Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UPSTREAM: <carry>: add ns scoped s3 support. #4

Merged
merged 1 commit into from
Jan 19, 2024
Merged

UPSTREAM: <carry>: add ns scoped s3 support. #4

merged 1 commit into from
Jan 19, 2024

Conversation

HumairAK
Copy link

@HumairAK HumairAK commented Jan 19, 2024
edited
Loading

Resolve RHOAIENG-1707 from dsp side

Description of your changes:

Adds the ability to specify pipeline root based on prefix within a namespace. This pr allows users to:

  1. provide different credentials for different paths
  2. configure non aws s3 compatible artifact stores
  3. allow tls configuration for artifact store connection
  4. adds a new custom property to mlmd bucket_session_info, this is added by the root driver container, so we read the kfp-launcher configmap once per pipeline

I would have preferred to organize this very differently but as this is a carried patch I've tried to minimize code deletions to make it easy to merge in upstream changes and minimize conflicts.

Testing changes

Deploy a kfp-launcher configmap that points to your minio/s3/etc:

kfp-launcher-configmap.yaml 
apiVersion: v1
data:
  defaultPipelineRoot: s3://my-bucket/v2/artifacts/path/1
  providers: |-
    s3:
      # if non us-east-1, region is required
      endpoint: https://s3.us-east-2.amazonaws.com 
      region: us-east-2
      defaultProviderSecretRef:
        secretName: "secret-1"
        accessKeyKey: "access_key_1"
        secretKeyKey: "secret_key_1"
    minio:
      endpoint: http://minio-dspa.apps.hukhan-3.dev.datahub.redhat.com
      region: minio
      defaultProviderSecretRef:
        secretName: "secret-2"
        accessKeyKey: "access_key_2"
        secretKeyKey: "secret_key_2"
      authConfigs:
        - bucketName: "my-bucket"
          keyPrefix: "v2/artifacts/path/1/"
          secretRef:
            secretName: "secret-3"
            accessKeyKey: "access_key_3"
            secretKeyKey: "secret_key_3"
        - bucketName: "my-bucket"
          keyPrefix: "v2/artifacts/path/2/"
          secretRef:
            secretName: "secret-4"
            accessKeyKey: "access_key_4"
            secretKeyKey: "secret_key_4"
kind: ConfigMap
metadata:
  name: kfp-launcher
  namespace: dspa

Then deploy a dspa in a non kubeflow namespace:

dspa.yaml 
apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1
kind: DataSciencePipelinesApplication
metadata:
  name: sample
spec:
  dspVersion: v2
  apiServer:
    deploy: true
    image: quay.io/hukhan/ds-pipelines-api-server:pr-4
    argoLauncherImage: quay.io/hukhan/kfp-launcher:pr-4
    argoDriverImage: quay.io/hukhan/kfp-driver:pr-4
  persistenceAgent:
    deploy: true
    image: gcr.io/ml-pipeline/persistenceagent:2.0.2
  scheduledWorkflow:
    deploy: true
    image: gcr.io/ml-pipeline/scheduledworkflow:2.0.2
  mlmd:
    deploy: true
    grpc:
      image: gcr.io/tfx-oss-public/ml_metadata_store_server:1.14.0
    envoy:
      image: gcr.io/ml-pipeline/metadata-envoy:2.0.2
  database:
    disableHealthCheck: true
    mariaDB:
      deploy: true
  objectStorage:
    minio:
      deploy: true
      image: 'quay.io/opendatahub/minio:RELEASE.2019-08-14T20-37-41Z-license-compliance'
  mlpipelineUI:
    image: gcr.io/ml-pipeline/frontend:2.0.2
  workflowController:
    deploy: true
    image: gcr.io/ml-pipeline/workflow-controller:v3.3.10-license-compliance

@HumairAK
UPSTREAM: <carry>: add ns scoped s3 support.
58ecf2d 
Signed-off-by: Humair Khan <HumairAK@users.noreply.github.com>
@HumairAK
Copy link
Author

Note this follows option 2 as described here, with the addition of some new fields to specify different s3 providers.

@openshift-ci openshift-ci bot added the lgtm label Jan 19, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jan 19, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hbelmiro, HumairAK

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@hbelmiro
Copy link

/lgtm

@openshift-merge-bot openshift-merge-bot bot merged commit 4e9b4e6 into opendatahub-io:master Jan 19, 2024
1 check passed
@HumairAK HumairAK mentioned this pull request Jan 19, 2024
Merged
@HumairAK HumairAK mentioned this pull request Mar 13, 2024
Merged
@thesuperzapper thesuperzapper mentioned this pull request Mar 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hbelmiro hbelmiro hbelmiro approved these changes

@amadhusu amadhusu Awaiting requested review from amadhusu

@gregsheremeta gregsheremeta Awaiting requested review from gregsheremeta

Assignees

@hbelmiro hbelmiro

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@HumairAK @hbelmiro