mirror of
https://github.com/clearml/clearml-helm-charts
synced 2025-04-17 01:31:13 +00:00
Compare commits
18 Commits
clearml-5.
...
clearml-5.
| Author | SHA1 | Date | |
|---|---|---|---|
|
08b92ba622 | ||
|
|
5b77cf41c2 | ||
|
|
a6db8b4262 | ||
|
|
dd4d8bf086 | ||
|
|
bf959d2f70 | ||
|
|
340d261f11 | ||
|
|
e1fcc5b466 | ||
|
013734c184 | ||
|
|
fded7aa5b4 | ||
|
|
5540188db1 | ||
|
|
1f23bcf7ca | ||
|
|
3075f5e280 | ||
|
|
97550c720f | ||
|
|
a29a144119 | ||
|
|
a4f77c624d | ||
|
|
dd1c201eeb | ||
|
|
7995fc8441 | ||
|
|
99903085cd |
22
.github/workflows/inactive-issues.yaml
vendored
Normal file
22
.github/workflows/inactive-issues.yaml
vendored
Normal file
@@ -0,0 +1,22 @@
|
||||
name: Close inactive issues
|
||||
on:
|
||||
schedule:
|
||||
- cron: "30 1 * * *"
|
||||
|
||||
jobs:
|
||||
close-issues:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
issues: write
|
||||
pull-requests: write
|
||||
steps:
|
||||
- uses: actions/stale@v7
|
||||
with:
|
||||
days-before-issue-stale: 14
|
||||
days-before-issue-close: 7
|
||||
stale-issue-label: "stale"
|
||||
stale-issue-message: "This issue is stale because it has been open for 14 days with no activity."
|
||||
close-issue-message: "This issue was closed because it has been inactive for 7 days since being marked as stale."
|
||||
days-before-pr-stale: -1
|
||||
days-before-pr-close: -1
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
47
INSTALL.md
Normal file
47
INSTALL.md
Normal file
@@ -0,0 +1,47 @@
|
||||
# ClearML Helm Charts Installation guide
|
||||
|
||||
## Requirements
|
||||
|
||||
* Set up a Kubernetes Cluster - for setting up Kubernetes on various platforms refer to the Kubernetes [getting started guide](http://kubernetes.io/docs/getting-started-guides/).
|
||||
* Set up a single-node LOCAL Kubernetes on laptop/desktop - for setting up Kubernetes on your laptop/desktop, we suggest [kind](https://kind.sigs.k8s.io).
|
||||
* For **Kubernetes Tanzu users** - see [prerequisites](https://github.com/allegroai/clearml-helm-charts/tree/main/platform-specific-configs/tanzu)
|
||||
for setting up ClearML on a Tanzu cluster
|
||||
* For **Kubernetes Openshift users** - see [prerequisites](https://github.com/allegroai/clearml-helm-charts/tree/main/platform-specific-configs/openshift)
|
||||
for setting up ClearML on an Openshift cluster,
|
||||
|
||||
* Install Helm - Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes
|
||||
resources. To install Helm, refer to the [Helm install guide](https://github.com/helm/helm#install) and ensure that the `helm` binary is in the `PATH` of your shell.
|
||||
|
||||
## Helm Charts Installation
|
||||
|
||||
### Helm Repo
|
||||
|
||||
```bash
|
||||
$ helm repo add allegroai https://allegroai.github.io/clearml-helm-charts
|
||||
$ helm repo update
|
||||
```
|
||||
### ClearML Server Ecosystem
|
||||
|
||||
```bash
|
||||
$ helm install clearml allegroai/clearml
|
||||
```
|
||||
|
||||
### ClearML Agent
|
||||
|
||||
A ClearML Agent is always related to a ClearML server ecosystem (by default using the `app.clear.ml` hosted server, but
|
||||
can be on the same or different Kubernetes cluster or a single server installation).
|
||||
|
||||
In the ClearML UI, go to **Settings > Workspace** and click **Create New Credentials**. The dialog that pops up displays
|
||||
the new credentials.
|
||||
|
||||
In the Helm chart `install` command below:
|
||||
|
||||
* Set `ACCESSKEY` to the new credentials' `access_key` value
|
||||
* Set `SECRETKEY` to the new credentials' `secret_key` value
|
||||
* Set `APISERVERURL` to the new credentials' `api_server` value
|
||||
* Set `FILESSERVERURL` to the new credentials' `files_server` value
|
||||
* Set `WEBSERVERURL` to the new credentials' `web_server` value
|
||||
|
||||
```bash
|
||||
$ helm install clearml-agent allegroai/clearml-agent --set clearml.agentk8sglueKey=ACCESSKEY --set clearml.agentk8sglueSecret=SECRETKEY --set agentk8sglue.apiServerUrlReference=APISERVERURL --set agentk8sglue.fileServerUrlReference=FILESERVERURL --set agentk8sglue.webServerUrlReference=WEBSERVERURL
|
||||
```
|
||||
45
README.md
45
README.md
@@ -1,4 +1,4 @@
|
||||
# ClearML Helm Charts Library for Kubernetes
|
||||
# ClearML Helm Charts for Kubernetes
|
||||
|
||||
## Auto-Magical Experiment Manager & Version Control for AI
|
||||
|
||||
@@ -23,57 +23,40 @@ Use this repository to deploy **clearml-server** on Kubernetes clusters.
|
||||
|
||||
## Provided in this repository
|
||||
|
||||
### [All around Helm Chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml)
|
||||
### [ClearML server chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml)
|
||||
|
||||
### [ClearML agent chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml-agent)
|
||||
|
||||
### [ClearML serving chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml-serving)
|
||||
|
||||
## Who We Are
|
||||
|
||||
ClearML is supported by the team behind *allegro.ai*,
|
||||
where we build deep learning pipelines and infrastructure for enterprise companies.
|
||||
ClearML is supported by you :heart: and the [clear.ml](https://clear.ml) team, which helps enterprise companies build
|
||||
scalable MLOps.
|
||||
|
||||
We built ClearML to track and control the glorious but messy process of training production-grade deep learning models.
|
||||
We are committed to vigorously supporting and expanding the capabilities of ClearML.
|
||||
|
||||
We promise to always be backwardly compatible, making sure all your logs, data and pipelines
|
||||
We promise to always be backwards compatible, making sure all your logs, data, and pipelines
|
||||
will always upgrade with you.
|
||||
|
||||
## License
|
||||
|
||||
Apache License, Version 2.0, (see the [LICENSE](https://www.apache.org/licenses/LICENSE-2.0) for more information)
|
||||
|
||||
## Requirements
|
||||
## Installation Guide
|
||||
|
||||
### Setup a Kubernetes Cluster
|
||||
|
||||
For setting up Kubernetes on various platforms refer to the Kubernetes [getting started guide](http://kubernetes.io/docs/getting-started-guides/).
|
||||
|
||||
### Setup a single node LOCAL Kubernetes on laptop/desktop
|
||||
|
||||
For setting up Kubernetes on your laptop/desktop we suggest [kind](https://kind.sigs.k8s.io).
|
||||
|
||||
### Install Helm
|
||||
|
||||
Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes resources.
|
||||
|
||||
To install Helm, refer to the [Helm install guide](https://github.com/helm/helm#install) and ensure that the `helm` binary is in the `PATH` of your shell.
|
||||
|
||||
## Usage
|
||||
|
||||
```bash
|
||||
$ helm repo add allegroai https://allegroai.github.io/clearml-helm-charts
|
||||
$ helm repo update
|
||||
$ helm search repo allegroai
|
||||
$ helm install <release-name> allegroai/<chart>
|
||||
```
|
||||
For installation instruction, follow related [Installation Guide](INSTALL.md).
|
||||
|
||||
## Documentation, Community & Support
|
||||
|
||||
More information in the [official documentation](https://allegro.ai/clearml/docs) and [on YouTube](https://www.youtube.com/c/ClearML).
|
||||
See more information in the [official documentation](https://clear.ml/docs/latest/docs) and [on YouTube](https://www.youtube.com/c/ClearML).
|
||||
|
||||
If you have any questions: post on our [Slack Channel](https://join.slack.com/t/clearml/shared_invite/zt-c0t13pty-aVUZZW1TSSSg2vyIGVPBhg), or tag your questions on [stackoverflow](https://stackoverflow.com/questions/tagged/clearml) with '**[clearml](https://stackoverflow.com/questions/tagged/clearml)**' tag (*previously [trains](https://stackoverflow.com/questions/tagged/trains) tag*).
|
||||
If you have any questions, post on our [Slack Channel](https://join.slack.com/t/clearml/shared_invite/zt-c0t13pty-aVUZZW1TSSSg2vyIGVPBhg), or tag your questions on [stackoverflow](https://stackoverflow.com/questions/tagged/clearml) with '**[clearml](https://stackoverflow.com/questions/tagged/clearml)**' tag (*previously [trains](https://stackoverflow.com/questions/tagged/trains) tag*).
|
||||
|
||||
For feature requests or bug reports, please use [GitHub issues](https://github.com/allegroai/clearml-helm-charts/issues).
|
||||
|
||||
Additionally, you can always find us at *clearml@allegro.ai*
|
||||
Additionally, you can always find us at *support@clear.ml*
|
||||
|
||||
## Contributing
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: clearml-agent
|
||||
description: MLOps platform Task running agent
|
||||
type: application
|
||||
version: "3.3.0"
|
||||
version: "3.7.0"
|
||||
appVersion: "1.24"
|
||||
kubeVersion: ">= 1.21.0-0 < 1.27.0-0"
|
||||
home: https://clear.ml
|
||||
@@ -21,4 +21,4 @@ keywords:
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- kind: added
|
||||
description: affinity parameter
|
||||
description: support for existing rolebindings and clusterrolebindings
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# ClearML Kubernetes Agent
|
||||
|
||||
  
|
||||
  
|
||||
|
||||
MLOps platform Task running agent
|
||||
|
||||
@@ -30,19 +30,22 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| agentk8sglue | object | `{"affinity":{},"annotations":{},"apiServerUrlReference":"https://api.clear.ml","basePodTemplate":{"affinity":{},"annotations":{},"env":[],"fileMounts":[],"hostAliases":{},"initContainers":[],"labels":{},"nodeSelector":{},"resources":{},"schedulerName":"","securityContext":{},"tolerations":[],"volumeMounts":[],"volumes":[]},"clearmlcheckCertificate":true,"containerCustomBashScript":"","customBashScript":"","debugMode":false,"defaultContainerImage":"ubuntu:18.04","extraEnvs":[],"fileMounts":[],"fileServerUrlReference":"https://files.clear.ml","image":{"repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"},"labels":{},"nodeSelector":{},"queue":"default","replicaCount":1,"securityContext":{},"serviceExistingAccountName":"","tolerations":[],"volumeMounts":[],"volumes":[],"webServerUrlReference":"https://app.clear.ml"}` | This agent will spawn queued experiments in new pods, a good use case is to combine this with GPU autoscaling nodes. https://github.com/allegroai/clearml-agent/tree/master/docker/k8s-glue |
|
||||
| agentk8sglue | object | `{"additionalClusterRoleBindings":[],"additionalRoleBindings":[],"affinity":{},"annotations":{},"apiServerUrlReference":"https://api.clear.ml","basePodTemplate":{"affinity":{},"annotations":{},"env":[],"fileMounts":[],"hostAliases":[],"initContainers":[],"labels":{},"nodeSelector":{},"priorityClassName":"","resources":{},"schedulerName":"","securityContext":{},"tolerations":[],"volumeMounts":[],"volumes":[]},"clearmlcheckCertificate":true,"containerCustomBashScript":"","customBashScript":"","debugMode":false,"defaultContainerImage":"ubuntu:18.04","extraEnvs":[],"fileMounts":[],"fileServerUrlReference":"https://files.clear.ml","image":{"repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"},"labels":{},"nodeSelector":{},"queue":"default","replicaCount":1,"securityContext":{},"serviceExistingAccountName":"","taskAsJob":false,"tolerations":[],"volumeMounts":[],"volumes":[],"webServerUrlReference":"https://app.clear.ml"}` | This agent will spawn queued experiments in new pods, a good use case is to combine this with GPU autoscaling nodes. https://github.com/allegroai/clearml-agent/tree/master/docker/k8s-glue |
|
||||
| agentk8sglue.additionalClusterRoleBindings | list | `[]` | additional existing ClusterRoleBindings |
|
||||
| agentk8sglue.additionalRoleBindings | list | `[]` | additional existing RoleBindings |
|
||||
| agentk8sglue.affinity | object | `{}` | affinity setup for Agent pod (example in values.yaml comments) |
|
||||
| agentk8sglue.annotations | object | `{}` | annotations setup for Agent pod (example in values.yaml comments) |
|
||||
| agentk8sglue.apiServerUrlReference | string | `"https://api.clear.ml"` | Reference to Api server url |
|
||||
| agentk8sglue.basePodTemplate | object | `{"affinity":{},"annotations":{},"env":[],"fileMounts":[],"hostAliases":{},"initContainers":[],"labels":{},"nodeSelector":{},"resources":{},"schedulerName":"","securityContext":{},"tolerations":[],"volumeMounts":[],"volumes":[]}` | base template for pods spawned to consume ClearML Task |
|
||||
| agentk8sglue.basePodTemplate | object | `{"affinity":{},"annotations":{},"env":[],"fileMounts":[],"hostAliases":[],"initContainers":[],"labels":{},"nodeSelector":{},"priorityClassName":"","resources":{},"schedulerName":"","securityContext":{},"tolerations":[],"volumeMounts":[],"volumes":[]}` | base template for pods spawned to consume ClearML Task |
|
||||
| agentk8sglue.basePodTemplate.affinity | object | `{}` | affinity setup for pods spawned to consume ClearML Task |
|
||||
| agentk8sglue.basePodTemplate.annotations | object | `{}` | annotations setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.env | list | `[]` | environment variables for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.fileMounts | list | `[]` | file definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.hostAliases | object | `{}` | hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.hostAliases | list | `[]` | hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.initContainers | list | `[]` | initContainers definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.labels | object | `{}` | labels setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.nodeSelector | object | `{}` | nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.priorityClassName | string | `""` | priorityClassName setup for pods spawned to consume ClearML Task |
|
||||
| agentk8sglue.basePodTemplate.resources | object | `{}` | resources declaration for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
| agentk8sglue.basePodTemplate.schedulerName | string | `""` | schedulerName setup for pods spawned to consume ClearML Task |
|
||||
| agentk8sglue.basePodTemplate.securityContext | object | `{}` | securityContext setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
|
||||
@@ -63,6 +66,7 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
|
||||
| agentk8sglue.replicaCount | int | `1` | Glue Agent number of pods |
|
||||
| agentk8sglue.securityContext | object | `{}` | Web Server pod security context |
|
||||
| agentk8sglue.serviceExistingAccountName | string | `""` | if set, don't create a serviceAccountName but use defined existing one |
|
||||
| agentk8sglue.taskAsJob | bool | `false` | ClearML spawn tasks as jobs instead of pods |
|
||||
| agentk8sglue.tolerations | list | `[]` | tolerations setup for Agent pod (example in values.yaml comments) |
|
||||
| agentk8sglue.volumeMounts | list | `[]` | volume mounts definition for Glue Agent (example in values.yaml comments) |
|
||||
| agentk8sglue.volumes | list | `[]` | volumes definition for Glue Agent (example in values.yaml comments) |
|
||||
@@ -73,9 +77,10 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
|
||||
| clearml.clearmlConfig | string | `"sdk {\n}"` | ClearML configuration file |
|
||||
| clearml.existingAgentk8sglueSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
|
||||
| clearml.existingClearmlConfigSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
|
||||
| enterpriseFeatures | object | `{"agentImageTagOverride":"1.24-57","applyVaultEnvVars":true,"enabled":false,"maxPods":10,"monitoredResources":{"maxResources":0,"maxResourcesFieldName":"resources|limits|nvidia.com/gpu","minResourcesFieldName":"resources|limits|nvidia.com/gpu"},"queues":null,"serviceAccountClusterAccess":false,"useOwnerToken":true}` | Enterprise features (work only with an Enterprise license) |
|
||||
| enterpriseFeatures.agentImageTagOverride | string | `"1.24-57"` | Image tag override for enterprise version |
|
||||
| enterpriseFeatures | object | `{"agentImageTagOverride":"1.24-58","applyVaultEnvVars":true,"createQueues":false,"enabled":false,"maxPods":10,"monitoredResources":{"maxResources":0,"maxResourcesFieldName":"resources|limits|nvidia.com/gpu","minResourcesFieldName":"resources|limits|nvidia.com/gpu"},"queues":null,"serviceAccountClusterAccess":false,"useOwnerToken":true}` | Enterprise features (work only with an Enterprise license) |
|
||||
| enterpriseFeatures.agentImageTagOverride | string | `"1.24-58"` | Image tag override for enterprise version |
|
||||
| enterpriseFeatures.applyVaultEnvVars | bool | `true` | push env vars from Clear.ML Vault to task pods |
|
||||
| enterpriseFeatures.createQueues | bool | `false` | Create queues if they don't exist |
|
||||
| enterpriseFeatures.enabled | bool | `false` | Enable/Disable Enterprise features |
|
||||
| enterpriseFeatures.maxPods | int | `10` | maximum concurrent consume ClearML Task pod |
|
||||
| enterpriseFeatures.monitoredResources | object | `{"maxResources":0,"maxResourcesFieldName":"resources|limits|nvidia.com/gpu","minResourcesFieldName":"resources|limits|nvidia.com/gpu"}` | GPU resource general counters |
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "clearml.name" -}}
|
||||
{{- define "clearmlAgent.name" -}}
|
||||
{{- .Release.Name | trunc 59 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "clearml.chart" -}}
|
||||
{{- define "clearmlAgent.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 59 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "clearml.labels" -}}
|
||||
helm.sh/chart: {{ include "clearml.chart" . }}
|
||||
{{ include "clearml.selectorLabels" . }}
|
||||
{{- define "clearmlAgent.labels" -}}
|
||||
helm.sh/chart: {{ include "clearmlAgent.chart" . }}
|
||||
{{ include "clearmlAgent.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
@@ -30,7 +30,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{/*
|
||||
Common annotations
|
||||
*/}}
|
||||
{{- define "clearml.annotations" -}}
|
||||
{{- define "clearmlAgent.annotations" -}}
|
||||
{{- if $.Values.agentk8sglue.annotations }}
|
||||
{{ toYaml $.Values.agentk8sglue.annotations }}
|
||||
{{- end }}
|
||||
@@ -39,8 +39,8 @@ Common annotations
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "clearml.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "clearml.name" . }}
|
||||
{{- define "clearmlAgent.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "clearmlAgent.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
@@ -48,18 +48,18 @@ app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
Selector labels (agentk8sglue)
|
||||
*/}}
|
||||
{{- define "agentk8sglue.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "clearml.name" . }}
|
||||
app.kubernetes.io/instance: {{ include "clearml.name" . }}
|
||||
app.kubernetes.io/name: {{ include "clearmlAgent.name" . }}
|
||||
app.kubernetes.io/instance: {{ include "clearmlAgent.name" . }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "clearml.serviceAccountName" -}}
|
||||
{{- define "clearmlAgent.serviceAccountName" -}}
|
||||
{{- if .Values.agentk8sglue.serviceExistingAccountName }}
|
||||
{{- .Values.agentk8sglue.serviceExistingAccountName }}
|
||||
{{- else }}
|
||||
{{- include "clearml.name" . }}-sa
|
||||
{{- include "clearmlAgent.name" . }}-sa
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -72,6 +72,16 @@ Create secret to access docker registry
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a queues parameter
|
||||
*/}}
|
||||
{{- define "agentk8sglue.createQueues" -}}
|
||||
{{- if .Values.enterpriseFeatures.createQueues }}
|
||||
{{- printf "%d" 1}}
|
||||
{{- else }}
|
||||
{{- printf "%d" 0 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a string composed by queue names
|
||||
@@ -83,3 +93,136 @@ Create a string composed by queue names
|
||||
{{- end }}
|
||||
{{- join " " $list }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a task container template
|
||||
*/}}
|
||||
{{- define "taskContainer.containerTemplate" -}}
|
||||
{{- if .main.Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
- name: {{ .main.Values.imageCredentials.existingSecret | default (printf "%s-ark" (include "clearmlAgent.name" .main )) }}
|
||||
{{- end }}
|
||||
schedulerName: {{ .value.templateOverrides.schedulerName | default (.main.Values.agentk8sglue.basePodTemplate.schedulerName) }}
|
||||
restartPolicy: Never
|
||||
securityContext:
|
||||
{{- .value.templateOverrides.securityContext | default .main.Values.agentk8sglue.basePodTemplate.securityContext | toYaml | nindent 2 }}
|
||||
hostAliases:
|
||||
{{- .value.templateOverrides.hostAliases | default .main.Values.agentk8sglue.basePodTemplate.hostAliases | toYaml | nindent 2 }}
|
||||
volumes:
|
||||
{{ $computedvolumes := (.value.templateOverrides.volumes | default .main.Values.agentk8sglue.basePodTemplate.volumes) }}
|
||||
{{- if $computedvolumes }}{{- $computedvolumes | toYaml | nindent 2 }}{{- end }}
|
||||
{{- if .value.templateOverrides.fileMounts }}
|
||||
- name: filemounts
|
||||
secret:
|
||||
secretName: {{ include "clearmlAgent.name" .main }}-{{ .key }}-fm
|
||||
{{- else if .main.Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
- name: filemounts
|
||||
secret:
|
||||
secretName: {{ include "clearmlAgent.name" .main }}-fm
|
||||
{{- end }}
|
||||
{{- if not .main.Values.enterpriseFeatures.serviceAccountClusterAccess }}
|
||||
serviceAccountName: {{ include "clearmlAgent.serviceAccountName" .main }}
|
||||
{{- end }}
|
||||
initContainers:
|
||||
{{- .value.templateOverrides.initContainers | default .main.Values.agentk8sglue.basePodTemplate.initContainers | toYaml | nindent 2 }}
|
||||
priorityClassName: {{ .value.templateOverrides.priorityClassName | default .main.Values.agentk8sglue.basePodTemplate.priorityClassName }}
|
||||
containers:
|
||||
- resources:
|
||||
{{- .value.templateOverrides.resources | default .main.Values.agentk8sglue.basePodTemplate.resources | toYaml | nindent 4 }}
|
||||
ports:
|
||||
- containerPort: 10022
|
||||
volumeMounts:
|
||||
{{ $computedvolumemounts := (.value.templateOverrides.volumeMounts | default .main.Values.agentk8sglue.basePodTemplate.volumeMounts) }}
|
||||
{{- if $computedvolumemounts }}{{- $computedvolumemounts | toYaml | nindent 4 }}{{- end }}
|
||||
{{- if .value.templateOverrides.fileMounts }}
|
||||
{{- range .value.templateOverrides.fileMounts }}
|
||||
- name: filemounts
|
||||
mountPath: "{{ .folderPath }}/{{ .name }}"
|
||||
subPath: "{{ .name }}"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- else if .main.Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
{{- range .main.Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
- name: filemounts
|
||||
mountPath: "{{ .folderPath }}/{{ .name }}"
|
||||
subPath: "{{ .name }}"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: CLEARML_API_HOST
|
||||
value: {{ .main.Values.agentk8sglue.apiServerUrlReference }}
|
||||
- name: CLEARML_WEB_HOST
|
||||
value: {{ .main.Values.agentk8sglue.webServerUrlReference }}
|
||||
- name: CLEARML_FILES_HOST
|
||||
value: {{ .main.Values.agentk8sglue.fileServerUrlReference }}
|
||||
{{- if not .main.Values.enterpriseFeatures.useOwnerToken }}
|
||||
- name: CLEARML_API_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .main.Values.clearml.existingAgentk8sglueSecret | default (printf "%s-ac" (include "clearmlAgent.name" .main )) }}
|
||||
key: agentk8sglue_key
|
||||
- name: CLEARML_API_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .main.Values.clearml.existingAgentk8sglueSecret | default (printf "%s-ac" (include "clearmlAgent.name" .main )) }}
|
||||
key: agentk8sglue_secret
|
||||
{{- end }}
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "x"
|
||||
{{- if not .main.Values.agentk8sglue.clearmlcheckCertificate }}
|
||||
- name: CLEARML_API_HOST_VERIFY_CERT
|
||||
value: "false"
|
||||
{{- end }}
|
||||
{{ $computedenvs := (.value.templateOverrides.env| default .main.Values.agentk8sglue.basePodTemplate.env) }}
|
||||
{{- if $computedenvs }}{{- $computedenvs | toYaml | nindent 4 }}{{- end }}
|
||||
nodeSelector:
|
||||
{{ .value.templateOverrides.nodeSelector | default .main.Values.agentk8sglue.basePodTemplate.nodeSelector | toYaml | nindent 2 }}
|
||||
tolerations:
|
||||
{{ .value.templateOverrides.tolerations | default .main.Values.agentk8sglue.basePodTemplate.tolerations | toYaml | nindent 2 }}
|
||||
affinity:
|
||||
{{ .value.templateOverrides.affinity | default .main.Values.agentk8sglue.basePodTemplate.affinity | toYaml | nindent 2 }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a task container template
|
||||
*/}}
|
||||
{{- define "taskContainer.podTemplate" -}}
|
||||
{{- range $key, $value := $.Values.enterpriseFeatures.queues }}
|
||||
{{ $key }}:
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
labels:
|
||||
{{ $value.templateOverrides.labels | default $.Values.agentk8sglue.basePodTemplate.labels | toYaml }}
|
||||
annotations:
|
||||
{{ $value.templateOverrides.annotations | default $.Values.agentk8sglue.basePodTemplate.annotations | toYaml }}
|
||||
spec:
|
||||
{{- $data := dict "main" $ "key" $key "value" $value -}}
|
||||
{{- include "taskContainer.containerTemplate" $data | nindent 4}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a task container template
|
||||
*/}}
|
||||
{{- define "taskContainer.jobTemplate" -}}
|
||||
{{- range $key, $value := $.Values.enterpriseFeatures.queues }}
|
||||
{{ $key }}:
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
labels:
|
||||
{{ $value.templateOverrides.labels | default $.Values.agentk8sglue.basePodTemplate.labels | toYaml }}
|
||||
annotations:
|
||||
{{ $value.templateOverrides.annotations | default $.Values.agentk8sglue.basePodTemplate.annotations | toYaml }}
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
{{- $data := dict "main" $ "key" $key "value" $value -}}
|
||||
{{- include "taskContainer.containerTemplate" $data | nindent 8 }}
|
||||
backoffLimit: 0
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -1,196 +1,22 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-pt
|
||||
name: {{ include "clearmlAgent.name" . }}-pt
|
||||
data:
|
||||
{{- if .Values.enterpriseFeatures.enabled }}
|
||||
template.yaml: |
|
||||
{{- range $key, $value := $.Values.enterpriseFeatures.queues }}
|
||||
{{ $key }}:
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
{{- if $value.templateOverrides.labels }}
|
||||
labels:
|
||||
{{- toYaml $value.templateOverrides.labels | nindent 10 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.labels }}
|
||||
labels:
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.labels | nindent 10 }}
|
||||
{{- end}}
|
||||
{{- if $value.templateOverrides.annotations }}
|
||||
annotations:
|
||||
{{- toYaml $value.templateOverrides.annotations | nindent 10 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.annotations }}
|
||||
annotations:
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.annotations | nindent 10 }}
|
||||
{{- end}}
|
||||
spec:
|
||||
{{- if $.Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
{{- if $.Values.imageCredentials.existingSecret }}
|
||||
- name: $.Values.imageCredentials.existingSecret
|
||||
{{- else }}
|
||||
- name: {{ include "clearml.name" $ }}-ark
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.schedulerName }}
|
||||
schedulerName: {{ $value.templateOverrides.schedulerName }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.schedulerName }}
|
||||
schedulerName: {{ $.Values.agentk8sglue.basePodTemplate.schedulerName }}
|
||||
{{- end}}
|
||||
restartPolicy: Never
|
||||
{{- if $value.templateOverrides.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml $value.templateOverrides.securityContext | nindent 10 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.securityContext | nindent 10 }}
|
||||
{{- end}}
|
||||
{{- if $value.templateOverrides.hostAliases }}
|
||||
{{- with $value.templateOverrides.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.hostAliases }}
|
||||
{{- with $.Values.agentk8sglue.basePodTemplate.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if $value.templateOverrides.volumes }}
|
||||
{{- toYaml $value.templateOverrides.volumes | nindent 10 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.volumes }}
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.volumes | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.fileMounts }}
|
||||
- name: filemounts
|
||||
secret:
|
||||
secretName: {{ include "clearml.name" $ }}-{{ $key }}-fm
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
- name: filemounts
|
||||
secret:
|
||||
secretName: {{ include "clearml.name" $ }}-fm
|
||||
{{- end }}
|
||||
{{- if not $.Values.enterpriseFeatures.serviceAccountClusterAccess }}
|
||||
serviceAccountName: {{ include "clearml.serviceAccountName" $ }}
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.initContainers }}
|
||||
initContainers:
|
||||
{{- toYaml $value.templateOverrides.initContainers | nindent 10 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.initContainers }}
|
||||
initContainers:
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.initContainers | nindent 10 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- resources:
|
||||
{{- if $value.templateOverrides.resources }}
|
||||
{{- toYaml $value.templateOverrides.resources | nindent 12 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.resources }}
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.resources | nindent 12 }}
|
||||
{{- end}}
|
||||
ports:
|
||||
- containerPort: 10022
|
||||
volumeMounts:
|
||||
{{- if $value.templateOverrides.volumeMounts }}
|
||||
{{- toYaml $value.templateOverrides.volumeMounts | nindent 12 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.volumeMounts }}
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.volumeMounts | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.fileMounts }}
|
||||
{{- range $value.templateOverrides.fileMounts }}
|
||||
- name: filemounts
|
||||
mountPath: "{{ .folderPath }}/{{ .name }}"
|
||||
subPath: "{{ .name }}"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
{{- range $.Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
- name: filemounts
|
||||
mountPath: "{{ .folderPath }}/{{ .name }}"
|
||||
subPath: "{{ .name }}"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: CLEARML_API_HOST
|
||||
value: {{ $.Values.agentk8sglue.apiServerUrlReference }}
|
||||
- name: CLEARML_WEB_HOST
|
||||
value: {{ $.Values.agentk8sglue.webServerUrlReference }}
|
||||
- name: CLEARML_FILES_HOST
|
||||
value: {{ $.Values.agentk8sglue.fileServerUrlReference }}
|
||||
{{- if not $.Values.enterpriseFeatures.useOwnerToken }}
|
||||
- name: CLEARML_API_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if $.Values.clearml.existingAgentk8sglueSecret }}
|
||||
name: {{ $.Values.clearml.existingAgentk8sglueSecret }}
|
||||
{{- else }}
|
||||
name: {{ include "clearml.name" $ }}-ac
|
||||
{{- end }}
|
||||
key: agentk8sglue_key
|
||||
- name: CLEARML_API_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if $.Values.clearml.existingAgentk8sglueSecret }}
|
||||
name: {{ $.Values.clearml.existingAgentk8sglueSecret }}
|
||||
{{- else }}
|
||||
name: {{ include "clearml.name" $ }}-ac
|
||||
{{- end }}
|
||||
key: agentk8sglue_secret
|
||||
{{- end }}
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "x"
|
||||
{{- if not $.Values.agentk8sglue.clearmlcheckCertificate }}
|
||||
- name: CLEARML_API_HOST_VERIFY_CERT
|
||||
value: "false"
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.env }}
|
||||
{{- toYaml $value.templateOverrides.env | nindent 12 }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.env }}
|
||||
{{- toYaml $.Values.agentk8sglue.basePodTemplate.env | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.nodeSelector }}
|
||||
{{- with $value.templateOverrides.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.nodeSelector }}
|
||||
{{- with $.Values.agentk8sglue.basePodTemplate.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.tolerations }}
|
||||
{{- with $value.templateOverrides.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.tolerations }}
|
||||
{{- with $.Values.agentk8sglue.basePodTemplate.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if $value.templateOverrides.affinity }}
|
||||
{{- with $value.templateOverrides.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.affinity }}
|
||||
{{- with $.Values.agentk8sglue.basePodTemplate.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.agentk8sglue.taskAsJob }}
|
||||
{{ include "taskContainer.jobTemplate" . | nindent 4}}
|
||||
{{- else }}
|
||||
{{ include "taskContainer.podTemplate" . | nindent 4}}
|
||||
{{- end }}
|
||||
secrets.yaml: |
|
||||
{{- range $key, $value := $.Values.enterpriseFeatures.queues }}
|
||||
{{ $key }}:
|
||||
{{- if $value.templateOverrides.fileMounts }}
|
||||
- {{ include "clearml.name" $ }}-{{ $key }}-fm
|
||||
- {{ include "clearmlAgent.name" $ }}-{{ $key }}-fm
|
||||
{{- else if $.Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
- {{ include "clearml.name" $ }}-fm
|
||||
- {{ include "clearmlAgent.name" $ }}-fm
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
@@ -206,16 +32,17 @@ data:
|
||||
{{- if .Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
{{- if .Values.imageCredentials.existingSecret }}
|
||||
- name: {{.Values.imageCredentials.existingSecret}}
|
||||
- name: {{ .Values.imageCredentials.existingSecret }}
|
||||
{{- else }}
|
||||
- name: name: {{ include "clearml.name" $ }}-ark
|
||||
- name: name: {{ include "clearmlAgent.name" $ }}-ark
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.agentk8sglue.basePodTemplate.volumes }}
|
||||
volumes:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "clearml.serviceAccountName" $ }}
|
||||
serviceAccountName: {{ include "clearmlAgent.serviceAccountName" $ }}
|
||||
priorityClassName: {{ .Values.agentk8sglue.basePodTemplate.priorityClassName }}
|
||||
containers:
|
||||
- resources:
|
||||
{{- toYaml .Values.agentk8sglue.basePodTemplate.resources | nindent 10 }}
|
||||
@@ -238,7 +65,7 @@ data:
|
||||
{{- if .Values.clearml.existingAgentk8sglueSecret }}
|
||||
name: {{ .Values.clearml.existingAgentk8sglueSecret }}
|
||||
{{- else }}
|
||||
name: {{ include "clearml.name" . }}-ac
|
||||
name: {{ include "clearmlAgent.name" . }}-ac
|
||||
{{- end }}
|
||||
key: agentk8sglue_key
|
||||
- name: CLEARML_API_SECRET_KEY
|
||||
@@ -247,7 +74,7 @@ data:
|
||||
{{- if .Values.clearml.existingAgentk8sglueSecret }}
|
||||
name: {{ .Values.clearml.existingAgentk8sglueSecret }}
|
||||
{{- else }}
|
||||
name: {{ include "clearml.name" . }}-ac
|
||||
name: {{ include "clearmlAgent.name" . }}-ac
|
||||
{{- end }}
|
||||
key: agentk8sglue_secret
|
||||
{{- if .Values.agentk8sglue.basePodTemplate.env }}
|
||||
@@ -274,7 +101,7 @@ data:
|
||||
metadata:
|
||||
name: clearml-session-{{ . }}
|
||||
labels:
|
||||
{{- include "clearml.labels" $ | nindent 8 }}
|
||||
{{- include "clearmlAgent.labels" $ | nindent 8 }}
|
||||
{{- with $.Values.sessions.svcAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}
|
||||
name: {{ include "clearmlAgent.name" . }}
|
||||
labels:
|
||||
{{- include "clearml.labels" . | nindent 4 }}
|
||||
{{- include "clearmlAgent.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
{{- include "clearml.annotations" . | nindent 4 }}
|
||||
{{- include "clearmlAgent.annotations" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.agentk8sglue.replicaCount }}
|
||||
selector:
|
||||
@@ -14,20 +14,20 @@ spec:
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
checksum/config: {{ printf "%s%s" .Values.clearml .Values.agentk8sglue | sha256sum }}
|
||||
{{- include "clearml.annotations" . | nindent 8 }}
|
||||
checksum/config: {{ printf "%s" .Values | sha256sum }}
|
||||
{{- include "clearmlAgent.annotations" . | nindent 8 }}
|
||||
labels:
|
||||
{{- include "clearml.labels" . | nindent 8 }}
|
||||
{{- include "clearmlAgent.labels" . | nindent 8 }}
|
||||
spec:
|
||||
{{- if .Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
{{- if .Values.imageCredentials.existingSecret }}
|
||||
- name: .Values.imageCredentials.existingSecret
|
||||
- name: {{ .Values.imageCredentials.existingSecret }}
|
||||
{{- else }}
|
||||
- name: {{ include "clearml.name" . }}-ark
|
||||
- name: {{ include "clearmlAgent.name" . }}-ark
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "clearml.serviceAccountName" . }}
|
||||
serviceAccountName: {{ include "clearmlAgent.serviceAccountName" . }}
|
||||
securityContext: {{ toYaml .Values.agentk8sglue.securityContext | nindent 8 }}
|
||||
initContainers:
|
||||
- name: init-k8s-glue
|
||||
@@ -68,7 +68,7 @@ spec:
|
||||
export PATH=$PATH:$HOME/bin;
|
||||
source /root/.bashrc && /root/entrypoint.sh
|
||||
volumeMounts:
|
||||
- name: {{ include "clearml.name" . }}-pt
|
||||
- name: {{ include "clearmlAgent.name" . }}-pt
|
||||
mountPath: /root/template
|
||||
{{ if .Values.clearml.clearmlConfig }}
|
||||
- name: k8sagent-clearml-conf-volume
|
||||
@@ -113,6 +113,10 @@ spec:
|
||||
value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml \
|
||||
--max-pods {{.Values.enterpriseFeatures.maxPods}}{{ if .Values.enterpriseFeatures.enabled }}{{ if .Values.enterpriseFeatures.useOwnerToken }} --use-owner-token{{ end }}{{ end }}"
|
||||
{{- end }}
|
||||
{{- if .Values.clearml.clearmlConfig }}
|
||||
- name: CLEARML_CONFIG_FILE
|
||||
value: /root/clearml.conf
|
||||
{{- end }}
|
||||
- name: CLEARML_K8S_GLUE_LIMIT_POD_LABEL
|
||||
value: "ai.allegro.agent.serial=pod-{pod_number}"
|
||||
- name: CLEARML_K8S_SECRETS_LIST_FILE
|
||||
@@ -122,15 +126,15 @@ spec:
|
||||
- name: CLEARML_API_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "clearml.name" . }}-ac
|
||||
name: {{ include "clearmlAgent.name" . }}-ac
|
||||
key: agentk8sglue_key
|
||||
- name: CLEARML_API_SECRET_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "clearml.name" . }}-ac
|
||||
name: {{ include "clearmlAgent.name" . }}-ac
|
||||
key: agentk8sglue_secret
|
||||
- name: CLEARML_WORKER_ID
|
||||
value: {{ include "clearml.name" . }}
|
||||
value: {{ include "clearmlAgent.name" . }}
|
||||
- name: CLEARML_AGENT_UPDATE_REPO
|
||||
value: ""
|
||||
- name: FORCE_CLEARML_AGENT_REPO
|
||||
@@ -158,17 +162,26 @@ spec:
|
||||
value: "interactive"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.agentk8sglue.taskAsJob }}
|
||||
- name: "CLEARML_K8S_GLUE_KIND"
|
||||
value: "job"
|
||||
{{- else }}
|
||||
- name: "CLEARML_K8S_GLUE_KIND"
|
||||
value: "pod"
|
||||
{{- end }}
|
||||
{{- if .Values.enterpriseFeatures.enabled }}
|
||||
- name: K8S_GLUE_QUEUE
|
||||
value: {{ include "agentk8sglue.queues" . | quote }}
|
||||
- name: CLEARML_K8S_GLUE_CREATE_QUEUE
|
||||
value: {{ include "agentk8sglue.createQueues" . | quote }}
|
||||
- name: CLEARML_K8S_GLUE_APPLY_VAULT_ENV_VARS
|
||||
value: {{ .Values.enterpriseFeatures.applyVaultEnvVars | quote }}
|
||||
- name: "CLEARML_K8S_GLUE_POD_MIN_RES_FIELD"
|
||||
value: {{.Values.enterpriseFeatures.monitoredResources.minResourcesFieldName}}
|
||||
value: {{ .Values.enterpriseFeatures.monitoredResources.minResourcesFieldName }}
|
||||
- name: "CLEARML_K8S_GLUE_MAX_RESOURCES"
|
||||
value: "{{.Values.enterpriseFeatures.monitoredResources.maxResources}}"
|
||||
- name: "CLEARML_K8S_GLUE_POD_MAX_RES_FIELD"
|
||||
value: {{.Values.enterpriseFeatures.monitoredResources.maxResourcesFieldName}}
|
||||
value: {{ .Values.enterpriseFeatures.monitoredResources.maxResourcesFieldName }}
|
||||
{{- else }}
|
||||
- name: K8S_GLUE_QUEUE
|
||||
value: {{ .Values.agentk8sglue.queue }}
|
||||
@@ -186,13 +199,13 @@ spec:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: {{ include "clearml.name" . }}-pt
|
||||
- name: {{ include "clearmlAgent.name" . }}-pt
|
||||
configMap:
|
||||
name: {{ include "clearml.name" . }}-pt
|
||||
name: {{ include "clearmlAgent.name" . }}-pt
|
||||
{{ if .Values.clearml.clearmlConfig }}
|
||||
- name: k8sagent-clearml-conf-volume
|
||||
secret:
|
||||
secretName: {{ include "clearml.name" . }}-ac
|
||||
secretName: {{ include "clearmlAgent.name" . }}-ac
|
||||
items:
|
||||
- key: clearml.conf
|
||||
path: clearml.conf
|
||||
@@ -203,5 +216,5 @@ spec:
|
||||
{{ if .Values.agentk8sglue.fileMounts }}
|
||||
- name: filemounts
|
||||
secret:
|
||||
secretName: {{ include "clearml.name" . }}-afm
|
||||
secretName: {{ include "clearmlAgent.name" . }}-afm
|
||||
{{- end }}
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "clearml.serviceAccountName" . }}
|
||||
name: {{ include "clearmlAgent.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
||||
{{- if .Values.enterpriseFeatures.serviceAccountClusterAccess }}
|
||||
@@ -10,7 +10,7 @@ metadata:
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-kpa
|
||||
name: {{ include "clearmlAgent.name" . }}-kpa
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
@@ -24,25 +24,33 @@ rules:
|
||||
resources:
|
||||
- namespaces
|
||||
verbs: ["list"]
|
||||
{{- if .Values.agentk8sglue.taskAsJob }}
|
||||
- apiGroups:
|
||||
- batch
|
||||
- extensions
|
||||
resources:
|
||||
- jobs
|
||||
verbs: ["get", "list", "watch", "create", "patch", "delete"]
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-kpa
|
||||
name: {{ include "clearmlAgent.name" . }}-kpa
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "clearml.serviceAccountName" . }}
|
||||
name: {{ include "clearmlAgent.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ include "clearml.name" . }}-kpa
|
||||
name: {{ include "clearmlAgent.name" . }}-kpa
|
||||
{{- else }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-kpa
|
||||
name: {{ include "clearmlAgent.name" . }}-kpa
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
@@ -56,17 +64,55 @@ rules:
|
||||
resources:
|
||||
- namespaces
|
||||
verbs: ["list"]
|
||||
{{- if .Values.agentk8sglue.taskAsJob }}
|
||||
- apiGroups:
|
||||
- batch
|
||||
- extensions
|
||||
resources:
|
||||
- jobs
|
||||
verbs: ["get", "list", "watch", "create", "patch", "delete"]
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-kpa
|
||||
name: {{ include "clearmlAgent.name" . }}-kpa
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "clearml.serviceAccountName" . }}
|
||||
name: {{ include "clearmlAgent.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ include "clearml.name" . }}-kpa
|
||||
name: {{ include "clearmlAgent.name" . }}-kpa
|
||||
{{- end }}
|
||||
{{- range .Values.agentk8sglue.additionalClusterRoleBindings }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ include "clearmlAgent.name" $ }}-kpa-{{ . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "clearmlAgent.serviceAccountName" $ }}
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ . }}
|
||||
{{- end }}
|
||||
{{- range .Values.agentk8sglue.additionalRoleBindings }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ include "clearmlAgent.name" $ }}-kpa-{{ . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "clearmlAgent.serviceAccountName" $ }}
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ . }}
|
||||
{{- end }}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-ac
|
||||
name: {{ include "clearmlAgent.name" . }}-ac
|
||||
data:
|
||||
agentk8sglue_key: {{ .Values.clearml.agentk8sglueKey | b64enc }}
|
||||
agentk8sglue_secret: {{ .Values.clearml.agentk8sglueSecret | b64enc }}
|
||||
@@ -12,7 +12,7 @@ data:
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-ark
|
||||
name: {{ include "clearmlAgent.name" . }}-ark
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
.dockerconfigjson: {{ template "imagePullSecret" . }}
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-afm
|
||||
name: {{ include "clearmlAgent.name" . }}-afm
|
||||
data:
|
||||
{{- range .Values.agentk8sglue.fileMounts }}
|
||||
{{ .name }}: {{ .fileContent | b64enc }}
|
||||
@@ -14,7 +14,7 @@ data:
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-fm
|
||||
name: {{ include "clearmlAgent.name" . }}-fm
|
||||
data:
|
||||
{{- range .Values.agentk8sglue.basePodTemplate.fileMounts }}
|
||||
{{ .name }}: {{ .fileContent | b64enc }}
|
||||
@@ -26,7 +26,7 @@ data:
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "clearml.name" $ }}-{{ $key }}-fm
|
||||
name: {{ include "clearmlAgent.name" $ }}-{{ $key }}-fm
|
||||
data:
|
||||
{{- range .templateOverrides.fileMounts }}
|
||||
{{ .name }}: {{ .fileContent | b64enc }}
|
||||
|
||||
@@ -7,7 +7,7 @@ kind: Service
|
||||
metadata:
|
||||
name: clearml-session-{{ . }}
|
||||
labels:
|
||||
{{- include "clearml.labels" $ | nindent 4 }}
|
||||
{{- include "clearmlAgent.labels" $ | nindent 4 }}
|
||||
{{- with $.Values.sessions.svcAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
|
||||
@@ -61,6 +61,8 @@ agentk8sglue:
|
||||
defaultContainerImage: ubuntu:18.04
|
||||
# -- ClearML queue this agent will consume
|
||||
queue: default
|
||||
# -- ClearML spawn tasks as jobs instead of pods
|
||||
taskAsJob: false
|
||||
# -- Custom Bash script for the Glue Agent
|
||||
# -- labels setup for Agent pod (example in values.yaml comments)
|
||||
labels: {}
|
||||
@@ -79,6 +81,12 @@ agentk8sglue:
|
||||
securityContext: {}
|
||||
# runAsUser: 1001
|
||||
# fsGroup: 1001
|
||||
# -- additional existing ClusterRoleBindings
|
||||
additionalClusterRoleBindings: []
|
||||
# - privileged
|
||||
# -- additional existing RoleBindings
|
||||
additionalRoleBindings: []
|
||||
# - privileged
|
||||
# -- nodeSelector setup for Agent pod (example in values.yaml comments)
|
||||
nodeSelector: {}
|
||||
# fleet: agent-nodes
|
||||
@@ -161,11 +169,13 @@ agentk8sglue:
|
||||
# - name: CURL_CA_BUNDLE
|
||||
# value: ""
|
||||
# - name: PYTHONWARNINGS
|
||||
# value: "=\"ignore:Unverified HTTPS request\""
|
||||
# value: "ignore:Unverified HTTPS request"
|
||||
# -- resources declaration for pods spawned to consume ClearML Task (example in values.yaml comments)
|
||||
resources: {}
|
||||
# limits:
|
||||
# nvidia.com/gpu: 1
|
||||
# -- priorityClassName setup for pods spawned to consume ClearML Task
|
||||
priorityClassName: ""
|
||||
# -- nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments)
|
||||
nodeSelector: {}
|
||||
# fleet: gpu-nodes
|
||||
@@ -181,7 +191,7 @@ agentk8sglue:
|
||||
# runAsUser: 1001
|
||||
# fsGroup: 1001
|
||||
# -- hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments)
|
||||
hostAliases: {}
|
||||
hostAliases: []
|
||||
# - ip: "127.0.0.1"
|
||||
# hostnames:
|
||||
# - "foo.local"
|
||||
@@ -211,7 +221,7 @@ enterpriseFeatures:
|
||||
# -- Enable/Disable Enterprise features
|
||||
enabled: false
|
||||
# -- Image tag override for enterprise version
|
||||
agentImageTagOverride: "1.24-57"
|
||||
agentImageTagOverride: "1.24-58"
|
||||
# -- service account access every namespace flag
|
||||
serviceAccountClusterAccess: false
|
||||
# -- push env vars from Clear.ML Vault to task pods
|
||||
@@ -228,6 +238,8 @@ enterpriseFeatures:
|
||||
maxPods: 10
|
||||
# -- Agent must use owner Token
|
||||
useOwnerToken: true
|
||||
# -- Create queues if they don't exist
|
||||
createQueues: false
|
||||
# -- ClearML queues and related template OVERRIDES used this agent will consume
|
||||
queues:
|
||||
# -- name of the queue will be used for this template
|
||||
|
||||
@@ -2,7 +2,7 @@ apiVersion: v2
|
||||
name: clearml
|
||||
description: MLOps platform
|
||||
type: application
|
||||
version: "5.5.2"
|
||||
version: "5.8.2"
|
||||
appVersion: "1.9.2"
|
||||
kubeVersion: ">= 1.21.0-0 < 1.27.0-0"
|
||||
home: https://clear.ml
|
||||
@@ -33,4 +33,4 @@ dependencies:
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- kind: fixed
|
||||
description: typo in apiserver deployment on existingSecret
|
||||
description: app agent base image parameter
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# ClearML Ecosystem for Kubernetes
|
||||
|
||||
  
|
||||
  
|
||||
|
||||
MLOps platform
|
||||
|
||||
@@ -189,21 +189,22 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
|
||||
| clearml.testUserKey | string | `"ENP39EQM4SLACGD5FXB7"` | Test Server basic auth key |
|
||||
| clearml.testUserSecret | string | `"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"` | Test File Server basic auth secret |
|
||||
| elasticsearch | object | `{"clusterHealthCheckParams":"wait_for_status=yellow&timeout=1s","clusterName":"clearml-elastic","enabled":true,"esConfig":{"elasticsearch.yml":"xpack.security.enabled: false\n"},"esJavaOpts":"-Xmx2g -Xms2g","extraEnvs":[{"name":"bootstrap.memory_lock","value":"false"},{"name":"cluster.routing.allocation.node_initial_primaries_recoveries","value":"500"},{"name":"cluster.routing.allocation.disk.watermark.low","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.high","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.flood_stage","value":"500mb"},{"name":"http.compression_level","value":"7"},{"name":"reindex.remote.whitelist","value":"*.*"},{"name":"xpack.monitoring.enabled","value":"false"},{"name":"xpack.security.enabled","value":"false"}],"httpPort":9200,"minimumMasterNodes":1,"persistence":{"enabled":true},"replicas":1,"resources":{"limits":{"cpu":"2000m","memory":"4Gi"},"requests":{"cpu":"100m","memory":"2Gi"}},"roles":{"data":"true","ingest":"true","master":"true","remote_cluster_client":"true"},"volumeClaimTemplate":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"50Gi"}},"storageClassName":null}}` | Configuration from https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/values.yaml |
|
||||
| enterpriseFeatures | object | `{"airGappedDocumentation":{"enabled":false,"image":{"repository":"","tag":"4"}},"apiserverImageTagOverride":"3.15.3-909","clearmlApplications":{"affinity":{},"agentKey":"GK4PRTVT3706T25K6BA1","agentSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","basePodImage":{"repository":"","tag":"app-1.1.1-47"},"enabled":true,"extraEnvs":[],"gitAgentPass":"git_password","gitAgentUser":"git_user","image":{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-57"},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"tolerations":[]},"defaultCompanyGuid":"d1bd92a3b039400cbafc60a7a5b1e52b","enabled":false,"extraIndexUrl":"","fileserverImageTagOverride":"3.15.3-909","overrideReferenceApiUrl":"","overrideReferenceFileUrl":"","webserverImageTagOverride":"3.15.3-801"}` | Enterprise features (work only with an Enterprise license) |
|
||||
| enterpriseFeatures | object | `{"airGappedDocumentation":{"enabled":false,"image":{"repository":"","tag":"4"}},"apiserverImageTagOverride":"3.15.3-909","clearmlApplications":{"affinity":{},"agentKey":"GK4PRTVT3706T25K6BA1","agentSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","basePodImage":{"repository":"","tag":"app-1.1.1-47"},"enabled":true,"extraEnvs":[],"fileMounts":[],"gitAgentPass":"git_password","gitAgentUser":"git_user","image":{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-58"},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"tolerations":[]},"defaultCompanyGuid":"d1bd92a3b039400cbafc60a7a5b1e52b","enabled":false,"extraIndexUrl":"","fileserverImageTagOverride":"3.15.3-909","overrideReferenceApiUrl":"","overrideReferenceFileUrl":"","webserverImageTagOverride":"3.15.3-801"}` | Enterprise features (work only with an Enterprise license) |
|
||||
| enterpriseFeatures.airGappedDocumentation | object | `{"enabled":false,"image":{"repository":"","tag":"4"}}` | Air gapped documentation configurations |
|
||||
| enterpriseFeatures.airGappedDocumentation.enabled | bool | `false` | Enable/Disable air gapped documentation deployment |
|
||||
| enterpriseFeatures.airGappedDocumentation.image | object | `{"repository":"","tag":"4"}` | Air gapped documentation image configuration |
|
||||
| enterpriseFeatures.apiserverImageTagOverride | string | `"3.15.3-909"` | Image tag override for apiserver enterprise version |
|
||||
| enterpriseFeatures.clearmlApplications | object | `{"affinity":{},"agentKey":"GK4PRTVT3706T25K6BA1","agentSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","basePodImage":{"repository":"","tag":"app-1.1.1-47"},"enabled":true,"extraEnvs":[],"gitAgentPass":"git_password","gitAgentUser":"git_user","image":{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-57"},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"tolerations":[]}` | APPS configurations |
|
||||
| enterpriseFeatures.clearmlApplications | object | `{"affinity":{},"agentKey":"GK4PRTVT3706T25K6BA1","agentSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","basePodImage":{"repository":"","tag":"app-1.1.1-47"},"enabled":true,"extraEnvs":[],"fileMounts":[],"gitAgentPass":"git_password","gitAgentUser":"git_user","image":{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-58"},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"tolerations":[]}` | APPS configurations |
|
||||
| enterpriseFeatures.clearmlApplications.affinity | object | `{}` | APPS affinity setup |
|
||||
| enterpriseFeatures.clearmlApplications.agentKey | string | `"GK4PRTVT3706T25K6BA1"` | Apps Server basic auth key |
|
||||
| enterpriseFeatures.clearmlApplications.agentSecret | string | `"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2"` | Apps Server basic auth secret |
|
||||
| enterpriseFeatures.clearmlApplications.basePodImage | object | `{"repository":"","tag":"app-1.1.1-47"}` | APPS base spawning pods image |
|
||||
| enterpriseFeatures.clearmlApplications.enabled | bool | `true` | Enable/Disable component deployment |
|
||||
| enterpriseFeatures.clearmlApplications.extraEnvs | list | `[]` | APPS extra envrinoment variables |
|
||||
| enterpriseFeatures.clearmlApplications.fileMounts | list | `[]` | file definition |
|
||||
| enterpriseFeatures.clearmlApplications.gitAgentPass | string | `"git_password"` | Apps Server Git password |
|
||||
| enterpriseFeatures.clearmlApplications.gitAgentUser | string | `"git_user"` | Apps Server Git user |
|
||||
| enterpriseFeatures.clearmlApplications.image | object | `{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-57"}` | APPS image configuration |
|
||||
| enterpriseFeatures.clearmlApplications.image | object | `{"pullPolicy":"IfNotPresent","repository":"","tag":"1.24-58"}` | APPS image configuration |
|
||||
| enterpriseFeatures.clearmlApplications.nodeSelector | object | `{}` | APPS nodeselector |
|
||||
| enterpriseFeatures.clearmlApplications.podAnnotations | object | `{}` | specific annotation for APPS pods |
|
||||
| enterpriseFeatures.clearmlApplications.replicaCount | int | `1` | APPS number of pods |
|
||||
@@ -216,14 +217,13 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
|
||||
| enterpriseFeatures.overrideReferenceApiUrl | string | `""` | set this value AND overrideReferenceFileUrl if external endpoint exposure is in place (like a LoadBalancer) example: "https://api.clearml.local" |
|
||||
| enterpriseFeatures.overrideReferenceFileUrl | string | `""` | set this value AND overrideReferenceAPIUrl if external endpoint exposure is in place (like a LoadBalancer) example: "https://files.clearml.local" |
|
||||
| enterpriseFeatures.webserverImageTagOverride | string | `"3.15.3-801"` | Image tag override for webserver enterprise version |
|
||||
| externalServices | object | `{"elasticsearchHost":"","elasticsearchPort":9200,"mongodbConnectionStringAuth":"","mongodbConnectionStringBackend":"","redisHost":"","redisPort":6379}` | Definition of external services to use if not enabled as dependency charts here |
|
||||
| externalServices.elasticsearchHost | string | `""` | Existing ElasticSearch Hostname to use if elasticsearch.enabled is false |
|
||||
| externalServices.elasticsearchPort | int | `9200` | Existing ElasticSearch Port to use if elasticsearch.enabled is false |
|
||||
| externalServices | object | `{"elasticsearchConnectionString":"","mongodbConnectionStringAuth":"","mongodbConnectionStringBackend":"","redisHost":"","redisPort":6379}` | Definition of external services to use if not enabled as dependency charts here |
|
||||
| externalServices.elasticsearchConnectionString | string | `""` | Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml) |
|
||||
| externalServices.mongodbConnectionStringAuth | string | `""` | Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false |
|
||||
| externalServices.mongodbConnectionStringBackend | string | `""` | Existing MongoDB connection string for AUTH to use if mongodb.enabled is false |
|
||||
| externalServices.redisHost | string | `""` | Existing Redis Hostname to use if redis.enabled is false |
|
||||
| externalServices.redisPort | int | `6379` | Existing Redis Port to use if redis.enabled is false |
|
||||
| fileserver | object | `{"affinity":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"},"ingress":{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"securityContext":{},"service":{"nodePort":30081,"port":8081,"type":"NodePort"},"storage":{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"}},"tolerations":[]}` | File Server configurations |
|
||||
| fileserver | object | `{"affinity":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","repository":"allegroai/clearml","tag":"1.9.2-317"},"ingress":{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"podAnnotations":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"securityContext":{},"service":{"nodePort":30081,"port":8081,"type":"NodePort"},"storage":{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"},"enabled":true},"tolerations":[]}` | File Server configurations |
|
||||
| fileserver.affinity | object | `{}` | File Server affinity setup |
|
||||
| fileserver.enabled | bool | `true` | Enable/Disable component deployment |
|
||||
| fileserver.extraEnvs | list | `[]` | File Server extra envrinoment variables |
|
||||
@@ -242,10 +242,11 @@ Kubernetes: `>= 1.21.0-0 < 1.27.0-0`
|
||||
| fileserver.securityContext | object | `{}` | File Server pod security context |
|
||||
| fileserver.service | object | `{"nodePort":30081,"port":8081,"type":"NodePort"}` | File Server internal service configuration |
|
||||
| fileserver.service.nodePort | int | `30081` | If service.type set to NodePort, this will be set to service's nodePort field. If service.type is set to others, this field will be ignored |
|
||||
| fileserver.storage | object | `{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"}}` | File server persistence settings |
|
||||
| fileserver.storage | object | `{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"},"enabled":true}` | File server persistence settings |
|
||||
| fileserver.storage.data.accessMode | string | `"ReadWriteOnce"` | Access mode (must be ReadWriteMany if fileserver replica > 1) |
|
||||
| fileserver.storage.data.class | string | `""` | Storage class (use default if empty) |
|
||||
| fileserver.storage.data.existingPVC | string | `""` | If set, it uses an already existing PVC instead of dynamic provisioning |
|
||||
| fileserver.storage.enabled | bool | `true` | If set to false no PVC is created and emptyDir is used |
|
||||
| fileserver.tolerations | list | `[]` | File Server tolerations setup |
|
||||
| imageCredentials | object | `{"email":"someone@host.com","enabled":false,"existingSecret":"","password":"pwd","registry":"docker.io","username":"someone"}` | Container registry configuration |
|
||||
| imageCredentials.email | string | `"someone@host.com"` | Email |
|
||||
|
||||
@@ -141,21 +141,24 @@ Create readiness probe auth token
|
||||
Elasticsearch Service name
|
||||
*/}}
|
||||
{{- define "elasticsearch.servicename" -}}
|
||||
{{- if .Values.elasticsearch.enabled }}
|
||||
{{- .Values.elasticsearch.clusterName }}-master
|
||||
{{- else }}
|
||||
{{- .Values.externalServices.elasticsearchHost }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Elasticsearch Service port
|
||||
*/}}
|
||||
{{- define "elasticsearch.serviceport" -}}
|
||||
{{- if .Values.elasticsearch.enabled }}
|
||||
{{- .Values.elasticsearch.httpPort }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Elasticsearch Comnnection string
|
||||
*/}}
|
||||
{{- define "elasticsearch.connectionstring" -}}
|
||||
{{- if .Values.elasticsearch.enabled }}
|
||||
{{- printf "[{\"host\":\"%s\",\"port\":%s}]" (include "elasticsearch.servicename" .) (include "elasticsearch.serviceport" .) | quote }}
|
||||
{{- else }}
|
||||
{{- .Values.externalServices.elasticsearchPort }}
|
||||
{{- .Values.externalServices.elasticsearchConnectionString | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -174,6 +177,17 @@ MongoDB Comnnection string
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
MongoDB hotname
|
||||
*/}}
|
||||
{{- define "mongodb.hostname" -}}
|
||||
{{- if eq .Values.mongodb.architecture "standalone" }}
|
||||
{{- printf "%s" "mongodb" }}
|
||||
{{- else }}
|
||||
{{- printf "%s" "mongodb-headless" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Redis Service name
|
||||
*/}}
|
||||
|
||||
@@ -61,7 +61,7 @@ spec:
|
||||
done ;
|
||||
{{- end }}
|
||||
{{- if .Values.mongodb.enabled }}
|
||||
while [ $(curl --telnet-option BOGUS --connect-timeout 2 -s "telnet://{{ .Release.Name }}-mongodb:27017" -o /dev/null; echo $?) -ne 49 ] ; do
|
||||
while [ $(curl --telnet-option BOGUS --connect-timeout 2 -s "telnet://{{ .Release.Name }}-{{ include "mongodb.hostname" . }}:27017" -o /dev/null; echo $?) -ne 49 ] ; do
|
||||
echo "waiting for mongodb" ;
|
||||
sleep 5 ;
|
||||
done ;
|
||||
@@ -85,10 +85,14 @@ spec:
|
||||
containerPort: 8008
|
||||
protocol: TCP
|
||||
env:
|
||||
- name: CLEARML_ELASTIC_SERVICE_HOST
|
||||
value: {{ include "elasticsearch.servicename" . }}
|
||||
- name: CLEARML_ELASTIC_SERVICE_PORT
|
||||
value: "{{ include "elasticsearch.serviceport" . }}"
|
||||
- name: CLEARML__HOSTS__ELASTIC__WORKERS__HOSTS
|
||||
value: {{ include "elasticsearch.connectionstring" . }}
|
||||
- name: CLEARML__HOSTS__ELASTIC__EVENTS__HOSTS
|
||||
value: {{ include "elasticsearch.connectionstring" . }}
|
||||
- name: CLEARML__HOSTS__ELASTIC__DATASETS__HOSTS
|
||||
value: {{ include "elasticsearch.connectionstring" . }}
|
||||
- name: CLEARML__HOSTS__ELASTIC__LOGS__HOSTS
|
||||
value: {{ include "elasticsearch.connectionstring" . }}
|
||||
{{- if .Values.mongodb.enabled }}
|
||||
- name: CLEARML_MONGODB_SERVICE_CONNECTION_STRING
|
||||
value: {{ include "mongodb.connectionstring" . | quote }}
|
||||
@@ -106,9 +110,9 @@ spec:
|
||||
value: /opt/clearml/config
|
||||
- name: CLEARML__apiserver__default_company_name
|
||||
value: "{{ .Values.clearml.defaultCompany }}"
|
||||
{{- if not (eq .Values.clearml.cookieDomain "") }}
|
||||
- name: CLEARML__APISERVER__AUTH__SESSION_AUTH_COOKIE_NAME
|
||||
value: {{ .Values.clearml.cookieName }}
|
||||
{{- if .Values.clearml.cookieDomain }}
|
||||
- name: CLEARML__APISERVER__AUTH__COOKIES__DOMAIN
|
||||
value: ".{{ .Values.clearml.cookieDomain }}"
|
||||
{{- end }}
|
||||
@@ -138,8 +142,6 @@ spec:
|
||||
value: "{{ .Values.enterpriseFeatures.defaultCompanyGuid }}"
|
||||
- name: APPLY_ES_MAPPINGS
|
||||
value: "false"
|
||||
- name: CLEARML__HOSTS__ELASTIC__LOGS__HOSTS
|
||||
value: "[\"http://{{ include "elasticsearch.servicename" . }}:{{ include "elasticsearch.serviceport" . }}\"]"
|
||||
- name: NUMBER_OF_GUNICORN_WORKERS
|
||||
value: "{{ .Values.apiserver.processes.count }}"
|
||||
- name: GUNICORN_TIMEOUT
|
||||
|
||||
@@ -12,17 +12,29 @@ data:
|
||||
{{- if $.Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
{{- if $.Values.imageCredentials.existingSecret }}
|
||||
- name: $.Values.imageCredentials.existingSecret
|
||||
- name: {{ $.Values.imageCredentials.existingSecret }}
|
||||
{{- else }}
|
||||
- name: clearml-registry-key
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: "clearml-apps-sa"
|
||||
volumes:
|
||||
{{- if .Values.enterpriseFeatures.clearmlApplications.fileMounts }}
|
||||
- name: filemounts
|
||||
secret:
|
||||
secretName: {{ include "clearml.name" . }}-apps-fm
|
||||
{{- end }}
|
||||
containers:
|
||||
- resources:
|
||||
ports:
|
||||
- containerPort: 10022
|
||||
volumeMounts:
|
||||
{{- range .Values.enterpriseFeatures.clearmlApplications.fileMounts }}
|
||||
- name: filemounts
|
||||
mountPath: "{{ .folderPath }}/{{ .name }}"
|
||||
subPath: "{{ .name }}"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
env:
|
||||
- name: CLEARML_API_HOST
|
||||
value: "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}"
|
||||
@@ -30,3 +42,6 @@ data:
|
||||
value: "http://{{ include "fileserver.referenceName" . }}:{{ .Values.fileserver.service.port }}"
|
||||
- name: CLEARML_WEB_HOST
|
||||
value: "http://{{ include "webserver.referenceName" . }}:{{ .Values.webserver.service.port }}"
|
||||
{{- if .Values.enterpriseFeatures.clearmlApplications.extraEnvs }}
|
||||
{{ toYaml .Values.enterpriseFeatures.clearmlApplications.extraEnvs | nindent 10 }}
|
||||
{{- end }}
|
||||
|
||||
@@ -23,7 +23,7 @@ spec:
|
||||
{{- if .Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
{{- if .Values.imageCredentials.existingSecret }}
|
||||
- name: .Values.imageCredentials.existingSecret
|
||||
- name: {{ .Values.imageCredentials.existingSecret }}
|
||||
{{- else }}
|
||||
- name: clearml-registry-key
|
||||
{{- end }}
|
||||
@@ -37,6 +37,11 @@ spec:
|
||||
configMap:
|
||||
name: "{{ include "clearmlApplications.referenceName" . }}-configmap"
|
||||
{{- end }}
|
||||
{{- if .Values.enterpriseFeatures.clearmlApplications.fileMounts }}
|
||||
- name: filemounts
|
||||
secret:
|
||||
secretName: {{ include "clearml.name" . }}-apps-fm
|
||||
{{- end }}
|
||||
serviceAccountName: "clearml-apps-sa"
|
||||
initContainers:
|
||||
- name: init-apps
|
||||
@@ -65,7 +70,7 @@ spec:
|
||||
value: "http://{{ include "fileserver.referenceName" . }}:{{ .Values.fileserver.service.port }}"
|
||||
- name: CLEARML_WEB_HOST
|
||||
value: "http://{{ include "webserver.referenceName" . }}:{{ .Values.webserver.service.port }}"
|
||||
- name: CLEARML_AGENT_DEFAULT_BASE_DOCKER
|
||||
- name: CLEARML_DOCKER_IMAGE
|
||||
value: "{{ .Values.enterpriseFeatures.clearmlApplications.basePodImage.repository }}:{{ .Values.enterpriseFeatures.clearmlApplications.basePodImage.tag }}"
|
||||
- name: CLEARML_WORKER_ID
|
||||
value: "apps-agent-1"
|
||||
@@ -108,6 +113,12 @@ spec:
|
||||
- name: apps-config
|
||||
mountPath: /opt/clearml/config/default
|
||||
{{- end }}
|
||||
{{- range .Values.enterpriseFeatures.clearmlApplications.fileMounts }}
|
||||
- name: filemounts
|
||||
mountPath: "{{ .folderPath }}/{{ .name }}"
|
||||
subPath: "{{ .name }}"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.enterpriseFeatures.clearmlApplications.resources | nindent 12 }}
|
||||
{{- with .Values.enterpriseFeatures.clearmlApplications.nodeSelector }}
|
||||
|
||||
10
charts/clearml/templates/apps-secrets.yaml
Normal file
10
charts/clearml/templates/apps-secrets.yaml
Normal file
@@ -0,0 +1,10 @@
|
||||
{{ if .Values.enterpriseFeatures.clearmlApplications.fileMounts }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "clearml.name" . }}-apps-fm
|
||||
data:
|
||||
{{- range .Values.enterpriseFeatures.clearmlApplications.fileMounts }}
|
||||
{{ .name }}: {{ .fileContent | b64enc }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
@@ -22,12 +22,13 @@ spec:
|
||||
{{- if .Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
{{- if .Values.imageCredentials.existingSecret }}
|
||||
- name: .Values.imageCredentials.existingSecret
|
||||
- name: {{ .Values.imageCredentials.existingSecret }}
|
||||
{{- else }}
|
||||
- name: clearml-registry-key
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.fileserver.storage.enabled }}
|
||||
{{- if .Values.fileserver.storage.data.existingPVC }}
|
||||
- name: fileserver-data
|
||||
persistentVolumeClaim:
|
||||
@@ -37,6 +38,10 @@ spec:
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ include "fileserver.referenceName" . }}-data
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
- name: fileserver-data
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
securityContext: {{ toYaml .Values.fileserver.podSecurityContext | nindent 8 }}
|
||||
initContainers:
|
||||
- name: init-fileserver
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{- if .Values.fileserver.enabled }}
|
||||
{{- if .Values.fileserver.storage.enabled }}
|
||||
{{- if not .Values.fileserver.storage.data.existingPVC }}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
@@ -17,3 +18,4 @@ spec:
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -22,7 +22,7 @@ spec:
|
||||
{{- if .Values.imageCredentials.enabled }}
|
||||
imagePullSecrets:
|
||||
{{- if .Values.imageCredentials.existingSecret }}
|
||||
- name: .Values.imageCredentials.existingSecret
|
||||
- name: {{ .Values.imageCredentials.existingSecret }}
|
||||
{{- else }}
|
||||
- name: clearml-registry-key
|
||||
{{- end }}
|
||||
|
||||
@@ -16,6 +16,28 @@ webserver:
|
||||
ingress:
|
||||
enabled: true
|
||||
hostName: "app.clearml.127-0-0-1.nip.io"
|
||||
redis:
|
||||
master:
|
||||
name: "{{ .Release.Name }}-redis"
|
||||
persistence:
|
||||
enabled: true
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
size: 5Gi
|
||||
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
|
||||
storageClass: null
|
||||
slave:
|
||||
persistence:
|
||||
enabled: true
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
size: 5Gi
|
||||
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
|
||||
storageClass: null
|
||||
cluster:
|
||||
enabled: true
|
||||
sentinel:
|
||||
enabled: true
|
||||
mongodb:
|
||||
enabled: true
|
||||
architecture: replicaset
|
||||
|
||||
@@ -207,6 +207,8 @@ fileserver:
|
||||
# fsGroup: 1001
|
||||
# -- File server persistence settings
|
||||
storage:
|
||||
# -- If set to false no PVC is created and emptyDir is used
|
||||
enabled: true
|
||||
data:
|
||||
# -- If set, it uses an already existing PVC instead of dynamic provisioning
|
||||
existingPVC: ""
|
||||
@@ -276,10 +278,9 @@ webserver:
|
||||
|
||||
# -- Definition of external services to use if not enabled as dependency charts here
|
||||
externalServices:
|
||||
# -- Existing ElasticSearch Hostname to use if elasticsearch.enabled is false
|
||||
elasticsearchHost: ""
|
||||
# -- Existing ElasticSearch Port to use if elasticsearch.enabled is false
|
||||
elasticsearchPort: 9200
|
||||
# -- Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml)
|
||||
elasticsearchConnectionString: ""
|
||||
# [{"host":"hostname1","port":9200},{"host":"hostname2","port":9200},{"host":"hostname3","port":9200}]
|
||||
# -- Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false
|
||||
mongodbConnectionStringAuth: ""
|
||||
# -- Existing MongoDB connection string for AUTH to use if mongodb.enabled is false
|
||||
@@ -421,7 +422,7 @@ enterpriseFeatures:
|
||||
image:
|
||||
repository: ""
|
||||
pullPolicy: IfNotPresent
|
||||
tag: "1.24-57"
|
||||
tag: "1.24-58"
|
||||
# -- APPS base spawning pods image
|
||||
basePodImage:
|
||||
repository: ""
|
||||
@@ -430,6 +431,8 @@ enterpriseFeatures:
|
||||
replicaCount: 1
|
||||
# -- APPS extra envrinoment variables
|
||||
extraEnvs: []
|
||||
# -- file definition
|
||||
fileMounts: []
|
||||
# -- specific annotation for APPS pods
|
||||
podAnnotations: {}
|
||||
# -- APPS resources per pod; these are minimal requirements, it's suggested to increase
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
agentk8sglue:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
fsGroup: <FSUSER>
|
||||
runAsUser: <USER>
|
||||
basePodTemplate:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
apiserver:
|
||||
podSecurityContext:
|
||||
securityContext:
|
||||
fsGroup: <FSUSER>
|
||||
runAsUser: <USER>
|
||||
runAsNonRoot: true
|
||||
fileserver:
|
||||
podSecurityContext:
|
||||
securityContext:
|
||||
fsGroup: <FSUSER>
|
||||
runAsUser: <USER>
|
||||
runAsNonRoot: true
|
||||
webserver:
|
||||
podSecurityContext:
|
||||
securityContext:
|
||||
fsGroup: <FSUSER>
|
||||
runAsUser: <USER>
|
||||
runAsNonRoot: true
|
||||
|
||||
Reference in New Issue
Block a user