-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor Feast Helm charts for better end user install experience #533
Refactor Feast Helm charts for better end user install experience #533
Conversation
1. Use --spring.config.additional-location to specify Spring application config so the default application.yaml bundled in the jar can be used, and users only need to override required config. This is to prevent chart users being overwhelmed by the amount of config to set. 2. Use less templating, if else, and functions in configmap.yaml in Feast charts. Instead set a reasonable default and allow users to override in application-override.yaml. This makes it easier to manage when application.yaml structure changes and documentation for application.yaml can be delegated to: https://github.com/gojek/feast/blob/master/core/src/main/resources/application.yml https://github.com/gojek/feast/blob/master/serving/src/main/resources/application.yml 3. Remove double nesting of charts. Previously, Postgresql and Kafka subcharts are bundled in Feast Core suchart. Now all 3 subcharts are sibling charts. This reduces coupling between charts and it's easier to configure chart values one at a time than one big values yaml. Also, documentation for third party subcharts can be delegated to the original authors. 4. Use helm-docs to generate README for Feast charts so the documentation is reproducible and easier to keep up to date when values.yaml changes. It is also easier to follow best practices when writing values.yaml. https://github.com/norwoodj/helm-docs 5. Add prometheus and grafana charts to support out of the box metrics collector and visualization when users install Feast with this chart. 6. Add tests for users to verify installation: 7. Add examples to install Feast with 3 different profiles: - online serving only with direct runner - online and batch serving with DirectRunner - online and batch serving with DataflowRunner
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: davidheryanto The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
97eff54
to
1f2ec65
Compare
1f2ec65
to
cf26d16
Compare
dbeea3b
to
d26b1dc
Compare
helm-docs look for it in repo root folder
f6c796d
to
9148ad0
Compare
Incorrectly swapped resources requests and limit
9148ad0
to
2a728db
Compare
/retest |
Some of this is really great, the different configuration locations and documentation around it is a mess. However, this PR introduces a lot of breaking changes without workarounds.
Additional spring configs are already supported through profiles which can be toggled on and off. This PR forces all the additional files with hard-coded contents are used. If you want to use the default, you should use something like this instead of - - "--spring.config.location=file:{{ .Values.springConfigMountPath }}/"
+ - "--spring.config.location=classpath:/application.yaml,file:{{ .Values.springConfigMountPath }}/" This will continue to allow profiles and the files to be used. For example, an additional use-case is to provide a custom profile with complete database settings that point to a managed service.
Setting defaults for non-deployed services is undesirable and leaves confusion over what needs to be overridden and what will take precedence.
I believe part of the reason for this is to check wither the dependencies are enabled and get access to their configuration. Using siblings makes assumptions about configuration and does not allow you to check which are enabled. Other observations:
Server port is hardcoded.
Overall, I think this PR makes an assumption that the Feast chart will deploy all dependant services and tightens the coupling. This is very unlikely to be the case for [shared or managed] services like Kafka and Postgres. |
Hi @Yanson thanks for the feedback. My main motivation for updating the Helm chart is to simplify the installation steps (may be at the expense of less configurability, and a few breaking changes) so it is easier for users to get started. And to consolidate the documentation so there is mostly one source of truth (for example rather than documenting
Maybe I'm missing something but I don't see how this PR forces the additional files with hard-coded contents. This PR provides user with one and only way to override config, via However, some of the defaults are modified so it suits Helm installation better. For instance the default So this chart modifies the default configuration (which is usually not valid anyway for Feast installation in Kube cluster), so it supports the most minimal installation option. Users can and are advised to override this default via I understand that this Helm chart now disables the use of providing configuration via Spring profiles. But again my reasoning is to simplify configuration so users only use one With profiles support, users need to somewhat process how these profiles are eventually gonna end up in the final config. And whether the configuration provided via profiles or those provided via Is using (perhaps multiple) profiles compared to a single application yaml is a better practice and preferred approach? If yes, we should add again the profiles support.
I think this depend on the application. For Feast Core e.g dependencies on Kafka and Postgresql service is required. The default is to faciliate easier installation if user is to install these dependencies using default config. If not, they can set their own setting via
Yes at first, this is what we thought. But after some experiences with using this approach, I feel the subscharts approach, without nesting feels more flexible. For instance, sometimes we want to migrate, backup or update the dependent services e.g. Kafka, Postgres or Redis deployments. With them being a child subcharts of Feast Core and Serving, migrating may involve changes to the parent Feast Core and Serving parent, and may accidentally update Feast Core and Serving (which we do not want esp if they are serving production traffic). With these dependent services being separate subcharts, updates to these are more independent. This seems to be the approach taken by istio too https://github.com/istio/istio/tree/release-1.5/install/kubernetes/helm/istio. Also making these dependent services sibling vs child subcharts, allow us to more easily upgrade their Chart version. With nested approach there may be some dependencies created between the parent and child.
This is to encourage best practice to prevent the setting of plaintext password in the
JAVA_OPTS is a commonly used environment variable used by JVM unless maybe they have changed it? I changed the name from It is specified in env variable versus command to make the command simpler.
I think this use case is quite unusual. Unless users build custom Feast images, but if they do, they can always build it such that the feast jar is at the correct location. I checked other charts in stable repo. Most does not provide this option too: I feel removing options that are rarely useful and used ease the burden of people configuring the installation.
The assumption is true only if users install this chart with the default I'm open to recommendation and fixes. But current PR is biased towards favouring simplicity (in the sense of one single source of truth) over configurability (various ways to provide config in multiple places). But maybe the latter is the preferred one? |
@Yanson I am reviewing this PR now. I want to make sure we address any concerns you have. I much prefer the simplicity that this PR brings, especially because I am working on a refactor as part of #525. It can be hard for us to keep up with maintaining documentation and configuration, as you might have noticed. We're trying to reduce the surface area of configuration as much as possible to decrease the burden on our engineers, while at the same time hopefully providing escape hatches for you to customize it. I still have a few open comments on the discussion Spring Profiles: In the ideal case a user of Feast shouldn't know that Spring is being used at the back. Having this exposed at the Helm level seems unnecessary to me, at least at the level of We also have a PR (#493) from @pmjacinto that adds Kube secrets that map to spring profiles. @davidheryanto, how would you propose we handle those? Would we do something like this?
Coupling: Setting default for services: The implementation here for the It seems like the biggest drawback with @davidheryanto's approach is that if the user is tasked with dumping all of their configuration in an
It would be highly appreciated if you could enumerate any pains that remain, given @davidheryanto's response. |
There is a lot going on in this MR which makes it difficult to discuss the changes as there are multiple threads. I know it's taken me a week to reply but it is high on my agenda so please can we all be on the same page before moving forward. Profiles
What I am referring to is the list of files specified in The profiles approach is incredibly similar to this, only that it lets the non-required files be omitted from the specified configuration. I found it a tidy way to separate concerns without exposing Spring fundamentals it to the user. The additional option to define and use arbitrary profiles is overkill for what I wanted to accomplish. If the same goal can be accomplished (which it can) with DefaultsOne major point of concern here, is there are multiple default values making it difficult to understand what the default is, which needs to be specified and which need to be overrided. 1/ For example, Pre-existing secretsDependency on pre-existing secrets removes some simplicity from the goal of just being able to deploy the chart with defaults. It forces the user into a deployment strategy they might not want (not deploying everything as code). Specifically on Minor points
We create our own image with different conventions which is why I added support for that. You're right we can put it at the "correct" location, according to Feast. So probably not worth the overhead of supporting configuration for this.
I don't mind what it's called as long as the upgrade guide explains that it changed.
This variable needs to be read by something and passed to the Sorry I don't have time to go into any further depth on any point today, but hopefully I've covered most of the points. |
Let me review all of the comments again and see if I can come up with a list of changes we agree to and ones that are outstanding. |
Great. I think its a safe first start that doesn't prevent us from adding more flexible options in the future.
Good catch. Let's use |
…resql.existingSecret, use JAVA_TOOL_OPTIONS instead of JAVA_OPTS - Also adjust CPU request and memory limit for test pods to fit the actual usage
The chart has been updated so it will work with the current Also these modifications that we discuss:
to
|
Thanks, I will see if I can try out this version today or tomorrow to validate it. |
Thanks @davidheryanto, the changes look good. I especially like the level of detail in the README.md One thing that stands out though. Previously we wanted to do this:
This suggestion was so that we didn't have hardcoded application.yml files in the configmaps as well as at the jar path
So basically we just need something like (no kafka, postgres, statsd)
Otherwise the chart is too hardcoded as @Yanson said. I mean it feels like we are stuck between two worlds. Either we define everything in values.yaml and we have to do more work in hardcoding it, or we generate the configuration with templates from variables. |
…d Serving - application.yaml: default application.yaml bundled in the jar - application-generated.yaml: additional config generated by Helm that is valid when the dependencies like Postgres, Kafka and Redis are installed with default config - application-secret.yaml: config to override default and Helm generated config - application-override.yaml: same as application-secret.yaml but config is created as ConfigMap vs Secret and has a higher precendence than application-secret.yaml
…works with latest Kubernetes version
Hi @davidheryanto, thank you for the changes. It's looking very clean now. Just a few minor things to note: Feast CoreOnly items apply to both, see further down. Feast Serving
|
…cret So that deployment will be updated when configmap and secret are updated
Thanks @Yanson for the feedback.
|
Thanks for addressing.
|
@davidheryanto Thanks for being so responsive here. On the topic of expanded charts. I don't find the current points super convincing.
It seems to go against the idea of reduced management for the Feast team if we are expanding the charts.
@Yanson It's funny because I am also running into this problem now. Could this be the issue? I really want to remove GCP specific configuration from charts. I think we should try to limit that to values.yaml examples for each different deployment type. Can we use envOverrides for this parameter for now. I will try to solve this on master. |
Ok I removed the 3rd party charts from the charts folder. |
Thanks @davidheryanto.
Think the following is still pending:
Almost done! |
…cumentation for .Values.gcpProjectId
@woop Oh yes, I forgot to update the |
Thank you @davidheryanto. Really appreciate the effort on this one. I am happy to merge. @Yanson We've probably missed some small details here and there since the surface area of these charts is pretty massive. I think we should get this in and create a new issue if we need any more changes. |
/lgtm |
What this PR does / why we need it:
Use --spring.config.additional-location to specify Spring application config
so the default application.yaml bundled in the jar can be used, and users
only need to override required config. This is to prevent chart users being
overwhelmed by the amount of config to set.
Use less templating, if else, and functions in configmap.yaml in Feast
charts. Instead set a reasonable default and allow users to override
in application-override.yaml. This makes it easier to manage when
application.yaml structure changes and documentation for application.yaml
can be delegated to:
https://github.com/gojek/feast/blob/master/core/src/main/resources/application.yml
https://github.com/gojek/feast/blob/master/serving/src/main/resources/application.yml
Remove double nesting of charts. Previously, Postgresql and Kafka subcharts
are bundled in Feast Core suchart. Now all 3 subcharts are sibling charts.
This reduces coupling between charts and it's easier to configure chart
values one at a time than one big values yaml. Also, documentation for
third party subcharts can be delegated to the original authors.
Use helm-docs to generate README for Feast charts so the documentation
is reproducible and easier to keep up to date when values.yaml changes.
It is also easier to follow best practices when writing values.yaml.
https://github.com/norwoodj/helm-docs
Add prometheus and grafana charts to support out of the box metrics
collector and visualization when users install Feast with this chart.
Add tests for users to verify installation:
Add examples to install Feast with 3 different configurations (from simple to complex):
Which issue(s) this PR fixes:
NONE
Does this PR introduce a user-facing change?:
Yes, the format of Helm values passed during installation has changed, from nested to flatter structure. But in general, the accepted values in each chart are the same.