From 571fb37ed87e8dd2ada08cd140920559fad522a4 Mon Sep 17 00:00:00 2001 From: Justin Brooks Date: Mon, 22 Apr 2024 12:06:30 -0400 Subject: [PATCH 1/4] Use a nginx as an option --- charts/operator-wandb/templates/ingress.yaml | 3 +- charts/operator-wandb/templates/nginx.yaml | 49 ++++++++++++++++++++ charts/operator-wandb/values.yaml | 2 +- 3 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 charts/operator-wandb/templates/nginx.yaml diff --git a/charts/operator-wandb/templates/ingress.yaml b/charts/operator-wandb/templates/ingress.yaml index b204845f..0b156782 100644 --- a/charts/operator-wandb/templates/ingress.yaml +++ b/charts/operator-wandb/templates/ingress.yaml @@ -20,7 +20,8 @@ spec: ingress: class: {{ .Values.ingress.class }} {{- end }} -{{- if .Values.ingress.install }} + +{{- if eq .Values.ingress.use "native" }} --- apiVersion: networking.k8s.io/v1 kind: Ingress diff --git a/charts/operator-wandb/templates/nginx.yaml b/charts/operator-wandb/templates/nginx.yaml new file mode 100644 index 00000000..e4bda38e --- /dev/null +++ b/charts/operator-wandb/templates/nginx.yaml @@ -0,0 +1,49 @@ +{{- if eq .Values.ingress.use "nginx" }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-nginx + annotations: + {{- include "wandb.deploymentAnnotations" $ | nindent 4 }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} +spec: + type: LoadBalancer + selector: + matchLabels: + {{- include "wandb.selectorLabels" $ | nindent 6 }} + ports: + - protocol: TCP + port: 80 + targetPort: 80 +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-nginx +data: + nginx.conf: | + user nginx; + worker_processes auto; + error_log /var/log/nginx/error.log; + pid /var/run/nginx.pid; + + events { + worker_connections 1024; + } + + http { + server { + listen 80; + + location / { + proxy_pass http://{{ .Release.Name }}-app; + } + + location /console { + proxy_pass http://{{ .Release.Name }}-console; + } + } + } +{{- end }} \ No newline at end of file diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 91d73a88..04d3905a 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -103,7 +103,7 @@ global: runUpdatesShadowTopic: "" ingress: - install: true + use: "native" nameOverride: "" defaultBackend: "app" annotations: {} From 257ac105680b43dc7257a9e41b664e258fe615e9 Mon Sep 17 00:00:00 2001 From: Justin Brooks Date: Mon, 22 Apr 2024 12:26:33 -0400 Subject: [PATCH 2/4] add deployment --- charts/operator-wandb/templates/ingress.yaml | 1 - charts/operator-wandb/templates/nginx.yaml | 51 +++++++++++++++++++- 2 files changed, 49 insertions(+), 3 deletions(-) diff --git a/charts/operator-wandb/templates/ingress.yaml b/charts/operator-wandb/templates/ingress.yaml index 0b156782..f502b60c 100644 --- a/charts/operator-wandb/templates/ingress.yaml +++ b/charts/operator-wandb/templates/ingress.yaml @@ -3,7 +3,6 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: {{ .Release.Name }}-issuer - namespace: {{ .Release.Namespace }} labels: {{- include "wandb.commonLabels" . | nindent 4 }} spec: diff --git a/charts/operator-wandb/templates/nginx.yaml b/charts/operator-wandb/templates/nginx.yaml index e4bda38e..1f2d8c89 100644 --- a/charts/operator-wandb/templates/nginx.yaml +++ b/charts/operator-wandb/templates/nginx.yaml @@ -4,8 +4,6 @@ apiVersion: v1 kind: Service metadata: name: {{ .Release.Name }}-nginx - annotations: - {{- include "wandb.deploymentAnnotations" $ | nindent 4 }} labels: {{- include "wandb.commonLabels" . | nindent 4 }} spec: @@ -13,6 +11,7 @@ spec: selector: matchLabels: {{- include "wandb.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: nginx ports: - protocol: TCP port: 80 @@ -22,6 +21,8 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ .Release.Name }}-nginx + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} data: nginx.conf: | user nginx; @@ -46,4 +47,50 @@ data: } } } +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-nginx + annotations: + {{- include "wandb.deploymentAnnotations" $ | nindent 4 }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "wandb.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: nginx + template: + metadata: + annotations: + {{- include "wandb.deploymentAnnotations" $ | nindent 4 }} + checksum/config: {{ include (print $.Template.BasePath "/nginx.yaml") . | sha256sum }} + labels: + {{- include "wandb.podLabels" . | nindent 8 }} + spec: + {{- if .tolerations }} + tolerations: + {{- toYaml .tolerations | nindent 8 }} + {{- end }} + {{- include "wandb.nodeSelector" . | nindent 6 }} + {{- include "wandb.priorityClassName" . | nindent 6 }} + {{- include "wandb.podSecurityContext" .Values.pod.securityContext | nindent 6 }} + terminationGracePeriodSeconds: 60 + containers: + - name: nginx + image: nginx:latest + ports: + - containerPort: 80 + volumeMounts: + - name: config-volume + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + + volumes: + - name: config-volume + configMap: + name: nginx-config + {{- end }} \ No newline at end of file From 1c3f6560fe608b837a31159a394415c0efb7ab07 Mon Sep 17 00:00:00 2001 From: Justin Brooks Date: Mon, 22 Apr 2024 12:43:45 -0400 Subject: [PATCH 3/4] move into subchart --- charts/operator-wandb/Chart.yaml | 4 + .../operator-wandb/charts/nginx/.helmignore | 23 ++++ charts/operator-wandb/charts/nginx/Chart.yaml | 15 ++ charts/operator-wandb/charts/nginx/README.md | 87 ++++++++++++ .../charts/nginx/templates/_helpers.tpl | 129 ++++++++++++++++++ .../charts/nginx/templates/configmap.yaml | 39 ++++++ .../charts/nginx/templates/deployment.yaml | 69 ++++++++++ .../charts/nginx/templates/hpa.yaml | 23 ++++ .../charts/nginx/templates/role.yaml | 23 ++++ .../charts/nginx/templates/rolebinding.yaml | 23 ++++ .../charts/nginx/templates/service.yaml | 23 ++++ .../nginx/templates/serviceaccount.yaml | 16 +++ .../operator-wandb/charts/nginx/values.yaml | 56 ++++++++ charts/operator-wandb/templates/nginx.yaml | 96 ------------- charts/operator-wandb/values.yaml | 6 + 15 files changed, 536 insertions(+), 96 deletions(-) create mode 100644 charts/operator-wandb/charts/nginx/.helmignore create mode 100644 charts/operator-wandb/charts/nginx/Chart.yaml create mode 100644 charts/operator-wandb/charts/nginx/README.md create mode 100644 charts/operator-wandb/charts/nginx/templates/_helpers.tpl create mode 100644 charts/operator-wandb/charts/nginx/templates/configmap.yaml create mode 100644 charts/operator-wandb/charts/nginx/templates/deployment.yaml create mode 100644 charts/operator-wandb/charts/nginx/templates/hpa.yaml create mode 100644 charts/operator-wandb/charts/nginx/templates/role.yaml create mode 100644 charts/operator-wandb/charts/nginx/templates/rolebinding.yaml create mode 100644 charts/operator-wandb/charts/nginx/templates/service.yaml create mode 100644 charts/operator-wandb/charts/nginx/templates/serviceaccount.yaml create mode 100644 charts/operator-wandb/charts/nginx/values.yaml delete mode 100644 charts/operator-wandb/templates/nginx.yaml diff --git a/charts/operator-wandb/Chart.yaml b/charts/operator-wandb/Chart.yaml index 1c8f5a36..6c24ae9a 100644 --- a/charts/operator-wandb/Chart.yaml +++ b/charts/operator-wandb/Chart.yaml @@ -52,3 +52,7 @@ dependencies: version: "*.*.*" repository: file://charts/flat-run-fields-updater condition: flat-run-fields-updater.install + - name: nginx + version: "*.*.*" + repository: file://charts/nginx + condition: nginx.install diff --git a/charts/operator-wandb/charts/nginx/.helmignore b/charts/operator-wandb/charts/nginx/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/operator-wandb/charts/nginx/Chart.yaml b/charts/operator-wandb/charts/nginx/Chart.yaml new file mode 100644 index 00000000..e2091640 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: app +type: application +description: A Helm chart for Kubernetes + +version: 0.1.0 +appVersion: "0.33.0" + +home: https://wandb.ai +icon: https://wandb.ai/logo.svg + +maintainers: + - name: wandb + email: support@wandb.com + url: https://wandb.com diff --git a/charts/operator-wandb/charts/nginx/README.md b/charts/operator-wandb/charts/nginx/README.md new file mode 100644 index 00000000..df63bb6b --- /dev/null +++ b/charts/operator-wandb/charts/nginx/README.md @@ -0,0 +1,87 @@ +# Local + +- [Local](#local) + - [Requirements](#requirements) + - [Configuration](#configuration) + - [Globals](#globals) + - [Options](#options) + - [Chart configuration examples](#chart-configuration-examples) + - [extraEnv](#extraenv) + - [extraEnvFrom](#extraenvfrom) + - [extraEnvFrom](#extraenvfrom-1) + +## Requirements + +This chart depends on Redis, Bucket and MySQL services, either as part of the +complete W&B Server chart or provided as external services reachable from the +Kubernetes cluster this chart is deployed onto. + +## Configuration + +### Globals + +### Options + +| Parameter | Default | Description | +| ------------------- | ------------- | -------------------------------------------------------------------------------------------------- | +| `enabled` | `true` | Server enable flag | +| `priorityClassName` | `""` | Allow configuring pods priorityClassName, this is used to control pod priority in case of eviction | +| `common.labels` | | Supplemental labels that are applied to all objects created by this chart. | +| `podLabels` | | Supplemental Pod labels. Will not be used for selectors. | +| `extraEnv` | | List of extra environment variables to expose | +| `extraEnvFrom` | | List of extra environment variables from other data sources to expose | +| `image.pullPolicy` | `Always` | Server image pull policy | +| `image.pullSecrets` | | Secrets for the image repository | +| `image.repository` | `wandb/local` | Server image repository | +| `image.tag` | | Server image tag | +| `tolerations` | `[]` | Toleration labels for pod assignment | + +### Chart configuration examples + +#### extraEnv + +#### extraEnvFrom + +`extraEnv` allows you to expose additional environment variables in all +containers in the pods. + +```yaml +extraEnv: + SOME_KEY: some_value + SOME_OTHER_KEY: some_other_value +``` + +When the container is started, you can confirm that the environment variables +are exposed: + +Below is an example use of extraEnv: + +```bash +env | grep SOME +SOME_KEY=some_value +SOME_OTHER_KEY=some_other_value +``` + +#### extraEnvFrom + +`extraEnvFrom` allows you to expose additional environment variables from other +data sources in all containers in the pods. Subsequent variables can be +overridden per deployment. + +Below is an example use of `extraEnvFrom`: + +```yaml +extraEnvFrom: + MY_NODE_NAME: + fieldRef: + fieldPath: spec.nodeName + MY_CPU_REQUEST: + resourceFieldRef: + containerName: test-container + resource: requests.cpu + SECRET_THING: + secretKeyRef: + name: special-secret + key: special_token + # optional: boolean +``` diff --git a/charts/operator-wandb/charts/nginx/templates/_helpers.tpl b/charts/operator-wandb/charts/nginx/templates/_helpers.tpl new file mode 100644 index 00000000..1249fae5 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/_helpers.tpl @@ -0,0 +1,129 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "nginx.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified nginx name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "nginx.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "nginx.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "nginx.labels" -}} +helm.sh/chart: {{ include "nginx.chart" . }} +{{ include "nginx.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +wandb.com/app-name: {{ include "nginx.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "nginx.selectorLabels" -}} +app.kubernetes.io/name: {{ include "nginx.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "nginx.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "nginx.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Returns the extraEnv keys and values to inject into containers. + +Global values will override any chart-specific values. +*/}} +{{- define "nginx.extraEnv" -}} +{{- $allExtraEnv := merge (default (dict) .local.extraEnv) .global.extraEnv -}} +{{- range $key, $value := $allExtraEnv }} +- name: {{ $key }} + value: {{ $value | quote }} +{{- end -}} +{{- end -}} + +{{/* +Returns a list of _common_ labels to be shared across all +app deployments and other shared objects. +*/}} +{{- define "nginx.commonLabels" -}} +{{- $commonLabels := default (dict) .Values.common.labels -}} +{{- if $commonLabels }} +{{- range $key, $value := $commonLabels }} +{{ $key }}: {{ $value | quote }} +{{- end }} +{{- end -}} +{{- end -}} + +{{/* +Returns a list of _pod_ labels to be shared across all +nginx deployments. +*/}} +{{- define "nginx.podLabels" -}} +{{- range $key, $value := .Values.pod.labels }} +{{ $key }}: {{ $value | quote }} +{{- end }} +{{- end -}} + +{{- define "nginx.redis" -}} +{{- $cs := include "wandb.redis.connectionString" . }} +{{- $ca := include "wandb.redis.caCert" . }} +{{- if $ca }} +{{- printf "%s?tls=true&caCertPath=/etc/ssl/certs/redis_ca.pem&ttlInSeconds=604800" $cs -}} +{{- else }} +{{- print $cs -}} +{{- end }} +{{- end }} + +{{- define "nginx.bucket" -}} +{{- $bucket := "" -}} +{{- if eq .Values.global.bucket.provider "az" -}} +{{- $bucket = printf "az://%s/%s" .Values.global.bucket.name .Values.global.bucket.path -}} +{{- end -}} +{{- if eq .Values.global.bucket.provider "gcs" -}} +{{- $bucket = printf "gs://%s" .Values.global.bucket.name -}} +{{- end -}} +{{- if eq .Values.global.bucket.provider "s3" -}} +{{- if and .Values.global.bucket.accessKey .Values.global.bucket.secretKey -}} +{{- $bucket = printf "s3://%s:%s@%s/%s" .Values.global.bucket.accessKey .Values.global.bucket.secretKey .Values.global.bucket.name .Values.global.bucket.path -}} +{{- else -}} +{{- $bucket = printf "s3://%s/%s" .Values.global.bucket.name .Values.global.bucket.path -}} +{{- end -}} +{{- end -}} +{{- trimSuffix "/" $bucket -}} +{{- end -}} \ No newline at end of file diff --git a/charts/operator-wandb/charts/nginx/templates/configmap.yaml b/charts/operator-wandb/charts/nginx/templates/configmap.yaml new file mode 100644 index 00000000..ede7a03b --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/configmap.yaml @@ -0,0 +1,39 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "nginx.fullname" . }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} + {{- include "nginx.commonLabels" . | nindent 4 }} + {{- include "nginx.labels" . | nindent 4 }} + {{- if .Values.configMap.labels -}} + {{- toYaml .Values.configMap.labels | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.configMap.annotations -}} + {{- toYaml .Values.configMap.annotations | nindent 4 }} + {{- end }} +data: + nginx.conf: | + user nginx; + worker_processes auto; + error_log /var/log/nginx/error.log; + pid /var/run/nginx.pid; + + events { + worker_connections 1024; + } + + http { + server { + listen 80; + + location / { + proxy_pass http://{{ .Release.Name }}-app; + } + + location /console { + proxy_pass http://{{ .Release.Name }}-console; + } + } + } diff --git a/charts/operator-wandb/charts/nginx/templates/deployment.yaml b/charts/operator-wandb/charts/nginx/templates/deployment.yaml new file mode 100644 index 00000000..59bd4fd0 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/deployment.yaml @@ -0,0 +1,69 @@ +{{- if .Values.enabled }} +{{- $imageCfg := dict "global" $.Values.global.image "local" $.Values.image -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "nginx.fullname" . }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} + {{- include "nginx.commonLabels" . | nindent 4 }} + {{- include "nginx.labels" . | nindent 4 }} + {{- if .Values.deployment.labels -}} + {{- toYaml .Values.deployment.labels | nindent 4 }} + {{- end }} + annotations: + {{- include "wandb.deploymentAnnotations" $ | nindent 4 }} + {{- if .Values.deployment.annotations -}} + {{- toYaml .Values.deployment.annotations | nindent 4 }} + {{- end }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "wandb.selectorLabels" $ | nindent 6 }} + {{- include "nginx.labels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "wandb.podLabels" . | nindent 8 }} + {{- include "nginx.commonLabels" . | nindent 8 }} + {{- include "nginx.podLabels" . | nindent 8 }} + {{- include "nginx.labels" . | nindent 8 }} + annotations: + checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- if .Values.pod.annotations -}} + {{- toYaml .Values.pod.annotations | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "app.serviceAccountName" . }} + {{- if .tolerations }} + tolerations: + {{- toYaml .tolerations | nindent 8 }} + {{- end }} + {{- include "wandb.nodeSelector" . | nindent 6 }} + {{- include "wandb.priorityClassName" . | nindent 6 }} + {{- include "wandb.podSecurityContext" .Values.pod.securityContext | nindent 6 }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + volumeMounts: + {{- if ne (include "wandb.redis.caCert" .) "" }} + - name: {{ include "nginx.fullname" . }}-redis-ca + mountPath: /etc/ssl/certs/redis_ca.pem + subPath: redis_ca.pem + {{- end }} + ports: + - containerPort: 80 + {{- include "nginx.extraEnv" (dict "global" $.Values.global "local" .Values) | nindent 12 }} + {{- include "wandb.extraEnvFrom" (dict "root" $ "local" .) | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: config-volume + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + volumes: + - name: config-volume + configMap: + name: {{ include "nginx.fullname" . }} +{{- end }} diff --git a/charts/operator-wandb/charts/nginx/templates/hpa.yaml b/charts/operator-wandb/charts/nginx/templates/hpa.yaml new file mode 100644 index 00000000..800c01b9 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/hpa.yaml @@ -0,0 +1,23 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "nginx.fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} + {{- include "nginx.commonLabels" . | nindent 4 }} + {{- include "nginx.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "nginx.fullname" . }} + minReplicas: 1 + maxReplicas: 1 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 70 diff --git a/charts/operator-wandb/charts/nginx/templates/role.yaml b/charts/operator-wandb/charts/nginx/templates/role.yaml new file mode 100644 index 00000000..11bd36d3 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/role.yaml @@ -0,0 +1,23 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "app.fullname" . }} + namespace: {{ $.Release.Namespace }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} + {{- include "app.commonLabels" . | nindent 4 }} + {{- include "app.labels" . | nindent 4 }} + {{- if .Values.role.labels -}} + {{- toYaml .Values.role.labels | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.role.annotations -}} + {{- toYaml .Values.role.annotations | nindent 4 }} + {{- end }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "update", "delete"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get"] \ No newline at end of file diff --git a/charts/operator-wandb/charts/nginx/templates/rolebinding.yaml b/charts/operator-wandb/charts/nginx/templates/rolebinding.yaml new file mode 100644 index 00000000..3441d038 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/rolebinding.yaml @@ -0,0 +1,23 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "app.fullname" . }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} + {{- include "app.commonLabels" . | nindent 4 }} + {{- include "app.labels" . | nindent 4 }} + {{- if .Values.role.labels -}} + {{- toYaml .Values.role.labels | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.role.annotations -}} + {{- toYaml .Values.role.annotations | nindent 4 }} + {{- end }} +roleRef: + kind: ClusterRole + apiGroup: rbac.authorization.k8s.io + name: {{ include "app.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "app.fullname" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/operator-wandb/charts/nginx/templates/service.yaml b/charts/operator-wandb/charts/nginx/templates/service.yaml new file mode 100644 index 00000000..910c81bf --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "nginx.fullname" . }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} + {{- include "nginx.labels" . | nindent 4 }} + {{- include "nginx.commonLabels" . | nindent 4 }} + {{- if .Values.service.labels -}} + {{- toYaml .Values.service.labels | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.service.annotations -}} + {{- toYaml .Values.service.annotations | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - protocol: TCP + port: 80 + targetPort: 80 + selector: + {{- include "nginx.labels" . | nindent 4 }} \ No newline at end of file diff --git a/charts/operator-wandb/charts/nginx/templates/serviceaccount.yaml b/charts/operator-wandb/charts/nginx/templates/serviceaccount.yaml new file mode 100644 index 00000000..c3824d12 --- /dev/null +++ b/charts/operator-wandb/charts/nginx/templates/serviceaccount.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "app.serviceAccountName" . }} + namespace: {{ $.Release.Namespace }} + labels: + {{- include "wandb.commonLabels" . | nindent 4 }} + {{- include "app.commonLabels" . | nindent 4 }} + {{- include "app.labels" . | nindent 4 }} + {{- if .Values.serviceAccount.labels -}} + {{- toYaml .Values.serviceAccount.labels | nindent 4 }} + {{- end }} + annotations: + {{- if .Values.serviceAccount.annotations -}} + {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} + {{- end }} diff --git a/charts/operator-wandb/charts/nginx/values.yaml b/charts/operator-wandb/charts/nginx/values.yaml new file mode 100644 index 00000000..a4081d0f --- /dev/null +++ b/charts/operator-wandb/charts/nginx/values.yaml @@ -0,0 +1,56 @@ +nameOverride: "" +fullnameOverride: "" + +image: + repository: wandb/local + tag: latest + pullPolicy: Always + # pullSecrets: [] + +# Tolerations for pod scheduling +tolerations: [] + +traceRatio: 0 + +extraEnv: {} +extraEnvFrom: {} + +extraCors: [] + +pod: + securityContext: + fsGroup: 0 + fsGroupChangePolicy: "OnRootMismatch" + labels: {} + annotations: {} + +common: + labels: {} + +deployment: + labels: {} + annotations: {} + +service: + type: ClusterIP + annotations: {} + labels: {} + +resources: + # We usually recommend not to specify default resources and to leave this as a + # conscious choice for the user. This also increases chances charts run on + # environments with little resources, such as Minikube. If you do want to + # specify resources, uncomment the following lines, adjust them as necessary, + # and remove the curly braces after 'resources:'. + requests: + cpu: 100m + memory: 1Gi + limits: + cpu: 4000m + memory: 8Gi + +serviceAccount: + create: true + +role: {} +roleBinding: {} diff --git a/charts/operator-wandb/templates/nginx.yaml b/charts/operator-wandb/templates/nginx.yaml deleted file mode 100644 index 1f2d8c89..00000000 --- a/charts/operator-wandb/templates/nginx.yaml +++ /dev/null @@ -1,96 +0,0 @@ -{{- if eq .Values.ingress.use "nginx" }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-nginx - labels: - {{- include "wandb.commonLabels" . | nindent 4 }} -spec: - type: LoadBalancer - selector: - matchLabels: - {{- include "wandb.selectorLabels" $ | nindent 6 }} - app.kubernetes.io/component: nginx - ports: - - protocol: TCP - port: 80 - targetPort: 80 ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-nginx - labels: - {{- include "wandb.commonLabels" . | nindent 4 }} -data: - nginx.conf: | - user nginx; - worker_processes auto; - error_log /var/log/nginx/error.log; - pid /var/run/nginx.pid; - - events { - worker_connections 1024; - } - - http { - server { - listen 80; - - location / { - proxy_pass http://{{ .Release.Name }}-app; - } - - location /console { - proxy_pass http://{{ .Release.Name }}-console; - } - } - } ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-nginx - annotations: - {{- include "wandb.deploymentAnnotations" $ | nindent 4 }} - labels: - {{- include "wandb.commonLabels" . | nindent 4 }} -spec: - replicas: 1 - selector: - matchLabels: - {{- include "wandb.selectorLabels" . | nindent 8 }} - app.kubernetes.io/component: nginx - template: - metadata: - annotations: - {{- include "wandb.deploymentAnnotations" $ | nindent 4 }} - checksum/config: {{ include (print $.Template.BasePath "/nginx.yaml") . | sha256sum }} - labels: - {{- include "wandb.podLabels" . | nindent 8 }} - spec: - {{- if .tolerations }} - tolerations: - {{- toYaml .tolerations | nindent 8 }} - {{- end }} - {{- include "wandb.nodeSelector" . | nindent 6 }} - {{- include "wandb.priorityClassName" . | nindent 6 }} - {{- include "wandb.podSecurityContext" .Values.pod.securityContext | nindent 6 }} - terminationGracePeriodSeconds: 60 - containers: - - name: nginx - image: nginx:latest - ports: - - containerPort: 80 - volumeMounts: - - name: config-volume - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - - volumes: - - name: config-volume - configMap: - name: nginx-config - -{{- end }} \ No newline at end of file diff --git a/charts/operator-wandb/values.yaml b/charts/operator-wandb/values.yaml index 04d3905a..5b6b8108 100644 --- a/charts/operator-wandb/values.yaml +++ b/charts/operator-wandb/values.yaml @@ -117,6 +117,12 @@ ingress: server: https://acme-v02.api.letsencrypt.org/directory email: support@wandb.com +nginx: + install: false + image: + repository: wandb/local + tag: latest + parquet: install: true image: From 275b2d9074b6fa2fce73111a54ee23067f9e3be3 Mon Sep 17 00:00:00 2001 From: Justin Brooks Date: Mon, 22 Apr 2024 12:45:53 -0400 Subject: [PATCH 4/4] clean up --- charts/operator-wandb/charts/nginx/Chart.yaml | 2 +- charts/operator-wandb/charts/nginx/README.md | 88 +------------------ .../operator-wandb/charts/nginx/values.yaml | 6 +- 3 files changed, 3 insertions(+), 93 deletions(-) diff --git a/charts/operator-wandb/charts/nginx/Chart.yaml b/charts/operator-wandb/charts/nginx/Chart.yaml index e2091640..8a7adc44 100644 --- a/charts/operator-wandb/charts/nginx/Chart.yaml +++ b/charts/operator-wandb/charts/nginx/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: app +name: nginx type: application description: A Helm chart for Kubernetes diff --git a/charts/operator-wandb/charts/nginx/README.md b/charts/operator-wandb/charts/nginx/README.md index df63bb6b..5436d248 100644 --- a/charts/operator-wandb/charts/nginx/README.md +++ b/charts/operator-wandb/charts/nginx/README.md @@ -1,87 +1 @@ -# Local - -- [Local](#local) - - [Requirements](#requirements) - - [Configuration](#configuration) - - [Globals](#globals) - - [Options](#options) - - [Chart configuration examples](#chart-configuration-examples) - - [extraEnv](#extraenv) - - [extraEnvFrom](#extraenvfrom) - - [extraEnvFrom](#extraenvfrom-1) - -## Requirements - -This chart depends on Redis, Bucket and MySQL services, either as part of the -complete W&B Server chart or provided as external services reachable from the -Kubernetes cluster this chart is deployed onto. - -## Configuration - -### Globals - -### Options - -| Parameter | Default | Description | -| ------------------- | ------------- | -------------------------------------------------------------------------------------------------- | -| `enabled` | `true` | Server enable flag | -| `priorityClassName` | `""` | Allow configuring pods priorityClassName, this is used to control pod priority in case of eviction | -| `common.labels` | | Supplemental labels that are applied to all objects created by this chart. | -| `podLabels` | | Supplemental Pod labels. Will not be used for selectors. | -| `extraEnv` | | List of extra environment variables to expose | -| `extraEnvFrom` | | List of extra environment variables from other data sources to expose | -| `image.pullPolicy` | `Always` | Server image pull policy | -| `image.pullSecrets` | | Secrets for the image repository | -| `image.repository` | `wandb/local` | Server image repository | -| `image.tag` | | Server image tag | -| `tolerations` | `[]` | Toleration labels for pod assignment | - -### Chart configuration examples - -#### extraEnv - -#### extraEnvFrom - -`extraEnv` allows you to expose additional environment variables in all -containers in the pods. - -```yaml -extraEnv: - SOME_KEY: some_value - SOME_OTHER_KEY: some_other_value -``` - -When the container is started, you can confirm that the environment variables -are exposed: - -Below is an example use of extraEnv: - -```bash -env | grep SOME -SOME_KEY=some_value -SOME_OTHER_KEY=some_other_value -``` - -#### extraEnvFrom - -`extraEnvFrom` allows you to expose additional environment variables from other -data sources in all containers in the pods. Subsequent variables can be -overridden per deployment. - -Below is an example use of `extraEnvFrom`: - -```yaml -extraEnvFrom: - MY_NODE_NAME: - fieldRef: - fieldPath: spec.nodeName - MY_CPU_REQUEST: - resourceFieldRef: - containerName: test-container - resource: requests.cpu - SECRET_THING: - secretKeyRef: - name: special-secret - key: special_token - # optional: boolean -``` +# nginx diff --git a/charts/operator-wandb/charts/nginx/values.yaml b/charts/operator-wandb/charts/nginx/values.yaml index a4081d0f..56b78f70 100644 --- a/charts/operator-wandb/charts/nginx/values.yaml +++ b/charts/operator-wandb/charts/nginx/values.yaml @@ -2,7 +2,7 @@ nameOverride: "" fullnameOverride: "" image: - repository: wandb/local + repository: nginx/local tag: latest pullPolicy: Always # pullSecrets: [] @@ -10,13 +10,9 @@ image: # Tolerations for pod scheduling tolerations: [] -traceRatio: 0 - extraEnv: {} extraEnvFrom: {} -extraCors: [] - pod: securityContext: fsGroup: 0