ClearML/clearml-helm-charts
1
0
Fork 0
mirror of https://github.com/clearml/clearml-helm-charts synced 2025-04-17 01:31:13 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Compare commits

base: ClearML:clearml-agent-2.0.2
Branches Tags
ClearML:main ClearML:gh-pages
ClearML:clearml-7.14.4 ClearML:clearml-7.14.3 ClearML:clearml-serving-1.5.10 ClearML:clearml-agent-5.3.2 ClearML:clearml-serving-1.5.9 ClearML:clearml-agent-5.3.1 ClearML:clearml-7.14.2 ClearML:clearml-7.14.1 ClearML:clearml-7.14.0 ClearML:clearml-7.13.0 ClearML:clearml-agent-5.3.0 ClearML:clearml-7.12.0 ClearML:clearml-agent-5.2.3 ClearML:clearml-7.11.5 ClearML:clearml-serving-1.5.8 ClearML:clearml-7.11.4 ClearML:clearml-7.11.3 ClearML:clearml-serving-1.5.7 ClearML:clearml-7.11.2 ClearML:clearml-agent-5.2.2 ClearML:clearml-7.11.1 ClearML:clearml-7.11.0 ClearML:clearml-agent-5.2.1 ClearML:clearml-7.10.1 ClearML:clearml-7.10.0 ClearML:clearml-7.9.0 ClearML:clearml-agent-5.2.0 ClearML:clearml-serving-1.5.6 ClearML:clearml-7.8.4 ClearML:clearml-agent-5.1.5 ClearML:clearml-7.8.3 ClearML:clearml-serving-1.5.5 ClearML:clearml-agent-5.1.4 ClearML:clearml-7.8.2 ClearML:clearml-7.8.1 ClearML:clearml-7.8.0 ClearML:clearml-serving-1.5.4 ClearML:clearml-agent-5.1.3 ClearML:clearml-7.7.1 ClearML:clearml-7.7.0 ClearML:clearml-agent-5.1.2 ClearML:clearml-serving-1.5.3 ClearML:clearml-7.6.0 ClearML:clearml-serving-1.5.2 ClearML:clearml-7.5.0 ClearML:clearml-serving-1.5.1 ClearML:clearml-7.4.1 ClearML:clearml-serving-1.5.0 ClearML:clearml-7.4.0 ClearML:clearml-7.3.2 ClearML:clearml-serving-1.4.2 ClearML:clearml-agent-5.1.1 ClearML:clearml-7.3.1 ClearML:clearml-serving-1.4.1 ClearML:clearml-7.3.0 ClearML:clearml-serving-1.4.0 ClearML:clearml-7.2.3 ClearML:clearml-serving-1.3.0 ClearML:clearml-serving-1.2.1 ClearML:clearml-7.2.2 ClearML:clearml-agent-5.1.0 ClearML:clearml-agent-5.0.2 ClearML:clearml-7.2.1 ClearML:clearml-serving-1.2.0 ClearML:clearml-serving-1.1.0 ClearML:clearml-7.2.0 ClearML:clearml-7.1.0 ClearML:clearml-serving-1.0.3 ClearML:clearml-serving-1.0.2 ClearML:clearml-agent-5.0.1 ClearML:clearml-7.0.1 ClearML:clearml-7.0.0 ClearML:clearml-agent-5.0.0 ClearML:clearml-agent-4.0.10 ClearML:clearml-serving-1.0.1 ClearML:clearml-6.1.1 ClearML:clearml-agent-4.0.9 ClearML:clearml-agent-4.0.8 ClearML:clearml-agent-4.0.7 ClearML:clearml-agent-4.0.6 ClearML:clearml-agent-4.0.5 ClearML:clearml-6.1.0 ClearML:clearml-agent-4.0.4 ClearML:clearml-agent-4.0.3 ClearML:clearml-serving-1.0.0 ClearML:clearml-agent-4.0.2 ClearML:clearml-6.0.2 ClearML:clearml-agent-4.0.1 ClearML:clearml-6.0.1 ClearML:clearml-agent-4.0.0 ClearML:clearml-6.0.0 ClearML:clearml-5.9.0 ClearML:clearml-5.8.3 ClearML:clearml-5.8.2 ClearML:clearml-agent-3.7.0 ClearML:clearml-5.8.1 ClearML:clearml-5.8.0 ClearML:clearml-5.7.1 ClearML:clearml-agent-3.6.0 ClearML:clearml-agent-3.5.0 ClearML:clearml-agent-3.4.0 ClearML:clearml-5.7.0 ClearML:clearml-5.6.1 ClearML:clearml-agent-3.3.2 ClearML:clearml-5.6.0 ClearML:clearml-5.5.3 ClearML:clearml-agent-3.3.1 ClearML:clearml-5.5.2 ClearML:clearml-agent-3.3.0 ClearML:clearml-agent-3.2.0 ClearML:clearml-5.5.1 ClearML:clearml-5.5.0 ClearML:clearml-5.4.2 ClearML:clearml-5.4.1 ClearML:clearml-5.4.0 ClearML:clearml-5.3.1 ClearML:clearml-5.3.0 ClearML:clearml-5.2.0 ClearML:clearml-5.1.0 ClearML:clearml-5.0.4 ClearML:clearml-5.0.3 ClearML:clearml-agent-3.1.4 ClearML:clearml-agent-3.1.3 ClearML:clearml-5.0.2 ClearML:clearml-agent-3.1.2 ClearML:clearml-5.0.1 ClearML:clearml-agent-3.1.1 ClearML:clearml-agent-3.1.0 ClearML:clearml-agent-3.0.0 ClearML:clearml-5.0.0 ClearML:clearml-agent-2.0.2 ClearML:clearml-4.4.0 ClearML:clearml-serving-0.7.0 ClearML:clearml-serving-0.6.0 ClearML:clearml-serving-0.5.0 ClearML:clearml-4.3.0 ClearML:clearml-agent-2.0.1 ClearML:clearml-4.2.1 ClearML:clearml-agent-2.0.0 ClearML:clearml-4.2.0 ClearML:clearml-agent-1.3.0 ClearML:clearml-agent-1.2.3 ClearML:clearml-4.1.3 ClearML:clearml-agent-1.2.2 ClearML:clearml-serving-0.4.1 ClearML:clearml-agent-1.2.1 ClearML:clearml-4.1.2 ClearML:clearml-agent-1.2.0 ClearML:clearml-4.1.1 ClearML:clearml-4.1.0 ClearML:clearml-agent-1.1.2 ClearML:clearml-serving-0.4.0 ClearML:clearml-agent-1.1.1 ClearML:clearml-agent-1.1.0 ClearML:clearml-4.0.0 ClearML:clearml-agent-1.0.2 ClearML:clearml-agent-1.0.1 ClearML:clearml-agent-1.0.0 ClearML:clearml-3.10.5 ClearML:clearml-3.10.4 ClearML:clearml-3.10.3 ClearML:clearml-serving-0.3.0 ClearML:clearml-serving-0.2.0 ClearML:clearml-serving-0.1.0 ClearML:clearml-3.10.2 ClearML:clearml-3.10.1 ClearML:clearml-3.10.0 ClearML:clearml-3.9.0 ClearML:clearml-3.8.2 ClearML:clearml-3.8.1 ClearML:clearml-3.8.0 ClearML:clearml-3.7.1 ClearML:clearml-3.7.0 ClearML:clearml-3.6.0 ClearML:clearml-3.5.1 ClearML:clearml-3.5.0 ClearML:clearml-3.4.1 ClearML:clearml-3.4.0 ClearML:clearml-3.3.1 ClearML:clearml-3.3.0 ClearML:clearml-3.2.2 ClearML:clearml-3.2.1 ClearML:clearml-3.2.0 ClearML:clearml-3.1.0 ClearML:clearml-3.0.6 ClearML:clearml-3.0.5 ClearML:clearml-3.0.4 ClearML:clearml-3.0.3 ClearML:clearml-3.0.2 ClearML:clearml-3.0.1 ClearML:clearml-3.0.0 ClearML:clearml-2.4.0 ClearML:clearml-2.3.0 ClearML:clearml-2.2.3 ClearML:clearml-2.2.2 ClearML:clearml-2.2.1 ClearML:clearml-2.2.0 ClearML:clearml-2.1.1 ClearML:clearml-2.1.0 ClearML:clearml-2.0.1 ClearML:clearml-2.0.0 ClearML:clearml-2.0.0-beta2 ClearML:clearml-2.0.0-beta1 ClearML:clearml-2.0.0-alpha2 ClearML:clearml-2.0.0-alpha1
...
compare: ClearML:clearml-serving-1.4.2
Branches Tags
ClearML:gh-pages ClearML:main
ClearML:clearml-7.14.4 ClearML:clearml-7.14.3 ClearML:clearml-serving-1.5.10 ClearML:clearml-agent-5.3.2 ClearML:clearml-serving-1.5.9 ClearML:clearml-agent-5.3.1 ClearML:clearml-7.14.2 ClearML:clearml-7.14.1 ClearML:clearml-7.14.0 ClearML:clearml-7.13.0 ClearML:clearml-agent-5.3.0 ClearML:clearml-7.12.0 ClearML:clearml-agent-5.2.3 ClearML:clearml-7.11.5 ClearML:clearml-serving-1.5.8 ClearML:clearml-7.11.4 ClearML:clearml-7.11.3 ClearML:clearml-serving-1.5.7 ClearML:clearml-7.11.2 ClearML:clearml-agent-5.2.2 ClearML:clearml-7.11.1 ClearML:clearml-7.11.0 ClearML:clearml-agent-5.2.1 ClearML:clearml-7.10.1 ClearML:clearml-7.10.0 ClearML:clearml-7.9.0 ClearML:clearml-agent-5.2.0 ClearML:clearml-serving-1.5.6 ClearML:clearml-7.8.4 ClearML:clearml-agent-5.1.5 ClearML:clearml-7.8.3 ClearML:clearml-serving-1.5.5 ClearML:clearml-agent-5.1.4 ClearML:clearml-7.8.2 ClearML:clearml-7.8.1 ClearML:clearml-7.8.0 ClearML:clearml-serving-1.5.4 ClearML:clearml-agent-5.1.3 ClearML:clearml-7.7.1 ClearML:clearml-7.7.0 ClearML:clearml-agent-5.1.2 ClearML:clearml-serving-1.5.3 ClearML:clearml-7.6.0 ClearML:clearml-serving-1.5.2 ClearML:clearml-7.5.0 ClearML:clearml-serving-1.5.1 ClearML:clearml-7.4.1 ClearML:clearml-serving-1.5.0 ClearML:clearml-7.4.0 ClearML:clearml-7.3.2 ClearML:clearml-serving-1.4.2 ClearML:clearml-agent-5.1.1 ClearML:clearml-7.3.1 ClearML:clearml-serving-1.4.1 ClearML:clearml-7.3.0 ClearML:clearml-serving-1.4.0 ClearML:clearml-7.2.3 ClearML:clearml-serving-1.3.0 ClearML:clearml-serving-1.2.1 ClearML:clearml-7.2.2 ClearML:clearml-agent-5.1.0 ClearML:clearml-agent-5.0.2 ClearML:clearml-7.2.1 ClearML:clearml-serving-1.2.0 ClearML:clearml-serving-1.1.0 ClearML:clearml-7.2.0 ClearML:clearml-7.1.0 ClearML:clearml-serving-1.0.3 ClearML:clearml-serving-1.0.2 ClearML:clearml-agent-5.0.1 ClearML:clearml-7.0.1 ClearML:clearml-7.0.0 ClearML:clearml-agent-5.0.0 ClearML:clearml-agent-4.0.10 ClearML:clearml-serving-1.0.1 ClearML:clearml-6.1.1 ClearML:clearml-agent-4.0.9 ClearML:clearml-agent-4.0.8 ClearML:clearml-agent-4.0.7 ClearML:clearml-agent-4.0.6 ClearML:clearml-agent-4.0.5 ClearML:clearml-6.1.0 ClearML:clearml-agent-4.0.4 ClearML:clearml-agent-4.0.3 ClearML:clearml-serving-1.0.0 ClearML:clearml-agent-4.0.2 ClearML:clearml-6.0.2 ClearML:clearml-agent-4.0.1 ClearML:clearml-6.0.1 ClearML:clearml-agent-4.0.0 ClearML:clearml-6.0.0 ClearML:clearml-5.9.0 ClearML:clearml-5.8.3 ClearML:clearml-5.8.2 ClearML:clearml-agent-3.7.0 ClearML:clearml-5.8.1 ClearML:clearml-5.8.0 ClearML:clearml-5.7.1 ClearML:clearml-agent-3.6.0 ClearML:clearml-agent-3.5.0 ClearML:clearml-agent-3.4.0 ClearML:clearml-5.7.0 ClearML:clearml-5.6.1 ClearML:clearml-agent-3.3.2 ClearML:clearml-5.6.0 ClearML:clearml-5.5.3 ClearML:clearml-agent-3.3.1 ClearML:clearml-5.5.2 ClearML:clearml-agent-3.3.0 ClearML:clearml-agent-3.2.0 ClearML:clearml-5.5.1 ClearML:clearml-5.5.0 ClearML:clearml-5.4.2 ClearML:clearml-5.4.1 ClearML:clearml-5.4.0 ClearML:clearml-5.3.1 ClearML:clearml-5.3.0 ClearML:clearml-5.2.0 ClearML:clearml-5.1.0 ClearML:clearml-5.0.4 ClearML:clearml-5.0.3 ClearML:clearml-agent-3.1.4 ClearML:clearml-agent-3.1.3 ClearML:clearml-5.0.2 ClearML:clearml-agent-3.1.2 ClearML:clearml-5.0.1 ClearML:clearml-agent-3.1.1 ClearML:clearml-agent-3.1.0 ClearML:clearml-agent-3.0.0 ClearML:clearml-5.0.0 ClearML:clearml-agent-2.0.2 ClearML:clearml-4.4.0 ClearML:clearml-serving-0.7.0 ClearML:clearml-serving-0.6.0 ClearML:clearml-serving-0.5.0 ClearML:clearml-4.3.0 ClearML:clearml-agent-2.0.1 ClearML:clearml-4.2.1 ClearML:clearml-agent-2.0.0 ClearML:clearml-4.2.0 ClearML:clearml-agent-1.3.0 ClearML:clearml-agent-1.2.3 ClearML:clearml-4.1.3 ClearML:clearml-agent-1.2.2 ClearML:clearml-serving-0.4.1 ClearML:clearml-agent-1.2.1 ClearML:clearml-4.1.2 ClearML:clearml-agent-1.2.0 ClearML:clearml-4.1.1 ClearML:clearml-4.1.0 ClearML:clearml-agent-1.1.2 ClearML:clearml-serving-0.4.0 ClearML:clearml-agent-1.1.1 ClearML:clearml-agent-1.1.0 ClearML:clearml-4.0.0 ClearML:clearml-agent-1.0.2 ClearML:clearml-agent-1.0.1 ClearML:clearml-agent-1.0.0 ClearML:clearml-3.10.5 ClearML:clearml-3.10.4 ClearML:clearml-3.10.3 ClearML:clearml-serving-0.3.0 ClearML:clearml-serving-0.2.0 ClearML:clearml-serving-0.1.0 ClearML:clearml-3.10.2 ClearML:clearml-3.10.1 ClearML:clearml-3.10.0 ClearML:clearml-3.9.0 ClearML:clearml-3.8.2 ClearML:clearml-3.8.1 ClearML:clearml-3.8.0 ClearML:clearml-3.7.1 ClearML:clearml-3.7.0 ClearML:clearml-3.6.0 ClearML:clearml-3.5.1 ClearML:clearml-3.5.0 ClearML:clearml-3.4.1 ClearML:clearml-3.4.0 ClearML:clearml-3.3.1 ClearML:clearml-3.3.0 ClearML:clearml-3.2.2 ClearML:clearml-3.2.1 ClearML:clearml-3.2.0 ClearML:clearml-3.1.0 ClearML:clearml-3.0.6 ClearML:clearml-3.0.5 ClearML:clearml-3.0.4 ClearML:clearml-3.0.3 ClearML:clearml-3.0.2 ClearML:clearml-3.0.1 ClearML:clearml-3.0.0 ClearML:clearml-2.4.0 ClearML:clearml-2.3.0 ClearML:clearml-2.2.3 ClearML:clearml-2.2.2 ClearML:clearml-2.2.1 ClearML:clearml-2.2.0 ClearML:clearml-2.1.1 ClearML:clearml-2.1.0 ClearML:clearml-2.0.1 ClearML:clearml-2.0.0 ClearML:clearml-2.0.0-beta2 ClearML:clearml-2.0.0-beta1 ClearML:clearml-2.0.0-alpha2 ClearML:clearml-2.0.0-alpha1

91 Commits
clearml-ag ... clearml-se

Author SHA1 Message Date
Valeriano Manassero
a36519536b 250 clearml serving issue title (#251) 
* Fixed: name reference

* Changed: bump up version
 2023-08-18 10:30:21 +02:00
Valeriano Manassero
b42a93e361 248 any chart test on kubernetes 128 (#249) 
* Changed: updated k8s versions

* Added: support for 1.28

* Fixed: typo in annotation
 2023-08-16 08:47:10 +02:00
Valeriano Manassero
d170d0f606 Changed: released version (#245) 2023-08-02 09:18:20 +02:00
Valeriano Manassero
43495f4a59 Upgrade app 1.12 (#244) 
* Changed: upgrade app to 1.12

* Changed: helm-docs update
 2023-08-02 09:16:20 +02:00
Robin
5ef3727154 add imagecredentials to triton docker image (#242) 
* add imagecredentials to triton docker image

* bump version

* add secrets to all serving charts

* add changelog entry

* Fixed: removed one chart annotations

---------

Co-authored-by: Robin <robinvandijk@klippa.com>
Co-authored-by: Valeriano Manassero <14011549+valeriano-manassero@users.noreply.github.com>
 2023-07-19 11:53:25 +02:00
Valeriano Manassero
3f7d1a1c1e 240 fix init container waits forever pinging a redis in production config (#241) 
* Fixed: unused leftover

* Fixed: init container fail

* Changed: bump up version
 2023-07-19 11:28:26 +02:00
Jan Wytze Zuidema
c8aaf91f52 Add the ability to disable Serving Statistics and to configure the Kafka url (#239) 
Co-authored-by: Jan Wytze Zuidema <janwytze@klippa.com>
 2023-06-30 09:58:07 +02:00
Valeriano Manassero
65671a35b2 225 clear ml serving ingress doesnt work (#235) 
* Changed: removed deprecated network policy

* Changed: bump up

* Changed: bump up

* Fixed: missing ingress names

* Changed: changelog update
 2023-06-19 17:00:46 +02:00
Valeriano Manassero
dd2289f3e1 Changed: template update (#237) 2023-06-19 16:59:00 +02:00
Valeriano Manassero
a53b0e8eac 233 clearml default externalservices values (#234) 
* Added: default externalServices values

* Changed: bump up version
 2023-06-16 09:23:30 +02:00
Valeriano Manassero
bad5618226 Repo templating (#232) 
* Added: issue templates

* Added: pr template
 2023-06-16 09:00:40 +02:00
Valeriano Manassero
8b5cc58675 229 resouces in the values file for agentk8sglue deployment (#230) 
* Added: resources definitions

* Changed: bump up
 2023-06-15 09:05:38 +02:00
Valeriano Manassero
63bc2c944c 227 agentk8sglue configmapyaml contains a double name tag for the imagepullsecrets (#228) 
* Fixed: typo

* Changed: bump up
 2023-06-14 15:53:19 +02:00
Tino Tap
2080cae5e8 Issue #218 (#219) 
* Update values.yaml

added existingAdditionalSecret

* add existingSecret

* Update values.yaml

* better implemented

* Update Chart.yaml

to version 7.2.1

* Update values.yaml

added documentation to values.yaml

* artifact hub annotations

* Changed: moved to helper function

* Changed: helm-docs update

* changed the key to exstingSecret om _helpers

---------

Co-authored-by: Valeriano Manassero <14011549+valeriano-manassero@users.noreply.github.com>
 2023-06-14 15:43:23 +02:00
Valeriano Manassero
2861b5b074 Serving-1.3 (#226) 
* Fixed: if triton is disabled, ignore autoscaling

* Changed: app version bump to 1.3.0

* Changed: bump up

* Changed: bump up
 2023-06-14 10:14:22 +02:00
Valeriano Manassero
9ba1d0ac1a Added artifact hub annotations (#224) 2023-06-13 13:35:30 +02:00
Jan Wytze Zuidema
22a7dea1fb Add the ability to define custom environment variables for inference (#221) (#222) 
Co-authored-by: Jan Wytze Zuidema <janwytze@klippa.com>
 2023-06-08 15:32:21 +02:00
Valeriano Manassero
550b7ca527 Fix ci (#223) 
* Fixed: no chart change detected

* Fixed: get entire depth
 2023-06-08 15:01:49 +02:00
Valeriano Manassero
3f67293663 Update CONTRIBUTING.md (#220) 2023-06-08 09:12:57 +02:00
Valeriano Manassero
9131a64b38 214 missing resources in initcontainers (#217) 
* Added: initContainers resources definition

* Changed: version bump
 2023-06-07 08:34:19 +02:00
pollfly
61d9d931ae Edit README (#215) 2023-06-07 08:10:29 +02:00
Valeriano Manassero
80372304cd Changed: application version upgrade to 1.11 (#213) 2023-05-29 17:21:07 +02:00
Valeriano Manassero
78ba93a0df 210 wrong usage of extra python packages environment variable (#212) 
* Fixed: env var name reference

* Changed: version bump
 2023-05-29 12:55:00 +02:00
Valeriano Manassero
1b6b3dce94 Changed: slack channel reference (#209) 2023-05-18 11:12:03 +03:00
Valeriano Manassero
1ba6440c58 [Serving] Fix resources setting (#208) 
* Fixed: resources

* Changed: bump up version

* Fixed: indentation

* Fixed: indentation
 2023-05-11 16:35:40 +02:00
Valeriano Manassero
5b31ea8599 Remove unsupported dynamic svc (#206) 
* Removed: unsupported values

* Changed: version bump

* Changed: removed not needed value

* Changed: helm-docs

* Removed: unsupported values
 2023-05-08 17:25:01 +02:00
Valeriano Manassero
876df432d4 Changed: version bump 2023-04-14 12:11:19 +02:00
Valeriano Manassero
bf755ed6b8 Changed: set replication for this scenario 2023-04-14 12:11:10 +02:00
Valeriano Manassero
9b6372d730 Fixed: redis svc name creation 2023-04-14 12:10:55 +02:00
Valeriano Manassero
25af4a4d8f Changed: remove enterprise features (#204) 2023-04-13 17:44:58 +02:00
Valeriano Manassero
da2fb44479 Check compatibility with k8s 1.27 (#203) 
* Fixed: typo

* Added: k8s 1.27

* Changed: bump up version

* Changed: actions versions bump up

* Fixed: gh action usage

* Fixed: deep chackout
 2023-04-12 09:07:11 +02:00
Valeriano Manassero
d1f46dac7a Fix missing events permissions (#202) 
* Added: events

* Changed: bump up version
 2023-04-04 07:22:06 +02:00
Valeriano Manassero
02163e3779 Refactor affinity agent (#201) 
* Changed: refactor affinity section

* Changed: bump up version
 2023-03-30 22:45:21 +02:00
Valeriano Manassero
01f1b8703d Fix indentation nodeaffinity (#200) 
* Fixed: indentation

* Changed: bump up version
 2023-03-30 15:16:49 +02:00
Valeriano Manassero
dad921e562 Affinity patch (#199) 
* Fixed: affiniti indentation

* Changed: bump up version
 2023-03-30 14:26:33 +02:00
Valeriano Manassero
9be7ad40c0 Enterprise backofflimit (#198) 
* Fixed: typo

* Fixed: backoff limit

* Changed: bump up version

* Changed: helm docs update
 2023-03-30 11:56:57 +02:00
Valeriano Manassero
4f1cebab11 Upgrade app to 1.10 (#197) 
* Changed: image update to 1.10

* Changed: bump up version
 2023-03-29 11:54:57 +02:00
Valeriano Manassero
870338ebff 195 missing initcontainers section in agentk8sglue configmapyaml (#196) 
* Added: init-container

* Changed: bump up version
 2023-03-24 08:14:52 +01:00
Valeriano Manassero
27b52fa5b3 193 after upgrade to the new chart version error (#194) 
* Fixed: agent selector label

* Changed: version bump
 2023-03-20 15:16:23 +01:00
Valeriano Manassero
4e3169c033 flow for charts changes only (#192) 2023-03-20 11:59:15 +01:00
Valeriano Manassero
70f6544ad7 temporarily force release (#191) 2023-03-20 11:57:57 +01:00
Valeriano Manassero
5f8cc597ad Update release.yaml (#190) 2023-03-20 11:51:44 +01:00
Valeriano Manassero
cbc1239d10 Serving 1.0.0 refactoring (#189) 
* Changed: use dep charts

* Changed: improved ingresses

* Changed: naming management

* Fixed: naming

* Fixed: disable kubestats for prom

* Added: dependencies

* Fixed: typos
 2023-03-20 11:49:42 +01:00
Valeriano Manassero
957b7b2423 Fix full name and nonroot pod template (#188) 
* Fixed: typo

* Added: /tmp env var

* Changed: use fullname

* Fixed: fullname usage
 2023-03-20 09:19:43 +01:00
Valeriano Manassero
6d9771be41 Improve informations on README (#186) 
* Changed: docs sections

* Added: comment on top

* Changed: version bump
 2023-03-16 13:40:02 +01:00
Valeriano Manassero
a69530d07a Update dependency charts (#184) 
* Changed: update dependency charts

* Changed: update values for dependencies

* Added: major release update instructions

* Changed: version update

* Added: dep repos

* Changed: improved securityContexts

* Added: security context for enterprise apps

* Changed: agent split securityContexts

* Added: custom start scripts for apps

* Fixed: missing description

* Changed: updated images

* Added: non-privileged/non-root configs

* Fixed: title level

* CHanged: changelog update

* Added: global registry setting

* Added: services annotations

* Fixed: non-root enterprise reference
 2023-03-16 08:42:27 +01:00
Valeriano Manassero
e1fb190b1f Update inactive-issues.yaml (#185) 2023-03-15 11:54:59 +01:00
Valeriano Manassero
e4f9cbfe8e Apps additional rolebindings (#182) 
* Added: additional rolebindings

* Changed: bump up version
 2023-03-09 12:43:05 +01:00
Valeriano Manassero
a9d57db3a8 Force agent upgrade apps (#181) 
* Fixed: force agent update

* Changed: bump up version
 2023-03-09 11:28:12 +01:00
Valeriano Manassero
08b92ba622 Fix apps baseimage (#180) 
* Fixed: apps base image

* Changed: bump up version
 2023-03-09 08:19:30 +01:00
Valeriano Manassero
5b77cf41c2 Add external clusterrolebinding and rolebinding support (#179) 
* Added: external rb and crb support

* Changed: bump up version
 2023-03-07 13:09:30 +01:00
Valeriano Manassero
a6db8b4262 Fix init container waits forever pinging a mongodb in production config (#178) 
* Fixed: hostname healthcheck for mongodb

* Changed: bump up version
 2023-03-07 08:19:22 +01:00
Valeriano Manassero
dd4d8bf086 Filemount apps agent (#176) 
* Added: filemounts support for apps agent

* Changed: bump up version
 2023-03-06 14:23:50 +01:00
Valeriano Manassero
bf959d2f70 Update apps agent (#175) 
* Changed: apps agent version bump

* Changed: chart version bump
 2023-03-03 14:09:03 +01:00
Valeriano Manassero
340d261f11 Fixed: openshift examples (#172) 2023-02-20 14:50:48 +01:00
Valeriano Manassero
e1fcc5b466 Enterprise create queue (#171) 
* Fixed: typo in env example

* Added: create queues switch

* Added: force configuration file mount

* Changed: bump version

* Fixed: helm docs
 2023-02-20 13:52:36 +01:00
pollfly
013734c184 edits (#168) 2023-02-16 13:25:00 +01:00
Valeriano Manassero
fded7aa5b4 165 clearml agent priorityclassname in pod template (#166) 
* Added: priorityclass name

* Changed: bump up version
 2023-02-16 09:39:23 +01:00
Valeriano Manassero
5540188db1 Add job support for task pod (#162) 
* Added: task as job support

* Added: template generator

* Fixed: typo

* Changed: bump version

* Added: changelog reference

* Fixed: include function name

* Fixed: checksum generator

* Added: nindent

* Added: changelog item

* Fixed: job env var switch

* Fixed: double Restart policy removed

* Fixed: job template apiVersion
 2023-02-15 15:27:59 +01:00
Valeriano Manassero
1f23bcf7ca 160 fileserver doesnt have an option to be with ephemeral storage (#164) 
* Added: fileserver emptyDir support

* Changed: bump up version
 2023-02-14 16:31:27 +01:00
Valeriano Manassero
3075f5e280 157 improve documentation (#159) 
* Changed: updated installation guide

* Fixed: typo in copy and paste

* Changed: updated install guide

* Fixed: use relative path
 2023-02-14 08:44:04 +01:00
Valeriano Manassero
97550c720f Fix cookiename availability (#158) 
* Fixed: cookieName availability

* Changed: bump up version
 2023-02-14 08:42:26 +01:00
Valeriano Manassero
a29a144119 Changed: redis cluster configuration for production (#156) 2023-02-13 12:22:01 +01:00
Valeriano Manassero
a4f77c624d Create inactive-issues.yaml 2023-02-13 08:58:08 +01:00
Valeriano Manassero
dd1c201eeb Avoid collisions in internal helper variable naming (#154) 
* Fixed: helper variable rename to avoid collisions

* Changed: bump version
 2023-02-13 08:17:53 +01:00
Valeriano Manassero
7995fc8441 Add external multihost elasticsearch support (#150) 
* Changed: elasticsearch connstring creation

* Changed: elasticsearch connstring creation

* Changed: bump up version
 2023-02-09 10:29:00 +01:00
Valeriano Manassero
99903085cd Fix existing secret reference (#149) 
* Fixed: existingSecret reference

* Changed: bump version

* Changed: bump up version
 2023-02-09 10:11:03 +01:00
Valeriano Manassero
9fc2b7ddda Fix existing secret apiserver (#148) 
* Fixed: missing brackets

* Changed: bump vesion

* Fixed: trailing space in changelog
 2023-02-08 14:20:25 +01:00
Valeriano Manassero
c7b3a28989 146 agentadd affinity config (#147) 
* Added: affinity parameter

* Changed: bump version
 2023-02-02 12:20:06 +01:00
Valeriano Manassero
12baef0d75 fixed: typos (#145) 2023-02-02 11:50:11 +01:00
Valeriano Manassero
72916e171a Added: specific platform configurations (#144) 2023-01-31 09:25:53 +01:00
Valeriano Manassero
126f313cdf Add agent pod securitycontext (#143) 
* Added: securityContext for agent

* Changed: bump up version

* Added: support for k8s 1.26
 2023-01-31 09:16:25 +01:00
Valeriano Manassero
9aa1997ebd 141 apiserver init check improvements (#142) 
* Added: check also redis and mongo before starting apiserver

* Changed: bump version
 2023-01-30 12:44:41 +01:00
Valeriano Manassero
db325a95a0 Fileserver existing pvc support (#140) 
* Added: support for existing fileserver PVC

* Changed: bump up version

* Changed: changelog update
 2023-01-25 17:12:54 +01:00
Valeriano Manassero
9e97c03b5f Fix override url (#139) 
* Fixed: url override generation

* Changed: bump up version

* Changed: supported k8s versions

* Changed: changelog update
 2023-01-25 16:34:28 +01:00
Valeriano Manassero
16506130ba Changed: updated version references (#138) 2023-01-25 16:16:23 +01:00
Valeriano Manassero
e2d60312d3 Fix enterprise apps deployment (#137) 
* Fixed: apps deployment

* Changed: version bump
 2023-01-24 13:24:15 +01:00
Valeriano Manassero
7c3ed7eb72 Fix external mongodb connstring (#135) 
* Changed: maongodb.enabled check not needed

* Changed: external MongoDB connection string

* Changed: bump up version

* Added: artifacthub changelog annotation
 2023-01-24 09:27:42 +01:00
Valeriano Manassero
67d4b5b95d Enterprise apps sa (#134) 
* Changed: don't use cluster wide access

* Changed: bump version
 2023-01-20 10:24:34 +01:00
Valeriano Manassero
832090a791 Configurable securitycontext (#133) 
* Added: configurable securityContext

* Changed: bump up version

* Changed: bump up version
 2023-01-19 15:00:22 +01:00
Valeriano Manassero
e1049fa0ab Ingressclassname (#132) 
* Added: ingressclassname

* Changed: bump up version
 2023-01-19 07:48:30 +01:00
Valeriano Manassero
5f62daac0f Existing resource for additionalconfigs (#130) 
* Added: additionalConfigs reference for existing resurce

* Changed: version bump
 2023-01-18 13:34:29 +01:00
Valeriano Manassero
cdcd35c224 Enterprise 3.15.3 (#129) 
* Changed: enterprise version bump

* Changed: version bump
 2023-01-16 16:46:26 +01:00
Valeriano Manassero
3fd3f30030 Enterprise override tag (#127) 
* Added: override for enterprise  image tag

* Changed: version bump

* Added: enterprise image tage overrides

* Changed: bump up version
 2023-01-12 09:12:19 +01:00
Valeriano Manassero
bdea0e778b Fix nodeport (#126) 
* fixed: agent nodeSelector

* Changed: version bump
 2023-01-12 08:21:38 +01:00
Valeriano Manassero
1ea09e63e5 Fix fileserver pvc class (#125) 
* Fixed: fileserver custom storageclass

* Changed: version bump
 2023-01-10 16:48:06 +01:00
Valeriano Manassero
1cc3018ef3 Fix enterprise secret generation (#124) 
* Fixed: secret reference

* Changed: bump up version
 2023-01-09 16:05:08 +01:00
Valeriano Manassero
3b689bf051 Various fixes after major releases (#123) 
* Fixed: env vars

* Changed: version bump

* Fixed: config path

* Fixed: queues generation

* Fixed: typo

* Fixed: no default queue set

* Fixed: enterprise only sec creds

* Fixed: typo
 2023-01-05 11:52:53 +01:00
Valeriano Manassero
622ec331ac Agent chart annotations, labels and sa improvements (#122) 
* Added: sa reference name in task pod

* Changed: version bump

* Added: annotations generator

* Added: annotations

* Aded: labels and annotations

* Added: annotations and labels

* Added: agent node-selector

* Fixed: annotations generation
 2023-01-04 12:01:24 +01:00
Valeriano Manassero
7041c62f44 Clearml agent enterprise features (#121) 
* Added: enterprise features alignment

* Changed: version bump

* Fixed: trailing spaces

* Fixed: comment starting space

* Changed: owner-token feature

* Fixed: secret reference name

* Changed: owner-token enterprise reference
 2023-01-04 09:45:23 +01:00
Valeriano Manassero
cb98ae9a19 Clearml enterprise features (#120) 
* Changed: rename alignment

* Changed: general refactoring

* Changed: version bump

* Added: enterprise company guid

* Added: tanzu rolebinding

* Changed: updated parames

* Changed: bump to 1.9

* Fixed: whitespaces

* Added: fake values for apps git user

* Changed: updated deps

* Changed: app version reference

* Changed: enterprise parameters name

* Changed: image version bump

* Changed: extra index url config for enterprise
 2023-01-04 09:32:01 +01:00
242 changed files with 2537 additions and 16177 deletions
Expand all files Collapse all files

47
.github/ISSUE_TEMPLATE/bug_report.yml vendored Normal file
View File

@@ -0,0 +1,47 @@
name: Bug Report
description: Create a report to help us improve
title: "[name of the chart e.g. clearml-agent] Issue Title"
labels: [bug]
assignees:
- valeriano-manassero
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out this bug report! Please be cautious with the sensitive information/logs while filing the issue.
- type: textarea
id: desc
attributes:
label: Describe the bug a clear and concise description of what the bug is.
validations:
required: true
- type: input
id: helm-version
attributes:
label: What's your helm version?
description: Enter the output of `$ helm version`
placeholder: Copy paste the entire output of the above
validations:
required: true
- type: input
id: kubectl-version
attributes:
label: What's your kubectl version?
description: Enter the output of `$ kubectl version`
validations:
required: true
- type: input
id: chart-version
attributes:
label: What's the chart version?
description: Enter the version of the chart that you encountered this bug.
validations:
required: true
- type: textarea
id: changed-values
attributes:
label: Enter the changed values of values.yaml?
description: Please enter only values which differ from the defaults. Enter `NONE` if nothing's changed.
placeholder: 'key: value'
validations:
required: false

40
.github/ISSUE_TEMPLATE/feature_request.yml vendored Normal file
View File

@@ -0,0 +1,40 @@
name: Feature request
description: Suggest an idea for this project
title: "[name of the chart e.g. clearml-agent] Issue Title"
labels: [enhancement]
assignees:
- valeriano-manassero
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out this bug report!
- type: textarea
id: desc
attributes:
label: Is your feature request related to a problem ?
description: Give a clear and concise description of what the problem is.
placeholder: ex. I'd like to have [...]
validations:
required: true
- type: textarea
id: prop-solution
attributes:
label: Describe the solution you'd like.
description: A clear and concise description of what you want to happen.
validations:
required: true
- type: textarea
id: alternatives
attributes:
label: Describe alternatives you've considered.
description: A clear and concise description of any alternative solutions or features you've considered. If nothing, please enter `NONE`
validations:
required: true
- type: textarea
id: additional-ctxt
attributes:
label: Additional context.
description: Add any other context or screenshots about the feature request here.
validations:
required: false

18
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@@ -0,0 +1,18 @@
**What this PR does / why we need it**:
**Checklist**
- [ ] Reviewed the [`CONTRIBUTING.md`](https://github.com/allegroai/clearml-helm-charts/blob/main/CONTRIBUTING.md#pull-requests) guide (**required**)
- [ ] Verify the work you plan to merge addresses an existing [issue](https://github.com/allegroai/clearml-helm-charts/issues) (If not, open a new one) (**required**)
- [ ] Check your branch with `helm lint` (**required**)
- [ ] Update `version` in `Chart.yaml` according [semver](https://semver.org/) rules (**required**)
- [ ] Substitute `annotations` section in `Chart.yaml` annotating implementations (useful for Artifecthub changelog) (**required**)
- [ ] Update chart README using [helm-docs](https://github.com/norwoodj/helm-docs) (**required**)
**Which issue(s) this PR fixes**:
Fixes #<issue number>
**Special notes for your reviewer**:

7
.github/helm-docs.sh vendored
View File

@@ -1,6 +1,11 @@
#!/bin/bash
#!/bin/bash -xe
CHART_DIRS="$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/origin/main -- 'charts' | grep '[cC]hart.yaml' | sed -e 's#/[Cc]hart.yaml##g')"
if [[ -z "$CHART_DIRS" ]]; then
echo "No Chart.yaml changes detected, aborting helm-docs"
exit 1
fi
HELM_DOCS_VERSION="1.11.0"
curl --silent --show-error --fail --location --output /tmp/helm-docs.tar.gz https://github.com/norwoodj/helm-docs/releases/download/v"${HELM_DOCS_VERSION}"/helm-docs_"${HELM_DOCS_VERSION}"_Linux_x86_64.tar.gz

43
.github/workflows/ci.yaml vendored
View File

@@ -11,7 +11,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v1
uses: actions/checkout@v3.5.0
with:
fetch-depth: 0
- name: Run helm-docs
run: .github/helm-docs.sh
install-chart:
@@ -22,27 +24,42 @@ jobs:
strategy:
matrix:
k8s:
- v1.22.13
- v1.23.10
- v1.24.4
- v1.25.0
- v1.25.11
- v1.26.6
- v1.27.3
- v1.28.0
steps:
- name: Checkout
uses: actions/checkout@v1
uses: actions/checkout@v3.5.0
with:
fetch-depth: 0
- name: Create kind ${{ matrix.k8s }} cluster
uses: helm/kind-action@v1.3.0
uses: helm/kind-action@v1.5.0
with:
node_image: kindest/node:${{ matrix.k8s }}
- name: Set up chart-testing
uses: helm/chart-testing-action@v2.2.1
uses: helm/chart-testing-action@v2.4.0
- name: Add bitnami repo
run: helm repo add bitnami https://charts.bitnami.com/bitnami
- name: Add elastic repo
run: helm repo add elastic https://helm.elastic.co
- name: Add prometheus repo
run: helm repo add prometheus https://prometheus-community.github.io/helm-charts
- name: Add grafana repo
run: helm repo add grafana https://grafana.github.io/helm-charts
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed --chart-dirs=charts --target-branch=main)
changed=$(ct list-changed --chart-dirs charts --target-branch main)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
echo "::set-output name=changed_charts::\"${changed//$'\n'/,}\""
echo "changed=true" >> "$GITHUB_OUTPUT"
echo "changed_charts=\"${changed//$'\n'/,}\"" >> "$GITHUB_OUTPUT"
fi
- name: Run chart-testing (lint and install)
run: ct lint-and-install --chart-dirs=charts --target-branch=main --helm-extra-args="--timeout=15m" --charts=${{steps.list-changed.outputs.changed_charts}} --debug=true
- name: Inject secrets
run: |
find ./charts/*/ci/*.yaml -type f -exec sed -i "s/AGENTK8SGLUEKEY/${{ secrets.AGENTK8SGLUEKEY }}/g" {} \;
find ./charts/*/ci/*.yaml -type f -exec sed -i "s/AGENTK8SGLUESECRET/${{ secrets.AGENTK8SGLUESECRET }}/g" {} \;
if: steps.list-changed.outputs.changed == 'true'
- name: Run chart-testing (lint and install)
run: ct lint-and-install --chart-dirs charts --target-branch main --helm-extra-args "--timeout=15m" --charts=${{steps.list-changed.outputs.changed_charts}} --debug true
if: steps.list-changed.outputs.changed == 'true'

22
.github/workflows/inactive-issues.yaml vendored Normal file
View File

@@ -0,0 +1,22 @@
name: Close inactive issues
on:
schedule:
- cron: "30 1 * * *"
jobs:
close-issues:
runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
steps:
- uses: actions/stale@v8.0.0
with:
days-before-issue-stale: 28
days-before-issue-close: 14
stale-issue-label: "stale"
stale-issue-message: "This issue is stale because it has been open for 4 weeks with no activity."
close-issue-message: "This issue was closed because it has been inactive for 2 weeks since being marked as stale."
days-before-pr-stale: -1
days-before-pr-close: -1
repo-token: ${{ secrets.GITHUB_TOKEN }}

6
.github/workflows/release.yaml vendored
View File

@@ -17,12 +17,16 @@ jobs:
run: helm repo add bitnami https://charts.bitnami.com/bitnami
- name: Add elastic repo
run: helm repo add elastic https://helm.elastic.co
- name: Add prometheus repo
run: helm repo add prometheus https://prometheus-community.github.io/helm-charts
- name: Add grafana repo
run: helm repo add grafana https://grafana.github.io/helm-charts
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.2.1
uses: helm/chart-releaser-action@v1.5.0
env:
CR_TOKEN: '${{ secrets.CR_TOKEN }}'
with:

11
CONTRIBUTING.md
View File

@@ -4,7 +4,7 @@
Contribution comes in many forms:
* Reporting [issues](https://github.com/allegroai/clearml-helm-charts/issues) you've come upon
* Participating in issue discussions in the [issue tracker](https://github.com/allegroai/clearml-helm-charts/issues) and the [ClearML community slack space](https://join.slack.com/t/allegroai-trains/shared_invite/enQtOTQyMTI1MzQxMzE4LTY5NTUxOTY1NmQ1MzQ5MjRhMGRhZmM4ODE5NTNjMTg2NTBlZGQzZGVkMWU3ZDg1MGE1MjQxNDEzMWU2NmVjZmY)
* Participating in issue discussions in the [issue tracker](https://github.com/allegroai/clearml-helm-charts/issues) and the [ClearML community slack space](https://joinslack.clear.ml)
* Suggesting new features or enhancements
* Implementing new features or fixing outstanding issues
@@ -51,10 +51,13 @@ Enhancement suggestions are tracked as GitHub issues. After you determine which
Before you submit a new PR:
* Verify the work you plan to merge addresses an existing [issue](https://github.com/allegroai/clearml-helm-charts/issues) (If not, open a new one)
* Check related discussions in the [ClearML slack community](https://join.slack.com/t/allegroai-trains/shared_invite/enQtOTQyMTI1MzQxMzE4LTY5NTUxOTY1NmQ1MzQ5MjRhMGRhZmM4ODE5NTNjMTg2NTBlZGQzZGVkMWU3ZDg1MGE1MjQxNDEzMWU2NmVjZmY) (Or start your own discussion on the `#clearml-dev` channel)
* Make sure your code conforms to the ClearML coding standards by running:
`flake8 --max-line-length=120 --statistics --show-source --extend-ignore=E501 ./clearml*`
* Check related discussions in the [ClearML slack community](https://joinslack.clear.ml) (or start your own discussion on the `#clearml-dev` channel)
* Check your branch with `helm lint`
* Update `version` in `Chart.yaml` according [semver](https://semver.org/) rules
* Substitute `annotations` section in `Chart.yaml` annotating implementations (useful for Artifecthub changelog)
* Update chart README using [helm-docs](https://github.com/norwoodj/helm-docs)
In your PR include:
* A reference to the issue it addresses
* A brief description of the approach you've taken for implementing

47
INSTALL.md Normal file
View File

@@ -0,0 +1,47 @@
# ClearML Helm Charts Installation guide
## Requirements
* Set up a Kubernetes Cluster - for setting up Kubernetes on various platforms refer to the Kubernetes [getting started guide](http://kubernetes.io/docs/getting-started-guides/).
* Set up a single-node LOCAL Kubernetes on laptop/desktop - for setting up Kubernetes on your laptop/desktop, we suggest [kind](https://kind.sigs.k8s.io).
* For **Kubernetes Tanzu users** - see [prerequisites](https://github.com/allegroai/clearml-helm-charts/tree/main/platform-specific-configs/tanzu)
for setting up ClearML on a Tanzu cluster
* For **Kubernetes Openshift users** - see [prerequisites](https://github.com/allegroai/clearml-helm-charts/tree/main/platform-specific-configs/openshift)
for setting up ClearML on an Openshift cluster,
* Install Helm - Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes
resources. To install Helm, refer to the [Helm install guide](https://github.com/helm/helm#install) and ensure that the `helm` binary is in the `PATH` of your shell.
## Helm Charts Installation
### Helm Repo
```bash
$ helm repo add allegroai https://allegroai.github.io/clearml-helm-charts
$ helm repo update
```
### ClearML Server Ecosystem
```bash
$ helm install clearml allegroai/clearml
```
### ClearML Agent
A ClearML Agent is always related to a ClearML server ecosystem (by default using the `app.clear.ml` hosted server, but
can be on the same or different Kubernetes cluster or a single server installation).
In the ClearML UI, go to **Settings > Workspace** and click **Create New Credentials**. The dialog that pops up displays
the new credentials.
In the Helm chart `install` command below:
* Set `ACCESSKEY` to the new credentials' `access_key` value
* Set `SECRETKEY` to the new credentials' `secret_key` value
* Set `APISERVERURL` to the new credentials' `api_server` value
* Set `FILESSERVERURL` to the new credentials' `files_server` value
* Set `WEBSERVERURL` to the new credentials' `web_server` value
```bash
$ helm install clearml-agent allegroai/clearml-agent --set clearml.agentk8sglueKey=ACCESSKEY --set clearml.agentk8sglueSecret=SECRETKEY --set agentk8sglue.apiServerUrlReference=APISERVERURL --set agentk8sglue.fileServerUrlReference=FILESERVERURL --set agentk8sglue.webServerUrlReference=WEBSERVERURL
```

45
README.md
View File

@@ -1,4 +1,4 @@
# ClearML Helm Charts Library for Kubernetes
# ClearML Helm Charts for Kubernetes
## Auto-Magical Experiment Manager & Version Control for AI
@@ -23,57 +23,40 @@ Use this repository to deploy **clearml-server** on Kubernetes clusters.
## Provided in this repository
### [All around Helm Chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml)
### [ClearML server chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml)
### [ClearML agent chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml-agent)
### [ClearML serving chart](https://github.com/allegroai/clearml-helm-charts/tree/main/charts/clearml-serving)
## Who We Are
ClearML is supported by the team behind *allegro.ai*,
where we build deep learning pipelines and infrastructure for enterprise companies.
ClearML is supported by you :heart: and the [clear.ml](https://clear.ml) team, which helps enterprise companies build
scalable MLOps.
We built ClearML to track and control the glorious but messy process of training production-grade deep learning models.
We are committed to vigorously supporting and expanding the capabilities of ClearML.
We promise to always be backwardly compatible, making sure all your logs, data and pipelines
We promise to always be backwards compatible, making sure all your logs, data, and pipelines
will always upgrade with you.
## License
Apache License, Version 2.0, (see the [LICENSE](https://www.apache.org/licenses/LICENSE-2.0) for more information)
## Requirements
## Installation Guide
### Setup a Kubernetes Cluster
For setting up Kubernetes on various platforms refer to the Kubernetes [getting started guide](http://kubernetes.io/docs/getting-started-guides/).
### Setup a single node LOCAL Kubernetes on laptop/desktop
For setting up Kubernetes on your laptop/desktop we suggest [kind](https://kind.sigs.k8s.io).
### Install Helm
Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes resources.
To install Helm, refer to the [Helm install guide](https://github.com/helm/helm#install) and ensure that the `helm` binary is in the `PATH` of your shell.
## Usage
```bash
$ helm repo add allegroai https://allegroai.github.io/clearml-helm-charts
$ helm repo update
$ helm search repo allegroai
$ helm install <release-name> allegroai/<chart>
```
For installation instructions, follow related [Installation Guide](INSTALL.md).
## Documentation, Community & Support
More information in the [official documentation](https://allegro.ai/clearml/docs) and [on YouTube](https://www.youtube.com/c/ClearML).
See more information in the [official documentation](https://clear.ml/docs/latest/docs) and [on YouTube](https://www.youtube.com/c/ClearML).
If you have any questions: post on our [Slack Channel](https://join.slack.com/t/clearml/shared_invite/zt-c0t13pty-aVUZZW1TSSSg2vyIGVPBhg), or tag your questions on [stackoverflow](https://stackoverflow.com/questions/tagged/clearml) with '**[clearml](https://stackoverflow.com/questions/tagged/clearml)**' tag (*previously [trains](https://stackoverflow.com/questions/tagged/trains) tag*).
If you have any questions, post on our [Slack Channel](https://joinslack.clear.ml), or tag your questions on [stackoverflow](https://stackoverflow.com/questions/tagged/clearml) with '**[clearml](https://stackoverflow.com/questions/tagged/clearml)**' tag (*previously [trains](https://stackoverflow.com/questions/tagged/trains) tag*).
For feature requests or bug reports, please use [GitHub issues](https://github.com/allegroai/clearml-helm-charts/issues).
Additionally, you can always find us at *clearml@allegro.ai*
Additionally, you can always find us at *support@clear.ml*
## Contributing

11
charts/clearml-agent/Chart.yaml
View File

@@ -1,10 +1,10 @@
apiVersion: v2
name: clearml-agent
description: MLOps platform
description: MLOps platform Task running agent
type: application
version: "2.0.2"
version: "5.1.1"
appVersion: "1.24"
kubeVersion: ">= 1.19.0-0 < 1.26.0-0"
kubeVersion: ">= 1.21.0-0 < 1.29.0-0"
home: https://clear.ml
icon: https://raw.githubusercontent.com/allegroai/clearml/master/docs/clearml-logo.svg
sources:
@@ -17,3 +17,8 @@ keywords:
- clearml
- "machine learning"
- mlops
- "task agent"
annotations:
artifacthub.io/changes: |
- kind: added
description: kubernetes 1.28 support

111
charts/clearml-agent/README.md
View File

@@ -1,8 +1,8 @@
# ClearML Kubernetes Agent
![Version: 2.0.2](https://img.shields.io/badge/Version-2.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.24](https://img.shields.io/badge/AppVersion-1.24-informational?style=flat-square)
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.24](https://img.shields.io/badge/AppVersion-1.24-informational?style=flat-square)
MLOps platform
MLOps platform Task running agent
**Homepage:** <https://clear.ml>
@@ -17,6 +17,29 @@ MLOps platform
The **clearml-agent** is the Kubernetes agent for for [ClearML](https://github.com/allegroai/clearml).
It allows you to schedule distributed experiments on a Kubernetes cluster.
# Upgrading Chart
## Upgrades/ Values upgrades
Updating to latest version of this chart can be done in two steps:
```
helm repo update
helm upgrade clearml-agent allegroai/clearml-agent
```
Changing values on existing installation can be done with:
```
helm upgrade clearml-agent allegroai/clearml-agent --version <CURRENT CHART VERSION> -f custom_values.yaml
```
### Major upgrade from 3.* to 4.*
Before issuing helm upgrade:
* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
## Source Code
* <https://github.com/allegroai/clearml-helm-charts>
@@ -24,31 +47,54 @@ It allows you to schedule distributed experiments on a Kubernetes cluster.
## Requirements
Kubernetes: `>= 1.19.0-0 < 1.26.0-0`
Kubernetes: `>= 1.21.0-0 < 1.29.0-0`
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| agentk8sglue | object | `{"apiServerUrlReference":"https://api.clear.ml","clearmlcheckCertificate":true,"defaultContainerImage":"ubuntu:18.04","extraEnvs":[],"fileServerUrlReference":"https://files.clear.ml","id":"k8s-agent","image":{"repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"},"maxPods":10,"podTemplate":{"env":[],"nodeSelector":{},"resources":{},"tolerations":[],"volumeMounts":[],"volumes":[]},"queue":"default","replicaCount":1,"serviceAccountName":"default","webServerUrlReference":"https://app.clear.ml"}` | This agent will spawn queued experiments in new pods, a good use case is to combine this with GPU autoscaling nodes. https://github.com/allegroai/clearml-agent/tree/master/docker/k8s-glue |
| agentk8sglue | object | `{"additionalClusterRoleBindings":[],"additionalRoleBindings":[],"affinity":{},"annotations":{},"apiServerUrlReference":"https://api.clear.ml","basePodTemplate":{"affinity":{},"annotations":{},"containerSecurityContext":{},"env":[],"fileMounts":[],"hostAliases":[],"initContainers":[],"labels":{},"nodeSelector":{},"podSecurityContext":{},"priorityClassName":"","resources":{},"schedulerName":"","tolerations":[],"volumeMounts":[],"volumes":[]},"clearmlcheckCertificate":true,"containerSecurityContext":{},"defaultContainerImage":"ubuntu:18.04","extraEnvs":[],"fileMounts":[],"fileServerUrlReference":"https://files.clear.ml","image":{"registry":"","repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"},"initContainers":{"resources":{}},"labels":{},"nodeSelector":{},"podSecurityContext":{},"queue":"default","replicaCount":1,"resources":{},"serviceExistingAccountName":"","tolerations":[],"volumeMounts":[],"volumes":[],"webServerUrlReference":"https://app.clear.ml"}` | This agent will spawn queued experiments in new pods, a good use case is to combine this with GPU autoscaling nodes. https://github.com/allegroai/clearml-agent/tree/master/docker/k8s-glue |
| agentk8sglue.additionalClusterRoleBindings | list | `[]` | additional existing ClusterRoleBindings |
| agentk8sglue.additionalRoleBindings | list | `[]` | additional existing RoleBindings |
| agentk8sglue.affinity | object | `{}` | affinity setup for Agent pod (example in values.yaml comments) |
| agentk8sglue.annotations | object | `{}` | annotations setup for Agent pod (example in values.yaml comments) |
| agentk8sglue.apiServerUrlReference | string | `"https://api.clear.ml"` | Reference to Api server url |
| agentk8sglue.basePodTemplate | object | `{"affinity":{},"annotations":{},"containerSecurityContext":{},"env":[],"fileMounts":[],"hostAliases":[],"initContainers":[],"labels":{},"nodeSelector":{},"podSecurityContext":{},"priorityClassName":"","resources":{},"schedulerName":"","tolerations":[],"volumeMounts":[],"volumes":[]}` | base template for pods spawned to consume ClearML Task |
| agentk8sglue.basePodTemplate.affinity | object | `{}` | affinity setup for pods spawned to consume ClearML Task |
| agentk8sglue.basePodTemplate.annotations | object | `{}` | annotations setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.containerSecurityContext | object | `{}` | securityContext setup for containers spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.env | list | `[]` | environment variables for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.fileMounts | list | `[]` | file definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.hostAliases | list | `[]` | hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.initContainers | list | `[]` | initContainers definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.labels | object | `{}` | labels setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.nodeSelector | object | `{}` | nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.podSecurityContext | object | `{}` | securityContext setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.priorityClassName | string | `""` | priorityClassName setup for pods spawned to consume ClearML Task |
| agentk8sglue.basePodTemplate.resources | object | `{}` | resources declaration for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.schedulerName | string | `""` | schedulerName setup for pods spawned to consume ClearML Task |
| agentk8sglue.basePodTemplate.tolerations | list | `[]` | tolerations setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.volumeMounts | list | `[]` | volume mounts definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.basePodTemplate.volumes | list | `[]` | volumes definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.clearmlcheckCertificate | bool | `true` | Check certificates validity for evefry UrlReference below. |
| agentk8sglue.containerSecurityContext | object | `{}` | container securityContext setup for Agent pod (example in values.yaml comments) |
| agentk8sglue.defaultContainerImage | string | `"ubuntu:18.04"` | default container image for ClearML Task pod |
| agentk8sglue.extraEnvs | list | `[]` | Environment variables to be exposed in the agentk8sglue pods |
| agentk8sglue.extraEnvs | list | `[]` | Extra Environment variables for Glue Agent |
| agentk8sglue.fileMounts | list | `[]` | file definition for Glue Agent (example in values.yaml comments) |
| agentk8sglue.fileServerUrlReference | string | `"https://files.clear.ml"` | Reference to File server url |
| agentk8sglue.id | string | `"k8s-agent"` | ClearML worker ID (must be unique across the entire ClearMLenvironment) |
| agentk8sglue.image | object | `{"repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"}` | Glue Agent image configuration |
| agentk8sglue.maxPods | int | `10` | maximum concurrent consume ClearML Task pod |
| agentk8sglue.podTemplate | object | `{"env":[],"nodeSelector":{},"resources":{},"tolerations":[],"volumeMounts":[],"volumes":[]}` | template for pods spawned to consume ClearML Task |
| agentk8sglue.podTemplate.env | list | `[]` | environment variables for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.podTemplate.nodeSelector | object | `{}` | nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.podTemplate.resources | object | `{}` | resources declaration for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.podTemplate.tolerations | list | `[]` | tolerations setup for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.podTemplate.volumeMounts | list | `[]` | volumeMounts definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.podTemplate.volumes | list | `[]` | volumes definition for pods spawned to consume ClearML Task (example in values.yaml comments) |
| agentk8sglue.image | object | `{"registry":"","repository":"allegroai/clearml-agent-k8s-base","tag":"1.24-21"}` | Glue Agent image configuration |
| agentk8sglue.initContainers | object | `{"resources":{}}` | Glue Agent pod initContainers configs |
| agentk8sglue.initContainers.resources | object | `{}` | Glue Agent initcontainers pod resources |
| agentk8sglue.labels | object | `{}` | labels setup for Agent pod (example in values.yaml comments) |
| agentk8sglue.nodeSelector | object | `{}` | nodeSelector setup for Agent pod (example in values.yaml comments) |
| agentk8sglue.podSecurityContext | object | `{}` | container securityContext setup for Agent pod (example in values.yaml comments) |
| agentk8sglue.queue | string | `"default"` | ClearML queue this agent will consume |
| agentk8sglue.replicaCount | int | `1` | Glue Agent number of pods |
| agentk8sglue.serviceAccountName | string | `"default"` | serviceAccountName for pods spawned to consume ClearML Task |
| agentk8sglue.resources | object | `{}` | Glue Agent pod resources |
| agentk8sglue.serviceExistingAccountName | string | `""` | if set, don't create a serviceAccountName but use defined existing one |
| agentk8sglue.tolerations | list | `[]` | tolerations setup for Agent pod (example in values.yaml comments) |
| agentk8sglue.volumeMounts | list | `[]` | volume mounts definition for Glue Agent (example in values.yaml comments) |
| agentk8sglue.volumes | list | `[]` | volumes definition for Glue Agent (example in values.yaml comments) |
| agentk8sglue.webServerUrlReference | string | `"https://app.clear.ml"` | Reference to Web server url |
| clearml | object | `{"agentk8sglueKey":"ACCESSKEY","agentk8sglueSecret":"SECRETKEY","clearmlConfig":"sdk {\n}","existingAgentk8sglueSecret":"","existingClearmlConfigSecret":""}` | ClearMl generic configurations |
| clearml.agentk8sglueKey | string | `"ACCESSKEY"` | Agent k8s Glue basic auth key |
@@ -56,6 +102,8 @@ Kubernetes: `>= 1.19.0-0 < 1.26.0-0`
| clearml.clearmlConfig | string | `"sdk {\n}"` | ClearML configuration file |
| clearml.existingAgentk8sglueSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
| clearml.existingClearmlConfigSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
| global | object | `{"imageRegistry":"docker.io"}` | Global parameters section |
| global.imageRegistry | string | `"docker.io"` | Images registry |
| imageCredentials | object | `{"email":"someone@host.com","enabled":false,"existingSecret":"","password":"pwd","registry":"docker.io","username":"someone"}` | Private image registry configuration |
| imageCredentials.email | string | `"someone@host.com"` | Email |
| imageCredentials.enabled | bool | `false` | Use private authentication mode |
@@ -63,27 +111,10 @@ Kubernetes: `>= 1.19.0-0 < 1.26.0-0`
| imageCredentials.password | string | `"pwd"` | Registry password |
| imageCredentials.registry | string | `"docker.io"` | Registry name |
| imageCredentials.username | string | `"someone"` | Registry username |
# Upgrading Chart
### From v1.x to v2.x
Chart 1.x was under the assumption that all mounted volumes would be PVC's. Version > 2.x allows for more flexibility and will inject the yaml from podTemplate.volumes and podtemplate.volumeMounts directly.
v1.x
```
volumes:
- name: "yourvolume"
path: "/yourpath"
```
v2.x
```
volumes:
- name: "yourvolume"
persistentVolumeClaim:
claimName: "yourvolume"
volumeMounts:
- name: "yourvolume"
mountPath: "/yourpath"
```
| sessions | object | `{"externalIP":"0.0.0.0","maxServices":20,"portModeEnabled":false,"startingPort":30000,"svcAnnotations":{},"svcType":"NodePort"}` | Sessions internal service configuration |
| sessions.externalIP | string | `"0.0.0.0"` | External IP sessions clients can connect to |
| sessions.maxServices | int | `20` | maximum number of NodePorts exposed |
| sessions.portModeEnabled | bool | `false` | Enable/Disable sessions portmode WARNING: only one Agent deployment can have this set to true |
| sessions.startingPort | int | `30000` | starting range of exposed NodePorts |
| sessions.svcAnnotations | object | `{}` | specific annotations for session services |
| sessions.svcType | string | `"NodePort"` | service type ("NodePort" or "ClusterIP" or "LoadBalancer") |

47
charts/clearml-agent/README.md.gotmpl
View File

@@ -14,32 +14,31 @@
The **clearml-agent** is the Kubernetes agent for for [ClearML](https://github.com/allegroai/clearml).
It allows you to schedule distributed experiments on a Kubernetes cluster.
# Upgrading Chart
## Upgrades/ Values upgrades
Updating to latest version of this chart can be done in two steps:
```
helm repo update
helm upgrade clearml-agent allegroai/clearml-agent
```
Changing values on existing installation can be done with:
```
helm upgrade clearml-agent allegroai/clearml-agent --version <CURRENT CHART VERSION> -f custom_values.yaml
```
### Major upgrade from 3.* to 4.*
Before issuing helm upgrade:
* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
{{ template "chart.sourcesSection" . }}
{{ template "chart.requirementsSection" . }}
{{ template "chart.valuesSection" . }}
# Upgrading Chart
### From v1.x to v2.x
Chart 1.x was under the assumption that all mounted volumes would be PVC's. Version > 2.x allows for more flexibility and will inject the yaml from podTemplate.volumes and podtemplate.volumeMounts directly.
v1.x
```
volumes:
- name: "yourvolume"
path: "/yourpath"
```
v2.x
```
volumes:
- name: "yourvolume"
persistentVolumeClaim:
claimName: "yourvolume"
volumeMounts:
- name: "yourvolume"
mountPath: "/yourpath"
```

80
charts/clearml-agent/templates/_helpers.tpl
View File

@@ -1,7 +1,7 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "clearml.name" -}}
{{- define "clearmlAgent.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
@@ -10,7 +10,7 @@ Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "clearml.fullname" -}}
{{- define "clearmlAgent.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
@@ -26,53 +26,89 @@ If release name contains chart name it will be used as a full name.
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "clearml.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- define "clearmlAgent.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 59 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "clearml.labels" -}}
helm.sh/chart: {{ include "clearml.chart" . }}
{{ include "clearml.selectorLabels" . }}
{{- define "clearmlAgent.labels" -}}
helm.sh/chart: {{ include "clearmlAgent.chart" . }}
{{ include "clearmlAgent.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if $.Values.agentk8sglue.labels }}
{{ toYaml $.Values.agentk8sglue.labels }}
{{- end }}
{{- end }}
{{/*
Common labels (agentk8sglue)
*/}}
{{- define "agentk8sglue.labels" -}}
helm.sh/chart: {{ include "clearmlAgent.chart" . }}
{{ include "agentk8sglue.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if $.Values.agentk8sglue.labels }}
{{ toYaml $.Values.agentk8sglue.labels }}
{{- end }}
{{- end }}
{{/*
Common annotations
*/}}
{{- define "clearmlAgent.annotations" -}}
{{- if $.Values.agentk8sglue.annotations }}
{{ toYaml $.Values.agentk8sglue.annotations }}
{{- end }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "clearml.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
{{- define "clearmlAgent.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearmlAgent.fullname" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Reference Name (agentk8sglue)
*/}}
{{- define "agentk8sglue.referenceName" -}}
{{- include "clearml.fullname" . }}-agentk8sglue
{{- end }}
{{/*
Selector labels (agentk8sglue)
*/}}
{{- define "agentk8sglue.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
app.kubernetes.io/instance: {{ include "agentk8sglue.referenceName" . }}
app.kubernetes.io/name: {{ include "clearmlAgent.fullname" . }}
app.kubernetes.io/instance: {{ include "clearmlAgent.fullname" . }}
{{- end }}
{{/*
Registry name
*/}}
{{- define "registryNamePrefix" -}}
{{- $registryName := "" -}}
{{- if .globalValues }}
{{- if .globalValues.imageRegistry }}
{{- $registryName = printf "%s/" .globalValues.imageRegistry -}}
{{- end -}}
{{- end -}}
{{- if .imageRegistryValue }}
{{- $registryName = printf "%s/" .imageRegistryValue -}}
{{- end -}}
{{- printf "%s" $registryName }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "clearml.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "clearml.fullname" .) .Values.serviceAccount.name }}
{{- define "clearmlAgent.serviceAccountName" -}}
{{- if .Values.agentk8sglue.serviceExistingAccountName }}
{{- .Values.agentk8sglue.serviceExistingAccountName }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- include "clearmlAgent.fullname" . }}-sa
{{- end }}
{{- end }}

71
charts/clearml-agent/templates/agentk8sglue-configmap.yaml
View File

@@ -1,32 +1,43 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "agentk8sglue.referenceName" . }}-k8sagent-pod-template
name: {{ include "clearmlAgent.fullname" . }}-pt
data:
template.yaml: |
apiVersion: v1
metadata:
namespace: {{ .Release.Namespace }}
labels:
{{- toYaml $.Values.agentk8sglue.basePodTemplate.labels | nindent 8 }}
annotations:
{{- toYaml $.Values.agentk8sglue.basePodTemplate.annotations | nindent 8 }}
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{.Values.imageCredentials.existingSecret}}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-registry-key
- name: {{ include "clearmlAgent.fullname" $ }}-ark
{{- end }}
{{- end }}
serviceAccountName: {{ .Values.agentk8sglue.serviceAccountName }}
{{- with .Values.agentk8sglue.podTemplate.volumes }}
{{- with .Values.agentk8sglue.basePodTemplate.volumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "clearmlAgent.serviceAccountName" $ }}
securityContext:
{{ toYaml .Values.agentk8sglue.basePodTemplate.podSecurityContext | nindent 8 }}
priorityClassName: {{ .Values.agentk8sglue.basePodTemplate.priorityClassName }}
initContainers:
{{- toYaml .Values.agentk8sglue.basePodTemplate.initContainers | nindent 8 }}
containers:
- resources:
{{- toYaml .Values.agentk8sglue.podTemplate.resources | nindent 10 }}
{{- toYaml .Values.agentk8sglue.basePodTemplate.resources | nindent 10 }}
securityContext:
{{ toYaml .Values.agentk8sglue.basePodTemplate.containerSecurityContext | nindent 10 }}
ports:
- containerPort: 10022
{{- with .Values.agentk8sglue.podTemplate.volumeMounts }}
{{- with .Values.agentk8sglue.basePodTemplate.volumeMounts }}
volumeMounts:
{{- toYaml . | nindent 10 }}
{{- end }}
@@ -43,7 +54,7 @@ data:
{{- if .Values.clearml.existingAgentk8sglueSecret }}
name: {{ .Values.clearml.existingAgentk8sglueSecret }}
{{- else }}
name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-k8sglue
name: {{ include "clearmlAgent.fullname" . }}-ac
{{- end }}
key: agentk8sglue_key
- name: CLEARML_API_SECRET_KEY
@@ -52,17 +63,51 @@ data:
{{- if .Values.clearml.existingAgentk8sglueSecret }}
name: {{ .Values.clearml.existingAgentk8sglueSecret }}
{{- else }}
name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-k8sglue
name: {{ include "clearmlAgent.fullname" . }}-ac
{{- end }}
key: agentk8sglue_secret
{{- if .Values.agentk8sglue.podTemplate.env }}
{{ toYaml .Values.agentk8sglue.podTemplate.env | nindent 8 }}
{{- if .Values.agentk8sglue.basePodTemplate.env }}
{{ toYaml .Values.agentk8sglue.basePodTemplate.env | nindent 8 }}
{{- end }}
{{- with .Values.agentk8sglue.podTemplate.nodeSelector}}
{{- with .Values.agentk8sglue.basePodTemplate.nodeSelector}}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agentk8sglue.podTemplate.tolerations }}
{{- with .Values.agentk8sglue.basePodTemplate.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agentk8sglue.basePodTemplate.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.sessions.portModeEnabled }}
{{- range untilStep 1 ( ( add .Values.sessions.maxServices 1 ) | int ) 1 }}
services-{{ . }}.yaml: |
apiVersion: v1
kind: Service
metadata:
name: clearml-session-{{ . }}
labels:
{{- include "clearmlAgent.labels" $ | nindent 8 }}
{{- with $.Values.sessions.svcAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
type: {{ $.Values.sessions.svcType }}
ports:
- targetPort: 10022
{{- if eq $.Values.sessions.svcType "NodePort" }}
port: 10022
{{- else }}
port: {{ add $.Values.sessions.startingPort . }}
{{- end }}
protocol: TCP
{{- if eq $.Values.sessions.svcType "NodePort" }}
nodePort: {{ add $.Values.sessions.startingPort . }}
{{- end }}
selector:
ai.allegro.agent.serial: pod-{{ . }}
{{- end }}
{{- end }}

214
charts/clearml-agent/templates/agentk8sglue-deployment.yaml
View File

@@ -1,9 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "agentk8sglue.referenceName" . }}
name: {{ include "clearmlAgent.fullname" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- include "agentk8sglue.labels" . | nindent 4 }}
annotations:
{{- include "clearmlAgent.annotations" . | nindent 4 }}
spec:
replicas: {{ .Values.agentk8sglue.replicaCount }}
selector:
@@ -12,89 +14,157 @@ spec:
template:
metadata:
annotations:
checksum/config: {{ printf "%s%s" .Values.clearml .Values.agentk8sglue | sha256sum }}
checksum/config: {{ printf "%s" .Values | sha256sum }}
{{- include "clearmlAgent.annotations" . | nindent 8 }}
labels:
{{- include "agentk8sglue.selectorLabels" . | nindent 8 }}
{{- include "agentk8sglue.labels" . | nindent 8 }}
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: "{{.Values.imageCredentials.existingSecret}}"
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-registry-key
- name: {{ include "clearmlAgent.fullname" . }}-ark
{{- end }}
{{- end }}
serviceAccountName: {{ include "clearmlAgent.serviceAccountName" . }}
securityContext:
{{ toYaml .Values.agentk8sglue.podSecurityContext | nindent 8 }}
initContainers:
- name: init-k8s-glue
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.agentk8sglue.image.registry) }}{{ .Values.agentk8sglue.image.repository }}:{{ .Values.agentk8sglue.image.tag }}"
command:
- /bin/sh
- -c
- >
set -x;
while [ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.apiServerUrlReference}}/debug.ping" -o /dev/null) -ne 200 ] ; do
echo "waiting for apiserver" ;
sleep 5 ;
done;
while [[ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.fileServerUrlReference}}/" -o /dev/null) =~ 403|405 ]] ; do
echo "waiting for fileserver" ;
sleep 5 ;
done;
while [ $(curl {{ if not .Values.agentk8sglue.clearmlcheckCertificate }}--insecure{{ end }} -sw '%{http_code}' "{{.Values.agentk8sglue.webServerUrlReference}}/" -o /dev/null) -ne 200 ] ; do
echo "waiting for webserver" ;
sleep 5 ;
done
securityContext:
{{ toYaml .Values.agentk8sglue.containerSecurityContext | nindent 12 }}
resources:
{{- toYaml .Values.agentk8sglue.initContainers.resources | nindent 12 }}
containers:
- name: k8s-glue
image: "{{ .Values.agentk8sglue.image.repository }}:{{ .Values.agentk8sglue.image.tag }}"
imagePullPolicy: IfNotPresent
command: ["/bin/bash", "-c", "export PATH=$PATH:$HOME/bin; source /root/.bashrc && /root/entrypoint.sh"]
volumeMounts:
- name: {{ include "agentk8sglue.referenceName" . }}-k8sagent-pod-template
mountPath: /root/template
{{- if or .Values.clearml.clearmlConfig .Values.clearml.existingClearmlConfigSecret }}
- name: k8sagent-clearml-conf-volume
mountPath: /root/clearml.conf
subPath: clearml.conf
readOnly: true
{{- end }}
env:
- name: CLEARML_API_HOST
value: "{{.Values.agentk8sglue.apiServerUrlReference}}"
- name: CLEARML_WEB_HOST
value: "{{.Values.agentk8sglue.webServerUrlReference}}"
- name: CLEARML_FILES_HOST
value: "{{.Values.agentk8sglue.fileServerUrlReference}}"
- name: K8S_GLUE_MAX_PODS
value: "{{.Values.agentk8sglue.maxPods}}"
- name: K8S_GLUE_QUEUE
value: "{{.Values.agentk8sglue.queue}}"
- name: K8S_GLUE_EXTRA_ARGS
value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml"
- name: K8S_DEFAULT_NAMESPACE
value: "{{ .Release.Namespace }}"
- name: CLEARML_API_ACCESS_KEY
valueFrom:
secretKeyRef:
{{- if .Values.clearml.existingAgentk8sglueSecret }}
name: {{ .Values.clearml.existingAgentk8sglueSecret }}
{{- else }}
name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-k8sglue
{{- end }}
key: agentk8sglue_key
- name: CLEARML_API_SECRET_KEY
valueFrom:
secretKeyRef:
{{- if .Values.clearml.existingAgentk8sglueSecret }}
name: {{ .Values.clearml.existingAgentk8sglueSecret }}
{{- else }}
name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-k8sglue
{{- end }}
key: agentk8sglue_secret
- name: CLEARML_WORKER_ID
value: "{{.Values.agentk8sglue.id}}"
- name: CLEARML_AGENT_UPDATE_REPO
value: ""
- name: FORCE_CLEARML_AGENT_REPO
value: ""
- name: CLEARML_DOCKER_IMAGE
value: "{{.Values.agentk8sglue.defaultContainerImage}}"
{{- if .Values.agentk8sglue.extraEnvs }}
{{ toYaml .Values.agentk8sglue.extraEnvs | nindent 10 }}
{{- end }}
- name: k8s-glue
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.agentk8sglue.image.registry) }}{{ .Values.agentk8sglue.image.repository }}:{{ .Values.agentk8sglue.image.tag }}"
imagePullPolicy: IfNotPresent
command:
- /bin/bash
- -c
- >
export PATH=$PATH:$HOME/bin;
source /root/.bashrc && /root/entrypoint.sh
volumeMounts:
- name: {{ include "clearmlAgent.fullname" . }}-pt
mountPath: /root/template
{{ if .Values.clearml.clearmlConfig }}
- name: k8sagent-clearml-conf-volume
mountPath: /root/clearml.conf
subPath: clearml.conf
readOnly: true
{{- end }}
{{- if .Values.agentk8sglue.volumeMounts }}
{{- toYaml .Values.agentk8sglue.volumeMounts | nindent 10 }}
{{- end }}
{{- range .Values.agentk8sglue.fileMounts }}
- name: filemounts
mountPath: "{{ .folderPath }}/{{ .name }}"
subPath: "{{ .name }}"
readOnly: true
{{- end }}
env:
- name: CLEARML_API_HOST
value: "{{.Values.agentk8sglue.apiServerUrlReference}}"
- name: CLEARML_WEB_HOST
value: "{{.Values.agentk8sglue.webServerUrlReference}}"
- name: CLEARML_FILES_HOST
value: "{{.Values.agentk8sglue.fileServerUrlReference}}"
{{- if not .Values.agentk8sglue.clearmlcheckCertificate }}
- name: CLEARML_API_HOST_VERIFY_CERT
value: "false"
{{- end }}
{{- if .Values.sessions.portModeEnabled }}
- name: K8S_GLUE_EXTRA_ARGS
value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml \
--ports-mode --num-of-services {{ .Values.sessions.maxServices }} \
--base-port {{ .Values.sessions.startingPort }} \
--gateway-address {{ .Values.sessions.externalIP }}"
{{- else}}
- name: K8S_GLUE_EXTRA_ARGS
value: "--namespace {{ .Release.Namespace }} --template-yaml /root/template/template.yaml"
{{- end }}
{{- if .Values.clearml.clearmlConfig }}
- name: CLEARML_CONFIG_FILE
value: /root/clearml.conf
{{- end }}
- name: K8S_DEFAULT_NAMESPACE
value: "{{ .Release.Namespace }}"
- name: CLEARML_API_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ include "clearmlAgent.fullname" . }}-ac
key: agentk8sglue_key
- name: CLEARML_API_SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ include "clearmlAgent.fullname" . }}-ac
key: agentk8sglue_secret
- name: CLEARML_WORKER_ID
value: {{ include "clearmlAgent.fullname" . }}
- name: CLEARML_AGENT_UPDATE_REPO
value: ""
- name: FORCE_CLEARML_AGENT_REPO
value: ""
- name: CLEARML_DOCKER_IMAGE
value: "{{.Values.agentk8sglue.defaultContainerImage}}"
- name: K8S_GLUE_QUEUE
value: {{ .Values.agentk8sglue.queue }}
{{- if .Values.agentk8sglue.extraEnvs }}
{{ toYaml .Values.agentk8sglue.extraEnvs | nindent 12 }}
{{- end }}
securityContext:
{{ toYaml .Values.agentk8sglue.containerSecurityContext | nindent 12 }}
resources:
{{- toYaml .Values.agentk8sglue.resources | nindent 12 }}
{{- with .Values.agentk8sglue.nodeSelector}}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agentk8sglue.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agentk8sglue.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: {{ include "agentk8sglue.referenceName" . }}-k8sagent-pod-template
configMap:
name: {{ include "agentk8sglue.referenceName" . }}-k8sagent-pod-template
{{- if or .Values.clearml.clearmlConfig .Values.clearml.existingClearmlConfigSecret }}
- name: {{ include "clearmlAgent.fullname" . }}-pt
configMap:
name: {{ include "clearmlAgent.fullname" . }}-pt
{{ if .Values.clearml.clearmlConfig }}
- name: k8sagent-clearml-conf-volume
secret:
{{- if .Values.clearml.existingClearmlConfigSecret }}
secretName: {{ .Values.clearml.existingClearmlConfigSecret }}
{{- else }}
secretName: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-conf
{{- end }}
secretName: {{ include "clearmlAgent.fullname" . }}-ac
items:
- key: clearml.conf
path: clearml.conf
{{ end }}
{{ if .Values.agentk8sglue.fileMounts }}
- name: filemounts
secret:
secretName: {{ include "clearmlAgent.fullname" . }}-afm
{{ end }}
{{- if .Values.agentk8sglue.volumes }}
{{- toYaml .Values.agentk8sglue.volumes | nindent 8 }}
{{- end }}

62
charts/clearml-agent/templates/agentk8sglue-rbac.yaml
View File

@@ -1,23 +1,77 @@
{{- if not .Values.agentk8sglue.serviceExistingAccountName }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "clearmlAgent.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ include "agentk8sglue.referenceName" . }}-k8sagent-pods-access
name: {{ include "clearmlAgent.fullname" . }}-kpa
rules:
- apiGroups:
- ""
resources:
- pods
- secrets
- services
- events
verbs: ["get", "list", "watch", "create", "patch", "delete"]
- apiGroups:
- ""
resources:
- namespaces
verbs: ["list"]
{{- if .Values.agentk8sglue.taskAsJob }}
- apiGroups:
- batch
- extensions
resources:
- jobs
verbs: ["get", "list", "watch", "create", "patch", "delete"]
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "agentk8sglue.referenceName" . }}-k8sagent-pods-access
name: {{ include "clearmlAgent.fullname" . }}-kpa
subjects:
- kind: ServiceAccount
name: default
name: {{ include "clearmlAgent.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "agentk8sglue.referenceName" . }}-k8sagent-pods-access
name: {{ include "clearmlAgent.fullname" . }}-kpa
{{- range .Values.agentk8sglue.additionalClusterRoleBindings }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "clearmlAgent.fullname" $ }}-kpa-{{ . }}
subjects:
- kind: ServiceAccount
name: {{ include "clearmlAgent.serviceAccountName" $ }}
namespace: {{ $.Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ . }}
{{- end }}
{{- range .Values.agentk8sglue.additionalRoleBindings }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "clearmlAgent.fullname" $ }}-kpa-{{ . }}
subjects:
- kind: ServiceAccount
name: {{ include "clearmlAgent.serviceAccountName" $ }}
namespace: {{ $.Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ . }}
{{- end }}

14
charts/clearml-agent/templates/clearml-secrets.yaml
View File

@@ -1,28 +1,18 @@
{{- if not .Values.clearml.existingAgentk8sglueSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-k8sglue
name: {{ include "clearmlAgent.fullname" . }}-ac
data:
agentk8sglue_key: {{ .Values.clearml.agentk8sglueKey | b64enc }}
agentk8sglue_secret: {{ .Values.clearml.agentk8sglueSecret | b64enc }}
{{- end }}
---
{{- if not .Values.clearml.existingClearmlConfigSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-conf
data:
clearml.conf: {{ .Values.clearml.clearmlConfig | b64enc }}
---
{{- end }}
{{- if .Values.imageCredentials.enabled }}
{{- if not .Values.imageCredentials.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "agentk8sglue.referenceName" . }}-clearml-agent-registry-key
name: {{ include "clearmlAgent.fullname" . }}-ark
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ template "imagePullSecret" . }}

10
charts/clearml-agent/templates/service-secret.yaml Normal file
View File

@@ -0,0 +1,10 @@
{{ if .Values.agentk8sglue.fileMounts }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "clearmlAgent.fullname" . }}-afm
data:
{{- range .Values.agentk8sglue.fileMounts }}
{{ .name }}: {{ .fileContent | b64enc }}
{{- end }}
{{ end }}

30
charts/clearml-agent/templates/service-sessions.yaml Normal file
View File

@@ -0,0 +1,30 @@
{{- if .Values.sessions.portModeEnabled }}
{{- range untilStep 1 ( ( add .Values.sessions.maxServices 1 ) | int ) 1 }}
---
apiVersion: v1
kind: Service
metadata:
name: clearml-session-{{ . }}
labels:
{{- include "clearmlAgent.labels" $ | nindent 4 }}
{{- with $.Values.sessions.svcAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ $.Values.sessions.svcType }}
ports:
- targetPort: 10022
{{- if eq $.Values.sessions.svcType "NodePort" }}
port: 10022
{{- else }}
port: {{ add $.Values.sessions.startingPort . }}
{{- end }}
protocol: TCP
{{- if eq $.Values.sessions.svcType "NodePort" }}
nodePort: {{ add $.Values.sessions.startingPort . }}
{{- end }}
selector:
ai.allegro.agent.serial: pod-{{ . }}
{{- end }}
{{- end }}

163
charts/clearml-agent/values.yaml
View File

@@ -1,3 +1,8 @@
# -- Global parameters section
global:
# -- Images registry
imageRegistry: "docker.io"
# -- Private image registry configuration
imageCredentials:
# -- Use private authentication mode
@@ -35,12 +40,24 @@ clearml:
agentk8sglue:
# -- Glue Agent image configuration
image:
registry: ""
repository: "allegroai/clearml-agent-k8s-base"
tag: "1.24-21"
# -- Glue Agent number of pods
replicaCount: 1
# -- Glue Agent pod resources
resources: {}
# -- Glue Agent pod initContainers configs
initContainers:
# -- Glue Agent initcontainers pod resources
resources: {}
# -- if set, don't create a serviceAccountName but use defined existing one
serviceExistingAccountName: ""
# -- Check certificates validity for evefry UrlReference below.
clearmlcheckCertificate: true
@@ -51,32 +68,103 @@ agentk8sglue:
# -- Reference to Web server url
webServerUrlReference: "https://app.clear.ml"
# -- serviceAccountName for pods spawned to consume ClearML Task
serviceAccountName: default
# -- maximum concurrent consume ClearML Task pod
maxPods: 10
# -- default container image for ClearML Task pod
defaultContainerImage: ubuntu:18.04
# -- ClearML queue this agent will consume
queue: default
# -- ClearML worker ID (must be unique across the entire ClearMLenvironment)
id: k8s-agent
# -- Environment variables to be exposed in the agentk8sglue pods
# -- labels setup for Agent pod (example in values.yaml comments)
labels: {}
# schedulerName: scheduler
# -- annotations setup for Agent pod (example in values.yaml comments)
annotations: {}
# key1: value1
# -- Extra Environment variables for Glue Agent
extraEnvs: []
# - name: PYTHONPATH
# value: "somepath"
# -- container securityContext setup for Agent pod (example in values.yaml comments)
podSecurityContext: {}
# runAsUser: 1001
# fsGroup: 1001
# -- container securityContext setup for Agent pod (example in values.yaml comments)
containerSecurityContext: {}
# runAsUser: 1001
# fsGroup: 1001
# -- additional existing ClusterRoleBindings
additionalClusterRoleBindings: []
# - privileged
# -- additional existing RoleBindings
additionalRoleBindings: []
# - privileged
# -- nodeSelector setup for Agent pod (example in values.yaml comments)
nodeSelector: {}
# fleet: agent-nodes
# -- tolerations setup for Agent pod (example in values.yaml comments)
tolerations: []
# -- affinity setup for Agent pod (example in values.yaml comments)
affinity: {}
# -- volumes definition for Glue Agent (example in values.yaml comments)
volumes: []
# - name: "yourvolume"
# nfs:
# server: 192.168.0.1
# path: /var/nfs/mount
# -- volume mounts definition for Glue Agent (example in values.yaml comments)
volumeMounts: []
# - name: yourvolume
# mountPath: /yourpath
# subPath: userfolder
# -- template for pods spawned to consume ClearML Task
podTemplate:
# -- file definition for Glue Agent (example in values.yaml comments)
fileMounts: []
# - name: "integration.py"
# folderPath: "/mnt/python"
# fileContent: |-
# def get_template(*args, **kwargs):
# print("args: {}".format(args))
# print("kwargs: {}".format(kwargs))
# return {
# "template": {
# }
# }
# -- base template for pods spawned to consume ClearML Task
basePodTemplate:
# -- labels setup for pods spawned to consume ClearML Task (example in values.yaml comments)
labels: {}
# schedulerName: scheduler
# -- annotations setup for pods spawned to consume ClearML Task (example in values.yaml comments)
annotations: {}
# key1: value1
# -- initContainers definition for pods spawned to consume ClearML Task (example in values.yaml comments)
initContainers: []
# - name: volume-dirs-init-cntr
# image: busybox:1.35
# command:
# - /bin/bash
# - -c
# - >
# /bin/echo "this is an init";
# -- schedulerName setup for pods spawned to consume ClearML Task
schedulerName: ""
# -- volumes definition for pods spawned to consume ClearML Task (example in values.yaml comments)
volumes: []
# - name: "yourvolume"
# persistentVolumeClaim:
# claimName: "yourvolume"
# -- volumeMounts definition for pods spawned to consume ClearML Task (example in values.yaml comments)
# nfs:
# server: 192.168.0.1
# path: /var/nfs/mount
# -- volume mounts definition for pods spawned to consume ClearML Task (example in values.yaml comments)
volumeMounts: []
# - name: "yourvolume"
# mountPath: "/yourpath"
# - name: yourvolume
# mountPath: /yourpath
# subPath: userfolder
# -- file definition for pods spawned to consume ClearML Task (example in values.yaml comments)
fileMounts: []
# - name: "mounted-file.txt"
# folderPath: "/mnt/"
# fileContent: |-
# this is a test file
# with test content
# -- environment variables for pods spawned to consume ClearML Task (example in values.yaml comments)
env: []
# # to setup access to private repo, setup secret with git credentials:
@@ -87,15 +175,52 @@ agentk8sglue:
# secretKeyRef:
# name: git-password
# key: git-password
# - name: CURL_CA_BUNDLE
# value: ""
# - name: PYTHONWARNINGS
# value: "ignore:Unverified HTTPS request"
# -- resources declaration for pods spawned to consume ClearML Task (example in values.yaml comments)
resources: {}
# limits:
# nvidia.com/gpu: 1
# -- priorityClassName setup for pods spawned to consume ClearML Task
priorityClassName: ""
# -- nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments)
nodeSelector: {}
# fleet: gpu-nodes
# -- tolerations setup for pods spawned to consume ClearML Task (example in values.yaml comments)
tolerations: []
# - key: "nvidia.com/gpu"
# operator: Exists
# effect: "NoSchedule"
# -- nodeSelector setup for pods spawned to consume ClearML Task (example in values.yaml comments)
nodeSelector: {}
# fleet: gpu-nodes
# -- affinity setup for pods spawned to consume ClearML Task
affinity: {}
# -- securityContext setup for pods spawned to consume ClearML Task (example in values.yaml comments)
podSecurityContext: {}
# runAsUser: 1001
# fsGroup: 1001
# -- securityContext setup for containers spawned to consume ClearML Task (example in values.yaml comments)
containerSecurityContext: {}
# runAsUser: 1001
# fsGroup: 1001
# -- hostAliases setup for pods spawned to consume ClearML Task (example in values.yaml comments)
hostAliases: []
# - ip: "127.0.0.1"
# hostnames:
# - "foo.local"
# - "bar.local"
# -- Sessions internal service configuration
sessions:
# -- Enable/Disable sessions portmode WARNING: only one Agent deployment can have this set to true
portModeEnabled: false
# -- specific annotations for session services
svcAnnotations: {}
# -- service type ("NodePort" or "ClusterIP" or "LoadBalancer")
svcType: "NodePort"
# -- External IP sessions clients can connect to
externalIP: 0.0.0.0
# -- starting range of exposed NodePorts
startingPort: 30000
# -- maximum number of NodePorts exposed
maxServices: 20

12
charts/clearml-serving/Chart.lock Normal file
View File

@@ -0,0 +1,12 @@
dependencies:
- name: kafka
repository: https://charts.bitnami.com/bitnami
version: 21.4.0
- name: prometheus
repository: https://prometheus-community.github.io/helm-charts
version: 19.7.2
- name: grafana
repository: https://grafana.github.io/helm-charts
version: 6.52.3
digest: sha256:b28d01875a50b24230ba164d14671225b71d79172192a97e345661e4832f484b
generated: "2023-03-16T09:10:35.77395+01:00"

28
charts/clearml-serving/Chart.yaml
View File

@@ -2,9 +2,14 @@ apiVersion: v2
name: clearml-serving
description: ClearML Serving Helm Chart
type: application
version: 0.7.0
appVersion: "1.2.0"
kubeVersion: ">= 1.19.0-0 < 1.26.0-0"
version: "1.4.2"
appVersion: "1.3.0"
kubeVersion: ">= 1.21.0-0 < 1.29.0-0"
home: https://clear.ml
icon: https://raw.githubusercontent.com/allegroai/clearml/master/docs/clearml-logo.svg
sources:
- https://github.com/allegroai/clearml-helm-charts
- https://github.com/allegroai/clearml
maintainers:
- name: valeriano-manassero
url: https://github.com/valeriano-manassero
@@ -13,3 +18,20 @@ keywords:
- "machine learning"
- mlops
- "model serving"
dependencies:
- name: kafka
version: "21.4.0"
repository: "https://charts.bitnami.com/bitnami"
condition: kafka.enabled
- name: prometheus
version: "19.7.2"
repository: "https://prometheus-community.github.io/helm-charts"
condition: prometheus.enabled
- name: grafana
version: "6.52.3"
repository: "https://grafana.github.io/helm-charts"
condition: grafana.enabled
annotations:
artifacthub.io/changes: |
- kind: fixed
description: wrong clearmlServing reference in secrets

91
charts/clearml-serving/README.md
View File

@@ -1,55 +1,106 @@
# clearml-serving
# ClearML Kubernetes Serving
![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.2.0](https://img.shields.io/badge/AppVersion-1.2.0-informational?style=flat-square)
![Version: 1.4.2](https://img.shields.io/badge/Version-1.4.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.3.0](https://img.shields.io/badge/AppVersion-1.3.0-informational?style=flat-square)
ClearML Serving Helm Chart
**Homepage:** <https://clear.ml>
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| valeriano-manassero | | <https://github.com/valeriano-manassero> |
## Introduction
The **clearml-serving** is the Kubernetes serving for for [ClearML](https://github.com/allegroai/clearml-serving).
It allows you to serve models on a Kubernetes cluster.
# Upgrading Chart
## Upgrades/ Values upgrades
Updating to latest version of this chart can be done in two steps:
```
helm repo update
helm upgrade clearml-serving allegroai/clearml-serving
```
Changing values on existing installation can be done with:
```
helm upgrade clearml-serving allegroai/clearml-serving --version <CURRENT CHART VERSION> -f custom_values.yaml
```
## Source Code
* <https://github.com/allegroai/clearml-helm-charts>
* <https://github.com/allegroai/clearml>
## Requirements
Kubernetes: `>= 1.19.0-0 < 1.26.0-0`
Kubernetes: `>= 1.21.0-0 < 1.29.0-0`
| Repository | Name | Version |
|------------|------|---------|
| https://charts.bitnami.com/bitnami | kafka | 21.4.0 |
| https://grafana.github.io/helm-charts | grafana | 6.52.3 |
| https://prometheus-community.github.io/helm-charts | prometheus | 19.7.2 |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| alertmanager | object | `{"affinity":{},"image":{"repository":"prom/alertmanager","tag":"v0.23.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Alertmanager generic configigurations |
| clearml | object | `{"apiAccessKey":"ClearML API Access Key","apiHost":"http://clearml-server-apiserver:8008","apiSecretKey":"ClearML API Secret Key","defaultBaseServeUrl":"http://127.0.0.1:8080/serve","filesHost":"http://clearml-server-fileserver:8081","servingTaskId":"ClearML Serving Task ID","webHost":"http://clearml-server-webserver:80"}` | ClearMl generic configurations |
| clearml_serving_inference | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-inference","tag":"1.2.0"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving inference configurations |
| clearml | object | `{"apiAccessKey":"ClearML API Access Key","apiHost":"http://clearml-server-apiserver:8008","apiSecretKey":"ClearML API Secret Key","defaultBaseServeUrl":"http://127.0.0.1:8080/serve","filesHost":"http://clearml-server-fileserver:8081","kafkaServeUrl":"","servingTaskId":"ClearML Serving Task ID","webHost":"http://clearml-server-webserver:80"}` | ClearMl generic configurations |
| clearml_serving_inference | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"extraEnvironment":[],"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-inference","tag":"1.3.0"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving inference configurations |
| clearml_serving_inference.affinity | object | `{}` | Affinity configuration |
| clearml_serving_inference.autoscaling | object | `{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50}` | Autoscaling configuration |
| clearml_serving_inference.extraEnvironment | list | `[]` | Extra environment variables |
| clearml_serving_inference.extraPythonPackages | list | `[]` | Extra Python Packages to be installed in running pods |
| clearml_serving_inference.image | object | `{"repository":"allegroai/clearml-serving-inference","tag":"1.2.0"}` | Container Image |
| clearml_serving_inference.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
| clearml_serving_inference.image | object | `{"repository":"allegroai/clearml-serving-inference","tag":"1.3.0"}` | Container Image |
| clearml_serving_inference.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
| clearml_serving_inference.ingress.annotations | object | `{}` | Ingress annotations |
| clearml_serving_inference.ingress.enabled | bool | `false` | Enable/Disable ingress |
| clearml_serving_inference.ingress.hostName | string | `"serving.clearml.127-0-0-1.nip.io"` | Ingress hostname domain |
| clearml_serving_inference.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
| clearml_serving_inference.ingress.path | string | `"/"` | Ingress root path url |
| clearml_serving_inference.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
| clearml_serving_inference.nodeSelector | object | `{}` | Node Selector configuration |
| clearml_serving_inference.resources | object | `{}` | Pod resources definition |
| clearml_serving_inference.tolerations | list | `[]` | Tolerations configuration |
| clearml_serving_statistics | object | `{"affinity":{},"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-statistics","tag":"1.2.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving statistics configurations |
| clearml_serving_statistics | object | `{"affinity":{},"enabled":true,"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-statistics","tag":"1.3.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving statistics configurations |
| clearml_serving_statistics.affinity | object | `{}` | Affinity configuration |
| clearml_serving_statistics.enabled | bool | `true` | Enable ClearML Serving Statistics |
| clearml_serving_statistics.extraPythonPackages | list | `[]` | Extra Python Packages to be installed in running pods |
| clearml_serving_statistics.image | object | `{"repository":"allegroai/clearml-serving-statistics","tag":"1.2.0"}` | Container Image |
| clearml_serving_statistics.image | object | `{"repository":"allegroai/clearml-serving-statistics","tag":"1.3.0"}` | Container Image |
| clearml_serving_statistics.nodeSelector | object | `{}` | Node Selector configuration |
| clearml_serving_statistics.resources | object | `{}` | Pod resources definition |
| clearml_serving_statistics.tolerations | list | `[]` | Tolerations configuration |
| clearml_serving_triton | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"enabled":true,"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-triton","tag":"1.2.0-22.07"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving Triton configurations |
| clearml_serving_triton | object | `{"affinity":{},"autoscaling":{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50},"enabled":true,"extraPythonPackages":[],"image":{"repository":"allegroai/clearml-serving-triton","tag":"1.3.0"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | ClearML serving Triton configurations |
| clearml_serving_triton.affinity | object | `{}` | Affinity configuration |
| clearml_serving_triton.autoscaling | object | `{"enabled":false,"maxReplicas":11,"minReplicas":1,"targetCPU":50,"targetMemory":50}` | Autoscaling configuration |
| clearml_serving_triton.enabled | bool | `true` | Triton pod creation enable/disable |
| clearml_serving_triton.extraPythonPackages | list | `[]` | Extra Python Packages to be installed in running pods |
| clearml_serving_triton.image | object | `{"repository":"allegroai/clearml-serving-triton","tag":"1.2.0-22.07"}` | Container Image |
| clearml_serving_triton.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
| clearml_serving_triton.image | object | `{"repository":"allegroai/clearml-serving-triton","tag":"1.3.0"}` | Container Image |
| clearml_serving_triton.ingress | object | `{"annotations":{},"enabled":false,"hostName":"serving-grpc.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress exposing configurations |
| clearml_serving_triton.ingress.annotations | object | `{}` | Ingress annotations |
| clearml_serving_triton.ingress.enabled | bool | `false` | Enable/Disable ingress |
| clearml_serving_triton.ingress.hostName | string | `"serving-grpc.clearml.127-0-0-1.nip.io"` | Ingress hostname domain |
| clearml_serving_triton.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
| clearml_serving_triton.ingress.path | string | `"/"` | Ingress root path url |
| clearml_serving_triton.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
| clearml_serving_triton.nodeSelector | object | `{}` | Node Selector configuration |
| clearml_serving_triton.resources | object | `{}` | Pod resources definition |
| clearml_serving_triton.tolerations | list | `[]` | Tolerations configuration |
| grafana | object | `{"affinity":{},"image":{"repository":"grafana/grafana","tag":"8.4.4-ubuntu"},"ingress":{"annotations":{},"enabled":false,"hostName":"serving-grafana.clearml.127-0-0-1.nip.io","path":"/","tlsSecretName":""},"nodeSelector":{},"resources":{},"tolerations":[]}` | Grafana generic configigurations |
| kafka | object | `{"affinity":{},"image":{"repository":"bitnami/kafka","tag":"3.1.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Kafka generic configigurations |
| prometheus | object | `{"affinity":{},"image":{"repository":"prom/prometheus","tag":"v2.34.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Prometheus generic configigurations |
| zookeeper | object | `{"affinity":{},"image":{"repository":"bitnami/zookeeper","tag":"3.7.0"},"nodeSelector":{},"resources":{},"tolerations":[]}` | Zookeeper generic configigurations |
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
| grafana | object | `{"adminPassword":"clearml","adminUser":"admin","datasources":{"datasources.yaml":{"apiVersion":1,"datasources":[{"access":"proxy","isDefault":true,"name":"Prometheus","type":"prometheus","url":"http://{{ .Release.Name }}-prometheus-server"}]}},"enabled":true}` | Configuration from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml |
| imageCredentials | object | `{"email":"someone@host.com","enabled":false,"existingSecret":"","password":"pwd","registry":"docker.io","username":"someone"}` | Private image registry configuration |
| imageCredentials.email | string | `"someone@host.com"` | Email |
| imageCredentials.enabled | bool | `false` | Use private authentication mode |
| imageCredentials.existingSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
| imageCredentials.password | string | `"pwd"` | Registry password |
| imageCredentials.registry | string | `"docker.io"` | Registry name |
| imageCredentials.username | string | `"someone"` | Registry username |
| kafka | object | `{"enabled":true}` | Configuration from https://github.com/bitnami/charts/blob/main/bitnami/kafka/values.yaml |
| prometheus | object | `{"enabled":true,"extraScrapeConfigs":"- job_name: \"{{ .Release.Name }}-stats\"\n static_configs:\n - targets:\n - \"{{ .Release.Name }}-statistics:9999\"\n","kube-state-metrics":{"enabled":false},"prometheus-node-exporter":{"enabled":false},"prometheus-pushgateway":{"enabled":false},"serverFiles":{"prometheus.yml":{"scrape_configs":[{"job_name":"prometheus","static_configs":[{"targets":["localhost:9090"]}]}]}}}` | Configuration from https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus/values.yaml |

38
charts/clearml-serving/README.md.gotmpl Normal file
View File

@@ -0,0 +1,38 @@
# ClearML Kubernetes Serving
{{ template "chart.deprecationWarning" . }}
{{ template "chart.badgesSection" . }}
{{ template "chart.description" . }}
{{ template "chart.homepageLine" . }}
{{ template "chart.maintainersSection" . }}
## Introduction
The **clearml-serving** is the Kubernetes serving for for [ClearML](https://github.com/allegroai/clearml-serving).
It allows you to serve models on a Kubernetes cluster.
# Upgrading Chart
## Upgrades/ Values upgrades
Updating to latest version of this chart can be done in two steps:
```
helm repo update
helm upgrade clearml-serving allegroai/clearml-serving
```
Changing values on existing installation can be done with:
```
helm upgrade clearml-serving allegroai/clearml-serving --version <CURRENT CHART VERSION> -f custom_values.yaml
```
{{ template "chart.sourcesSection" . }}
{{ template "chart.requirementsSection" . }}
{{ template "chart.valuesSection" . }}

BIN
charts/clearml-serving/charts/grafana-6.52.3.tgz Normal file
View File

Binary file not shown.

BIN
charts/clearml-serving/charts/kafka-21.4.0.tgz Normal file
View File

Binary file not shown.

BIN
charts/clearml-serving/charts/prometheus-19.7.2.tgz Normal file
View File

Binary file not shown.

29
charts/clearml-serving/templates/_helpers.tpl
View File

@@ -1,7 +1,7 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "clearml-serving.name" -}}
{{- define "clearmlServing.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
@@ -10,7 +10,7 @@ Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "clearml-serving.fullname" -}}
{{- define "clearmlServing.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
@@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name.
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "clearml-serving.chart" -}}
{{- define "clearmlServing.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "clearml-serving.labels" -}}
helm.sh/chart: {{ include "clearml-serving.chart" . }}
{{ include "clearml-serving.selectorLabels" . }}
{{- define "clearmlServing.labels" -}}
helm.sh/chart: {{ include "clearmlServing.chart" . }}
{{ include "clearmlServing.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
@@ -45,22 +45,31 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{/*
Selector labels
*/}}
{{- define "clearml-serving.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml-serving.name" . }}
{{- define "clearmlServing.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearmlServing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "clearml-serving.serviceAccountName" -}}
{{- define "clearmlServing.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "clearml-serving.fullname" .) .Values.serviceAccount.name }}
{{- default (include "clearmlServing.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
{{/*
Create secret to access docker registry
*/}}
{{- define "imagePullSecret" }}
{{- with .Values.imageCredentials }}
{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
{{- end }}
{{- end }}
{{/*
Return the target Kubernetes version
*/}}

27
charts/clearml-serving/templates/alertmanager-deployment.yaml
View File

@@ -1,27 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: alertmanager
name: alertmanager
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: alertmanager
strategy: {}
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: alertmanager
spec:
containers:
- image: "{{ .Values.alertmanager.image.repository }}:{{ .Values.alertmanager.image.tag }}"
name: clearml-serving-alertmanager
ports:
- containerPort: 9093
resources: {}
restartPolicy: Always

14
charts/clearml-serving/templates/alertmanager-service.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: alertmanager
name: clearml-serving-alertmanager
spec:
ports:
- name: "9093"
port: 9093
targetPort: 9093
selector:
clearml.serving.service: alertmanager

11
charts/clearml-serving/templates/clearml-secrets.yaml Normal file
View File

@@ -0,0 +1,11 @@
{{- if .Values.imageCredentials.enabled }}
{{- if not .Values.imageCredentials.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "clearmlServing.fullname" . }}-ark
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ template "imagePullSecret" . }}
{{- end }}
{{- end }}

13
charts/clearml-serving/templates/clearml-serving-backend-networkpolicy.yaml
View File

@@ -1,13 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: clearml-serving-backend
spec:
ingress:
- from:
- podSelector:
matchLabels:
clearml.serving.network/clearml-serving-backend: "true"
podSelector:
matchLabels:
clearml.serving.network/clearml-serving-backend: "true"

36
charts/clearml-serving/templates/clearml-serving-inference-deployment.yaml
View File

@@ -3,21 +3,29 @@ kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: clearml-serving-inference
name: clearml-serving-inference
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
name: {{ include "clearmlServing.fullname" . }}-inference
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: clearml-serving-inference
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
strategy: {}
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: clearml-serving-inference
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-registry-key
{{- end }}
{{- end }}
containers:
- env:
- name: CLEARML_API_ACCESS_KEY
@@ -30,15 +38,21 @@ spec:
value: "{{ .Values.clearml.filesHost }}"
- name: CLEARML_WEB_HOST
value: "{{ .Values.clearml.webHost }}"
{{- if .Values.clearml_serving_statistics.enabled }}
- name: CLEARML_DEFAULT_KAFKA_SERVE_URL
value: clearml-serving-kafka:9092
{{- if .Values.clearml.kafkaServeUrl }}
value: {{ .Values.clearml.kafkaServeUrl }}
{{- else }}
value: {{ include "clearmlServing.fullname" . }}-kafka:9092
{{- end }}
{{- end }}
- name: CLEARML_SERVING_POLL_FREQ
value: "1.0"
- name: CLEARML_DEFAULT_BASE_SERVE_URL
value: "{{ .Values.clearml.defaultBaseServeUrl }}"
- name: CLEARML_DEFAULT_TRITON_GRPC_ADDR
{{- if .Values.clearml_serving_triton.enabled }}
value: "clearml-serving-triton:8001"
value: "{{ include "clearmlServing.fullname" . }}-triton:8001"
{{- else }}
value: ""
{{- end }}
@@ -51,12 +65,16 @@ spec:
- name: CLEARML_USE_GUNICORN
value: "true"
{{- if .Values.clearml_serving_inference.extraPythonPackages }}
- name: EXTRA_PYTHON_PACKAGES
- name: CLEARML_EXTRA_PYTHON_PACKAGES
value: '{{ join " " .Values.clearml_serving_inference.extraPythonPackages }}'
{{- end }}
{{- with .Values.clearml_serving_inference.extraEnvironment }}
{{- toYaml . | nindent 12 }}
{{- end }}
image: "{{ .Values.clearml_serving_inference.image.repository }}:{{ .Values.clearml_serving_inference.image.tag }}"
name: clearml-serving-inference
name: {{ include "clearmlServing.fullname" . }}-inference
ports:
- containerPort: 8080
resources: {}
resources:
{{- toYaml .Values.clearml_serving_inference.resources | nindent 12 }}
restartPolicy: Always

6
charts/clearml-serving/templates/clearml-serving-inference-hpa.yaml
View File

@@ -2,16 +2,16 @@
apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
kind: HorizontalPodAutoscaler
metadata:
name: clearml-serving-inference-hpa
name: {{ include "clearmlServing.fullname" . }}-inference-hpa
namespace: {{ .Release.Namespace | quote }}
annotations: {}
labels:
clearml.serving.service: clearml-serving-inference
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
spec:
scaleTargetRef:
apiVersion: "apps/v1"
kind: Deployment
name: clearml-serving-inference
name: {{ include "clearmlServing.fullname" . }}-inference
minReplicas: {{ .Values.clearml_serving_inference.autoscaling.minReplicas }}
maxReplicas: {{ .Values.clearml_serving_inference.autoscaling.maxReplicas }}
metrics:

11
charts/clearml-serving/templates/clearml-serving-inference-ingress.yaml
View File

@@ -8,12 +8,15 @@ apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: clearml-serving-inference
name: {{ include "clearmlServing.fullname" . }}-inference
labels:
clearml.serving.service: clearml-serving-inference
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
annotations:
{{- toYaml .Values.clearml_serving_inference.ingress.annotations | nindent 4 }}
spec:
{{- if .Values.clearml_serving_inference.ingress.ingressClassName }}
ingressClassName: {{ .Values.clearml_serving_inference.ingress.ingressClassName }}
{{- end }}
{{- if .Values.clearml_serving_inference.ingress.tlsSecretName }}
tls:
- hosts:
@@ -29,12 +32,12 @@ spec:
pathType: Prefix
backend:
service:
name: clearml-serving-inference
name: {{ include "clearmlServing.fullname" . }}-inference
port:
number: 8080
{{ else }}
backend:
serviceName: clearml-serving-inference
servicename: {{ include "clearmlServing.fullname" . }}-inference
servicePort: 8080
{{ end }}
{{- end }}

6
charts/clearml-serving/templates/clearml-serving-inference-service.yaml
View File

@@ -3,12 +3,12 @@ kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: clearml-serving-inference
name: clearml-serving-inference
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference
name: {{ include "clearmlServing.fullname" . }}-inference
spec:
ports:
- name: "8080"
port: 8080
targetPort: 8080
selector:
clearml.serving.service: clearml-serving-inference
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-inference

31
charts/clearml-serving/templates/clearml-serving-statistics-deployment.yaml
View File

@@ -1,23 +1,32 @@
{{- if .Values.clearml_serving_statistics.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: clearml-serving-statistics
name: clearml-serving-statistics
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
name: {{ include "clearmlServing.fullname" . }}-statistics
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: clearml-serving-statistics
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
strategy: {}
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: clearml-serving-statistics
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-registry-key
{{- end }}
{{- end }}
containers:
- env:
- name: CLEARML_API_ACCESS_KEY
@@ -31,18 +40,24 @@ spec:
- name: CLEARML_WEB_HOST
value: "{{ .Values.clearml.webHost }}"
- name: CLEARML_DEFAULT_KAFKA_SERVE_URL
value: clearml-serving-kafka:9092
{{- if .Values.clearml.kafkaServeUrl }}
value: {{ .Values.clearml.kafkaServeUrl }}
{{- else }}
value: {{ include "clearmlServing.fullname" . }}-kafka:9092
{{- end }}
- name: CLEARML_SERVING_POLL_FREQ
value: "1.0"
- name: CLEARML_SERVING_TASK_ID
value: "{{ .Values.clearml.servingTaskId }}"
{{- if .Values.clearml_serving_statistics.extraPythonPackages }}
- name: EXTRA_PYTHON_PACKAGES
- name: CLEARML_EXTRA_PYTHON_PACKAGES
value: '{{ join " " .Values.clearml_serving_statistics.extraPythonPackages }}'
{{- end }}
image: "{{ .Values.clearml_serving_statistics.image.repository }}:{{ .Values.clearml_serving_statistics.image.tag }}"
name: clearml-serving-statistics
name: {{ include "clearmlServing.fullname" . }}-statistics
ports:
- containerPort: 9999
resources: {}
resources:
{{- toYaml .Values.clearml_serving_statistics.resources | nindent 12 }}
restartPolicy: Always
{{- end }}

8
charts/clearml-serving/templates/clearml-serving-statistics-service.yaml
View File

@@ -1,14 +1,16 @@
{{- if .Values.clearml_serving_statistics.enabled }}
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: clearml-serving-statistics
name: clearml-serving-statistics
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
name: {{ include "clearmlServing.fullname" . }}-statistics
spec:
ports:
- name: "9999"
port: 9999
targetPort: 9999
selector:
clearml.serving.service: clearml-serving-statistics
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-statistics
{{- end }}

23
charts/clearml-serving/templates/clearml-serving-triton-deployment.yaml
View File

@@ -4,21 +4,29 @@ kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: clearml-serving-triton
name: clearml-serving-triton
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
name: {{ include "clearmlServing.fullname" . }}-triton
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: clearml-serving-triton
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
strategy: {}
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: clearml-serving-triton
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-registry-key
{{- end }}
{{- end }}
containers:
- env:
- name: CLEARML_API_ACCESS_KEY
@@ -38,14 +46,15 @@ spec:
- name: CLEARML_TRITON_METRIC_FREQ
value: "1.0"
{{- if .Values.clearml_serving_triton.extraPythonPackages }}
- name: EXTRA_PYTHON_PACKAGES
- name: CLEARML_EXTRA_PYTHON_PACKAGES
value: '{{ join " " .Values.clearml_serving_triton.extraPythonPackages }}'
{{- end }}
image: "{{ .Values.clearml_serving_triton.image.repository }}:{{ .Values.clearml_serving_triton.image.tag }}"
name: clearml-serving-triton
name: {{ include "clearmlServing.fullname" . }}-triton
ports:
- containerPort: 8001
resources: {}
resources:
{{- toYaml .Values.clearml_serving_triton.resources | nindent 12 }}
restartPolicy: Always
{{ end }}

8
charts/clearml-serving/templates/clearml-serving-triton-hpa.yaml
View File

@@ -1,17 +1,18 @@
{{- if .Values.clearml_serving_triton.enabled }}
{{- if .Values.clearml_serving_triton.autoscaling.enabled }}
apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
kind: HorizontalPodAutoscaler
metadata:
name: clearml-serving-triton-hpa
name: {{ include "clearmlServing.fullname" . }}-triton-hpa
namespace: {{ .Release.Namespace | quote }}
annotations: {}
labels:
clearml.serving.service: clearml-serving-triton
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
spec:
scaleTargetRef:
apiVersion: "apps/v1"
kind: Deployment
name: clearml-serving-triton
name: {{ include "clearmlServing.fullname" . }}-triton
minReplicas: {{ .Values.clearml_serving_triton.autoscaling.minReplicas }}
maxReplicas: {{ .Values.clearml_serving_triton.autoscaling.maxReplicas }}
metrics:
@@ -40,3 +41,4 @@ spec:
{{- end }}
{{- end }}
{{- end }}
{{- end }}

11
charts/clearml-serving/templates/clearml-serving-triton-ingress.yaml
View File

@@ -9,12 +9,15 @@ apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: clearml-serving-triton
name: {{ include "clearmlServing.fullname" . }}-triton
labels:
clearml.serving.service: clearml-serving-triton
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
annotations:
{{- toYaml .Values.clearml_serving_triton.ingress.annotations | nindent 4 }}
spec:
{{- if .Values.clearml_serving_triton.ingress.ingressClassName }}
ingressClassName: {{ .Values.clearml_serving_triton.ingress.ingressClassName }}
{{- end }}
{{- if .Values.clearml_serving_triton.ingress.tlsSecretName }}
tls:
- hosts:
@@ -30,12 +33,12 @@ spec:
pathType: Prefix
backend:
service:
name: clearml-serving-triton
name: {{ include "clearmlServing.fullname" . }}-triton
port:
number: 8001
{{ else }}
backend:
serviceName: clearml-serving-triton
servicename: {{ include "clearmlServing.fullname" . }}-triton
servicePort: 8001
{{ end }}
{{- end }}

6
charts/clearml-serving/templates/clearml-serving-triton-service.yaml
View File

@@ -4,13 +4,13 @@ kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: clearml-serving-triton
name: clearml-serving-triton
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
name: {{ include "clearmlServing.fullname" . }}-triton
spec:
ports:
- name: "8001"
port: 8001
targetPort: 8001
selector:
clearml.serving.service: clearml-serving-triton
clearml.serving.service: {{ include "clearmlServing.fullname" . }}-triton
{{ end }}

14
charts/clearml-serving/templates/grafana-config-secret.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: grafana-config
stringData:
datasource.yaml: |-
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
# Access mode - proxy (server in the UI) or direct (browser in the UI).
access: proxy
url: http://clearml-serving-prometheus:9090

35
charts/clearml-serving/templates/grafana-deployment.yaml
View File

@@ -1,35 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: grafana
name: grafana
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: grafana
strategy:
type: Recreate
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: grafana
spec:
containers:
- image: "{{ .Values.grafana.image.repository }}:{{ .Values.grafana.image.tag }}"
name: clearml-serving-grafana
ports:
- containerPort: 3000
resources: {}
volumeMounts:
- mountPath: /etc/grafana/provisioning/datasources/
name: grafana-conf
restartPolicy: Always
volumes:
- name: grafana-conf
secret:
secretName: grafana-config

40
charts/clearml-serving/templates/grafana-ingress.yaml
View File

@@ -1,40 +0,0 @@
{{- if .Values.grafana.ingress.enabled -}}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: clearml-serving-grafana
labels:
clearml.serving.service: clearml-serving-grafana
annotations:
{{- toYaml .Values.grafana.ingress.annotations | nindent 4 }}
spec:
{{- if .Values.grafana.ingress.tlsSecretName }}
tls:
- hosts:
- {{ .Values.grafana.ingress.hostName }}
secretName: {{ .Values.grafana.ingress.tlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.grafana.ingress.hostName }}
http:
paths:
- path: {{ .Values.grafana.ingress.path }}
{{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
backend:
service:
name: clearml-serving-grafana
port:
number: 3000
{{ else }}
backend:
serviceName: clearml-serving-grafana
servicePort: 3000
{{ end }}
{{- end }}

14
charts/clearml-serving/templates/grafana-service.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: grafana
name: clearml-serving-grafana
spec:
ports:
- name: "3000"
port: 3000
targetPort: 3000
selector:
clearml.serving.service: grafana

40
charts/clearml-serving/templates/kafka-deployment.yaml
View File

@@ -1,40 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: kafka
name: kafka
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: kafka
strategy: {}
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: kafka
spec:
containers:
- env:
- name: ALLOW_PLAINTEXT_LISTENER
value: "yes"
- name: KAFKA_BROKER_ID
value: "1"
- name: KAFKA_CFG_ADVERTISED_LISTENERS
value: PLAINTEXT://clearml-serving-kafka:9092
- name: KAFKA_CFG_LISTENERS
value: PLAINTEXT://0.0.0.0:9092
- name: KAFKA_CFG_ZOOKEEPER_CONNECT
value: clearml-serving-zookeeper:2181
- name: KAFKA_CREATE_TOPICS
value: '"topic_test:1:1"'
image: "{{ .Values.kafka.image.repository }}:{{ .Values.kafka.image.tag }}"
name: clearml-serving-kafka
ports:
- containerPort: 9092
resources: {}
restartPolicy: Always

14
charts/clearml-serving/templates/kafka-service.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: kafka
name: clearml-serving-kafka
spec:
ports:
- name: "9092"
port: 9092
targetPort: 9092
selector:
clearml.serving.service: kafka

28
charts/clearml-serving/templates/prometheus-config-secret.yaml
View File

@@ -1,28 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: prometheus-config
stringData:
prometheus.yml: |-
global:
scrape_interval: "15s" # By default, scrape targets every 15 seconds.
evaluation_interval: 15s # By default, scrape targets every 15 seconds.
external_labels:
monitor: 'clearml-serving'
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
- job_name: 'prometheus'
scrape_interval: 5s
static_configs:
- targets: ['localhost:9090']
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
- job_name: 'clearml-inference-stats'
scrape_interval: 5s
static_configs:
- targets: ['clearml-serving-statistics:9999']

42
charts/clearml-serving/templates/prometheus-deployment.yaml
View File

@@ -1,42 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: prometheus
name: prometheus
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: prometheus
strategy:
type: Recreate
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: prometheus
spec:
containers:
- args:
- --config.file=/mnt/prometheus.yml
- --storage.tsdb.path=/prometheus
- --web.console.libraries=/etc/prometheus/console_libraries
- --web.console.templates=/etc/prometheus/consoles
- --storage.tsdb.retention.time=200h
- --web.enable-lifecycle
image: "{{ .Values.prometheus.image.repository }}:{{ .Values.prometheus.image.tag }}"
name: clearml-serving-prometheus
ports:
- containerPort: 9090
resources: {}
volumeMounts:
- mountPath: /mnt
name: prometheus-conf
restartPolicy: Always
volumes:
- name: prometheus-conf
secret:
secretName: prometheus-config

14
charts/clearml-serving/templates/prometheus-service.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: prometheus
name: clearml-serving-prometheus
spec:
ports:
- name: "9090"
port: 9090
targetPort: 9090
selector:
clearml.serving.service: prometheus

30
charts/clearml-serving/templates/zookeeper-deployment.yaml
View File

@@ -1,30 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
clearml.serving.service: zookeeper
name: zookeeper
spec:
replicas: 1
selector:
matchLabels:
clearml.serving.service: zookeeper
strategy: {}
template:
metadata:
annotations: {}
labels:
clearml.serving.network/clearml-serving-backend: "true"
clearml.serving.service: zookeeper
spec:
containers:
- env:
- name: ALLOW_ANONYMOUS_LOGIN
value: "yes"
image: "{{ .Values.zookeeper.image.repository }}:{{ .Values.zookeeper.image.tag }}"
name: clearml-serving-zookeeper
ports:
- containerPort: 2181
resources: {}
restartPolicy: Always

14
charts/clearml-serving/templates/zookeeper-service.yaml
View File

@@ -1,14 +0,0 @@
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
clearml.serving.service: zookeeper
name: clearml-serving-zookeeper
spec:
ports:
- name: "2181"
port: 2181
targetPort: 2181
selector:
clearml.serving.service: zookeeper

149
charts/clearml-serving/values.yaml
View File

@@ -1,3 +1,18 @@
# -- Private image registry configuration
imageCredentials:
# -- Use private authentication mode
enabled: false
# -- If this is set, chart will not generate a secret but will use what is defined here
existingSecret: ""
# -- Registry name
registry: docker.io
# -- Registry username
username: someone
# -- Registry password
password: pwd
# -- Email
email: someone@host.com
# -- ClearMl generic configurations
clearml:
apiAccessKey: "ClearML API Access Key"
@@ -7,69 +22,16 @@ clearml:
webHost: http://clearml-server-webserver:80
defaultBaseServeUrl: http://127.0.0.1:8080/serve
servingTaskId: "ClearML Serving Task ID"
# -- Zookeeper generic configigurations
zookeeper:
image:
repository: "bitnami/zookeeper"
tag: "3.7.0"
nodeSelector: {}
tolerations: []
affinity: {}
resources: {}
# -- Kafka generic configigurations
kafka:
image:
repository: "bitnami/kafka"
tag: "3.1.0"
nodeSelector: {}
tolerations: []
affinity: {}
resources: {}
# -- Prometheus generic configigurations
prometheus:
image:
repository: "prom/prometheus"
tag: "v2.34.0"
nodeSelector: {}
tolerations: []
affinity: {}
resources: {}
# -- Grafana generic configigurations
grafana:
image:
repository: "grafana/grafana"
tag: "8.4.4-ubuntu"
nodeSelector: {}
tolerations: []
affinity: {}
resources: {}
ingress:
enabled: false
hostName: "serving-grafana.clearml.127-0-0-1.nip.io"
tlsSecretName: ""
annotations: {}
path: "/"
# -- Alertmanager generic configigurations
alertmanager:
image:
repository: "prom/alertmanager"
tag: "v0.23.0"
nodeSelector: {}
tolerations: []
affinity: {}
resources: {}
kafkaServeUrl: ""
# -- ClearML serving statistics configurations
clearml_serving_statistics:
# -- Enable ClearML Serving Statistics
enabled: true
# -- Container Image
image:
repository: "allegroai/clearml-serving-statistics"
tag: "1.2.0"
tag: "1.3.0"
# -- Node Selector configuration
nodeSelector: {}
# -- Tolerations configuration
@@ -88,7 +50,7 @@ clearml_serving_inference:
# -- Container Image
image:
repository: "allegroai/clearml-serving-inference"
tag: "1.2.0"
tag: "1.3.0"
# -- Node Selector configuration
nodeSelector: {}
# -- Tolerations configuration
@@ -97,6 +59,8 @@ clearml_serving_inference:
affinity: {}
# -- Pod resources definition
resources: {}
# -- Extra environment variables
extraEnvironment: []
# -- Extra Python Packages to be installed in running pods
extraPythonPackages: []
# - numpy==1.22.4
@@ -110,10 +74,17 @@ clearml_serving_inference:
targetMemory: 50
# -- Ingress exposing configurations
ingress:
# -- Enable/Disable ingress
enabled: false
# -- ClassName (must be defined if no default ingressClassName is available)
ingressClassName: ""
# -- Ingress hostname domain
hostName: "serving.clearml.127-0-0-1.nip.io"
# -- Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule.
tlsSecretName: ""
# -- Ingress annotations
annotations: {}
# -- Ingress root path url
path: "/"
# -- ClearML serving Triton configurations
@@ -123,7 +94,7 @@ clearml_serving_triton:
# -- Container Image
image:
repository: "allegroai/clearml-serving-triton"
tag: "1.2.0-22.07"
tag: "1.3.0"
# -- Node Selector configuration
nodeSelector: {}
# -- Tolerations configuration
@@ -145,20 +116,56 @@ clearml_serving_triton:
targetMemory: 50
# -- Ingress exposing configurations
ingress:
# -- Enable/Disable ingress
enabled: false
# -- ClassName (must be defined if no default ingressClassName is available)
ingressClassName: ""
# -- Ingress hostname domain
hostName: "serving-grpc.clearml.127-0-0-1.nip.io"
# -- Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule.
tlsSecretName: ""
# -- Ingress annotations
annotations: {}
# # Example for AWS ALB
# kubernetes.io/ingress.class: alb
# alb.ingress.kubernetes.io/backend-protocol: HTTP
# alb.ingress.kubernetes.io/backend-protocol-version: GRPC
# alb.ingress.kubernetes.io/certificate-arn: <cerntificate arn>
# alb.ingress.kubernetes.io/ssl-redirect: '443'
# alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
# alb.ingress.kubernetes.io/target-type: ip
#
# # Example for NNGINX ingress controller
# nginx.ingress.kubernetes.io/ssl-redirect: "true"
# nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
# -- Ingress root path url
path: "/"
# -- Configuration from https://github.com/bitnami/charts/blob/main/bitnami/kafka/values.yaml
kafka:
enabled: true
# -- Configuration from https://github.com/prometheus-community/helm-charts/blob/main/charts/prometheus/values.yaml
prometheus:
enabled: true
kube-state-metrics:
enabled: false
prometheus-node-exporter:
enabled: false
prometheus-pushgateway:
enabled: false
serverFiles:
prometheus.yml:
scrape_configs:
- job_name: prometheus
static_configs:
- targets:
- localhost:9090
extraScrapeConfigs: |
- job_name: "{{ .Release.Name }}-stats"
static_configs:
- targets:
- "{{ .Release.Name }}-statistics:9999"
# -- Configuration from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml
grafana:
enabled: true
adminUser: admin
adminPassword: clearml
datasources:
datasources.yaml:
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
url: "http://{{ .Release.Name }}-prometheus-server"
access: proxy
isDefault: true

16
charts/clearml/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies:
- name: redis
repository: file://../../dependency_charts/redis
version: 10.9.0
repository: https://charts.bitnami.com/bitnami
version: 17.8.3
- name: mongodb
repository: file://../../dependency_charts/mongodb
version: 10.3.4
repository: https://charts.bitnami.com/bitnami
version: 12.1.31
- name: elasticsearch
repository: file://../../dependency_charts/elasticsearch
version: 7.16.2
digest: sha256:149b5a49382d280b1e083f3c193d014d3d2eb7fcdf3ec1402008996960cc173a
generated: "2022-06-02T21:09:00.961174+02:00"
repository: https://helm.elastic.co
version: 7.17.3
digest: sha256:e92c4ac212dfd90a527af0260fa71a5fcc33f485a21c1cca3daa2ced667858b2
generated: "2023-03-10T14:59:49.01676+01:00"

22
charts/clearml/Chart.yaml
View File

@@ -2,9 +2,9 @@ apiVersion: v2
name: clearml
description: MLOps platform
type: application
version: "4.4.0"
appVersion: "1.8.0"
kubeVersion: ">= 1.21.0-0 < 1.26.0-0"
version: "7.3.1"
appVersion: "1.12.0"
kubeVersion: ">= 1.21.0-0 < 1.29.0-0"
home: https://clear.ml
icon: https://raw.githubusercontent.com/allegroai/clearml/master/docs/clearml-logo.svg
sources:
@@ -19,14 +19,18 @@ keywords:
- mlops
dependencies:
- name: redis
version: "10.9.0"
repository: "file://../../dependency_charts/redis"
version: "17.8.3"
repository: "https://charts.bitnami.com/bitnami"
condition: redis.enabled
- name: mongodb
version: "10.3.4"
repository: "file://../../dependency_charts/mongodb"
version: "12.1.31"
repository: "https://charts.bitnami.com/bitnami"
condition: mongodb.enabled
- name: elasticsearch
version: "7.16.2"
repository: "file://../../dependency_charts/elasticsearch"
version: "7.17.3"
repository: "https://helm.elastic.co"
condition: elasticsearch.enabled
annotations:
artifacthub.io/changes: |
- kind: added
description: kubernetes 1.28 support

267
charts/clearml/README.md
View File

@@ -1,6 +1,6 @@
# ClearML Ecosystem for Kubernetes
![Version: 4.4.0](https://img.shields.io/badge/Version-4.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.8.0](https://img.shields.io/badge/AppVersion-1.8.0-informational?style=flat-square)
![Version: 7.3.1](https://img.shields.io/badge/Version-7.3.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.12.0](https://img.shields.io/badge/AppVersion-1.12.0-informational?style=flat-square)
MLOps platform
@@ -31,7 +31,7 @@ For development/evaluation it's possible to use [kind](https://kind.sigs.k8s.io)
After installation, following commands will create a complete ClearML insatllation:
```
cat <<EOF | kind create cluster --config=- ─╯
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
@@ -85,6 +85,12 @@ This will create 3 ingress rules:
Just pointing the domain records to the IP where ingress controller is responding will complete the deployment process.
A production ready cluster should also have some different configuration like the one proposed in `values-production.yaml` that can be applied with:
```
helm install clearml allegroai/clearml -f values-production.yaml
```
## Upgrades/ Values upgrades
Updating to latest version of this chart can be done in two steps:
@@ -103,6 +109,14 @@ helm upgrade clearml allegroai/clearml --version <CURRENT CHART VERSION> -f cust
Please note: updating values only should always be done setting explicit chart version to avoid a possible chart update.
Keeping separate updates procedures between version and values can be a good practice to seprate potential concerns.
### Major upgrade from 5.* to 6.*
Before issuing helm upgrade:
* delete Redis statefulset(s)
* scale MongoDB deployment(s) replicas to 0
* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
## Additional Configuration for ClearML Server
You can also configure the **clearml-server** for:
@@ -119,158 +133,133 @@ For detailed instructions, see the [Optional Configuration](https://github.com/a
## Requirements
Kubernetes: `>= 1.21.0-0 < 1.26.0-0`
Kubernetes: `>= 1.21.0-0 < 1.29.0-0`
| Repository | Name | Version |
|------------|------|---------|
| file://../../dependency_charts/elasticsearch | elasticsearch | 7.16.2 |
| file://../../dependency_charts/mongodb | mongodb | 10.3.4 |
| file://../../dependency_charts/redis | redis | 10.9.0 |
| https://charts.bitnami.com/bitnami | mongodb | 12.1.31 |
| https://charts.bitnami.com/bitnami | redis | 17.8.3 |
| https://helm.elastic.co | elasticsearch | 7.17.3 |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| apiserver.affinity | object | `{}` | |
| apiserver.authCookiesMaxAge | int | `864000` | Amount of seconds the authorization cookie will last in user browser |
| apiserver.configDir | string | `"/opt/clearml/config"` | |
| apiserver.configuration | object | `{"additionalConfigs":{},"configRefName":"","secretRefName":""}` | additional configurations that can be used by api server; check examples in values.yaml file |
| apiserver.extraEnvs | list | `[]` | |
| apiserver.image.pullPolicy | string | `"IfNotPresent"` | |
| apiserver.image.repository | string | `"allegroai/clearml"` | |
| apiserver.image.tag | string | `"1.8.0"` | |
| apiserver.livenessDelay | int | `60` | |
| apiserver.nodeSelector | object | `{}` | |
| apiserver.podAnnotations | object | `{}` | |
| apiserver.prepopulateArtifactsPath | string | `"/mnt/fileserver"` | |
| apiserver.prepopulateEnabled | string | `"true"` | |
| apiserver.prepopulateZipFiles | string | `"/opt/clearml/db-pre-populate"` | |
| apiserver.readinessDelay | int | `60` | |
| apiserver.replicaCount | int | `1` | |
| apiserver.resources | object | `{}` | |
| apiserver | object | `{"additionalConfigs":{},"affinity":{},"containerSecurityContext":{},"enabled":true,"existingAdditionalConfigsConfigMap":"","existingAdditionalConfigsSecret":"","extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.12.0-393"},"ingress":{"annotations":{},"enabled":false,"hostName":"api.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"initContainers":{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"prepopulateEnabled":true,"processes":{"count":8,"maxRequests":1000,"maxRequestsJitter":300,"timeout":24000},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"annotations":{},"nodePort":30008,"port":8008,"type":"NodePort"},"tolerations":[]}` | Api Server configurations |
| apiserver.additionalConfigs | object | `{}` | files declared in this parameter will be mounted and read by apiserver (examples in values.yaml) if not overridden by existingAdditionalConfigsSecret |
| apiserver.affinity | object | `{}` | Api Server affinity setup |
| apiserver.containerSecurityContext | object | `{}` | Api Server containers security context |
| apiserver.enabled | bool | `true` | Enable/Disable component deployment |
| apiserver.existingAdditionalConfigsConfigMap | string | `""` | reference for files declared in existing ConfigMap will be mounted and read by apiserver (examples in values.yaml) |
| apiserver.existingAdditionalConfigsSecret | string | `""` | reference for files declared in existing Secret will be mounted and read by apiserver (examples in values.yaml) if not overridden by existingAdditionalConfigsConfigMap |
| apiserver.extraEnvs | list | `[]` | Api Server extra envrinoment variables |
| apiserver.image | object | `{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.12.0-393"}` | Api Server image configuration |
| apiserver.ingress | object | `{"annotations":{},"enabled":false,"hostName":"api.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress configuration for Api Server component |
| apiserver.ingress.annotations | object | `{}` | Ingress annotations |
| apiserver.ingress.enabled | bool | `false` | Enable/Disable ingress |
| apiserver.ingress.hostName | string | `"api.clearml.127-0-0-1.nip.io"` | Ingress hostname domain |
| apiserver.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
| apiserver.ingress.path | string | `"/"` | Ingress root path url |
| apiserver.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
| apiserver.initContainers | object | `{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}}` | Api Server resources per initContainers pod |
| apiserver.nodeSelector | object | `{}` | Api Server nodeselector |
| apiserver.podAnnotations | object | `{}` | specific annotation for Api Server pods |
| apiserver.podSecurityContext | object | `{}` | Api Server pod security context |
| apiserver.prepopulateEnabled | bool | `true` | Enable/Disable example data load |
| apiserver.processes | object | `{"count":8,"maxRequests":1000,"maxRequestsJitter":300,"timeout":24000}` | Api Server internal processes configuration |
| apiserver.processes.count | int | `8` | Api Server internal listing processes |
| apiserver.processes.maxRequests | int | `1000` | Api Server maximum number of concurrent requests |
| apiserver.processes.maxRequestsJitter | int | `300` | Api Server max jitter on api request |
| apiserver.processes.timeout | int | `24000` | Api timeout (ms) |
| apiserver.replicaCount | int | `1` | Api Server number of pods |
| apiserver.resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}}` | Api Server resources per pod; these are minimal requirements, it's suggested to increase these values in production environments |
| apiserver.service | object | `{"annotations":{},"nodePort":30008,"port":8008,"type":"NodePort"}` | Api Server internal service configuration |
| apiserver.service.annotations | object | `{}` | specific annotation for Api Server service |
| apiserver.service.nodePort | int | `30008` | If service.type set to NodePort, this will be set to service's nodePort field. If service.type is set to others, this field will be ignored |
| apiserver.service.port | int | `8008` | |
| apiserver.service.type | string | `"NodePort"` | This will set to service's spec.type field |
| apiserver.tolerations | list | `[]` | |
| clearml | object | `{"defaultCompany":"d1bd92a3b039400cbafc60a7a5b1e52b"}` | ClearMl generic configurations |
| elasticsearch.clusterHealthCheckParams | string | `"wait_for_status=yellow&timeout=1s"` | |
| elasticsearch.clusterName | string | `"clearml-elastic"` | |
| elasticsearch.enabled | bool | `true` | |
| elasticsearch.esConfig."elasticsearch.yml" | string | `"xpack.security.enabled: false\n"` | |
| elasticsearch.esJavaOpts | string | `"-Xmx2g -Xms2g"` | |
| elasticsearch.extraEnvs[0].name | string | `"bootstrap.memory_lock"` | |
| elasticsearch.extraEnvs[0].value | string | `"false"` | |
| elasticsearch.extraEnvs[1].name | string | `"cluster.routing.allocation.node_initial_primaries_recoveries"` | |
| elasticsearch.extraEnvs[1].value | string | `"500"` | |
| elasticsearch.extraEnvs[2].name | string | `"cluster.routing.allocation.disk.watermark.low"` | |
| elasticsearch.extraEnvs[2].value | string | `"500mb"` | |
| elasticsearch.extraEnvs[3].name | string | `"cluster.routing.allocation.disk.watermark.high"` | |
| elasticsearch.extraEnvs[3].value | string | `"500mb"` | |
| elasticsearch.extraEnvs[4].name | string | `"cluster.routing.allocation.disk.watermark.flood_stage"` | |
| elasticsearch.extraEnvs[4].value | string | `"500mb"` | |
| elasticsearch.extraEnvs[5].name | string | `"http.compression_level"` | |
| elasticsearch.extraEnvs[5].value | string | `"7"` | |
| elasticsearch.extraEnvs[6].name | string | `"reindex.remote.whitelist"` | |
| elasticsearch.extraEnvs[6].value | string | `"*.*"` | |
| elasticsearch.extraEnvs[7].name | string | `"xpack.monitoring.enabled"` | |
| elasticsearch.extraEnvs[7].value | string | `"false"` | |
| elasticsearch.extraEnvs[8].name | string | `"xpack.security.enabled"` | |
| elasticsearch.extraEnvs[8].value | string | `"false"` | |
| elasticsearch.httpPort | int | `9200` | |
| elasticsearch.minimumMasterNodes | int | `1` | |
| elasticsearch.persistence.enabled | bool | `true` | |
| elasticsearch.replicas | int | `1` | |
| elasticsearch.resources.limits.memory | string | `"4Gi"` | |
| elasticsearch.resources.requests.memory | string | `"4Gi"` | |
| elasticsearch.roles.data | string | `"true"` | |
| elasticsearch.roles.ingest | string | `"true"` | |
| elasticsearch.roles.master | string | `"true"` | |
| elasticsearch.roles.remote_cluster_client | string | `"true"` | |
| elasticsearch.volumeClaimTemplate.accessModes[0] | string | `"ReadWriteOnce"` | |
| elasticsearch.volumeClaimTemplate.resources.requests.storage | string | `"50Gi"` | |
| externalServices.elasticsearchHost | string | `""` | Existing ElasticSearch Hostname to use if elasticsearch.enabled is false |
| externalServices.elasticsearchPort | int | `9200` | Existing ElasticSearch Port to use if elasticsearch.enabled is false |
| externalServices.mongodbHost | string | `""` | Existing MongoDB Hostname to use if mongodb.enabled is false |
| externalServices.mongodbPort | int | `27017` | Existing MongoDB Port to use if mongodb.enabled is false |
| externalServices.redisHost | string | `""` | Existing Redis Hostname to use if redis.enabled is false |
| apiserver.tolerations | list | `[]` | Api Server tolerations setup |
| clearml | object | `{"apiserverKey":"GGS9F4M6XB2DXJ5AFT9F","apiserverSecret":"2oGujVFhPfaozhpuz2GzQfA5OyxmMsR3WVJpsCR5hrgHFs20PO","clientConfigurationApiUrl":"","clientConfigurationFilesUrl":"","cookieDomain":"","cookieName":"clearml-token-k8s","defaultCompany":"d1bd92a3b039400cbafc60a7a5b1e52b","existingSecret":"","fileserverKey":"XXCRJ123CEE2KSQ068WO","fileserverSecret":"YIy8EVAC7QCT4FtgitxAQGyW7xRHDZ4jpYlTE7HKiscpORl1hG","readinessprobeKey":"GK4PRTVT3706T25K6BA1","readinessprobeSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","secureAuthTokenSecret":"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2","testUserKey":"ENP39EQM4SLACGD5FXB7","testUserSecret":"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"}` | ClearMl generic configurations |
| clearml.apiserverKey | string | `"GGS9F4M6XB2DXJ5AFT9F"` | Api Server basic auth key |
| clearml.apiserverSecret | string | `"2oGujVFhPfaozhpuz2GzQfA5OyxmMsR3WVJpsCR5hrgHFs20PO"` | Api Server basic auth secret |
| clearml.clientConfigurationApiUrl | string | `""` | Override the API Urls displayed when showing an example of the SDK's clearml.conf configuration |
| clearml.clientConfigurationFilesUrl | string | `""` | Override the Files Urls displayed when showing an example of the SDK's clearml.conf configuration |
| clearml.cookieDomain | string | `""` | Cookie domain to be left empty if not exposed with an ingress |
| clearml.cookieName | string | `"clearml-token-k8s"` | Name fo the UI cookie |
| clearml.defaultCompany | string | `"d1bd92a3b039400cbafc60a7a5b1e52b"` | Company name |
| clearml.existingSecret | string | `""` | Pass Clearml secrets using an existing secret must contain the keys: apiserver_key, apiserver_secret, secure_auth_token_secret, test_user_key, test_user_secret |
| clearml.fileserverKey | string | `"XXCRJ123CEE2KSQ068WO"` | File Server basic auth key |
| clearml.fileserverSecret | string | `"YIy8EVAC7QCT4FtgitxAQGyW7xRHDZ4jpYlTE7HKiscpORl1hG"` | File Server basic auth secret |
| clearml.readinessprobeKey | string | `"GK4PRTVT3706T25K6BA1"` | Readiness probe basic auth key |
| clearml.readinessprobeSecret | string | `"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2"` | Readiness probe basic auth secret |
| clearml.secureAuthTokenSecret | string | `"ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2"` | Secure Auth secret |
| clearml.testUserKey | string | `"ENP39EQM4SLACGD5FXB7"` | Test Server basic auth key |
| clearml.testUserSecret | string | `"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"` | Test File Server basic auth secret |
| elasticsearch | object | `{"clusterHealthCheckParams":"wait_for_status=yellow&timeout=1s","clusterName":"clearml-elastic","enabled":true,"esConfig":{"elasticsearch.yml":"xpack.security.enabled: false\n"},"esJavaOpts":"-Xmx2g -Xms2g","extraEnvs":[{"name":"bootstrap.memory_lock","value":"false"},{"name":"cluster.routing.allocation.node_initial_primaries_recoveries","value":"500"},{"name":"cluster.routing.allocation.disk.watermark.low","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.high","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.flood_stage","value":"500mb"},{"name":"http.compression_level","value":"7"},{"name":"reindex.remote.whitelist","value":"*.*"},{"name":"xpack.monitoring.enabled","value":"false"},{"name":"xpack.security.enabled","value":"false"}],"httpPort":9200,"minimumMasterNodes":1,"persistence":{"enabled":true},"replicas":1,"resources":{"limits":{"cpu":"2000m","memory":"4Gi"},"requests":{"cpu":"100m","memory":"2Gi"}},"roles":{"data":"true","ingest":"true","master":"true","remote_cluster_client":"true"},"volumeClaimTemplate":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"50Gi"}},"storageClassName":null}}` | Configuration from https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/values.yaml |
| externalServices | object | `{"elasticsearchConnectionString":"[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]","mongodbConnectionStringAuth":"mongodb://mongodb_hostname:27017/auth","mongodbConnectionStringBackend":"mongodb://mongodb_hostnamehostname:27017/backend","redisHost":"redis_hostname","redisPort":6379}` | Definition of external services to use if not enabled as dependency charts here |
| externalServices.elasticsearchConnectionString | string | `"[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]"` | Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml) |
| externalServices.mongodbConnectionStringAuth | string | `"mongodb://mongodb_hostname:27017/auth"` | Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml) |
| externalServices.mongodbConnectionStringBackend | string | `"mongodb://mongodb_hostnamehostname:27017/backend"` | Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml) |
| externalServices.redisHost | string | `"redis_hostname"` | Existing Redis Hostname to use if redis.enabled is false (example in values.yaml) |
| externalServices.redisPort | int | `6379` | Existing Redis Port to use if redis.enabled is false |
| fileserver.affinity | object | `{}` | |
| fileserver.extraEnvs | list | `[]` | |
| fileserver.image.pullPolicy | string | `"IfNotPresent"` | |
| fileserver.image.repository | string | `"allegroai/clearml"` | |
| fileserver.image.tag | string | `"1.8.0"` | |
| fileserver.nodeSelector | object | `{}` | |
| fileserver.podAnnotations | object | `{}` | |
| fileserver.replicaCount | int | `1` | |
| fileserver.resources | object | `{}` | |
| fileserver | object | `{"affinity":{},"containerSecurityContext":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.12.0-393"},"ingress":{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"initContainers":{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"annotations":{},"nodePort":30081,"port":8081,"type":"NodePort"},"storage":{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"},"enabled":true},"tolerations":[]}` | File Server configurations |
| fileserver.affinity | object | `{}` | File Server affinity setup |
| fileserver.containerSecurityContext | object | `{}` | File Server containers security context |
| fileserver.enabled | bool | `true` | Enable/Disable component deployment |
| fileserver.extraEnvs | list | `[]` | File Server extra envrinoment variables |
| fileserver.image | object | `{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.12.0-393"}` | File Server image configuration |
| fileserver.ingress | object | `{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress configuration for File Server component |
| fileserver.ingress.annotations | object | `{}` | Ingress annotations |
| fileserver.ingress.enabled | bool | `false` | Enable/Disable ingress |
| fileserver.ingress.hostName | string | `"files.clearml.127-0-0-1.nip.io"` | Ingress hostname domain |
| fileserver.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
| fileserver.ingress.path | string | `"/"` | Ingress root path url |
| fileserver.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
| fileserver.initContainers | object | `{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}}` | File Server resources per initContainers pod |
| fileserver.nodeSelector | object | `{}` | File Server nodeselector |
| fileserver.podAnnotations | object | `{}` | specific annotation for File Server pods |
| fileserver.podSecurityContext | object | `{}` | File Server pod security context |
| fileserver.replicaCount | int | `1` | File Server number of pods |
| fileserver.resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}}` | File Server resources per pod; these are minimal requirements, it's suggested to increase these values in production environments |
| fileserver.service | object | `{"annotations":{},"nodePort":30081,"port":8081,"type":"NodePort"}` | File Server internal service configuration |
| fileserver.service.annotations | object | `{}` | specific annotation for File Server service |
| fileserver.service.nodePort | int | `30081` | If service.type set to NodePort, this will be set to service's nodePort field. If service.type is set to others, this field will be ignored |
| fileserver.service.port | int | `8081` | |
| fileserver.service.type | string | `"NodePort"` | This will set to service's spec.type field |
| fileserver.storage.data.class | string | `""` | |
| fileserver.storage.data.size | string | `"50Gi"` | |
| fileserver.tolerations | list | `[]` | |
| imageCredentials | object | `{"email":"someone@host.com","enabled":false,"existingSecret":"","password":"pwd","registry":"docker.io","username":"someone"}` | Private image registry configuration |
| fileserver.storage | object | `{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"},"enabled":true}` | File server persistence settings |
| fileserver.storage.data.accessMode | string | `"ReadWriteOnce"` | Access mode (must be ReadWriteMany if fileserver replica > 1) |
| fileserver.storage.data.class | string | `""` | Storage class (use default if empty) |
| fileserver.storage.data.existingPVC | string | `""` | If set, it uses an already existing PVC instead of dynamic provisioning |
| fileserver.storage.enabled | bool | `true` | If set to false no PVC is created and emptyDir is used |
| fileserver.tolerations | list | `[]` | File Server tolerations setup |
| global | object | `{"imageRegistry":"docker.io"}` | Global parameters section |
| global.imageRegistry | string | `"docker.io"` | Images registry |
| imageCredentials | object | `{"email":"someone@host.com","enabled":false,"existingSecret":"","password":"pwd","registry":"docker.io","username":"someone"}` | Container registry configuration |
| imageCredentials.email | string | `"someone@host.com"` | Email |
| imageCredentials.enabled | bool | `false` | Use private authentication mode |
| imageCredentials.existingSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
| imageCredentials.password | string | `"pwd"` | Registry password |
| imageCredentials.registry | string | `"docker.io"` | Registry name |
| imageCredentials.username | string | `"someone"` | Registry username |
| ingress.annotations | object | `{}` | |
| ingress.api.annotations | object | `{}` | |
| ingress.api.enabled | bool | `false` | |
| ingress.api.hostName | string | `"api.clearml.127-0-0-1.nip.io"` | |
| ingress.api.path | string | `"/"` | |
| ingress.api.tlsSecretName | string | `""` | |
| ingress.app.annotations | object | `{}` | |
| ingress.app.enabled | bool | `false` | |
| ingress.app.hostName | string | `"app.clearml.127-0-0-1.nip.io"` | |
| ingress.app.path | string | `"/"` | |
| ingress.app.tlsSecretName | string | `""` | |
| ingress.files.annotations | object | `{}` | |
| ingress.files.enabled | bool | `false` | |
| ingress.files.hostName | string | `"files.clearml.127-0-0-1.nip.io"` | |
| ingress.files.path | string | `"/"` | |
| ingress.files.tlsSecretName | string | `""` | |
| ingress.name | string | `"clearml-server-ingress"` | |
| mongodb.architecture | string | `"standalone"` | |
| mongodb.auth.enabled | bool | `false` | |
| mongodb.enabled | bool | `true` | |
| mongodb.persistence.accessModes[0] | string | `"ReadWriteOnce"` | |
| mongodb.persistence.enabled | bool | `true` | |
| mongodb.persistence.size | string | `"50Gi"` | |
| mongodb.replicaCount | int | `1` | |
| mongodb.service.name | string | `"{{ .Release.Name }}-mongodb"` | |
| mongodb.service.port | int | `27017` | |
| mongodb.service.portName | string | `"mongo-service"` | |
| mongodb.service.type | string | `"ClusterIP"` | |
| redis.cluster.enabled | bool | `false` | |
| redis.databaseNumber | int | `0` | |
| redis.enabled | bool | `true` | |
| redis.master.name | string | `"{{ .Release.Name }}-redis-master"` | |
| redis.master.persistence.accessModes[0] | string | `"ReadWriteOnce"` | |
| redis.master.persistence.enabled | bool | `true` | |
| redis.master.persistence.size | string | `"5Gi"` | |
| redis.master.port | int | `6379` | |
| redis.usePassword | bool | `false` | |
| secret.authToken | string | `"1SCf0ov3Nm544Td2oZ0gXSrsNx5XhMWdVlKz1tOgcx158bD5RV"` | Set for auth_token field |
| secret.credentials.apiserver.accessKey | string | `"5442F3443MJMORWZA3ZH"` | Set for apiserver_key field |
| secret.credentials.apiserver.secretKey | string | `"BxapIRo9ZINi8x25CRxz8Wdmr2pQjzuWVB4PNASZqCtTyWgWVQ"` | Set for apiserver_secret field |
| secret.credentials.tests.accessKey | string | `"ENP39EQM4SLACGD5FXB7"` | Set for tests_user_key field |
| secret.credentials.tests.secretKey | string | `"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"` | Set for tests_user_secret field |
| secret.existingSecret | string | `""` | If this is set, chart will not generate a secret but will use what is defined here |
| secret.httpSession | string | `"9Tw20RbhJ1bLBiHEOWXvhplKGUbTgLzAtwFN2oLQvWwS0uRpD5"` | Set for http_session field |
| webserver.additionalConfigs | object | `{}` | |
| webserver.affinity | object | `{}` | |
| webserver.extraEnvs | list | `[]` | |
| webserver.image.pullPolicy | string | `"IfNotPresent"` | |
| webserver.image.repository | string | `"allegroai/clearml"` | |
| webserver.image.tag | string | `"1.8.0"` | |
| webserver.nodeSelector | object | `{}` | |
| webserver.podAnnotations | object | `{}` | |
| webserver.replicaCount | int | `1` | |
| webserver.resources | object | `{}` | |
| mongodb | object | `{"architecture":"standalone","auth":{"enabled":false},"enabled":true,"persistence":{"accessModes":["ReadWriteOnce"],"enabled":true,"size":"50Gi","storageClass":null},"replicaCount":1}` | Configuration from https://github.com/bitnami/charts/blob/master/bitnami/mongodb/values.yaml |
| redis | object | `{"architecture":"standalone","auth":{"enabled":false},"databaseNumber":0,"enabled":true,"master":{"name":"{{ .Release.Name }}-redis-master","persistence":{"accessModes":["ReadWriteOnce"],"enabled":true,"size":"5Gi","storageClass":null},"port":6379}}` | Configuration from https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml |
| webserver | object | `{"additionalConfigs":{},"affinity":{},"containerSecurityContext":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.12.0-393"},"ingress":{"annotations":{},"enabled":false,"hostName":"app.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"initContainers":{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"annotations":{},"nodePort":30080,"port":8080,"type":"NodePort"},"tolerations":[]}` | Web Server configurations |
| webserver.additionalConfigs | object | `{}` | Additional specific webserver configurations |
| webserver.affinity | object | `{}` | Web Server affinity setup |
| webserver.containerSecurityContext | object | `{}` | Web Server containers security context |
| webserver.enabled | bool | `true` | Enable/Disable component deployment |
| webserver.extraEnvs | list | `[]` | Web Server extra envrinoment variables |
| webserver.image | object | `{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"1.12.0-393"}` | Web Server image configuration |
| webserver.ingress | object | `{"annotations":{},"enabled":false,"hostName":"app.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""}` | Ingress configuration for Web Server component |
| webserver.ingress.annotations | object | `{}` | Ingress annotations |
| webserver.ingress.enabled | bool | `false` | Enable/Disable ingress |
| webserver.ingress.hostName | string | `"app.clearml.127-0-0-1.nip.io"` | Ingress hostname domain |
| webserver.ingress.ingressClassName | string | `""` | ClassName (must be defined if no default ingressClassName is available) |
| webserver.ingress.path | string | `"/"` | Ingress root path url |
| webserver.ingress.tlsSecretName | string | `""` | Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule. |
| webserver.initContainers | object | `{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}}` | Web Server resources per initContainers pod |
| webserver.nodeSelector | object | `{}` | Web Server nodeselector |
| webserver.podAnnotations | object | `{}` | specific annotation for Web Server pods |
| webserver.podSecurityContext | object | `{}` | Web Server pod security context |
| webserver.replicaCount | int | `1` | Web Server number of pods |
| webserver.resources | object | `{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}}` | Web Server resources per pod; these are minimal requirements, it's suggested to increase these values in production environments |
| webserver.service | object | `{"annotations":{},"nodePort":30080,"port":8080,"type":"NodePort"}` | Web Server internal service configuration |
| webserver.service.annotations | object | `{}` | specific annotation for Web Server service |
| webserver.service.nodePort | int | `30080` | If service.type set to NodePort, this will be set to service's nodePort field. If service.type is set to others, this field will be ignored |
| webserver.service.port | int | `80` | |
| webserver.service.type | string | `"NodePort"` | This will set to service's spec.type field |
| webserver.tolerations | list | `[]` | |
| webserver.tolerations | list | `[]` | Web Server tolerations setup |

16
charts/clearml/README.md.gotmpl
View File

@@ -28,7 +28,7 @@ For development/evaluation it's possible to use [kind](https://kind.sigs.k8s.io)
After installation, following commands will create a complete ClearML insatllation:
```
cat <<EOF | kind create cluster --config=- ─╯
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
@@ -82,6 +82,12 @@ This will create 3 ingress rules:
Just pointing the domain records to the IP where ingress controller is responding will complete the deployment process.
A production ready cluster should also have some different configuration like the one proposed in `values-production.yaml` that can be applied with:
```
helm install clearml allegroai/clearml -f values-production.yaml
```
## Upgrades/ Values upgrades
Updating to latest version of this chart can be done in two steps:
@@ -100,6 +106,14 @@ helm upgrade clearml allegroai/clearml --version <CURRENT CHART VERSION> -f cust
Please note: updating values only should always be done setting explicit chart version to avoid a possible chart update.
Keeping separate updates procedures between version and values can be a good practice to seprate potential concerns.
### Major upgrade from 5.* to 6.*
Before issuing helm upgrade:
* delete Redis statefulset(s)
* scale MongoDB deployment(s) replicas to 0
* if using securityContexts check for new value form in values.yaml (podSecurityContext and containerSecurityContext)
## Additional Configuration for ClearML Server
You can also configure the **clearml-server** for:

BIN
charts/clearml/charts/elasticsearch-7.16.2.tgz
View File

Binary file not shown.

BIN
charts/clearml/charts/elasticsearch-7.17.3.tgz Normal file
View File

Binary file not shown.

BIN
charts/clearml/charts/mongodb-10.3.4.tgz
View File

Binary file not shown.

BIN
charts/clearml/charts/mongodb-12.1.31.tgz Normal file
View File

Binary file not shown.

BIN
charts/clearml/charts/redis-10.9.0.tgz
View File

Binary file not shown.

BIN
charts/clearml/charts/redis-17.8.3.tgz Normal file
View File

Binary file not shown.

12
charts/clearml/templates/NOTES.txt
View File

@@ -1,10 +1,6 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
1. Get the application URL:
{{- if .Values.webserver.ingress.enabled }}
http{{ if $.Values.webserver.ingress.tls }}s{{ end }}://{{ .Values.webserver.ingress.hostName }}
{{- else if contains "NodePort" .Values.webserver.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "clearml.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
@@ -15,7 +11,7 @@
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "clearml.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.webserver.service.port }}
{{- else if contains "ClusterIP" .Values.webserver.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "clearml.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "clearml.fullname" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT

234
charts/clearml/templates/_helpers.tpl
View File

@@ -46,43 +46,84 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
Selector labels
*/}}
{{- define "clearml.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
app.kubernetes.io/name: {{ include "clearml.fullname" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Registry name
*/}}
{{- define "registryNamePrefix" -}}
{{- $registryName := "" -}}
{{- if .globalValues }}
{{- if .globalValues.imageRegistry }}
{{- $registryName = printf "%s/" .globalValues.imageRegistry -}}
{{- end -}}
{{- end -}}
{{- if .imageRegistryValue }}
{{- $registryName = printf "%s/" .imageRegistryValue -}}
{{- end -}}
{{- printf "%s" $registryName }}
{{- end }}
{{/*
Reference Name (apiserver)
*/}}
{{- define "apiserver.referenceName" -}}
{{- include "clearml.fullname" . }}-apiserver
{{- end }}
{{/*
Selector labels (apiserver)
*/}}
{{- define "clearml.selectorLabelsApiServer" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}-apiserver
{{- define "apiserver.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml.fullname" . }}
app.kubernetes.io/instance: {{ include "apiserver.referenceName" . }}
{{- end }}
{{/*
Reference Name (fileserver)
*/}}
{{- define "fileserver.referenceName" -}}
{{- include "clearml.fullname" . }}-fileserver
{{- end }}
{{/*
Selector labels (fileserver)
*/}}
{{- define "clearml.selectorLabelsFileServer" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}-fileserver
{{- define "fileserver.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml.fullname" . }}
app.kubernetes.io/instance: {{ include "fileserver.referenceName" . }}
{{- end }}
{{/*
Reference Name (webserver)
*/}}
{{- define "webserver.referenceName" -}}
{{- include "clearml.fullname" . }}-webserver
{{- end }}
{{/*
Selector labels (webserver)
*/}}
{{- define "clearml.selectorLabelsWebServer" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}-webserver
{{- define "webserver.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml.fullname" . }}
app.kubernetes.io/instance: {{ include "webserver.referenceName" . }}
{{- end }}
Selector labels (agentservices)
{{/*
Reference Name (apps)
*/}}
{{- define "clearml.selectorLabelsAgentServices" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}-agentservices
{{- define "clearmlApplications.referenceName" -}}
{{- include "clearml.fullname" . }}-apps
{{- end }}
Selector labels (agent)
{{/*
Selector labels (apps)
*/}}
{{- define "clearml.selectorLabelsAgent" -}}
app.kubernetes.io/name: {{ include "clearml.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}-agent
{{- define "clearmlApplications.selectorLabels" -}}
app.kubernetes.io/name: {{ include "clearml.fullname" . }}
app.kubernetes.io/instance: {{ include "clearmlApplications.referenceName" . }}
{{- end }}
{{/*
@@ -97,53 +138,116 @@ Create the name of the service account to use
{{- end }}
{{/*
Create the name of the App service to use
*/}}
{{- define "clearml.serviceApp" -}}
{{- if .Values.ingress.enabled }}
{{- if .Values.ingress.app.tlsSecretName }}
{{- printf "%s%s" "https://" .Values.ingress.app.hostName }}
{{- else }}
{{- printf "%s%s" "http://" .Values.ingress.app.hostName }}
{{- end }}
{{- else }}
{{- printf "%s%s%s%s" "http://" (include "clearml.fullname" .) "-webserver:" (.Values.webserver.service.port | toString) }}
{{- end }}
{{- end }}
{{/*
Create the name of the Api service to use
*/}}
{{- define "clearml.serviceApi" -}}
{{- if .Values.ingress.enabled }}
{{- if .Values.ingress.api.tlsSecretName }}
{{- printf "%s%s" "https://" .Values.ingress.api.hostName }}
{{- else }}
{{- printf "%s%s" "http://" .Values.ingress.api.hostName }}
{{- end }}
{{- else }}
{{- printf "%s%s%s%s" "http://" (include "clearml.fullname" .) "-apiserver:" (.Values.apiserver.service.port | toString) }}
{{- end }}
{{- end }}
{{/*
Create the name of the Files service to use
*/}}
{{- define "clearml.serviceFiles" -}}
{{- if .Values.ingress.enabled }}
{{- if .Values.ingress.files.tlsSecretName }}
{{- printf "%s%s" "https://" .Values.ingress.files.hostName }}
{{- else }}
{{- printf "%s%s" "http://" .Values.ingress.files.hostName }}
{{- end }}
{{- else }}
{{- printf "%s%s%s%s" "http://" (include "clearml.fullname" .) "-fileserver:" (.Values.fileserver.service.port | toString) }}
{{- end }}
{{- end }}
{{/*
Return the proper Docker Image Registry Secret Names
Create secret to access docker registry
*/}}
{{- define "imagePullSecret" }}
{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.imageCredentials.registry (printf "%s:%s" .Values.imageCredentials.username .Values.imageCredentials.password | b64enc) | b64enc }}
{{- with .Values.imageCredentials }}
{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
{{- end }}
{{- end }}
{{/*
Create readiness probe auth token
*/}}
{{- define "readinessProbeAuth" }}
{{- printf "%s:%s" .Values.clearml.readinessprobeKey .Values.clearml.readinessprobeSecret | b64enc }}
{{- end }}
{{/*
Create configuration secret name
*/}}
{{- define "clearml.confSecretName" }}
{{- if .Values.clearml.existingSecret -}} {{ default "clearml-conf" .Values.clearml.existingSecret | quote }} {{- else -}} "clearml-conf" {{- end }}
{{- end }}
{{/*
Elasticsearch Service name
*/}}
{{- define "elasticsearch.servicename" -}}
{{- .Values.elasticsearch.clusterName }}-master
{{- end }}
{{/*
Elasticsearch Service port
*/}}
{{- define "elasticsearch.serviceport" -}}
{{- .Values.elasticsearch.httpPort }}
{{- end }}
{{/*
Elasticsearch Comnnection string
*/}}
{{- define "elasticsearch.connectionstring" -}}
{{- if .Values.elasticsearch.enabled }}
{{- printf "[{\"host\":\"%s\",\"port\":%s}]" (include "elasticsearch.servicename" .) (include "elasticsearch.serviceport" .) | quote }}
{{- else }}
{{- .Values.externalServices.elasticsearchConnectionString | quote }}
{{- end }}
{{- end }}
{{/*
MongoDB Comnnection string
*/}}
{{- define "mongodb.connectionstring" -}}
{{- if eq .Values.mongodb.architecture "standalone" }}
{{- printf "%s%s%s" "mongodb://" .Release.Name "-mongodb:27017" }}
{{- else }}
{{- $connectionString := "mongodb://" }}
{{- range $i,$e := until (.Values.mongodb.replicaCount | int) }}
{{- $connectionString = printf "%s%s%s%s%s%s%s%s%s" $connectionString $.Release.Name "-mongodb-" ( $i | toString ) "." $.Release.Name "-mongodb-headless." $.Release.Namespace ".svc.cluster.local," }}
{{- end }}
{{- printf "%s" ( trimSuffix "," $connectionString ) }}
{{- end }}
{{- end }}
{{/*
MongoDB hostname
*/}}
{{- define "mongodb.hostname" -}}
{{- if eq .Values.mongodb.architecture "standalone" }}
{{- printf "%s" "mongodb" }}
{{- else }}
{{- printf "%s" "mongodb-headless" }}
{{- end }}
{{- end }}
{{/*
Redis Service name
*/}}
{{- define "redis.servicename" -}}
{{- if .Values.redis.enabled }}
{{- if eq .Values.redis.architecture "standalone" }}
{{- tpl .Values.redis.master.name . }}
{{- else }}
{{- printf "%s-headless" (tpl .Values.redis.master.name . ) }}
{{- end }}
{{- else }}
{{- .Values.externalServices.redisHost }}
{{- end }}
{{- end }}
{{/*
Redis Service port
*/}}
{{- define "redis.serviceport" -}}
{{- if .Values.redis.enabled }}
{{- .Values.redis.master.port }}
{{- else }}
{{- .Values.externalServices.redisPort }}
{{- end }}
{{- end }}
{{/*
clientConfiguration string compose
*/}}
{{- define "clearml.clientConfiguration" -}}
{{- $clientConfiguration := "" }}
{{- if and (.Values.clearml.clientConfigurationApiUrl) .Values.clearml.clientConfigurationFilesUrl }}
{{- $clientConfiguration = printf "%s%s%s%s%s" "{\"apiServer\":\"" .Values.clearml.clientConfigurationApiUrl "\",\"filesServer\":\"" .Values.clearml.clientConfigurationFilesUrl "\"}" }}
{{- else if .Values.clearml.clientConfigurationApiUrl }}
{{- $clientConfiguration = printf "%s%s%s" "{\"apiServer\":\"" .Values.clearml.clientConfigurationApiUrl "\"}" }}
{{- else if .Values.clearml.clientConfigurationFilesUrl }}
{{- $clientConfiguration = printf "%s%s%s" "{\"filesServer\":\"" .Values.clearml.clientConfigurationFilesUrl "\"}" }}
{{- end }}
{{- $clientConfiguration }}
{{- end }}

15
charts/clearml/templates/apiserver-configmap.yaml Normal file
View File

@@ -0,0 +1,15 @@
{{- if .Values.apiserver.enabled }}
{{- if .Values.apiserver.additionalConfigs }}
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ include "apiserver.referenceName" . }}-configmap"
labels:
{{- include "clearml.labels" . | nindent 4 }}
data:
{{- range $key, $val := .Values.apiserver.additionalConfigs }}
{{ $key }}: |
{{- $val | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}

189
charts/clearml/templates/apiserver-deployment.yaml Normal file
View File

@@ -0,0 +1,189 @@
{{- if .Values.apiserver.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "apiserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.apiserver.replicaCount }}
selector:
matchLabels:
{{- include "apiserver.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.apiserver.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "apiserver.selectorLabels" . | nindent 8 }}
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-registry-key
{{- end }}
{{- end }}
{{- if or .Values.apiserver.additionalConfigs .Values.apiserver.existingAdditionalConfigsConfigMap .Values.apiserver.existingAdditionalConfigsSecret }}
volumes:
- name: apiserver-config
{{- if or .Values.apiserver.existingAdditionalConfigsConfigMap }}
configMap:
name: {{ .Values.apiserver.existingAdditionalConfigsConfigMap }}
{{- else if or .Values.apiserver.existingAdditionalConfigsSecret }}
secret:
secretName: {{ .Values.apiserver.existingAdditionalConfigsSecret }}
{{- else if or .Values.apiserver.additionalConfigs }}
configMap:
name: "{{ include "apiserver.referenceName" . }}-configmap"
{{- end }}
{{- end }}
securityContext:
{{ toYaml .Values.apiserver.podSecurityContext | nindent 8 }}
initContainers:
- name: init-apiserver
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.apiserver.image.registry) }}{{ .Values.apiserver.image.repository }}:{{ .Values.apiserver.image.tag }}"
command:
- /bin/sh
- -c
- >
set -x;
{{- if .Values.elasticsearch.enabled }}
while [ $(curl -sw '%{http_code}' "http://{{ include "elasticsearch.servicename" . }}:{{ include "elasticsearch.serviceport" . }}/_cluster/health" -o /dev/null) -ne 200 ] ; do
echo "waiting for elasticsearch" ;
sleep 5 ;
done ;
{{- end }}
{{- if .Values.mongodb.enabled }}
while [ $(curl --telnet-option BOGUS --connect-timeout 2 -s "telnet://{{ .Release.Name }}-{{ include "mongodb.hostname" . }}:27017" -o /dev/null; echo $?) -ne 49 ] ; do
echo "waiting for mongodb" ;
sleep 5 ;
done ;
{{- end }}
{{- if .Values.redis.enabled }}
while [ $(curl --telnet-option BOGUS --connect-timeout 2 -s "telnet://{{ include "redis.servicename" . }}:{{ include "redis.serviceport" . }}" -o /dev/null; echo $?) -ne 49 ] ; do
echo "waiting for redis" ;
sleep 5 ;
done ;
{{- end }}
securityContext:
{{ toYaml .Values.apiserver.containerSecurityContext | nindent 12 }}
resources:
{{- toYaml .Values.apiserver.initContainers.resources | nindent 12 }}
containers:
- name: clearml-apiserver
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.apiserver.image.registry) }}{{ .Values.apiserver.image.repository }}:{{ .Values.apiserver.image.tag }}"
imagePullPolicy: {{ .Values.apiserver.image.pullPolicy }}
ports:
- name: http
containerPort: 8008
protocol: TCP
env:
- name: CLEARML__HOSTS__ELASTIC__WORKERS__HOSTS
value: {{ include "elasticsearch.connectionstring" . }}
- name: CLEARML__HOSTS__ELASTIC__EVENTS__HOSTS
value: {{ include "elasticsearch.connectionstring" . }}
- name: CLEARML__HOSTS__ELASTIC__DATASETS__HOSTS
value: {{ include "elasticsearch.connectionstring" . }}
- name: CLEARML__HOSTS__ELASTIC__LOGS__HOSTS
value: {{ include "elasticsearch.connectionstring" . }}
{{- if .Values.mongodb.enabled }}
- name: CLEARML_MONGODB_SERVICE_CONNECTION_STRING
value: {{ include "mongodb.connectionstring" . | quote }}
{{- else }}
- name: CLEARML__HOSTS__MONGO__BACKEND__HOST
value: {{ .Values.externalServices.mongodbConnectionStringBackend | quote }}
- name: CLEARML__HOSTS__MONGO__AUTH__HOST
value: {{ .Values.externalServices.mongodbConnectionStringAuth | quote }}
{{- end }}
- name: CLEARML_REDIS_SERVICE_HOST
value: {{ include "redis.servicename" . }}
- name: CLEARML_REDIS_SERVICE_PORT
value: "{{ include "redis.serviceport" . }}"
- name: CLEARML_CONFIG_PATH
value: /opt/clearml/config
- name: CLEARML__apiserver__default_company_name
value: "{{ .Values.clearml.defaultCompany }}"
- name: CLEARML__APISERVER__AUTH__SESSION_AUTH_COOKIE_NAME
value: {{ .Values.clearml.cookieName }}
{{- if .Values.clearml.cookieDomain }}
- name: CLEARML__APISERVER__AUTH__COOKIES__DOMAIN
value: ".{{ .Values.clearml.cookieDomain }}"
{{- end }}
- name: CLEARML__secure__credentials__apiserver__user_key
valueFrom:
secretKeyRef:
name: {{ include "clearml.confSecretName" .}}
key: apiserver_key
- name: CLEARML__secure__credentials__apiserver__user_secret
valueFrom:
secretKeyRef:
name: {{ include "clearml.confSecretName" .}}
key: apiserver_secret
- name: CLEARML__secure__auth__token_secret
valueFrom:
secretKeyRef:
name: {{ include "clearml.confSecretName" .}}
key: secure_auth_token_secret
{{- if .Values.apiserver.prepopulateEnabled }}
- name: CLEARML__APISERVER__PRE_POPULATE__ENABLED
value: "true"
- name: CLEARML__APISERVER__PRE_POPULATE__ZIP_FILES
value: "/opt/clearml/db-pre-populate"
{{- end }}
- name: CLEARML__SECURE__CREDENTIALS__TESTS__USER_KEY
valueFrom:
secretKeyRef:
name: {{ include "clearml.confSecretName" .}}
key: test_user_key
- name: CLEARML__SECURE__CREDENTIALS__TESTS__USER_SECRET
valueFrom:
secretKeyRef:
name: {{ include "clearml.confSecretName" .}}
key: test_user_secret
- name: CLEARML_ENV
value: "helm-cloud"
{{- if .Values.apiserver.extraEnvs }}
{{ toYaml .Values.apiserver.extraEnvs | nindent 10 }}
{{- end }}
args:
- apiserver
livenessProbe:
initialDelaySeconds: 60
httpGet:
path: /debug.ping
port: 8008
readinessProbe:
initialDelaySeconds: 60
failureThreshold: 8
httpGet:
path: /debug.ping
port: 8008
httpHeaders:
- name: Authorization
value: Basic {{ include "readinessProbeAuth" . }}
{{- if or .Values.apiserver.additionalConfigs .Values.apiserver.existingAdditionalConfigsConfigMap .Values.apiserver.existingAdditionalConfigsSecret }}
volumeMounts:
- name: apiserver-config
mountPath: /opt/clearml/config
{{- end }}
resources:
{{- toYaml .Values.apiserver.resources | nindent 12 }}
securityContext:
{{ toYaml .Values.apiserver.containerSecurityContext | nindent 12 }}
{{- with .Values.apiserver.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.apiserver.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.apiserver.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

50
charts/clearml/templates/apiserver-ingress.yaml Normal file
View File

@@ -0,0 +1,50 @@
{{- if .Values.apiserver.enabled }}
{{- if .Values.apiserver.ingress.enabled }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ include "apiserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- $annotations := .Values.apiserver.ingress.annotations }}
{{- if .Values.apiserver.ingress.annotations }}
{{- $annotations = mergeOverwrite $annotations .Values.apiserver.ingress.annotations }}
{{- end }}
annotations:
{{- toYaml $annotations | nindent 4 }}
spec:
{{- if .Values.apiserver.ingress.ingressClassName }}
ingressClassName: {{ .Values.apiserver.ingress.ingressClassName }}
{{- end }}
{{- if .Values.apiserver.ingress.tlsSecretName }}
tls:
- hosts:
- {{ .Values.apiserver.ingress.hostName }}
secretName: {{ .Values.apiserver.ingress.tlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.apiserver.ingress.hostName }}
http:
paths:
- path: {{ .Values.apiserver.ingress.path }}
{{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
backend:
service:
name: {{ include "apiserver.referenceName" . }}
port:
number: {{ .Values.apiserver.service.port }}
{{ else }}
backend:
serviceName: {{ include "apiserver.referenceName" . }}
servicePort: {{ .Values.apiserver.service.port }}
{{ end }}
{{- end }}
{{- end }}

14
charts/clearml/templates/service-apiserver.yaml → charts/clearml/templates/apiserver-service.yaml
View File

@@ -1,17 +1,23 @@
{{- if .Values.apiserver.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "clearml.fullname" . }}-apiserver
name: {{ include "apiserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- with .Values.apiserver.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.apiserver.service.type }}
ports:
- port: {{ .Values.apiserver.service.port }}
targetPort: {{ .Values.apiserver.service.port }}
{{- if eq .Values.apiserver.service.type "NodePort" }}
{{- if eq .Values.apiserver.service.type "NodePort" }}
nodePort: {{ .Values.apiserver.service.nodePort }}
{{- end }}
{{- end }}
protocol: TCP
selector:
{{- include "clearml.selectorLabelsApiServer" . | nindent 4 }}
{{- include "apiserver.selectorLabels" . | nindent 4 }}
{{- end }}

24
charts/clearml/templates/clearml-secrets.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: v1
kind: Secret
metadata:
name: clearml-conf
data:
apiserver_key: {{ .Values.clearml.apiserverKey | b64enc }}
apiserver_secret: {{ .Values.clearml.apiserverSecret | b64enc }}
fileserver_key: {{ .Values.clearml.fileserverKey | b64enc }}
fileserver_secret: {{ .Values.clearml.fileserverSecret | b64enc }}
secure_auth_token_secret: {{ .Values.clearml.secureAuthTokenSecret | b64enc }}
test_user_key: {{ .Values.clearml.testUserKey | b64enc }}
test_user_secret: {{ .Values.clearml.testUserSecret | b64enc }}
---
{{- if .Values.imageCredentials.enabled }}
{{- if not .Values.imageCredentials.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: clearml-registry-key
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ template "imagePullSecret" . }}
{{- end }}
{{- end }}

13
charts/clearml/templates/configmap-apiserver.yaml
View File

@@ -1,13 +0,0 @@
{{- if .Values.apiserver.configuration.additionalConfigs -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ include "clearml.fullname" . }}-apiserver-configmap"
labels:
{{- include "clearml.labels" . | nindent 4 }}
data:
{{- range $key, $val := .Values.apiserver.configuration.additionalConfigs }}
{{ $key }}: |
{{- $val | nindent 4 }}
{{- end }}
{{- end -}}

165
charts/clearml/templates/deployment-apiserver.yaml
View File

@@ -1,165 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "clearml.fullname" . }}-apiserver
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.apiserver.replicaCount }}
selector:
matchLabels:
{{- include "clearml.selectorLabelsApiServer" . | nindent 6 }}
template:
metadata:
annotations:
checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
{{- with .Values.apiserver.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "clearml.selectorLabelsApiServer" . | nindent 8 }}
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-agent-registry-key
{{- end }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.apiserver.image.repository }}:{{ .Values.apiserver.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.apiserver.image.pullPolicy }}
ports:
- name: http
containerPort: 8008
protocol: TCP
env:
- name: CLEARML_ELASTIC_SERVICE_HOST
{{- if .Values.elasticsearch.enabled }}
value: "{{ .Values.elasticsearch.clusterName }}-master"
{{- else }}
value: "{{ .Values.externalServices.elasticsearchHost }}"
{{- end }}
- name: CLEARML_ELASTIC_SERVICE_PORT
{{- if .Values.elasticsearch.enabled }}
value: "{{ .Values.elasticsearch.httpPort }}"
{{- else }}
value: "{{ .Values.externalServices.elasticsearchPort }}"
{{- end }}
- name: CLEARML_MONGODB_SERVICE_HOST
{{- if .Values.mongodb.enabled }}
value: "{{ tpl .Values.mongodb.service.name . }}"
{{- else }}
value: "{{ .Values.externalServices.mongodbHost }}"
{{- end }}
- name: CLEARML_MONGODB_SERVICE_PORT
{{- if .Values.mongodb.enabled }}
value: "{{ .Values.mongodb.service.port }}"
{{- else }}
value: "{{ .Values.externalServices.mongodbPort }}"
{{- end }}
- name: CLEARML_REDIS_SERVICE_HOST
{{- if .Values.redis.enabled }}
value: "{{ tpl .Values.redis.master.name . }}"
{{- else }}
value: "{{ .Values.externalServices.redisHost }}"
{{- end }}
- name: CLEARML_REDIS_SERVICE_PORT
{{- if .Values.redis.enabled }}
value: "{{ .Values.redis.master.port }}"
{{- else }}
value: "{{ .Values.externalServices.redisPort }}"
{{- end }}
- name: CLEARML__APISERVER__PRE_POPULATE__ENABLED
value: "{{ .Values.apiserver.prepopulateEnabled }}"
- name: CLEARML__APISERVER__PRE_POPULATE__ZIP_FILES
value: "{{ .Values.apiserver.prepopulateZipFiles }}"
- name: CLEARML_SERVER_DEPLOYMENT_TYPE
value: "helm-cloud"
- name: CLEARML__APISERVER__AUTH__COOKIES__MAX_AGE
value: "{{ .Values.apiserver.authCookiesMaxAge }}"
- name: CLEARML_CONFIG_DIR
value: /opt/clearml/config
- name: CLEARML__APISERVER__DEFAULT_COMPANY
value: {{ .Values.clearml.defaultCompany }}
- name: CLEARML__SECURE__HTTP__SESSION_SECRET__APISERVER
valueFrom:
secretKeyRef:
name: {{ default "clearml-conf" .Values.secret.existingSecret }}
key: http_session
- name: CLEARML__SECURE__AUTH__TOKEN_SECRET
valueFrom:
secretKeyRef:
name: {{ default "clearml-conf" .Values.secret.existingSecret }}
key: auth_token
- name: CLEARML__SECURE__CREDENTIALS__APISERVER__USER_KEY
valueFrom:
secretKeyRef:
name: {{ default "clearml-conf" .Values.secret.existingSecret }}
key: apiserver_key
- name: CLEARML__SECURE__CREDENTIALS__APISERVER__USER_SECRET
valueFrom:
secretKeyRef:
name: {{ default "clearml-conf" .Values.secret.existingSecret }}
key: apiserver_secret
- name: CLEARML__SECURE__CREDENTIALS__TESTS__USER_KEY
valueFrom:
secretKeyRef:
name: {{ default "clearml-conf" .Values.secret.existingSecret }}
key: tests_user_key
- name: CLEARML__SECURE__CREDENTIALS__TESTS__USER_SECRET
valueFrom:
secretKeyRef:
name: {{ default "clearml-conf" .Values.secret.existingSecret }}
key: tests_user_secret
{{- if .Values.apiserver.extraEnvs }}
{{ toYaml .Values.apiserver.extraEnvs | nindent 10 }}
{{- end }}
args:
- apiserver
livenessProbe:
initialDelaySeconds: {{ .Values.apiserver.livenessDelay }}
httpGet:
path: /debug.ping
port: 8008
readinessProbe:
initialDelaySeconds: {{ .Values.apiserver.readinessDelay }}
failureThreshold: 8
httpGet:
path: /debug.ping
port: 8008
{{- if or .Values.apiserver.configuration.additionalConfigs .Values.apiserver.configuration.configRefName .Values.apiserver.configuration.secretRefName }}
volumeMounts:
- name: apiserver-config
mountPath: /opt/clearml/config
{{- end }}
resources:
{{- toYaml .Values.apiserver.resources | nindent 12 }}
{{- if or .Values.apiserver.configuration.additionalConfigs .Values.apiserver.configuration.configRefName .Values.apiserver.configuration.secretRefName }}
volumes:
- name: apiserver-config
{{- if or .Values.apiserver.configuration.configRefName }}
configMap:
name: {{ .Values.apiserver.configuration.configRefName }}
{{- else if or .Values.apiserver.configuration.secretRefName }}
secret:
secretName: {{ .Values.apiserver.configuration.secretRefName }}
{{- else if or .Values.apiserver.configuration.additionalConfigs }}
configMap:
name: "{{ include "clearml.fullname" . }}-apiserver-configmap"
{{- end }}
{{- end }}
{{- with .Values.apiserver.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.apiserver.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.apiserver.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

77
charts/clearml/templates/deployment-fileserver.yaml
View File

@@ -1,77 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "clearml.fullname" . }}-fileserver
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.fileserver.replicaCount }}
selector:
matchLabels:
{{- include "clearml.selectorLabelsFileServer" . | nindent 6 }}
template:
metadata:
{{- with .Values.fileserver.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "clearml.selectorLabelsFileServer" . | nindent 8 }}
spec:
volumes:
- name: fileserver-data
persistentVolumeClaim:
claimName: {{ include "clearml.fullname" . }}-fileserver-data
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-agent-registry-key
{{- end }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.fileserver.image.repository }}:{{ .Values.fileserver.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.fileserver.image.pullPolicy }}
ports:
- name: http
containerPort: 8081
protocol: TCP
env:
- name: CLEARML_CONFIG_DIR
value: /opt/clearml/config
{{- if .Values.fileserver.extraEnvs }}
{{ toYaml .Values.fileserver.extraEnvs | nindent 10 }}
{{- end }}
args:
- fileserver
livenessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://localhost:8081/
readinessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://localhost:8081/
volumeMounts:
- name: fileserver-data
mountPath: /mnt/fileserver
resources:
{{- toYaml .Values.fileserver.resources | nindent 12 }}
{{- with .Values.fileserver.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.fileserver.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.fileserver.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

83
charts/clearml/templates/deployment-webserver.yaml
View File

@@ -1,83 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "clearml.fullname" . }}-webserver
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.webserver.replicaCount }}
selector:
matchLabels:
{{- include "clearml.selectorLabelsWebServer" . | nindent 6 }}
template:
metadata:
{{- with .Values.webserver.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "clearml.selectorLabelsWebServer" . | nindent 8 }}
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-agent-registry-key
{{- end }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.webserver.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://0.0.0.0:80/
readinessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://0.0.0.0:80/
{{- if .Values.webserver.additionalConfigs }}
volumeMounts:
- name: webserver-config
mountPath: /opt/clearml/config
{{- end }}
env:
- name: NGINX_APISERVER_ADDRESS
value: "http://{{ include "clearml.fullname" . }}-apiserver:{{ .Values.apiserver.service.port }}"
- name: NGINX_FILESERVER_ADDRESS
value: "http://{{ include "clearml.fullname" . }}-fileserver:{{ .Values.fileserver.service.port }}"
{{- if .Values.webserver.extraEnvs }}
{{ toYaml .Values.webserver.extraEnvs | nindent 10 }}
{{- end }}
args:
- webserver
resources:
{{- toYaml .Values.webserver.resources | nindent 12 }}
{{- if .Values.webserver.additionalConfigs }}
volumes:
- name: webserver-config
configMap:
name: "{{ include "clearml.fullname" . }}-webserver-configmap"
{{- end }}
{{- with .Values.webserver.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webserver.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webserver.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

128
charts/clearml/templates/fileserver-deployment.yaml Normal file
View File

@@ -0,0 +1,128 @@
{{- if .Values.fileserver.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "fileserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.fileserver.replicaCount }}
selector:
matchLabels:
{{- include "fileserver.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.fileserver.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "fileserver.selectorLabels" . | nindent 8 }}
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-registry-key
{{- end }}
{{- end }}
volumes:
{{- if .Values.fileserver.storage.enabled }}
{{- if .Values.fileserver.storage.data.existingPVC }}
- name: fileserver-data
persistentVolumeClaim:
claimName: {{ .Values.fileserver.storage.data.existingPVC | quote }}
{{- else }}
- name: fileserver-data
persistentVolumeClaim:
claimName: {{ include "fileserver.referenceName" . }}-data
{{- end }}
{{- else }}
- name: fileserver-data
emptyDir: {}
{{- end }}
securityContext:
{{ toYaml .Values.fileserver.podSecurityContext | nindent 8 }}
initContainers:
- name: init-fileserver
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.fileserver.image.registry) }}{{ .Values.fileserver.image.repository }}:{{ .Values.fileserver.image.tag }}"
command:
- /bin/sh
- -c
- >
set -x;
while [ $(curl -sw '%{http_code}' "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}/debug.ping" -o /dev/null) -ne 200 ] ; do
echo "waiting for apiserver" ;
sleep 5 ;
done
securityContext:
{{ toYaml .Values.fileserver.containerSecurityContext | nindent 12 }}
resources:
{{- toYaml .Values.fileserver.initContainers.resources | nindent 12 }}
containers:
- name: clearml-fileserver
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.fileserver.image.registry) }}{{ .Values.fileserver.image.repository }}:{{ .Values.fileserver.image.tag }}"
imagePullPolicy: {{ .Values.fileserver.image.pullPolicy }}
ports:
- name: http
containerPort: 8081
protocol: TCP
env:
- name: CLEARML__HOSTS__API_SERVER
value: "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}"
- name: CLEARML_REDIS_SERVICE_HOST
value: {{ include "redis.servicename" . }}
- name: CLEARML_REDIS_SERVICE_PORT
value: "{{ include "redis.serviceport" . }}"
{{- if not (eq .Values.clearml.cookieDomain "") }}
- name: CLEARML__FILESERVER__AUTH__COOKIE_NAMES
value: "[ {{ .Values.clearml.cookieName }} ]"
{{- end }}
- name: USER_KEY
valueFrom:
secretKeyRef:
name: {{ include "clearml.confSecretName" .}}
key: fileserver_key
- name: USER_SECRET
valueFrom:
secretKeyRef:
name: {{ include "clearml.confSecretName" .}}
key: fileserver_secret
{{- if .Values.fileserver.extraEnvs }}
{{ toYaml .Values.fileserver.extraEnvs | nindent 10 }}
{{- end }}
args:
- fileserver
livenessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://localhost:8081/
readinessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://localhost:8081/
volumeMounts:
- name: fileserver-data
mountPath: /mnt/fileserver
resources:
{{- toYaml .Values.fileserver.resources | nindent 12 }}
securityContext:
{{ toYaml .Values.fileserver.containerSecurityContext | nindent 12 }}
{{- with .Values.fileserver.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.fileserver.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.fileserver.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

49
charts/clearml/templates/fileserver-ingress.yaml Normal file
View File

@@ -0,0 +1,49 @@
{{- if .Values.fileserver.enabled }}
{{- if .Values.fileserver.ingress.enabled }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ include "fileserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- $annotations := .Values.fileserver.ingress.annotations }}
{{- if .Values.fileserver.ingress.annotations }}
{{- $annotations = mergeOverwrite $annotations .Values.fileserver.ingress.annotations }}
{{- end }}
annotations:
{{- toYaml $annotations | nindent 4 }}
spec:
{{- if .Values.fileserver.ingress.ingressClassName }}
ingressClassName: {{ .Values.fileserver.ingress.ingressClassName }}
{{- end }}
{{- if .Values.fileserver.ingress.tlsSecretName }}
tls:
- hosts:
- {{ .Values.fileserver.ingress.hostName }}
secretName: {{ .Values.fileserver.ingress.tlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.fileserver.ingress.hostName }}
http:
paths:
- path: {{ .Values.fileserver.ingress.path }}
{{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
backend:
service:
name: {{ include "fileserver.referenceName" . }}
port:
number: {{ .Values.fileserver.service.port }}
{{ else }}
backend:
serviceName: {{ include "fileserver.referenceName" . }}
servicePort: {{ .Values.fileserver.service.port }}
{{ end }}
{{- end }}
{{- end }}

11
charts/clearml/templates/pvc-fileserver.yaml → charts/clearml/templates/fileserver-pvc.yaml
View File

@@ -1,16 +1,21 @@
{{- if .Values.fileserver.enabled }}
{{- if .Values.fileserver.storage.enabled }}
{{- if not .Values.fileserver.storage.data.existingPVC }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "clearml.fullname" . }}-fileserver-data
name: {{ include "fileserver.referenceName" . }}-data
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
accessModes:
- ReadWriteOnce
- {{ .Values.fileserver.storage.data.accessMode }}
resources:
requests:
storage: {{ .Values.fileserver.storage.data.size | quote }}
{{- if .Values.fileserver.storage.data.class }}
storageClassName: {{ .Values.fileserver.storage.data.class | quote }}
{{- end -}}
{{- end }}
{{- end }}
{{- end }}

23
charts/clearml/templates/fileserver-service.yaml Normal file
View File

@@ -0,0 +1,23 @@
{{- if .Values.fileserver.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "fileserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- with .Values.fileserver.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.fileserver.service.type }}
ports:
- port: {{ .Values.fileserver.service.port }}
targetPort: 8081
{{- if eq .Values.fileserver.service.type "NodePort" }}
nodePort: {{ .Values.fileserver.service.nodePort }}
{{- end }}
protocol: TCP
selector:
{{- include "fileserver.selectorLabels" . | nindent 4 }}
{{- end }}

9
charts/clearml/templates/imagePullSecret.yaml
View File

@@ -1,9 +0,0 @@
{{- if .Values.imageCredentials.enabled -}}
apiVersion: v1
kind: Secret
metadata:
name: clearml-agent-registry-key
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ template "imagePullSecret" . }}
{{- end }}

45
charts/clearml/templates/ingress-api.yaml
View File

@@ -1,45 +0,0 @@
{{- if .Values.ingress.api.enabled -}}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ include "clearml.fullname" . }}-api
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- $annotations := .Values.ingress.annotations }}
{{- if .Values.ingress.api.annotations }}
{{- $annotations = mergeOverwrite $annotations .Values.ingress.api.annotations }}
{{- end }}
annotations:
{{- toYaml $annotations | nindent 4 }}
spec:
{{- if .Values.ingress.api.tlsSecretName }}
tls:
- hosts:
- {{ .Values.ingress.api.hostName }}
secretName: {{ .Values.ingress.api.tlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.ingress.api.hostName }}
http:
paths:
- path: {{ .Values.ingress.api.path }}
{{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
backend:
service:
name: {{ include "clearml.fullname" . }}-apiserver
port:
number: {{ .Values.apiserver.service.port }}
{{ else }}
backend:
serviceName: {{ include "clearml.fullname" . }}-apiserver
servicePort: {{ .Values.apiserver.service.port }}
{{ end }}
{{- end }}

44
charts/clearml/templates/ingress-app.yaml
View File

@@ -1,44 +0,0 @@
{{- if .Values.ingress.app.enabled -}}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ include "clearml.fullname" . }}-app
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- $annotations := .Values.ingress.annotations }}
{{- if .Values.ingress.app.annotations }}
{{- $annotations = mergeOverwrite $annotations .Values.ingress.app.annotations }}
{{- end }}
annotations:
{{- toYaml $annotations | nindent 4 }}
spec:
{{- if .Values.ingress.app.tlsSecretName }}
tls:
- hosts:
- {{ .Values.ingress.app.hostName }}
secretName: {{ .Values.ingress.app.tlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.ingress.app.hostName }}
http:
paths:
- path: {{ .Values.ingress.app.path }}
{{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
backend:
service:
name: {{ include "clearml.fullname" . }}-webserver
port:
number: {{ .Values.webserver.service.port }}
{{ else }}
backend:
serviceName: {{ include "clearml.fullname" . }}-webserver
servicePort: {{ .Values.webserver.service.port }}
{{ end }}
{{- end }}

44
charts/clearml/templates/ingress-files.yaml
View File

@@ -1,44 +0,0 @@
{{- if .Values.ingress.files.enabled -}}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ include "clearml.fullname" . }}-files
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- $annotations := .Values.ingress.annotations }}
{{- if .Values.ingress.files.annotations }}
{{- $annotations = mergeOverwrite $annotations .Values.ingress.files.annotations }}
{{- end }}
annotations:
{{- toYaml $annotations | nindent 4 }}
spec:
{{- if .Values.ingress.files.tlsSecretName }}
tls:
- hosts:
- {{ .Values.ingress.files.hostName }}
secretName: {{ .Values.ingress.files.tlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.ingress.files.hostName }}
http:
paths:
- path: {{ .Values.ingress.files.path }}
{{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
backend:
service:
name: {{ include "clearml.fullname" . }}-fileserver
port:
number: {{ .Values.fileserver.service.port }}
{{ else }}
backend:
serviceName: {{ include "clearml.fullname" . }}-fileserver
servicePort: {{ .Values.fileserver.service.port }}
{{ end }}
{{- end }}

13
charts/clearml/templates/secrets.yaml
View File

@@ -1,13 +0,0 @@
{{- if not .Values.secret.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: clearml-conf
stringData:
apiserver_key: {{ .Values.secret.credentials.apiserver.accessKey }}
apiserver_secret: {{ .Values.secret.credentials.apiserver.secretKey }}
http_session: {{ .Values.secret.httpSession }}
auth_token: {{ .Values.secret.authToken }}
tests_user_key: {{ .Values.secret.credentials.tests.accessKey }}
tests_user_secret: {{ .Values.secret.credentials.tests.secretKey }}
{{- end }}

17
charts/clearml/templates/service-fileserver.yaml
View File

@@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "clearml.fullname" . }}-fileserver
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
type: {{ .Values.fileserver.service.type }}
ports:
- port: {{ .Values.fileserver.service.port }}
targetPort: {{ .Values.fileserver.service.port }}
{{- if eq .Values.fileserver.service.type "NodePort" }}
nodePort: {{ .Values.fileserver.service.nodePort }}
{{- end }}
protocol: TCP
selector:
{{- include "clearml.selectorLabelsFileServer" . | nindent 4 }}

17
charts/clearml/templates/service-webserver.yaml
View File

@@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "clearml.fullname" . }}-webserver
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
type: {{ .Values.webserver.service.type }}
ports:
- port: {{ .Values.webserver.service.port }}
targetPort: {{ .Values.webserver.service.port }}
{{- if eq .Values.webserver.service.type "NodePort" }}
nodePort: {{ .Values.webserver.service.nodePort }}
{{- end }}
protocol: TCP
selector:
{{- include "clearml.selectorLabelsWebServer" . | nindent 4 }}

4
charts/clearml/templates/configmap-webserver.yaml → charts/clearml/templates/webserver-configmap.yaml Executable file → Normal file
View File

@@ -1,8 +1,8 @@
{{- if .Values.webserver.additionalConfigs -}}
{{- if .Values.webserver.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ include "clearml.fullname" . }}-webserver-configmap"
name: "{{ include "webserver.referenceName" . }}-configmap"
labels:
{{- include "clearml.labels" . | nindent 4 }}
data:

105
charts/clearml/templates/webserver-deployment.yaml Normal file
View File

@@ -0,0 +1,105 @@
{{- if .Values.webserver.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "webserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.webserver.replicaCount }}
selector:
matchLabels:
{{- include "webserver.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.webserver.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "webserver.selectorLabels" . | nindent 8 }}
spec:
{{- if .Values.imageCredentials.enabled }}
imagePullSecrets:
{{- if .Values.imageCredentials.existingSecret }}
- name: {{ .Values.imageCredentials.existingSecret }}
{{- else }}
- name: clearml-registry-key
{{- end }}
{{- end }}
volumes:
- name: webserver-config
configMap:
name: "{{ include "webserver.referenceName" . }}-configmap"
securityContext:
{{ toYaml .Values.webserver.podSecurityContext | nindent 8 }}
initContainers:
- name: init-webserver
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.webserver.image.registry) }}{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag }}"
command:
- /bin/sh
- -c
- >
set -x;
while [ $(curl -sw '%{http_code}' "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}/debug.ping" -o /dev/null) -ne 200 ] ; do
echo "waiting for apiserver" ;
sleep 5 ;
done
securityContext:
{{ toYaml .Values.webserver.containerSecurityContext | nindent 12 }}
resources:
{{- toYaml .Values.webserver.initContainers.resources | nindent 12 }}
containers:
- name: clearml-webserver
image: "{{ include "registryNamePrefix" (dict "globalValues" .Values.global "imageRegistryValue" .Values.webserver.image.registry) }}{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag }}"
imagePullPolicy: {{ .Values.webserver.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://localhost:80/
readinessProbe:
exec:
command:
- curl
- -X OPTIONS
- http://localhost:80/
env:
- name: NGINX_APISERVER_ADDRESS
value: "http://{{ include "apiserver.referenceName" . }}:{{ .Values.apiserver.service.port }}"
- name: NGINX_FILESERVER_ADDRESS
value: "http://{{ include "fileserver.referenceName" . }}:{{ .Values.fileserver.service.port }}"
{{- if include "clearml.clientConfiguration" . }}
- name: WEBSERVER__displayedServerUrls
value: {{ include "clearml.clientConfiguration" . | quote }}
{{- end }}
{{- if .Values.webserver.extraEnvs }}
{{ toYaml .Values.webserver.extraEnvs | nindent 10 }}
{{- end }}
args:
- webserver
volumeMounts:
- name: webserver-config
mountPath: /mnt/external_files/configs
resources:
{{- toYaml .Values.webserver.resources | nindent 12 }}
securityContext:
{{ toYaml .Values.webserver.containerSecurityContext | nindent 12 }}
{{- with .Values.webserver.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webserver.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webserver.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

49
charts/clearml/templates/webserver-ingress.yaml Normal file
View File

@@ -0,0 +1,49 @@
{{- if .Values.webserver.enabled }}
{{- if .Values.webserver.ingress.enabled }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ include "webserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- $annotations := .Values.webserver.ingress.annotations }}
{{- if .Values.webserver.ingress.annotations }}
{{- $annotations = mergeOverwrite $annotations .Values.webserver.ingress.annotations }}
{{- end }}
annotations:
{{- toYaml $annotations | nindent 4 }}
spec:
{{- if .Values.webserver.ingress.ingressClassName }}
ingressClassName: {{ .Values.webserver.ingress.ingressClassName }}
{{- end }}
{{- if .Values.webserver.ingress.tlsSecretName }}
tls:
- hosts:
- {{ .Values.webserver.ingress.hostName }}
secretName: {{ .Values.webserver.ingress.tlsSecretName }}
{{- end }}
rules:
- host: {{ .Values.webserver.ingress.hostName }}
http:
paths:
- path: {{ .Values.webserver.ingress.path }}
{{ if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
backend:
service:
name: {{ include "webserver.referenceName" . }}
port:
number: {{ .Values.webserver.service.port }}
{{ else }}
backend:
serviceName: {{ include "webserver.referenceName" . }}
servicePort: {{ .Values.webserver.service.port }}
{{ end }}
{{- end }}
{{- end }}

23
charts/clearml/templates/webserver-service.yaml Normal file
View File

@@ -0,0 +1,23 @@
{{- if .Values.webserver.enabled -}}
apiVersion: v1
kind: Service
metadata:
name: {{ include "webserver.referenceName" . }}
labels:
{{- include "clearml.labels" . | nindent 4 }}
{{- with .Values.webserver.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.webserver.service.type }}
ports:
- port: {{ .Values.webserver.service.port }}
targetPort: 80
{{- if eq .Values.webserver.service.type "NodePort" }}
nodePort: {{ .Values.webserver.service.nodePort }}
{{- end }}
protocol: TCP
selector:
{{- include "webserver.selectorLabels" . | nindent 4 }}
{{- end }}

41
charts/clearml/values-production.yaml Executable file
View File

@@ -0,0 +1,41 @@
apiserver:
service:
type: ClusterIP
ingress:
enabled: true
hostName: "api.clearml.127-0-0-1.nip.io"
fileserver:
service:
type: ClusterIP
ingress:
enabled: true
hostName: "files.clearml.127-0-0-1.nip.io"
webserver:
service:
type: ClusterIP
ingress:
enabled: true
hostName: "app.clearml.127-0-0-1.nip.io"
redis:
architecture: replication
master:
persistence:
enabled: true
accessModes:
- ReadWriteOnce
size: 5Gi
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
storageClass: null
replica:
replicaCount: 2
mongodb:
enabled: true
architecture: replicaset
replicaCount: 2
arbiter:
enabled: false
pdb:
create: true
podAntiAffinityPreset: soft
elasticsearch:
replicas: 3

479
charts/clearml/values.yaml Executable file → Normal file
View File

@@ -1,4 +1,9 @@
# -- Private image registry configuration
# -- Global parameters section
global:
# -- Images registry
imageRegistry: "docker.io"
# -- Container registry configuration
imageCredentials:
# -- Use private authentication mode
enabled: false
@@ -15,232 +20,326 @@ imageCredentials:
# -- ClearMl generic configurations
clearml:
# -- Name fo the UI cookie
cookieName: "clearml-token-k8s"
# -- Cookie domain to be left empty if not exposed with an ingress
cookieDomain: ""
# -- Company name
defaultCompany: "d1bd92a3b039400cbafc60a7a5b1e52b"
ingress:
name: clearml-server-ingress
annotations: {}
app:
enabled: false
hostName: "app.clearml.127-0-0-1.nip.io"
tlsSecretName: ""
annotations: {}
path: "/"
api:
enabled: false
hostName: "api.clearml.127-0-0-1.nip.io"
tlsSecretName: ""
annotations: {}
path: "/"
files:
enabled: false
hostName: "files.clearml.127-0-0-1.nip.io"
tlsSecretName: ""
annotations: {}
path: "/"
secret:
# -- If this is set, chart will not generate a secret but will use what is defined here
# -- Api Server basic auth key
apiserverKey: GGS9F4M6XB2DXJ5AFT9F
# -- Api Server basic auth secret
apiserverSecret: 2oGujVFhPfaozhpuz2GzQfA5OyxmMsR3WVJpsCR5hrgHFs20PO
# -- File Server basic auth key
fileserverKey: XXCRJ123CEE2KSQ068WO
# -- File Server basic auth secret
fileserverSecret: YIy8EVAC7QCT4FtgitxAQGyW7xRHDZ4jpYlTE7HKiscpORl1hG
# -- Readiness probe basic auth key
readinessprobeKey: GK4PRTVT3706T25K6BA1
# -- Readiness probe basic auth secret
readinessprobeSecret: ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2
# -- Secure Auth secret
secureAuthTokenSecret: ymLh1ok5k5xNUQfS944Xdx9xjf0wueokqKM2dMZfHuH9ayItG2
# -- Test Server basic auth key
testUserKey: "ENP39EQM4SLACGD5FXB7"
# -- Test File Server basic auth secret
testUserSecret: "lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"
# -- Override the API Urls displayed when showing an example of the SDK's clearml.conf configuration
clientConfigurationApiUrl: ""
# -- Override the Files Urls displayed when showing an example of the SDK's clearml.conf configuration
clientConfigurationFilesUrl: ""
# -- Pass Clearml secrets using an existing secret
# must contain the keys: apiserver_key, apiserver_secret, secure_auth_token_secret, test_user_key, test_user_secret
existingSecret: ""
# -- Set for http_session field
httpSession: "9Tw20RbhJ1bLBiHEOWXvhplKGUbTgLzAtwFN2oLQvWwS0uRpD5"
# -- Set for auth_token field
authToken: "1SCf0ov3Nm544Td2oZ0gXSrsNx5XhMWdVlKz1tOgcx158bD5RV"
credentials:
apiserver:
# -- Set for apiserver_key field
accessKey: "5442F3443MJMORWZA3ZH"
# -- Set for apiserver_secret field
secretKey: "BxapIRo9ZINi8x25CRxz8Wdmr2pQjzuWVB4PNASZqCtTyWgWVQ"
tests:
# -- Set for tests_user_key field
accessKey: "ENP39EQM4SLACGD5FXB7"
# -- Set for tests_user_secret field
secretKey: "lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"
# -- Api Server configurations
apiserver:
prepopulateEnabled: "true"
prepopulateZipFiles: "/opt/clearml/db-pre-populate"
prepopulateArtifactsPath: "/mnt/fileserver"
configDir: /opt/clearml/config
# -- Amount of seconds the authorization cookie will last in user browser
authCookiesMaxAge: 864000
# -- Enable/Disable component deployment
enabled: true
# -- Enable/Disable example data load
prepopulateEnabled: true
# -- Api Server image configuration
image:
registry: ""
repository: "allegroai/clearml"
pullPolicy: IfNotPresent
tag: "1.12.0-393"
# -- Api Server internal service configuration
service:
# -- This will set to service's spec.type field
# -- specific annotation for Api Server service
annotations: {}
type: NodePort
port: 8008
# -- If service.type set to NodePort, this will be set to service's nodePort field.
# If service.type is set to others, this field will be ignored
nodePort: 30008
livenessDelay: 60
readinessDelay: 60
# -- Api Server number of pods
replicaCount: 1
# -- Api Server resources per initContainers pod
initContainers:
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 10m
memory: 64Mi
# -- Ingress configuration for Api Server component
ingress:
# -- Enable/Disable ingress
enabled: false
# -- ClassName (must be defined if no default ingressClassName is available)
ingressClassName: ""
# -- Ingress hostname domain
hostName: "api.clearml.127-0-0-1.nip.io"
# -- Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule.
tlsSecretName: ""
# -- Ingress annotations
annotations: {}
# -- Ingress root path url
path: "/"
# -- Api Server internal processes configuration
processes:
# -- Api Server internal listing processes
count: 8
# -- Api timeout (ms)
timeout: 24000
# -- Api Server maximum number of concurrent requests
maxRequests: 1000
# -- Api Server max jitter on api request
maxRequestsJitter: 300
# -- Api Server extra envrinoment variables
extraEnvs: []
# -- specific annotation for Api Server pods
podAnnotations: {}
# -- Api Server resources per pod; these are minimal requirements, it's suggested to increase
# these values in production environments
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 2000m
memory: 1Gi
# -- Api Server nodeselector
nodeSelector: {}
# -- Api Server tolerations setup
tolerations: []
# -- Api Server affinity setup
affinity: {}
# -- Api Server pod security context
podSecurityContext: {}
# -- Api Server containers security context
containerSecurityContext: {}
# runAsUser: 1001
# fsGroup: 1001
# -- reference for files declared in existing ConfigMap will be mounted and read by apiserver (examples in values.yaml)
existingAdditionalConfigsConfigMap: ""
# -- reference for files declared in existing Secret will be mounted and read by apiserver (examples in values.yaml) if not overridden by existingAdditionalConfigsConfigMap
existingAdditionalConfigsSecret: ""
# -- files declared in this parameter will be mounted and read by apiserver (examples in values.yaml) if not overridden by existingAdditionalConfigsSecret
additionalConfigs: {}
# services.conf: |
# tasks {
# non_responsive_tasks_watchdog {
# # In-progress tasks that haven't been updated for at least 'value' seconds will be stopped by the watchdog
# threshold_sec: 21000
# # Watchdog will sleep for this number of seconds after each cycle
# watch_interval_sec: 900
# }
# }
# apiserver.conf: |
# auth {
# fixed_users {
# enabled: true
# pass_hashed: false
# users: [
# {
# username: "jane"
# password: "12345678"
# name: "Jane Doe"
# },
# {
# username: "john"
# password: "12345678"
# name: "John Doe"
# },
# ]
# }
# }
# -- File Server configurations
fileserver:
# -- Enable/Disable component deployment
enabled: true
# -- File Server image configuration
image:
registry: ""
repository: "allegroai/clearml"
pullPolicy: IfNotPresent
tag: "1.8.0"
extraEnvs: []
podAnnotations: {}
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}
# -- additional configurations that can be used by api server; check examples in values.yaml file
configuration:
configRefName: ""
secretRefName: ""
additionalConfigs: {}
# services.conf: |
# tasks {
# non_responsive_tasks_watchdog {
# # In-progress tasks that haven't been updated for at least 'value' seconds will be stopped by the watchdog
# threshold_sec: 21000
# # Watchdog will sleep for this number of seconds after each cycle
# watch_interval_sec: 900
# }
# }
# apiserver.conf: |
# auth {
# fixed_users {
# enabled: true
# pass_hashed: false
# users: [
# {
# username: "jane"
# password: "12345678"
# name: "Jane Doe"
# },
# {
# username: "john"
# password: "12345678"
# name: "John Doe"
# },
# ]
# }
# }
fileserver:
tag: "1.12.0-393"
# -- File Server internal service configuration
service:
# -- This will set to service's spec.type field
# -- specific annotation for File Server service
annotations: {}
type: NodePort
port: 8081
# -- If service.type set to NodePort, this will be set to service's nodePort field.
# If service.type is set to others, this field will be ignored
nodePort: 30081
# -- File Server number of pods
replicaCount: 1
image:
repository: "allegroai/clearml"
pullPolicy: IfNotPresent
tag: "1.8.0"
# -- File Server resources per initContainers pod
initContainers:
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 10m
memory: 64Mi
# -- Ingress configuration for File Server component
ingress:
# -- Enable/Disable ingress
enabled: false
# -- ClassName (must be defined if no default ingressClassName is available)
ingressClassName: ""
# -- Ingress hostname domain
hostName: "files.clearml.127-0-0-1.nip.io"
# -- Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule.
tlsSecretName: ""
# -- Ingress annotations
annotations: {}
# -- Ingress root path url
path: "/"
# -- File Server extra envrinoment variables
extraEnvs: []
# -- specific annotation for File Server pods
podAnnotations: {}
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- File Server resources per pod; these are minimal requirements, it's suggested to increase
# these values in production environments
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 2000m
memory: 1Gi
# -- File Server nodeselector
nodeSelector: {}
# -- File Server tolerations setup
tolerations: []
# -- File Server affinity setup
affinity: {}
# -- File Server pod security context
podSecurityContext: {}
# -- File Server containers security context
containerSecurityContext: {}
# runAsUser: 1001
# fsGroup: 1001
# -- File server persistence settings
storage:
# -- If set to false no PVC is created and emptyDir is used
enabled: true
data:
# -- If set, it uses an already existing PVC instead of dynamic provisioning
existingPVC: ""
# -- Storage class (use default if empty)
class: ""
# -- Access mode (must be ReadWriteMany if fileserver replica > 1)
accessMode: ReadWriteOnce
size: 50Gi
# -- Web Server configurations
webserver:
extraEnvs: []
# -- Enable/Disable component deployment
enabled: true
# -- Web Server image configuration
image:
registry: ""
repository: "allegroai/clearml"
pullPolicy: IfNotPresent
tag: "1.12.0-393"
# -- Web Server internal service configuration
service:
# -- This will set to service's spec.type field
# -- specific annotation for Web Server service
annotations: {}
type: NodePort
port: 80
port: 8080
# -- If service.type set to NodePort, this will be set to service's nodePort field.
# If service.type is set to others, this field will be ignored
nodePort: 30080
# -- Web Server number of pods
replicaCount: 1
image:
repository: "allegroai/clearml"
pullPolicy: IfNotPresent
tag: "1.8.0"
# -- Web Server resources per initContainers pod
initContainers:
resources:
requests:
cpu: 10m
memory: 64Mi
limits:
cpu: 10m
memory: 64Mi
# -- Ingress configuration for Web Server component
ingress:
# -- Enable/Disable ingress
enabled: false
# -- ClassName (must be defined if no default ingressClassName is available)
ingressClassName: ""
# -- Ingress hostname domain
hostName: "app.clearml.127-0-0-1.nip.io"
# -- Reference to secret containing TLS certificate. If set, it enables HTTPS on ingress rule.
tlsSecretName: ""
# -- Ingress annotations
annotations: {}
# -- Ingress root path url
path: "/"
# -- Web Server extra envrinoment variables
extraEnvs: []
# -- specific annotation for Web Server pods
podAnnotations: {}
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- Web Server resources per pod; these are minimal requirements, it's suggested to increase
# these values in production environments
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 2000m
memory: 1Gi
# -- Web Server nodeselector
nodeSelector: {}
# -- Web Server tolerations setup
tolerations: []
# -- Web Server affinity setup
affinity: {}
# -- Web Server pod security context
podSecurityContext: {}
# -- Web Server containers security context
containerSecurityContext: {}
# runAsUser: 1001
# fsGroup: 1001
# -- Additional specific webserver configurations
additionalConfigs: {}
# -- Definition of external services to use if not enabled as dependency charts here
externalServices:
# -- Existing ElasticSearch Hostname to use if elasticsearch.enabled is false
elasticsearchHost: ""
# -- Existing ElasticSearch Port to use if elasticsearch.enabled is false
elasticsearchPort: 9200
# -- Existing MongoDB Hostname to use if mongodb.enabled is false
mongodbHost: ""
# -- Existing MongoDB Port to use if mongodb.enabled is false
mongodbPort: 27017
# -- Existing Redis Hostname to use if redis.enabled is false
redisHost: ""
# -- Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml)
elasticsearchConnectionString: "[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]"
# -- Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml)
mongodbConnectionStringAuth: "mongodb://mongodb_hostname:27017/auth"
# -- Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml)
mongodbConnectionStringBackend: "mongodb://mongodb_hostnamehostname:27017/backend"
# -- Existing Redis Hostname to use if redis.enabled is false (example in values.yaml)
redisHost: "redis_hostname"
# -- Existing Redis Port to use if redis.enabled is false
redisPort: 6379
redis: # configuration from https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml
# -- Configuration from https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml
redis:
enabled: true
usePassword: false
auth:
enabled: false
databaseNumber: 0
master:
name: "{{ .Release.Name }}-redis-master"
@@ -250,10 +349,12 @@ redis: # configuration from https://github.com/bitnami/charts/blob/master/bitna
accessModes:
- ReadWriteOnce
size: 5Gi
cluster:
enabled: false
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
storageClass: null
architecture: standalone
mongodb: # configuration from https://github.com/bitnami/charts/blob/master/bitnami/mongodb/values.yaml
# -- Configuration from https://github.com/bitnami/charts/blob/master/bitnami/mongodb/values.yaml
mongodb:
enabled: true
architecture: standalone
auth:
@@ -264,13 +365,11 @@ mongodb: # configuration from https://github.com/bitnami/charts/blob/master/bit
accessModes:
- ReadWriteOnce
size: 50Gi
service:
name: "{{ .Release.Name }}-mongodb"
type: ClusterIP
port: 27017
portName: mongo-service
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
storageClass: null
elasticsearch: # configuration from https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/values.yaml
# -- Configuration from https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/values.yaml
elasticsearch:
enabled: true
httpPort: 9200
roles:
@@ -306,13 +405,17 @@ elasticsearch: # configuration from https://github.com/elastic/helm-charts/blob
value: "false"
resources:
requests:
memory: "4Gi"
cpu: 100m
memory: 2Gi
limits:
memory: "4Gi"
cpu: 2000m
memory: 4Gi
persistence:
enabled: true
volumeClaimTemplate:
accessModes: ["ReadWriteOnce"]
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
storageClassName: null
resources:
requests:
storage: 50Gi

2
dependency_charts/elasticsearch/.helmignore
View File

@@ -1,2 +0,0 @@
tests/
.pytest_cache/

12
dependency_charts/elasticsearch/Chart.yaml
View File

@@ -1,12 +0,0 @@
apiVersion: v1
appVersion: 7.16.2
description: Official Elastic helm chart for Elasticsearch
home: https://github.com/elastic/helm-charts
icon: https://helm.elastic.co/icons/elasticsearch.png
maintainers:
- email: helm-charts@elastic.co
name: Elastic
name: elasticsearch
sources:
- https://github.com/elastic/elasticsearch
version: 7.16.2

1
dependency_charts/elasticsearch/Makefile
View File

@@ -1 +0,0 @@
include ../helpers/common.mk

457
dependency_charts/elasticsearch/README.md
View File

@@ -1,457 +0,0 @@
# Elasticsearch Helm Chart
[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+master.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+master/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic)
This Helm chart is a lightweight way to configure and run our official
[Elasticsearch Docker image][].
<!-- development warning placeholder -->
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
- [Requirements](#requirements)
- [Installing](#installing)
- [Install released version using Helm repository](#install-released-version-using-helm-repository)
- [Install development version from a branch](#install-development-version-from-a-branch)
- [Upgrading](#upgrading)
- [Usage notes](#usage-notes)
- [Configuration](#configuration)
- [Deprecated](#deprecated)
- [FAQ](#faq)
- [How to deploy this chart on a specific K8S distribution?](#how-to-deploy-this-chart-on-a-specific-k8s-distribution)
- [How to deploy dedicated nodes types?](#how-to-deploy-dedicated-nodes-types)
- [Clustering and Node Discovery](#clustering-and-node-discovery)
- [How to deploy clusters with security (authentication and TLS) enabled?](#how-to-deploy-clusters-with-security-authentication-and-tls-enabled)
- [How to migrate from helm/charts stable chart?](#how-to-migrate-from-helmcharts-stable-chart)
- [How to install plugins?](#how-to-install-plugins)
- [How to use the keystore?](#how-to-use-the-keystore)
- [Basic example](#basic-example)
- [Multiple keys](#multiple-keys)
- [Custom paths and keys](#custom-paths-and-keys)
- [How to enable snapshotting?](#how-to-enable-snapshotting)
- [How to configure templates post-deployment?](#how-to-configure-templates-post-deployment)
- [Contributing](#contributing)
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
<!-- Use this to update TOC: -->
<!-- docker run --rm -it -v $(pwd):/usr/src jorgeandrada/doctoc --github -->
## Requirements
* Kubernetes >= 1.14
* [Helm][] >= 2.17.0
* Minimum cluster requirements include the following to run this chart with
default settings. All of these settings are configurable.
* Three Kubernetes nodes to respect the default "hard" affinity settings
* 1GB of RAM for the JVM heap
See [supported configurations][] for more details.
## Installing
This chart is tested with the latest 7.16.2 version.
### Install released version using Helm repository
* Add the Elastic Helm charts repo:
`helm repo add elastic https://helm.elastic.co`
* Install it:
- with Helm 3: `helm install elasticsearch --version <version> elastic/elasticsearch`
- with Helm 2 (deprecated): `helm install --name elasticsearch --version <version> elastic/elasticsearch`
### Install development version from a branch
* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git`
* Checkout the branch : `git checkout 7.16`
* Install it:
- with Helm 3: `helm install elasticsearch ./helm-charts/elasticsearch --set imageTag=7.16.2`
- with Helm 2 (deprecated): `helm install --name elasticsearch ./helm-charts/elasticsearch --set imageTag=7.16.2`
## Upgrading
Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before
upgrading to a new chart version.
## Usage notes
* This repo includes a number of [examples][] configurations which can be used
as a reference. They are also used in the automated testing of this chart.
* Automated testing of this chart is currently only run against GKE (Google
Kubernetes Engine).
* The chart deploys a StatefulSet and by default will do an automated rolling
update of your cluster. It does this by waiting for the cluster health to become
green after each instance is updated. If you prefer to update manually you can
set `OnDelete` [updateStrategy][].
* It is important to verify that the JVM heap size in `esJavaOpts` and to set
the CPU/Memory `resources` to something suitable for your cluster.
* To simplify chart and maintenance each set of node groups is deployed as a
separate Helm release. Take a look at the [multi][] example to get an idea for
how this works. Without doing this it isn't possible to resize persistent
volumes in a StatefulSet. By setting it up this way it makes it possible to add
more nodes with a new storage size then drain the old ones. It also solves the
problem of allowing the user to determine which node groups to update first when
doing upgrades or changes.
* We have designed this chart to be very un-opinionated about how to configure
Elasticsearch. It exposes ways to set environment variables and mount secrets
inside of the container. Doing this makes it much easier for this chart to
support multiple versions with minimal changes.
## Configuration
| Parameter | Description | Default |
|------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|
| `antiAffinityTopologyKey` | The [anti-affinity][] topology key. By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` |
| `antiAffinity` | Setting this to hard enforces the [anti-affinity][] rules. If it is set to soft it will be done "best effort". Other values will be ignored | `hard` |
| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params][] that will be used by readiness [probe][] command | `wait_for_status=green&timeout=1s` |
| `clusterName` | This will be used as the Elasticsearch [cluster.name][] and should be unique per cluster in the namespace | `elasticsearch` |
| `clusterDeprecationIndexing` | Enable or disable deprecation logs to be indexed (should be disabled when deploying master only node groups) | `false` |
| `enableServiceLinks` | Set to false to disabling service links, which can cause slow pod startup times when there are many services in the current namespace. | `true` |
| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` |
| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml][] for an example of the formatting | `{}` |
| `esJavaOpts` | [Java options][] for Elasticsearch. This is where you could configure the [jvm heap size][] | `""` |
| `esMajorVersion` | Deprecated. Instead, use the version of the chart corresponding to your ES minor version. Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` |
| `extraContainers` | Templatable string of additional `containers` to be passed to the `tpl` function | `""` |
| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | `[]` |
| `extraInitContainers` | Templatable string of additional `initContainers` to be passed to the `tpl` function | `""` |
| `extraVolumeMounts` | Templatable string of additional `volumeMounts` to be passed to the `tpl` function | `""` |
| `extraVolumes` | Templatable string of additional `volumes` to be passed to the `tpl` function | `""` |
| `fullnameOverride` | Overrides the `clusterName` and `nodeGroup` when used in the naming of resources. This should only be used when using a single `nodeGroup`, otherwise you will have name conflicts | `""` |
| `healthNameOverride` | Overrides `test-elasticsearch-health` pod name | `""` |
| `hostAliases` | Configurable [hostAliases][] | `[]` |
| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port][] in `extraEnvs` | `9200` |
| `imagePullPolicy` | The Kubernetes [imagePullPolicy][] value | `IfNotPresent` |
| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` |
| `imageTag` | The Elasticsearch Docker image tag | `7.16.2` |
| `image` | The Elasticsearch Docker image | `docker.elastic.co/elasticsearch/elasticsearch` |
| `ingress` | Configurable [ingress][] to expose the Elasticsearch service. See [values.yaml][] for an example | see [values.yaml][] |
| `initResources` | Allows you to set the [resources][] for the `initContainer` in the StatefulSet | `{}` |
| `keystore` | Allows you map Kubernetes secrets into the keystore. See the [config example][] and [how to use the keystore][] | `[]` |
| `labels` | Configurable [labels][] applied to all Elasticsearch pods | `{}` |
| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` |
| `masterService` | The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery][] for more information | `""` |
| `maxUnavailable` | The [maxUnavailable][] value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` |
| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes][]. Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7 | `2` |
| `nameOverride` | Overrides the `clusterName` when used in the naming of resources | `""` |
| `networkHost` | Value for the [network.host Elasticsearch setting][] | `0.0.0.0` |
| `networkPolicy` | The [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) to set. See [`values.yaml`](./values.yaml) for an example | `{http.enabled: false,transport.enabled: false}` |
| `nodeAffinity` | Value for the [node affinity settings][] | `{}` |
| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` , `nameOverride-nodeGroup-X` if a `nameOverride` is specified, and `fullnameOverride-X` if a `fullnameOverride` is specified | `master` |
| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Elasticsearch cluster | `{}` |
| `persistence` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles][] which don't require persistent data | see [values.yaml][] |
| `podAnnotations` | Configurable [annotations][] applied to all Elasticsearch pods | `{}` |
| `podManagementPolicy` | By default Kubernetes [deploys StatefulSets serially][]. This deploys them in parallel so that they can discover each other | `Parallel` |
| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] |
| `podSecurityPolicy` | Configuration for create a pod security policy with minimal permissions to run this Helm chart with `create: true`. Also can be used to reference an external pod security policy with `name: "externalPodSecurityPolicy"` | see [values.yaml][] |
| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` |
| `protocol` | The protocol that will be used for the readiness [probe][]. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` |
| `rbac` | Configuration for creating a role, role binding and ServiceAccount as part of this Helm chart with `create: true`. Also can be used to reference an external ServiceAccount with `serviceAccountName: "externalServiceAccountName"`, or automount the service account token | see [values.yaml][] |
| `readinessProbe` | Configuration fields for the readiness [probe][] | see [values.yaml][] |
| `replicas` | Kubernetes replica count for the StatefulSet (i.e. how many pods) | `3` |
| `resources` | Allows you to set the [resources][] for the StatefulSet | see [values.yaml][] |
| `roles` | A hash map with the specific [roles][] for the `nodeGroup` | see [values.yaml][] |
| `schedulerName` | Name of the [alternate scheduler][] | `""` |
| `secretMounts` | Allows you easily mount a secret as a file inside the StatefulSet. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` |
| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] |
| `service.annotations` | [LoadBalancer annotations][] that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` | `{}` |
| `service.enabled` | Enable non-headless service | `true` |
| `service.externalTrafficPolicy` | Some cloud providers allow you to specify the [LoadBalancer externalTrafficPolicy][]. Kubernetes will use this to preserve the client source IP. This will configure load balancer if `service.type` is `LoadBalancer` | `""` |
| `service.httpPortName` | The name of the http port within the service | `http` |
| `service.labelsHeadless` | Labels to be added to headless service | `{}` |
| `service.labels` | Labels to be added to non-headless service | `{}` |
| `service.loadBalancerIP` | Some cloud providers allow you to specify the [loadBalancer][] IP. If the `loadBalancerIP` field is not specified, the IP is dynamically assigned. If you specify a `loadBalancerIP` but your cloud provider does not support the feature, it is ignored. | `""` |
| `service.loadBalancerSourceRanges` | The IP ranges that are allowed to access | `[]` |
| `service.nodePort` | Custom [nodePort][] port that can be set if you are using `service.type: nodePort` | `""` |
| `service.transportPortName` | The name of the transport port within the service | `transport` |
| `service.type` | Elasticsearch [Service Types][] | `ClusterIP` |
| `sysctlInitContainer` | Allows you to disable the `sysctlInitContainer` if you are setting [sysctl vm.max_map_count][] with another method | `enabled: true` |
| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count][] needed for Elasticsearch | `262144` |
| `terminationGracePeriod` | The [terminationGracePeriod][] in seconds used when trying to stop the pod | `120` |
| `tests.enabled` | Enable creating test related resources when running `helm template` or `helm test` | `true` |
| `tolerations` | Configurable [tolerations][] | `[]` |
| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration][] in `extraEnvs` | `9300` |
| `updateStrategy` | The [updateStrategy][] for the StatefulSet. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` |
| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for StatefulSets][]. You will want to adjust the storage (default `30Gi` ) and the `storageClassName` if you are using a different storage class | see [values.yaml][] |
### Deprecated
| Parameter | Description | Default |
|-----------|---------------------------------------------------------------------------------------------------------------|---------|
| `fsGroup` | The Group ID (GID) for [securityContext][] so that the Elasticsearch user can read from the persistent volume | `""` |
## FAQ
### How to deploy this chart on a specific K8S distribution?
This chart is designed to run on production scale Kubernetes clusters with
multiple nodes, lots of memory and persistent storage. For that reason it can be
a bit tricky to run them against local Kubernetes environments such as
[Minikube][].
This chart is highly tested with [GKE][], but some K8S distribution also
requires specific configurations.
We provide examples of configuration for the following K8S providers:
- [Docker for Mac][]
- [KIND][]
- [Minikube][]
- [MicroK8S][]
- [OpenShift][]
### How to deploy dedicated nodes types?
All the Elasticsearch pods deployed share the same configuration. If you need to
deploy dedicated [nodes types][] (for example dedicated master and data nodes),
you can deploy multiple releases of this chart with different configurations
while they share the same `clusterName` value.
For each Helm release, the nodes types can then be defined using `roles` value.
An example of Elasticsearch cluster using 2 different Helm releases for master
and data nodes can be found in [examples/multi][].
#### Clustering and Node Discovery
This chart facilitates Elasticsearch node discovery and services by creating two
`Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup`
and another named `$clusterName-$nodeGroup-headless`.
Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all
pods ( `Ready` or not) are a part of `$clusterName-$nodeGroup-headless`.
If your group of master nodes has the default `nodeGroup: master` then you can
just add new groups of nodes with a different `nodeGroup` and they will
automatically discover the correct master. If your master nodes have a different
`nodeGroup` name then you will need to set `masterService` to
`$clusterName-$masterNodeGroup`.
The chart value for `masterService` is used to populate
`discovery.zen.ping.unicast.hosts` , which Elasticsearch nodes will use to
contact master nodes and form a cluster.
Therefore, to add a group of nodes to an existing cluster, setting
`masterService` to the desired `Service` name of the related cluster is
sufficient.
### How to deploy clusters with security (authentication and TLS) enabled?
This Helm chart can use existing [Kubernetes secrets][] to setup
credentials or certificates for examples. These secrets should be created
outside of this chart and accessed using [environment variables][] and volumes.
An example of Elasticsearch cluster using security can be found in
[examples/security][].
### How to migrate from helm/charts stable chart?
If you currently have a cluster deployed with the [helm/charts stable][] chart
you can follow the [migration guide][].
### How to install plugins?
The recommended way to install plugins into our Docker images is to create a
[custom Docker image][].
The Dockerfile would look something like:
```
ARG elasticsearch_version
FROM docker.elastic.co/elasticsearch/elasticsearch:${elasticsearch_version}
RUN bin/elasticsearch-plugin install --batch repository-gcs
```
And then updating the `image` in values to point to your custom image.
There are a couple reasons we recommend this.
1. Tying the availability of Elasticsearch to the download service to install
plugins is not a great idea or something that we recommend. Especially in
Kubernetes where it is normal and expected for a container to be moved to
another host at random times.
2. Mutating the state of a running Docker image (by installing plugins) goes
against best practices of containers and immutable infrastructure.
### How to use the keystore?
#### Basic example
Create the secret, the key name needs to be the keystore key path. In this
example we will create a secret from a file and from a literal string.
```
kubectl create secret generic encryption-key --from-file=xpack.watcher.encryption_key=./watcher_encryption_key
kubectl create secret generic slack-hook --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
```
To add these secrets to the keystore:
```
keystore:
- secretName: encryption-key
- secretName: slack-hook
```
#### Multiple keys
All keys in the secret will be added to the keystore. To create the previous
example in one secret you could also do:
```
kubectl create secret generic keystore-secrets --from-file=xpack.watcher.encryption_key=./watcher_encryption_key --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
```
```
keystore:
- secretName: keystore-secrets
```
#### Custom paths and keys
If you are using these secrets for other applications (besides the Elasticsearch
keystore) then it is also possible to specify the keystore path and which keys
you want to add. Everything specified under each `keystore` item will be passed
through to the `volumeMounts` section for mounting the [secret][]. In this
example we will only add the `slack_hook` key from a secret that also has other
keys. Our secret looks like this:
```
kubectl create secret generic slack-secrets --from-literal=slack_channel='#general' --from-literal=slack_hook='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
```
We only want to add the `slack_hook` key to the keystore at path
`xpack.notification.slack.account.monitoring.secure_url`:
```
keystore:
- secretName: slack-secrets
items:
- key: slack_hook
path: xpack.notification.slack.account.monitoring.secure_url
```
You can also take a look at the [config example][] which is used as part of the
automated testing pipeline.
### How to enable snapshotting?
1. Install your [snapshot plugin][] into a custom Docker image following the
[how to install plugins guide][].
2. Add any required secrets or credentials into an Elasticsearch keystore
following the [how to use the keystore][] guide.
3. Configure the [snapshot repository][] as you normally would.
4. To automate snapshots you can use [Snapshot Lifecycle Management][] or a tool
like [curator][].
### How to configure templates post-deployment?
You can use `postStart` [lifecycle hooks][] to run code triggered after a
container is created.
Here is an example of `postStart` hook to configure templates:
```yaml
lifecycle:
postStart:
exec:
command:
- bash
- -c
- |
#!/bin/bash
# Add a template to adjust number of shards/replicas
TEMPLATE_NAME=my_template
INDEX_PATTERN="logstash-*"
SHARD_COUNT=8
REPLICA_COUNT=1
ES_URL=http://localhost:9200
while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' $ES_URL)" != "200" ]]; do sleep 1; done
curl -XPUT "$ES_URL/_template/$TEMPLATE_NAME" -H 'Content-Type: application/json' -d'{"index_patterns":['\""$INDEX_PATTERN"\"'],"settings":{"number_of_shards":'$SHARD_COUNT',"number_of_replicas":'$REPLICA_COUNT'}}'
```
## Contributing
Please check [CONTRIBUTING.md][] before any contribution or for any questions
about our development and testing process.
[7.16]: https://github.com/elastic/helm-charts/releases
[#63]: https://github.com/elastic/helm-charts/issues/63
[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/master/BREAKING_CHANGES.md
[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/master/CHANGELOG.md
[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/master/CONTRIBUTING.md
[alternate scheduler]: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods
[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
[anti-affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
[cluster.name]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/important-settings.html#cluster-name
[clustering and node discovery]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/README.md#clustering-and-node-discovery
[config example]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/config/values.yaml
[curator]: https://www.elastic.co/guide/en/elasticsearch/client/curator/7.9/snapshot.html
[custom docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/docker.html#_c_customized_image
[deploys statefulsets serially]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
[discovery.zen.minimum_master_nodes]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/discovery-settings.html#minimum_master_nodes
[docker for mac]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/docker-for-mac
[elasticsearch cluster health status params]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/cluster-health.html#request-params
[elasticsearch docker image]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/docker.html
[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config
[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables
[examples]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/
[examples/multi]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/multi
[examples/security]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/security
[gke]: https://cloud.google.com/kubernetes-engine
[helm]: https://helm.sh
[helm/charts stable]: https://github.com/helm/charts/tree/master/stable/elasticsearch/
[how to install plugins guide]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/README.md#how-to-install-plugins
[how to use the keystore]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/README.md#how-to-use-the-keystore
[http.port]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-http.html#_settings
[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images
[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret
[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/
[java options]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/jvm-options.html
[jvm heap size]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/heap-size.html
[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
[kind]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/kubernetes-kind
[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/
[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
[lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
[loadBalancer annotations]: https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws
[loadBalancer externalTrafficPolicy]: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
[loadBalancer]: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
[maxUnavailable]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
[migration guide]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/migration/README.md
[minikube]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/minikube
[microk8s]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/microk8s
[multi]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/multi/
[network.host elasticsearch setting]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/network.host.html
[node affinity settings]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature
[node-certificates]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/configuring-tls.html#node-certificates
[nodePort]: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport
[nodes types]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-node.html
[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
[openshift]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/openshift
[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
[roles]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-node.html
[secret]: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets
[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
[service types]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
[snapshot lifecycle management]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/snapshot-lifecycle-management.html
[snapshot plugin]: https://www.elastic.co/guide/en/elasticsearch/plugins/7.16/repository.html
[snapshot repository]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-snapshots.html
[supported configurations]: https://github.com/elastic/helm-charts/tree/7.16/README.md#supported-configurations
[sysctl vm.max_map_count]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/vm-max-map-count.html#vm-max-map-count
[terminationGracePeriod]: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
[transport port configuration]: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/modules-transport.html#_transport_settings
[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/
[values.yaml]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/values.yaml
[volumeClaimTemplate for statefulsets]: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage

21
dependency_charts/elasticsearch/examples/config/Makefile
View File

@@ -1,21 +0,0 @@
default: test
include ../../../helpers/examples.mk
RELEASE := helm-es-config
TIMEOUT := 1200s
install:
helm upgrade --wait --timeout=$(TIMEOUT) --install --values values.yaml $(RELEASE) ../../
secrets:
kubectl delete secret elastic-config-credentials elastic-config-secret elastic-config-slack elastic-config-custom-path || true
kubectl create secret generic elastic-config-credentials --from-literal=password=changeme --from-literal=username=elastic
kubectl create secret generic elastic-config-slack --from-literal=xpack.notification.slack.account.monitoring.secure_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd'
kubectl create secret generic elastic-config-secret --from-file=xpack.watcher.encryption_key=./watcher_encryption_key
kubectl create secret generic elastic-config-custom-path --from-literal=slack_url='https://hooks.slack.com/services/asdasdasd/asdasdas/asdasd' --from-literal=thing_i_don_tcare_about=test
test: secrets install goss
purge:
helm del $(RELEASE)

27
dependency_charts/elasticsearch/examples/config/README.md
View File

@@ -1,27 +0,0 @@
# Config
This example deploy a single node Elasticsearch 7.16.2 with authentication and
custom [values][].
## Usage
* Create the required secrets: `make secrets`
* Deploy Elasticsearch chart with the default values: `make install`
* You can now setup a port forward to query Elasticsearch API:
```
kubectl port-forward svc/config-master 9200
curl -u elastic:changeme http://localhost:9200/_cat/indices
```
## Testing
You can also run [goss integration tests][] using `make test`
[goss integration tests]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/config/test/goss.yaml
[values]: https://github.com/elastic/helm-charts/tree/7.16/elasticsearch/examples/config/values.yaml

29
dependency_charts/elasticsearch/examples/config/test/goss.yaml
View File

@@ -1,29 +0,0 @@
http:
http://localhost:9200/_cluster/health:
status: 200
timeout: 2000
username: elastic
password: "{{ .Env.ELASTIC_PASSWORD }}"
body:
- "green"
- '"number_of_nodes":1'
- '"number_of_data_nodes":1'
http://localhost:9200:
status: 200
timeout: 2000
username: elastic
password: "{{ .Env.ELASTIC_PASSWORD }}"
body:
- '"cluster_name" : "config"'
- "You Know, for Search"
command:
"elasticsearch-keystore list":
exit-status: 0
stdout:
- keystore.seed
- bootstrap.password
- xpack.notification.slack.account.monitoring.secure_url
- xpack.notification.slack.account.otheraccount.secure_url
- xpack.watcher.encryption_key

Some files were not shown because too many files have changed in this diff Show More