no problems. \n In more detail, `status: true` means that the object is has been ingested into Contour with no errors. `warnings` may still be present, and will be indicated in the Reason field. There must be zero entries in the `errors` slice in this case. \n `Valid`, `status: false` means that the object has had one or more fatal errors during processing into Contour. The details of the errors will be present under the `errors` field. There must be at least one error in the `errors` slice if `status` is `false`. \n For DetailedConditions of types other than `Valid`, the Condition must be in the negative polarity. When they have `status` `true`, there is an error. There must be at least one entry in the `errors` Subcondition slice. When they have `status` `false`, there are no serious errors, and there must be zero entries in the `errors` slice. In either case, there may be entries in the `warnings` slice. \n Regardless of the polarity, the `reason` and `message` fields must be updated with either the detail of the reason (if there is one and only one entry in total across both the `errors` and `warnings` slices), or `MultipleReasons` if there is more than one entry." - properties: - errors: - description: "Errors contains a slice of relevant error subconditions for this object. \n Subconditions are expected to appear when relevant (when there is a error), and disappear when not relevant. An empty slice here indicates no errors." - items: - description: "SubCondition is a Condition-like type intended for use as a subcondition inside a DetailedCondition. \n It contains a subset of the Condition fields. \n It is intended for warnings and errors, so `type` names should use abnormal-true polarity, that is, they should be of the form \"ErrorPresent: true\". \n The expected lifecycle for these errors is that they should only be present when the error or warning is, and should be removed when they are not relevant." - properties: - message: - description: "Message is a human readable message indicating details about the transition. \n This may be an empty string." - maxLength: 32768 - type: string - reason: - description: "Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. \n The value should be a CamelCase string. \n This field may not be empty." - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: Status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`. \n This must be in abnormal-true polarity, that is, `ErrorFound` or `controller.io/ErrorFound`. \n The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - message - - reason - - status - - type - type: object - type: array - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - warnings: - description: "Warnings contains a slice of relevant warning subconditions for this object. \n Subconditions are expected to appear when relevant (when there is a warning), and disappear when not relevant. An empty slice here indicates no warnings." - items: - description: "SubCondition is a Condition-like type intended for use as a subcondition inside a DetailedCondition. \n It contains a subset of the Condition fields. \n It is intended for warnings and errors, so `type` names should use abnormal-true polarity, that is, they should be of the form \"ErrorPresent: true\". \n The expected lifecycle for these errors is that they should only be present when the error or warning is, and should be removed when they are not relevant." - properties: - message: - description: "Message is a human readable message indicating details about the transition. \n This may be an empty string." - maxLength: 32768 - type: string - reason: - description: "Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. \n The value should be a CamelCase string. \n This field may not be empty." - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: Status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`. \n This must be in abnormal-true polarity, that is, `ErrorFound` or `controller.io/ErrorFound`. \n The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - message - - reason - - status - - type - type: object - type: array - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: flyteworkflows.flyte.lyft.com -spec: - group: flyte.lyft.com - names: - kind: FlyteWorkflow - plural: flyteworkflows - shortNames: - - fly - singular: flyteworkflow - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null - name: httpproxies.projectcontour.io -spec: - group: projectcontour.io - names: - kind: HTTPProxy - listKind: HTTPProxyList - plural: httpproxies - shortNames: - - proxy - - proxies - singular: httpproxy - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Fully qualified domain name - jsonPath: .spec.virtualhost.fqdn - name: FQDN - type: string - - description: Secret with TLS credentials - jsonPath: .spec.virtualhost.tls.secretName - name: TLS Secret - type: string - - description: The current status of the HTTPProxy - jsonPath: .status.currentStatus - name: Status - type: string - - description: Description of the current status - jsonPath: .status.description - name: Status Description - type: string - name: v1 - schema: - openAPIV3Schema: - description: HTTPProxy is an Ingress CRD specification. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HTTPProxySpec defines the spec of the CRD. - properties: - includes: - description: Includes allow for specific routing configuration to be included from another HTTPProxy, possibly in another namespace. - items: - description: Include describes a set of policies that can be applied to an HTTPProxy in a namespace. - properties: - conditions: - description: 'Conditions are a set of rules that are applied to included HTTPProxies. In effect, they are added onto the Conditions of included HTTPProxy Route structs. When applied, they are merged using AND, with one exception: There can be only one Prefix MatchCondition per Conditions slice. More than one Prefix, or contradictory Conditions, will make the include invalid.' - items: - description: MatchCondition are a general holder for matching rules for HTTPProxies. One of Prefix or Header must be provided. - properties: - header: - description: Header specifies the header condition to match. - properties: - contains: - description: Contains specifies a substring that must be present in the header value. - type: string - exact: - description: Exact specifies a string that the header value must be equal to. - type: string - name: - description: Name is the name of the header to match against. Name is required. Header names are case insensitive. - type: string - notcontains: - description: NotContains specifies a substring that must not be present in the header value. - type: string - notexact: - description: NoExact specifies a string that the header value must not be equal to. The condition is true if the header has any other value. - type: string - present: - description: Present specifies that condition is true when the named header is present, regardless of its value. Note that setting Present to false does not make the condition true if the named header is absent. - type: boolean - required: - - name - type: object - prefix: - description: Prefix defines a prefix match for a request. - type: string - type: object - type: array - name: - description: Name of the HTTPProxy - type: string - namespace: - description: Namespace of the HTTPProxy to include. Defaults to the current namespace if not supplied. - type: string - required: - - name - type: object - type: array - routes: - description: Routes are the ingress routes. If TCPProxy is present, Routes is ignored. - items: - description: Route contains the set of routes for a virtual host. - properties: - authPolicy: - description: AuthPolicy updates the authorization policy that was set on the root HTTPProxy object for client requests that match this route. - properties: - context: - additionalProperties: - type: string - description: Context is a set of key/value pairs that are sent to the authentication server in the check request. If a context is provided at an enclosing scope, the entries are merged such that the inner scope overrides matching keys from the outer scope. - type: object - disabled: - description: When true, this field disables client request authentication for the scope of the policy. - type: boolean - type: object - conditions: - description: 'Conditions are a set of rules that are applied to a Route. When applied, they are merged using AND, with one exception: There can be only one Prefix MatchCondition per Conditions slice. More than one Prefix, or contradictory Conditions, will make the route invalid.' - items: - description: MatchCondition are a general holder for matching rules for HTTPProxies. One of Prefix or Header must be provided. - properties: - header: - description: Header specifies the header condition to match. - properties: - contains: - description: Contains specifies a substring that must be present in the header value. - type: string - exact: - description: Exact specifies a string that the header value must be equal to. - type: string - name: - description: Name is the name of the header to match against. Name is required. Header names are case insensitive. - type: string - notcontains: - description: NotContains specifies a substring that must not be present in the header value. - type: string - notexact: - description: NoExact specifies a string that the header value must not be equal to. The condition is true if the header has any other value. - type: string - present: - description: Present specifies that condition is true when the named header is present, regardless of its value. Note that setting Present to false does not make the condition true if the named header is absent. - type: boolean - required: - - name - type: object - prefix: - description: Prefix defines a prefix match for a request. - type: string - type: object - type: array - enableWebsockets: - description: Enables websocket support for the route. - type: boolean - healthCheckPolicy: - description: The health check policy for this route. - properties: - healthyThresholdCount: - description: The number of healthy health checks required before a host is marked healthy - format: int64 - minimum: 0 - type: integer - host: - description: The value of the host header in the HTTP health check request. If left empty (default value), the name "contour-envoy-healthcheck" will be used. - type: string - intervalSeconds: - description: The interval (seconds) between health checks - format: int64 - type: integer - path: - description: HTTP endpoint used to perform health checks on upstream service - type: string - timeoutSeconds: - description: The time to wait (seconds) for a health check response - format: int64 - type: integer - unhealthyThresholdCount: - description: The number of unhealthy health checks required before a host is marked unhealthy - format: int64 - minimum: 0 - type: integer - required: - - path - type: object - loadBalancerPolicy: - description: The load balancing policy for this route. - properties: - requestHashPolicies: - description: RequestHashPolicies contains a list of hash policies to apply when the `RequestHash` load balancing strategy is chosen. If an element of the supplied list of hash policies is invalid, it will be ignored. If the list of hash policies is empty after validation, the load balancing strategy will fall back the the default `RoundRobin`. - items: - description: RequestHashPolicy contains configuration for an individual hash policy on a request attribute. - properties: - headerHashOptions: - description: HeaderHashOptions should be set when request header hash based load balancing is desired. It must be the only hash option field set, otherwise this request hash policy object will be ignored. - properties: - headerName: - description: HeaderName is the name of the HTTP request header that will be used to calculate the hash key. If the header specified is not present on a request, no hash will be produced. - minLength: 1 - type: string - type: object - terminal: - description: Terminal is a flag that allows for short-circuiting computing of a hash for a given request. If set to true, and the request attribute specified in the attribute hash options is present, no further hash policies will be used to calculate a hash for the request. - type: boolean - type: object - type: array - strategy: - description: Strategy specifies the policy used to balance requests across the pool of backend pods. Valid policy names are `Random`, `RoundRobin`, `WeightedLeastRequest`, `Cookie`, and `RequestHash`. If an unknown strategy name is specified or no policy is supplied, the default `RoundRobin` policy is used. - type: string - type: object - pathRewritePolicy: - description: The policy for rewriting the path of the request URL after the request has been routed to a Service. - properties: - replacePrefix: - description: ReplacePrefix describes how the path prefix should be replaced. - items: - description: ReplacePrefix describes a path prefix replacement. - properties: - prefix: - description: "Prefix specifies the URL path prefix to be replaced. \n If Prefix is specified, it must exactly match the MatchCondition prefix that is rendered by the chain of including HTTPProxies and only that path prefix will be replaced by Replacement. This allows HTTPProxies that are included through multiple roots to only replace specific path prefixes, leaving others unmodified. \n If Prefix is not specified, all routing prefixes rendered by the include chain will be replaced." - minLength: 1 - type: string - replacement: - description: Replacement is the string that the routing path prefix will be replaced with. This must not be empty. - minLength: 1 - type: string - required: - - replacement - type: object - type: array - type: object - permitInsecure: - description: Allow this path to respond to insecure requests over HTTP which are normally not permitted when a `virtualhost.tls` block is present. - type: boolean - rateLimitPolicy: - description: The policy for rate limiting on the route. - properties: - global: - description: Global defines global rate limiting parameters, i.e. parameters defining descriptors that are sent to an external rate limit service (RLS) for a rate limit decision on each request. - properties: - descriptors: - description: Descriptors defines the list of descriptors that will be generated and sent to the rate limit service. Each descriptor contains 1+ key-value pair entries. - items: - description: RateLimitDescriptor defines a list of key-value pair generators. - properties: - entries: - description: Entries is the list of key-value pair generators. - items: - description: RateLimitDescriptorEntry is a key-value pair generator. Exactly one field on this struct must be non-nil. - properties: - genericKey: - description: GenericKey defines a descriptor entry with a static key and value. - properties: - key: - description: Key defines the key of the descriptor entry. If not set, the key is set to "generic_key". - type: string - value: - description: Value defines the value of the descriptor entry. - minLength: 1 - type: string - type: object - remoteAddress: - description: RemoteAddress defines a descriptor entry with a key of "remote_address" and a value equal to the client's IP address (from x-forwarded-for). - type: object - requestHeader: - description: RequestHeader defines a descriptor entry that's populated only if a given header is present on the request. The descriptor key is static, and the descriptor value is equal to the value of the header. - properties: - descriptorKey: - description: DescriptorKey defines the key to use on the descriptor entry. - minLength: 1 - type: string - headerName: - description: HeaderName defines the name of the header to look for on the request. - minLength: 1 - type: string - type: object - type: object - minItems: 1 - type: array - type: object - minItems: 1 - type: array - type: object - local: - description: Local defines local rate limiting parameters, i.e. parameters for rate limiting that occurs within each Envoy pod as requests are handled. - properties: - burst: - description: Burst defines the number of requests above the requests per unit that should be allowed within a short period of time. - format: int32 - type: integer - requests: - description: Requests defines how many requests per unit of time should be allowed before rate limiting occurs. - format: int32 - minimum: 1 - type: integer - responseHeadersToAdd: - description: ResponseHeadersToAdd is an optional list of response headers to set when a request is rate-limited. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - responseStatusCode: - description: ResponseStatusCode is the HTTP status code to use for responses to rate-limited requests. Codes must be in the 400-599 range (inclusive). If not specified, the Envoy default of 429 (Too Many Requests) is used. - format: int32 - maximum: 599 - minimum: 400 - type: integer - unit: - description: Unit defines the period of time within which requests over the limit will be rate limited. Valid values are "second", "minute" and "hour". - enum: - - second - - minute - - hour - type: string - required: - - requests - - unit - type: object - type: object - requestHeadersPolicy: - description: The policy for managing request headers during proxying. - properties: - remove: - description: Remove specifies a list of HTTP header names to remove. - items: - type: string - type: array - set: - description: Set specifies a list of HTTP header values that will be set in the HTTP header. If the header does not exist it will be added, otherwise it will be overwritten with the new value. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - type: object - responseHeadersPolicy: - description: The policy for managing response headers during proxying. Rewriting the 'Host' header is not supported. - properties: - remove: - description: Remove specifies a list of HTTP header names to remove. - items: - type: string - type: array - set: - description: Set specifies a list of HTTP header values that will be set in the HTTP header. If the header does not exist it will be added, otherwise it will be overwritten with the new value. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - type: object - retryPolicy: - description: The retry policy for this route. - properties: - count: - description: NumRetries is maximum allowed number of retries. If not supplied, the number of retries is one. - format: int64 - minimum: 0 - type: integer - perTryTimeout: - description: PerTryTimeout specifies the timeout per retry attempt. Ignored if NumRetries is not supplied. - pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ - type: string - retriableStatusCodes: - description: "RetriableStatusCodes specifies the HTTP status codes that should be retried. \n This field is only respected when you include `retriable-status-codes` in the `RetryOn` field." - items: - format: int32 - type: integer - type: array - retryOn: - description: "RetryOn specifies the conditions on which to retry a request. \n Supported [HTTP conditions](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on): \n - `5xx` - `gateway-error` - `reset` - `connect-failure` - `retriable-4xx` - `refused-stream` - `retriable-status-codes` - `retriable-headers` \n Supported [gRPC conditions](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on): \n - `cancelled` - `deadline-exceeded` - `internal` - `resource-exhausted` - `unavailable`" - items: - description: RetryOn is a string type alias with validation to ensure that the value is valid. - enum: - - 5xx - - gateway-error - - reset - - connect-failure - - retriable-4xx - - refused-stream - - retriable-status-codes - - retriable-headers - - cancelled - - deadline-exceeded - - internal - - resource-exhausted - - unavailable - type: string - type: array - type: object - services: - description: Services are the services to proxy traffic. - items: - description: Service defines an Kubernetes Service to proxy traffic. - properties: - mirror: - description: If Mirror is true the Service will receive a read only mirror of the traffic for this route. - type: boolean - name: - description: Name is the name of Kubernetes service to proxy traffic. Names defined here will be used to look up corresponding endpoints which contain the ips to route. - type: string - port: - description: Port (defined as Integer) to proxy traffic to since a service can have multiple defined. - exclusiveMaximum: true - maximum: 65536 - minimum: 1 - type: integer - protocol: - description: Protocol may be used to specify (or override) the protocol used to reach this Service. Values may be tls, h2, h2c. If omitted, protocol-selection falls back on Service annotations. - enum: - - h2 - - h2c - - tls - type: string - requestHeadersPolicy: - description: The policy for managing request headers during proxying. Rewriting the 'Host' header is not supported. - properties: - remove: - description: Remove specifies a list of HTTP header names to remove. - items: - type: string - type: array - set: - description: Set specifies a list of HTTP header values that will be set in the HTTP header. If the header does not exist it will be added, otherwise it will be overwritten with the new value. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - type: object - responseHeadersPolicy: - description: The policy for managing response headers during proxying. Rewriting the 'Host' header is not supported. - properties: - remove: - description: Remove specifies a list of HTTP header names to remove. - items: - type: string - type: array - set: - description: Set specifies a list of HTTP header values that will be set in the HTTP header. If the header does not exist it will be added, otherwise it will be overwritten with the new value. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - type: object - validation: - description: UpstreamValidation defines how to verify the backend service's certificate - properties: - caSecret: - description: Name of the Kubernetes secret be used to validate the certificate presented by the backend - type: string - subjectName: - description: Key which is expected to be present in the 'subjectAltName' of the presented certificate - type: string - required: - - caSecret - - subjectName - type: object - weight: - description: Weight defines percentage of traffic to balance traffic - format: int64 - minimum: 0 - type: integer - required: - - name - - port - type: object - minItems: 1 - type: array - timeoutPolicy: - description: The timeout policy for this route. - properties: - idle: - description: Timeout after which, if there are no active requests for this route, the connection between Envoy and the backend or Envoy and the external client will be closed. If not specified, there is no per-route idle timeout, though a connection manager-wide stream_idle_timeout default of 5m still applies. - pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ - type: string - response: - description: Timeout for receiving a response from the server after processing a request from client. If not supplied, Envoy's default value of 15s applies. - pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ - type: string - type: object - required: - - services - type: object - type: array - tcpproxy: - description: TCPProxy holds TCP proxy information. - properties: - healthCheckPolicy: - description: The health check policy for this tcp proxy - properties: - healthyThresholdCount: - description: The number of healthy health checks required before a host is marked healthy - format: int32 - type: integer - intervalSeconds: - description: The interval (seconds) between health checks - format: int64 - type: integer - timeoutSeconds: - description: The time to wait (seconds) for a health check response - format: int64 - type: integer - unhealthyThresholdCount: - description: The number of unhealthy health checks required before a host is marked unhealthy - format: int32 - type: integer - type: object - include: - description: Include specifies that this tcpproxy should be delegated to another HTTPProxy. - properties: - name: - description: Name of the child HTTPProxy - type: string - namespace: - description: Namespace of the HTTPProxy to include. Defaults to the current namespace if not supplied. - type: string - required: - - name - type: object - includes: - description: "IncludesDeprecated allow for specific routing configuration to be appended to another HTTPProxy in another namespace. \n Exists due to a mistake when developing HTTPProxy and the field was marked plural when it should have been singular. This field should stay to not break backwards compatibility to v1 users." - properties: - name: - description: Name of the child HTTPProxy - type: string - namespace: - description: Namespace of the HTTPProxy to include. Defaults to the current namespace if not supplied. - type: string - required: - - name - type: object - loadBalancerPolicy: - description: The load balancing policy for the backend services. Note that the `Cookie` and `RequestHash` load balancing strategies cannot be used here. - properties: - requestHashPolicies: - description: RequestHashPolicies contains a list of hash policies to apply when the `RequestHash` load balancing strategy is chosen. If an element of the supplied list of hash policies is invalid, it will be ignored. If the list of hash policies is empty after validation, the load balancing strategy will fall back the the default `RoundRobin`. - items: - description: RequestHashPolicy contains configuration for an individual hash policy on a request attribute. - properties: - headerHashOptions: - description: HeaderHashOptions should be set when request header hash based load balancing is desired. It must be the only hash option field set, otherwise this request hash policy object will be ignored. - properties: - headerName: - description: HeaderName is the name of the HTTP request header that will be used to calculate the hash key. If the header specified is not present on a request, no hash will be produced. - minLength: 1 - type: string - type: object - terminal: - description: Terminal is a flag that allows for short-circuiting computing of a hash for a given request. If set to true, and the request attribute specified in the attribute hash options is present, no further hash policies will be used to calculate a hash for the request. - type: boolean - type: object - type: array - strategy: - description: Strategy specifies the policy used to balance requests across the pool of backend pods. Valid policy names are `Random`, `RoundRobin`, `WeightedLeastRequest`, `Cookie`, and `RequestHash`. If an unknown strategy name is specified or no policy is supplied, the default `RoundRobin` policy is used. - type: string - type: object - services: - description: Services are the services to proxy traffic - items: - description: Service defines an Kubernetes Service to proxy traffic. - properties: - mirror: - description: If Mirror is true the Service will receive a read only mirror of the traffic for this route. - type: boolean - name: - description: Name is the name of Kubernetes service to proxy traffic. Names defined here will be used to look up corresponding endpoints which contain the ips to route. - type: string - port: - description: Port (defined as Integer) to proxy traffic to since a service can have multiple defined. - exclusiveMaximum: true - maximum: 65536 - minimum: 1 - type: integer - protocol: - description: Protocol may be used to specify (or override) the protocol used to reach this Service. Values may be tls, h2, h2c. If omitted, protocol-selection falls back on Service annotations. - enum: - - h2 - - h2c - - tls - type: string - requestHeadersPolicy: - description: The policy for managing request headers during proxying. Rewriting the 'Host' header is not supported. - properties: - remove: - description: Remove specifies a list of HTTP header names to remove. - items: - type: string - type: array - set: - description: Set specifies a list of HTTP header values that will be set in the HTTP header. If the header does not exist it will be added, otherwise it will be overwritten with the new value. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - type: object - responseHeadersPolicy: - description: The policy for managing response headers during proxying. Rewriting the 'Host' header is not supported. - properties: - remove: - description: Remove specifies a list of HTTP header names to remove. - items: - type: string - type: array - set: - description: Set specifies a list of HTTP header values that will be set in the HTTP header. If the header does not exist it will be added, otherwise it will be overwritten with the new value. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - type: object - validation: - description: UpstreamValidation defines how to verify the backend service's certificate - properties: - caSecret: - description: Name of the Kubernetes secret be used to validate the certificate presented by the backend - type: string - subjectName: - description: Key which is expected to be present in the 'subjectAltName' of the presented certificate - type: string - required: - - caSecret - - subjectName - type: object - weight: - description: Weight defines percentage of traffic to balance traffic - format: int64 - minimum: 0 - type: integer - required: - - name - - port - type: object - type: array - type: object - virtualhost: - description: Virtualhost appears at most once. If it is present, the object is considered to be a "root" HTTPProxy. - properties: - authorization: - description: This field configures an extension service to perform authorization for this virtual host. Authorization can only be configured on virtual hosts that have TLS enabled. If the TLS configuration requires client certificate /validation, the client certificate is always included in the authentication check request. - properties: - authPolicy: - description: AuthPolicy sets a default authorization policy for client requests. This policy will be used unless overridden by individual routes. - properties: - context: - additionalProperties: - type: string - description: Context is a set of key/value pairs that are sent to the authentication server in the check request. If a context is provided at an enclosing scope, the entries are merged such that the inner scope overrides matching keys from the outer scope. - type: object - disabled: - description: When true, this field disables client request authentication for the scope of the policy. - type: boolean - type: object - extensionRef: - description: ExtensionServiceRef specifies the extension resource that will authorize client requests. - properties: - apiVersion: - description: API version of the referent. If this field is not specified, the default "projectcontour.io/v1alpha1" will be used - minLength: 1 - type: string - name: - description: "Name of the referent. \n More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - minLength: 1 - type: string - namespace: - description: "Namespace of the referent. If this field is not specifies, the namespace of the resource that targets the referent will be used. \n More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" - minLength: 1 - type: string - type: object - failOpen: - description: If FailOpen is true, the client request is forwarded to the upstream service even if the authorization server fails to respond. This field should not be set in most cases. It is intended for use only while migrating applications from internal authorization to Contour external authorization. - type: boolean - responseTimeout: - description: ResponseTimeout configures maximum time to wait for a check response from the authorization server. Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". The string "infinity" is also a valid input and specifies no timeout. - pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ - type: string - required: - - extensionRef - type: object - corsPolicy: - description: Specifies the cross-origin policy to apply to the VirtualHost. - properties: - allowCredentials: - description: Specifies whether the resource allows credentials. - type: boolean - allowHeaders: - description: AllowHeaders specifies the content for the *access-control-allow-headers* header. - items: - description: CORSHeaderValue specifies the value of the string headers returned by a cross-domain request. - pattern: ^[a-zA-Z0-9!#$%&'*+.^_`|~-]+$ - type: string - type: array - allowMethods: - description: AllowMethods specifies the content for the *access-control-allow-methods* header. - items: - description: CORSHeaderValue specifies the value of the string headers returned by a cross-domain request. - pattern: ^[a-zA-Z0-9!#$%&'*+.^_`|~-]+$ - type: string - type: array - allowOrigin: - description: AllowOrigin specifies the origins that will be allowed to do CORS requests. "*" means allow any origin. - items: - type: string - type: array - exposeHeaders: - description: ExposeHeaders Specifies the content for the *access-control-expose-headers* header. - items: - description: CORSHeaderValue specifies the value of the string headers returned by a cross-domain request. - pattern: ^[a-zA-Z0-9!#$%&'*+.^_`|~-]+$ - type: string - type: array - maxAge: - description: MaxAge indicates for how long the results of a preflight request can be cached. MaxAge durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". Only positive values are allowed while 0 disables the cache requiring a preflight OPTIONS check for all cross-origin requests. - type: string - required: - - allowMethods - - allowOrigin - type: object - fqdn: - description: The fully qualified domain name of the root of the ingress tree all leaves of the DAG rooted at this object relate to the fqdn. - type: string - rateLimitPolicy: - description: The policy for rate limiting on the virtual host. - properties: - global: - description: Global defines global rate limiting parameters, i.e. parameters defining descriptors that are sent to an external rate limit service (RLS) for a rate limit decision on each request. - properties: - descriptors: - description: Descriptors defines the list of descriptors that will be generated and sent to the rate limit service. Each descriptor contains 1+ key-value pair entries. - items: - description: RateLimitDescriptor defines a list of key-value pair generators. - properties: - entries: - description: Entries is the list of key-value pair generators. - items: - description: RateLimitDescriptorEntry is a key-value pair generator. Exactly one field on this struct must be non-nil. - properties: - genericKey: - description: GenericKey defines a descriptor entry with a static key and value. - properties: - key: - description: Key defines the key of the descriptor entry. If not set, the key is set to "generic_key". - type: string - value: - description: Value defines the value of the descriptor entry. - minLength: 1 - type: string - type: object - remoteAddress: - description: RemoteAddress defines a descriptor entry with a key of "remote_address" and a value equal to the client's IP address (from x-forwarded-for). - type: object - requestHeader: - description: RequestHeader defines a descriptor entry that's populated only if a given header is present on the request. The descriptor key is static, and the descriptor value is equal to the value of the header. - properties: - descriptorKey: - description: DescriptorKey defines the key to use on the descriptor entry. - minLength: 1 - type: string - headerName: - description: HeaderName defines the name of the header to look for on the request. - minLength: 1 - type: string - type: object - type: object - minItems: 1 - type: array - type: object - minItems: 1 - type: array - type: object - local: - description: Local defines local rate limiting parameters, i.e. parameters for rate limiting that occurs within each Envoy pod as requests are handled. - properties: - burst: - description: Burst defines the number of requests above the requests per unit that should be allowed within a short period of time. - format: int32 - type: integer - requests: - description: Requests defines how many requests per unit of time should be allowed before rate limiting occurs. - format: int32 - minimum: 1 - type: integer - responseHeadersToAdd: - description: ResponseHeadersToAdd is an optional list of response headers to set when a request is rate-limited. - items: - description: HeaderValue represents a header name/value pair - properties: - name: - description: Name represents a key of a header - minLength: 1 - type: string - value: - description: Value represents the value of a header specified by a key - minLength: 1 - type: string - required: - - name - - value - type: object - type: array - responseStatusCode: - description: ResponseStatusCode is the HTTP status code to use for responses to rate-limited requests. Codes must be in the 400-599 range (inclusive). If not specified, the Envoy default of 429 (Too Many Requests) is used. - format: int32 - maximum: 599 - minimum: 400 - type: integer - unit: - description: Unit defines the period of time within which requests over the limit will be rate limited. Valid values are "second", "minute" and "hour". - enum: - - second - - minute - - hour - type: string - required: - - requests - - unit - type: object - type: object - tls: - description: If present the fields describes TLS properties of the virtual host. The SNI names that will be matched on are described in fqdn, the tls.secretName secret must contain a certificate that itself contains a name that matches the FQDN. - properties: - clientValidation: - description: "ClientValidation defines how to verify the client certificate when an external client establishes a TLS connection to Envoy. \n This setting: \n 1. Enables TLS client certificate validation. 2. Requires clients to present a TLS certificate (i.e. not optional validation). 3. Specifies how the client certificate will be validated." - properties: - caSecret: - description: Name of a Kubernetes secret that contains a CA certificate bundle. The client certificate must validate against the certificates in the bundle. - minLength: 1 - type: string - required: - - caSecret - type: object - enableFallbackCertificate: - description: EnableFallbackCertificate defines if the vhost should allow a default certificate to be applied which handles all requests which don't match the SNI defined in this vhost. - type: boolean - minimumProtocolVersion: - description: MinimumProtocolVersion is the minimum TLS version this vhost should negotiate. Valid options are `1.2` (default) and `1.3`. Any other value defaults to TLS 1.2. - type: string - passthrough: - description: Passthrough defines whether the encrypted TLS handshake will be passed through to the backing cluster. Either Passthrough or SecretName must be specified, but not both. - type: boolean - secretName: - description: SecretName is the name of a TLS secret in the current namespace. Either SecretName or Passthrough must be specified, but not both. If specified, the named secret must contain a matching certificate for the virtual host's FQDN. - type: string - type: object - required: - - fqdn - type: object - type: object - status: - description: Status is a container for computed information about the HTTPProxy. - properties: - conditions: - description: "Conditions contains information about the current status of the HTTPProxy, in an upstream-friendly container. \n Contour will update a single condition, `Valid`, that is in normal-true polarity. That is, when `currentStatus` is `valid`, the `Valid` condition will be `status: true`, and vice versa. \n Contour will leave untouched any other Conditions set in this block, in case some other controller wants to add a Condition. \n If you are another controller owner and wish to add a condition, you *should* namespace your condition with a label, like `controller.domain.com/ConditionName`." - items: - description: "DetailedCondition is an extension of the normal Kubernetes conditions, with two extra fields to hold sub-conditions, which provide more detailed reasons for the state (True or False) of the condition. \n `errors` holds information about sub-conditions which are fatal to that condition and render its state False. \n `warnings` holds information about sub-conditions which are not fatal to that condition and do not force the state to be False. \n Remember that Conditions have a type, a status, and a reason. \n The type is the type of the condition, the most important one in this CRD set is `Valid`. `Valid` is a positive-polarity condition: when it is `status: true` there are no problems. \n In more detail, `status: true` means that the object is has been ingested into Contour with no errors. `warnings` may still be present, and will be indicated in the Reason field. There must be zero entries in the `errors` slice in this case. \n `Valid`, `status: false` means that the object has had one or more fatal errors during processing into Contour. The details of the errors will be present under the `errors` field. There must be at least one error in the `errors` slice if `status` is `false`. \n For DetailedConditions of types other than `Valid`, the Condition must be in the negative polarity. When they have `status` `true`, there is an error. There must be at least one entry in the `errors` Subcondition slice. When they have `status` `false`, there are no serious errors, and there must be zero entries in the `errors` slice. In either case, there may be entries in the `warnings` slice. \n Regardless of the polarity, the `reason` and `message` fields must be updated with either the detail of the reason (if there is one and only one entry in total across both the `errors` and `warnings` slices), or `MultipleReasons` if there is more than one entry." - properties: - errors: - description: "Errors contains a slice of relevant error subconditions for this object. \n Subconditions are expected to appear when relevant (when there is a error), and disappear when not relevant. An empty slice here indicates no errors." - items: - description: "SubCondition is a Condition-like type intended for use as a subcondition inside a DetailedCondition. \n It contains a subset of the Condition fields. \n It is intended for warnings and errors, so `type` names should use abnormal-true polarity, that is, they should be of the form \"ErrorPresent: true\". \n The expected lifecycle for these errors is that they should only be present when the error or warning is, and should be removed when they are not relevant." - properties: - message: - description: "Message is a human readable message indicating details about the transition. \n This may be an empty string." - maxLength: 32768 - type: string - reason: - description: "Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. \n The value should be a CamelCase string. \n This field may not be empty." - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: Status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`. \n This must be in abnormal-true polarity, that is, `ErrorFound` or `controller.io/ErrorFound`. \n The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - message - - reason - - status - - type - type: object - type: array - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - warnings: - description: "Warnings contains a slice of relevant warning subconditions for this object. \n Subconditions are expected to appear when relevant (when there is a warning), and disappear when not relevant. An empty slice here indicates no warnings." - items: - description: "SubCondition is a Condition-like type intended for use as a subcondition inside a DetailedCondition. \n It contains a subset of the Condition fields. \n It is intended for warnings and errors, so `type` names should use abnormal-true polarity, that is, they should be of the form \"ErrorPresent: true\". \n The expected lifecycle for these errors is that they should only be present when the error or warning is, and should be removed when they are not relevant." - properties: - message: - description: "Message is a human readable message indicating details about the transition. \n This may be an empty string." - maxLength: 32768 - type: string - reason: - description: "Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. \n The value should be a CamelCase string. \n This field may not be empty." - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: Status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`. \n This must be in abnormal-true polarity, that is, `ErrorFound` or `controller.io/ErrorFound`. \n The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - message - - reason - - status - - type - type: object - type: array - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentStatus: - type: string - description: - type: string - loadBalancer: - description: LoadBalancer contains the current status of the load balancer. - properties: - ingress: - description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points. - items: - description: 'LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - properties: - hostname: - description: Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers) - type: string - ip: - description: IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers) - type: string - ports: - description: Ports is a list of records of service ports If used, every port defined in the service should have an entry in it - items: - properties: - error: - description: 'Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)' - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - port: - description: Port is the port number of the service port of which status is recorded here - format: int32 - type: integer - protocol: - default: TCP - description: 'Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP"' - type: string - required: - - port - - protocol - type: object - type: array - x-kubernetes-list-type: atomic - type: object - type: array - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null - name: tlscertificatedelegations.projectcontour.io -spec: - group: projectcontour.io - names: - kind: TLSCertificateDelegation - listKind: TLSCertificateDelegationList - plural: tlscertificatedelegations - shortNames: - - tlscerts - singular: tlscertificatedelegation - preserveUnknownFields: false - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: TLSCertificateDelegation is an TLS Certificate Delegation CRD specification. See design/tls-certificate-delegation.md for details. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TLSCertificateDelegationSpec defines the spec of the CRD - properties: - delegations: - items: - description: CertificateDelegation maps the authority to reference a secret in the current namespace to a set of namespaces. - properties: - secretName: - description: required, the name of a secret in the current namespace. - type: string - targetNamespaces: - description: required, the namespaces the authority to reference the the secret will be delegated to. If TargetNamespaces is nil or empty, the CertificateDelegation' is ignored. If the TargetNamespace list contains the character, "*" the secret will be delegated to all namespaces. - items: - type: string - type: array - required: - - secretName - - targetNamespaces - type: object - type: array - required: - - delegations - type: object - status: - description: TLSCertificateDelegationStatus allows for the status of the delegation to be presented to the user. - properties: - conditions: - description: "Conditions contains information about the current status of the HTTPProxy, in an upstream-friendly container. \n Contour will update a single condition, `Valid`, that is in normal-true polarity. That is, when `currentStatus` is `valid`, the `Valid` condition will be `status: true`, and vice versa. \n Contour will leave untouched any other Conditions set in this block, in case some other controller wants to add a Condition. \n If you are another controller owner and wish to add a condition, you *should* namespace your condition with a label, like `controller.domain.com\\ConditionName`." - items: - description: "DetailedCondition is an extension of the normal Kubernetes conditions, with two extra fields to hold sub-conditions, which provide more detailed reasons for the state (True or False) of the condition. \n `errors` holds information about sub-conditions which are fatal to that condition and render its state False. \n `warnings` holds information about sub-conditions which are not fatal to that condition and do not force the state to be False. \n Remember that Conditions have a type, a status, and a reason. \n The type is the type of the condition, the most important one in this CRD set is `Valid`. `Valid` is a positive-polarity condition: when it is `status: true` there are no problems. \n In more detail, `status: true` means that the object is has been ingested into Contour with no errors. `warnings` may still be present, and will be indicated in the Reason field. There must be zero entries in the `errors` slice in this case. \n `Valid`, `status: false` means that the object has had one or more fatal errors during processing into Contour. The details of the errors will be present under the `errors` field. There must be at least one error in the `errors` slice if `status` is `false`. \n For DetailedConditions of types other than `Valid`, the Condition must be in the negative polarity. When they have `status` `true`, there is an error. There must be at least one entry in the `errors` Subcondition slice. When they have `status` `false`, there are no serious errors, and there must be zero entries in the `errors` slice. In either case, there may be entries in the `warnings` slice. \n Regardless of the polarity, the `reason` and `message` fields must be updated with either the detail of the reason (if there is one and only one entry in total across both the `errors` and `warnings` slices), or `MultipleReasons` if there is more than one entry." - properties: - errors: - description: "Errors contains a slice of relevant error subconditions for this object. \n Subconditions are expected to appear when relevant (when there is a error), and disappear when not relevant. An empty slice here indicates no errors." - items: - description: "SubCondition is a Condition-like type intended for use as a subcondition inside a DetailedCondition. \n It contains a subset of the Condition fields. \n It is intended for warnings and errors, so `type` names should use abnormal-true polarity, that is, they should be of the form \"ErrorPresent: true\". \n The expected lifecycle for these errors is that they should only be present when the error or warning is, and should be removed when they are not relevant." - properties: - message: - description: "Message is a human readable message indicating details about the transition. \n This may be an empty string." - maxLength: 32768 - type: string - reason: - description: "Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. \n The value should be a CamelCase string. \n This field may not be empty." - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: Status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`. \n This must be in abnormal-true polarity, that is, `ErrorFound` or `controller.io/ErrorFound`. \n The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - message - - reason - - status - - type - type: object - type: array - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - warnings: - description: "Warnings contains a slice of relevant warning subconditions for this object. \n Subconditions are expected to appear when relevant (when there is a warning), and disappear when not relevant. An empty slice here indicates no warnings." - items: - description: "SubCondition is a Condition-like type intended for use as a subcondition inside a DetailedCondition. \n It contains a subset of the Condition fields. \n It is intended for warnings and errors, so `type` names should use abnormal-true polarity, that is, they should be of the form \"ErrorPresent: true\". \n The expected lifecycle for these errors is that they should only be present when the error or warning is, and should be removed when they are not relevant." - properties: - message: - description: "Message is a human readable message indicating details about the transition. \n This may be an empty string." - maxLength: 32768 - type: string - reason: - description: "Reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. \n The value should be a CamelCase string. \n This field may not be empty." - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: Status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: "Type of condition in `CamelCase` or in `foo.example.com/CamelCase`. \n This must be in abnormal-true polarity, that is, `ErrorFound` or `controller.io/ErrorFound`. \n The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)" - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - message - - reason - - status - - type - type: object - type: array - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyte-pod-webhook - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard - namespace: kubernetes-dashboard ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: contour - namespace: projectcontour ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: contour-certgen - namespace: projectcontour ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: envoy - namespace: projectcontour ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard - namespace: kubernetes-dashboard -rules: -- apiGroups: - - "" - resourceNames: - - kubernetes-dashboard-key-holder - - kubernetes-dashboard-certs - - kubernetes-dashboard-csrf - resources: - - secrets - verbs: - - get - - update - - delete -- apiGroups: - - "" - resourceNames: - - kubernetes-dashboard-settings - resources: - - configmaps - verbs: - - get - - update -- apiGroups: - - "" - resourceNames: - - heapster - - dashboard-metrics-scraper - resources: - - services - verbs: - - proxy -- apiGroups: - - "" - resourceNames: - - heapster - - 'http:heapster:' - - 'https:heapster:' - - dashboard-metrics-scraper - - http:dashboard-metrics-scraper - resources: - - services/proxy - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: contour-certgen - namespace: projectcontour -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyte-pod-webhook - namespace: flyte -rules: -- apiGroups: - - '*' - resources: - - mutatingwebhookconfigurations - - secrets - - pods - - replicasets/finalizers - verbs: - - get - - create - - update - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flyteadmin - namespace: flyte -rules: -- apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: contour -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - get - - update -- apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - list -- apiGroups: - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - - ingresses/status - verbs: - - create - - get - - update -- apiGroups: - - networking.x-k8s.io - resources: - - backendpolicies - - gateways - - httproutes - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - projectcontour.io - resources: - - extensionservices - verbs: - - get - - list - - watch -- apiGroups: - - projectcontour.io - resources: - - extensionservices/status - verbs: - - create - - get - - update -- apiGroups: - - projectcontour.io - resources: - - httpproxies - - tlscertificatedelegations - verbs: - - get - - list - - watch -- apiGroups: - - projectcontour.io - resources: - - httpproxies/status - verbs: - - create - - get - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: flytepropeller -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -- apiGroups: - - '*' - resources: - - '*' - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -- apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - - flyteworkflows/finalizers - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard -rules: -- apiGroups: - - metrics.k8s.io - resources: - - pods - - nodes - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard - namespace: kubernetes-dashboard -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubernetes-dashboard -subjects: -- kind: ServiceAccount - name: kubernetes-dashboard - namespace: kubernetes-dashboard ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: contour - namespace: projectcontour -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: contour-certgen -subjects: -- kind: ServiceAccount - name: contour-certgen - namespace: projectcontour ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flyte-pod-webhook - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyte-pod-webhook -subjects: -- kind: ServiceAccount - name: flyte-pod-webhook - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: -- kind: ServiceAccount - name: flyteadmin - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: contour -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: contour -subjects: -- kind: ServiceAccount - name: contour - namespace: projectcontour ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubernetes-dashboard -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kubernetes-dashboard -subjects: -- kind: ServiceAccount - name: kubernetes-dashboard - namespace: kubernetes-dashboard ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubernetes-dashboard-admin -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- kind: ServiceAccount - name: kubernetes-dashboard - namespace: kubernetes-dashboard ---- -apiVersion: v1 -data: - aa_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: {{ namespace }} - spec: - finalizers: - - kubernetes - ab_project-resource-quota.yaml: "apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }} \nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }} \n limits.memory: {{ projectQuotaMemory }}\n\n" -kind: ConfigMap -metadata: - name: clusterresource-template-dk5mbchdmt - namespace: flyte ---- -apiVersion: v1 -data: - db.yaml: | - database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable - logger.yaml: | - logger: - show-source: true - level: 2 - server.yaml: | - datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 - application: - grpcPort: 8089 - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - -kind: ConfigMap -metadata: - name: datacatalog-config-64k8dg9gck - namespace: flyte ---- -apiVersion: v1 -data: - cluster_resources.yaml: | - cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refreshInterval: 1m - db.yaml: | - database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable - domain.yaml: | - domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production - logger.yaml: | - logger: - show-source: true - level: 2 - server.yaml: | - server: - httpPort: 8088 - grpcPort: 8089 - security: - # Controls whether to serve requests over SSL/TLS. - secure: false - # Controls whether to enforce authentication. Follow the guide in https://docs.flyte.org/ on how to setup authentication. - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - - "flyte-authorization" - auth: - authorizedUris: - # This should point at your public http Uri. - - https://localhost:30081 - # This will be used by internal services in the same namespace as flyteadmin - - http://flyteadmin:80 - # This will be used by internal services in the same cluster but different namespaces - - http://flyteadmin.flyte.svc.cluster.local:80 - - # Controls app authentication config - appAuth: - thirdPartyConfig: - flyteClient: - clientId: flytectl - redirectUri: https://localhost:53593/callback - scopes: - - offline - - all - # Controls user authentication - userAuth: - openId: - baseUrl: https://accounts.google.com - scopes: - - profile - - openid - clientId: 657465813211-6eog7ek7li5k7i7fvgv2921075063hpe.apps.googleusercontent.com - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - - task_resource_defaults.yaml: | - task_resources: - defaults: - cpu: 100m - memory: 200Mi - storage: 5Mi - limits: - cpu: 2 - memory: 1Gi - storage: 20Mi - gpu: 1 -kind: ConfigMap -metadata: - name: flyte-admin-config-dbg8dt2dgb - namespace: flyte ---- -apiVersion: v1 -data: - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config -kind: ConfigMap -metadata: - name: flyte-console-config - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - event: - type: admin - rate: 500 - capacity: 1000 - admin: - endpoint: flyteadmin:81 - insecure: true - catalog.yaml: | - catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true - copilot.yaml: | - plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.15" - start-timeout: "30s" - core.yaml: | - propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: maxof - rate: 100 - capacity: 1000 - base-delay: 5s - max-delay: 120s - sub-queue: - type: bucket - rate: 10 - capacity: 100 - webhook: - certDir: /etc/webhook/certs - serviceName: flyte-pod-webhook - enabled_plugins.yaml: | - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array - default-for-task-types: - container: container - sidecar: sidecar - container_array: k8s-array - k8s.yaml: | - plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 200Mi - logger.yaml: | - logger: - show-source: true - level: 2 - resource_manager.yaml: | - propeller: - resourcemanager: - type: noop - storage.yaml: |+ - storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - - task_logs.yaml: | - plugins: - logs: - kubernetes-enabled: true - kubernetes-template-uri: "http://localhost:30082/#/log/{{ .namespace }}/{{ .podName }}/pod?namespace={{ .namespace }}" -kind: ConfigMap -metadata: - name: flyte-propeller-config-g52db28fmc - namespace: flyte ---- -apiVersion: v1 -data: - admin.yaml: | - admin: - clientId: flytepropeller - clientSecretLocation: /etc/secrets/client_secret - endpoint: flyteadmin:81 - insecure: true - event: - capacity: 1000 - rate: 500 - type: admin - db.yaml: | - database: - dbname: postgres - host: postgres - port: 5432 - username: postgres - logger.yaml: | - logger: - level: 4 - show-source: true -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: flytescheduler - helm.sh/chart: flyte-v0.1.10 - name: flyte-scheduler-config - namespace: flyte ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard-settings - namespace: kubernetes-dashboard ---- -apiVersion: v1 -data: - contour.yaml: | - # - # server: - # determine which XDS Server implementation to utilize in Contour. - # xds-server-type: contour - # - # Specify the gateway-api Gateway Contour should watch. - # gateway: - # name: contour - # namespace: projectcontour - # - # should contour expect to be running inside a k8s cluster - # incluster: true - # - # path to kubeconfig (if not running inside a k8s cluster) - # kubeconfig: /path/to/.kube/config - # - # Disable RFC-compliant behavior to strip "Content-Length" header if - # "Tranfer-Encoding: chunked" is also set. - # disableAllowChunkedLength: false - # Disable HTTPProxy permitInsecure field - disablePermitInsecure: false - tls: - # minimum TLS version that Contour will negotiate - # minimum-protocol-version: "1.2" - # TLS ciphers to be supported by Envoy TLS listeners when negotiating - # TLS 1.2. - # cipher-suites: - # - '[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]' - # - '[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]' - # - 'ECDHE-ECDSA-AES256-GCM-SHA384' - # - 'ECDHE-RSA-AES256-GCM-SHA384' - # Defines the Kubernetes name/namespace matching a secret to use - # as the fallback certificate when requests which don't match the - # SNI defined for a vhost. - fallback-certificate: - # name: fallback-secret-name - # namespace: projectcontour - envoy-client-certificate: - # name: envoy-client-cert-secret-name - # namespace: projectcontour - # The following config shows the defaults for the leader election. - # leaderelection: - # configmap-name: leader-elect - # configmap-namespace: projectcontour - ### Logging options - # Default setting - accesslog-format: envoy - # To enable JSON logging in Envoy - # accesslog-format: json - # The default fields that will be logged are specified below. - # To customise this list, just add or remove entries. - # The canonical list is available at - # https://godoc.org/github.com/projectcontour/contour/internal/envoy#JSONFields - # json-fields: - # - "@timestamp" - # - "authority" - # - "bytes_received" - # - "bytes_sent" - # - "downstream_local_address" - # - "downstream_remote_address" - # - "duration" - # - "method" - # - "path" - # - "protocol" - # - "request_id" - # - "requested_server_name" - # - "response_code" - # - "response_flags" - # - "uber_trace_id" - # - "upstream_cluster" - # - "upstream_host" - # - "upstream_local_address" - # - "upstream_service_time" - # - "user_agent" - # - "x_forwarded_for" - # - # default-http-versions: - # - "HTTP/2" - # - "HTTP/1.1" - # - # The following shows the default proxy timeout settings. - # timeouts: - # request-timeout: infinity - # connection-idle-timeout: 60s - # stream-idle-timeout: 5m - # max-connection-duration: infinity - # delayed-close-timeout: 1s - # connection-shutdown-grace-period: 5s - # - # Envoy cluster settings. - # cluster: - # configure the cluster dns lookup family - # valid options are: auto (default), v4, v6 - # dns-lookup-family: auto - # - # Envoy network settings. - # network: - # Configure the number of additional ingress proxy hops from the - # right side of the x-forwarded-for HTTP header to trust. - # num-trusted-hops: 0 - # - # Configure an optional global rate limit service. - # rateLimitService: - # Identifies the extension service defining the rate limit service, - # formatted as /. - # extensionService: projectcontour/ratelimit - # Defines the rate limit domain to pass to the rate limit service. - # Acts as a container for a set of rate limit definitions within - # the RLS. - # domain: contour - # Defines whether to allow requests to proceed when the rate limit - # service fails to respond with a valid rate limit decision within - # the timeout defined on the extension service. - # failOpen: false -kind: ConfigMap -metadata: - name: contour - namespace: projectcontour ---- -apiVersion: v1 -data: - pass.txt: YXdlc29tZXNhdWNl -kind: Secret -metadata: - name: db-pass-9dgchhk2bm - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-admin-auth - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-pod-webhook - namespace: flyte -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - name: flyte-secret-auth - namespace: flyte -stringData: - client_secret: foobar -type: Opaque ---- -apiVersion: v1 -data: - password: bXl1c2Vy - user_secret: bXlzZWNyZXQ= - username: bXl1c2Vy -kind: Secret -metadata: - name: user-info - namespace: flyte -type: Opaque ---- -apiVersion: v1 -data: - csrf: "" -kind: Secret -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard-csrf - namespace: kubernetes-dashboard -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard-key-holder - namespace: kubernetes-dashboard -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - contour.heptio.com/upstream-protocol.h2c: grpc - name: datacatalog - namespace: flyte -spec: - ports: - - name: http - port: 88 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 89 - protocol: TCP - targetPort: 8089 - selector: - app: datacatalog ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - projectcontour.io/upstream-protocol.h2c: grpc - name: flyte-pod-webhook - namespace: flyte -spec: - ports: - - name: https - port: 443 - protocol: TCP - targetPort: 9443 - selector: - app: flyte-pod-webhook ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - projectcontour.io/upstream-protocol.h2c: grpc - name: flyteadmin - namespace: flyte -spec: - ports: - - name: redoc - port: 87 - protocol: TCP - targetPort: 8087 - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - selector: - app: flyteadmin ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte -spec: - ports: - - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole ---- -apiVersion: v1 -kind: Service -metadata: - name: minio - namespace: flyte -spec: - externalName: minio - ports: - - name: minio-api - port: 9000 - - name: minio-console - port: 9001 - selector: - app: minio ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - name: postgres - namespace: flyte -spec: - ports: - - port: 5432 - selector: - app: postgres ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - k8s-app: dashboard-metrics-scraper - name: dashboard-metrics-scraper - namespace: kubernetes-dashboard -spec: - ports: - - port: 8000 - targetPort: 8000 - selector: - k8s-app: dashboard-metrics-scraper ---- -apiVersion: v1 -kind: Service -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard - namespace: kubernetes-dashboard -spec: - ports: - - name: http - nodePort: 30082 - port: 80 - protocol: TCP - targetPort: 9090 - selector: - k8s-app: kubernetes-dashboard - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - name: contour - namespace: projectcontour -spec: - ports: - - name: xds - port: 8001 - protocol: TCP - targetPort: 8001 - selector: - app: contour - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp - name: envoy - namespace: projectcontour -spec: - externalTrafficPolicy: Local - ports: - - name: http - nodePort: 30081 - port: 80 - protocol: TCP - - name: https - port: 443 - protocol: TCP - selector: - app: envoy - type: NodePort ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: datacatalog - name: datacatalog - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.3.0 - spec: - containers: - - command: - - datacatalog - - --config - - /etc/datacatalog/config/*.yaml - - serve - image: cr.flyte.org/flyteorg/datacatalog:v1.0.51 - imagePullPolicy: IfNotPresent - name: datacatalog - ports: - - containerPort: 8088 - - containerPort: 8089 - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - datacatalog - - --config - - /etc/datacatalog/config/*.yaml - - migrate - - run - image: cr.flyte.org/flyteorg/datacatalog:v1.0.51 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/datacatalog/config - name: config-volume - - mountPath: /etc/db - name: db-pass - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: datacatalog - volumes: - - emptyDir: {} - name: shared-data - - configMap: - name: datacatalog-config-64k8dg9gck - name: config-volume - - name: db-pass - secret: - secretName: db-pass-9dgchhk2bm ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyte-pod-webhook - name: flyte-pod-webhook - namespace: flyte -spec: - selector: - matchLabels: - app: flyte-pod-webhook - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyte-pod-webhook - app.kubernetes.io/name: flyte-pod-webhook - app.kubernetes.io/version: 0.5.13 - spec: - containers: - - args: - - webhook - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.1.116 - imagePullPolicy: IfNotPresent - name: webhook - volumeMounts: - - mountPath: /etc/secrets/user-info - name: sample-secrets - readOnly: true - - mountPath: /etc/flyte/config - name: config-volume - readOnly: true - - mountPath: /etc/webhook/certs - name: webhook-certs - readOnly: true - initContainers: - - args: - - webhook - - init-certs - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.1.116 - imagePullPolicy: IfNotPresent - name: generate-secrets - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flyte-pod-webhook - volumes: - - name: sample-secrets - secret: - secretName: user-info - - configMap: - name: flyte-propeller-config-g52db28fmc - name: config-volume - - name: webhook-certs - secret: - secretName: flyte-pod-webhook ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteadmin - name: flyteadmin - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.4.13 - spec: - containers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - serve - image: cr.flyte.org/flyteorg/flyteadmin:v1.1.118 - imagePullPolicy: IfNotPresent - name: flyteadmin - ports: - - containerPort: 8088 - - containerPort: 8089 - resources: - limits: - cpu: "0.1" - ephemeral-storage: 100Mi - memory: 200Mi - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - mountPath: /etc/secrets/ - name: auth - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - run - image: cr.flyte.org/flyteorg/flyteadmin:v1.1.118 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources-goroutine - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: Flyte Admin OpenAPI - - name: SPEC_URL - value: /api/v1/openapi - - name: PORT - value: "8087" - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - name: redoc - ports: - - containerPort: 8087 - resources: - limits: - cpu: "0.1" - memory: 200Mi - initContainers: - - command: - - sh - - -c - - until pg_isready -h postgres -p 5432; do echo waiting for database; sleep 2; done; - image: ecr.flyte.org/ubuntu/postgres:13-21.04_beta - name: check-db-ready - securityContext: - runAsUser: 999 - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - migrate - - run - image: cr.flyte.org/flyteorg/flyteadmin:v1.1.118 - imagePullPolicy: IfNotPresent - name: run-migrations - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - migrate - - seed-projects - - flytesnacks - - flyteexamples - image: cr.flyte.org/flyteorg/flyteadmin:v1.1.118 - imagePullPolicy: IfNotPresent - name: seed-projects - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: cr.flyte.org/flyteorg/flyteadmin:v1.1.118 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - - args: - - flyteadmin --config=/etc/flyte/config/*.yaml secrets init --localPath /etc/scratch/secrets && flyteadmin --config=/etc/flyte/config/*.yaml secrets create --fromPath /etc/scratch/secrets - command: - - /bin/sh - - -c - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flyteadmin:v1.1.118 - imagePullPolicy: IfNotPresent - name: generate-secrets - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/scratch - name: scratch - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-dk5mbchdmt - name: resource-templates - - emptyDir: {} - name: shared-data - - emptyDir: {} - name: scratch - - configMap: - name: flyte-admin-config-dbg8dt2dgb - name: config-volume - - name: db-pass - secret: - secretName: db-pass-9dgchhk2bm - - name: auth - secret: - secretName: flyte-admin-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flyteconsole - name: flyteconsole - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.19.0 - spec: - containers: - - envFrom: - - configMapRef: - name: flyte-console-config - image: cr.flyte.org/flyteorg/flyteconsole:v1.9.2 - name: flyteconsole - ports: - - containerPort: 8080 - volumeMounts: - - mountPath: /srv/flyte - name: shared-data - securityContext: - fsGroupChangePolicy: Always - runAsUser: 1000 - volumes: - - emptyDir: {} - name: shared-data ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytepropeller - name: flytepropeller - namespace: flyte -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.7.1 - spec: - containers: - - args: - - --config - - /etc/flyte/config/*.yaml - command: - - flytepropeller - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: cr.flyte.org/flyteorg/flytepropeller:v1.1.116 - imagePullPolicy: IfNotPresent - name: flytepropeller - ports: - - containerPort: 10254 - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/secrets/ - name: auth - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: Always - runAsUser: 1001 - serviceAccountName: flytepropeller - volumes: - - configMap: - name: flyte-propeller-config-g52db28fmc - name: config-volume - - name: auth - secret: - secretName: flyte-secret-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: flytescheduler - name: flytescheduler - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: flytescheduler - template: - metadata: - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - labels: - app: flytescheduler - app.kubernetes.io/name: flytescheduler - app.kubernetes.io/version: 0.3.4 - spec: - containers: - - command: - - flytescheduler - - run - - --config - - /etc/flyte/config/*.yaml - image: cr.flyte.org/flyteorg/flytescheduler:v0.6.49 - imagePullPolicy: IfNotPresent - name: flytescheduler - resources: - limits: - cpu: 250m - ephemeral-storage: 100Mi - memory: 500Mi - requests: - cpu: 10m - ephemeral-storage: 50Mi - memory: 50Mi - volumeMounts: - - mountPath: /etc/secrets/ - name: auth - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - initContainers: - - command: - - flytescheduler - - precheck - - --config - - /etc/flyte/config/*.yaml - image: cr.flyte.org/flyteorg/flytescheduler:v0.6.49 - imagePullPolicy: IfNotPresent - name: flytescheduler-check - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - serviceAccountName: flyteadmin - volumes: - - configMap: - name: flyte-scheduler-config - name: config-volume - - name: db-pass - secret: - secretName: db-pass-9dgchhk2bm - - name: auth - secret: - secretName: flyte-secret-auth ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - namespace: flyte -spec: - selector: - matchLabels: - app: minio - template: - metadata: - labels: - app: minio - spec: - containers: - - env: - - name: MINIO_ACCESS_KEY - value: minio - - name: MINIO_SECRET_KEY - value: miniostorage - - name: MINIO_DEFAULT_BUCKETS - value: my-s3-bucket - image: ecr.flyte.org/bitnami/minio:2021.10.13-debian-10-r0 - name: minio - ports: - - containerPort: 9000 - name: minio - - containerPort: 9001 - name: minio-console - volumeMounts: - - mountPath: /data - name: minio-storage - securityContext: - fsGroup: 1001 - fsGroupChangePolicy: OnRootMismatch - runAsUser: 1001 - volumes: - - emptyDir: {} - name: minio-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres - namespace: flyte -spec: - selector: - matchLabels: - app: postgres - template: - metadata: - labels: - app: postgres - spec: - containers: - - env: - - name: POSTGRES_HOST_AUTH_METHOD - value: trust - image: ecr.flyte.org/ubuntu/postgres:13-21.04_beta - name: postgres - ports: - - containerPort: 5432 - name: postgres - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgres-storage - volumes: - - emptyDir: {} - name: postgres-storage ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - k8s-app: dashboard-metrics-scraper - name: dashboard-metrics-scraper - namespace: kubernetes-dashboard -spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - k8s-app: dashboard-metrics-scraper - template: - metadata: - annotations: - seccomp.security.alpha.kubernetes.io/pod: runtime/default - labels: - k8s-app: dashboard-metrics-scraper - spec: - containers: - - image: kubernetesui/metrics-scraper:v1.0.6 - livenessProbe: - httpGet: - path: / - port: 8000 - scheme: HTTP - initialDelaySeconds: 30 - timeoutSeconds: 30 - name: dashboard-metrics-scraper - ports: - - containerPort: 8000 - protocol: TCP - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsGroup: 2001 - runAsUser: 1001 - volumeMounts: - - mountPath: /tmp - name: tmp-volume - nodeSelector: - kubernetes.io/os: linux - serviceAccountName: kubernetes-dashboard - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - volumes: - - emptyDir: {} - name: tmp-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - k8s-app: kubernetes-dashboard - name: kubernetes-dashboard - namespace: kubernetes-dashboard -spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - k8s-app: kubernetes-dashboard - template: - metadata: - labels: - k8s-app: kubernetes-dashboard - spec: - containers: - - args: - - --namespace=kubernetes-dashboard - - --enable-insecure-login - - --enable-skip-login - - --disable-settings-authorizer - image: kubernetesui/dashboard:v2.2.0 - livenessProbe: - httpGet: - path: / - port: 9090 - initialDelaySeconds: 30 - timeoutSeconds: 30 - name: kubernetes-dashboard - ports: - - containerPort: 9090 - protocol: TCP - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsGroup: 2001 - runAsUser: 1001 - volumeMounts: - - mountPath: /tmp - name: tmp-volume - nodeSelector: - kubernetes.io/os: linux - serviceAccountName: kubernetes-dashboard - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - volumes: - - emptyDir: {} - name: tmp-volume ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: contour - name: contour - namespace: projectcontour -spec: - replicas: 2 - selector: - matchLabels: - app: contour - strategy: - rollingUpdate: - maxSurge: 50% - type: RollingUpdate - template: - metadata: - annotations: - prometheus.io/port: "8000" - prometheus.io/scrape: "true" - labels: - app: contour - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app: contour - topologyKey: kubernetes.io/hostname - weight: 100 - containers: - - args: - - serve - - --incluster - - --xds-address=0.0.0.0 - - --xds-port=8001 - - --envoy-service-http-port=80 - - --envoy-service-https-port=443 - - --contour-cafile=/certs/ca.crt - - --contour-cert-file=/certs/tls.crt - - --contour-key-file=/certs/tls.key - - --config-path=/config/contour.yaml - command: - - contour - env: - - name: CONTOUR_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - image: docker.io/projectcontour/contour:v1.13.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: 8000 - name: contour - ports: - - containerPort: 8001 - name: xds - protocol: TCP - - containerPort: 8000 - name: metrics - protocol: TCP - - containerPort: 6060 - name: debug - protocol: TCP - readinessProbe: - initialDelaySeconds: 15 - periodSeconds: 10 - tcpSocket: - port: 8001 - volumeMounts: - - mountPath: /certs - name: contourcert - readOnly: true - - mountPath: /config - name: contour-config - readOnly: true - dnsPolicy: ClusterFirst - securityContext: - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - serviceAccountName: contour - volumes: - - name: contourcert - secret: - secretName: contourcert - - configMap: - defaultMode: 420 - items: - - key: contour.yaml - path: contour.yaml - name: contour - name: contour-config ---- -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - jobTemplate: - spec: - template: - spec: - containers: - - command: - - flyteadmin - - --config - - /etc/flyte/config/*.yaml - - clusterresource - - sync - image: cr.flyte.org/flyteorg/flyteadmin:v1.1.118 - imagePullPolicy: IfNotPresent - name: sync-cluster-resources - volumeMounts: - - mountPath: /etc/flyte/clusterresource/templates - name: resource-templates - - mountPath: /etc/flyte/config - name: config-volume - - mountPath: /etc/db - name: db-pass - restartPolicy: OnFailure - serviceAccountName: flyteadmin - volumes: - - configMap: - name: clusterresource-template-dk5mbchdmt - name: resource-templates - - configMap: - name: flyte-admin-config-dbg8dt2dgb - name: config-volume - - name: db-pass - secret: - secretName: db-pass-9dgchhk2bm - schedule: '*/1 * * * *' ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - labels: - app: envoy - name: envoy - namespace: projectcontour -spec: - selector: - matchLabels: - app: envoy - template: - metadata: - annotations: - prometheus.io/path: /stats/prometheus - prometheus.io/port: "8002" - prometheus.io/scrape: "true" - labels: - app: envoy - spec: - automountServiceAccountToken: false - containers: - - args: - - envoy - - shutdown-manager - command: - - /bin/contour - image: docker.io/projectcontour/contour:v1.13.1 - imagePullPolicy: IfNotPresent - lifecycle: - preStop: - exec: - command: - - /bin/contour - - envoy - - shutdown - livenessProbe: - httpGet: - path: /healthz - port: 8090 - initialDelaySeconds: 3 - periodSeconds: 10 - name: shutdown-manager - - args: - - -c - - /config/envoy.json - - --service-cluster $(CONTOUR_NAMESPACE) - - --service-node $(ENVOY_POD_NAME) - - --log-level info - command: - - envoy - env: - - name: CONTOUR_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: ENVOY_POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - image: docker.io/envoyproxy/envoy:v1.17.1 - imagePullPolicy: IfNotPresent - lifecycle: - preStop: - httpGet: - path: /shutdown - port: 8090 - scheme: HTTP - name: envoy - ports: - - containerPort: 80 - hostPort: 80 - name: http - protocol: TCP - - containerPort: 443 - hostPort: 443 - name: https - protocol: TCP - readinessProbe: - httpGet: - path: /ready - port: 8002 - initialDelaySeconds: 3 - periodSeconds: 4 - volumeMounts: - - mountPath: /config - name: envoy-config - readOnly: true - - mountPath: /certs - name: envoycert - readOnly: true - initContainers: - - args: - - bootstrap - - /config/envoy.json - - --xds-address=contour - - --xds-port=8001 - - --xds-resource-version=v3 - - --resources-dir=/config/resources - - --envoy-cafile=/certs/ca.crt - - --envoy-cert-file=/certs/tls.crt - - --envoy-key-file=/certs/tls.key - command: - - contour - env: - - name: CONTOUR_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: docker.io/projectcontour/contour:v1.13.1 - imagePullPolicy: IfNotPresent - name: envoy-initconfig - volumeMounts: - - mountPath: /config - name: envoy-config - - mountPath: /certs - name: envoycert - readOnly: true - restartPolicy: Always - serviceAccountName: envoy - terminationGracePeriodSeconds: 300 - volumes: - - emptyDir: {} - name: envoy-config - - name: envoycert - secret: - secretName: envoycert - updateStrategy: - rollingUpdate: - maxUnavailable: 10% - type: RollingUpdate ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: contour-certgen-v1.13.1 - namespace: projectcontour -spec: - backoffLimit: 1 - completions: 1 - parallelism: 1 - template: - metadata: - labels: - app: contour-certgen - spec: - containers: - - command: - - contour - - certgen - - --kube - - --incluster - - --overwrite - - --secrets-format=compact - - --namespace=$(CONTOUR_NAMESPACE) - env: - - name: CONTOUR_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: docker.io/projectcontour/contour:v1.13.1 - imagePullPolicy: Always - name: contour - restartPolicy: Never - securityContext: - runAsGroup: 65534 - runAsNonRoot: true - runAsUser: 65534 - serviceAccountName: contour-certgen - ttlSecondsAfterFinished: 0 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/app-root: /console - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: flytesystem - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /__webpack_hmr - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AdminService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AuthMetadataService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.IdentityService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.SignalService - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 87 - path: /openapi - pathType: ImplementationSpecific - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /console - pathType: ImplementationSpecific - - backend: - service: - name: flyteconsole - port: - number: 80 - path: /console/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /api - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /api/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /healthcheck - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /v1/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 87 - path: /openapi/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /.well-known/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /login - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /login/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /logout - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /logout/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /callback - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /callback/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /me - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /config - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /config/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /oauth2 - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 80 - path: /oauth2/* - pathType: ImplementationSpecific ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - name: minio - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - service: - name: minio - port: - number: 9001 - path: /minio - pathType: ImplementationSpecific diff --git a/kustomize/README.md b/kustomize/README.md deleted file mode 100644 index 69a9c10d0c..0000000000 --- a/kustomize/README.md +++ /dev/null @@ -1,13 +0,0 @@ -# Install Flyte using Kustomize -Flyte can be deployed to a kubernetes cluster using a generated deployment yaml file. This file is generated using [Kustomize](https://kubectl.docs.kubernetes.io/guides/introduction/kustomize/). -Please refer to Kustomize documentation to see how it works. - -In brief, Kustomize allows composing a deployment yaml using multiple components. In Flyte all the core components are listed under [Base Components](./base). The Base components also consist of -a composed set of components that can be deployed to a [Single Kubernetes cluster](./base/single_cluster). This deployment configures various components using [Flyte Configuration -system](todo). - -The *Single Cluster* configuration on its own is not deployable. But individual [overlays](./overlays) are deployable. - -Refer to -1. [Base Components](./base): If you want to build your own overlay start here -1. [overlays](./overlays): If you want to build on top of an existing overlay start here diff --git a/kustomize/base/README.md b/kustomize/base/README.md deleted file mode 100644 index b0bb224d24..0000000000 --- a/kustomize/base/README.md +++ /dev/null @@ -1,19 +0,0 @@ -[Back to main menu](../) -# Base Components for Flyte -These deployments provide individual deployment units of the Flyte Backend. - -As a user it might be preferable to use the `single_cluster` deployment base to create an overlay on top of, or directly edit on top of one of the existing overlays. - -## To create a new flyte overlay for one K8s cluster - Start here -- [Single Cluster Flyte Deployment configuration](./single_cluster) - -## To create a completely custom overlay refer to components -1. FlyteAdmin [Deployment](./admindeployment) | [ServiceAccount](./adminserviceaccount) -1. [Core Flyte namespace creation](./namespace) -1. [FlytePropeller](./propeller) & its [CRD](./wf_crd) -1. [DataCatalog](./datacatalog) -1. [FlyteConsole](./console) -1. [Overall Ingress for Flyte (optional)](./ingress) -1. [Additional plugin components for Flyte using K8s operators](./operators) - diff --git a/kustomize/base/addons/cloudsqlproxy/deployment.yaml b/kustomize/base/addons/cloudsqlproxy/deployment.yaml deleted file mode 100644 index dda31d1004..0000000000 --- a/kustomize/base/addons/cloudsqlproxy/deployment.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cloudsqlproxy - namespace: flyte - labels: - app: cloudsqlproxy -spec: - replicas: 1 - selector: - matchLabels: - app: cloudsqlproxy - template: - metadata: - labels: - app: cloudsqlproxy - spec: - containers: - - name: cloudsql-proxy - image: gcr.io/cloudsql-docker/gce-proxy:1.16 - imagePullPolicy: IfNotPresent - # TODO: replace with the GCP project ID and with the region where - # Cloud SQL runs - command: ["/cloud_sql_proxy", "-instances=::flyte=tcp:0.0.0.0:5432"] - ports: - - containerPort: 5432 diff --git a/kustomize/base/addons/cloudsqlproxy/kustomization.yaml b/kustomize/base/addons/cloudsqlproxy/kustomization.yaml deleted file mode 100644 index 6d1374a18e..0000000000 --- a/kustomize/base/addons/cloudsqlproxy/kustomization.yaml +++ /dev/null @@ -1,3 +0,0 @@ -resources: - - deployment.yaml - - service.yaml diff --git a/kustomize/base/addons/cloudsqlproxy/service.yaml b/kustomize/base/addons/cloudsqlproxy/service.yaml deleted file mode 100644 index 68ba5d2213..0000000000 --- a/kustomize/base/addons/cloudsqlproxy/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: cloudsqlproxy - namespace: flyte -spec: - selector: - app: cloudsqlproxy - ports: - - name: http - protocol: TCP - port: 5432 diff --git a/kustomize/base/addons/contour_ingress_controller/kustomization.yaml b/kustomize/base/addons/contour_ingress_controller/kustomization.yaml deleted file mode 100644 index e75e137804..0000000000 --- a/kustomize/base/addons/contour_ingress_controller/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resources: -- https://raw.githubusercontent.com/projectcontour/contour/release-1.13/examples/render/contour.yaml -patchesStrategicMerge: -- service.yaml diff --git a/kustomize/base/addons/contour_ingress_controller/service.yaml b/kustomize/base/addons/contour_ingress_controller/service.yaml deleted file mode 100644 index a848798e11..0000000000 --- a/kustomize/base/addons/contour_ingress_controller/service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# Service -apiVersion: v1 -kind: Service -metadata: - name: envoy - namespace: projectcontour -spec: - # use NodePort to make sure the service is accessible - type: NodePort - ports: - - port: 80 - name: http - protocol: TCP - nodePort: 30081 diff --git a/kustomize/base/addons/database/database.yaml b/kustomize/base/addons/database/database.yaml deleted file mode 100644 index de17063c4c..0000000000 --- a/kustomize/base/addons/database/database.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres - namespace: flyte -spec: - selector: - matchLabels: - app: postgres - template: - metadata: - labels: - app: postgres - spec: - volumes: - - name: postgres-storage - emptyDir: {} - containers: - - image: postgres - name: postgres - env: - - name: POSTGRES_HOST_AUTH_METHOD - value: trust - ports: - - containerPort: 5432 - name: postgres - volumeMounts: - - name: postgres-storage - mountPath: /var/lib/postgresql/data ---- -apiVersion: v1 -kind: Service -metadata: - name: postgres - namespace: flyte -spec: - ports: - - port: 5432 - selector: - app: postgres diff --git a/kustomize/base/addons/database/kustomization.yaml b/kustomize/base/addons/database/kustomization.yaml deleted file mode 100644 index ca2ede8d46..0000000000 --- a/kustomize/base/addons/database/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- database.yaml diff --git a/kustomize/base/addons/kubernetes_dashboard/clusterrolebinding.yaml b/kustomize/base/addons/kubernetes_dashboard/clusterrolebinding.yaml deleted file mode 100644 index 76fd3fc503..0000000000 --- a/kustomize/base/addons/kubernetes_dashboard/clusterrolebinding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubernetes-dashboard-admin -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- kind: ServiceAccount - name: kubernetes-dashboard - namespace: kubernetes-dashboard diff --git a/kustomize/base/addons/kubernetes_dashboard/deployment.yaml b/kustomize/base/addons/kubernetes_dashboard/deployment.yaml deleted file mode 100644 index 49299fec08..0000000000 --- a/kustomize/base/addons/kubernetes_dashboard/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -kind: Deployment -apiVersion: apps/v1 -metadata: - name: kubernetes-dashboard - namespace: kubernetes-dashboard -spec: - template: - spec: - containers: - - name: kubernetes-dashboard - args: - - --namespace=kubernetes-dashboard - - --enable-insecure-login - - --enable-skip-login - - --disable-settings-authorizer diff --git a/kustomize/base/addons/kubernetes_dashboard/kustomization.yaml b/kustomize/base/addons/kubernetes_dashboard/kustomization.yaml deleted file mode 100644 index 22384dfe0f..0000000000 --- a/kustomize/base/addons/kubernetes_dashboard/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -resources: - # TODO (jeev): Figure out how to rev this automatically -- https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/alternative.yaml -- clusterrolebinding.yaml -patchesStrategicMerge: -- deployment.yaml -- service.yaml diff --git a/kustomize/base/addons/kubernetes_dashboard/service.yaml b/kustomize/base/addons/kubernetes_dashboard/service.yaml deleted file mode 100644 index c08a9308c8..0000000000 --- a/kustomize/base/addons/kubernetes_dashboard/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: kubernetes-dashboard - namespace: kubernetes-dashboard -spec: - type: NodePort - ports: - - port: 80 - name: http - protocol: TCP - nodePort: 30082 diff --git a/kustomize/base/addons/redis/deployment.yaml b/kustomize/base/addons/redis/deployment.yaml deleted file mode 100644 index 1f1381dae8..0000000000 --- a/kustomize/base/addons/redis/deployment.yaml +++ /dev/null @@ -1,59 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app: redis-resource-manager - serviceName: redis-resource-manager - template: - metadata: - labels: - app: redis-resource-manager - spec: - containers: - - env: - - name: REDIS_PASSWORD - value: mypassword - image: redis - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: redis-resource-manager - ports: - - containerPort: 6379 - name: redis - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 200m - memory: 128Mi - volumeMounts: - - mountPath: /bitnami - name: redis-data - dnsPolicy: ClusterFirst - restartPolicy: Always - volumes: - - name: redis-data - emptyDir: {} diff --git a/kustomize/base/addons/redis/kustomization.yaml b/kustomize/base/addons/redis/kustomization.yaml deleted file mode 100644 index a944d005ca..0000000000 --- a/kustomize/base/addons/redis/kustomization.yaml +++ /dev/null @@ -1,3 +0,0 @@ -resources: -- deployment.yaml -- service.yaml diff --git a/kustomize/base/addons/redis/service.yaml b/kustomize/base/addons/redis/service.yaml deleted file mode 100644 index 8c86264ae3..0000000000 --- a/kustomize/base/addons/redis/service.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: redis-resource-manager - name: redis-resource-manager - namespace: flyte -spec: - ports: - - name: redis - port: 6379 - protocol: TCP - targetPort: redis - selector: - app: redis-resource-manager - type: ClusterIP diff --git a/kustomize/base/addons/storage/kustomization.yaml b/kustomize/base/addons/storage/kustomization.yaml deleted file mode 100644 index 9a80610c4e..0000000000 --- a/kustomize/base/addons/storage/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- storage.yaml diff --git a/kustomize/base/addons/storage/storage.yaml b/kustomize/base/addons/storage/storage.yaml deleted file mode 100644 index 6c895bc8ff..0000000000 --- a/kustomize/base/addons/storage/storage.yaml +++ /dev/null @@ -1,74 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - namespace: flyte -spec: - selector: - matchLabels: - app: minio - template: - metadata: - labels: - app: minio - spec: - securityContext: - fsGroup: 1001 - runAsUser: 1001 - fsGroupChangePolicy: "OnRootMismatch" - volumes: - - name: minio-storage - emptyDir: {} - containers: - - image: minio - name: minio - env: - - name: MINIO_ACCESS_KEY - value: minio - - name: MINIO_SECRET_KEY - value: miniostorage - - name: MINIO_DEFAULT_BUCKETS - value: my-s3-bucket - ports: - - containerPort: 9000 - name: minio - - containerPort: 9001 - name: minio-console - volumeMounts: - - name: minio-storage - mountPath: /data ---- -apiVersion: v1 -kind: Service -metadata: - name: minio - namespace: flyte -spec: - externalName: minio - ports: - - name: minio-api - port: 9000 - - name: minio-console - port: 9001 - selector: - app: minio ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: minio - namespace: flyte - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" -spec: - rules: - - http: - paths: - - path: /minio - pathType: ImplementationSpecific - backend: - service: - name: minio - port: - number: 9001 diff --git a/kustomize/base/admindeployment/auth_secret.yaml b/kustomize/base/admindeployment/auth_secret.yaml deleted file mode 100644 index 9a1281d776..0000000000 --- a/kustomize/base/admindeployment/auth_secret.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: flyte-admin-auth - namespace: flyte -type: Opaque diff --git a/kustomize/base/admindeployment/clustersync/cron.yaml b/kustomize/base/admindeployment/clustersync/cron.yaml deleted file mode 100644 index e3fbfdfa69..0000000000 --- a/kustomize/base/admindeployment/clustersync/cron.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: syncresources - namespace: flyte -spec: - schedule: "*/1 * * * *" - jobTemplate: - spec: - template: - spec: - serviceAccountName: flyteadmin - containers: - - name: sync-cluster-resources - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--config", "/etc/flyte/config/*.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - - name: db-pass - mountPath: /etc/db - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - - name: config-volume - configMap: - name: flyte-admin-config - - name: db-pass - secret: - secretName: db-pass - restartPolicy: OnFailure diff --git a/kustomize/base/admindeployment/clustersync/kustomization.yaml b/kustomize/base/admindeployment/clustersync/kustomization.yaml deleted file mode 100644 index 1ade31b55b..0000000000 --- a/kustomize/base/admindeployment/clustersync/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- cron.yaml diff --git a/kustomize/base/admindeployment/deployment.yaml b/kustomize/base/admindeployment/deployment.yaml deleted file mode 100644 index 561e449034..0000000000 --- a/kustomize/base/admindeployment/deployment.yaml +++ /dev/null @@ -1,157 +0,0 @@ -# Create the actual deployment -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteadmin - namespace: flyte - labels: - app: flyteadmin -spec: - replicas: 1 - selector: - matchLabels: - app: flyteadmin - template: - metadata: - labels: - app: flyteadmin - app.kubernetes.io/name: flyteadmin - app.kubernetes.io/version: 0.4.13 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "10254" - prometheus.io/path: "/metrics" - spec: - securityContext: - fsGroup: 65534 - runAsUser: 1001 - fsGroupChangePolicy: "Always" - serviceAccountName: flyteadmin - volumes: - - name: shared-data - emptyDir: {} - - emptyDir: {} - name: scratch - - name: config-volume - configMap: - name: flyte-admin-config - - name: resource-templates - configMap: - name: clusterresource-template - - name: db-pass - secret: - secretName: db-pass - - name: auth - secret: - secretName: flyte-admin-auth - initContainers: - - name: run-migrations - image: flyteadmin:v0.6.49 - imagePullPolicy: IfNotPresent - command: - [ - "flyteadmin", - "--config", - "/etc/flyte/config/*.yaml", - "migrate", - "run", - ] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: db-pass - mountPath: /etc/db - # Optional, These just seed the project - TODO move them to only - - name: seed-projects - image: flyteadmin:v0.6.49 - imagePullPolicy: IfNotPresent - command: - [ - "flyteadmin", - "--config", - "/etc/flyte/config/*.yaml", - "migrate", - "seed-projects", - "flytesnacks", - "flytetester", - "flyteexamples", - ] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: db-pass - mountPath: /etc/db - - name: sync-cluster-resources - image: flyteadmin:v0.6.49 - imagePullPolicy: IfNotPresent - command: - [ - "flyteadmin", - "--config", - "/etc/flyte/config/*.yaml", - "clusterresource", - "sync", - ] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - - name: db-pass - mountPath: /etc/db - - name: generate-secrets - image: flyteadmin:v0.6.49 - imagePullPolicy: IfNotPresent - command: ["/bin/sh", "-c"] - args: - [ - "flyteadmin --config=/etc/flyte/config/*.yaml secrets init --localPath /etc/scratch/secrets && flyteadmin --config=/etc/flyte/config/*.yaml secrets create --fromPath /etc/scratch/secrets", - ] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: scratch - mountPath: /etc/scratch - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - containers: - - name: flyteadmin - image: flyteadmin:v0.6.49 - imagePullPolicy: IfNotPresent - command: - ["flyteadmin", "--config", "/etc/flyte/config/*.yaml", "serve"] - ports: - - containerPort: 8088 - - containerPort: 8089 - volumeMounts: - - name: shared-data - mountPath: /srv/flyte - - name: config-volume - mountPath: /etc/flyte/config - - name: db-pass - mountPath: /etc/db - - name: auth - mountPath: /etc/secrets/ - - name: redoc - image: docker.io/redocly/redoc - imagePullPolicy: IfNotPresent - ports: - - containerPort: 8087 - resources: - limits: - memory: "200Mi" - cpu: "0.1" - command: - - sh - - -c - - ln -s /usr/share/nginx/html /usr/share/nginx/html/openapi && sh /usr/local/bin/docker-run.sh - env: - - name: PAGE_TITLE - value: "Flyte Admin OpenAPI" - - name: SPEC_URL - value: "/api/v1/openapi" - - name: PORT - value: "8087" diff --git a/kustomize/base/admindeployment/kustomization.yaml b/kustomize/base/admindeployment/kustomization.yaml deleted file mode 100644 index c47adf129d..0000000000 --- a/kustomize/base/admindeployment/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resources: - - auth_secret.yaml - - deployment.yaml - - service.yaml diff --git a/kustomize/base/admindeployment/service.yaml b/kustomize/base/admindeployment/service.yaml deleted file mode 100644 index 275f1d2185..0000000000 --- a/kustomize/base/admindeployment/service.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Service -apiVersion: v1 -kind: Service -metadata: - name: flyteadmin - namespace: flyte - annotations: - # This tells contour to use a H2 connection for the port associated - # with the name 'grpc' under spec/ports. - # For more information, refer to - # https://github.com/heptio/contour/blob/master/docs/annotations.md#contour-specific-service-annotations - # # Following this issue - the annotation was updated https://github.com/projectcontour/contour/issues/2092 - projectcontour.io/upstream-protocol.h2c: "grpc" -spec: - selector: - app: flyteadmin - ports: - - name: http - protocol: TCP - port: 80 - targetPort: 8088 - - name: grpc - protocol: TCP - port: 81 - targetPort: 8089 diff --git a/kustomize/base/adminserviceaccount/adminserviceaccount.yaml b/kustomize/base/adminserviceaccount/adminserviceaccount.yaml deleted file mode 100644 index bdaae60df4..0000000000 --- a/kustomize/base/adminserviceaccount/adminserviceaccount.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# ClusterRole for flyteadmin -# https://kubernetes.io/docs/admin/authorization/rbac/ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flyteadmin - namespace: flyte -rules: -#Allow Access to all resources under flyte.lyft.com and the core API group: "" - - apiGroups: - - "" - - flyte.lyft.com - - rbac.authorization.k8s.io - resources: - - configmaps - - flyteworkflows - - namespaces - - pods - - resourcequotas - - roles - - rolebindings - - secrets - - services - - serviceaccounts - - spark-role - verbs: - - "*" - ---- -# Create a Service Account for FltyeAdmin -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: flyteadmin-binding - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyteadmin -subjects: - - kind: ServiceAccount - name: flyteadmin - namespace: flyte diff --git a/kustomize/base/adminserviceaccount/kustomization.yaml b/kustomize/base/adminserviceaccount/kustomization.yaml deleted file mode 100644 index 3d4938e1a1..0000000000 --- a/kustomize/base/adminserviceaccount/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- adminserviceaccount.yaml diff --git a/kustomize/base/console/configmap.yaml b/kustomize/base/console/configmap.yaml deleted file mode 100644 index 0fb42a0c1f..0000000000 --- a/kustomize/base/console/configmap.yaml +++ /dev/null @@ -1,10 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: flyte-console-config - namespace: flyte -data: - # This determines the base url used for all console links. It must match the route specified in ingress.yaml - BASE_URL: /console - CONFIG_DIR: /etc/flyte/config - diff --git a/kustomize/base/console/deployment.yaml b/kustomize/base/console/deployment.yaml deleted file mode 100644 index 0e9e440534..0000000000 --- a/kustomize/base/console/deployment.yaml +++ /dev/null @@ -1,38 +0,0 @@ -# Create the actual deployment -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteconsole - namespace: flyte - labels: - app: flyteconsole -spec: - replicas: 1 - selector: - matchLabels: - app: flyteconsole - template: - metadata: - labels: - app: flyteconsole - app.kubernetes.io/name: flyteconsole - app.kubernetes.io/version: 0.19.0 - spec: - securityContext: - runAsUser: 1000 - fsGroupChangePolicy: "Always" - volumes: - - name: shared-data - emptyDir: {} - containers: - - name: flyteconsole - image: flyteconsole:v0.19.0 - # args: [] - ports: - - containerPort: 8080 - volumeMounts: - - name: shared-data - mountPath: /srv/flyte - envFrom: - - configMapRef: - name: flyte-console-config diff --git a/kustomize/base/console/kustomization.yaml b/kustomize/base/console/kustomization.yaml deleted file mode 100644 index 81d586a3cd..0000000000 --- a/kustomize/base/console/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resources: -- deployment.yaml -- service.yaml -- configmap.yaml diff --git a/kustomize/base/console/service.yaml b/kustomize/base/console/service.yaml deleted file mode 100644 index e6d75ffc2f..0000000000 --- a/kustomize/base/console/service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# Service -apiVersion: v1 -kind: Service -metadata: - name: flyteconsole - namespace: flyte -spec: - selector: - app: flyteconsole - ports: - - protocol: TCP - port: 80 - targetPort: 8080 - diff --git a/kustomize/base/datacatalog/deployment.yaml b/kustomize/base/datacatalog/deployment.yaml deleted file mode 100644 index 22b2e37235..0000000000 --- a/kustomize/base/datacatalog/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: datacatalog - namespace: flyte - labels: - app: datacatalog -spec: - replicas: 1 - selector: - matchLabels: - app: datacatalog - template: - metadata: - labels: - app: datacatalog - app.kubernetes.io/name: datacatalog - app.kubernetes.io/version: 0.3.0 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "10254" - prometheus.io/path: "/metrics" - spec: - securityContext: - fsGroup: 65534 - runAsUser: 1001 - fsGroupChangePolicy: "Always" - serviceAccountName: datacatalog - volumes: - - name: shared-data - emptyDir: {} - - name: config-volume - configMap: - name: datacatalog-config - - name: db-pass - secret: - secretName: db-pass - initContainers: - - name: run-migrations - image: datacatalog:v0.3.0 - imagePullPolicy: IfNotPresent - command: ["datacatalog", "--config", "/etc/datacatalog/config/*.yaml", "migrate", "run"] - volumeMounts: - - name: config-volume - mountPath: /etc/datacatalog/config - - name: db-pass - mountPath: /etc/db - containers: - - name: datacatalog - image: datacatalog:v0.3.0 - imagePullPolicy: IfNotPresent - command: ["datacatalog", "--config", "/etc/datacatalog/config/*.yaml", "serve"] - ports: - - containerPort: 8088 - - containerPort: 8089 - volumeMounts: - - name: config-volume - mountPath: /etc/datacatalog/config - - name: db-pass - mountPath: /etc/db diff --git a/kustomize/base/datacatalog/kustomization.yaml b/kustomize/base/datacatalog/kustomization.yaml deleted file mode 100644 index c38e72a98d..0000000000 --- a/kustomize/base/datacatalog/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resources: -- rbac.yaml -- deployment.yaml -- service.yaml diff --git a/kustomize/base/datacatalog/rbac.yaml b/kustomize/base/datacatalog/rbac.yaml deleted file mode 100644 index 208fb8d1ef..0000000000 --- a/kustomize/base/datacatalog/rbac.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: datacatalog - namespace: flyte diff --git a/kustomize/base/datacatalog/service.yaml b/kustomize/base/datacatalog/service.yaml deleted file mode 100644 index 11c9b58ea2..0000000000 --- a/kustomize/base/datacatalog/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Service -apiVersion: v1 -kind: Service -metadata: - name: datacatalog - namespace: flyte - annotations: - # This tells contour to use a H2 connection for the port associated - # with the name 'grpc' under spec/ports. - # For more information, refer to - # https://github.com/heptio/contour/blob/master/docs/annotations.md#contour-specific-service-annotations - contour.heptio.com/upstream-protocol.h2c: "grpc" -spec: - selector: - app: datacatalog - ports: - - name: http - protocol: TCP - port: 88 - targetPort: 8088 - - name: grpc - protocol: TCP - port: 89 - targetPort: 8089 diff --git a/kustomize/base/ingress/ingress.yaml b/kustomize/base/ingress/ingress.yaml deleted file mode 100644 index 99aec4b323..0000000000 --- a/kustomize/base/ingress/ingress.yaml +++ /dev/null @@ -1,193 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: flytesystem - namespace: flyte - annotations: - nginx.ingress.kubernetes.io/ssl-redirect: "false" - nginx.ingress.kubernetes.io/app-root: /console -spec: - rules: - - http: - paths: - # This is useful only for sandbox mode and should be templatized/removed in non-sandbox environments - - path: /__webpack_hmr - pathType: ImplementationSpecific - backend: - service: - name: flyteconsole - port: - number: 80 - # NOTE: Port 81 in flyteadmin is the GRPC server port for - # FlyteAdmin. - - path: /flyteidl.service.AdminService - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 81 - - path: /flyteidl.service.AuthMetadataService - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 81 - - path: /flyteidl.service.IdentityService - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 81 - - path: /flyteidl.service.SignalService - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 81 - # Port 87 in FlyteAdmin maps to the redoc container. - - path: /openapi - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 87 - # NOTE: If you change this, you must update the BASE_URL value in flyteconsole.yaml - - path: /console - pathType: ImplementationSpecific - backend: - service: - name: flyteconsole - port: - number: 80 - - path: /console/* - pathType: ImplementationSpecific - backend: - service: - name: flyteconsole - port: - number: 80 - - path: /api - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /api/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /healthcheck - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /v1/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - # Port 87 in FlyteAdmin maps to the redoc container. - - path: /openapi/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 87 - - path: /.well-known/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /login - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /login/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /logout - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /logout/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /callback - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /callback/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /me - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /config - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /config/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /oauth2 - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /oauth2/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 diff --git a/kustomize/base/ingress/kustomization.yaml b/kustomize/base/ingress/kustomization.yaml deleted file mode 100644 index 14d8f3a54f..0000000000 --- a/kustomize/base/ingress/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - ingress.yaml diff --git a/kustomize/base/namespace/kustomization.yaml b/kustomize/base/namespace/kustomization.yaml deleted file mode 100644 index bf20f4df68..0000000000 --- a/kustomize/base/namespace/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- namespace.yaml diff --git a/kustomize/base/namespace/namespace.yaml b/kustomize/base/namespace/namespace.yaml deleted file mode 100644 index ca27d7f885..0000000000 --- a/kustomize/base/namespace/namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: flyte diff --git a/kustomize/base/operators/README.md b/kustomize/base/operators/README.md deleted file mode 100644 index 4f6516eb9d..0000000000 --- a/kustomize/base/operators/README.md +++ /dev/null @@ -1 +0,0 @@ -# Install plugins diff --git a/kustomize/base/operators/kfoperators/namespace/kustomization.yaml b/kustomize/base/operators/kfoperators/namespace/kustomization.yaml deleted file mode 100644 index bf20f4df68..0000000000 --- a/kustomize/base/operators/kfoperators/namespace/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- namespace.yaml diff --git a/kustomize/base/operators/kfoperators/namespace/namespace.yaml b/kustomize/base/operators/kfoperators/namespace/namespace.yaml deleted file mode 100644 index 7a940e4673..0000000000 --- a/kustomize/base/operators/kfoperators/namespace/namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: kubeflow diff --git a/kustomize/base/operators/kfoperators/pytorch/kustomization.yaml b/kustomize/base/operators/kfoperators/pytorch/kustomization.yaml deleted file mode 100644 index 7b00dcfb6e..0000000000 --- a/kustomize/base/operators/kfoperators/pytorch/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -bases: - - ../namespace - - github.com/kubeflow/manifests/pytorch-job/pytorch-job-crds/base?ref=v1.0-branch - - github.com/kubeflow/manifests/pytorch-job/pytorch-operator/base?ref=v1.0-branch diff --git a/kustomize/base/operators/kfoperators/tensorflow/kustomization.yaml b/kustomize/base/operators/kfoperators/tensorflow/kustomization.yaml deleted file mode 100644 index 9d7d7b7def..0000000000 --- a/kustomize/base/operators/kfoperators/tensorflow/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -bases: - - ../namespace - - github.com/kubeflow/manifests/tf-training/tf-job-crds/base?ref=v1.0.0 - - github.com/kubeflow/manifests/tf-training/tf-job-operator/base?ref=v1.0.0 diff --git a/kustomize/base/operators/sagemaker/kustomization.yaml b/kustomize/base/operators/sagemaker/kustomization.yaml deleted file mode 100644 index c9ea0aaaba..0000000000 --- a/kustomize/base/operators/sagemaker/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - https://raw.githubusercontent.com/aws/amazon-sagemaker-operator-for-k8s/v1.2.1/release/rolebased/installer.yaml diff --git a/kustomize/base/operators/spark/deployment.yaml b/kustomize/base/operators/spark/deployment.yaml deleted file mode 100644 index e8195ef1a2..0000000000 --- a/kustomize/base/operators/spark/deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: sparkoperator - namespace: sparkoperator - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sparkoperator - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "10254" - prometheus.io/path: "/metrics" - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - spec: - serviceAccountName: sparkoperator - volumes: - - name: webhook-certs - secret: - secretName: spark-webhook-certs - containers: - - name: sparkoperator-unknown - image: gcr.io/spark-operator/spark-operator:v1beta2-1.1.2-2.4.5 - volumeMounts: - - name: webhook-certs - mountPath: /etc/webhook-certs - imagePullPolicy: Always - command: ["/usr/bin/spark-operator"] - ports: - - containerPort: 10254 - - containerPort: 8080 - args: - - -logtostderr - - -v=2 - - -controller-threads=20 - - -enable-metrics=true - - "-metrics-prefix=service:" - - -metrics-labels=task_name - - -metrics-labels=workflow_name - - -enable-webhook=true - - -webhook-svc-namespace=sparkoperator diff --git a/kustomize/base/operators/spark/kustomization.yaml b/kustomize/base/operators/spark/kustomization.yaml deleted file mode 100644 index cfcdd57ab5..0000000000 --- a/kustomize/base/operators/spark/kustomization.yaml +++ /dev/null @@ -1,15 +0,0 @@ -resources: -- spark-operator.yaml -- sparkapplications-crd.yaml -- scheduledsparkapplications-crd.yaml -- deployment.yaml -- webhook.yaml - -vars: - - name: NAMESPACE - objref: - kind: Deployment - name: sparkoperator - apiVersion: apps/v1 - fieldref: - fieldpath: metadata.namespace diff --git a/kustomize/base/operators/spark/scheduledsparkapplications-crd.yaml b/kustomize/base/operators/spark/scheduledsparkapplications-crd.yaml deleted file mode 100644 index 3bda678787..0000000000 --- a/kustomize/base/operators/spark/scheduledsparkapplications-crd.yaml +++ /dev/null @@ -1,3762 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (unknown) - creationTimestamp: null - name: scheduledsparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: ScheduledSparkApplication - listKind: ScheduledSparkApplicationList - plural: scheduledsparkapplications - shortNames: - - scheduledsparkapp - singular: scheduledsparkapplication - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - concurrencyPolicy: - type: string - failedRunHistoryLimit: - format: int32 - type: integer - schedule: - type: string - successfulRunHistoryLimit: - format: int32 - type: integer - suspend: - type: boolean - template: - properties: - arguments: - items: - type: string - type: array - batchScheduler: - type: string - batchSchedulerOptions: - properties: - priorityClassName: - type: string - queue: - type: string - type: object - deps: - properties: - files: - items: - type: string - type: array - jars: - items: - type: string - type: array - pyFiles: - items: - type: string - type: array - type: object - driver: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - podName: - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - serviceAccount: - type: string - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - executor: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - deleteOnTermination: - type: boolean - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - instances: - format: int32 - minimum: 1 - type: integer - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - failureRetries: - format: int32 - type: integer - hadoopConf: - additionalProperties: - type: string - type: object - hadoopConfigMap: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - type: string - type: array - mainApplicationFile: - type: string - mainClass: - type: string - memoryOverheadFactor: - type: string - mode: - enum: - - cluster - - client - type: string - monitoring: - properties: - exposeDriverMetrics: - type: boolean - exposeExecutorMetrics: - type: boolean - metricsProperties: - type: string - metricsPropertiesFile: - type: string - prometheus: - properties: - configFile: - type: string - configuration: - type: string - jmxExporterJar: - type: string - port: - format: int32 - maximum: 49151 - minimum: 1024 - type: integer - required: - - jmxExporterJar - type: object - required: - - exposeDriverMetrics - - exposeExecutorMetrics - type: object - nodeSelector: - additionalProperties: - type: string - type: object - pythonVersion: - enum: - - "2" - - "3" - type: string - restartPolicy: - properties: - onFailureRetries: - format: int32 - minimum: 0 - type: integer - onFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - onSubmissionFailureRetries: - format: int32 - minimum: 0 - type: integer - onSubmissionFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - type: - enum: - - Never - - Always - - OnFailure - type: string - type: object - retryInterval: - format: int64 - type: integer - serviceAccount: - type: string - sparkConf: - additionalProperties: - type: string - type: object - sparkConfigMap: - type: string - sparkVersion: - type: string - timeToLiveSeconds: - format: int64 - type: integer - type: - enum: - - Java - - Python - - Scala - - R - type: string - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - type: string - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - driver - - executor - - sparkVersion - - type - type: object - required: - - schedule - - template - type: object - status: - properties: - lastRun: - format: date-time - nullable: true - type: string - lastRunName: - type: string - nextRun: - format: date-time - nullable: true - type: string - pastFailedRunNames: - items: - type: string - type: array - pastSuccessfulRunNames: - items: - type: string - type: array - reason: - type: string - scheduleState: - type: string - type: object - required: - - metadata - - spec - type: object - version: v1beta2 - versions: - - name: v1beta2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/kustomize/base/operators/spark/spark-operator.yaml b/kustomize/base/operators/spark/spark-operator.yaml deleted file mode 100644 index 43b481768f..0000000000 --- a/kustomize/base/operators/spark/spark-operator.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: sparkoperator ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: sparkoperator - namespace: sparkoperator ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: sparkoperator -rules: -- apiGroups: [""] - resources: ["pods"] - verbs: ["*"] -- apiGroups: [""] - resources: ["services", "configmaps", "secrets"] - verbs: ["create", "get", "delete"] -- apiGroups: ["extensions"] - resources: ["ingresses"] - verbs: ["create", "get", "delete"] -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] -- apiGroups: ["batch"] - resources: ["jobs"] - verbs: ["create", "get", "update", "delete", "list", "watch"] -- apiGroups: [""] - resources: ["events"] - verbs: ["create", "update", "patch"] -- apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["create", "get", "update", "delete"] -- apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations"] - verbs: ["create", "get", "update", "delete"] -- apiGroups: ["sparkoperator.k8s.io"] - resources: ["sparkapplications", "scheduledsparkapplications", "sparkapplications/status", "scheduledsparkapplications/status"] - verbs: ["*"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: sparkoperator -subjects: - - kind: ServiceAccount - name: sparkoperator - namespace: sparkoperator -roleRef: - kind: ClusterRole - name: sparkoperator - apiGroup: rbac.authorization.k8s.io diff --git a/kustomize/base/operators/spark/sparkapplications-crd.yaml b/kustomize/base/operators/spark/sparkapplications-crd.yaml deleted file mode 100644 index 895d4d0037..0000000000 --- a/kustomize/base/operators/spark/sparkapplications-crd.yaml +++ /dev/null @@ -1,3771 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (unknown) - creationTimestamp: null - name: sparkapplications.sparkoperator.k8s.io -spec: - group: sparkoperator.k8s.io - names: - kind: SparkApplication - listKind: SparkApplicationList - plural: sparkapplications - shortNames: - - sparkapp - singular: sparkapplication - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - arguments: - items: - type: string - type: array - batchScheduler: - type: string - batchSchedulerOptions: - properties: - priorityClassName: - type: string - queue: - type: string - type: object - deps: - properties: - files: - items: - type: string - type: array - jars: - items: - type: string - type: array - pyFiles: - items: - type: string - type: array - type: object - driver: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - podName: - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - serviceAccount: - type: string - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - executor: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - configMaps: - items: - properties: - name: - type: string - path: - type: string - required: - - name - - path - type: object - type: array - coreLimit: - type: string - coreRequest: - type: string - cores: - format: int32 - minimum: 1 - type: integer - deleteOnTermination: - type: boolean - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - envSecretKeyRefs: - additionalProperties: - properties: - key: - type: string - name: - type: string - required: - - key - - name - type: object - type: object - envVars: - additionalProperties: - type: string - type: object - gpu: - properties: - name: - type: string - quantity: - format: int64 - type: integer - required: - - name - - quantity - type: object - hostNetwork: - type: boolean - image: - type: string - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - instances: - format: int32 - minimum: 1 - type: integer - javaOptions: - type: string - labels: - additionalProperties: - type: string - type: object - memory: - type: string - memoryOverhead: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - schedulerName: - type: string - secrets: - items: - properties: - name: - type: string - path: - type: string - secretType: - type: string - required: - - name - - path - - secretType - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - required: - - containerPort - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - required: - - mountPath - - name - type: object - type: array - type: object - failureRetries: - format: int32 - type: integer - hadoopConf: - additionalProperties: - type: string - type: object - hadoopConfigMap: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - type: string - type: array - mainApplicationFile: - type: string - mainClass: - type: string - memoryOverheadFactor: - type: string - mode: - enum: - - cluster - - client - type: string - monitoring: - properties: - exposeDriverMetrics: - type: boolean - exposeExecutorMetrics: - type: boolean - metricsProperties: - type: string - metricsPropertiesFile: - type: string - prometheus: - properties: - configFile: - type: string - configuration: - type: string - jmxExporterJar: - type: string - port: - format: int32 - maximum: 49151 - minimum: 1024 - type: integer - required: - - jmxExporterJar - type: object - required: - - exposeDriverMetrics - - exposeExecutorMetrics - type: object - nodeSelector: - additionalProperties: - type: string - type: object - pythonVersion: - enum: - - "2" - - "3" - type: string - restartPolicy: - properties: - onFailureRetries: - format: int32 - minimum: 0 - type: integer - onFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - onSubmissionFailureRetries: - format: int32 - minimum: 0 - type: integer - onSubmissionFailureRetryInterval: - format: int64 - minimum: 1 - type: integer - type: - enum: - - Never - - Always - - OnFailure - type: string - type: object - retryInterval: - format: int64 - type: integer - serviceAccount: - type: string - sparkConf: - additionalProperties: - type: string - type: object - sparkConfigMap: - type: string - sparkVersion: - type: string - timeToLiveSeconds: - format: int64 - type: integer - type: - enum: - - Java - - Python - - Scala - - R - type: string - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - type: string - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - driver - - executor - - sparkVersion - - type - type: object - status: - properties: - applicationState: - properties: - errorMessage: - type: string - state: - type: string - required: - - state - type: object - driverInfo: - properties: - podName: - type: string - webUIAddress: - type: string - webUIIngressAddress: - type: string - webUIIngressName: - type: string - webUIPort: - format: int32 - type: integer - webUIServiceName: - type: string - type: object - executionAttempts: - format: int32 - type: integer - executorState: - additionalProperties: - type: string - type: object - sparkApplicationId: - type: string - submissionAttempts: - format: int32 - type: integer - submissionID: - type: string - submissionTime: - format: date-time - nullable: true - type: string - terminationTime: - format: date-time - nullable: true - type: string - required: - - driverInfo - type: object - required: - - metadata - - spec - type: object - version: v1beta2 - versions: - - name: v1beta2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/kustomize/base/operators/spark/webhook.yaml b/kustomize/base/operators/spark/webhook.yaml deleted file mode 100644 index d09106c6e7..0000000000 --- a/kustomize/base/operators/spark/webhook.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: sparkoperator-init - namespace: sparkoperator - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 -spec: - backoffLimit: 3 - template: - metadata: - labels: - app.kubernetes.io/name: sparkoperator - app.kubernetes.io/version: v2.4.5-v1beta2 - spec: - serviceAccountName: sparkoperator - restartPolicy: Never - containers: - - name: main - image: gcr.io/spark-operator/spark-operator:v1beta2-1.1.2-2.4.5 - imagePullPolicy: IfNotPresent - command: ["/usr/bin/gencerts.sh","--namespace", "$(NAMESPACE)", "-p"] ---- -kind: Service -apiVersion: v1 -metadata: - name: spark-webhook - namespace: sparkoperator -spec: - ports: - - port: 443 - targetPort: 8080 - name: webhook - selector: - app.kubernetes.io/name: sparkoperator diff --git a/kustomize/base/pod_webhook/deployment.yaml b/kustomize/base/pod_webhook/deployment.yaml deleted file mode 100644 index 4209031b9b..0000000000 --- a/kustomize/base/pod_webhook/deployment.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyte-pod-webhook - namespace: flyte - labels: - app: flyte-pod-webhook -spec: - selector: - matchLabels: - app: flyte-pod-webhook - template: - metadata: - labels: - app: flyte-pod-webhook - app.kubernetes.io/name: flyte-pod-webhook - app.kubernetes.io/version: 0.5.13 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "10254" - prometheus.io/path: "/metrics" - spec: - securityContext: - fsGroup: 65534 - runAsUser: 1001 - fsGroupChangePolicy: "Always" - serviceAccountName: flyte-pod-webhook - initContainers: - - name: generate-secrets - image: flytepropeller:v0.5.13 - imagePullPolicy: IfNotPresent - command: - - flytepropeller - args: - - webhook - - init-certs - - --config - - /etc/flyte/config/*.yaml - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - containers: - - name: webhook - image: flytepropeller:v0.5.13 - imagePullPolicy: IfNotPresent - command: - - flytepropeller - args: - - webhook - - --config - - /etc/flyte/config/*.yaml - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - readOnly: true - - name: webhook-certs - mountPath: /etc/webhook/certs - readOnly: true - volumes: - - name: config-volume - configMap: - name: flyte-propeller-config - - name: webhook-certs - secret: - secretName: flyte-pod-webhook diff --git a/kustomize/base/pod_webhook/kustomization.yaml b/kustomize/base/pod_webhook/kustomization.yaml deleted file mode 100644 index c1b978c89d..0000000000 --- a/kustomize/base/pod_webhook/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -resources: - - deployment.yaml - - rbac.yaml - - secret.yaml - - service.yaml diff --git a/kustomize/base/pod_webhook/rbac.yaml b/kustomize/base/pod_webhook/rbac.yaml deleted file mode 100644 index 94b3ded0fa..0000000000 --- a/kustomize/base/pod_webhook/rbac.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# Create a ClusterRole for the webhook -# https://kubernetes.io/docs/admin/authorization/rbac/ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flyte-pod-webhook - namespace: flyte -rules: - - apiGroups: - - "*" - resources: - - mutatingwebhookconfigurations - - secrets - - pods - - replicasets/finalizers - verbs: - - get - - create - - update - - patch ---- -# Create a Service Account for webhook -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyte-pod-webhook - namespace: flyte ---- -# Create a binding from Role -> ServiceAccount -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flyte-pod-webhook - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flyte-pod-webhook -subjects: - - kind: ServiceAccount - name: flyte-pod-webhook - namespace: flyte diff --git a/kustomize/base/pod_webhook/secret.yaml b/kustomize/base/pod_webhook/secret.yaml deleted file mode 100644 index b5f37860ce..0000000000 --- a/kustomize/base/pod_webhook/secret.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: flyte-pod-webhook - namespace: flyte -type: Opaque diff --git a/kustomize/base/pod_webhook/service.yaml b/kustomize/base/pod_webhook/service.yaml deleted file mode 100644 index 41d86826d7..0000000000 --- a/kustomize/base/pod_webhook/service.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: flyte-pod-webhook - namespace: flyte - annotations: - # This tells contour to use a H2 connection for the port associated - # with the name 'grpc' under spec/ports. - # For more information, refer to - # https://github.com/heptio/contour/blob/master/docs/annotations.md#contour-specific-service-annotations - # # Following this issue - the annotation was updated https://github.com/projectcontour/contour/issues/2092 - projectcontour.io/upstream-protocol.h2c: "grpc" -spec: - selector: - app: flyte-pod-webhook - ports: - - name: https - protocol: TCP - port: 443 - targetPort: 9443 diff --git a/kustomize/base/propeller/auth_secret.yaml b/kustomize/base/propeller/auth_secret.yaml deleted file mode 100644 index a6b978f605..0000000000 --- a/kustomize/base/propeller/auth_secret.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: flyte-secret-auth - namespace: flyte -type: Opaque -stringData: - client_secret: foobar diff --git a/kustomize/base/propeller/deployment.yaml b/kustomize/base/propeller/deployment.yaml deleted file mode 100644 index 8df9e9ca07..0000000000 --- a/kustomize/base/propeller/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -# Create the actual deployment -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte - labels: - app: flytepropeller -spec: - selector: - matchLabels: - app: flytepropeller - template: - metadata: - labels: - app: flytepropeller - app.kubernetes.io/name: flytepropeller - app.kubernetes.io/version: 0.7.1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "10254" - prometheus.io/path: "/metrics" - spec: - securityContext: - fsGroup: 65534 - runAsUser: 1001 - fsGroupChangePolicy: "Always" - serviceAccountName: flytepropeller - volumes: - - name: config-volume - configMap: - name: flyte-propeller-config - - name: auth - secret: - secretName: flyte-secret-auth - containers: - - name: flytepropeller - image: flytepropeller:v0.7.1 - command: - - flytepropeller - args: - - --config - - /etc/flyte/config/*.yaml - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - imagePullPolicy: IfNotPresent - ports: - - containerPort: 10254 - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: auth - mountPath: /etc/secrets/ diff --git a/kustomize/base/propeller/kustomization.yaml b/kustomize/base/propeller/kustomization.yaml deleted file mode 100644 index a558adcc2c..0000000000 --- a/kustomize/base/propeller/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resources: - - auth_secret.yaml - - deployment.yaml - - rbac.yaml diff --git a/kustomize/base/propeller/rbac.yaml b/kustomize/base/propeller/rbac.yaml deleted file mode 100644 index 3e0811ac79..0000000000 --- a/kustomize/base/propeller/rbac.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Create a ClusterRole for flytepropeller -# https://kubernetes.io/docs/admin/authorization/rbac/ -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flytepropeller -rules: -#Allow RO access to PODS - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -#Allow Event recording access - - apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - delete - - patch -#Allow Access All plugin objects - - apiGroups: - - "*" - resources: - - "*" - verbs: - - get - - list - - watch - - create - - update - - delete - - patch -#Allow Access to CRD - - apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - create - - delete - - update -#Allow Access to all resources under flyte.lyft.com - - apiGroups: - - flyte.lyft.com - resources: - - flyteworkflows - - flyteworkflows/finalizers - verbs: - - get - - list - - watch - - create - - update - - delete - - patch - - post - - deletecollection ---- -# Create a Service Account for Flytepropeller -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte ---- -# Create a binding from Role -> ServiceAccount -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: flytepropeller - namespace: flyte -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: flytepropeller -subjects: -- kind: ServiceAccount - name: flytepropeller - namespace: flyte diff --git a/kustomize/base/schedulerdeployment/configmap.yaml b/kustomize/base/schedulerdeployment/configmap.yaml deleted file mode 100644 index 6a5b445af5..0000000000 --- a/kustomize/base/schedulerdeployment/configmap.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: flyte-scheduler-config - namespace: flyte - labels: - app.kubernetes.io/name: flytescheduler - app.kubernetes.io/instance: flyte - helm.sh/chart: flyte-v0.1.10 - app.kubernetes.io/managed-by: Helm -data: - admin.yaml: | - admin: - clientId: flytepropeller - clientSecretLocation: /etc/secrets/client_secret - endpoint: flyteadmin:81 - insecure: true - event: - capacity: 1000 - rate: 500 - type: admin - db.yaml: | - database: - dbname: postgres - host: postgres - port: 5432 - username: postgres - logger.yaml: | - logger: - level: 4 - show-source: true diff --git a/kustomize/base/schedulerdeployment/deployment.yaml b/kustomize/base/schedulerdeployment/deployment.yaml deleted file mode 100644 index e919a76893..0000000000 --- a/kustomize/base/schedulerdeployment/deployment.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# Create the actual deployment -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytescheduler - namespace: flyte - labels: - app: flytescheduler -spec: - replicas: 1 - selector: - matchLabels: - app: flytescheduler - template: - metadata: - labels: - app: flytescheduler - app.kubernetes.io/name: flytescheduler - app.kubernetes.io/version: 0.3.4 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "10254" - prometheus.io/path: "/metrics" - spec: - serviceAccountName: flyteadmin - volumes: - - name: config-volume - configMap: - name: flyte-scheduler-config - - name: db-pass - secret: - secretName: db-pass - - name: auth - secret: - secretName: flyte-secret-auth - initContainers: - - command: - - flytescheduler - - precheck - - --config - - /etc/flyte/config/*.yaml - image: "cr.flyte.org/flyteorg/flytescheduler:v0.6.49" - imagePullPolicy: "IfNotPresent" - name: flytescheduler-check - volumeMounts: - - mountPath: /etc/flyte/config - name: config-volume - containers: - - command: - - flytescheduler - - run - - --config - - /etc/flyte/config/*.yaml - image: "cr.flyte.org/flyteorg/flytescheduler:v0.6.49" - imagePullPolicy: "IfNotPresent" - name: flytescheduler - resources: - limits: - cpu: 250m - ephemeral-storage: 100Mi - memory: 500Mi - requests: - cpu: 10m - ephemeral-storage: 50Mi - memory: 50Mi - volumeMounts: - - name: auth - mountPath: /etc/secrets/ - - mountPath: /etc/flyte/config - name: config-volume - - name: db-pass - mountPath: /etc/db diff --git a/kustomize/base/schedulerdeployment/kustomization.yaml b/kustomize/base/schedulerdeployment/kustomization.yaml deleted file mode 100644 index 898fc1587d..0000000000 --- a/kustomize/base/schedulerdeployment/kustomization.yaml +++ /dev/null @@ -1,3 +0,0 @@ -resources: - - deployment.yaml - - configmap.yaml diff --git a/kustomize/base/single_cluster/README.md b/kustomize/base/single_cluster/README.md deleted file mode 100644 index 2934642945..0000000000 --- a/kustomize/base/single_cluster/README.md +++ /dev/null @@ -1,15 +0,0 @@ -[Back to Base components menu](../) -# Flyte Single cluster deployment mode -This allows flyte to be deployed in one Kubernetes cluster. -All components are deployed and can be configured to use dependencies based on the environment. - -To understand configuration of dependencies refer to sandbox or any cloud deployments - -Overlays using the single cluster mode -1. [Sandbox Overlay](../../overlays/sandbox) -1. [GCP SingleCluster Overlay](../../overlays/gcp) -1. [EKS SingleCluster Overlay](../../overlays/eks) - -These overlays are based on [Flyte Single Cluster deployment Configuration base](./complete) - -The complete per component configuration for Flyte can be found [here](./headless/config) diff --git a/kustomize/base/single_cluster/complete/README.md b/kustomize/base/single_cluster/complete/README.md deleted file mode 100644 index 052104b66e..0000000000 --- a/kustomize/base/single_cluster/complete/README.md +++ /dev/null @@ -1,7 +0,0 @@ -[Back to Base components menu](../) -# Flyte Single cluster deployment mode -This provides a complete deployment of Flyte onto a single K8s cluster, it is based on [Headless Cluster](../headless). -The configuration for this deployment is also completely managed in the Headless Cluster configuration. - -This overlay just adds to resource - Sync controller and Flyte Console - diff --git a/kustomize/base/single_cluster/complete/kustomization.yaml b/kustomize/base/single_cluster/complete/kustomization.yaml deleted file mode 100644 index 54a1f14d87..0000000000 --- a/kustomize/base/single_cluster/complete/kustomization.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -bases: -- ../headless - -# All the resources that make up the deployment -resources: -# global resources -- ../../admindeployment/clustersync -- ../../console - -# configMapGenerator: -# TODO Flyte Console Configuration -#- name: flyte-console-config -# files: -# - ./config/console.yaml diff --git a/kustomize/base/single_cluster/headless/README.md b/kustomize/base/single_cluster/headless/README.md deleted file mode 100644 index ddc5573197..0000000000 --- a/kustomize/base/single_cluster/headless/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# Flyte Headless cluster - -This is a complete single cluster Flyte deployment with 2 missing features -1. FlyteConsole is not installed - No UI -2. Clustersync manager is not installed - No automatic update of projects and tenant specific information - - -## USE Cases -This configuration is useful in running integration / end to end tests diff --git a/kustomize/base/single_cluster/headless/config/admin/cluster_resources.yaml b/kustomize/base/single_cluster/headless/config/admin/cluster_resources.yaml deleted file mode 100644 index bd2f1dc9d6..0000000000 --- a/kustomize/base/single_cluster/headless/config/admin/cluster_resources.yaml +++ /dev/null @@ -1,19 +0,0 @@ -cluster_resources: - templatePath: "/etc/flyte/clusterresource/templates" - customData: - - production: - - projectQuotaCpu: - value: "5" - - projectQuotaMemory: - value: "4000Mi" - - staging: - - projectQuotaCpu: - value: "2" - - projectQuotaMemory: - value: "3000Mi" - - development: - - projectQuotaCpu: - value: "4" - - projectQuotaMemory: - value: "3000Mi" - refreshInterval: 1m diff --git a/kustomize/base/single_cluster/headless/config/admin/db.yaml b/kustomize/base/single_cluster/headless/config/admin/db.yaml deleted file mode 100644 index 5aefbfb435..0000000000 --- a/kustomize/base/single_cluster/headless/config/admin/db.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# This should be replaced with the db endpoint -# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc -# Or can be a self hosted Postgres in the cluster -database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable - passwordPath: /etc/db/pass.txt diff --git a/kustomize/base/single_cluster/headless/config/admin/domain.yaml b/kustomize/base/single_cluster/headless/config/admin/domain.yaml deleted file mode 100644 index 9df6ef80a9..0000000000 --- a/kustomize/base/single_cluster/headless/config/admin/domain.yaml +++ /dev/null @@ -1,7 +0,0 @@ -domains: - - id: development - name: development - - id: staging - name: staging - - id: production - name: production diff --git a/kustomize/base/single_cluster/headless/config/admin/server.yaml b/kustomize/base/single_cluster/headless/config/admin/server.yaml deleted file mode 100644 index e13f3ad156..0000000000 --- a/kustomize/base/single_cluster/headless/config/admin/server.yaml +++ /dev/null @@ -1,43 +0,0 @@ -server: - httpPort: 8088 - grpcPort: 8089 - security: - # Controls whether to serve requests over SSL/TLS. - secure: false - # Controls whether to enforce authentication. Follow the guide in https://docs.flyte.org/ on how to setup authentication. - useAuth: false - allowCors: true - allowedOrigins: - # Accepting all domains for Sandbox installation - - "*" - allowedHeaders: - - "Content-Type" - - "flyte-authorization" -auth: - authorizedUris: - # This should point at your public http Uri. - - https://localhost:30081 - # This will be used by internal services in the same namespace as flyteadmin - - http://flyteadmin:80 - # This will be used by internal services in the same cluster but different namespaces - - http://flyteadmin.flyte.svc.cluster.local:80 - - # Controls app authentication config - appAuth: - thirdPartyConfig: - flyteClient: - clientId: flytectl - redirectUri: https://localhost:53593/callback - scopes: - - offline - - all - # Controls user authentication - userAuth: - openId: - baseUrl: https://accounts.google.com - scopes: - - profile - - openid - clientId: 657465813211-6eog7ek7li5k7i7fvgv2921075063hpe.apps.googleusercontent.com -flyteadmin: - roleNameKey: "iam.amazonaws.com/role" diff --git a/kustomize/base/single_cluster/headless/config/admin/task_resource_defaults.yaml b/kustomize/base/single_cluster/headless/config/admin/task_resource_defaults.yaml deleted file mode 100644 index f057182fb5..0000000000 --- a/kustomize/base/single_cluster/headless/config/admin/task_resource_defaults.yaml +++ /dev/null @@ -1,10 +0,0 @@ -task_resources: - defaults: - cpu: 100m - memory: 100Mi - storage: 5Mi - limits: - cpu: 2 - memory: 1Gi - storage: 20Mi - gpu: 1 diff --git a/kustomize/base/single_cluster/headless/config/clusterresource-templates/aa_namespace.yaml b/kustomize/base/single_cluster/headless/config/clusterresource-templates/aa_namespace.yaml deleted file mode 100644 index 3075aa9f9e..0000000000 --- a/kustomize/base/single_cluster/headless/config/clusterresource-templates/aa_namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: {{ namespace }} -spec: - finalizers: - - kubernetes diff --git a/kustomize/base/single_cluster/headless/config/clusterresource-templates/ab_project-resource-quota.yaml b/kustomize/base/single_cluster/headless/config/clusterresource-templates/ab_project-resource-quota.yaml deleted file mode 100644 index ddfade3c29..0000000000 --- a/kustomize/base/single_cluster/headless/config/clusterresource-templates/ab_project-resource-quota.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ResourceQuota -metadata: - name: project-quota - namespace: {{ namespace }} -spec: - hard: - limits.cpu: {{ projectQuotaCpu }} - limits.memory: {{ projectQuotaMemory }} - diff --git a/kustomize/base/single_cluster/headless/config/common/logger.yaml b/kustomize/base/single_cluster/headless/config/common/logger.yaml deleted file mode 100644 index 7fc20650ec..0000000000 --- a/kustomize/base/single_cluster/headless/config/common/logger.yaml +++ /dev/null @@ -1,4 +0,0 @@ -# TODO this is used to control the log level -logger: - show-source: true - level: 2 diff --git a/kustomize/base/single_cluster/headless/config/common/storage.yaml b/kustomize/base/single_cluster/headless/config/common/storage.yaml deleted file mode 100644 index 09e6ec6dec..0000000000 --- a/kustomize/base/single_cluster/headless/config/common/storage.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# TODO This should be changed for the right storage option - e.g. -# hosted blob stores like S3, GCS, AFS etc -# k8s blob store like minio -# For all supported options look at https://github.com/lyft/flytestdlib/blob/master/storage/config.go -storage: - type: mem diff --git a/kustomize/base/single_cluster/headless/config/console/console.yaml b/kustomize/base/single_cluster/headless/config/console/console.yaml deleted file mode 100644 index d1c0cc51dc..0000000000 --- a/kustomize/base/single_cluster/headless/config/console/console.yaml +++ /dev/null @@ -1,3 +0,0 @@ -# This determines the base url used for all console links. It must match the route specified in ingress.yaml -BASE_URL: /console -CONFIG_DIR: /etc/flyte/config diff --git a/kustomize/base/single_cluster/headless/config/datacatalog/db.yaml b/kustomize/base/single_cluster/headless/config/datacatalog/db.yaml deleted file mode 100644 index 479475aa94..0000000000 --- a/kustomize/base/single_cluster/headless/config/datacatalog/db.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# This should be replaced with the db endpoint -# This can be a postgres data base in the cloud like AWS Aurora / AWS RDS, Google Cloud SQL, etc -# Or can be a self hosted Postgres in the cluster -database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable - passwordPath: /etc/db/pass.txt diff --git a/kustomize/base/single_cluster/headless/config/datacatalog/server.yaml b/kustomize/base/single_cluster/headless/config/datacatalog/server.yaml deleted file mode 100644 index 1cdd80c27f..0000000000 --- a/kustomize/base/single_cluster/headless/config/datacatalog/server.yaml +++ /dev/null @@ -1,6 +0,0 @@ -datacatalog: - storage-prefix: metadata/datacatalog - metrics-scope: "datacatalog" - profiler-port: 10254 -application: - grpcPort: 8089 diff --git a/kustomize/base/single_cluster/headless/config/propeller/admin.yaml b/kustomize/base/single_cluster/headless/config/propeller/admin.yaml deleted file mode 100644 index 55cf01b83b..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/admin.yaml +++ /dev/null @@ -1,7 +0,0 @@ -event: - type: admin - rate: 500 - capacity: 1000 -admin: - endpoint: flyteadmin:81 - insecure: true diff --git a/kustomize/base/single_cluster/headless/config/propeller/catalog.yaml b/kustomize/base/single_cluster/headless/config/propeller/catalog.yaml deleted file mode 100644 index e70e7bd770..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/catalog.yaml +++ /dev/null @@ -1,4 +0,0 @@ -catalog-cache: - endpoint: datacatalog:89 - type: datacatalog - insecure: true diff --git a/kustomize/base/single_cluster/headless/config/propeller/core.yaml b/kustomize/base/single_cluster/headless/config/propeller/core.yaml deleted file mode 100644 index 055e7a8840..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/core.yaml +++ /dev/null @@ -1,36 +0,0 @@ -propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 4 - max-workflow-retries: 30 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: maxof - rate: 100 - capacity: 1000 - base-delay: 5s - max-delay: 120s - sub-queue: - type: bucket - rate: 10 - capacity: 100 -webhook: - certDir: /etc/webhook/certs - serviceName: flyte-pod-webhook diff --git a/kustomize/base/single_cluster/headless/config/propeller/enabled_plugins.yaml b/kustomize/base/single_cluster/headless/config/propeller/enabled_plugins.yaml deleted file mode 100644 index ebf4892451..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/enabled_plugins.yaml +++ /dev/null @@ -1,8 +0,0 @@ -## -# TODO It is important to enable the plugins that you want to deploy here. -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array diff --git a/kustomize/base/single_cluster/headless/config/propeller/plugins/copilot.yaml b/kustomize/base/single_cluster/headless/config/propeller/plugins/copilot.yaml deleted file mode 100644 index 31f483ab6d..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/plugins/copilot.yaml +++ /dev/null @@ -1,6 +0,0 @@ -plugins: - k8s: - co-pilot: - name: "flyte-copilot-" - image: "cr.flyte.org/flyteorg/flytecopilot:v0.0.15" - start-timeout: "30s" diff --git a/kustomize/base/single_cluster/headless/config/propeller/plugins/k8s.yaml b/kustomize/base/single_cluster/headless/config/propeller/plugins/k8s.yaml deleted file mode 100644 index 5097741639..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/plugins/k8s.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# TODO set any custom env vars -plugins: - k8s: - default-env-vars: - - SOME_ENV_VARS: "These get passed to all containers" - default-cpus: 100m - default-memory: 100Mi diff --git a/kustomize/base/single_cluster/headless/config/propeller/resource_manager.yaml b/kustomize/base/single_cluster/headless/config/propeller/resource_manager.yaml deleted file mode 100644 index a4601e8f2d..0000000000 --- a/kustomize/base/single_cluster/headless/config/propeller/resource_manager.yaml +++ /dev/null @@ -1,7 +0,0 @@ -propeller: - resourcemanager: - type: redis - resourceMaxQuota: 10000 - redis: - hostPath: redis-resource-manager:6379 - hostKey: mypassword diff --git a/kustomize/base/single_cluster/headless/kustomization.yaml b/kustomize/base/single_cluster/headless/kustomization.yaml deleted file mode 100644 index 8e6067e997..0000000000 --- a/kustomize/base/single_cluster/headless/kustomization.yaml +++ /dev/null @@ -1,63 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -# All the resources that make up the deployment -resources: - # global resources - - ../../namespace - - ../../admindeployment - - ../../schedulerdeployment - - ../../datacatalog - - ../../wf_crd - - ../../pod_webhook - - ../../propeller - - ../../adminserviceaccount - -configMapGenerator: - # the main admin configmap - - name: flyte-admin-config - files: - - ./config/admin/server.yaml - - ./config/admin/domain.yaml - - ./config/admin/db.yaml - - ./config/admin/cluster_resources.yaml - - ./config/admin/task_resource_defaults.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - - # cluster resource templates - - name: clusterresource-template - files: - # Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - - ./config/clusterresource-templates/aa_namespace.yaml - - ./config/clusterresource-templates/ab_project-resource-quota.yaml - - # Flyte Propeller Configuration - - name: flyte-propeller-config - files: - - ./config/propeller/core.yaml - - ./config/propeller/admin.yaml - - ./config/propeller/catalog.yaml - - ./config/propeller/resource_manager.yaml - - ./config/propeller/enabled_plugins.yaml - - ./config/propeller/plugins/copilot.yaml - - ./config/propeller/plugins/k8s.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - - # TODO Flyte Console Configuration - #- name: flyte-console-config - # files: - # - ./config/console.yaml - - - name: datacatalog-config - files: - - ./config/datacatalog/server.yaml - - ./config/datacatalog/db.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - -secretGenerator: - - name: db-pass - literals: - - pass.txt="awesomesauce" diff --git a/kustomize/base/wf_crd/kustomization.yaml b/kustomize/base/wf_crd/kustomization.yaml deleted file mode 100644 index 6f680eaac2..0000000000 --- a/kustomize/base/wf_crd/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- wf_crd.yaml diff --git a/kustomize/base/wf_crd/wf_crd.yaml b/kustomize/base/wf_crd/wf_crd.yaml deleted file mode 100644 index 3cd3c3eb17..0000000000 --- a/kustomize/base/wf_crd/wf_crd.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - # name must match the spec fields below, and be in the form: . - name: flyteworkflows.flyte.lyft.com -spec: - # group name to use for REST API: /apis// - group: flyte.lyft.com - # either Namespaced or Cluster - names: - # plural name to be used in the URL: /apis/// - plural: flyteworkflows - # singular name to be used as an alias on the CLI and for display - singular: flyteworkflow - # kind is normally the CamelCased singular type. Your resource manifests use this. - kind: FlyteWorkflow - # shortNames allow shorter string to match your resource on the CLI - shortNames: - - fly - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true diff --git a/kustomize/overlays/README.md b/kustomize/overlays/README.md deleted file mode 100644 index 63ed238e9e..0000000000 --- a/kustomize/overlays/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Deploy Flyte using one of the given overlays - -To start a deployment use one of the following overlays as a starting point. If you are just playing around with Flyte, use Sandbox overlay - and preferably the pre-generated yaml - available [here](../../deployment/sandbox/flyte_generated.yaml) - -1. [Sandbox](./sandbox) : A pre-configured overlay to deploy a complete standalone cluster onto a local k8s cluster -1. [GCP](./gcp): An almost configured overlay to deploy a production ready cluster to GCP. Some modifications needed for your environment -1. [EKS](./eks): An almost configured overlay to deploy a production ready cluster to AWS. Some modifications needed for your environment diff --git a/kustomize/overlays/eks/README.md b/kustomize/overlays/eks/README.md deleted file mode 100644 index 8873542337..0000000000 --- a/kustomize/overlays/eks/README.md +++ /dev/null @@ -1,73 +0,0 @@ -[All Overlays](./) -# :construction: Amazon EKS deployment - -This overlay serves as an example to bootstrap Flyte setup on AWS. It is not -designed to work out of the box due to the need of AWS resources. Please follow the instruction -below to further configure. - -_Hint_: searching `TODO:` through this directory would help to understand what needs to be done. - -## Amazon RDS / Amazon Aurora - -A few things are required for this overlay to function: - -* Two databases named as `flyte` and `datacatalog` -* A database user named as `flyte` -* Password of the database user can be added to either to [kustomization.yaml](kustomization.yaml) or you can create a new file and change the secretGenerator tag to use files. (Refer to kustomize documentation) -* Service account(s) associated with `flyteadmin` and `datacatalog` pods (either as GKE cluster - service account or through workload identity) should have `Cloud SQL Editor` role - -## Create S3 bucket -1. Create a S3 bucket named as `flyte` (if other name replace it next) -1. Replace in [config/common/storage.yaml](flyte/config/common/storage.yaml) if using a bucket other than Flyte then replace the bucket name too - -## flyteadmin - -flyteadmin configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](flyte/config/admin/db.yaml) - -**Advanced / OPTIONAL** -1. The default CORS setting in flyteAdmin allows cross origin requests. A more secure way would be to allow requests only from the expected domain. To do this, you will have to create a new *server.yaml* -similar to [base/single_cluster/headless/config](../../base/single_cluster/headless/config) under config/admin and then set -`server -> security -> allowedOrigins`. - -## flyteconsole - -[flyteconsole configmap](console/config.yaml) needs to be updated with flyteadmin internal load -balancer IP address or the DNS name associated with it if any. - -flyteconsole is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). - -## flytepropeller - -flytepropeller configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to the config for performance tuning and logs -For logs configuration Replace `` in [config/propeller/plugins/task_logs.yaml](flyte/config/propeller/plugins/task_logs.yaml) to use CloudWatch - -Some important points - -* Storage configuration is shared with Admin and Catalog. Ideally in production Propeller should have its own configuration with real high cache size. - -* By default, three plugins are enabled: -1. container -2. k8s-array -3. sidecar - -## datacatalog - -datacatalog configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](flyte/config/datacatalog/db.yaml) - - -## How to build your overlay -To build your overlay there are 2 options -1. Build it in your own repo Example coming soon :construction: -1. hack it in your clone of Flyte repo in place of EKS overlay. In this case just navigate to the root of the repo and run -```bash -$ make kustomize -``` -If all goes well a new overlay composite should be generated in [/deployment/eks/flyte_generated.yaml](../../../deployment/eks/flyte_generated.yaml) - -## Now ship it - -``` shell -make -kubectl apply -f deployment/gcp/flyte_generated.yaml -``` diff --git a/kustomize/overlays/eks/flyte/admin/deployment.yaml b/kustomize/overlays/eks/flyte/admin/deployment.yaml deleted file mode 100644 index b581a3dba1..0000000000 --- a/kustomize/overlays/eks/flyte/admin/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteadmin - namespace: flyte -spec: - template: - spec: - containers: - - name: flyteadmin - resources: - limits: - memory: "1Gi" - cpu: "2" - ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/eks/flyte/admin/service.yaml b/kustomize/overlays/eks/flyte/admin/service.yaml deleted file mode 100644 index de61a74fde..0000000000 --- a/kustomize/overlays/eks/flyte/admin/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: - service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" - # TODO add security groups - service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: "sg-...,sg-...,sg-..." - # TODO alter domain - external-dns.alpha.kubernetes.io/hostname: "flyteadmin.subdomain.mydomain.com" - name: flyteadmin - namespace: flyte -spec: - loadBalancerSourceRanges: - # TODO change source ip range if desired - - 0.0.0.0 - ports: - # TODO do multiple ports work for ELB - - name: http - port: 80 - protocol: TCP - targetPort: 8088 - - name: grpc - port: 80 - protocol: TCP - targetPort: 8089 - selector: - app: flyteadmin - type: LoadBalancer diff --git a/kustomize/overlays/eks/flyte/admin/serviceaccount.yaml b/kustomize/overlays/eks/flyte/admin/serviceaccount.yaml deleted file mode 100644 index cf30eaa74a..0000000000 --- a/kustomize/overlays/eks/flyte/admin/serviceaccount.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flyteadmin - namespace: flyte - annotations: - eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" - diff --git a/kustomize/overlays/eks/flyte/config/admin/db.yaml b/kustomize/overlays/eks/flyte/config/admin/db.yaml deleted file mode 100644 index d44ef2329d..0000000000 --- a/kustomize/overlays/eks/flyte/config/admin/db.yaml +++ /dev/null @@ -1,7 +0,0 @@ -database: - port: 5432 - username: flyte - # TODO Change this to match aurora or rds postgres endpoint - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flyte - passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/eks/flyte/config/admin/task_resource_defaults.yaml b/kustomize/overlays/eks/flyte/config/admin/task_resource_defaults.yaml deleted file mode 100644 index 06870c232b..0000000000 --- a/kustomize/overlays/eks/flyte/config/admin/task_resource_defaults.yaml +++ /dev/null @@ -1,10 +0,0 @@ -task_resources: - defaults: - cpu: 1000m - memory: 1000Mi - storage: 1000Mi - limits: - cpu: 2 - memory: 8Gi - storage: 2000Mi - gpu: 1 diff --git a/kustomize/overlays/eks/flyte/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/overlays/eks/flyte/config/clusterresource-templates/ad_spark-role.yaml deleted file mode 100644 index 51998e3051..0000000000 --- a/kustomize/overlays/eks/flyte/config/clusterresource-templates/ad_spark-role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: spark-role - namespace: {{ namespace }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' diff --git a/kustomize/overlays/eks/flyte/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/overlays/eks/flyte/config/clusterresource-templates/ae_spark-service-account.yaml deleted file mode 100644 index dddd8d2742..0000000000 --- a/kustomize/overlays/eks/flyte/config/clusterresource-templates/ae_spark-service-account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: spark - namespace: {{ namespace }} diff --git a/kustomize/overlays/eks/flyte/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/overlays/eks/flyte/config/clusterresource-templates/af_spark-role-binding.yaml deleted file mode 100644 index 2e9c8ae765..0000000000 --- a/kustomize/overlays/eks/flyte/config/clusterresource-templates/af_spark-role-binding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: spark-role-binding - namespace: {{ namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: spark-role -subjects: -- kind: ServiceAccount - name: spark - namespace: {{ namespace }} - diff --git a/kustomize/overlays/eks/flyte/config/common/storage.yaml b/kustomize/overlays/eks/flyte/config/common/storage.yaml deleted file mode 100644 index 39dd393112..0000000000 --- a/kustomize/overlays/eks/flyte/config/common/storage.yaml +++ /dev/null @@ -1,17 +0,0 @@ -storage: - type: stow - stow: - kind: s3 - config: - auth_type: iam - region: us-east-2 - # TODO replace with the container (bucket) in s3 used by Flyte as intermediate store - container: "flyte-demo" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 diff --git a/kustomize/overlays/eks/flyte/config/datacatalog/db.yaml b/kustomize/overlays/eks/flyte/config/datacatalog/db.yaml deleted file mode 100644 index 6be110650d..0000000000 --- a/kustomize/overlays/eks/flyte/config/datacatalog/db.yaml +++ /dev/null @@ -1,7 +0,0 @@ -database: - port: 5432 - username: flyte - # TODO Change this to match aurora or rds postgres endpoint - host: flyteadmin-cluster.cluster-456123e6ivib.us-west-2.rds.amazonaws.com - dbname: flytedatacatalog - passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/eks/flyte/config/propeller/core.yaml b/kustomize/overlays/eks/flyte/config/propeller/core.yaml deleted file mode 100644 index baa8c6b261..0000000000 --- a/kustomize/overlays/eks/flyte/config/propeller/core.yaml +++ /dev/null @@ -1,40 +0,0 @@ -propeller: - rawoutput-prefix: s3://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 40 - gc-interval: 12h - max-workflow-retries: 50 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - kube-client-config: - qps: 100 - burst: 25 - timeout: 30s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: maxof - rate: 100 - capacity: 1000 - base-delay: 5s - max-delay: 120s - sub-queue: - type: bucket - rate: 100 - capacity: 1000 - workflowStore: - policy: "ResourceVersionCache" diff --git a/kustomize/overlays/eks/flyte/config/propeller/enabled_plugins.yaml b/kustomize/overlays/eks/flyte/config/propeller/enabled_plugins.yaml deleted file mode 100644 index 9e4644ac18..0000000000 --- a/kustomize/overlays/eks/flyte/config/propeller/enabled_plugins.yaml +++ /dev/null @@ -1,15 +0,0 @@ -tasks: - max-plugin-phase-versions: 1000000 - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array - - pytorch - default-for-task-types: - container: container - sidecar: sidecar - spark: spark - container_array: k8s-array - pytorch: pytorch diff --git a/kustomize/overlays/eks/flyte/config/propeller/plugins/catalog_cache.yaml b/kustomize/overlays/eks/flyte/config/propeller/plugins/catalog_cache.yaml deleted file mode 100644 index 3678fbbc89..0000000000 --- a/kustomize/overlays/eks/flyte/config/propeller/plugins/catalog_cache.yaml +++ /dev/null @@ -1,6 +0,0 @@ -plugins: - catalogCache: - reader: - maxItems: 10000 - writer: - maxItems: 10000 diff --git a/kustomize/overlays/eks/flyte/config/propeller/plugins/k8s.yaml b/kustomize/overlays/eks/flyte/config/propeller/plugins/k8s.yaml deleted file mode 100644 index 8fe068397f..0000000000 --- a/kustomize/overlays/eks/flyte/config/propeller/plugins/k8s.yaml +++ /dev/null @@ -1,8 +0,0 @@ -plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi diff --git a/kustomize/overlays/eks/flyte/config/propeller/plugins/qubole.yaml b/kustomize/overlays/eks/flyte/config/propeller/plugins/qubole.yaml deleted file mode 100644 index ea34d2752b..0000000000 --- a/kustomize/overlays/eks/flyte/config/propeller/plugins/qubole.yaml +++ /dev/null @@ -1,3 +0,0 @@ -plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" diff --git a/kustomize/overlays/eks/flyte/config/propeller/plugins/spark.yaml b/kustomize/overlays/eks/flyte/config/propeller/plugins/spark.yaml deleted file mode 100644 index 6b514a8c36..0000000000 --- a/kustomize/overlays/eks/flyte/config/propeller/plugins/spark.yaml +++ /dev/null @@ -1,20 +0,0 @@ -plugins: - spark: - spark-config-default: - # We override the default credentials chain provider for Hadoop so that - # it can use the serviceAccount based IAM role or ec2 metadata based. - # This is more in line with how AWS works - - spark.hadoop.fs.s3a.aws.credentials.provider: "com.amazonaws.auth.DefaultAWSCredentialsProviderChain" - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" diff --git a/kustomize/overlays/eks/flyte/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/eks/flyte/config/propeller/plugins/task_logs.yaml deleted file mode 100644 index 6e46cde9c2..0000000000 --- a/kustomize/overlays/eks/flyte/config/propeller/plugins/task_logs.yaml +++ /dev/null @@ -1,10 +0,0 @@ -plugins: - logs: - # Log links can link to multiple options - # #1 Kubernetes dashboard is disabled in GCP - kubernetes-enabled: false - # #2 AWS Cloudwatch - cloudwatch-enabled: true - # TODO Add region and log group - cloudwatch-region: - cloudwatch-log-group: diff --git a/kustomize/overlays/eks/flyte/console/service.yaml b/kustomize/overlays/eks/flyte/console/service.yaml deleted file mode 100644 index 7dcaed5d8b..0000000000 --- a/kustomize/overlays/eks/flyte/console/service.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: - service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "600" - # TODO add your security groups here - service.beta.kubernetes.io/aws-load-balancer-extra-security-groups: "sg-....,sg-...,sg-..." - # TODO add your external dns here - external-dns.alpha.kubernetes.io/hostname: "flyte.subdomain.mydomain.com" - name: flyteconsole - namespace: flyte -spec: - loadBalancerSourceRanges: - # TODO limit source ranges if you want - - 0.0.0.0 - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - selector: - app: flyteconsole - type: LoadBalancer diff --git a/kustomize/overlays/eks/flyte/datacatalog/deployment.yaml b/kustomize/overlays/eks/flyte/datacatalog/deployment.yaml deleted file mode 100644 index 1035dac5a0..0000000000 --- a/kustomize/overlays/eks/flyte/datacatalog/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: datacatalog - namespace: flyte -spec: - template: - spec: - containers: - - name: datacatalog - resources: - limits: - memory: "1Gi" - cpu: "2" - ephemeral-storage: "1000Mi" diff --git a/kustomize/overlays/eks/flyte/datacatalog/service.yaml b/kustomize/overlays/eks/flyte/datacatalog/service.yaml deleted file mode 100644 index 70e95295ab..0000000000 --- a/kustomize/overlays/eks/flyte/datacatalog/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: datacatalog-metrics - namespace: flyte - annotations: - cloud.google.com/load-balancer-type: Internal -spec: - selector: - app: datacatalog - type: LoadBalancer - ports: - - name: http-metrics - protocol: TCP - port: 10254 diff --git a/kustomize/overlays/eks/flyte/ingress/README.md b/kustomize/overlays/eks/flyte/ingress/README.md deleted file mode 100644 index 28fa058659..0000000000 --- a/kustomize/overlays/eks/flyte/ingress/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# :construction: Instructions to deploy ALB Ingress controller - -Follow instructions here to install ALB Ingress Controller: https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html - -Replace `alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:111111111111:certificate/e92fefd8-6197-4249-a524-431d611c9af6` in ingress.yaml and ingress_grpc.yaml with your own SSL cert (that you will create by following ALB Instructions above) diff --git a/kustomize/overlays/eks/flyte/ingress/ingress.yaml b/kustomize/overlays/eks/flyte/ingress/ingress.yaml deleted file mode 100644 index 05b6ba465e..0000000000 --- a/kustomize/overlays/eks/flyte/ingress/ingress.yaml +++ /dev/null @@ -1,157 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: flytesystem - namespace: flyte - annotations: - kubernetes.io/ingress.class: alb - alb.ingress.kubernetes.io/tags: service_instance=production - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]' - alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' - - # Instruct ALB Controller to not create multiple load balancers (and hence maintain a single endpoint for both GRPC and Http) - alb.ingress.kubernetes.io/group.name: flytesystem - - # Replace certificate Arn with one deployed to your EKS cluster. Follow instructions in README.md - alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:111111111111:certificate/e92fefd8-6197-4249-a524-431d611c9af6 - labels: - app: flyteadmin -spec: - rules: - - http: - paths: - - path: /* - pathType: ImplementationSpecific - backend: - service: - name: ssl-redirect - port: - name: use-annotation - - path: /console - pathType: ImplementationSpecific - backend: - service: - name: flyteconsole - port: - number: 80 - - path: /console/* - pathType: ImplementationSpecific - backend: - service: - name: flyteconsole - port: - number: 80 - - path: /api/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /healthcheck - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /v1/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - # Port 87 in FlyteAdmin maps to the redoc container. - - path: /openapi/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 87 - - path: /.well-known/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /login - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /login/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /logout - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /logout/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /callback - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /callback/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /me - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /config - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /config/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /oauth2 - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 - - path: /oauth2/* - pathType: ImplementationSpecific - backend: - service: - name: flyteadmin - port: - number: 80 diff --git a/kustomize/overlays/eks/flyte/ingress/ingress_grpc.yaml b/kustomize/overlays/eks/flyte/ingress/ingress_grpc.yaml deleted file mode 100644 index bfc75f6d35..0000000000 --- a/kustomize/overlays/eks/flyte/ingress/ingress_grpc.yaml +++ /dev/null @@ -1,52 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' - alb.ingress.kubernetes.io/backend-protocol-version: GRPC - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/tags: service_instance=production - kubernetes.io/ingress.class: alb - nginx.ingress.kubernetes.io/ssl-redirect: "false" - alb.ingress.kubernetes.io/group.name: flytesystem - - # Replace certificate Arn with one deployed to your EKS cluster. Follow instructions in README.md - alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:111111111111:certificate/e92fefd8-6197-4249-a524-431d611c9af6 - labels: - app: flyteadmin - name: flytesystem-grpc - namespace: flyte -spec: - rules: - - http: - paths: - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.SignalService/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AdminService/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.AuthMetadataService/* - pathType: ImplementationSpecific - - backend: - service: - name: flyteadmin - port: - number: 81 - path: /flyteidl.service.IdentityService/* - pathType: ImplementationSpecific diff --git a/kustomize/overlays/eks/flyte/ingress/kustomization.yaml b/kustomize/overlays/eks/flyte/ingress/kustomization.yaml deleted file mode 100644 index 2cb8f8d97a..0000000000 --- a/kustomize/overlays/eks/flyte/ingress/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - ingress.yaml - - ingress_grpc.yaml diff --git a/kustomize/overlays/eks/flyte/kustomization.yaml b/kustomize/overlays/eks/flyte/kustomization.yaml deleted file mode 100644 index cdc206dca1..0000000000 --- a/kustomize/overlays/eks/flyte/kustomization.yaml +++ /dev/null @@ -1,62 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -# Override the namespace -namespace: flyte - -bases: - - ../../../base/single_cluster/complete - - ingress - -resources: - - datacatalog/service.yaml - - propeller/service.yaml - -patchesStrategicMerge: - - admin/deployment.yaml - - admin/service.yaml - - admin/serviceaccount.yaml - - datacatalog/deployment.yaml - - propeller/deployment.yaml - - propeller/serviceaccount.yaml - - console/service.yaml - -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - -configMapGenerator: - - behavior: merge - files: - - ./config/admin/db.yaml - - ./config/admin/task_resource_defaults.yaml - - ./config/common/storage.yaml - name: flyte-admin-config - - behavior: merge - files: - - ./config/clusterresource-templates/ad_spark-role.yaml - - ./config/clusterresource-templates/ae_spark-service-account.yaml - - ./config/clusterresource-templates/af_spark-role-binding.yaml - name: clusterresource-template - - behavior: merge - files: - - ./config/propeller/core.yaml - - ./config/propeller/enabled_plugins.yaml - - ./config/propeller/plugins/catalog_cache.yaml - - ./config/propeller/plugins/k8s.yaml - - ./config/propeller/plugins/qubole.yaml - - ./config/propeller/plugins/spark.yaml - - ./config/propeller/plugins/task_logs.yaml - - ./config/common/storage.yaml - name: flyte-propeller-config - - behavior: merge - files: - - ./config/common/storage.yaml - - ./config/datacatalog/db.yaml - name: datacatalog-config - -########### -# Use this to record the password for the Google CloudSQL Database -secretGenerator: - - name: db-pass - behavior: merge - literals: - - pass.txt="yourpassword" diff --git a/kustomize/overlays/eks/flyte/propeller/deployment.yaml b/kustomize/overlays/eks/flyte/propeller/deployment.yaml deleted file mode 100644 index 9a46601b53..0000000000 --- a/kustomize/overlays/eks/flyte/propeller/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - containers: - - name: flytepropeller - resources: - limits: - memory: "4Gi" - cpu: "2" - ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/eks/flyte/propeller/service.yaml b/kustomize/overlays/eks/flyte/propeller/service.yaml deleted file mode 100644 index e80a8746e6..0000000000 --- a/kustomize/overlays/eks/flyte/propeller/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: flytepropeller - namespace: flyte - annotations: - cloud.google.com/load-balancer-type: Internal -spec: - type: LoadBalancer - selector: - app: flytepropeller - ports: - - name: http-metrics - protocol: TCP - port: 10254 diff --git a/kustomize/overlays/eks/flyte/propeller/serviceaccount.yaml b/kustomize/overlays/eks/flyte/propeller/serviceaccount.yaml deleted file mode 100644 index 9272749c4b..0000000000 --- a/kustomize/overlays/eks/flyte/propeller/serviceaccount.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: flytepropeller - namespace: flyte - annotations: - # TODO the role to use - eks.amazonaws.com/role-arn: "arn:aws:iam::111222333456:role/flyte-operator" diff --git a/kustomize/overlays/eks/kustomization.yaml b/kustomize/overlays/eks/kustomization.yaml deleted file mode 100644 index b29d932a80..0000000000 --- a/kustomize/overlays/eks/kustomization.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -bases: - # All the resources that make up the deployment - - flyte - ######## - # Operators to be enabled - ############# - # Dependencies to be configured - # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc - # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) - # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - # Add node ports for ease of use locally - - ../../base/operators/spark - - ../../base/operators/kfoperators/pytorch - # Optional dependency - - ../../base/addons/redis - -# Images that should be used -images: - # FlyteAdmin - - name: flyteadmin # match images with this name - newTag: v1.11.0-b1 # FLYTEADMIN_TAG override the tag - newName: cr.flyte.org/flyteorg/flyteadmin # override the name - # FlyteConsole - - name: flyteconsole # match images with this name - newTag: v1.11.0 # FLYTECONSOLE_TAG the tag - newName: cr.flyte.org/flyteorg/flyteconsole # override the namep - # Flyte DataCatalog - - name: datacatalog # match images with this name - newTag: v1.11.0-b1 # DATACATALOG_TAG override the tag - newName: cr.flyte.org/flyteorg/datacatalog # override the name - # FlytePropeller - - name: flytepropeller # match images with this name - newTag: v1.11.0-b1 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Webhook - - name: webhook # match images with this name - newTag: v1.11.0-b1 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Override postgres image to use alpine based (rather smaller) docker image - - name: postgres - newTag: 13-21.04_beta - newName: ecr.flyte.org/ubuntu/postgres - - name: minio - newTag: 2021.10.13-debian-10-r0 - newName: ecr.flyte.org/bitnami/minio - - name: redis - newTag: 6.2.5-debian-10-r59 - newName: ecr.flyte.org/bitnami/redis diff --git a/kustomize/overlays/gcp/README.md b/kustomize/overlays/gcp/README.md deleted file mode 100644 index 450f73dbfd..0000000000 --- a/kustomize/overlays/gcp/README.md +++ /dev/null @@ -1,95 +0,0 @@ -[All Overlays](./) -# :beta: Google Cloud Platform Overlay - -This overlay serves as an example to bootstrap Flyte setup on Google Cloud Platform (GCP). It is not -designed to work out of the box due to the need of GCP resources. Please follow the instruction -below to further configure. - -_Hint_: searching `TODO:` through this directory would help to understand what needs to be done. - -## Cloud SQL - -[Cloud SQL](https://cloud.google.com/sql) is used as persistence layer. To set it up, please -follow standard GCP documentation. - -A few things are required for this overlay to function: - -* Two databases named as `flyte` and `datacatalog` -* A database user named as `flyte` -* Password of the database user can be added to either to [kustomization.yaml](kustomization.yaml) or you can create a new file and change the secretGenerator tag to use files. (Refer to kustomize documentation) -* Service account(s) associated with `flyteadmin` and `datacatalog` pods (either as GKE cluster - service account or through workload identity) should have `Cloud SQL Editor` role - -To securely access Cloud SQL instance, [Cloud SQL -Proxy](https://cloud.google.com/sql/docs/postgres/connect-admin-proxy) is launched as a pod sitting -in between Flyte and Cloud SQL instance. - -The kustomization files can be found under [cloudsqlproxy](dependencies/cloudsqlproxy/). Please note that one -needs to replace `` and `` accordingly in -[dependencies/cloudsqlproxy/deployment.yaml](cloudsqlproxy/deployment.yaml). - -## Create GCS Storage -1. Create a GCS bucket named as `flyte` in a GCP project. -1. Replace `` in [config/common/storage.yaml](flyte/config/common/storage.yaml) with the GCP project ID and if using a bucket other than Flyte then replace the bucket name too - -## flyteadmin - -flyteadmin configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](flyte/config/admin/db.yaml) - -If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. - -**Advanced / OPTIONAL** -1. The default CORS setting in flyteAdmin allows cross origin requests. A more secure way would be to allow requests only from the expected domain. To do this, you will have to create a new *server.yaml* -similar to [base/single_cluster/headless/config](../../base/single_cluster/headless/config) under config/admin and then set -`server -> security -> allowedOrigins`. - -1. flyteadmin (including metrics endpoint) is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). - -## flyteconsole - -[flyteconsole configmap](console/config.yaml) needs to be updated with flyteadmin internal load -balancer IP address or the DNS name associated with it if any. - -flyteconsole is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). - -## flytepropeller - -flytepropeller configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to the config for performance tuning and logs -For logs configuration Replace `` in [config/propeller/plugins/task_logs.yaml](flyte/config/propeller/plugins/task_logs.yaml) with the GCP project ID - -Some important points - -* Storage configuration is shared with Admin and Catalog. Ideally in production Propeller should have its own configuration with real high cache size. - -* By default, three plugins are enabled: -1. container -2. k8s-array -3. sidecar - -* flytepropeller metrics endpoint is exposed as a service using [internal load balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). - -## datacatalog - -datacatalog configuration is derived from the [single cluster](../../base/single_cluster) overlay, with only modification to [database configuration db.yaml](flyte/config/datacatalog/db.yaml) - -If one has followed [Cloud SQL](#cloud-sql) section, there is nothing to be done for database. - -datacatalog metrics endpoint is exposed as a service using [internal load -balancer](https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing). - - -## How to build your overlay -To build your overlay there are 2 options -1. Build it in your own repo Example coming soon :construction: -1. hack it in your clone of Flyte repo in place of GCP overlay. In this case just navigate to the root of the repo and run -```bash -$ make kustomize -``` -If all goes well a new overlay composite should be generated in [/deployment/gcp/flyte_generated.yaml](../../../deployment/gcp/flyte_generated.yaml) - -## Now ship it - -``` shell -make -kubectl apply -f deployment/gcp/flyte_generated.yaml -``` diff --git a/kustomize/overlays/gcp/flyte/admin/deployment.yaml b/kustomize/overlays/gcp/flyte/admin/deployment.yaml deleted file mode 100644 index b581a3dba1..0000000000 --- a/kustomize/overlays/gcp/flyte/admin/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteadmin - namespace: flyte -spec: - template: - spec: - containers: - - name: flyteadmin - resources: - limits: - memory: "1Gi" - cpu: "2" - ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/gcp/flyte/admin/service.yaml b/kustomize/overlays/gcp/flyte/admin/service.yaml deleted file mode 100644 index 1af1d10ce8..0000000000 --- a/kustomize/overlays/gcp/flyte/admin/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: flyteadmin - namespace: flyte - annotations: - cloud.google.com/load-balancer-type: Internal -spec: - type: LoadBalancer - ports: - - name: redoc - protocol: TCP - port: 87 - targetPort: 8087 - - name: http-metrics - protocol: TCP - port: 10254 diff --git a/kustomize/overlays/gcp/flyte/config/admin/db.yaml b/kustomize/overlays/gcp/flyte/config/admin/db.yaml deleted file mode 100644 index 4e2741221d..0000000000 --- a/kustomize/overlays/gcp/flyte/config/admin/db.yaml +++ /dev/null @@ -1,6 +0,0 @@ -database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: flyte - passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/gcp/flyte/config/admin/task_resource_defaults.yaml b/kustomize/overlays/gcp/flyte/config/admin/task_resource_defaults.yaml deleted file mode 100644 index 06870c232b..0000000000 --- a/kustomize/overlays/gcp/flyte/config/admin/task_resource_defaults.yaml +++ /dev/null @@ -1,10 +0,0 @@ -task_resources: - defaults: - cpu: 1000m - memory: 1000Mi - storage: 1000Mi - limits: - cpu: 2 - memory: 8Gi - storage: 2000Mi - gpu: 1 diff --git a/kustomize/overlays/gcp/flyte/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/overlays/gcp/flyte/config/clusterresource-templates/ad_spark-role.yaml deleted file mode 100644 index 51998e3051..0000000000 --- a/kustomize/overlays/gcp/flyte/config/clusterresource-templates/ad_spark-role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: spark-role - namespace: {{ namespace }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' diff --git a/kustomize/overlays/gcp/flyte/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/overlays/gcp/flyte/config/clusterresource-templates/ae_spark-service-account.yaml deleted file mode 100644 index dddd8d2742..0000000000 --- a/kustomize/overlays/gcp/flyte/config/clusterresource-templates/ae_spark-service-account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: spark - namespace: {{ namespace }} diff --git a/kustomize/overlays/gcp/flyte/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/overlays/gcp/flyte/config/clusterresource-templates/af_spark-role-binding.yaml deleted file mode 100644 index 2e9c8ae765..0000000000 --- a/kustomize/overlays/gcp/flyte/config/clusterresource-templates/af_spark-role-binding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: spark-role-binding - namespace: {{ namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: spark-role -subjects: -- kind: ServiceAccount - name: spark - namespace: {{ namespace }} - diff --git a/kustomize/overlays/gcp/flyte/config/common/storage.yaml b/kustomize/overlays/gcp/flyte/config/common/storage.yaml deleted file mode 100644 index 6f20d08dcd..0000000000 --- a/kustomize/overlays/gcp/flyte/config/common/storage.yaml +++ /dev/null @@ -1,19 +0,0 @@ -storage: - type: stow - stow: - kind: google - config: - json: "" - # TODO: replace with the GCP project ID - project_id: - scopes: https://www.googleapis.com/auth/cloud-platform - # TODO replace with the container (bucket) in GCS used by Flyte as intermediate store - container: "flyte" - # NOTE this cache configuration is purely for propeller. But since we are having a common storage - # config, we are configuring this value. In production create a separate storage config for - # propeller and increase the cache size - cache: - max_size_mbs: 512 - target_gc_percent: 70 - limits: - maxDownloadMBs: 10 diff --git a/kustomize/overlays/gcp/flyte/config/datacatalog/db.yaml b/kustomize/overlays/gcp/flyte/config/datacatalog/db.yaml deleted file mode 100644 index abfb330459..0000000000 --- a/kustomize/overlays/gcp/flyte/config/datacatalog/db.yaml +++ /dev/null @@ -1,7 +0,0 @@ -database: - port: 5432 - username: flyte - host: cloudsqlproxy - dbname: datacatalog - options: "sslmode=disable" - passwordPath: /etc/db/pass.txt diff --git a/kustomize/overlays/gcp/flyte/config/propeller/core.yaml b/kustomize/overlays/gcp/flyte/config/propeller/core.yaml deleted file mode 100644 index b49a5f4188..0000000000 --- a/kustomize/overlays/gcp/flyte/config/propeller/core.yaml +++ /dev/null @@ -1,40 +0,0 @@ -propeller: - rawoutput-prefix: gs://my-s3-bucket/ - metadata-prefix: metadata/propeller - workers: 40 - gc-interval: 12h - max-workflow-retries: 50 - workflow-reeval-duration: 30s - downstream-eval-duration: 30s - limit-namespace: "all" - prof-port: 10254 - metrics-prefix: flyte - enable-admin-launcher: true - leader-election: - lock-config-map: - name: propeller-leader - namespace: flyte - enabled: true - lease-duration: 15s - renew-deadline: 10s - retry-period: 2s - kube-client-config: - qps: 100 - burst: 25 - timeout: 30s - queue: - type: batch - batching-interval: 2s - batch-size: -1 - queue: - type: maxof - rate: 100 - capacity: 1000 - base-delay: 5s - max-delay: 120s - sub-queue: - type: bucket - rate: 100 - capacity: 1000 - workflowStore: - policy: "ResourceVersionCache" diff --git a/kustomize/overlays/gcp/flyte/config/propeller/enabled_plugins.yaml b/kustomize/overlays/gcp/flyte/config/propeller/enabled_plugins.yaml deleted file mode 100644 index 9e4644ac18..0000000000 --- a/kustomize/overlays/gcp/flyte/config/propeller/enabled_plugins.yaml +++ /dev/null @@ -1,15 +0,0 @@ -tasks: - max-plugin-phase-versions: 1000000 - task-plugins: - enabled-plugins: - - container - - sidecar - - spark - - k8s-array - - pytorch - default-for-task-types: - container: container - sidecar: sidecar - spark: spark - container_array: k8s-array - pytorch: pytorch diff --git a/kustomize/overlays/gcp/flyte/config/propeller/plugins/catalog_cache.yaml b/kustomize/overlays/gcp/flyte/config/propeller/plugins/catalog_cache.yaml deleted file mode 100644 index 3678fbbc89..0000000000 --- a/kustomize/overlays/gcp/flyte/config/propeller/plugins/catalog_cache.yaml +++ /dev/null @@ -1,6 +0,0 @@ -plugins: - catalogCache: - reader: - maxItems: 10000 - writer: - maxItems: 10000 diff --git a/kustomize/overlays/gcp/flyte/config/propeller/plugins/k8s.yaml b/kustomize/overlays/gcp/flyte/config/propeller/plugins/k8s.yaml deleted file mode 100644 index 8fe068397f..0000000000 --- a/kustomize/overlays/gcp/flyte/config/propeller/plugins/k8s.yaml +++ /dev/null @@ -1,8 +0,0 @@ -plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi diff --git a/kustomize/overlays/gcp/flyte/config/propeller/plugins/qubole.yaml b/kustomize/overlays/gcp/flyte/config/propeller/plugins/qubole.yaml deleted file mode 100644 index ea34d2752b..0000000000 --- a/kustomize/overlays/gcp/flyte/config/propeller/plugins/qubole.yaml +++ /dev/null @@ -1,3 +0,0 @@ -plugins: - qubole: - quboleTokenKey: "FLYTE_QUBOLE_CLIENT_TOKEN" diff --git a/kustomize/overlays/gcp/flyte/config/propeller/plugins/spark.yaml b/kustomize/overlays/gcp/flyte/config/propeller/plugins/spark.yaml deleted file mode 100644 index c1ffb9209a..0000000000 --- a/kustomize/overlays/gcp/flyte/config/propeller/plugins/spark.yaml +++ /dev/null @@ -1,16 +0,0 @@ -plugins: - spark: - spark-config-default: - - spark.hadoop.mapreduce.fileoutputcommitter.algorithm.version: "2" - - spark.kubernetes.allocation.batch.size: "50" - - spark.hadoop.fs.s3a.acl.default: "BucketOwnerFullControl" - - spark.hadoop.fs.s3n.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3n.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.impl: "org.apache.hadoop.fs.s3a.S3AFileSystem" - - spark.hadoop.fs.AbstractFileSystem.s3a.impl: "org.apache.hadoop.fs.s3a.S3A" - - spark.hadoop.fs.s3a.multipart.threshold: "536870912" - - spark.blacklist.enabled: "true" - - spark.blacklist.timeout: "5m" - - spark.task.maxfailures: "8" diff --git a/kustomize/overlays/gcp/flyte/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/gcp/flyte/config/propeller/plugins/task_logs.yaml deleted file mode 100644 index 5a9d0714c5..0000000000 --- a/kustomize/overlays/gcp/flyte/config/propeller/plugins/task_logs.yaml +++ /dev/null @@ -1,10 +0,0 @@ -plugins: - logs: - # Log links can link to multiple options - # #1 Kubernetes dashboard is disabled in GCP - kubernetes-enabled: false - # #2 GCP stackdriver - stackdriver-enabled: true - # TODO: replace with the GCP project ID - gcp-project: - stackdriver-logresourcename: k8s_container diff --git a/kustomize/overlays/gcp/flyte/console/service.yaml b/kustomize/overlays/gcp/flyte/console/service.yaml deleted file mode 100644 index 2d3ad158aa..0000000000 --- a/kustomize/overlays/gcp/flyte/console/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: - cloud.google.com/load-balancer-type: Internal - name: flyteconsole - namespace: flyte -spec: - selector: - app: flyteconsole - type: LoadBalancer - ports: - - name: redoc - protocol: TCP - port: 87 - targetPort: 8087 - - name: http-metrics - protocol: TCP - port: 10254 diff --git a/kustomize/overlays/gcp/flyte/datacatalog/deployment.yaml b/kustomize/overlays/gcp/flyte/datacatalog/deployment.yaml deleted file mode 100644 index 1035dac5a0..0000000000 --- a/kustomize/overlays/gcp/flyte/datacatalog/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: datacatalog - namespace: flyte -spec: - template: - spec: - containers: - - name: datacatalog - resources: - limits: - memory: "1Gi" - cpu: "2" - ephemeral-storage: "1000Mi" diff --git a/kustomize/overlays/gcp/flyte/datacatalog/service.yaml b/kustomize/overlays/gcp/flyte/datacatalog/service.yaml deleted file mode 100644 index 70e95295ab..0000000000 --- a/kustomize/overlays/gcp/flyte/datacatalog/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: datacatalog-metrics - namespace: flyte - annotations: - cloud.google.com/load-balancer-type: Internal -spec: - selector: - app: datacatalog - type: LoadBalancer - ports: - - name: http-metrics - protocol: TCP - port: 10254 diff --git a/kustomize/overlays/gcp/flyte/kustomization.yaml b/kustomize/overlays/gcp/flyte/kustomization.yaml deleted file mode 100644 index 2e6e7e7cd8..0000000000 --- a/kustomize/overlays/gcp/flyte/kustomization.yaml +++ /dev/null @@ -1,59 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -# Override the namespace -namespace: flyte - -bases: -- ../../../base/single_cluster/complete - -resources: -- datacatalog/service.yaml -- propeller/service.yaml - -patchesStrategicMerge: -- admin/deployment.yaml -- admin/service.yaml -- datacatalog/deployment.yaml -- propeller/deployment.yaml -- console/service.yaml - -# Files are read in alphabetical order. To ensure that we create the namespace first, prefix the file name with "aa". - -configMapGenerator: -- behavior: merge - files: - - ./config/admin/db.yaml - - ./config/admin/task_resource_defaults.yaml - - ./config/common/storage.yaml - name: flyte-admin-config -- behavior: merge - files: - - ./config/clusterresource-templates/ad_spark-role.yaml - - ./config/clusterresource-templates/ae_spark-service-account.yaml - - ./config/clusterresource-templates/af_spark-role-binding.yaml - name: clusterresource-template -- behavior: merge - files: - - ./config/propeller/core.yaml - - ./config/propeller/enabled_plugins.yaml - - ./config/propeller/plugins/catalog_cache.yaml - - ./config/propeller/plugins/k8s.yaml - - ./config/propeller/plugins/qubole.yaml - - ./config/propeller/plugins/spark.yaml - - ./config/propeller/plugins/task_logs.yaml - - ./config/common/storage.yaml - name: flyte-propeller-config -- behavior: merge - files: - - ./config/common/storage.yaml - - ./config/datacatalog/db.yaml - name: datacatalog-config - -########### -# Use this to record the password for the Google CloudSQL Database -secretGenerator: -- name: db-pass - behavior: merge - literals: - - pass.txt="yourpassword" diff --git a/kustomize/overlays/gcp/flyte/propeller/deployment.yaml b/kustomize/overlays/gcp/flyte/propeller/deployment.yaml deleted file mode 100644 index 9a46601b53..0000000000 --- a/kustomize/overlays/gcp/flyte/propeller/deployment.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flytepropeller - namespace: flyte -spec: - template: - spec: - containers: - - name: flytepropeller - resources: - limits: - memory: "4Gi" - cpu: "2" - ephemeral-storage: "1Gi" diff --git a/kustomize/overlays/gcp/flyte/propeller/service.yaml b/kustomize/overlays/gcp/flyte/propeller/service.yaml deleted file mode 100644 index e80a8746e6..0000000000 --- a/kustomize/overlays/gcp/flyte/propeller/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: flytepropeller - namespace: flyte - annotations: - cloud.google.com/load-balancer-type: Internal -spec: - type: LoadBalancer - selector: - app: flytepropeller - ports: - - name: http-metrics - protocol: TCP - port: 10254 diff --git a/kustomize/overlays/gcp/kustomization.yaml b/kustomize/overlays/gcp/kustomization.yaml deleted file mode 100644 index e8dc107ffa..0000000000 --- a/kustomize/overlays/gcp/kustomization.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -bases: - # All the resources that make up the deployment - - flyte - ######## - # Operators to be enabled - ############# - # Dependencies to be configured - # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc - # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) - # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - # Add node ports for ease of use locally - - ../../base/ingress - - ../../base/operators/spark - - ../../base/operators/kfoperators/pytorch - - ../../base/addons/cloudsqlproxy - # Optional dependency - - ../../base/addons/redis - -# Images that should be used -images: - # FlyteAdmin - - name: flyteadmin # match images with this name - newTag: v1.10.7-b2 # FLYTEADMIN_TAG override the tag - newName: cr.flyte.org/flyteorg/flyteadmin # override the name - # FlyteConsole - - name: flyteconsole # match images with this name - newTag: v1.10.2 # FLYTECONSOLE_TAG the tag - newName: cr.flyte.org/flyteorg/flyteconsole # override the namep - # Flyte DataCatalog - - name: datacatalog # match images with this name - newTag: v1.10.7-b2 # DATACATALOG_TAG override the tag - newName: cr.flyte.org/flyteorg/datacatalog # override the name - # FlytePropeller - - name: flytepropeller # match images with this name - newTag: v1.10.7-b2 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Webhook - - name: webhook # match images with this name - newTag: v1.10.7-b2 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Override postgres image to use alpine based (rather smaller) docker image - - name: postgres - newTag: 13-21.04_beta - newName: ecr.flyte.org/ubuntu/postgres - - name: minio - newTag: 2021.10.13-debian-10-r0 - newName: ecr.flyte.org/bitnami/minio - - name: redis - newTag: 6.2.5-debian-10-r59 - newName: ecr.flyte.org/bitnami/redis diff --git a/kustomize/overlays/sandbox/README.md b/kustomize/overlays/sandbox/README.md deleted file mode 100644 index 82dbef46f1..0000000000 --- a/kustomize/overlays/sandbox/README.md +++ /dev/null @@ -1,4 +0,0 @@ -[All overlays](../) -# Flyte Sandbox deployment - Kustomize overlay -This module creates a standalone Flyte cluster with all its dependencies. This is a great starting point for trying out Flyte and experimenting with Flyte. The overlay can be Kustomized and made to -scale higher, but as is is not intended for production use diff --git a/kustomize/overlays/sandbox/flyte/admin/deployment.yaml b/kustomize/overlays/sandbox/flyte/admin/deployment.yaml deleted file mode 100644 index 857439a6dc..0000000000 --- a/kustomize/overlays/sandbox/flyte/admin/deployment.yaml +++ /dev/null @@ -1,105 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteadmin - namespace: flyte -spec: - template: - spec: - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - initContainers: - - name: check-db-ready - image: postgres:13-21.04_beta - command: [ - "sh", - "-c", - "until pg_isready -h postgres -p 5432; - do echo waiting for database; sleep 2; done;", - ] - securityContext: - runAsUser: 999 - - name: run-migrations - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: - [ - "flyteadmin", - "--config", - "/etc/flyte/config/*.yaml", - "migrate", - "run", - ] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: seed-projects - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: - [ - "flyteadmin", - "--config", - "/etc/flyte/config/*.yaml", - "migrate", - "seed-projects", - "flytesnacks", - "flyteexamples", - ] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: sync-cluster-resources - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: - [ - "flyteadmin", - "--config", - "/etc/flyte/config/*.yaml", - "clusterresource", - "sync", - ] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - containers: - - name: flyteadmin - resources: - limits: - memory: "200Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" - - name: sync-cluster-resources-goroutine - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: - [ - "flyteadmin", - "--config", - "/etc/flyte/config/*.yaml", - "clusterresource", - "run", - ] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteadmin - namespace: flyte -spec: - ports: - - name: redoc - protocol: TCP - port: 87 - targetPort: 8087 diff --git a/kustomize/overlays/sandbox/flyte/config/admin/db.yaml b/kustomize/overlays/sandbox/flyte/config/admin/db.yaml deleted file mode 100644 index c71ee6e4bb..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/admin/db.yaml +++ /dev/null @@ -1,6 +0,0 @@ -database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable diff --git a/kustomize/overlays/sandbox/flyte/config/admin/task_resource_defaults.yaml b/kustomize/overlays/sandbox/flyte/config/admin/task_resource_defaults.yaml deleted file mode 100644 index f3fd770e44..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/admin/task_resource_defaults.yaml +++ /dev/null @@ -1,10 +0,0 @@ -task_resources: - defaults: - cpu: 100m - memory: 200Mi - storage: 5Mi - limits: - cpu: 2 - memory: 1Gi - storage: 20Mi - gpu: 1 diff --git a/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ad_spark-role.yaml b/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ad_spark-role.yaml deleted file mode 100644 index 51998e3051..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ad_spark-role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: spark-role - namespace: {{ namespace }} -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - '*' -- apiGroups: - - "" - resources: - - services - verbs: - - '*' -- apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' diff --git a/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ae_spark-service-account.yaml b/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ae_spark-service-account.yaml deleted file mode 100644 index dddd8d2742..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/ae_spark-service-account.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: spark - namespace: {{ namespace }} diff --git a/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/af_spark-role-binding.yaml b/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/af_spark-role-binding.yaml deleted file mode 100644 index 6fa4f5cb8a..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/clusterresource-templates/af_spark-role-binding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: spark-role-binding - namespace: {{ namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: spark-role -subjects: -- kind: ServiceAccount - name: spark - namespace: {{ namespace }} diff --git a/kustomize/overlays/sandbox/flyte/config/common/logger.yaml b/kustomize/overlays/sandbox/flyte/config/common/logger.yaml deleted file mode 100644 index a6854ed6ce..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/common/logger.yaml +++ /dev/null @@ -1,3 +0,0 @@ -logger: - show-source: true - level: 2 diff --git a/kustomize/overlays/sandbox/flyte/config/common/storage.yaml b/kustomize/overlays/sandbox/flyte/config/common/storage.yaml deleted file mode 100644 index 16e6f52755..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/common/storage.yaml +++ /dev/null @@ -1,11 +0,0 @@ -storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - diff --git a/kustomize/overlays/sandbox/flyte/config/datacatalog/db.yaml b/kustomize/overlays/sandbox/flyte/config/datacatalog/db.yaml deleted file mode 100644 index 76ba812d63..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/datacatalog/db.yaml +++ /dev/null @@ -1,6 +0,0 @@ -database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable diff --git a/kustomize/overlays/sandbox/flyte/config/propeller/enabled_plugins.yaml b/kustomize/overlays/sandbox/flyte/config/propeller/enabled_plugins.yaml deleted file mode 100644 index 0978255017..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/propeller/enabled_plugins.yaml +++ /dev/null @@ -1,10 +0,0 @@ -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array - default-for-task-types: - container: container - sidecar: sidecar - container_array: k8s-array diff --git a/kustomize/overlays/sandbox/flyte/config/propeller/plugins/k8s.yaml b/kustomize/overlays/sandbox/flyte/config/propeller/plugins/k8s.yaml deleted file mode 100644 index 9f06f53fdb..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/propeller/plugins/k8s.yaml +++ /dev/null @@ -1,8 +0,0 @@ -plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 200Mi diff --git a/kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml b/kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml deleted file mode 100644 index 2768f8c95d..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/propeller/plugins/task_logs.yaml +++ /dev/null @@ -1,4 +0,0 @@ -plugins: - logs: - kubernetes-enabled: true - kubernetes-template-uri: "http://localhost:30082/#/log/{{ .namespace }}/{{ .podName }}/pod?namespace={{ .namespace }}" diff --git a/kustomize/overlays/sandbox/flyte/config/propeller/resource_manager.yaml b/kustomize/overlays/sandbox/flyte/config/propeller/resource_manager.yaml deleted file mode 100644 index e08575c90b..0000000000 --- a/kustomize/overlays/sandbox/flyte/config/propeller/resource_manager.yaml +++ /dev/null @@ -1,3 +0,0 @@ -propeller: - resourcemanager: - type: noop diff --git a/kustomize/overlays/sandbox/flyte/kustomization.yaml b/kustomize/overlays/sandbox/flyte/kustomization.yaml deleted file mode 100644 index 94eb948fa2..0000000000 --- a/kustomize/overlays/sandbox/flyte/kustomization.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -# Override the namespace -namespace: flyte - -bases: - - ../../../base/single_cluster/complete - -resources: - - propeller/webhook-secret.yaml - -patchesStrategicMerge: - - admin/deployment.yaml - - propeller/webhook.yaml - -configMapGenerator: - - behavior: merge - files: - - ./config/admin/db.yaml - - ./config/admin/task_resource_defaults.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - name: flyte-admin-config - - - behavior: merge - files: - - ./config/propeller/enabled_plugins.yaml - - ./config/propeller/resource_manager.yaml - - ./config/propeller/plugins/k8s.yaml - - ./config/propeller/plugins/task_logs.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - name: flyte-propeller-config - - - behavior: merge - files: - - ./config/common/storage.yaml - - ./config/common/logger.yaml - - ./config/datacatalog/db.yaml - name: datacatalog-config diff --git a/kustomize/overlays/sandbox/flyte/propeller/webhook-secret.yaml b/kustomize/overlays/sandbox/flyte/propeller/webhook-secret.yaml deleted file mode 100644 index 4029be3716..0000000000 --- a/kustomize/overlays/sandbox/flyte/propeller/webhook-secret.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -data: - password: bXl1c2Vy - user_secret: bXlzZWNyZXQ= - username: bXl1c2Vy -kind: Secret -metadata: - name: user-info - namespace: flyte -type: Opaque diff --git a/kustomize/overlays/sandbox/flyte/propeller/webhook.yaml b/kustomize/overlays/sandbox/flyte/propeller/webhook.yaml deleted file mode 100644 index a659e88141..0000000000 --- a/kustomize/overlays/sandbox/flyte/propeller/webhook.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyte-pod-webhook - namespace: flyte -spec: - template: - spec: - containers: - - name: webhook - volumeMounts: - - name: sample-secrets - mountPath: /etc/secrets/user-info - readOnly: true - volumes: - - name: sample-secrets - secret: - secretName: user-info diff --git a/kustomize/overlays/sandbox/kustomization.yaml b/kustomize/overlays/sandbox/kustomization.yaml deleted file mode 100644 index e03f19ed1b..0000000000 --- a/kustomize/overlays/sandbox/kustomization.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -bases: - # All the resources that make up the deployment - - flyte - ######## - # Operators to be enabled - ############# - # Dependencies to be configured - # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc - # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) - # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - # Add node ports for ease of use locally - - ../../base/ingress - - ../../base/addons/database - - ../../base/addons/kubernetes_dashboard - - ../../base/addons/storage - - ../../base/addons/contour_ingress_controller - -resources: - - nodeport-services.yaml - -# Images that should be used -images: - # FlyteAdmin - - name: flyteadmin # match images with this name - newTag: v1.1.118 # FLYTEADMIN_TAG override the tag - newName: cr.flyte.org/flyteorg/flyteadmin # override the name - # FlyteConsole - - name: flyteconsole # match images with this name - newTag: v1.9.2 # FLYTECONSOLE_TAG the tag - newName: cr.flyte.org/flyteorg/flyteconsole # override the namep - # Flyte DataCatalog - - name: datacatalog # match images with this name - newTag: v1.0.51 # DATACATALOG_TAG override the tag - newName: cr.flyte.org/flyteorg/datacatalog # override the name - # FlytePropeller - - name: flytepropeller # match images with this name - newTag: v1.1.116 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Webhook - - name: webhook # match images with this name - newTag: v1.1.116 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Override postgres image to use alpine based (rather smaller) docker image - - name: postgres - newTag: 13-21.04_beta - newName: ecr.flyte.org/ubuntu/postgres - - name: minio - newTag: 2021.10.13-debian-10-r0 - newName: ecr.flyte.org/bitnami/minio - - name: redis - newTag: 6.2.5-debian-10-r59 - newName: ecr.flyte.org/bitnami/redis diff --git a/kustomize/overlays/sandbox/nodeport-services.yaml b/kustomize/overlays/sandbox/nodeport-services.yaml deleted file mode 100644 index 6439a773fc..0000000000 --- a/kustomize/overlays/sandbox/nodeport-services.yaml +++ /dev/null @@ -1,51 +0,0 @@ -# For docker-desktop at least, the range of valid ports is 30000-32767, which is why we're constrained to these -# odd port numbers. Since the base ingress runs on 30081, the K8s dashboard runs on 30082, these just continue from there. -# These nodeports are exposed to save contributors the trouble of port forwarding when running locally. - -apiVersion: v1 -kind: Service -metadata: - labels: - app: postgres - name: postgres-direct - namespace: flyte -spec: - ports: - - nodePort: 30083 - port: 5432 - protocol: TCP - selector: - app: postgres - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: minio - name: minio-direct - namespace: flyte -spec: - ports: - - nodePort: 30084 - port: 9000 - protocol: TCP - selector: - app: minio - type: NodePort ---- -#apiVersion: v1 -#kind: Service -#metadata: -#labels: -#k8s-app: kubernetes-dashboard -#name: dashboard-direct -#namespace: flyte -#spec: -#ports: -#- nodePort: 30082 -#port: 8443 -#protocol: TCP -#selector: -#k8s-app: kubernetes-dashboard -#type: NodePort diff --git a/kustomize/overlays/test/flyte/admin/deployment.yaml b/kustomize/overlays/test/flyte/admin/deployment.yaml deleted file mode 100644 index d0a5abfacf..0000000000 --- a/kustomize/overlays/test/flyte/admin/deployment.yaml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: flyteadmin - namespace: flyte -spec: - template: - spec: - volumes: - - name: resource-templates - configMap: - name: clusterresource-template - initContainers: - - name: check-db-ready - image: postgres:10.1 - command: ['sh', '-c', - 'until pg_isready -h postgres -p 5432; - do echo waiting for database; sleep 2; done;'] - securityContext: - runAsUser: 999 - - name: run-migrations - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--config", "/etc/flyte/config/*.yaml", - "migrate", "run"] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: seed-projects - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--config", "/etc/flyte/config/*.yaml", - "migrate", "seed-projects", "flytetester", "flytesnacks"] - volumeMounts: - - name: config-volume - mountPath: /etc/flyte/config - - name: sync-cluster-resources - image: flyteadmin:v0.4.13 - imagePullPolicy: IfNotPresent - command: ["flyteadmin", "--config", "/etc/flyte/config/*.yaml", "clusterresource", "sync"] - volumeMounts: - - name: resource-templates - mountPath: /etc/flyte/clusterresource/templates - - name: config-volume - mountPath: /etc/flyte/config - containers: - - name: flyteadmin - resources: - limits: - memory: "200Mi" - cpu: "0.1" - ephemeral-storage: "100Mi" ---- -apiVersion: v1 -kind: Service -metadata: - name: flyteadmin - namespace: flyte -spec: - ports: - - name: redoc - protocol: TCP - port: 87 - targetPort: 8087 diff --git a/kustomize/overlays/test/flyte/config/admin/db.yaml b/kustomize/overlays/test/flyte/config/admin/db.yaml deleted file mode 100644 index c71ee6e4bb..0000000000 --- a/kustomize/overlays/test/flyte/config/admin/db.yaml +++ /dev/null @@ -1,6 +0,0 @@ -database: - port: 5432 - username: postgres - host: postgres - dbname: postgres - options: sslmode=disable diff --git a/kustomize/overlays/test/flyte/config/common/logger.yaml b/kustomize/overlays/test/flyte/config/common/logger.yaml deleted file mode 100644 index a6854ed6ce..0000000000 --- a/kustomize/overlays/test/flyte/config/common/logger.yaml +++ /dev/null @@ -1,3 +0,0 @@ -logger: - show-source: true - level: 2 diff --git a/kustomize/overlays/test/flyte/config/common/storage.yaml b/kustomize/overlays/test/flyte/config/common/storage.yaml deleted file mode 100644 index 16e6f52755..0000000000 --- a/kustomize/overlays/test/flyte/config/common/storage.yaml +++ /dev/null @@ -1,11 +0,0 @@ -storage: - type: minio - connection: - access-key: minio - auth-type: accesskey - secret-key: miniostorage - disable-ssl: true - endpoint: http://minio.flyte.svc.cluster.local:9000 - region: us-east-1 - container: "my-s3-bucket" - diff --git a/kustomize/overlays/test/flyte/config/datacatalog/db.yaml b/kustomize/overlays/test/flyte/config/datacatalog/db.yaml deleted file mode 100644 index 76ba812d63..0000000000 --- a/kustomize/overlays/test/flyte/config/datacatalog/db.yaml +++ /dev/null @@ -1,6 +0,0 @@ -database: - port: 5432 - username: postgres - host: postgres - dbname: datacatalog - options: sslmode=disable diff --git a/kustomize/overlays/test/flyte/config/propeller/enabled_plugins.yaml b/kustomize/overlays/test/flyte/config/propeller/enabled_plugins.yaml deleted file mode 100644 index 0978255017..0000000000 --- a/kustomize/overlays/test/flyte/config/propeller/enabled_plugins.yaml +++ /dev/null @@ -1,10 +0,0 @@ -tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - k8s-array - default-for-task-types: - container: container - sidecar: sidecar - container_array: k8s-array diff --git a/kustomize/overlays/test/flyte/config/propeller/plugins/k8s.yaml b/kustomize/overlays/test/flyte/config/propeller/plugins/k8s.yaml deleted file mode 100644 index 8fe068397f..0000000000 --- a/kustomize/overlays/test/flyte/config/propeller/plugins/k8s.yaml +++ /dev/null @@ -1,8 +0,0 @@ -plugins: - k8s: - default-env-vars: - - FLYTE_AWS_ENDPOINT: "http://minio.flyte:9000" - - FLYTE_AWS_ACCESS_KEY_ID: minio - - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage - default-cpus: 100m - default-memory: 100Mi diff --git a/kustomize/overlays/test/flyte/config/propeller/resource_manager.yaml b/kustomize/overlays/test/flyte/config/propeller/resource_manager.yaml deleted file mode 100644 index e08575c90b..0000000000 --- a/kustomize/overlays/test/flyte/config/propeller/resource_manager.yaml +++ /dev/null @@ -1,3 +0,0 @@ -propeller: - resourcemanager: - type: noop diff --git a/kustomize/overlays/test/flyte/kustomization.yaml b/kustomize/overlays/test/flyte/kustomization.yaml deleted file mode 100644 index 3bdbb899cf..0000000000 --- a/kustomize/overlays/test/flyte/kustomization.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -# Override the namespace -namespace: flyte - -bases: -- ../../../base/single_cluster/headless - -patchesStrategicMerge: -- admin/deployment.yaml - -configMapGenerator: -# the main admin configmap -- name: flyte-admin-config - behavior: merge - files: - - ./config/admin/db.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - -# Flyte Propeller Configuration -- name: flyte-propeller-config - behavior: merge - files: - - ./config/propeller/enabled_plugins.yaml - - ./config/propeller/resource_manager.yaml - - ./config/propeller/plugins/k8s.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml - -# TODO Flyte Console Configuration -#- name: flyte-console-config -# files: -# - ./config/console.yaml - -- name: datacatalog-config - behavior: merge - files: - - ./config/datacatalog/db.yaml - - ./config/common/storage.yaml - - ./config/common/logger.yaml diff --git a/kustomize/overlays/test/kustomization.yaml b/kustomize/overlays/test/kustomization.yaml deleted file mode 100644 index b7511f8909..0000000000 --- a/kustomize/overlays/test/kustomization.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -bases: - # All the resources that make up the deployment - - flyte - ######## - # Operators to be enabled - ############# - # Dependencies to be configured - # In local we use minio, but in cloud environment use S3 / GCS / AFS / Oracle Blob store etc - # This is used for Resource pooling. On cloud you can use hosted redis (e.g. AWS elasticache) - # Contour is used to create ingress. On cloud service use the default provided ingress controllers or cloud LB's - # Add node ports for ease of use locally - - ../../base/addons/database - - ../../base/addons/storage - -# Images that should be used -images: - # FlyteAdmin - - name: flyteadmin # match images with this name - newTag: v1.1.118 # FLYTEADMIN_TAG override the tag - newName: cr.flyte.org/flyteorg/flyteadmin # override the name - # FlyteConsole - - name: flyteconsole # match images with this name - newTag: v1.9.2 # FLYTECONSOLE_TAG the tag - newName: cr.flyte.org/flyteorg/flyteconsole # override the namep - # Flyte DataCatalog - - name: datacatalog # match images with this name - newTag: v1.0.51 # DATACATALOG_TAG override the tag - newName: cr.flyte.org/flyteorg/datacatalog # override the name - # FlytePropeller - - name: flytepropeller # match images with this name - newTag: v1.1.116 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Webhook - - name: webhook # match images with this name - newTag: v1.1.116 # FLYTEPROPELLER_TAG override the tag - newName: cr.flyte.org/flyteorg/flytepropeller # override the name - # Override postgres image to use alpine based (rather smaller) docker image - - name: postgres - newTag: 13-21.04_beta - newName: ecr.flyte.org/ubuntu/postgres - - name: minio - newTag: 2021.10.13-debian-10-r0 - newName: ecr.flyte.org/bitnami/minio - - name: redis - newTag: 6.2.5-debian-10-r59 - newName: ecr.flyte.org/bitnami/redis diff --git a/script/generate_kustomize.sh b/script/generate_kustomize.sh deleted file mode 100755 index 81a1142e00..0000000000 --- a/script/generate_kustomize.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -echo "Installing Kustomize" -KUSTOMIZE=_bin/kustomize -KUSTOMIZE_VERSION=${KUSTOMIZE_VERSION:-3.8.1} - -if [ -f ${KUSTOMIZE} ]; then - rm ${KUSTOMIZE} -fi -mkdir -p _bin; cd _bin -curl -s "https://raw.githubusercontent.com/\ -kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -s ${KUSTOMIZE_VERSION} -cd - - -# All the overlays to be built -DEPLOYMENT=${1:-sandbox test eks gcp} - -KUSTOMIZE_OVERLAYS_ROOT=kustomize/overlays - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" - -for deployment in ${DEPLOYMENT}; do - ${KUSTOMIZE} build ${KUSTOMIZE_OVERLAYS_ROOT}/${deployment} > ${DIR}/../deployment/${deployment}/flyte_generated.yaml -done - -# This section is used by GitHub workflow to ensure that the generation step was run -if [ -n "$DELTA_CHECK" ]; then - DIRTY=$(git status --porcelain) - if [ -n "$DIRTY" ]; then - echo "FAILED: kustomize code updated without committing generated code." - echo "Ensure make kustomize has run and all changes are committed." - DIFF=$(git diff) - echo "diff detected: $DIFF" - DIFF=$(git diff --name-only) - echo "files different: $DIFF" - exit 1 - else - echo "SUCCESS: Generated code is up to date." - fi -fi diff --git a/script/release.sh b/script/release.sh index 1f3d763fee..45d31f53b9 100755 --- a/script/release.sh +++ b/script/release.sh @@ -5,12 +5,6 @@ set -ex FLYTEKIT_TAG=$(curl --silent "https://api.github.com/repos/flyteorg/flytekit/releases/latest" | jq -r .tag_name | sed 's/^v//') FLYTECONSOLE_TAG=$(curl --silent "https://api.github.com/repos/flyteorg/flyteconsole/releases/latest" | jq -r .tag_name) -# bump latest release of flyte component in kustomize -grep -rlZ "newTag:[^P]*# FLYTEADMIN_TAG" ./kustomize/overlays | xargs -I {} sed -i "s/newTag:[^P]*# FLYTEADMIN_TAG/newTag: ${VERSION} # FLYTEADMIN_TAG/g" {} -grep -rlZ "newTag:[^P]*# DATACATALOG_TAG" ./kustomize/overlays | xargs -I {} sed -i "s/newTag:[^P]*# DATACATALOG_TAG/newTag: ${VERSION} # DATACATALOG_TAG/g" {} -grep -rlZ "newTag:[^P]*# FLYTECONSOLE_TAG" ./kustomize/overlays | xargs -I {} sed -i "s/newTag:[^P]*# FLYTECONSOLE_TAG/newTag: ${FLYTECONSOLE_TAG} # FLYTECONSOLE_TAG/g" {} -grep -rlZ "newTag:[^P]*# FLYTEPROPELLER_TAG" ./kustomize/overlays | xargs -I {} sed -i "s/newTag:[^P]*# FLYTEPROPELLER_TAG/newTag: ${VERSION} # FLYTEPROPELLER_TAG/g" {} - # bump latest release of flyte component in helm sed -i "s,tag:[^P]*# FLYTEADMIN_TAG,tag: ${VERSION} # FLYTEADMIN_TAG," ./charts/flyte/values.yaml sed -i "s,tag:[^P]*# FLYTEADMIN_TAG,tag: ${VERSION} # FLYTEADMIN_TAG," ./charts/flyte-core/values.yaml From 1732a9df26c02d9e90cf535eb29ac99308f1693a Mon Sep 17 00:00:00 2001 From: Ryan Lo Date: Sun, 10 Mar 2024 15:07:47 +0800 Subject: [PATCH 2/2] update docs Signed-off-by: Ryan Lo --- docs/community/contribute.rst | 2 +- docs/deployment/configuration/customizable_resources.rst | 2 +- docs/deployment/deployment/index.rst | 3 +-- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/community/contribute.rst b/docs/community/contribute.rst index e866be5a2c..993cb6bca5 100644 --- a/docs/community/contribute.rst +++ b/docs/community/contribute.rst @@ -151,7 +151,7 @@ To understand how the below components interact with each other, refer to :ref:` * - `Repo `__ * - **Purpose**: Deployment, Documentation, and Issues - * - **Languages**: Kustomize & RST + * - **Languages**: RST To build the Flyte docs locally you will need the following prerequisites: diff --git a/docs/deployment/configuration/customizable_resources.rst b/docs/deployment/configuration/customizable_resources.rst index 6fb1318ac6..29bb7c8ca9 100644 --- a/docs/deployment/configuration/customizable_resources.rst +++ b/docs/deployment/configuration/customizable_resources.rst @@ -170,7 +170,7 @@ apply. .. note:: The template values, for example, ``projectQuotaCpu`` or ``projectQuotaMemory`` are free-form strings. - Ensure that they match the template placeholders in your `template file `__ + Ensure that they match the template placeholders in your values file (e.g. `values-eks.yaml `__) for your changes to take effect and custom values to be substituted. You can view all custom cluster-resource-attributes by visiting ``protocol://`` diff --git a/docs/deployment/deployment/index.rst b/docs/deployment/deployment/index.rst index eb06d0a6c0..0a44f437ef 100644 --- a/docs/deployment/deployment/index.rst +++ b/docs/deployment/deployment/index.rst @@ -93,8 +93,7 @@ There are three different paths for deploying a Flyte cluster: Helm ==== -Flyte uses `Helm `__ as the K8s release packaging solution, though you may still see some old -`Kustomize `__ artifacts in the `flyte `__ repo. The core Flyte +Flyte uses `Helm `__ as the K8s release packaging solution. The core Flyte team maintains Helm charts that correspond with the latter two deployment paths. .. note::