-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathworkspace-kind.yaml
429 lines (374 loc) · 14.9 KB
/
workspace-kind.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
apiVersion: kubeflow.org/v1beta1
kind: WorkspaceKind
metadata:
name: jupyterlab
spec:
## ================================================================
## SPAWNER CONFIGS
## - how the WorkspaceKind is displayed in the Workspace Spawner UI
## ================================================================
spawner:
## the display name of the WorkspaceKind
displayName: "JupyterLab Notebook"
## the description of the WorkspaceKind
description: "A Workspace which runs JupyterLab in a Pod"
## if this WorkspaceKind should be hidden from the Workspace Spawner UI
hidden: false
## if this WorkspaceKind is deprecated
deprecated: false
## a message to show in Workspace Spawner UI when the WorkspaceKind is deprecated
deprecationMessage: "This WorkspaceKind will be removed on 20XX-XX-XX, please use another WorkspaceKind."
## the icon of the WorkspaceKind
## - a small (favicon-sized) icon used in the Workspace Spawner UI
##
icon:
url: "https://jupyter.org/assets/favicons/apple-touch-icon-152x152.png"
#configMap:
# name: "my-logos"
# key: "apple-touch-icon-152x152.png"
## the logo of the WorkspaceKind
## - a 1:1 (card size) logo used in the Workspace Spawner UI
##
logo:
url: "https://upload.wikimedia.org/wikipedia/commons/3/38/Jupyter_logo.svg"
#configMap:
# name: "my-logos"
# key: "Jupyter_logo.svg"
## ================================================================
## DEFINITION CONFIGS
## - currently the only supported type is `podTemplate`
## - in the future, there will be MORE types like `virtualMachine`
## to run the Workspace on systems like KubeVirt/EC2 rather than in a Pod
## ================================================================
podTemplate:
## metadata for Workspace Pods (MUTABLE)
##
podMetadata:
labels:
my-workspace-kind-label: "my-value"
annotations:
my-workspace-kind-annotation: "my-value"
## service account configs for Workspace Pods
##
serviceAccount:
## the name of the ServiceAccount (NOT MUTABLE)
## - this Service Account MUST already exist in the Namespace
## of the Workspace, the controller will NOT create it
## - we will not show this WorkspaceKind in the Spawner UI
## if the SA does not exist in the Namespace
##
name: "default-editor"
## activity culling configs (MUTABLE)
## - for pausing inactive Workspaces
##
culling:
## if the culling feature is enabled
##
enabled: true
## the maximum number of seconds a Workspace can be inactive
##
maxInactiveSeconds: 86400
## the probe used to determine if the Workspace is active
##
activityProbe:
## OPTION 1: a shell command probe
## - if the Workspace had activity in the last 60 seconds this command
## should return status 0, otherwise it should return status 1
##
#exec:
# command:
# - "bash"
# - "-c"
# - "exit 0"
## OPTION 2: a Jupyter-specific probe
## - will poll the `/api/status` endpoint of the Jupyter API, and use the `last_activity` field
## https://github.com/jupyter-server/jupyter_server/blob/v2.13.0/jupyter_server/services/api/handlers.py#L62-L67
## - note, users need to be careful that their other probes don't trigger a "last_activity" update
## e.g. they should only check the health of Jupyter using the `/api/status` endpoint
##
jupyter:
lastActivity: true
## standard probes to determine Container health (MUTABLE)
## - spec for Probe:
## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#probe-v1-core
##
probes:
startupProbe: {}
livenessProbe: {}
readinessProbe: {}
## volume mount paths
##
volumeMounts:
## the path to mount the home PVC (NOT MUTABLE)
##
home: "/home/jovyan"
## http proxy configs (MUTABLE)
##
httpProxy:
## if the path prefix is stripped from incoming HTTP requests
## - if true, the '/workspace/{profile_name}/{workspace_name}/' path prefix
## is stripped from incoming requests, the application sees the request
## as if it was made to '/...'
## - this only works if the application serves RELATIVE URLs for its assets
##
removePathPrefix: false
## header manipulation rules for incoming HTTP requests
## - sets the `spec.http[].headers.request` of the Istio VirtualService
## https://istio.io/latest/docs/reference/config/networking/virtual-service/#Headers-HeaderOperations
## - the following string templates are available:
## - `.PathPrefix`: the path prefix of the Workspace (e.g. '/workspace/{profile_name}/{workspace_name}/')
##
requestHeaders: {}
#set: { "X-RStudio-Root-Path": "{{ .PathPrefix }}" } # for RStudio
#add: {}
#remove: []
## environment variables for Workspace Pods (MUTABLE)
## - spec for EnvVar:
## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#envvar-v1-core
## - the following go template functions are available:
## - `httpPathPrefix(portId string)`: returns the HTTP path prefix of the specified port
##
extraEnv:
## to enable backwards compatibility with old Jupyter images from Kubeflow Notebooks V1
## https://github.com/kubeflow/kubeflow/blob/v1.8.0/components/example-notebook-servers/jupyter/s6/services.d/jupyterlab/run#L12
- name: "NB_PREFIX"
value: |-
{{ httpPathPrefix "juptyerlab" }}
## extra volume mounts for Workspace Pods (MUTABLE)
## - spec for VolumeMount:
## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volumemount-v1-core
##
extraVolumeMounts:
## frameworks like PyTorch use shared memory for inter-process communication and expect a tmpfs at /dev/shm
## https://en.wikipedia.org/wiki/Shared_memory
- name: "dshm"
mountPath: "/dev/shm"
## extra volumes for Workspace Pods (MUTABLE)
## - spec for Volume:
## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volume-v1-core
##
extraVolumes:
- name: "dshm"
emptyDir:
medium: "Memory"
## security context for Workspace Pods (MUTABLE)
## - spec for PodSecurityContext:
## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podsecuritycontext-v1-core
##
securityContext:
fsGroup: 100
## container SecurityContext for Workspace Pods (MUTABLE)
## - spec for SecurityContext:
## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#securitycontext-v1-core
##
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsNonRoot: true
## ==============================================================
## WORKSPACE OPTIONS
## - options are the user-selectable fields,
## they determine the PodSpec of the Workspace
## ==============================================================
options:
##
## About the `values` fields:
## - the `values` field is a list of options that the user can select
## - elements of `values` can NOT be removed, only HIDDEN or REDIRECTED
## - this prevents options being removed that are still in use by existing Workspaces
## - this limitation may be removed in the future
## - options may be "hidden" by setting `spawner.hidden` to `true`
## - hidden options are NOT selectable in the Spawner UI
## - hidden options are still available to the controller and manually created Workspace resources
## - options may be "redirected" by setting `redirect.to` to another option:
## - redirected options are NOT shown in the Spawner UI
## - redirected options are like an HTTP 302 redirect, the controller will use the target option
## without actually changing the `spec.podTemplate.options` field of the Workspace
## - the Spawner UI will warn users about Workspaces with pending restarts
##
## ============================================================
## IMAGE CONFIG OPTIONS
## - SETS: image, imagePullPolicy, ports
## ============================================================
imageConfig:
## spawner ui configs
##
spawner:
## the id of the default option
## - this will be selected by default in the spawner ui
##
default: "jupyterlab_scipy_190"
## the list of image configs that are available
##
values:
## ================================
## EXAMPLE 1: a hidden option
## ================================
- id: "jupyterlab_scipy_180"
spawner:
displayName: "jupyter-scipy:v1.8.0"
description: "JupyterLab, with SciPy Packages"
labels:
- key: "python_version"
value: "3.11"
hidden: true
redirect:
to: "jupyterlab_scipy_190"
message:
level: "Info" # "Info" | "Warning" | "Danger"
text: "This update will change..."
spec:
## the container image to use
##
image: "docker.io/kubeflownotebookswg/jupyter-scipy:v1.8.0"
## the pull policy for the container image
## - default: "IfNotPresent"
##
imagePullPolicy: "IfNotPresent"
## ports that the container listens on
## - currently, only HTTP is supported for `protocol`
## - currently, all ports use the same `httpProxy` settings
## - if multiple ports are defined, the user will see multiple "Connect" buttons
## in a dropdown menu on the Workspace overview page
##
ports:
- id: "jupyterlab"
displayName: "JupyterLab"
port: 8888
protocol: "HTTP"
## ================================
## EXAMPLE 2: a visible option
## ================================
- id: "jupyterlab_scipy_190"
spawner:
displayName: "jupyter-scipy:v1.9.0"
description: "JupyterLab, with SciPy Packages"
labels:
- key: "python_version"
value: "3.11"
spec:
image: "docker.io/kubeflownotebookswg/jupyter-scipy:v1.9.0"
imagePullPolicy: "IfNotPresent"
ports:
- id: "jupyterlab"
displayName: "JupyterLab"
port: 8888
protocol: "HTTP"
## ============================================================
## POD CONFIG OPTIONS
## - SETS: affinity, nodeSelector, tolerations, resources
## ============================================================
podConfig:
## spawner ui configs
##
spawner:
## the id of the default option
## - this will be selected by default in the spawner ui
##
default: "tiny_cpu"
## the list of pod configs that are available
##
values:
## ================================
## EXAMPLE 1: a tiny CPU pod
## ================================
- id: "tiny_cpu"
spawner:
displayName: "Tiny CPU"
description: "Pod with 0.1 CPU, 128 Mb RAM"
labels:
- key: "cpu"
value: "100m"
- key: "memory"
value: "128Mi"
spec:
resources:
requests:
cpu: 100m
memory: 128Mi
## ================================
## EXAMPLE 2: a small CPU pod
## ================================
- id: "small_cpu"
spawner:
displayName: "Small CPU"
description: "Pod with 1 CPU, 2 GB RAM"
labels:
- key: "cpu"
value: "1000m"
- key: "memory"
value: "2Gi"
hidden: false
spec:
## affinity configs for the pod
## - https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core
##
affinity: {}
## node selector configs for the pod
## - https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector
##
nodeSelector: {}
## toleration configs for the pod
## - https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core
##
tolerations: []
## resource configs for the "main" container in the pod
## - https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#resourcerequirements-v1-core
##
resources:
requests:
cpu: 1000m
memory: 2Gi
## ================================
## EXAMPLE 3: a big GPU pod
## ================================
- id: "big_gpu"
spawner:
displayName: "Big GPU"
description: "Pod with 4 CPU, 16 GB RAM, and 1 GPU"
labels:
- key: "cpu"
value: "4000m"
- key: "memory"
value: "16Gi"
- key: "gpu"
value: "1"
hidden: false
spec:
affinity: {}
nodeSelector: {}
tolerations:
- key: "nvidia.com/gpu"
operator: "Exists"
effect: "NoSchedule"
resources:
requests:
cpu: 4000m
memory: 16Gi
limits:
nvidia.com/gpu: 1
## ================================================================
## status (managed by controller)
## ================================================================
status:
## the number of Workspaces that are using this WorkspaceKind
workspaces: 1
## metrics for podTemplate options
##
podTemplateOptions:
## metrics about the imageConfig options
imageConfig:
- id: "jupyterlab_scipy_180"
workspaces: 1
- id: "jupyterlab_scipy_190"
workspaces: 0
## metrics about the podConfig options
podConfig:
- id: "tiny_cpu"
workspaces: 1
- id: "small_cpu"
workspaces: 0
- id: "big_gpu"
workspaces: 0