From 0988cb2d73e04acfdc82cbc46fd7d5772f6f9f1a Mon Sep 17 00:00:00 2001 From: jsitu777 <59303945+jsitu777@users.noreply.github.com> Date: Thu, 2 Mar 2023 10:20:23 -0800 Subject: [PATCH] [Helm] Update Katib Chart for kubeflow v1.7.0 (#591) - update Katib Helm chart per kubeflow v1.7.0-rc.1 upstream --- .../Chart.yaml | 24 +---- ...katib-ui-kubeflow-AuthorizationPolicy.yaml | 15 +++ .../katib-controller-ClusterRole.yaml | 77 ++++++++++++--- .../ClusterRole/katib-ui-ClusterRole.yaml | 18 ++++ .../kubeflow-katib-edit-ClusterRole.yaml | 12 +++ .../katib-config-kubeflow-ConfigMap.yaml | 98 ++++++++++++++----- .../trial-templates-kubeflow-ConfigMap.yaml | 94 +++++++++++++----- .../katib-controller-kubeflow-Deployment.yaml | 13 ++- .../katib-db-manager-kubeflow-Deployment.yaml | 2 +- .../katib-ui-kubeflow-Deployment.yaml | 6 +- .../katib-controller-kubeflow-Service.yaml | 3 + .../templates/_helpers.tpl | 20 ++-- charts/apps/katib/vanilla/Chart.yaml | 24 +---- ...katib-ui-kubeflow-AuthorizationPolicy.yaml | 15 +++ .../katib-controller-ClusterRole.yaml | 77 ++++++++++++--- .../ClusterRole/katib-ui-ClusterRole.yaml | 18 ++++ .../kubeflow-katib-edit-ClusterRole.yaml | 12 +++ .../katib-config-kubeflow-ConfigMap.yaml | 30 +++--- .../trial-templates-kubeflow-ConfigMap.yaml | 8 +- .../katib-controller-kubeflow-Deployment.yaml | 13 ++- .../katib-db-manager-kubeflow-Deployment.yaml | 2 +- .../katib-ui-kubeflow-Deployment.yaml | 6 +- .../katib-controller-kubeflow-Service.yaml | 3 + tools/helmify/src/config.yaml | 8 +- 24 files changed, 438 insertions(+), 160 deletions(-) create mode 100644 charts/apps/katib/katib-external-db-with-kubeflow/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml create mode 100644 charts/apps/katib/vanilla/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/Chart.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/Chart.yaml index b8bd9d41ba..eb766d0b5b 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/Chart.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/Chart.yaml @@ -1,24 +1,6 @@ apiVersion: v2 -name: katib-external-db +appVersion: v0.15.0 description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. +name: katib type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v0.14.0-rc.0" +version: 0.2.0 diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml new file mode 100644 index 0000000000..9f43352c03 --- /dev/null +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml @@ -0,0 +1,15 @@ +apiVersion: security.istio.io/v1beta1 +kind: AuthorizationPolicy +metadata: + name: katib-ui + namespace: kubeflow +spec: + action: ALLOW + rules: + - from: + - source: + principals: + - cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account + selector: + matchLabels: + katib.kubeflow.org/component: ui diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-controller-ClusterRole.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-controller-ClusterRole.yaml index c43a81415d..dddb43b676 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-controller-ClusterRole.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-controller-ClusterRole.yaml @@ -6,39 +6,93 @@ rules: - apiGroups: - '' resources: - - configmaps - - serviceaccounts - services + verbs: + - get + - list + - watch + - create + - delete +- apiGroups: + - '' + resources: - events - - namespaces + verbs: + - create + - patch + - update +- apiGroups: + - '' + resources: + - serviceaccounts - persistentvolumes - persistentvolumeclaims + verbs: + - get + - list + - watch + - create +- apiGroups: + - '' + resources: + - namespaces + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - '' + resources: - pods - - pods/log - pods/status - - secrets verbs: - - '*' + - get - apiGroups: - apps resources: - deployments verbs: - - '*' + - get + - list + - watch + - create + - delete - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - - '*' + - get + - create + - list + - watch - apiGroups: - batch resources: - jobs - cronjobs verbs: - - '*' + - get + - list + - watch + - create + - delete +- apiGroups: + - kubeflow.org + resources: + - tfjobs + - pytorchjobs + - mpijobs + - xgboostjobs + - mxjobs + verbs: + - get + - list + - watch + - create + - delete - apiGroups: - kubeflow.org resources: @@ -51,10 +105,5 @@ rules: - suggestions - suggestions/status - suggestions/finalizers - - tfjobs - - pytorchjobs - - mpijobs - - xgboostjobs - - mxjobs verbs: - '*' diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-ui-ClusterRole.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-ui-ClusterRole.yaml index 0a1c8f8e69..25c3327ae1 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-ui-ClusterRole.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/katib-ui-ClusterRole.yaml @@ -18,3 +18,21 @@ rules: - suggestions verbs: - '*' +- apiGroups: + - '' + resources: + - pods + verbs: + - list +- apiGroups: + - '' + resources: + - pods/log + verbs: + - get +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml index bdcec0d608..f3ebd0acaa 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml @@ -21,3 +21,15 @@ rules: - deletecollection - patch - update +- apiGroups: + - '' + resources: + - pods + verbs: + - list +- apiGroups: + - '' + resources: + - pods/log + verbs: + - get diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml index 433c4d7341..9ddf97b61a 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml @@ -1,28 +1,80 @@ apiVersion: v1 data: - early-stopping: "{\n \"medianstop\": {\n \"image\": \"docker.io/kubeflowkatib/earlystopping-medianstop:v0.14.0\"\ - \n }\n}" - metrics-collector-sidecar: "{\n \"StdOut\": {\n \"image\": \"docker.io/kubeflowkatib/file-metrics-collector:v0.14.0\"\ - \n },\n \"File\": {\n \"image\": \"docker.io/kubeflowkatib/file-metrics-collector:v0.14.0\"\ - \n },\n \"TensorFlowEvent\": {\n \"image\": \"docker.io/kubeflowkatib/tfevent-metrics-collector:v0.14.0\"\ - ,\n \"resources\": {\n \"limits\": {\n \"memory\": \"1Gi\"\n \ - \ }\n }\n }\n}" - suggestion: "{\n \"random\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-hyperopt:v0.14.0\"\ - \n },\n \"tpe\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-hyperopt:v0.14.0\"\ - \n },\n \"grid\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-chocolate:v0.14.0\"\ - \n },\n \"hyperband\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-hyperband:v0.14.0\"\ - \n },\n \"bayesianoptimization\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-skopt:v0.14.0\"\ - \n },\n \"cmaes\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-goptuna:v0.14.0\"\ - \n },\n \"sobol\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-goptuna:v0.14.0\"\ - \n },\n \"multivariate-tpe\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-optuna:v0.14.0\"\ - \n },\n \"enas\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-enas:v0.14.0\"\ - ,\n \"resources\": {\n \"limits\": {\n \"memory\": \"200Mi\"\n\ - \ }\n }\n },\n \"darts\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-darts:v0.14.0\"\ - \n },\n \"pbt\": {\n \"image\": \"docker.io/kubeflowkatib/suggestion-pbt:v0.14.0\"\ - ,\n \"persistentVolumeClaimSpec\": {\n \"accessModes\": [\n \"\ - ReadWriteMany\"\n ],\n \"resources\": {\n \"requests\": {\n \ - \ \"storage\": \"5Gi\"\n }\n }\n }\n }\n}" + early-stopping: |- + { + "medianstop": { + "image": "docker.io/kubeflowkatib/earlystopping-medianstop:v0.15.0-rc.1" + } + } + metrics-collector-sidecar: |- + { + "StdOut": { + "image": "docker.io/kubeflowkatib/file-metrics-collector:v0.15.0-rc.1" + }, + "File": { + "image": "docker.io/kubeflowkatib/file-metrics-collector:v0.15.0-rc.1" + }, + "TensorFlowEvent": { + "image": "docker.io/kubeflowkatib/tfevent-metrics-collector:v0.15.0-rc.1", + "resources": { + "limits": { + "memory": "1Gi" + } + } + } + } + suggestion: |- + { + "random": { + "image": "docker.io/kubeflowkatib/suggestion-hyperopt:v0.15.0-rc.1" + }, + "tpe": { + "image": "docker.io/kubeflowkatib/suggestion-hyperopt:v0.15.0-rc.1" + }, + "grid": { + "image": "docker.io/kubeflowkatib/suggestion-optuna:v0.15.0-rc.1" + }, + "hyperband": { + "image": "docker.io/kubeflowkatib/suggestion-hyperband:v0.15.0-rc.1" + }, + "bayesianoptimization": { + "image": "docker.io/kubeflowkatib/suggestion-skopt:v0.15.0-rc.1" + }, + "cmaes": { + "image": "docker.io/kubeflowkatib/suggestion-goptuna:v0.15.0-rc.1" + }, + "sobol": { + "image": "docker.io/kubeflowkatib/suggestion-goptuna:v0.15.0-rc.1" + }, + "multivariate-tpe": { + "image": "docker.io/kubeflowkatib/suggestion-optuna:v0.15.0-rc.1" + }, + "enas": { + "image": "docker.io/kubeflowkatib/suggestion-enas:v0.15.0-rc.1", + "resources": { + "limits": { + "memory": "200Mi" + } + } + }, + "darts": { + "image": "docker.io/kubeflowkatib/suggestion-darts:v0.15.0-rc.1" + }, + "pbt": { + "image": "docker.io/kubeflowkatib/suggestion-pbt:v0.15.0-rc.1", + "persistentVolumeClaimSpec": { + "accessModes": [ + "ReadWriteMany" + ], + "resources": { + "requests": { + "storage": "5Gi" + } + } + } + } + } kind: ConfigMap metadata: name: katib-config - namespace: kubeflow + namespace: kubeflow \ No newline at end of file diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml index f07930c55a..cdc95fbba9 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml @@ -1,33 +1,75 @@ apiVersion: v1 data: - defaultTrialTemplate.yaml: "apiVersion: batch/v1\nkind: Job\nspec:\n template:\n\ - \ spec:\n containers:\n - name: training-container\n image:\ - \ docker.io/kubeflowkatib/mxnet-mnist:v0.14.0\n command:\n \ - \ - \"python3\"\n - \"/opt/mxnet-mnist/mnist.py\"\n - \"\ - --batch-size=64\"\n - \"--lr=${trialParameters.learningRate}\"\n \ - \ - \"--num-layers=${trialParameters.numberLayers}\"\n - \"\ - --optimizer=${trialParameters.optimizer}\"\n restartPolicy: Never" - enasCPUTemplate: "apiVersion: batch/v1\nkind: Job\nspec:\n template:\n spec:\n\ - \ containers:\n - name: training-container\n image: docker.io/kubeflowkatib/enas-cnn-cifar10-cpu:v0.14.0\n\ - \ command:\n - python3\n - -u\n - RunTrial.py\n\ - \ - --num_epochs=1\n - \"--architecture=\\\"${trialParameters.neuralNetworkArchitecture}\\\ - \"\"\n - \"--nn_config=\\\"${trialParameters.neuralNetworkConfig}\\\ - \"\"\n restartPolicy: Never" - pytorchJobTemplate: "apiVersion: kubeflow.org/v1\nkind: PyTorchJob\nspec:\n pytorchReplicaSpecs:\n\ - \ Master:\n replicas: 1\n restartPolicy: OnFailure\n template:\n\ - \ spec:\n containers:\n - name: pytorch\n \ - \ image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.14.0\n \ - \ command:\n - \"python3\"\n - \"/opt/pytorch-mnist/mnist.py\"\ - \n - \"--epochs=1\"\n - \"--lr=${trialParameters.learningRate}\"\ - \n - \"--momentum=${trialParameters.momentum}\"\n Worker:\n\ - \ replicas: 2\n restartPolicy: OnFailure\n template:\n spec:\n\ - \ containers:\n - name: pytorch\n image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.14.0\n\ - \ command:\n - \"python3\"\n - \"/opt/pytorch-mnist/mnist.py\"\ - \n - \"--epochs=1\"\n - \"--lr=${trialParameters.learningRate}\"\ - \n - \"--momentum=${trialParameters.momentum}\"" + defaultTrialTemplate.yaml: |- + apiVersion: batch/v1 + kind: Job + spec: + template: + spec: + containers: + - name: training-container + image: docker.io/kubeflowkatib/mxnet-mnist:v0.15.0-rc.1 + command: + - "python3" + - "/opt/mxnet-mnist/mnist.py" + - "--batch-size=64" + - "--lr=${trialParameters.learningRate}" + - "--num-layers=${trialParameters.numberLayers}" + - "--optimizer=${trialParameters.optimizer}" + restartPolicy: Never + enasCPUTemplate: |- + apiVersion: batch/v1 + kind: Job + spec: + template: + spec: + containers: + - name: training-container + image: docker.io/kubeflowkatib/enas-cnn-cifar10-cpu:v0.15.0-rc.1 + command: + - python3 + - -u + - RunTrial.py + - --num_epochs=1 + - "--architecture=\"${trialParameters.neuralNetworkArchitecture}\"" + - "--nn_config=\"${trialParameters.neuralNetworkConfig}\"" + restartPolicy: Never + pytorchJobTemplate: |- + apiVersion: kubeflow.org/v1 + kind: PyTorchJob + spec: + pytorchReplicaSpecs: + Master: + replicas: 1 + restartPolicy: OnFailure + template: + spec: + containers: + - name: pytorch + image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.15.0-rc.1 + command: + - "python3" + - "/opt/pytorch-mnist/mnist.py" + - "--epochs=1" + - "--lr=${trialParameters.learningRate}" + - "--momentum=${trialParameters.momentum}" + Worker: + replicas: 2 + restartPolicy: OnFailure + template: + spec: + containers: + - name: pytorch + image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.15.0-rc.1 + command: + - "python3" + - "/opt/pytorch-mnist/mnist.py" + - "--epochs=1" + - "--lr=${trialParameters.learningRate}" + - "--momentum=${trialParameters.momentum}" kind: ConfigMap metadata: labels: katib.kubeflow.org/component: trial-templates name: trial-templates - namespace: kubeflow + namespace: kubeflow \ No newline at end of file diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-controller-kubeflow-Deployment.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-controller-kubeflow-Deployment.yaml index 6ec1a0b3a5..55384b73fd 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-controller-kubeflow-Deployment.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-controller-kubeflow-Deployment.yaml @@ -35,7 +35,11 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: docker.io/kubeflowkatib/katib-controller:v0.14.0 + image: docker.io/kubeflowkatib/katib-controller:v0.15.0-rc.1 + livenessProbe: + httpGet: + path: /healthz + port: healthz name: katib-controller ports: - containerPort: 8443 @@ -44,6 +48,13 @@ spec: - containerPort: 8080 name: metrics protocol: TCP + - containerPort: 18080 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz volumeMounts: - mountPath: /tmp/cert name: cert diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml index 823ca4f95d..c48e174aea 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml @@ -48,7 +48,7 @@ spec: secretKeyRef: key: port name: mysql-secret - image: docker.io/kubeflowkatib/katib-db-manager:v0.14.0 + image: docker.io/kubeflowkatib/katib-db-manager:v0.15.0-rc.1 livenessProbe: exec: command: diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-ui-kubeflow-Deployment.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-ui-kubeflow-Deployment.yaml index 17352e7592..289df08a0d 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-ui-kubeflow-Deployment.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Deployment/katib-ui-kubeflow-Deployment.yaml @@ -13,7 +13,7 @@ spec: template: metadata: annotations: - sidecar.istio.io/inject: 'false' + sidecar.istio.io/inject: 'true' labels: katib.kubeflow.org/component: ui spec: @@ -27,7 +27,9 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: docker.io/kubeflowkatib/katib-ui:v0.14.0 + - name: APP_DISABLE_AUTH + value: 'false' + image: docker.io/kubeflowkatib/katib-ui:v0.15.0-rc.1 name: katib-ui ports: - containerPort: 8080 diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Service/katib-controller-kubeflow-Service.yaml b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Service/katib-controller-kubeflow-Service.yaml index 2c188fa175..00c1064f6b 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/Service/katib-controller-kubeflow-Service.yaml +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/Service/katib-controller-kubeflow-Service.yaml @@ -18,5 +18,8 @@ spec: - name: metrics port: 8080 targetPort: 8080 + - name: healthz + port: 18080 + targetPort: 18080 selector: katib.kubeflow.org/component: controller diff --git a/charts/apps/katib/katib-external-db-with-kubeflow/templates/_helpers.tpl b/charts/apps/katib/katib-external-db-with-kubeflow/templates/_helpers.tpl index bc7d7e0f63..f9fddd9a1c 100644 --- a/charts/apps/katib/katib-external-db-with-kubeflow/templates/_helpers.tpl +++ b/charts/apps/katib/katib-external-db-with-kubeflow/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "katib-external-db.name" -}} +{{- define "katib.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "katib-external-db.fullname" -}} +{{- define "katib.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "katib-external-db.chart" -}} +{{- define "katib.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "katib-external-db.labels" -}} -helm.sh/chart: {{ include "katib-external-db.chart" . }} -{{ include "katib-external-db.selectorLabels" . }} +{{- define "katib.labels" -}} +helm.sh/chart: {{ include "katib.chart" . }} +{{ include "katib.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "katib-external-db.selectorLabels" -}} -app.kubernetes.io/name: {{ include "katib-external-db.name" . }} +{{- define "katib.selectorLabels" -}} +app.kubernetes.io/name: {{ include "katib.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "katib-external-db.serviceAccountName" -}} +{{- define "katib.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} -{{- default (include "katib-external-db.fullname" .) .Values.serviceAccount.name }} +{{- default (include "katib.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} diff --git a/charts/apps/katib/vanilla/Chart.yaml b/charts/apps/katib/vanilla/Chart.yaml index a9d4af7b9b..eb766d0b5b 100644 --- a/charts/apps/katib/vanilla/Chart.yaml +++ b/charts/apps/katib/vanilla/Chart.yaml @@ -1,24 +1,6 @@ apiVersion: v2 -name: katib +appVersion: v0.15.0 description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. +name: katib type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v0.14.0-rc.0" +version: 0.2.0 diff --git a/charts/apps/katib/vanilla/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml b/charts/apps/katib/vanilla/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml new file mode 100644 index 0000000000..9f43352c03 --- /dev/null +++ b/charts/apps/katib/vanilla/templates/AuthorizationPolicy/katib-ui-kubeflow-AuthorizationPolicy.yaml @@ -0,0 +1,15 @@ +apiVersion: security.istio.io/v1beta1 +kind: AuthorizationPolicy +metadata: + name: katib-ui + namespace: kubeflow +spec: + action: ALLOW + rules: + - from: + - source: + principals: + - cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account + selector: + matchLabels: + katib.kubeflow.org/component: ui diff --git a/charts/apps/katib/vanilla/templates/ClusterRole/katib-controller-ClusterRole.yaml b/charts/apps/katib/vanilla/templates/ClusterRole/katib-controller-ClusterRole.yaml index c43a81415d..dddb43b676 100644 --- a/charts/apps/katib/vanilla/templates/ClusterRole/katib-controller-ClusterRole.yaml +++ b/charts/apps/katib/vanilla/templates/ClusterRole/katib-controller-ClusterRole.yaml @@ -6,39 +6,93 @@ rules: - apiGroups: - '' resources: - - configmaps - - serviceaccounts - services + verbs: + - get + - list + - watch + - create + - delete +- apiGroups: + - '' + resources: - events - - namespaces + verbs: + - create + - patch + - update +- apiGroups: + - '' + resources: + - serviceaccounts - persistentvolumes - persistentvolumeclaims + verbs: + - get + - list + - watch + - create +- apiGroups: + - '' + resources: + - namespaces + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - '' + resources: - pods - - pods/log - pods/status - - secrets verbs: - - '*' + - get - apiGroups: - apps resources: - deployments verbs: - - '*' + - get + - list + - watch + - create + - delete - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - - '*' + - get + - create + - list + - watch - apiGroups: - batch resources: - jobs - cronjobs verbs: - - '*' + - get + - list + - watch + - create + - delete +- apiGroups: + - kubeflow.org + resources: + - tfjobs + - pytorchjobs + - mpijobs + - xgboostjobs + - mxjobs + verbs: + - get + - list + - watch + - create + - delete - apiGroups: - kubeflow.org resources: @@ -51,10 +105,5 @@ rules: - suggestions - suggestions/status - suggestions/finalizers - - tfjobs - - pytorchjobs - - mpijobs - - xgboostjobs - - mxjobs verbs: - '*' diff --git a/charts/apps/katib/vanilla/templates/ClusterRole/katib-ui-ClusterRole.yaml b/charts/apps/katib/vanilla/templates/ClusterRole/katib-ui-ClusterRole.yaml index 0a1c8f8e69..25c3327ae1 100644 --- a/charts/apps/katib/vanilla/templates/ClusterRole/katib-ui-ClusterRole.yaml +++ b/charts/apps/katib/vanilla/templates/ClusterRole/katib-ui-ClusterRole.yaml @@ -18,3 +18,21 @@ rules: - suggestions verbs: - '*' +- apiGroups: + - '' + resources: + - pods + verbs: + - list +- apiGroups: + - '' + resources: + - pods/log + verbs: + - get +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/charts/apps/katib/vanilla/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml b/charts/apps/katib/vanilla/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml index bdcec0d608..f3ebd0acaa 100644 --- a/charts/apps/katib/vanilla/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml +++ b/charts/apps/katib/vanilla/templates/ClusterRole/kubeflow-katib-edit-ClusterRole.yaml @@ -21,3 +21,15 @@ rules: - deletecollection - patch - update +- apiGroups: + - '' + resources: + - pods + verbs: + - list +- apiGroups: + - '' + resources: + - pods/log + verbs: + - get diff --git a/charts/apps/katib/vanilla/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml b/charts/apps/katib/vanilla/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml index 826bb5c5e1..9ddf97b61a 100644 --- a/charts/apps/katib/vanilla/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml +++ b/charts/apps/katib/vanilla/templates/ConfigMap/katib-config-kubeflow-ConfigMap.yaml @@ -3,19 +3,19 @@ data: early-stopping: |- { "medianstop": { - "image": "docker.io/kubeflowkatib/earlystopping-medianstop:v0.14.0" + "image": "docker.io/kubeflowkatib/earlystopping-medianstop:v0.15.0-rc.1" } } metrics-collector-sidecar: |- { "StdOut": { - "image": "docker.io/kubeflowkatib/file-metrics-collector:v0.14.0" + "image": "docker.io/kubeflowkatib/file-metrics-collector:v0.15.0-rc.1" }, "File": { - "image": "docker.io/kubeflowkatib/file-metrics-collector:v0.14.0" + "image": "docker.io/kubeflowkatib/file-metrics-collector:v0.15.0-rc.1" }, "TensorFlowEvent": { - "image": "docker.io/kubeflowkatib/tfevent-metrics-collector:v0.14.0", + "image": "docker.io/kubeflowkatib/tfevent-metrics-collector:v0.15.0-rc.1", "resources": { "limits": { "memory": "1Gi" @@ -26,31 +26,31 @@ data: suggestion: |- { "random": { - "image": "docker.io/kubeflowkatib/suggestion-hyperopt:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-hyperopt:v0.15.0-rc.1" }, "tpe": { - "image": "docker.io/kubeflowkatib/suggestion-hyperopt:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-hyperopt:v0.15.0-rc.1" }, "grid": { - "image": "docker.io/kubeflowkatib/suggestion-chocolate:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-optuna:v0.15.0-rc.1" }, "hyperband": { - "image": "docker.io/kubeflowkatib/suggestion-hyperband:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-hyperband:v0.15.0-rc.1" }, "bayesianoptimization": { - "image": "docker.io/kubeflowkatib/suggestion-skopt:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-skopt:v0.15.0-rc.1" }, "cmaes": { - "image": "docker.io/kubeflowkatib/suggestion-goptuna:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-goptuna:v0.15.0-rc.1" }, "sobol": { - "image": "docker.io/kubeflowkatib/suggestion-goptuna:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-goptuna:v0.15.0-rc.1" }, "multivariate-tpe": { - "image": "docker.io/kubeflowkatib/suggestion-optuna:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-optuna:v0.15.0-rc.1" }, "enas": { - "image": "docker.io/kubeflowkatib/suggestion-enas:v0.14.0", + "image": "docker.io/kubeflowkatib/suggestion-enas:v0.15.0-rc.1", "resources": { "limits": { "memory": "200Mi" @@ -58,10 +58,10 @@ data: } }, "darts": { - "image": "docker.io/kubeflowkatib/suggestion-darts:v0.14.0" + "image": "docker.io/kubeflowkatib/suggestion-darts:v0.15.0-rc.1" }, "pbt": { - "image": "docker.io/kubeflowkatib/suggestion-pbt:v0.14.0", + "image": "docker.io/kubeflowkatib/suggestion-pbt:v0.15.0-rc.1", "persistentVolumeClaimSpec": { "accessModes": [ "ReadWriteMany" diff --git a/charts/apps/katib/vanilla/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml b/charts/apps/katib/vanilla/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml index e1b1ad69a7..cdc95fbba9 100644 --- a/charts/apps/katib/vanilla/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml +++ b/charts/apps/katib/vanilla/templates/ConfigMap/trial-templates-kubeflow-ConfigMap.yaml @@ -8,7 +8,7 @@ data: spec: containers: - name: training-container - image: docker.io/kubeflowkatib/mxnet-mnist:v0.14.0 + image: docker.io/kubeflowkatib/mxnet-mnist:v0.15.0-rc.1 command: - "python3" - "/opt/mxnet-mnist/mnist.py" @@ -25,7 +25,7 @@ data: spec: containers: - name: training-container - image: docker.io/kubeflowkatib/enas-cnn-cifar10-cpu:v0.14.0 + image: docker.io/kubeflowkatib/enas-cnn-cifar10-cpu:v0.15.0-rc.1 command: - python3 - -u @@ -46,7 +46,7 @@ data: spec: containers: - name: pytorch - image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.14.0 + image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.15.0-rc.1 command: - "python3" - "/opt/pytorch-mnist/mnist.py" @@ -60,7 +60,7 @@ data: spec: containers: - name: pytorch - image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.14.0 + image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.15.0-rc.1 command: - "python3" - "/opt/pytorch-mnist/mnist.py" diff --git a/charts/apps/katib/vanilla/templates/Deployment/katib-controller-kubeflow-Deployment.yaml b/charts/apps/katib/vanilla/templates/Deployment/katib-controller-kubeflow-Deployment.yaml index 6ec1a0b3a5..55384b73fd 100644 --- a/charts/apps/katib/vanilla/templates/Deployment/katib-controller-kubeflow-Deployment.yaml +++ b/charts/apps/katib/vanilla/templates/Deployment/katib-controller-kubeflow-Deployment.yaml @@ -35,7 +35,11 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: docker.io/kubeflowkatib/katib-controller:v0.14.0 + image: docker.io/kubeflowkatib/katib-controller:v0.15.0-rc.1 + livenessProbe: + httpGet: + path: /healthz + port: healthz name: katib-controller ports: - containerPort: 8443 @@ -44,6 +48,13 @@ spec: - containerPort: 8080 name: metrics protocol: TCP + - containerPort: 18080 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz volumeMounts: - mountPath: /tmp/cert name: cert diff --git a/charts/apps/katib/vanilla/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml b/charts/apps/katib/vanilla/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml index 48cc76cfe1..1366e721b3 100644 --- a/charts/apps/katib/vanilla/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml +++ b/charts/apps/katib/vanilla/templates/Deployment/katib-db-manager-kubeflow-Deployment.yaml @@ -28,7 +28,7 @@ spec: secretKeyRef: key: MYSQL_ROOT_PASSWORD name: katib-mysql-secrets - image: docker.io/kubeflowkatib/katib-db-manager:v0.14.0 + image: docker.io/kubeflowkatib/katib-db-manager:v0.15.0-rc.1 livenessProbe: exec: command: diff --git a/charts/apps/katib/vanilla/templates/Deployment/katib-ui-kubeflow-Deployment.yaml b/charts/apps/katib/vanilla/templates/Deployment/katib-ui-kubeflow-Deployment.yaml index 17352e7592..289df08a0d 100644 --- a/charts/apps/katib/vanilla/templates/Deployment/katib-ui-kubeflow-Deployment.yaml +++ b/charts/apps/katib/vanilla/templates/Deployment/katib-ui-kubeflow-Deployment.yaml @@ -13,7 +13,7 @@ spec: template: metadata: annotations: - sidecar.istio.io/inject: 'false' + sidecar.istio.io/inject: 'true' labels: katib.kubeflow.org/component: ui spec: @@ -27,7 +27,9 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: docker.io/kubeflowkatib/katib-ui:v0.14.0 + - name: APP_DISABLE_AUTH + value: 'false' + image: docker.io/kubeflowkatib/katib-ui:v0.15.0-rc.1 name: katib-ui ports: - containerPort: 8080 diff --git a/charts/apps/katib/vanilla/templates/Service/katib-controller-kubeflow-Service.yaml b/charts/apps/katib/vanilla/templates/Service/katib-controller-kubeflow-Service.yaml index 2c188fa175..00c1064f6b 100644 --- a/charts/apps/katib/vanilla/templates/Service/katib-controller-kubeflow-Service.yaml +++ b/charts/apps/katib/vanilla/templates/Service/katib-controller-kubeflow-Service.yaml @@ -18,5 +18,8 @@ spec: - name: metrics port: 8080 targetPort: 8080 + - name: healthz + port: 18080 + targetPort: 18080 selector: katib.kubeflow.org/component: controller diff --git a/tools/helmify/src/config.yaml b/tools/helmify/src/config.yaml index dd4d628c0e..07381fc881 100644 --- a/tools/helmify/src/config.yaml +++ b/tools/helmify/src/config.yaml @@ -34,14 +34,14 @@ katib: kustomization_paths: - upstream/apps/katib/upstream/installs/katib-with-kubeflow output_helm_chart_path: charts/apps/katib/vanilla - version: 0.1.0 - app_version: v0.14.0-rc.0 + version: 0.2.0 + app_version: v0.15.0 katib-external-db-with-kubeflow: kustomization_paths: - awsconfigs/apps/katib-external-db-with-kubeflow output_helm_chart_path: charts/apps/katib/katib-external-db-with-kubeflow - version: 0.1.0 - app_version: v0.14.0-rc.0 + version: 0.2.0 + app_version: v0.15.0 istio: