From af47da3a399c07861229c7cc2e94637626b611b7 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Fri, 24 Sep 2021 14:55:17 -0400 Subject: [PATCH 01/15] [Docs] Initial document. --- website2/docs/schedulers-k8s-pod-templates.md | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 website2/docs/schedulers-k8s-pod-templates.md diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md new file mode 100644 index 00000000000..a6131dc2471 --- /dev/null +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -0,0 +1,63 @@ +--- +id: schedulers-k8s-pod-templates +title: Kubernetes Pod Templates +sidebar_label: Kubernetes Pod Templates +--- + + +> This document demonstrates how you can utilize custom [Pod Templates](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates) embedded in [Configuration Maps](https://kubernetes.io/docs/concepts/configuration/configmap/) for your computation nodes - i.e., Spouts and Bolts. + +When you deploy a topology to Heron on Kubernetes, you may specify a Pod Template to be used on the computation nodes. This can be achieved by providing a *unique* Pod Template name, and embedding the Pod Template within a Configuration Map. By default, Heron will use a default Pod Template which includes minimal configurations. + +Pod Templates will allow you to configure all aspects of the Pods where the computations occur. For instance, it might be desirable to set tighter security parameters in case of sensitive workloads or configure the metadata for the Pods to facilitate easier monitoring in `kubectl`. The use cases are boundless. + +## Usage + +To deploy a custom Pod Template to the Kubernetes with your workload, you must provide a valid Pod Template embedded in a valid Configuration Map. The name of the Pod Template *must be unique*, if not the first match for the specified Pod Template will be utilized. + +It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues. An example of a Pod Template is provided below, and is derived from the configuration for the Heron Tracker Pod: + +```yaml +apiVersion: apps/v1 +kind: PodTemplate +metadata: + name: heron-tracker + namespace: default +template: + metadata: + labels: + app: heron-tracker + spec: + containers: + - name: heron-tracker + image: apache/heron:latest + ports: + - containerPort: 8888 + name: api-port + resources: + requests: + cpu: "100m" + memory: "200M" + limits: + cpu: "400m" + memory: "512M" +``` +Once you have a valid Pod Template you may proceed to place it in a `ConfigMap`. Please take care to specify a unique + + +## How Heron on Kubernetes Works From f88a7440efbfab517bca7b2310f4c45d060f03d2 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Fri, 24 Sep 2021 15:02:31 -0400 Subject: [PATCH 02/15] [Docs] section. --- website2/docs/schedulers-k8s-pod-templates.md | 46 +++++++++++++++++-- 1 file changed, 43 insertions(+), 3 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index a6131dc2471..8dbbffcf2b9 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -20,7 +20,7 @@ sidebar_label: Kubernetes Pod Templates under the License. --> -> This document demonstrates how you can utilize custom [Pod Templates](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates) embedded in [Configuration Maps](https://kubernetes.io/docs/concepts/configuration/configmap/) for your computation nodes - i.e., Spouts and Bolts. +> This document demonstrates how you can utilize custom [Pod Templates](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates) embedded in [Configuration Maps](https://kubernetes.io/docs/concepts/configuration/configmap/) for your computation nodes - i.e., Spouts and Bolts. You may specify different Pod Templates for different workloads. When you deploy a topology to Heron on Kubernetes, you may specify a Pod Template to be used on the computation nodes. This can be achieved by providing a *unique* Pod Template name, and embedding the Pod Template within a Configuration Map. By default, Heron will use a default Pod Template which includes minimal configurations. @@ -30,7 +30,11 @@ Pod Templates will allow you to configure all aspects of the Pods where the comp To deploy a custom Pod Template to the Kubernetes with your workload, you must provide a valid Pod Template embedded in a valid Configuration Map. The name of the Pod Template *must be unique*, if not the first match for the specified Pod Template will be utilized. -It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues. An example of a Pod Template is provided below, and is derived from the configuration for the Heron Tracker Pod: +It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues. + +### Pod Templates + +An example of a Pod Template is provided below, and is derived from the configuration for the Heron Tracker Pod: ```yaml apiVersion: apps/v1 @@ -57,7 +61,43 @@ template: cpu: "400m" memory: "512M" ``` -Once you have a valid Pod Template you may proceed to place it in a `ConfigMap`. Please take care to specify a unique +Once you have a valid Pod Template you may proceed to place it in a `ConfigMap`. *Please take care to specify a unique variable name for the Pod Template label within the `ConfigMap`*. The label you specify here will be used by Heron to select the Pod Template to use for the computation Pods. + +### Configuration Maps + +The `ConfigMap` should appear as follows in our example: + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: some-config-map-name +data: + configmap-name: | + apiVersion: apps/v1 + kind: PodTemplate + metadata: + name: heron-tracker + namespace: default + template: + metadata: + labels: + app: heron-tracker + spec: + containers: + - name: heron-tracker + image: apache/heron:latest + ports: + - containerPort: 8888 + name: api-port + resources: + requests: + cpu: "100m" + memory: "200M" + limits: + cpu: "400m" + memory: "512M" +``` ## How Heron on Kubernetes Works From 43b37ce0bbf678b38f04d31e2bdd197025b28f94 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Fri, 24 Sep 2021 17:44:23 -0400 Subject: [PATCH 03/15] [Docs] generating and registering a ConfigMap. --- website2/docs/schedulers-k8s-pod-templates.md | 52 +++++++++++++++---- 1 file changed, 43 insertions(+), 9 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 8dbbffcf2b9..0b44b3c9ea4 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -20,18 +20,20 @@ sidebar_label: Kubernetes Pod Templates under the License. --> -> This document demonstrates how you can utilize custom [Pod Templates](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates) embedded in [Configuration Maps](https://kubernetes.io/docs/concepts/configuration/configmap/) for your computation nodes - i.e., Spouts and Bolts. You may specify different Pod Templates for different workloads. +> This document demonstrates how you can utilize custom [Pod Templates](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates) embedded in [Configuration Maps](https://kubernetes.io/docs/concepts/configuration/configmap/) for your computation nodes - i.e., Spouts and Bolts. You may specify different Pod Templates for different topologies. When you deploy a topology to Heron on Kubernetes, you may specify a Pod Template to be used on the computation nodes. This can be achieved by providing a *unique* Pod Template name, and embedding the Pod Template within a Configuration Map. By default, Heron will use a default Pod Template which includes minimal configurations. -Pod Templates will allow you to configure all aspects of the Pods where the computations occur. For instance, it might be desirable to set tighter security parameters in case of sensitive workloads or configure the metadata for the Pods to facilitate easier monitoring in `kubectl`. The use cases are boundless. +Pod Templates will allow you to configure all aspects of the Pods where the computations occur. For instance, it might be desirable to set tighter security parameters in case of sensitive topologies or configure the metadata for the Pods to facilitate easier monitoring in `kubectl`. The use cases are boundless. -## Usage +## Preparation -To deploy a custom Pod Template to the Kubernetes with your workload, you must provide a valid Pod Template embedded in a valid Configuration Map. The name of the Pod Template *must be unique*, if not the first match for the specified Pod Template will be utilized. +To deploy a custom Pod Template to the Kubernetes with your topology, you must provide a valid Pod Template embedded in a valid Configuration Map. The name of the Pod Template *must be unique*, if not the first match for the specified Pod Template will be utilized. It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues. +We will be using `POD-TEMPLATE-NAME` to refer to the name of key item in the `ConfigMap` and `CONFIGMAP-NAME` to refer to the name of the `ConfigMap`. + ### Pod Templates An example of a Pod Template is provided below, and is derived from the configuration for the Heron Tracker Pod: @@ -62,19 +64,35 @@ template: memory: "512M" ``` -Once you have a valid Pod Template you may proceed to place it in a `ConfigMap`. *Please take care to specify a unique variable name for the Pod Template label within the `ConfigMap`*. The label you specify here will be used by Heron to select the Pod Template to use for the computation Pods. +You would need to save this file as `POD-TEMPLATE-NAME.yaml`. Once you have a valid Pod Template you may proceed to generate a `ConfigMap`. ### Configuration Maps -The `ConfigMap` should appear as follows in our example: +TO generate a `ConfigMap` you will need to run the following command: + +```bash +kubectl create configmap CONFIG-MAP-NAME --from-file=path/to/POD-TEMPLATE-NAME.yaml +``` + +If you then run the following command: + +```bash +kubectl get configmaps CONFIG-MAP-NAME -o yaml +``` + +The `ConfigMap` should appear similar to the one below for our example: ```yaml apiVersion: v1 kind: ConfigMap metadata: - name: some-config-map-name + creationTimestamp: 2021-09-24T18:52:05Z + name: CONFIG-MAP-NAME + namespace: default + resourceVersion: "516" + uid: b4952dc3-d670-11e5-8cd0-68f728db1985 data: - configmap-name: | + POD-TEMPLATE-NAME: | apiVersion: apps/v1 kind: PodTemplate metadata: @@ -98,6 +116,22 @@ data: limits: cpu: "400m" memory: "512M" + SOME-OTHER-KEY: some_other_data_item ``` -## How Heron on Kubernetes Works +## Submitting + +To use the `ConfigMap` for a topology you would submit with the additional flag `--confg-property`. The `--config-property` take a key value pair: + +* Key: `heron.kubernetes.pod.template.configmap.name` +* Value: `POD-TEMPLATE-NAME` + +For example: + +```bash +heron submit kubernetes \ + --service-url=http://localhost:8001/api/v1/namespaces/default/services/heron-apiserver:9000/proxy \ + ~/.heron/examples/heron-api-examples.jar \ + org.apache.heron.examples.api.AckingTopology acking \ + --config-property heron.kubernetes.pod.template.configmap.name=POD-TEMPLATE-NAME +``` From 857ac64f00137d79aacad6559a30cb35910cc406 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Fri, 24 Sep 2021 17:54:31 -0400 Subject: [PATCH 04/15] [Docs] linking into the sidebar. --- website2/website/sidebars.json | 1 + 1 file changed, 1 insertion(+) diff --git a/website2/website/sidebars.json b/website2/website/sidebars.json index 05de426f894..bab30439e2b 100755 --- a/website2/website/sidebars.json +++ b/website2/website/sidebars.json @@ -53,6 +53,7 @@ "Schedulers": [ "schedulers-k8s-by-hand", "schedulers-k8s-with-helm", + "schedulers-k8s-pod-templates", "schedulers-aurora-cluster", "schedulers-aurora-local", "schedulers-local", From 3a638d52eb484366de0a380b098783f3122cc4ce Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Sat, 25 Sep 2021 18:12:43 -0400 Subject: [PATCH 05/15] [Docs] updated for the CONFIG-MAP-NAME.POD-TEMPLATE-NAME. --- website2/docs/schedulers-k8s-pod-templates.md | 28 +++++++++++-------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 0b44b3c9ea4..3989e3e7b22 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -22,17 +22,21 @@ sidebar_label: Kubernetes Pod Templates > This document demonstrates how you can utilize custom [Pod Templates](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates) embedded in [Configuration Maps](https://kubernetes.io/docs/concepts/configuration/configmap/) for your computation nodes - i.e., Spouts and Bolts. You may specify different Pod Templates for different topologies. -When you deploy a topology to Heron on Kubernetes, you may specify a Pod Template to be used on the computation nodes. This can be achieved by providing a *unique* Pod Template name, and embedding the Pod Template within a Configuration Map. By default, Heron will use a default Pod Template which includes minimal configurations. +When you deploy a topology to Heron on Kubernetes, you may specify a Pod Template to be used on the computation nodes. This can be achieved by providing a valid Pod Template, and embedding the Pod Template within a Configuration Map. By default, Heron will use a minimally configured Pod Template which is adequate to deploy a topology. Pod Templates will allow you to configure all aspects of the Pods where the computations occur. For instance, it might be desirable to set tighter security parameters in case of sensitive topologies or configure the metadata for the Pods to facilitate easier monitoring in `kubectl`. The use cases are boundless. ## Preparation -To deploy a custom Pod Template to the Kubernetes with your topology, you must provide a valid Pod Template embedded in a valid Configuration Map. The name of the Pod Template *must be unique*, if not the first match for the specified Pod Template will be utilized. +To deploy a custom Pod Template to Kubernetes with your topology, you must provide a valid Pod Template embedded in a valid Configuration Map. We will be using the following variables throughout this document, some of which are reserved variable names: -It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues. +* `POD-TEMPLATE-NAME`: This is the name of the Pod Template's YAML definition file. This is ***not*** a reserved variable name. +* `CONFIG-MAP-NAME`: This is the name which will be used by the Configuration Map in which the Pod Template will be embedded by `kubectl`. This is ***not*** a reserved variable name. +* `heron.kubernetes.pod.template.configmap.name`: Variable name used as the key passed to `kubectl` on the CLI. This ***is*** a reserved variable name. + +***NOTE***: Please do ***not*** use the `.` (period character) in the names of the `CONFIG-MAP-NAME` and `POD-TEMPLATE-NAME`s. This character will be used as a delineation when submitting your topologies. -We will be using `POD-TEMPLATE-NAME` to refer to the name of key item in the `ConfigMap` and `CONFIGMAP-NAME` to refer to the name of the `ConfigMap`. +It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues. ### Pod Templates @@ -64,17 +68,17 @@ template: memory: "512M" ``` -You would need to save this file as `POD-TEMPLATE-NAME.yaml`. Once you have a valid Pod Template you may proceed to generate a `ConfigMap`. +You would need to save this file as `POD-TEMPLATE-NAME`. Once you have a valid Pod Template you may proceed to generate a `ConfigMap`. ### Configuration Maps -TO generate a `ConfigMap` you will need to run the following command: +To generate a `ConfigMap` you will need to run the following command: ```bash -kubectl create configmap CONFIG-MAP-NAME --from-file=path/to/POD-TEMPLATE-NAME.yaml +kubectl create configmap CONFIG-MAP-NAME --from-file=path/to/POD-TEMPLATE-NAME ``` -If you then run the following command: +You may then want to verify the contents of the `ConfigMap` by running the following command: ```bash kubectl get configmaps CONFIG-MAP-NAME -o yaml @@ -121,10 +125,12 @@ data: ## Submitting -To use the `ConfigMap` for a topology you would submit with the additional flag `--confg-property`. The `--config-property` take a key value pair: +To use the `ConfigMap` for a topology you would submit with the additional flag `--confg-property`. The `--config-property key=value` takes a key value pair: * Key: `heron.kubernetes.pod.template.configmap.name` -* Value: `POD-TEMPLATE-NAME` +* Value: `CONFIG-MAP-NAME.POD-TEMPLATE-NAME` + +Please note that you must concatenate `CONFIG-MAP-NAME` and `POD-TEMPLATE-NAME` with a **`.`** (period chracter). For example: @@ -133,5 +139,5 @@ heron submit kubernetes \ --service-url=http://localhost:8001/api/v1/namespaces/default/services/heron-apiserver:9000/proxy \ ~/.heron/examples/heron-api-examples.jar \ org.apache.heron.examples.api.AckingTopology acking \ - --config-property heron.kubernetes.pod.template.configmap.name=POD-TEMPLATE-NAME + --config-property heron.kubernetes.pod.template.configmap.name=CONFIG-MAP-NAME.POD-TEMPLATE-NAME ``` From 27f7fb25ff36cdb479fa5fe56f9d077845eebc1f Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Mon, 27 Sep 2021 18:02:35 -0400 Subject: [PATCH 06/15] [Docs] updates with output from and for commands. --- website2/docs/schedulers-k8s-pod-templates.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 3989e3e7b22..1e9b692640d 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -32,7 +32,7 @@ To deploy a custom Pod Template to Kubernetes with your topology, you must provi * `POD-TEMPLATE-NAME`: This is the name of the Pod Template's YAML definition file. This is ***not*** a reserved variable name. * `CONFIG-MAP-NAME`: This is the name which will be used by the Configuration Map in which the Pod Template will be embedded by `kubectl`. This is ***not*** a reserved variable name. -* `heron.kubernetes.pod.template.configmap.name`: Variable name used as the key passed to `kubectl` on the CLI. This ***is*** a reserved variable name. +* `heron.kubernetes.pod.template.configmap.name`: This variable name used as the key passed to Heron for the `--config-property` on the CLI. This ***is*** a reserved variable name. ***NOTE***: Please do ***not*** use the `.` (period character) in the names of the `CONFIG-MAP-NAME` and `POD-TEMPLATE-NAME`s. This character will be used as a delineation when submitting your topologies. @@ -75,7 +75,7 @@ You would need to save this file as `POD-TEMPLATE-NAME`. Once you have a valid P To generate a `ConfigMap` you will need to run the following command: ```bash -kubectl create configmap CONFIG-MAP-NAME --from-file=path/to/POD-TEMPLATE-NAME +kubectl create configmap CONFIG-MAP-NAME --from-file path/to/POD-TEMPLATE-NAME ``` You may then want to verify the contents of the `ConfigMap` by running the following command: @@ -88,15 +88,8 @@ The `ConfigMap` should appear similar to the one below for our example: ```yaml apiVersion: v1 -kind: ConfigMap -metadata: - creationTimestamp: 2021-09-24T18:52:05Z - name: CONFIG-MAP-NAME - namespace: default - resourceVersion: "516" - uid: b4952dc3-d670-11e5-8cd0-68f728db1985 data: - POD-TEMPLATE-NAME: | + POD-TEMPLATE-NAME: |- apiVersion: apps/v1 kind: PodTemplate metadata: @@ -121,6 +114,13 @@ data: cpu: "400m" memory: "512M" SOME-OTHER-KEY: some_other_data_item +kind: ConfigMap +metadata: + creationTimestamp: "2021-09-27T21:55:30Z" + name: CONFIG-MAP-NAME + namespace: default + resourceVersion: "1313" + uid: ba001653-03d9-4ac8-804c-d2c55c974281 ``` ## Submitting From 77dd2f459059b9eca6a15ea4692bd5e9ba994d79 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Thu, 7 Oct 2021 13:11:11 -0400 Subject: [PATCH 07/15] [Docs] updates on how to disable and remove topologies in the event of an error. --- website2/docs/schedulers-k8s-pod-templates.md | 31 ++++++++++++++----- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 1e9b692640d..d218ae30481 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -22,9 +22,17 @@ sidebar_label: Kubernetes Pod Templates > This document demonstrates how you can utilize custom [Pod Templates](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates) embedded in [Configuration Maps](https://kubernetes.io/docs/concepts/configuration/configmap/) for your computation nodes - i.e., Spouts and Bolts. You may specify different Pod Templates for different topologies. +
+ When you deploy a topology to Heron on Kubernetes, you may specify a Pod Template to be used on the computation nodes. This can be achieved by providing a valid Pod Template, and embedding the Pod Template within a Configuration Map. By default, Heron will use a minimally configured Pod Template which is adequate to deploy a topology. -Pod Templates will allow you to configure all aspects of the Pods where the computations occur. For instance, it might be desirable to set tighter security parameters in case of sensitive topologies or configure the metadata for the Pods to facilitate easier monitoring in `kubectl`. The use cases are boundless. +Pod Templates will allow you to configure most aspects of the Pods where the computations occur, with some exceptions. There are some aspects of Pods for which Heron will have the final say, and which will not be user-customizable. Please view the tables at the end of this document to identify what is set by Heron. + +
+ +> System Administrators: You may wish to disable the ability to load custom Pod Templates. To achieve this, you must pass add the `-D heron.kubernetes.pod.template.configmap.disabled=true` to the Heron API Server on the command line during boot. This command has been added to the Kubernetes configuration files to deploy the Heron API Server and can be uncommented. Please take care to ensure that the indentation is correct. + +
## Preparation @@ -34,16 +42,16 @@ To deploy a custom Pod Template to Kubernetes with your topology, you must provi * `CONFIG-MAP-NAME`: This is the name which will be used by the Configuration Map in which the Pod Template will be embedded by `kubectl`. This is ***not*** a reserved variable name. * `heron.kubernetes.pod.template.configmap.name`: This variable name used as the key passed to Heron for the `--config-property` on the CLI. This ***is*** a reserved variable name. -***NOTE***: Please do ***not*** use the `.` (period character) in the names of the `CONFIG-MAP-NAME` and `POD-TEMPLATE-NAME`s. This character will be used as a delineation when submitting your topologies. +***NOTE***: Please do ***not*** use the `.` (period character) in the name of the `CONFIG-MAP-NAME`. This character will be used as a delimiter when submitting your topologies. -It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues. +It is highly advised that you validate your Pod Templates before placing them in a `ConfigMap` to isolate any validity issues using a tool such as [Kubeval](https://kubeval.instrumenta.dev/). ### Pod Templates An example of a Pod Template is provided below, and is derived from the configuration for the Heron Tracker Pod: ```yaml -apiVersion: apps/v1 +apiVersion: v1 kind: PodTemplate metadata: name: heron-tracker @@ -89,8 +97,8 @@ The `ConfigMap` should appear similar to the one below for our example: ```yaml apiVersion: v1 data: - POD-TEMPLATE-NAME: |- - apiVersion: apps/v1 + POD-TEMPLATE-NAME: | + apiVersion: v1 kind: PodTemplate metadata: name: heron-tracker @@ -113,7 +121,6 @@ data: limits: cpu: "400m" memory: "512M" - SOME-OTHER-KEY: some_other_data_item kind: ConfigMap metadata: creationTimestamp: "2021-09-27T21:55:30Z" @@ -141,3 +148,13 @@ heron submit kubernetes \ org.apache.heron.examples.api.AckingTopology acking \ --config-property heron.kubernetes.pod.template.configmap.name=CONFIG-MAP-NAME.POD-TEMPLATE-NAME ``` + +If a topology fails to be submitted to the Kubernetes cluster due to a misconfigured Pod Template or invalid location, you must issue the `kill` command to remove it from the Topology manager. As in the example preceding: + +```bash +heron kill kubernetes \ + --service-url=http://localhost:8001/api/v1/namespaces/default/services/heron-apiserver:9000/proxy \ + acking +``` + +This is a temporary workaround as we work towards as solution where a failure to deploy on Kubernetes will remove the toloogoy as well. From 8d3613accf02543d4874410e7407c3cd3f856a18 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Thu, 7 Oct 2021 14:24:00 -0400 Subject: [PATCH 08/15] [Docs] added items overwritten by Heron in Pod Templates. --- website2/docs/schedulers-k8s-pod-templates.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index d218ae30481..a4a1942aa30 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -158,3 +158,30 @@ heron kill kubernetes \ ``` This is a temporary workaround as we work towards as solution where a failure to deploy on Kubernetes will remove the toloogoy as well. + +## Heron Configured Items in Pod Templates + +### Metadata + +All metadata in the Pods is overwritten by Heron. + +| name | description | default | +|---|---|---| +| Annotation: `prometheus.io/scrape` | Flag to indicate whether Prometheus logs can be scraped. | `true` | +| Annotation `prometheus.io/port` | Port address placef Prometheus scraping. | `8080`
*Can be customized from `KubernetesConstants`.* +| Annotation: Pod | General annotations for the Pod. | Loaded from Configs. +| Annotation: Service | Service annotations for the Pod | Loaded from Configs. +| Label: `app` | | `Heron`
*Can be customized from `KubernetesConstants`.* +| Label: `Topology`| The name of topology which was provided when submitting. | User defined, supplied on the CLI. + +### Container + +The following items will be set in the Pod Templates `spec` by Heron. + +| name | description | default | +|---|---|---| +`terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal. | `0` +| `tolerations` | Ensures that Pods with `tolerations` are scheduled onto Nodes with matching `Taints` | Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Common values set:
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` +| `containers` | Docker container image to be used on the executor Pods. | Configured by Heron based on configs. +| `volumes` | Volumes to be mounted within the container. | Loaded from the Heron configs if present. +| `secretVolumes` | Secret volumes to be mounted within the container. | Loaded from the Heron configs if present. From a20b33343c28950baa40730b23dcf598894abaaf Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Thu, 7 Oct 2021 17:26:36 -0400 Subject: [PATCH 09/15] [Docs] minor typos and additions. --- website2/docs/schedulers-k8s-pod-templates.md | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index a4a1942aa30..46c032c8201 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -30,7 +30,7 @@ Pod Templates will allow you to configure most aspects of the Pods where the com
-> System Administrators: You may wish to disable the ability to load custom Pod Templates. To achieve this, you must pass add the `-D heron.kubernetes.pod.template.configmap.disabled=true` to the Heron API Server on the command line during boot. This command has been added to the Kubernetes configuration files to deploy the Heron API Server and can be uncommented. Please take care to ensure that the indentation is correct. +> System Administrators: You may wish to disable the ability to load custom Pod Templates. To achieve this, you must pass the `-D heron.kubernetes.pod.template.configmap.disabled=true` to the Heron API Server on the command line during boot. This command has been added to the Kubernetes configuration files to deploy the Heron API Server and can be uncommented. Please take care to ensure that the indentation is correct.
@@ -38,8 +38,8 @@ Pod Templates will allow you to configure most aspects of the Pods where the com To deploy a custom Pod Template to Kubernetes with your topology, you must provide a valid Pod Template embedded in a valid Configuration Map. We will be using the following variables throughout this document, some of which are reserved variable names: -* `POD-TEMPLATE-NAME`: This is the name of the Pod Template's YAML definition file. This is ***not*** a reserved variable name. -* `CONFIG-MAP-NAME`: This is the name which will be used by the Configuration Map in which the Pod Template will be embedded by `kubectl`. This is ***not*** a reserved variable name. +* `POD-TEMPLATE-NAME`: This is the name of the Pod Template's YAML definition file. This is ***not*** a reserved variable and is a place-holder name. +* `CONFIG-MAP-NAME`: This is the name which will be used by the Configuration Map in which the Pod Template will be embedded by `kubectl`. This is ***not*** a reserved variable and is a place-holder name. * `heron.kubernetes.pod.template.configmap.name`: This variable name used as the key passed to Heron for the `--config-property` on the CLI. This ***is*** a reserved variable name. ***NOTE***: Please do ***not*** use the `.` (period character) in the name of the `CONFIG-MAP-NAME`. This character will be used as a delimiter when submitting your topologies. @@ -157,7 +157,7 @@ heron kill kubernetes \ acking ``` -This is a temporary workaround as we work towards as solution where a failure to deploy on Kubernetes will remove the toloogoy as well. +This is a temporary workaround as we work towards as solution where a failure to deploy on Kubernetes will remove the topology as well. ## Heron Configured Items in Pod Templates @@ -168,20 +168,20 @@ All metadata in the Pods is overwritten by Heron. | name | description | default | |---|---|---| | Annotation: `prometheus.io/scrape` | Flag to indicate whether Prometheus logs can be scraped. | `true` | -| Annotation `prometheus.io/port` | Port address placef Prometheus scraping. | `8080`
*Can be customized from `KubernetesConstants`.* -| Annotation: Pod | General annotations for the Pod. | Loaded from Configs. -| Annotation: Service | Service annotations for the Pod | Loaded from Configs. -| Label: `app` | | `Heron`
*Can be customized from `KubernetesConstants`.* -| Label: `Topology`| The name of topology which was provided when submitting. | User defined, supplied on the CLI. +| Annotation `prometheus.io/port` | Port address for Prometheus log scraping. | `8080`
*Can be customized from `KubernetesConstants`.* +| Annotation: Pod | Pod's revision/version hash. | Automatically set. +| Annotation: Service | Labels services can use to attach to the Pod. | Automatically set. +| Label: `app` | Name of the application lauching the Pod. | `Heron`
*Can be customized from `KubernetesConstants`.* +| Label: `topology`| The name of topology which was provided when submitting. | User defined and supplied on the CLI. ### Container -The following items will be set in the Pod Templates `spec` by Heron. +The following items will be set in the Pod Template's `spec` by Heron. | name | description | default | |---|---|---| -`terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal. | `0` -| `tolerations` | Ensures that Pods with `tolerations` are scheduled onto Nodes with matching `Taints` | Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Common values set:
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` +`terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal. | `0` seconds. +| `tolerations` | Attempts to colocate Pods with `tolerations` and `taints` onto nodes hosting Pods with matching `tolerations` and `taints`. | Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` | `containers` | Docker container image to be used on the executor Pods. | Configured by Heron based on configs. | `volumes` | Volumes to be mounted within the container. | Loaded from the Heron configs if present. -| `secretVolumes` | Secret volumes to be mounted within the container. | Loaded from the Heron configs if present. +| `secretVolumes` | Secrets to be mounted as volumes within the container. | Loaded from the Heron configs if present. From 56d048c4d32c0da6a2b16b0f769fa5c8c70cae42 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Mon, 11 Oct 2021 10:52:30 -0400 Subject: [PATCH 10/15] [Docs] customisation of Heron's executor and support for auxiliary containers. --- website2/docs/schedulers-k8s-pod-templates.md | 35 +++++++++++-------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 46c032c8201..d7c48da3c1f 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -161,27 +161,34 @@ This is a temporary workaround as we work towards as solution where a failure to ## Heron Configured Items in Pod Templates -### Metadata +Heron will locate the container named `executor` in the Pod Template and customize it as outlined below. All other containers within the Pod Template will remain unchanged. -All metadata in the Pods is overwritten by Heron. +### Executor Container -| name | description | default | +All metadata for the `executor` container will be overwritten by Heron. In some other cases, values from the Pod Template for the `executor` will be overwritten by Heron as outline below. + +| Name | Description | Policy | |---|---|---| -| Annotation: `prometheus.io/scrape` | Flag to indicate whether Prometheus logs can be scraped. | `true` | -| Annotation `prometheus.io/port` | Port address for Prometheus log scraping. | `8080`
*Can be customized from `KubernetesConstants`.* -| Annotation: Pod | Pod's revision/version hash. | Automatically set. +| `image` | The `executor` container's image. | Overwritten by Heron using values form the config. +| `env` | Environment variables are made available within the container. The `HOST` and `POD_NAME` keys are required by Heron and are thus reserved. | Merged with Heron's values taking precedence. Deduplication is based on `name`. +| `ports` | Port numbers opened within the container. Some of these port number are required by Heron and are thus reserved. The reserved ports are defined in Heron's constants as [`6001`-`6010`]. | Merged with Heron's values taking precedence. Deduplication is based on the `containerPort` value. +| `limits` | Heron will attempt to load values for `cpu` and `memory` from its configs. If these values are not provided in the containers specs, Heron will place values from its configs. | User input takes precedence over Heron's values. This allows for per job custom resource limits. +| `volumeMounts` | These are the mount points within the `executor` container for the `volumes` available in the Pod. | Merged with Heron's values taking precedence. Deduplication is based on the `name` value. +| Annotation: `prometheus.io/scrape` | Flag to indicate whether Prometheus logs can be scraped and is set to `true`. | Value is overridden by Heron. | +| Annotation `prometheus.io/port` | Port address for Prometheus log scraping and is set to `8080`. | Values are overridden by Heron. +| Annotation: Pod | Pod's revision/version hash. | Automatically set. | Annotation: Service | Labels services can use to attach to the Pod. | Automatically set. -| Label: `app` | Name of the application lauching the Pod. | `Heron`
*Can be customized from `KubernetesConstants`.* +| Label: `app` | Name of the application lauching the Pod and is set to `Heron`. | Values are overridden by Heron. | Label: `topology`| The name of topology which was provided when submitting. | User defined and supplied on the CLI. -### Container +### Pod The following items will be set in the Pod Template's `spec` by Heron. -| name | description | default | +| Name | Description | Policy | |---|---|---| -`terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal. | `0` seconds. -| `tolerations` | Attempts to colocate Pods with `tolerations` and `taints` onto nodes hosting Pods with matching `tolerations` and `taints`. | Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` -| `containers` | Docker container image to be used on the executor Pods. | Configured by Heron based on configs. -| `volumes` | Volumes to be mounted within the container. | Loaded from the Heron configs if present. -| `secretVolumes` | Secrets to be mounted as volumes within the container. | Loaded from the Heron configs if present. +`terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal and is set to `0` seconds. | Values are overridden by Heron. +| `tolerations` | Attempts to colocate Pods with `tolerations` and `taints` onto nodes hosting Pods with matching `tolerations` and `taints`.
Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` | Values are overridden by Heron. +| `containers` | Configurations for containers to be launched within the Pod. | All `containers`, excluding the `executor`, are loaded as-is. +| `volumes` | Volumes to be made available to the entire Pod. | Merged with Heron's values taking precedence. Deduplication is based on the `name` value. +| `secretVolumes` | Secrets to be mounted as volumes within the Pod. | Loaded from the Heron configs if present. From f2be1157a3ba6a6503889f6e87b6449fed0da9a4 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Tue, 12 Oct 2021 14:59:16 -0400 Subject: [PATCH 11/15] [Docs] fixed dangling references within the Scheduler and cleaned up the State Manager in the event of a failed topology submission. --- website2/docs/schedulers-k8s-pod-templates.md | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index d7c48da3c1f..20ac863afeb 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -149,16 +149,6 @@ heron submit kubernetes \ --config-property heron.kubernetes.pod.template.configmap.name=CONFIG-MAP-NAME.POD-TEMPLATE-NAME ``` -If a topology fails to be submitted to the Kubernetes cluster due to a misconfigured Pod Template or invalid location, you must issue the `kill` command to remove it from the Topology manager. As in the example preceding: - -```bash -heron kill kubernetes \ - --service-url=http://localhost:8001/api/v1/namespaces/default/services/heron-apiserver:9000/proxy \ - acking -``` - -This is a temporary workaround as we work towards as solution where a failure to deploy on Kubernetes will remove the topology as well. - ## Heron Configured Items in Pod Templates Heron will locate the container named `executor` in the Pod Template and customize it as outlined below. All other containers within the Pod Template will remain unchanged. From 3e474597554381386fb3feb186158ef980489bb0 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Sat, 16 Oct 2021 14:16:53 -0400 Subject: [PATCH 12/15] [Docs] fixed description of Tolerations. --- website2/docs/schedulers-k8s-pod-templates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 20ac863afeb..0f92ef1b931 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -178,7 +178,7 @@ The following items will be set in the Pod Template's `spec` by Heron. | Name | Description | Policy | |---|---|---| `terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal and is set to `0` seconds. | Values are overridden by Heron. -| `tolerations` | Attempts to colocate Pods with `tolerations` and `taints` onto nodes hosting Pods with matching `tolerations` and `taints`.
Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` | Values are overridden by Heron. +| `tolerations` | Attempts to schedule Pods with `taints` onto nodes hosting Pods with matching `taints`.
Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` | Values are overridden by Heron. | `containers` | Configurations for containers to be launched within the Pod. | All `containers`, excluding the `executor`, are loaded as-is. | `volumes` | Volumes to be made available to the entire Pod. | Merged with Heron's values taking precedence. Deduplication is based on the `name` value. | `secretVolumes` | Secrets to be mounted as volumes within the Pod. | Loaded from the Heron configs if present. From 658f1a69be9204e7f97fa329f340606361c57244 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Mon, 18 Oct 2021 11:12:22 -0400 Subject: [PATCH 13/15] [Docs] added info on Toleration merging. --- website2/docs/schedulers-k8s-pod-templates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 0f92ef1b931..f6e47d1f289 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -178,7 +178,7 @@ The following items will be set in the Pod Template's `spec` by Heron. | Name | Description | Policy | |---|---|---| `terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal and is set to `0` seconds. | Values are overridden by Heron. -| `tolerations` | Attempts to schedule Pods with `taints` onto nodes hosting Pods with matching `taints`.
Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` | Values are overridden by Heron. +| `tolerations` | Attempts to schedule Pods with `taints` onto nodes hosting Pods with matching `taints`. The entries below are included by default.
Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` | Merged with Heron's values taking precedence. Deduplication is based on the `key` value. | `containers` | Configurations for containers to be launched within the Pod. | All `containers`, excluding the `executor`, are loaded as-is. | `volumes` | Volumes to be made available to the entire Pod. | Merged with Heron's values taking precedence. Deduplication is based on the `name` value. | `secretVolumes` | Secrets to be mounted as volumes within the Pod. | Loaded from the Heron configs if present. From f9690d7e72e843594019a4761a8cf7c08e62a405 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Mon, 25 Oct 2021 22:49:38 -0400 Subject: [PATCH 14/15] [Docs] updates for namespace and removal of deprecated taints. --- website2/docs/schedulers-k8s-pod-templates.md | 23 ++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index f6e47d1f289..0a4804e9033 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -30,9 +30,24 @@ Pod Templates will allow you to configure most aspects of the Pods where the com
-> System Administrators: You may wish to disable the ability to load custom Pod Templates. To achieve this, you must pass the `-D heron.kubernetes.pod.template.configmap.disabled=true` to the Heron API Server on the command line during boot. This command has been added to the Kubernetes configuration files to deploy the Heron API Server and can be uncommented. Please take care to ensure that the indentation is correct. +> ***System Administrators:*** +> +> * You may wish to disable the ability to load custom Pod Templates. To achieve this, you must pass the define option `-D heron.kubernetes.pod.template.configmap.disabled=true` to the Heron API Server on the command line during boot. This command has been added to the Kubernetes configuration files to deploy the Heron API Server and is set to `false` by default. +> * If you have a custom `Role`/`ClusterRole` for the Heron API Server you will need to ensure the `ServiceAccount` attached to the API server has the correct permissions to access the `ConfigMaps`: +> +>```yaml +>rules: +>- apiGroups: +> - "" +> resources: +> - configmaps +> verbs: +> - get +> - watch +> - list +>``` -
+
## Preparation @@ -80,6 +95,8 @@ You would need to save this file as `POD-TEMPLATE-NAME`. Once you have a valid P ### Configuration Maps +> You must place the `ConfigMap` in the same namespace as the Heron API Server using the `--namespace` option in the commands below if the server is not in the `default` namespace. + To generate a `ConfigMap` you will need to run the following command: ```bash @@ -178,7 +195,7 @@ The following items will be set in the Pod Template's `spec` by Heron. | Name | Description | Policy | |---|---|---| `terminationGracePeriodSeconds` | Grace period to wait before shutting down the Pod after a `SIGTERM` signal and is set to `0` seconds. | Values are overridden by Heron. -| `tolerations` | Attempts to schedule Pods with `taints` onto nodes hosting Pods with matching `taints`. The entries below are included by default.
Keys:
`node.kubernetes.io/not-ready`
`node.alpha.kubernetes.io/notReady`
`node.alpha.kubernetes.io/unreachable`.
Values (common):
`operator: "Exists"`
`effect: NoExecute`
`tolerationSeconds: 10L` | Merged with Heron's values taking precedence. Deduplication is based on the `key` value. +| `tolerations` | Attempts to schedule Pods with `taints` onto nodes hosting Pods with matching `taints`. The entries below are included by default.
Keys:
`node.kubernetes.io/not-ready`
`node.kubernetes.io/unreachable`
Values (common):
`operator: Exists`
`effect: NoExecute`
`tolerationSeconds: 10L` | Merged with Heron's values taking precedence. Deduplication is based on the `key` value. | `containers` | Configurations for containers to be launched within the Pod. | All `containers`, excluding the `executor`, are loaded as-is. | `volumes` | Volumes to be made available to the entire Pod. | Merged with Heron's values taking precedence. Deduplication is based on the `name` value. | `secretVolumes` | Secrets to be mounted as volumes within the Pod. | Loaded from the Heron configs if present. From 757c5e7081f36343db98e64ca1a110d3eababb62 Mon Sep 17 00:00:00 2001 From: Saad Ur Rahman Date: Fri, 29 Oct 2021 12:32:57 -0400 Subject: [PATCH 15/15] [Docs] Heron config values for Limits take precedence. --- website2/docs/schedulers-k8s-pod-templates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website2/docs/schedulers-k8s-pod-templates.md b/website2/docs/schedulers-k8s-pod-templates.md index 0a4804e9033..e6fe3c981eb 100644 --- a/website2/docs/schedulers-k8s-pod-templates.md +++ b/website2/docs/schedulers-k8s-pod-templates.md @@ -179,7 +179,7 @@ All metadata for the `executor` container will be overwritten by Heron. In some | `image` | The `executor` container's image. | Overwritten by Heron using values form the config. | `env` | Environment variables are made available within the container. The `HOST` and `POD_NAME` keys are required by Heron and are thus reserved. | Merged with Heron's values taking precedence. Deduplication is based on `name`. | `ports` | Port numbers opened within the container. Some of these port number are required by Heron and are thus reserved. The reserved ports are defined in Heron's constants as [`6001`-`6010`]. | Merged with Heron's values taking precedence. Deduplication is based on the `containerPort` value. -| `limits` | Heron will attempt to load values for `cpu` and `memory` from its configs. If these values are not provided in the containers specs, Heron will place values from its configs. | User input takes precedence over Heron's values. This allows for per job custom resource limits. +| `limits` | Heron will attempt to load values for `cpu` and `memory` from configs. If these values are not provided in the Configs, then values from the Pod Templates will be used. | Heron's values take precedence over those in the Pod Templates. | `volumeMounts` | These are the mount points within the `executor` container for the `volumes` available in the Pod. | Merged with Heron's values taking precedence. Deduplication is based on the `name` value. | Annotation: `prometheus.io/scrape` | Flag to indicate whether Prometheus logs can be scraped and is set to `true`. | Value is overridden by Heron. | | Annotation `prometheus.io/port` | Port address for Prometheus log scraping and is set to `8080`. | Values are overridden by Heron.