From 59cd1ef73977cb3e264eb8f8c6bf65925427397a Mon Sep 17 00:00:00 2001 From: Chen Sun Date: Thu, 12 Oct 2023 13:50:21 -0700 Subject: [PATCH] Update KFP test infra to using KFP 2.0.2 (#1038) --- acm-repos/kfp-standalone-1/kfp-all.yaml | 72 ++++++++++---- test-infra/kfp/Makefile | 2 +- .../kustomize/upstream/Kptfile | 6 +- .../base/cache-deployer/kustomization.yaml | 2 +- .../upstream/base/cache/kustomization.yaml | 4 +- .../generic/pipeline-install-config.yaml | 9 +- .../generic/postgres/kustomization.yaml | 48 +++++++++ .../installs/generic/postgres/params.yaml | 10 ++ .../postgres/pipeline-install-config.yaml | 97 +++++++++++++++++++ .../postgres/postgres-secret-extended.yaml | 9 ++ .../persistence-agent/cluster-role.yaml | 7 +- .../persistence-agent/deployment-patch.yaml | 7 -- .../persistence-agent/kustomization.yaml | 4 - .../multi-user/persistence-agent/params.env | 1 - .../base/metadata/base/kustomization.yaml | 2 +- .../base/metadata-grpc-deployment.yaml | 2 +- .../overlays/postgres/kustomization.yaml | 33 +++++++ .../postgres/metadata-db-deployment.yaml | 44 +++++++++ .../overlays/postgres/metadata-db-pvc.yaml | 12 +++ .../postgres/metadata-db-service.yaml | 16 +++ .../metadata/overlays/postgres/params.env | 2 + .../patches/metadata-grpc-deployment.yaml | 24 +++++ .../metadata/overlays/postgres/secrets.env | 2 + .../upstream/base/pipeline/kustomization.yaml | 12 +-- .../metadata-writer/kustomization.yaml | 2 +- .../ml-pipeline-apiserver-deployment.yaml | 34 +++++++ ...-pipeline-persistenceagent-deployment.yaml | 4 - .../ml-pipeline-persistenceagent-role.yaml | 7 +- .../cache/cache-deployment-patch.yaml | 69 +++++++++++++ .../base/postgresql/cache/kustomization.yaml | 6 ++ .../postgresql/pipeline/kustomization.yaml | 6 ++ ...l-pipeline-apiserver-deployment-patch.yaml | 76 +++++++++++++++ .../env/dev/postgresql/kustomization.yaml | 16 +++ .../env/gcp/inverse-proxy/kustomization.yaml | 2 +- .../kustomization.yaml | 16 +++ .../upstream/third-party/postgresql/README.md | 15 +++ .../postgresql/base/kustomization.yaml | 8 ++ .../postgresql/base/pg-deployment.yaml | 50 ++++++++++ .../third-party/postgresql/base/pg-pvc.yaml | 14 +++ .../postgresql/base/pg-secret.yaml | 9 ++ .../postgresql/base/pg-service.yaml | 15 +++ .../postgresql/base/pg-serviceaccount.yaml | 6 ++ 42 files changed, 719 insertions(+), 63 deletions(-) create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/kustomization.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/params.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/pipeline-install-config.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/postgres-secret-extended.yaml delete mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/params.env create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/kustomization.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-deployment.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-pvc.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-service.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/params.env create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/patches/metadata-grpc-deployment.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/secrets.env create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/cache-deployment-patch.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/kustomization.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/kustomization.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/ml-pipeline-apiserver-deployment-patch.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/dev/postgresql/kustomization.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/platform-agnostic-postgresql/kustomization.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/README.md create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/kustomization.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-deployment.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-pvc.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-secret.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-service.yaml create mode 100644 test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-serviceaccount.yaml diff --git a/acm-repos/kfp-standalone-1/kfp-all.yaml b/acm-repos/kfp-standalone-1/kfp-all.yaml index 55abfab54..87590d0aa 100644 --- a/acm-repos/kfp-standalone-1/kfp-all.yaml +++ b/acm-repos/kfp-standalone-1/kfp-all.yaml @@ -1830,11 +1830,12 @@ rules: verbs: - report - apiGroups: - - "" + - pipelines.kubeflow.org resources: - - namespaces + - runs verbs: - - get + - reportMetrics + - readArtifact --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -2406,7 +2407,7 @@ data: DEFAULT_CACHE_STALENESS: "" MAXIMUM_CACHE_STALENESS: "" appName: kfp-standalone-1 - appVersion: 2.0.1 + appVersion: 2.0.2 autoUpdatePipelineDefaultVersion: "true" bucketName: mlpipeline cacheDb: cachedb @@ -2415,9 +2416,12 @@ data: cronScheduleTimezone: UTC dbHost: mysql dbPort: "3306" + dbType: mysql defaultPipelineRoot: "" gcsProjectId: kfp-ci mlmdDb: metadb + mysqlHost: mysql + mysqlPort: "3306" pipelineDb: mlpipeline warning: | 1. Do not use kubectl to edit this configmap, because some values are used @@ -2792,7 +2796,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/ml-pipeline/cache-deployer:2.0.1 + image: gcr.io/ml-pipeline/cache-deployer:2.0.2 imagePullPolicy: Always name: main restartPolicy: Always @@ -2884,7 +2888,7 @@ spec: fieldPath: metadata.namespace - name: WEBHOOK_PORT value: "8443" - image: gcr.io/ml-pipeline/cache-server:2.0.1 + image: gcr.io/ml-pipeline/cache-server:2.0.2 imagePullPolicy: Always name: server ports: @@ -2973,7 +2977,7 @@ spec: component: metadata-envoy spec: containers: - - image: gcr.io/ml-pipeline/metadata-envoy:2.0.1 + - image: gcr.io/ml-pipeline/metadata-envoy:2.0.2 name: container ports: - containerPort: 9090 @@ -3040,7 +3044,7 @@ spec: configMapKeyRef: key: dbPort name: pipeline-install-config - image: gcr.io/tfx-oss-public/ml_metadata_store_server:1.5.0 + image: gcr.io/tfx-oss-public/ml_metadata_store_server:1.14.0 livenessProbe: initialDelaySeconds: 3 periodSeconds: 5 @@ -3090,7 +3094,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/ml-pipeline/metadata-writer:2.0.1 + image: gcr.io/ml-pipeline/metadata-writer:2.0.2 name: main resources: limits: @@ -3223,6 +3227,36 @@ spec: configMapKeyRef: key: ConMaxLifeTime name: pipeline-install-config + - name: DB_DRIVER_NAME + valueFrom: + configMapKeyRef: + key: dbType + name: pipeline-install-config + - name: DBCONFIG_MYSQLCONFIG_USER + valueFrom: + secretKeyRef: + key: username + name: mysql-secret + - name: DBCONFIG_MYSQLCONFIG_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: mysql-secret + - name: DBCONFIG_MYSQLCONFIG_DBNAME + valueFrom: + configMapKeyRef: + key: pipelineDb + name: pipeline-install-config + - name: DBCONFIG_MYSQLCONFIG_HOST + valueFrom: + configMapKeyRef: + key: mysqlHost + name: pipeline-install-config + - name: DBCONFIG_MYSQLCONFIG_PORT + valueFrom: + configMapKeyRef: + key: mysqlPort + name: pipeline-install-config - name: OBJECTSTORECONFIG_ACCESSKEY valueFrom: secretKeyRef: @@ -3233,7 +3267,7 @@ spec: secretKeyRef: key: secretkey name: mlpipeline-minio-artifact - image: gcr.io/ml-pipeline/api-server:2.0.1 + image: gcr.io/ml-pipeline/api-server:2.0.2 imagePullPolicy: IfNotPresent livenessProbe: exec: @@ -3316,11 +3350,7 @@ spec: fieldPath: metadata.namespace - name: NUM_WORKERS value: "2" - - name: KUBEFLOW_USERID_HEADER - value: kubeflow-userid - - name: KUBEFLOW_USERID_PREFIX - value: "" - image: gcr.io/ml-pipeline/persistenceagent:2.0.1 + image: gcr.io/ml-pipeline/persistenceagent:2.0.2 imagePullPolicy: IfNotPresent name: ml-pipeline-persistenceagent resources: @@ -3374,7 +3404,7 @@ spec: configMapKeyRef: key: cronScheduleTimezone name: pipeline-install-config - image: gcr.io/ml-pipeline/scheduledworkflow:2.0.1 + image: gcr.io/ml-pipeline/scheduledworkflow:2.0.2 imagePullPolicy: IfNotPresent name: ml-pipeline-scheduledworkflow serviceAccountName: ml-pipeline-scheduledworkflow @@ -3422,7 +3452,7 @@ spec: name: mlpipeline-minio-artifact - name: ALLOW_CUSTOM_VISUALIZATIONS value: "true" - image: gcr.io/ml-pipeline/frontend:2.0.1 + image: gcr.io/ml-pipeline/frontend:2.0.2 imagePullPolicy: IfNotPresent livenessProbe: exec: @@ -3496,7 +3526,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/ml-pipeline/viewer-crd-controller:2.0.1 + image: gcr.io/ml-pipeline/viewer-crd-controller:2.0.2 imagePullPolicy: Always name: ml-pipeline-viewer-crd serviceAccountName: ml-pipeline-viewer-crd-service-account @@ -3525,7 +3555,7 @@ spec: application-crd-id: kubeflow-pipelines spec: containers: - - image: gcr.io/ml-pipeline/visualization-server:2.0.1 + - image: gcr.io/ml-pipeline/visualization-server:2.0.2 imagePullPolicy: IfNotPresent livenessProbe: exec: @@ -3638,7 +3668,7 @@ spec: - env: - name: PROXY_URL value: https://datalab-staging.cloud.google.com/tun/m/4592f092208ecc84946b8f8f8016274df1b36a14 - image: gcr.io/ml-pipeline/inverse-proxy-agent:2.0.1 + image: gcr.io/ml-pipeline/inverse-proxy-agent:2.0.2 imagePullPolicy: IfNotPresent name: proxy-agent hostNetwork: true @@ -3755,7 +3785,7 @@ spec: url: https://github.com/kubeflow/pipelines notes: Please go to [Hosted Kubeflow Pipelines Console](https://console.cloud.google.com/ai-platform/pipelines/clusters). type: Kubeflow Pipelines - version: 2.0.1 + version: 2.0.2 info: - name: Console value: https://console.cloud.google.com/ai-platform/pipelines/clusters diff --git a/test-infra/kfp/Makefile b/test-infra/kfp/Makefile index c739f648f..7cf3a38c3 100644 --- a/test-infra/kfp/Makefile +++ b/test-infra/kfp/Makefile @@ -16,7 +16,7 @@ KFP_STANDALONE_1_DIR=$(ACM_REPOS)/kfp-standalone-1 # Please edit the following version before running: # make kfp-update -PIPELINES_VERSION?=2.0.1 +PIPELINES_VERSION?=2.0.2 PIPELINES_SRC_REPO=https://github.com/kubeflow/pipelines.git all: hydrate hydrate-kfp-manifests vet-kfp-manifests diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/Kptfile b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/Kptfile index da9d573ca..44d206927 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/Kptfile +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/Kptfile @@ -7,12 +7,12 @@ upstream: git: repo: https://github.com/kubeflow/pipelines directory: /manifests/kustomize - ref: 2.0.1 + ref: 2.0.2 updateStrategy: resource-merge upstreamLock: type: git git: repo: https://github.com/kubeflow/pipelines directory: /manifests/kustomize - ref: 2.0.1 - commit: d740231ab0a37accc4a9343e6f5a31218f1ed984 + ref: 2.0.2 + commit: 05f790f5add728ecf4a099c2110ffe7538b49704 diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache-deployer/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache-deployer/kustomization.yaml index a9640aa6c..1e82e5ef3 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache-deployer/kustomization.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache-deployer/kustomization.yaml @@ -8,4 +8,4 @@ commonLabels: app: cache-deployer images: - name: gcr.io/ml-pipeline/cache-deployer - newTag: 2.0.1 + newTag: 2.0.2 diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache/kustomization.yaml index 56c40afbe..2f2ca2f4b 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache/kustomization.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/cache/kustomization.yaml @@ -2,12 +2,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - cache-deployment.yaml - - cache-service.yaml - cache-role.yaml - cache-rolebinding.yaml - cache-sa.yaml + - cache-service.yaml commonLabels: app: cache-server images: - name: gcr.io/ml-pipeline/cache-server - newTag: 2.0.1 + newTag: 2.0.2 diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/pipeline-install-config.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/pipeline-install-config.yaml index e27a85492..7db42dd8c 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/pipeline-install-config.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/pipeline-install-config.yaml @@ -13,9 +13,12 @@ data: until the changes take effect. A quick way to restart all deployments in a namespace: `kubectl rollout restart deployment -n `. appName: pipeline - appVersion: 2.0.1 - dbHost: mysql - dbPort: "3306" + appVersion: 2.0.2 + dbHost: mysql # relic to be removed after release + dbPort: "3306" # relic to be removed after release + dbType: mysql + mysqlHost: mysql + mysqlPort: "3306" mlmdDb: metadb cacheDb: cachedb pipelineDb: mlpipeline diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/kustomization.yaml new file mode 100644 index 000000000..11617e06d --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/kustomization.yaml @@ -0,0 +1,48 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kubeflow +bases: +- ../../../postgresql/pipeline +- ../../../postgresql/cache +- ../../../cache-deployer +resources: +- pipeline-install-config.yaml +- postgres-secret-extended.yaml +vars: +- name: kfp-namespace + objref: + kind: Deployment + apiVersion: apps/v1 + name: ml-pipeline + fieldref: + fieldpath: metadata.namespace +- name: kfp-app-name + objref: + kind: ConfigMap + name: pipeline-install-config + apiVersion: v1 + fieldref: + fieldpath: data.appName +- name: kfp-app-version + objref: + kind: ConfigMap + name: pipeline-install-config + apiVersion: v1 + fieldref: + fieldpath: data.appVersion +- name: kfp-artifact-bucket-name + objref: + kind: ConfigMap + name: pipeline-install-config + apiVersion: v1 + fieldref: + fieldpath: data.bucketName +- name: kfp-default-pipeline-root + objref: + kind: ConfigMap + name: pipeline-install-config + apiVersion: v1 + fieldref: + fieldpath: data.defaultPipelineRoot +configurations: +- params.yaml diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/params.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/params.yaml new file mode 100644 index 000000000..9b8a7efd5 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/params.yaml @@ -0,0 +1,10 @@ +# Allow Kustomize var to replace following fields. +varReference: +- path: data/config + kind: ConfigMap +- path: data/defaultPipelineRoot + kind: ConfigMap +- path: metadata/name + kind: Application +- path: spec/descriptor/version + kind: Application diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/pipeline-install-config.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/pipeline-install-config.yaml new file mode 100644 index 000000000..90d8bacc0 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/pipeline-install-config.yaml @@ -0,0 +1,97 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /pipeline-install-config + name: pipeline-install-config + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|pipeline-install-config' +data: + warning: | + 1. Do not use kubectl to edit this configmap, because some values are used + during kustomize build. Instead, change the configmap and apply the entire + kustomize manifests again. + 2. After updating the configmap, some deployments may need to be restarted + until the changes take effect. A quick way to restart all deployments in a + namespace: `kubectl rollout restart deployment -n `. + appName: pipeline + appVersion: 2.0.0 + dbHost: postgres # relic to be removed after release + dbPort: "5432" # relic to be removed after release + dbType: postgres + postgresHost: postgres + postgresPort: "5432" + mlmdDb: metadb + cacheDb: cachedb + pipelineDb: mlpipeline + bucketName: mlpipeline + ## defaultPipelineRoot: Optional. Default pipeline root in v2 compatible mode. + ## https://www.kubeflow.org/docs/components/pipelines/sdk/v2/v2-compatibility/ + ## + ## If the field is not set, kfp-launcher configmaps won't be created and + ## v2 compatible mode defaults to minio://mlpipeline/v2/artifacts as pipeline + ## root. + ## + ## When not in Kubeflow Pipelines multi-user mode, the config works as you + ## would normally expect. + ## + ## In Kubeflow Pipelines multi-user mode, the config creates default + ## kfp-launcher configmaps in each user's namespace. Users can edit the + ## kfp-launcher configmap's defaultPipelineRoot field afterwards to configure + ## namespace-specific default pipeline root. The namespace specific changes in + ## kfp-launcher configmap won't be overridden by pipeline-install-config. + ## + ## Caveat: when you update the config from a non-empty value, only new + ## namespaces get the updated config by default. Owners of existing namespaces + ## must delete the kfp-launcher configmap to get the new default config value. + ## + ## Examples: + ## defaultPipelineRoot: minio://mlpipeline/v2/artifacts + ## defaultPipelineRoot: gs://your-bucket/path/to/artifacts + ## defaultPipelineRoot: s3://your-bucket/path/to/artifacts + ## + ## V2 Compatible Mode Feature stage: + ## [Beta](https://github.com/kubeflow/pipelines/blob/master/docs/release/feature-stages.md#beta) + defaultPipelineRoot: "" + ## autoUpdatePipelineDefaultVersion: States if the pipeline version + ## should be updated by defult for a versioned pipeline or not when a new + ## version is uploaded. This sets the deployment wide definition. + autoUpdatePipelineDefaultVersion: "true" + ## cronScheduleTimezone: States the timezone which should be used for + ## the cron scheduler. If not specified the local timezone of the + ## cluster will be used. Valid values are UTC, Local or values according to + ## the IANA Time Zone database, such as "America/New_York" and "Asia/Shanghai". + ## Feature stage: + ## [Alpha](https://github.com/kubeflow/pipelines/blob/master/docs/release/feature-stages.md#alpha) + cronScheduleTimezone: "UTC" + ## cacheImage is the image that the mutating webhook will use to patch + ## cached steps with. Will be used to echo a message announcing that + ## the cached step result will be used. If not set it will default to + ## 'gcr.io/google-containers/busybox' + cacheImage: "gcr.io/google-containers/busybox" + ## cacheNodeRestrictions the dummy container runing if output is cached + ## will run with the same affinity and node selector as the default pipeline + ## step. This is defaulted to 'false' to allow the pod to be scheduled on + ## any node and avoid defaulting to specific nodes. Allowed values are: + ## 'false' and 'true'. + cacheNodeRestrictions: "false" + ## MAXIMUM_CACHE_STALENESS configures caching according to + ## https://www.kubeflow.org/docs/components/pipelines/overview/caching/ and + ## https://www.kubeflow.org/docs/components/pipelines/overview/caching-v2/. + ## Larger than MAXIMUM_CACHE_STALENESS per pipeline user set values are + ## reduced to MAXIMUM_CACHE_STALENESS. + ## The administrator of the storage backend can rely on it to delete old cache + ## artifacts. + MAXIMUM_CACHE_STALENESS: "" + ## MAXIMUM_CACHE_STALENESS: "P30D" + ## DEFAULT_CACHE_STALENESS configures caching according to + ## https://www.kubeflow.org/docs/components/pipelines/overview/caching/ and + ## https://www.kubeflow.org/docs/components/pipelines/overview/caching-v2/. + ## This value is used if the user did not set a value in the pipeline. + DEFAULT_CACHE_STALENESS: "" + ## DEFAULT_CACHE_STALENESS: "P7D" + ## ConMaxLifeTime will set the connection max lifetime for MySQL + ## this is very important to setup when using external databases. + ## See this issue for more details: https://github.com/kubeflow/pipelines/issues/5329 + ## Note: this value should be a string that can be parsed by `time.ParseDuration`. + ## If this value doesn't include a unit abbreviation, the units will be assumed + ## to be nanoseconds. + ConMaxLifeTime: "120s" diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/postgres-secret-extended.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/postgres-secret-extended.yaml new file mode 100644 index 000000000..f96089f50 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/generic/postgres/postgres-secret-extended.yaml @@ -0,0 +1,9 @@ +kind: Secret +apiVersion: v1 +metadata: # kpt-merge: /postgres-secret-extended + name: postgres-secret-extended + annotations: + internal.kpt.dev/upstream-identifier: '|Secret|default|postgres-secret-extended' +stringData: + username: user + password: "password" diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/cluster-role.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/cluster-role.yaml index 98acb8885..f977c3f71 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/cluster-role.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/cluster-role.yaml @@ -29,8 +29,9 @@ rules: verbs: - report - apiGroups: - - '' + - pipelines.kubeflow.org resources: - - namespaces + - runs verbs: - - get + - reportMetrics + - readArtifact diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/deployment-patch.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/deployment-patch.yaml index 3b7db30d2..ee63297df 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/deployment-patch.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/deployment-patch.yaml @@ -9,14 +9,7 @@ spec: spec: containers: - name: ml-pipeline-persistenceagent - envFrom: - - configMapRef: - name: persistenceagent-config env: - name: NAMESPACE value: '' valueFrom: null - - name: KUBEFLOW_USERID_HEADER - value: kubeflow-userid - - name: KUBEFLOW_USERID_PREFIX - value: "" diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/kustomization.yaml index f81f971ef..b1f65469e 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/kustomization.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/kustomization.yaml @@ -3,7 +3,3 @@ kind: Kustomization resources: - cluster-role.yaml - cluster-role-binding.yaml -configMapGenerator: -- name: persistenceagent-config - envs: - - params.env diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/params.env b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/params.env deleted file mode 100644 index 4c3bab70f..000000000 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/installs/multi-user/persistence-agent/params.env +++ /dev/null @@ -1 +0,0 @@ -MULTIUSER=true diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/kustomization.yaml index 5ad3f07ba..b25f43b46 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/kustomization.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/kustomization.yaml @@ -9,4 +9,4 @@ resources: - metadata-grpc-sa.yaml images: - name: gcr.io/ml-pipeline/metadata-envoy - newTag: 2.0.1 + newTag: 2.0.2 diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/metadata-grpc-deployment.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/metadata-grpc-deployment.yaml index 0f2a6a8c8..b520680df 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/metadata-grpc-deployment.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/base/metadata-grpc-deployment.yaml @@ -24,7 +24,7 @@ spec: # * .cloudbuild.yaml and .release.cloudbuild.yaml # * manifests/kustomize/base/metadata/base/metadata-grpc-deployment.yaml # * test/tag_for_hosted.sh - image: gcr.io/tfx-oss-public/ml_metadata_store_server:1.5.0 + image: gcr.io/tfx-oss-public/ml_metadata_store_server:1.14.0 env: - name: DBCONFIG_USER valueFrom: diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/kustomization.yaml new file mode 100644 index 000000000..1c06da856 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/kustomization.yaml @@ -0,0 +1,33 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kubeflow +bases: +- ../../base +resources: +- metadata-db-pvc.yaml +- metadata-db-deployment.yaml +- metadata-db-service.yaml +patchesStrategicMerge: +- patches/metadata-grpc-deployment.yaml +configMapGenerator: +- name: metadata-postgres-db-parameters + envs: + - params.env +secretGenerator: +- name: metadata-postgres-db-secrets + envs: + - secrets.env +generatorOptions: + disableNameSuffixHash: true +images: +- name: postgres + newName: postgres + newTag: 14.7-alpine3.17 +vars: +- name: MLMD_DB_HOST + objref: + kind: Service + name: metadata-postgres-db + apiVersion: v1 + fieldref: + fieldpath: metadata.name diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-deployment.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-deployment.yaml new file mode 100644 index 000000000..40f47b338 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-deployment.yaml @@ -0,0 +1,44 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /metadata-postgres-db + name: metadata-postgres-db + labels: + component: db + annotations: + internal.kpt.dev/upstream-identifier: 'apps|Deployment|default|metadata-postgres-db' +spec: + selector: + matchLabels: + component: db + replicas: 1 + strategy: + type: Recreate + template: + metadata: + name: db + labels: + component: db + annotations: + sidecar.istio.io/inject: "false" + spec: + containers: + - name: db-container + image: postgres + env: + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + envFrom: + - configMapRef: + name: metadata-postgres-db-parameters + - secretRef: + name: metadata-postgres-db-secrets + ports: + - name: postgres + containerPort: 5432 + volumeMounts: + - name: metadata-postgres + mountPath: /var/lib/postgresql/data + volumes: + - name: metadata-postgres + persistentVolumeClaim: + claimName: metadata-postgres diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-pvc.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-pvc.yaml new file mode 100644 index 000000000..e4e63af48 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: # kpt-merge: /metadata-postgres + name: metadata-postgres + annotations: + internal.kpt.dev/upstream-identifier: '|PersistentVolumeClaim|default|metadata-postgres' +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-service.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-service.yaml new file mode 100644 index 000000000..f65e3e63d --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/metadata-db-service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: /metadata-postgres-db + name: metadata-postgres-db + labels: + component: db + annotations: + internal.kpt.dev/upstream-identifier: '|Service|default|metadata-postgres-db' +spec: + type: ClusterIP + ports: + - port: 5432 + protocol: TCP + name: postgres + selector: + component: db diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/params.env b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/params.env new file mode 100644 index 000000000..fce7e2677 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/params.env @@ -0,0 +1,2 @@ +POSTGRES_PORT=5432 +POSTGRES_DBNAME=mlmdpostgres \ No newline at end of file diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/patches/metadata-grpc-deployment.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/patches/metadata-grpc-deployment.yaml new file mode 100644 index 000000000..b2f7642d2 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/patches/metadata-grpc-deployment.yaml @@ -0,0 +1,24 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /metadata-grpc-deployment + name: metadata-grpc-deployment + annotations: + internal.kpt.dev/upstream-identifier: 'apps|Deployment|default|metadata-grpc-deployment' +spec: + template: + spec: + containers: + - name: container + # Remove existing environment variables + env: + - $patch: replace + envFrom: + - configMapRef: + name: metadata-postgres-db-parameters + - secretRef: + name: metadata-postgres-db-secrets + - configMapRef: + name: metadata-grpc-configmap + args: ["--grpc_port=$(METADATA_GRPC_SERVICE_PORT)", "--metadata_source_config_type=postgresql", "--postgres_config_host=$(MLMD_DB_HOST)", "--postgres_config_port=$(POSTGRES_PORT)", "--postgres_config_dbname=$(POSTGRES_DBNAME)", "--postgres_config_user=$(POSTGRES_USER)", "--postgres_config_password=$(POSTGRES_PASSWORD)", + # "--postgres_config_skip_db_creation=true", + "--enable_database_upgrade=true"] diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/secrets.env b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/secrets.env new file mode 100644 index 000000000..973d15828 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/metadata/overlays/postgres/secrets.env @@ -0,0 +1,2 @@ +POSTGRES_USER=root +POSTGRES_PASSWORD=password \ No newline at end of file diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/kustomization.yaml index f3ca5274c..492b72b00 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/kustomization.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/kustomization.yaml @@ -37,14 +37,14 @@ resources: - kfp-launcher-configmap.yaml images: - name: gcr.io/ml-pipeline/api-server - newTag: 2.0.1 + newTag: 2.0.2 - name: gcr.io/ml-pipeline/persistenceagent - newTag: 2.0.1 + newTag: 2.0.2 - name: gcr.io/ml-pipeline/scheduledworkflow - newTag: 2.0.1 + newTag: 2.0.2 - name: gcr.io/ml-pipeline/frontend - newTag: 2.0.1 + newTag: 2.0.2 - name: gcr.io/ml-pipeline/viewer-crd-controller - newTag: 2.0.1 + newTag: 2.0.2 - name: gcr.io/ml-pipeline/visualization-server - newTag: 2.0.1 + newTag: 2.0.2 diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/metadata-writer/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/metadata-writer/kustomization.yaml index 2d118e33c..f27ba7768 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/metadata-writer/kustomization.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/metadata-writer/kustomization.yaml @@ -7,4 +7,4 @@ resources: - metadata-writer-sa.yaml images: - name: gcr.io/ml-pipeline/metadata-writer - newTag: 2.0.1 + newTag: 2.0.2 diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-apiserver-deployment.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-apiserver-deployment.yaml index 681aa39b6..cfebcaa57 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-apiserver-deployment.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-apiserver-deployment.yaml @@ -35,6 +35,7 @@ spec: configMapKeyRef: name: pipeline-install-config key: bucketName + # relic variables - name: DBCONFIG_USER valueFrom: secretKeyRef: @@ -60,11 +61,44 @@ spec: configMapKeyRef: name: pipeline-install-config key: dbPort + # end of relic variables - name: DBCONFIG_CONMAXLIFETIME valueFrom: configMapKeyRef: name: pipeline-install-config key: ConMaxLifeTime + - name: DB_DRIVER_NAME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: dbType + # MySQL Config + - name: DBCONFIG_MYSQLCONFIG_USER + valueFrom: + secretKeyRef: + name: mysql-secret + key: username + - name: DBCONFIG_MYSQLCONFIG_PASSWORD + valueFrom: + secretKeyRef: + name: mysql-secret + key: password + - name: DBCONFIG_MYSQLCONFIG_DBNAME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: pipelineDb + - name: DBCONFIG_MYSQLCONFIG_HOST + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: mysqlHost + - name: DBCONFIG_MYSQLCONFIG_PORT + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: mysqlPort + # end of MySQL Config - name: OBJECTSTORECONFIG_ACCESSKEY valueFrom: secretKeyRef: diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-deployment.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-deployment.yaml index 542723b8c..56cf8c3d6 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-deployment.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-deployment.yaml @@ -27,10 +27,6 @@ spec: value: "86400" - name: NUM_WORKERS value: "2" - - name: KUBEFLOW_USERID_HEADER - value: kubeflow-userid - - name: KUBEFLOW_USERID_PREFIX - value: "" image: gcr.io/ml-pipeline/persistenceagent:dummy imagePullPolicy: IfNotPresent name: ml-pipeline-persistenceagent diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-role.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-role.yaml index b4ea70061..983f408e2 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-role.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/pipeline/ml-pipeline-persistenceagent-role.yaml @@ -29,8 +29,9 @@ rules: verbs: - report - apiGroups: - - '' + - pipelines.kubeflow.org resources: - - namespaces + - runs verbs: - - get + - reportMetrics + - readArtifact diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/cache-deployment-patch.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/cache-deployment-patch.yaml new file mode 100644 index 000000000..ec44ea853 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/cache-deployment-patch.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /cache-server + name: cache-server + annotations: + internal.kpt.dev/upstream-identifier: 'apps|Deployment|default|cache-server' +spec: + template: + spec: + containers: + - name: server + env: + - $patch: replace + - name: DEFAULT_CACHE_STALENESS + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: DEFAULT_CACHE_STALENESS + - name: MAXIMUM_CACHE_STALENESS + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: MAXIMUM_CACHE_STALENESS + - name: CACHE_IMAGE + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: cacheImage + - name: CACHE_NODE_RESTRICTIONS + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: cacheNodeRestrictions + - name: DBCONFIG_DRIVER + value: pgx + - name: DBCONFIG_DB_NAME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: cacheDb + - name: DBCONFIG_HOST_NAME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: postgresHost + - name: DBCONFIG_PORT + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: postgresPort + - name: DBCONFIG_USER + valueFrom: + secretKeyRef: + name: postgres-secret-extended + key: username + - name: DBCONFIG_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret-extended + key: password + - name: NAMESPACE_TO_WATCH + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # If you update WEBHOOK_PORT, also change the value of the + # containerPort "webhook-api" to match. + - name: WEBHOOK_PORT + value: "8443" + args: ["--db_driver=$(DBCONFIG_DRIVER)", "--db_host=$(DBCONFIG_HOST_NAME)", "--db_port=$(DBCONFIG_PORT)", "--db_name=$(DBCONFIG_DB_NAME)", "--db_user=$(DBCONFIG_USER)", "--db_password=$(DBCONFIG_PASSWORD)", "--namespace_to_watch=$(NAMESPACE_TO_WATCH)", "--listen_port=$(WEBHOOK_PORT)"] diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/kustomization.yaml new file mode 100644 index 000000000..d4935432c --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/cache/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +bases: +- ../../cache +patchesStrategicMerge: +- cache-deployment-patch.yaml diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/kustomization.yaml new file mode 100644 index 000000000..3f87400eb --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +bases: + - ../../pipeline +patchesStrategicMerge: + - ml-pipeline-apiserver-deployment-patch.yaml diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/ml-pipeline-apiserver-deployment-patch.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/ml-pipeline-apiserver-deployment-patch.yaml new file mode 100644 index 000000000..fd574d220 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/base/postgresql/pipeline/ml-pipeline-apiserver-deployment-patch.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /ml-pipeline + name: ml-pipeline + annotations: + internal.kpt.dev/upstream-identifier: 'apps|Deployment|default|ml-pipeline' +spec: + template: + spec: + containers: + - name: ml-pipeline-api-server + env: + - $patch: replace + - name: AUTO_UPDATE_PIPELINE_DEFAULT_VERSION + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: autoUpdatePipelineDefaultVersion + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OBJECTSTORECONFIG_SECURE + value: "false" + - name: OBJECTSTORECONFIG_BUCKETNAME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: bucketName + - name: DBCONFIG_CONMAXLIFETIME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: ConMaxLifeTime + - name: DB_DRIVER_NAME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: dbType + # PostgreSQL Config + - name: DBCONFIG_POSTGRESQLCONFIG_USER + valueFrom: + secretKeyRef: + name: postgres-secret-extended + key: username + - name: DBCONFIG_POSTGRESQLCONFIG_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret-extended + key: password + - name: DBCONFIG_POSTGRESQLCONFIG_DBNAME + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: pipelineDb + - name: DBCONFIG_POSTGRESQLCONFIG_HOST + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: postgresHost + - name: DBCONFIG_POSTGRESQLCONFIG_PORT + valueFrom: + configMapKeyRef: + name: pipeline-install-config + key: postgresPort + # end of PostgreSQL variables + - name: OBJECTSTORECONFIG_ACCESSKEY + valueFrom: + secretKeyRef: + name: mlpipeline-minio-artifact + key: accesskey + - name: OBJECTSTORECONFIG_SECRETACCESSKEY + valueFrom: + secretKeyRef: + name: mlpipeline-minio-artifact + key: secretkey diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/dev/postgresql/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/dev/postgresql/kustomization.yaml new file mode 100644 index 000000000..5d0a0730b --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/dev/postgresql/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +bases: + # Application controller is used to provide Google Cloud Console integration. + - ../../../third-party/application + - ../../../base/application + - ../../platform-agnostic-postgresql + - ../../gcp/inverse-proxy +# Identifier for application manager to apply ownerReference. +# The ownerReference ensures the resources get garbage collected +# when application is deleted. +commonLabels: + application-crd-id: kubeflow-pipelines +# !!! If you want to customize the namespace, +# please refer sample/cluster-scoped-resources to update the namespace for cluster-scoped-resources +namespace: kubeflow diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/gcp/inverse-proxy/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/gcp/inverse-proxy/kustomization.yaml index e8798ef20..064b19518 100644 --- a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/gcp/inverse-proxy/kustomization.yaml +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/gcp/inverse-proxy/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: gcr.io/ml-pipeline/inverse-proxy-agent - newTag: 2.0.1 + newTag: 2.0.2 resources: - proxy-configmap.yaml - proxy-deployment.yaml diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/platform-agnostic-postgresql/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/platform-agnostic-postgresql/kustomization.yaml new file mode 100644 index 000000000..299b0284a --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/env/platform-agnostic-postgresql/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +bases: + - ../../base/installs/generic/postgres + - ../../base/metadata/overlays/postgres + - ../../third-party/argo/installs/namespace + - ../../third-party/minio/base + - ../../third-party/postgresql/base +# Identifier for application manager to apply ownerReference. +# The ownerReference ensures the resources get garbage collected +# when application is deleted. +commonLabels: + application-crd-id: kubeflow-pipelines +# !!! If you want to customize the namespace, +# please also update base/cache-deployer/cluster-scoped/cache-deployer-clusterrolebinding.yaml +namespace: kubeflow diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/README.md b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/README.md new file mode 100644 index 000000000..c0c1cda43 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/README.md @@ -0,0 +1,15 @@ +## Build PostgreSQL yaml + +```bash +# In this folder of manifests/kustomize/third-party/postgresql +rm -rf build +mkdir build +kustomize build ./base -o build +``` + +## Deploy PostgreSQL container + +```bash +# In this folder of manifests/kustomize/third-party/postgresql +kubectl -n apply -f build +``` \ No newline at end of file diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/kustomization.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/kustomization.yaml new file mode 100644 index 000000000..e7951ef9f --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- pg-deployment.yaml +- pg-pvc.yaml +- pg-service.yaml +- pg-secret.yaml +- pg-serviceaccount.yaml diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-deployment.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-deployment.yaml new file mode 100644 index 000000000..68efb3fe9 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-deployment.yaml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /postgres + name: postgres + labels: + app: postgres + annotations: + internal.kpt.dev/upstream-identifier: 'apps|Deployment|default|postgres' +spec: + selector: + matchLabels: + app: postgres + strategy: + type: Recreate + template: + metadata: + labels: + app: postgres + spec: + serviceAccountName: postgresql + containers: + - image: postgres:14.7-alpine3.17 + name: postgres + env: + - name: POSTGRES_DB + value: postgres + - name: POSTGRES_USER + value: user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: root_password + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + ports: + - containerPort: 5432 + name: postgres + readinessProbe: + exec: + command: ["psql", "-U", "user", "-d", "postgres", "-c", "SELECT 1"] + initialDelaySeconds: 15 + timeoutSeconds: 2 + volumeMounts: + - name: postgres-stateful-data + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-stateful-data + persistentVolumeClaim: + claimName: postgres-pvc diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-pvc.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-pvc.yaml new file mode 100644 index 000000000..580620b0a --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-pvc.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: # kpt-merge: /postgres-pvc + name: postgres-pvc + labels: + app: postgres + annotations: + internal.kpt.dev/upstream-identifier: '|PersistentVolumeClaim|default|postgres-pvc' +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-secret.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-secret.yaml new file mode 100644 index 000000000..9eed13b7b --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-secret.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: # kpt-merge: /postgres-secret + name: postgres-secret + annotations: + internal.kpt.dev/upstream-identifier: '|Secret|default|postgres-secret' +type: Opaque +data: + root_password: password diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-service.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-service.yaml new file mode 100644 index 000000000..f36303693 --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: /postgres-service + name: postgres-service + labels: + app: postgres + annotations: + internal.kpt.dev/upstream-identifier: '|Service|default|postgres-service' +spec: + ports: + - protocol: TCP + port: 5432 + targetPort: 5432 + selector: + app: postgres diff --git a/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-serviceaccount.yaml b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-serviceaccount.yaml new file mode 100644 index 000000000..a87591a3f --- /dev/null +++ b/test-infra/kfp/kfp-standalone-1/kustomize/upstream/third-party/postgresql/base/pg-serviceaccount.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: # kpt-merge: /postgresql + name: postgresql + annotations: + internal.kpt.dev/upstream-identifier: '|ServiceAccount|default|postgresql'