diff --git a/charts/kubeflow/Chart.yaml b/charts/kubeflow/Chart.yaml index 9cca2593bc..0a88bcfa15 100644 --- a/charts/kubeflow/Chart.yaml +++ b/charts/kubeflow/Chart.yaml @@ -15,10 +15,13 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.0 +version: 0.2.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. appVersion: "1.8.0" +maintainers: + - name: Kubeflow + url: https://github.com/kromanow94/kubeflow-manifests diff --git a/charts/kubeflow/crds/experiments.kubeflow.org.yaml b/charts/kubeflow/crds/experiments.kubeflow.org.yaml new file mode 100644 index 0000000000..19c162aa54 --- /dev/null +++ b/charts/kubeflow/crds/experiments.kubeflow.org.yaml @@ -0,0 +1,35 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: experiments.kubeflow.org +spec: + group: kubeflow.org + names: + categories: + - all + - kubeflow + - katib + kind: Experiment + plural: experiments + singular: experiment + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[-1:].type + name: Type + type: string + - jsonPath: .status.conditions[-1:].status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} diff --git a/charts/kubeflow/crds/suggestions.kubeflow.org.yaml b/charts/kubeflow/crds/suggestions.kubeflow.org.yaml new file mode 100644 index 0000000000..c6e7dab34c --- /dev/null +++ b/charts/kubeflow/crds/suggestions.kubeflow.org.yaml @@ -0,0 +1,41 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: suggestions.kubeflow.org +spec: + group: kubeflow.org + names: + categories: + - all + - kubeflow + - katib + kind: Suggestion + plural: suggestions + singular: suggestion + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[-1:].type + name: Type + type: string + - jsonPath: .status.conditions[-1:].status + name: Status + type: string + - jsonPath: .spec.requests + name: Requested + type: string + - jsonPath: .status.suggestionCount + name: Assigned + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} diff --git a/charts/kubeflow/crds/trials.kubeflow.org.yaml b/charts/kubeflow/crds/trials.kubeflow.org.yaml new file mode 100644 index 0000000000..cdbf37fdec --- /dev/null +++ b/charts/kubeflow/crds/trials.kubeflow.org.yaml @@ -0,0 +1,35 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: trials.kubeflow.org +spec: + group: kubeflow.org + names: + categories: + - all + - kubeflow + - katib + kind: Trial + plural: trials + singular: trial + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[-1:].type + name: Type + type: string + - jsonPath: .status.conditions[-1:].status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} diff --git a/charts/kubeflow/templates/_helpers/kubeflow.katib.controller.tpl b/charts/kubeflow/templates/_helpers/kubeflow.katib.controller.tpl new file mode 100644 index 0000000000..cb70ec8a3a --- /dev/null +++ b/charts/kubeflow/templates/_helpers/kubeflow.katib.controller.tpl @@ -0,0 +1,332 @@ +{{/* +Kubeflow Katib Controller object names. +*/}} +{{- define "kubeflow.katib.controller.baseName" -}} +{{- printf "katib-controller" }} +{{- end }} + +{{- define "kubeflow.katib.controller.name" -}} +{{- include "kubeflow.component.name" ( + list + (include "kubeflow.katib.controller.baseName" .) + . +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.serviceAccountName" -}} +{{- include "kubeflow.component.serviceAccountName" ( + list + (include "kubeflow.katib.controller.name" .) + .Values.katib.controller.serviceAccount +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.serviceAccountPrincipal" -}} +{{- include "kubeflow.component.serviceAccountPrincipal" ( + list + . + (include "kubeflow.katib.controller.serviceAccountName" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.mainClusterRoleName" -}} +{{- include "kubeflow.katib.controller.name" . }} +{{- end }} + +{{- define "kubeflow.katib.controller.mainClusterRoleBindingName" -}} +{{- include "kubeflow.katib.controller.mainClusterRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.controller.leaderElectionRoleName" -}} +{{- printf "%s-%s-%s" + (include "kubeflow.fullname" .) + (include "kubeflow.katib.controller.name" .) + "leader-election" +}} +{{- end }} + +{{- define "kubeflow.katib.controller.leaderElectionRoleBindingName" -}} +{{- include "kubeflow.katib.controller.leaderElectionRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.controller.kfNbAdminClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-admin" }} +{{- end }} + +{{- define "kubeflow.katib.controller.kfNbEditClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-edit" }} +{{- end }} + +{{- define "kubeflow.katib.controller.kfNbViewClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-view" }} +{{- end }} + +{{- define "kubeflow.katib.controller.configMapName" -}} +{{/* +katib-config ConfigMap name is hardcoded +https://github.com/kubeflow/katib/blob/0e2ba6efc1bc18b1d1d72b90046598a00f02a2c3/pkg/controller.v1beta1/consts/const.go#L109 +https://github.com/kubeflow/katib/blob/0e2ba6efc1bc18b1d1d72b90046598a00f02a2c3/pkg/util/v1beta1/katibconfig/config.go#L164 +{{- printf "%s-%s" (include "kubeflow.katib.controller.name" .) "config" }} +*/}} +{{- printf "katib-config" }} +{{- end }} + +{{/* +Role Aggregation Rule Labels +*/}} +{{- define "kubeflow.katib.controller.kfNbAdminClusterRoleLabel" -}} +{{- include "kubeflow.aggregationRule.labelBase" (include "kubeflow.katib.controller.kfNbAdminClusterRoleName" .) -}} +{{- end }} + +{{/* +Kubeflow Katib Controller Service. +*/}} +{{- define "kubeflow.katib.controller.svc.name" -}} +{{ include "kubeflow.component.svc.name" ( + include "kubeflow.katib.controller.name" . +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.svc.addressWithNs" -}} +{{ include "kubeflow.component.svc.addressWithNs" ( + list + . + (include "kubeflow.katib.controller.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.svc.addressWithSvc" -}} +{{ include "kubeflow.component.svc.addressWithSvc" ( + list + . + (include "kubeflow.katib.controller.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.svc.fqdn" -}} +{{ include "kubeflow.component.svc.fqdn" ( + list + . + (include "kubeflow.katib.controller.name" .) +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller object labels. +*/}} +{{- define "kubeflow.katib.controller.labels" -}} +{{ include "kubeflow.common.labels" . }} +{{ include "kubeflow.component.labels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.controller.name" .) }} +{{- end }} + +{{- define "kubeflow.katib.controller.selectorLabels" -}} +{{ include "kubeflow.common.selectorLabels" . }} +{{ include "kubeflow.component.selectorLabels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.controller.name" .) }} +{{- end }} + +{{/* +Kubeflow Katib Controller container image settings. +*/}} +{{- define "kubeflow.katib.controller.image" -}} +{{ include "kubeflow.component.image" ( + list + .Values.defaults.image + .Values.katib.controller.image +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.imagePullPolicy" -}} +{{ include "kubeflow.component.imagePullPolicy" ( + list + .Values.defaults.image + .Values.katib.controller.image +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller Autoscaling and Availability. +*/}} +{{- define "kubeflow.katib.controller.autoscaling.minReplicas" -}} +{{ include "kubeflow.component.autoscaling.minReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.controller.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.autoscaling.maxReplicas" -}} +{{ include "kubeflow.component.autoscaling.maxReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.controller.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.autoscaling.targetCPUUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetCPUUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.controller.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.autoscaling.targetMemoryUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetMemoryUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.controller.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.pdb.values" -}} +{{- include "kubeflow.component.pdb.values" ( + list + .Values.defaults.podDisruptionBudget + .Values.katib.controller.podDisruptionBudget +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller Security Context. +*/}} +{{- define "kubeflow.katib.controller.containerSecurityContext" -}} +{{ include "kubeflow.component.containerSecurityContext" ( + list + .Values.defaults.containerSecurityContext + .Values.katib.controller.containerSecurityContext +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller Scheduling. +*/}} +{{- define "kubeflow.katib.controller.topologySpreadConstraints" -}} +{{ include "kubeflow.component.topologySpreadConstraints" ( + list + .Values.defaults.topologySpreadConstraints + .Values.katib.controller.topologySpreadConstraints +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.nodeSelector" -}} +{{ include "kubeflow.component.nodeSelector" ( + list + .Values.defaults.nodeSelector + .Values.katib.controller.nodeSelector +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.tolerations" -}} +{{ include "kubeflow.component.tolerations" ( + list + .Values.defaults.tolerations + .Values.katib.controller.tolerations +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.affinity" -}} +{{ include "kubeflow.component.affinity" ( + list + .Values.defaults.affinity + .Values.katib.controller.affinity +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller enable and create toggles. +*/}} +{{- define "kubeflow.katib.controller.enabled" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.enabled" . | eq "true") + .Values.katib.controller.enabled +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.autoscaling.enabled" -}} +{{ include "kubeflow.component.autoscaling.enabled" ( + list + .Values.defaults.autoscaling + .Values.katib.controller.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.rbac.createRoles" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.controller.enabled" . | eq "true") + .Values.katib.controller.rbac.create +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.createServiceAccount" -}} +{{- ternary true "" ( +and + (include "kubeflow.katib.controller.enabled" . | eq "true") + .Values.katib.controller.serviceAccount.create +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.pdb.create" -}} +{{- include "kubeflow.component.pdb.create" ( + list + (include "kubeflow.katib.controller.enabled" .) + .Values.defaults.podDisruptionBudget + .Values.katib.controller.podDisruptionBudget +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller certificate manager. +*/}} +{{- define "kubeflow.katib.controller.enabledWithCertManager" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.controller.enabled" . | eq "true" ) + (include "kubeflow.certManagerIntegration.enabled" . | eq "true" ) +)}} +{{- end }} + +{{- define "kubeflow.katib.controller.certIssuerName" -}} +{{ printf "%s-%s" (include "kubeflow.katib.controller.name" .) "selfsigned-issuer" }} +{{- end }} + +{{- define "kubeflow.katib.controller.tlsCertSecretName" -}} +{{ printf "%s-%s" (include "kubeflow.katib.controller.name" .) "tls-certs" }} +{{- end }} + +{{- define "kubeflow.katib.controller.validatingWebhookName" -}} +{{ printf "%s-%s" (include "kubeflow.katib.controller.name" .) "validating" }} +{{- end }} + +{{- define "kubeflow.katib.controller.mutatingWebhookName" -}} +{{ printf "%s-%s" (include "kubeflow.katib.controller.name" .) "mutating" }} +{{- end }} + +{{- define "kubeflow.katib.controller.certName" -}} +{{ printf "%s-%s" (include "kubeflow.katib.controller.name" .) "cert" }} +{{- end }} + +{{/* +Kubeflow Katib Controller Admission Webhooks. +*/}} +{{- define "kubeflow.katib.controller.webhook.baseName" -}} +{{ printf "katib.kubeflow.org" }} +{{- end }} + +{{- define "kubeflow.katib.controller.mutatingWebhook.name" -}} +{{ printf "%s" (include "kubeflow.katib.controller.webhook.baseName" .) }} +{{- end }} + +{{- define "kubeflow.katib.controller.validatingWebhook.name" -}} +{{ printf "%s" (include "kubeflow.katib.controller.webhook.baseName" .) }} +{{- end }} + +{{/* +{{- define "kubeflow.katib.controller.mutatingWebhook.experimentDefaulter.name" -}} +{{ printf "%s.%s" "defaulter.experiment" (include "kubeflow.katib.controller.mutatingWebhook.name" .) }} +{{- end }} +*/}} + diff --git a/charts/kubeflow/templates/_helpers/kubeflow.katib.dbmanager.tpl b/charts/kubeflow/templates/_helpers/kubeflow.katib.dbmanager.tpl new file mode 100644 index 0000000000..7f796cb7ef --- /dev/null +++ b/charts/kubeflow/templates/_helpers/kubeflow.katib.dbmanager.tpl @@ -0,0 +1,358 @@ +{{/* +Kubeflow Katib dbmanager object names. +*/}} +{{- define "kubeflow.katib.dbmanager.baseName" -}} +{{- printf "katib-db-manager" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.name" -}} +{{- include "kubeflow.component.name" ( + list + (include "kubeflow.katib.dbmanager.baseName" .) + . +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.serviceAccountName" -}} +{{- include "kubeflow.component.serviceAccountName" ( + list + (include "kubeflow.katib.dbmanager.name" .) + .Values.katib.dbmanager.serviceAccount +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.serviceAccountPrincipal" -}} +{{- include "kubeflow.component.serviceAccountPrincipal" ( + list + . + (include "kubeflow.katib.dbmanager.serviceAccountName" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.mainClusterRoleName" -}} +{{- include "kubeflow.katib.dbmanager.name" . }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.mainClusterRoleBindingName" -}} +{{- include "kubeflow.katib.dbmanager.mainClusterRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.leaderElectionRoleName" -}} +{{- printf "%s-%s-%s" + (include "kubeflow.fullname" .) + (include "kubeflow.katib.dbmanager.name" .) + "leader-election" +}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.leaderElectionRoleBindingName" -}} +{{- include "kubeflow.katib.dbmanager.leaderElectionRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.kfNbAdminClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-admin" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.kfNbEditClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-edit" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.kfNbViewClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-view" }} +{{- end }} + +{{/* +Role Aggregation Rule Labels +*/}} +{{- define "kubeflow.katib.dbmanager.kfNbAdminClusterRoleLabel" -}} +{{- include "kubeflow.aggregationRule.labelBase" (include "kubeflow.katib.dbmanager.kfNbAdminClusterRoleName" .) -}} +{{- end }} + +{{/* +Kubeflow Katib dbmanager Service. +*/}} +{{- define "kubeflow.katib.dbmanager.svc.name" -}} +{{ include "kubeflow.component.svc.name" ( + include "kubeflow.katib.dbmanager.name" . +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.svc.addressWithNs" -}} +{{ include "kubeflow.component.svc.addressWithNs" ( + list + . + (include "kubeflow.katib.dbmanager.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.svc.addressWithSvc" -}} +{{ include "kubeflow.component.svc.addressWithSvc" ( + list + . + (include "kubeflow.katib.dbmanager.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.svc.fqdn" -}} +{{ include "kubeflow.component.svc.fqdn" ( + list + . + (include "kubeflow.katib.dbmanager.name" .) +)}} +{{- end }} + +{{/* +Kubeflow Katib dbmanager object labels. +*/}} +{{- define "kubeflow.katib.dbmanager.labels" -}} +{{ include "kubeflow.common.labels" . }} +{{ include "kubeflow.component.labels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.dbmanager.name" .) }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.selectorLabels" -}} +{{ include "kubeflow.common.selectorLabels" . }} +{{ include "kubeflow.component.selectorLabels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.dbmanager.name" .) }} +{{- end }} + +{{/* +Kubeflow Katib dbmanager container image settings. +*/}} +{{- define "kubeflow.katib.dbmanager.image" -}} +{{ include "kubeflow.component.image" ( + list + .Values.defaults.image + .Values.katib.dbmanager.image +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.imagePullPolicy" -}} +{{ include "kubeflow.component.imagePullPolicy" ( + list + .Values.defaults.image + .Values.katib.dbmanager.image +)}} +{{- end }} + +{{/* +Kubeflow Katib dbmanager Autoscaling and Availability. +*/}} +{{- define "kubeflow.katib.dbmanager.autoscaling.minReplicas" -}} +{{ include "kubeflow.component.autoscaling.minReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.dbmanager.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.autoscaling.maxReplicas" -}} +{{ include "kubeflow.component.autoscaling.maxReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.dbmanager.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.autoscaling.targetCPUUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetCPUUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.dbmanager.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.autoscaling.targetMemoryUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetMemoryUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.dbmanager.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.pdb.values" -}} +{{- include "kubeflow.component.pdb.values" ( + list + .Values.defaults.podDisruptionBudget + .Values.katib.dbmanager.podDisruptionBudget +)}} +{{- end }} + +{{/* +Kubeflow Katib dbmanager Security Context. +*/}} +{{- define "kubeflow.katib.dbmanager.containerSecurityContext" -}} +{{ include "kubeflow.component.containerSecurityContext" ( + list + .Values.defaults.containerSecurityContext + .Values.katib.dbmanager.containerSecurityContext +)}} +{{- end }} + +{{/* +Kubeflow Katib dbmanager Scheduling. +*/}} +{{- define "kubeflow.katib.dbmanager.topologySpreadConstraints" -}} +{{ include "kubeflow.component.topologySpreadConstraints" ( + list + .Values.defaults.topologySpreadConstraints + .Values.katib.dbmanager.topologySpreadConstraints +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.nodeSelector" -}} +{{ include "kubeflow.component.nodeSelector" ( + list + .Values.defaults.nodeSelector + .Values.katib.dbmanager.nodeSelector +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.tolerations" -}} +{{ include "kubeflow.component.tolerations" ( + list + .Values.defaults.tolerations + .Values.katib.dbmanager.tolerations +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.affinity" -}} +{{ include "kubeflow.component.affinity" ( + list + .Values.defaults.affinity + .Values.katib.dbmanager.affinity +)}} +{{- end }} + +{{/* +Kubeflow Katib dbmanager enable and create toggles. +*/}} +{{- define "kubeflow.katib.dbmanager.enabled" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.enabled" . | eq "true") + .Values.katib.dbmanager.enabled +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.autoscaling.enabled" -}} +{{ include "kubeflow.component.autoscaling.enabled" ( + list + .Values.defaults.autoscaling + .Values.katib.dbmanager.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.rbac.createRoles" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.dbmanager.enabled" . | eq "true") + .Values.katib.dbmanager.rbac.create +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.createServiceAccount" -}} +{{- ternary true "" ( +and + (include "kubeflow.katib.dbmanager.enabled" . | eq "true") + .Values.katib.dbmanager.serviceAccount.create +)}} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.pdb.create" -}} +{{- include "kubeflow.component.pdb.create" ( + list + (include "kubeflow.katib.dbmanager.enabled" .) + .Values.defaults.podDisruptionBudget + .Values.katib.dbmanager.podDisruptionBudget +)}} +{{- end }} + +{{/* +Environment names for database config. +*/}} +{{/* +FYI, This env var is actually the driver +*/}} +{{- define "kubeflow.katib.dbmanager.config.db.driver.env.name" -}} +{{- "DB_NAME" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.host.env.name" -}} +{{- "KATIB_MYSQL_DB_HOST" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.port.env.name" -}} +{{- "KATIB_MYSQL_DB_PORT" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.databaseName.env.name" -}} +{{- "KATIB_MYSQL_DB_DATABASE" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.user.env.name" -}} +{{- "DB_USER" }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.password.env.name" -}} +{{- "DB_PASSWORD" }} +{{- end }} + +{{/* +Environment Entries parametrization for database configuration with plaintext +value or through Secrets. +*/}} + +{{- define "kubeflow.katib.dbmanager.config.db.driver.env.spec" -}} +{{- include "kubeflow.component.env.spec" ( + list + (include "kubeflow.katib.dbmanager.config.db.driver.env.name" . ) + .Values.katib.dbmanager.config.db.existingSecretName + .Values.katib.dbmanager.config.db.driver +) }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.host.env.spec" -}} +{{- include "kubeflow.component.env.spec" ( + list + (include "kubeflow.katib.dbmanager.config.db.host.env.name" . ) + .Values.katib.dbmanager.config.db.existingSecretName + .Values.katib.dbmanager.config.db.host +) }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.port.env.spec" -}} +{{- include "kubeflow.component.env.spec" ( + list + (include "kubeflow.katib.dbmanager.config.db.port.env.name" . ) + .Values.katib.dbmanager.config.db.existingSecretName + .Values.katib.dbmanager.config.db.port +) }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.databaseName.env.spec" -}} +{{- include "kubeflow.component.env.spec" ( + list + (include "kubeflow.katib.dbmanager.config.db.databaseName.env.name" . ) + .Values.katib.dbmanager.config.db.existingSecretName + .Values.katib.dbmanager.config.db.databaseName +) }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.user.env.spec" -}} +{{- include "kubeflow.component.env.spec" ( + list + (include "kubeflow.katib.dbmanager.config.db.user.env.name" . ) + .Values.katib.dbmanager.config.db.existingSecretName + .Values.katib.dbmanager.config.db.user +) }} +{{- end }} + +{{- define "kubeflow.katib.dbmanager.config.db.password.env.spec" -}} +{{- include "kubeflow.component.env.spec" ( + list + (include "kubeflow.katib.dbmanager.config.db.password.env.name" . ) + .Values.katib.dbmanager.config.db.existingSecretName + .Values.katib.dbmanager.config.db.password +) }} +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/_helpers/kubeflow.katib.tpl b/charts/kubeflow/templates/_helpers/kubeflow.katib.tpl new file mode 100644 index 0000000000..7bb0d8f511 --- /dev/null +++ b/charts/kubeflow/templates/_helpers/kubeflow.katib.tpl @@ -0,0 +1,265 @@ +{{/* +Kubeflow Katib Controller object names. +*/}} +{{- define "kubeflow.katib.baseName" -}} +{{- printf "katib" }} +{{- end }} + +{{- define "kubeflow.katib.name" -}} +{{- include "kubeflow.component.name" ( + list + (include "kubeflow.katib.baseName" .) + . +)}} +{{- end }} + +{{- define "kubeflow.katib.serviceAccountName" -}} +{{- include "kubeflow.component.serviceAccountName" ( + list + (include "kubeflow.katib.name" .) + .Values.katib.serviceAccount +)}} +{{- end }} + +{{- define "kubeflow.katib.serviceAccountPrincipal" -}} +{{- include "kubeflow.component.serviceAccountPrincipal" ( + list + . + (include "kubeflow.katib.serviceAccountName" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.mainClusterRoleName" -}} +{{- include "kubeflow.katib.name" . }} +{{- end }} + +{{- define "kubeflow.katib.mainClusterRoleBindingName" -}} +{{- include "kubeflow.katib.mainClusterRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.leaderElectionRoleName" -}} +{{- printf "%s-%s-%s" + (include "kubeflow.fullname" .) + (include "kubeflow.katib.name" .) + "leader-election" +}} +{{- end }} + +{{- define "kubeflow.katib.leaderElectionRoleBindingName" -}} +{{- include "kubeflow.katib.leaderElectionRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.adminClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-admin" }} +{{- end }} + +{{- define "kubeflow.katib.editClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-edit" }} +{{- end }} + +{{- define "kubeflow.katib.viewClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-view" }} +{{- end }} + +{{/* +Role Aggregation Rule Labels +*/}} +{{- define "kubeflow.katib.adminClusterRoleLabel" -}} +{{- include "kubeflow.aggregationRule.labelBase" (include "kubeflow.katib.adminClusterRoleName" .) -}} +{{- end }} + +{{/* +Kubeflow Katib Controller Service. +*/}} +{{- define "kubeflow.katib.svc.name" -}} +{{ include "kubeflow.component.svc.name" ( + include "kubeflow.katib.name" . +)}} +{{- end }} + +{{- define "kubeflow.katib.svc.addressWithNs" -}} +{{ include "kubeflow.component.svc.addressWithNs" ( + list + . + (include "kubeflow.katib.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.svc.addressWithSvc" -}} +{{ include "kubeflow.component.svc.addressWithSvc" ( + list + . + (include "kubeflow.katib.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.svc.fqdn" -}} +{{ include "kubeflow.component.svc.fqdn" ( + list + . + (include "kubeflow.katib.name" .) +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller object labels. +*/}} +{{- define "kubeflow.katib.labels" -}} +{{ include "kubeflow.common.labels" . }} +{{ include "kubeflow.component.labels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.name" .) }} +{{- end }} + +{{- define "kubeflow.katib.selectorLabels" -}} +{{ include "kubeflow.common.selectorLabels" . }} +{{ include "kubeflow.component.selectorLabels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.name" .) }} +{{- end }} + +{{/* +Kubeflow Katib Controller container image settings. +*/}} +{{- define "kubeflow.katib.image" -}} +{{ include "kubeflow.component.image" ( + list + .Values.defaults.image + .Values.katib.image +)}} +{{- end }} + +{{- define "kubeflow.katib.imagePullPolicy" -}} +{{ include "kubeflow.component.imagePullPolicy" ( + list + .Values.defaults.image + .Values.katib.image +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller Autoscaling and Availability. +*/}} +{{- define "kubeflow.katib.autoscaling.minReplicas" -}} +{{ include "kubeflow.component.autoscaling.minReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.autoscaling.maxReplicas" -}} +{{ include "kubeflow.component.autoscaling.maxReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.autoscaling.targetCPUUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetCPUUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.autoscaling.targetMemoryUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetMemoryUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.pdb.values" -}} +{{- include "kubeflow.component.pdb.values" ( + list + .Values.defaults.podDisruptionBudget + .Values.katib.podDisruptionBudget +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller Security Context. +*/}} +{{- define "kubeflow.katib.containerSecurityContext" -}} +{{ include "kubeflow.component.containerSecurityContext" ( + list + .Values.defaults.containerSecurityContext + .Values.katib.containerSecurityContext +)}} +{{- end }} + +{{/* +Kubeflow Katib Controller Scheduling. +*/}} +{{- define "kubeflow.katib.topologySpreadConstraints" -}} +{{ include "kubeflow.component.topologySpreadConstraints" ( + list + .Values.defaults.topologySpreadConstraints + .Values.katib.topologySpreadConstraints +)}} +{{- end }} + +{{- define "kubeflow.katib.nodeSelector" -}} +{{ include "kubeflow.component.nodeSelector" ( + list + .Values.defaults.nodeSelector + .Values.katib.nodeSelector +)}} +{{- end }} + +{{- define "kubeflow.katib.tolerations" -}} +{{ include "kubeflow.component.tolerations" ( + list + .Values.defaults.tolerations + .Values.katib.tolerations +)}} +{{- end }} + +{{- define "kubeflow.katib.affinity" -}} +{{ include "kubeflow.component.affinity" ( + list + .Values.defaults.affinity + .Values.katib.affinity +)}} +{{- end }} + +{{/* +Kubeflow Katib enable and create toggles. +*/}} +{{- define "kubeflow.katib.enabled" -}} +{{- ternary true "" .Values.katib.enabled }} +{{- end }} + +{{- define "kubeflow.katib.autoscaling.enabled" -}} +{{ include "kubeflow.component.autoscaling.enabled" ( + list + .Values.defaults.autoscaling + .Values.katib.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.rbac.createRoles" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.enabled" . | eq "true") + .Values.katib.rbac.create +)}} +{{- end }} + +{{- define "kubeflow.katib.createServiceAccount" -}} +{{- ternary true "" ( +and + (include "kubeflow.katib.enabled" . | eq "true") + .Values.katib.serviceAccount.create +)}} +{{- end }} + +{{- define "kubeflow.katib.pdb.create" -}} +{{- include "kubeflow.component.pdb.create" ( + list + (include "kubeflow.katib.enabled" .) + .Values.defaults.podDisruptionBudget + .Values.katib.podDisruptionBudget +)}} +{{- end }} diff --git a/charts/kubeflow/templates/_helpers/kubeflow.katib.ui.tpl b/charts/kubeflow/templates/_helpers/kubeflow.katib.ui.tpl new file mode 100644 index 0000000000..732a69e3f2 --- /dev/null +++ b/charts/kubeflow/templates/_helpers/kubeflow.katib.ui.tpl @@ -0,0 +1,277 @@ +{{/* +Kubeflow Katib ui object names. +*/}} +{{- define "kubeflow.katib.ui.baseName" -}} +{{- printf "katib-ui" }} +{{- end }} + +{{- define "kubeflow.katib.ui.name" -}} +{{- include "kubeflow.component.name" ( + list + (include "kubeflow.katib.ui.baseName" .) + . +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.serviceAccountName" -}} +{{- include "kubeflow.component.serviceAccountName" ( + list + (include "kubeflow.katib.ui.name" .) + .Values.katib.ui.serviceAccount +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.serviceAccountPrincipal" -}} +{{- include "kubeflow.component.serviceAccountPrincipal" ( + list + . + (include "kubeflow.katib.ui.serviceAccountName" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.mainClusterRoleName" -}} +{{- include "kubeflow.katib.ui.name" . }} +{{- end }} + +{{- define "kubeflow.katib.ui.mainClusterRoleBindingName" -}} +{{- include "kubeflow.katib.ui.mainClusterRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.ui.leaderElectionRoleName" -}} +{{- printf "%s-%s-%s" + (include "kubeflow.fullname" .) + (include "kubeflow.katib.ui.name" .) + "leader-election" +}} +{{- end }} + +{{- define "kubeflow.katib.ui.leaderElectionRoleBindingName" -}} +{{- include "kubeflow.katib.ui.leaderElectionRoleName" . }} +{{- end }} + +{{- define "kubeflow.katib.ui.kfNbAdminClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-admin" }} +{{- end }} + +{{- define "kubeflow.katib.ui.kfNbEditClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-edit" }} +{{- end }} + +{{- define "kubeflow.katib.ui.kfNbViewClusterRoleName" -}} +{{- printf "%s-%s" (include "kubeflow.fullname" .) "katib-view" }} +{{- end }} + +{{/* +Role Aggregation Rule Labels +*/}} +{{- define "kubeflow.katib.ui.kfNbAdminClusterRoleLabel" -}} +{{- include "kubeflow.aggregationRule.labelBase" (include "kubeflow.katib.ui.kfNbAdminClusterRoleName" .) -}} +{{- end }} + +{{/* +Kubeflow Katib ui Service. +*/}} +{{- define "kubeflow.katib.ui.svc.name" -}} +{{ include "kubeflow.component.svc.name" ( + include "kubeflow.katib.ui.name" . +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.svc.addressWithNs" -}} +{{ include "kubeflow.component.svc.addressWithNs" ( + list + . + (include "kubeflow.katib.ui.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.svc.addressWithSvc" -}} +{{ include "kubeflow.component.svc.addressWithSvc" ( + list + . + (include "kubeflow.katib.ui.name" .) +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.svc.fqdn" -}} +{{ include "kubeflow.component.svc.fqdn" ( + list + . + (include "kubeflow.katib.ui.name" .) +)}} +{{- end }} + +{{/* +Kubeflow Katib ui object labels. +*/}} +{{- define "kubeflow.katib.ui.labels" -}} +{{ include "kubeflow.common.labels" . }} +{{ include "kubeflow.component.labels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.ui.name" .) }} +{{- end }} + +{{- define "kubeflow.katib.ui.selectorLabels" -}} +{{ include "kubeflow.common.selectorLabels" . }} +{{ include "kubeflow.component.selectorLabels" (include "kubeflow.katib.name" .) }} +{{ include "kubeflow.component.subcomponent.labels" (include "kubeflow.katib.ui.name" .) }} +{{- end }} + +{{/* +Kubeflow Katib ui container image settings. +*/}} +{{- define "kubeflow.katib.ui.image" -}} +{{ include "kubeflow.component.image" ( + list + .Values.defaults.image + .Values.katib.ui.image +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.imagePullPolicy" -}} +{{ include "kubeflow.component.imagePullPolicy" ( + list + .Values.defaults.image + .Values.katib.ui.image +)}} +{{- end }} + +{{/* +Kubeflow Katib ui Autoscaling and Availability. +*/}} +{{- define "kubeflow.katib.ui.autoscaling.minReplicas" -}} +{{ include "kubeflow.component.autoscaling.minReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.ui.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.autoscaling.maxReplicas" -}} +{{ include "kubeflow.component.autoscaling.maxReplicas" ( + list + .Values.defaults.autoscaling + .Values.katib.ui.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.autoscaling.targetCPUUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetCPUUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.ui.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.autoscaling.targetMemoryUtilizationPercentage" -}} +{{ include "kubeflow.component.autoscaling.targetMemoryUtilizationPercentage" ( + list + .Values.defaults.autoscaling + .Values.katib.ui.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.pdb.values" -}} +{{- include "kubeflow.component.pdb.values" ( + list + .Values.defaults.podDisruptionBudget + .Values.katib.ui.podDisruptionBudget +)}} +{{- end }} + +{{/* +Kubeflow Katib ui Security Context. +*/}} +{{- define "kubeflow.katib.ui.containerSecurityContext" -}} +{{ include "kubeflow.component.containerSecurityContext" ( + list + .Values.defaults.containerSecurityContext + .Values.katib.ui.containerSecurityContext +)}} +{{- end }} + +{{/* +Kubeflow Katib ui Scheduling. +*/}} +{{- define "kubeflow.katib.ui.topologySpreadConstraints" -}} +{{ include "kubeflow.component.topologySpreadConstraints" ( + list + .Values.defaults.topologySpreadConstraints + .Values.katib.ui.topologySpreadConstraints +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.nodeSelector" -}} +{{ include "kubeflow.component.nodeSelector" ( + list + .Values.defaults.nodeSelector + .Values.katib.ui.nodeSelector +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.tolerations" -}} +{{ include "kubeflow.component.tolerations" ( + list + .Values.defaults.tolerations + .Values.katib.ui.tolerations +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.affinity" -}} +{{ include "kubeflow.component.affinity" ( + list + .Values.defaults.affinity + .Values.katib.ui.affinity +)}} +{{- end }} + +{{/* +Kubeflow Katib ui enable and create toggles. +*/}} +{{- define "kubeflow.katib.ui.enabled" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.enabled" . | eq "true") + .Values.katib.ui.enabled +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.autoscaling.enabled" -}} +{{ include "kubeflow.component.autoscaling.enabled" ( + list + .Values.defaults.autoscaling + .Values.katib.ui.autoscaling +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.rbac.createRoles" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.ui.enabled" . | eq "true") + .Values.katib.ui.rbac.create +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.createServiceAccount" -}} +{{- ternary true "" ( +and + (include "kubeflow.katib.ui.enabled" . | eq "true") + .Values.katib.ui.serviceAccount.create +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.pdb.create" -}} +{{- include "kubeflow.component.pdb.create" ( + list + (include "kubeflow.katib.ui.enabled" .) + .Values.defaults.podDisruptionBudget + .Values.katib.ui.podDisruptionBudget +)}} +{{- end }} + +{{- define "kubeflow.katib.ui.createIstioIntegrationObjects" -}} +{{- ternary true "" ( + and + (include "kubeflow.katib.ui.enabled" . | eq "true" ) + .Values.istioIntegration.enabled +)}} +{{- end }} diff --git a/charts/kubeflow/templates/katib/controller/certmanager.certificate.yaml b/charts/kubeflow/templates/katib/controller/certmanager.certificate.yaml new file mode 100644 index 0000000000..1082e03e58 --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/certmanager.certificate.yaml @@ -0,0 +1,22 @@ +{{- if (include "kubeflow.katib.controller.enabledWithCertManager" . )}} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.certName" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + isCA: true + commonName: {{ include "kubeflow.katib.controller.svc.addressWithSvc" . }} + dnsNames: + - {{ include "kubeflow.katib.controller.svc.name" . }} + - {{ include "kubeflow.katib.controller.svc.addressWithNs" . }} + - {{ include "kubeflow.katib.controller.svc.addressWithSvc" . }} + - {{ include "kubeflow.katib.controller.svc.fqdn" . }} + issuerRef: + kind: Issuer + name: {{ include "kubeflow.katib.controller.certIssuerName" . }} + secretName: {{ include "kubeflow.katib.controller.tlsCertSecretName" . }} +{{- end }} diff --git a/charts/kubeflow/templates/katib/controller/certmanager.issuer.yaml b/charts/kubeflow/templates/katib/controller/certmanager.issuer.yaml new file mode 100644 index 0000000000..632966bdf4 --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/certmanager.issuer.yaml @@ -0,0 +1,12 @@ +{{- if (include "kubeflow.katib.controller.enabledWithCertManager" . )}} +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.certIssuerName" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + selfSigned: {} +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/controller/configmap.katib-config.yaml b/charts/kubeflow/templates/katib/controller/configmap.katib-config.yaml new file mode 100644 index 0000000000..cc6b6138e0 --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/configmap.katib-config.yaml @@ -0,0 +1,17 @@ +{{- if (include "kubeflow.katib.enabled" .) -}} + +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.configMapName" . }} + namespace: {{ include "kubeflow.namespace" . }} +data: + katib-config.yaml: | + --- + apiVersion: config.kubeflow.org/v1beta1 + kind: KatibConfig + {{- .Values.katib.config | toYaml | nindent 4 }} + +{{- end }} diff --git a/charts/kubeflow/templates/katib/controller/deployment.yaml b/charts/kubeflow/templates/katib/controller/deployment.yaml new file mode 100644 index 0000000000..c9d322c3b9 --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/deployment.yaml @@ -0,0 +1,80 @@ +{{- if (include "kubeflow.katib.controller.enabled" .) -}} + +{{- $autoscalingEnabled := include "kubeflow.katib.controller.autoscaling.enabled" . -}} +{{- $replicas := include "kubeflow.katib.controller.autoscaling.minReplicas" . -}} + +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + {{- if (eq $autoscalingEnabled "false") }} + replicas: {{ $replicas }} + {{- end }} + + selector: + matchLabels: + {{- include "kubeflow.katib.controller.selectorLabels" . | nindent 6 }} + + template: + metadata: + labels: + {{- include "kubeflow.katib.controller.selectorLabels" . | nindent 8 }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8080" + spec: + containers: + - name: {{ include "kubeflow.katib.controller.baseName" . }} + image: {{ include "kubeflow.katib.controller.image" . }} + command: ["./katib-controller"] + args: + - --katib-config=/katib-config.yaml + ports: + - containerPort: 8443 + name: webhook + protocol: TCP + - containerPort: 8080 + name: metrics + protocol: TCP + - containerPort: 18080 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + livenessProbe: + httpGet: + path: /healthz + port: healthz + env: + - name: KATIB_CORE_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /tmp/cert + name: cert + readOnly: true + - mountPath: /katib-config.yaml + name: katib-config + subPath: katib-config.yaml + readOnly: true + {{- with .Values.katib.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "kubeflow.katib.controller.serviceAccountName" . }} + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: {{ include "kubeflow.katib.controller.tlsCertSecretName" . }} + - name: katib-config + configMap: + name: {{ include "kubeflow.katib.controller.configMapName" . }} +{{- end }} diff --git a/charts/kubeflow/templates/katib/controller/rbac/clusterrole.yaml b/charts/kubeflow/templates/katib/controller/rbac/clusterrole.yaml new file mode 100644 index 0000000000..80c75812cb --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/rbac/clusterrole.yaml @@ -0,0 +1,133 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.mainClusterRoleName" . }} +rules: + - apiGroups: + - "" + resources: + - services + verbs: + - "get" + - "list" + - "watch" + - "create" + - "delete" + - apiGroups: + - "" + resources: + - events + verbs: + - "create" + - "patch" + - "update" + - apiGroups: + - "" + resources: + - serviceaccounts + - persistentvolumes + - persistentvolumeclaims + verbs: + - "get" + - "list" + - "watch" + - "create" + - apiGroups: + - "" + resources: + - namespaces + - configmaps + verbs: + - "get" + - "list" + - "watch" + - apiGroups: + - "" + resources: + - pods + - pods/status + verbs: + - "get" + - apiGroups: + - "" + resources: + - secrets + verbs: + - "get" + - "list" + - "watch" + - "patch" + - apiGroups: + - apps + resources: + - deployments + verbs: + - "get" + - "list" + - "watch" + - "create" + - "delete" + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - "get" + - "create" + - "list" + - "watch" + - apiGroups: + - batch + resources: + - jobs + - cronjobs + verbs: + - "get" + - "list" + - "watch" + - "create" + - "delete" + - apiGroups: + - kubeflow.org + resources: + - tfjobs + - pytorchjobs + - mpijobs + - xgboostjobs + - mxjobs + verbs: + - "get" + - "list" + - "watch" + - "create" + - "delete" + - apiGroups: + - kubeflow.org + resources: + - experiments + - experiments/status + - experiments/finalizers + - trials + - trials/status + - trials/finalizers + - suggestions + - suggestions/status + - suggestions/finalizers + verbs: + - "*" + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + - mutatingwebhookconfigurations + verbs: + - "get" + - "watch" + - "list" + - "patch" +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/controller/rbac/clusterrolebinding.yaml b/charts/kubeflow/templates/katib/controller/rbac/clusterrolebinding.yaml new file mode 100644 index 0000000000..7603b5e267 --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/rbac/clusterrolebinding.yaml @@ -0,0 +1,18 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.mainClusterRoleBindingName" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "kubeflow.katib.controller.mainClusterRoleName" . }} +subjects: +- kind: ServiceAccount + name: {{ include "kubeflow.katib.controller.serviceAccountName" . }} + namespace: {{ include "kubeflow.namespace" . }} + +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/controller/rbac/serviceaccount.yaml b/charts/kubeflow/templates/katib/controller/rbac/serviceaccount.yaml new file mode 100644 index 0000000000..0aac5e86b7 --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/rbac/serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +{{- if (include "kubeflow.katib.controller.createServiceAccount" . | eq "true") -}} + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + {{- with .Values.katib.controller.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4}} + {{- end }} + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.serviceAccountName" . }} + namespace: {{ include "kubeflow.namespace" . }} + +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/controller/service.yaml b/charts/kubeflow/templates/katib/controller/service.yaml new file mode 100644 index 0000000000..422d4a92ce --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/service.yaml @@ -0,0 +1,30 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +{{- if (include "kubeflow.katib.controller.enabled" . | eq "true") -}} +--- +apiVersion: v1 +kind: Service +metadata: + {{- with .Values.katib.controller.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.svc.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 8443 + name: webhook + - name: metrics + port: 8080 + targetPort: 8080 + - name: healthz + port: 18080 + targetPort: 18080 + selector: + {{- include "kubeflow.katib.controller.selectorLabels" . | nindent 4 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/controller/trial-templates.yaml b/charts/kubeflow/templates/katib/controller/trial-templates.yaml new file mode 100644 index 0000000000..021f1a8aaa --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/trial-templates.yaml @@ -0,0 +1,114 @@ +{{- if (include "kubeflow.katib.enabled" .) -}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: trial-templates + namespace: kubeflow + labels: + katib.kubeflow.org/component: trial-templates +data: + defaultTrialTemplate.yaml: |- + apiVersion: batch/v1 + kind: Job + spec: + template: + metadata: + labels: + sidecar.istio.io/inject: 'false' + spec: + containers: + - name: training-container + image: busybox + env: + - name: TEST_PARAM1 + value: "${trialParameters.test1}" + - name: TEST_PARAM2 + value: "${trialParameters.test2}" + - name: TEST_PARAM3 + value: "${trialParameters.test3}" + command: + - sh + - -c + args: + - | + sleep 10 + env + accuracy=1 + restartPolicy: Never + defaultTrialTemplate2.yaml: |- + apiVersion: batch/v1 + kind: Job + spec: + template: + metadata: + labels: + sidecar.istio.io/inject: 'false' + spec: + containers: + - name: training-container + image: docker.io/kubeflowkatib/mxnet-mnist:v0.16.0 + command: + - "python3" + - "/opt/mxnet-mnist/mnist.py" + - "--batch-size=64" + - "--lr=${trialParameters.learningRate}" + - "--num-layers=${trialParameters.numberLayers}" + - "--optimizer=${trialParameters.optimizer}" + restartPolicy: Never + # For ConfigMap templates double quotes must set in commands to correct parse JSON parameters in Trial Template (e.g nn_config, architecture) + enasCPUTemplate: |- + apiVersion: batch/v1 + kind: Job + spec: + template: + metadata: + labels: + sidecar.istio.io/inject: 'false' + spec: + containers: + - name: training-container + image: docker.io/kubeflowkatib/enas-cnn-cifar10-cpu:v0.16.0 + command: + - python3 + - -u + - RunTrial.py + - --num_epochs=1 + - "--architecture=\"${trialParameters.neuralNetworkArchitecture}\"" + - "--nn_config=\"${trialParameters.neuralNetworkConfig}\"" + restartPolicy: Never + pytorchJobTemplate: |- + apiVersion: kubeflow.org/v1 + kind: PyTorchJob + spec: + pytorchReplicaSpecs: + Master: + replicas: 1 + restartPolicy: OnFailure + template: + spec: + containers: + - name: pytorch + image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.16.0 + command: + - "python3" + - "/opt/pytorch-mnist/mnist.py" + - "--epochs=1" + - "--lr=${trialParameters.learningRate}" + - "--momentum=${trialParameters.momentum}" + Worker: + replicas: 2 + restartPolicy: OnFailure + template: + spec: + containers: + - name: pytorch + image: docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.16.0 + command: + - "python3" + - "/opt/pytorch-mnist/mnist.py" + - "--epochs=1" + - "--lr=${trialParameters.learningRate}" + - "--momentum=${trialParameters.momentum}" + +{{- end }} diff --git a/charts/kubeflow/templates/katib/controller/webhook.mutating.yaml b/charts/kubeflow/templates/katib/controller/webhook.mutating.yaml new file mode 100644 index 0000000000..4150881376 --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/webhook.mutating.yaml @@ -0,0 +1,67 @@ +{{- if (include "kubeflow.katib.controller.enabled" .) -}} + +{{- $ca := printf "%s/%s" + (include "kubeflow.namespace" .) + (include "kubeflow.katib.controller.certName" .) +-}} + +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: {{ $ca }} + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.mutatingWebhook.name" . }} +webhooks: + - name: defaulter.experiment.katib.kubeflow.org + clientConfig: + service: + name: {{ include "kubeflow.katib.controller.svc.name" .}} + namespace: {{ include "kubeflow.namespace" . }} + path: /mutate-experiment + sideEffects: None + admissionReviewVersions: + - v1 + rules: + - apiGroups: + - kubeflow.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - experiments + - name: mutator.pod.katib.kubeflow.org + clientConfig: + service: + name: {{ include "kubeflow.katib.controller.svc.name" .}} + namespace: {{ include "kubeflow.namespace" . }} + path: /mutate-pod + sideEffects: None + admissionReviewVersions: + - v1 + namespaceSelector: + matchLabels: + katib.kubeflow.org/metrics-collector-injection: enabled + # Once the AdmissionWebhookMatchConditions feature gate is enabled by default, we should switch to control based on userInfo. + # REF: + # - AdmissionWebhookMatchConditions: https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-matchconditions + # - Tracking issue: https://github.com/kubeflow/katib/issues/2206 + objectSelector: + matchExpressions: + - key: katib.kubeflow.org/metrics-collector-injection + operator: NotIn + values: + - disabled + rules: + - apiGroups: + - "" + apiVersions: + - v1 + operations: + - CREATE + resources: + - pods +{{- end }} diff --git a/charts/kubeflow/templates/katib/controller/webhook.validating.yaml b/charts/kubeflow/templates/katib/controller/webhook.validating.yaml new file mode 100644 index 0000000000..0e319962ae --- /dev/null +++ b/charts/kubeflow/templates/katib/controller/webhook.validating.yaml @@ -0,0 +1,36 @@ +{{- if (include "kubeflow.katib.controller.enabled" .) -}} + +{{- $ca := printf "%s/%s" + (include "kubeflow.namespace" .) + (include "kubeflow.katib.controller.certName" .) +-}} + +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: {{ $ca }} + labels: + {{- include "kubeflow.katib.controller.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.controller.validatingWebhook.name" . }} +webhooks: + - name: validator.experiment.katib.kubeflow.org + clientConfig: + service: + name: {{ include "kubeflow.katib.controller.svc.name" .}} + namespace: {{ include "kubeflow.namespace" . }} + path: /validate-experiment + sideEffects: None + admissionReviewVersions: + - v1 + rules: + - apiGroups: + - kubeflow.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - experiments +{{- end }} diff --git a/charts/kubeflow/templates/katib/db-manager/deployment.yaml b/charts/kubeflow/templates/katib/db-manager/deployment.yaml new file mode 100644 index 0000000000..e51c77ab73 --- /dev/null +++ b/charts/kubeflow/templates/katib/db-manager/deployment.yaml @@ -0,0 +1,56 @@ +{{- if (include "kubeflow.katib.dbmanager.enabled" . | eq "true") -}} + + {{- $autoscalingEnabled := include "kubeflow.katib.dbmanager.autoscaling.enabled" . -}} + {{- $replicas := include "kubeflow.katib.dbmanager.autoscaling.minReplicas" . -}} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "kubeflow.katib.dbmanager.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.dbmanager.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + {{- if (eq $autoscalingEnabled "false") }} + replicas: {{ $replicas }} + {{- end }} + + selector: + matchLabels: + {{- include "kubeflow.katib.dbmanager.selectorLabels" . | nindent 6 }} + + template: + metadata: + labels: + {{- include "kubeflow.katib.dbmanager.selectorLabels" . | nindent 8 }} + {{- with .Values.katib.dbmanager.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + containers: + - name: {{ include "kubeflow.katib.dbmanager.baseName" . }} + image: {{ include "kubeflow.katib.dbmanager.image" . }} # docker.io/kubeflowkatib/katib-db-manager + env: + {{- include "kubeflow.katib.dbmanager.config.db.driver.env.spec" . | nindent 12 }} + {{- include "kubeflow.katib.dbmanager.config.db.host.env.spec" . | nindent 12 }} + {{- include "kubeflow.katib.dbmanager.config.db.port.env.spec" . | nindent 12 }} + {{- include "kubeflow.katib.dbmanager.config.db.databaseName.env.spec" . | nindent 12 }} + {{- include "kubeflow.katib.dbmanager.config.db.user.env.spec" . | nindent 12 }} + {{- include "kubeflow.katib.dbmanager.config.db.password.env.spec" . | nindent 12 }} + command: + - "./katib-db-manager" + ports: + - name: api + containerPort: 6789 + livenessProbe: + grpc: + port: 6789 + initialDelaySeconds: 10 + periodSeconds: 60 + failureThreshold: 5 + {{- with .Values.katib.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/kubeflow/templates/katib/db-manager/service.yaml b/charts/kubeflow/templates/katib/db-manager/service.yaml new file mode 100644 index 0000000000..61c101d994 --- /dev/null +++ b/charts/kubeflow/templates/katib/db-manager/service.yaml @@ -0,0 +1,24 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +{{- if (include "kubeflow.katib.dbmanager.enabled" . | eq "true") -}} +--- +apiVersion: v1 +kind: Service +metadata: + {{- with .Values.katib.dbmanager.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "kubeflow.katib.dbmanager.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.dbmanager.svc.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + type: {{ .Values.katib.dbmanager.service.type }} + ports: + - port: 6789 + protocol: TCP + name: api + selector: + {{- include "kubeflow.katib.dbmanager.selectorLabels" . | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/kubeflow/templates/katib/ui/authorizationpolicy.yaml b/charts/kubeflow/templates/katib/ui/authorizationpolicy.yaml new file mode 100644 index 0000000000..eec5f552cb --- /dev/null +++ b/charts/kubeflow/templates/katib/ui/authorizationpolicy.yaml @@ -0,0 +1,22 @@ +{{- if (include "kubeflow.katib.ui.createIstioIntegrationObjects" .) -}} + +apiVersion: security.istio.io/v1beta1 +kind: AuthorizationPolicy +metadata: + labels: + {{- include "kubeflow.katib.ui.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.ui.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + selector: + matchLabels: + {{- include "kubeflow.katib.ui.selectorLabels" . | nindent 6 }} + rules: + - from: + - source: + namespaces: + # in upstream this is directly the istio-ingressgateway service account + # apps/katib/upstream/installs/katib-with-kubeflow/istio-authorizationpolicy.yaml + - {{ .Values.istioIntegration.ingressGatewayNamespace }} + +{{- end }} diff --git a/charts/kubeflow/templates/katib/ui/deployment.yaml b/charts/kubeflow/templates/katib/ui/deployment.yaml new file mode 100644 index 0000000000..247aa719b6 --- /dev/null +++ b/charts/kubeflow/templates/katib/ui/deployment.yaml @@ -0,0 +1,52 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +{{- if (include "kubeflow.katib.ui.enabled" . | eq "true") -}} + +{{- $autoscalingEnabled := include "kubeflow.katib.ui.autoscaling.enabled" . -}} +{{- $replicas := include "kubeflow.katib.ui.autoscaling.minReplicas" . -}} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "kubeflow.katib.ui.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.ui.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + {{- if (eq $autoscalingEnabled "false") }} + replicas: {{ $replicas }} + {{- end }} + + selector: + matchLabels: + {{- include "kubeflow.katib.ui.selectorLabels" . | nindent 6 }} + + template: + metadata: + labels: + {{- include "kubeflow.katib.ui.selectorLabels" . | nindent 8 }} + {{- with .Values.katib.ui.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + containers: + - name: {{ include "kubeflow.katib.ui.baseName" . }} + image: {{ include "kubeflow.katib.ui.image" . }} # kubeflowkatib/katib-ui + command: + - "./katib-ui" + args: + - "--port=8080" + env: + - name: KATIB_CORE_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: APP_DISABLE_AUTH + value: 'false' + ports: + - name: ui + containerPort: 8080 + serviceAccountName: {{ include "kubeflow.katib.ui.serviceAccountName" . }} + +{{- end }} +{{- end }} diff --git a/charts/kubeflow/templates/katib/ui/rbac/clusterrole.yaml b/charts/kubeflow/templates/katib/ui/rbac/clusterrole.yaml new file mode 100644 index 0000000000..684b80dae7 --- /dev/null +++ b/charts/kubeflow/templates/katib/ui/rbac/clusterrole.yaml @@ -0,0 +1,44 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + {{- include "kubeflow.katib.ui.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.ui.mainClusterRoleName" . }} +rules: + - apiGroups: + - "" + resources: + - configmaps + - namespaces + verbs: + - "*" + - apiGroups: + - kubeflow.org + resources: + - experiments + - trials + - suggestions + verbs: + - "*" + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - apiGroups: + - "" + resources: + - pods/log + verbs: + - get + # the following only in multi-user mode + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +{{- end }} diff --git a/charts/kubeflow/templates/katib/ui/rbac/clusterrolebinding.yaml b/charts/kubeflow/templates/katib/ui/rbac/clusterrolebinding.yaml new file mode 100644 index 0000000000..03faad7d69 --- /dev/null +++ b/charts/kubeflow/templates/katib/ui/rbac/clusterrolebinding.yaml @@ -0,0 +1,18 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + {{- include "kubeflow.katib.ui.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.ui.mainClusterRoleBindingName" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "kubeflow.katib.ui.mainClusterRoleName" . }} +subjects: +- kind: ServiceAccount + name: {{ include "kubeflow.katib.ui.serviceAccountName" . }} + namespace: {{ include "kubeflow.namespace" . }} + +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/ui/rbac/serviceaccount.yaml b/charts/kubeflow/templates/katib/ui/rbac/serviceaccount.yaml new file mode 100644 index 0000000000..5539ff0465 --- /dev/null +++ b/charts/kubeflow/templates/katib/ui/rbac/serviceaccount.yaml @@ -0,0 +1,16 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +{{- if (include "kubeflow.katib.ui.createServiceAccount" . | eq "true") -}} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + {{- with .Values.katib.ui.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4}} + {{- end }} + labels: + {{- include "kubeflow.katib.ui.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.ui.serviceAccountName" . }} + namespace: {{ include "kubeflow.namespace" . }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/ui/service.yaml b/charts/kubeflow/templates/katib/ui/service.yaml new file mode 100644 index 0000000000..e90780e967 --- /dev/null +++ b/charts/kubeflow/templates/katib/ui/service.yaml @@ -0,0 +1,25 @@ +{{- if (include "kubeflow.katib.enabled" . | eq "true") -}} +{{- if (include "kubeflow.katib.ui.enabled" . | eq "true") -}} +--- +apiVersion: v1 +kind: Service +metadata: + {{- with .Values.katib.ui.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "kubeflow.katib.ui.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.ui.svc.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + type: ClusterIP + ports: + - port: 80 + protocol: TCP + name: ui + targetPort: 8080 + selector: + {{- include "kubeflow.katib.ui.selectorLabels" . | nindent 4 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/kubeflow/templates/katib/ui/virtualservice.yaml b/charts/kubeflow/templates/katib/ui/virtualservice.yaml new file mode 100644 index 0000000000..e55ca46598 --- /dev/null +++ b/charts/kubeflow/templates/katib/ui/virtualservice.yaml @@ -0,0 +1,38 @@ +{{- if (include "kubeflow.katib.ui.createIstioIntegrationObjects" .) -}} + +# apps/katib/upstream/installs/katib-with-kubeflow/ui-virtual-service.yaml + +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + labels: + {{- include "kubeflow.katib.ui.labels" . | nindent 4 }} + name: {{ include "kubeflow.katib.ui.name" . }} + namespace: {{ include "kubeflow.namespace" . }} +spec: + gateways: + - {{ .Values.katib.istioIntegration.gateway.name }} + hosts: + - '*' + http: + - match: + - uri: + prefix: {{ .Values.katib.urlPrefix }} # upstream contains trailing forward slash + rewrite: + uri: {{ .Values.katib.urlPrefix }} # upstream contains trailing forward slash + route: + - destination: + host: {{ include "kubeflow.katib.ui.svc.fqdn" . }} + port: + number: 80 + # maybe we don't need this... + headers: + request: + add: + x-forwarded-prefix: {{ .Values.katib.urlPrefix }} + Tracing-Context: {{ include "kubeflow.katib.ui.baseName" . }} + response: + add: + Tracing-Context: {{ include "kubeflow.katib.ui.baseName" . }} + +{{- end }} diff --git a/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-admin.yaml b/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-admin.yaml new file mode 100644 index 0000000000..6b2c6d1cf3 --- /dev/null +++ b/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-admin.yaml @@ -0,0 +1,11 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "kubeflow.kubeflowRoles.kubeflowAdminRoleLabel" . | nindent 4 }} + name: {{ include "kubeflow.katib.adminClusterRoleName" . }} +aggregationRule: + clusterRoleSelectors: + - matchLabels: + {{- include "kubeflow.katib.adminClusterRoleLabel" . | nindent 8 }} +rules: [] diff --git a/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-edit.yaml b/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-edit.yaml new file mode 100644 index 0000000000..5d0abdb06d --- /dev/null +++ b/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-edit.yaml @@ -0,0 +1,35 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "kubeflow.katib.adminClusterRoleLabel" . | nindent 4 }} + {{- include "kubeflow.kubeflowRoles.kubeflowEditRoleLabel" . | nindent 4 }} + name: {{ include "kubeflow.katib.editClusterRoleName" . }} +rules: + - apiGroups: + - kubeflow.org + resources: + - experiments + - trials + - suggestions + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - apiGroups: + - "" + resources: + - pods/log + verbs: + - get diff --git a/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-view.yaml b/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-view.yaml new file mode 100644 index 0000000000..c82d58f9b4 --- /dev/null +++ b/charts/kubeflow/templates/katib/user-roles/clusterrole.kubeflow-katib-view.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "kubeflow.kubeflowRoles.kubernetesViewRoleLabel" . | nindent 4 }} + name: {{ include "kubeflow.katib.viewClusterRoleName" . }} +rules: + - apiGroups: + - kubeflow.org + resources: + - experiments + - trials + - suggestions + verbs: + - get + - list + - watch diff --git a/charts/kubeflow/templates/pipelines/_notes b/charts/kubeflow/templates/pipelines/_notes.txt similarity index 100% rename from charts/kubeflow/templates/pipelines/_notes rename to charts/kubeflow/templates/pipelines/_notes.txt diff --git a/charts/kubeflow/templates/pipelines/cache/mutatingwebhook.yaml b/charts/kubeflow/templates/pipelines/cache/mutatingwebhook.yaml index 5644e662d0..6c191e5147 100644 --- a/charts/kubeflow/templates/pipelines/cache/mutatingwebhook.yaml +++ b/charts/kubeflow/templates/pipelines/cache/mutatingwebhook.yaml @@ -20,12 +20,12 @@ webhooks: name: {{ include "kubeflow.pipelines.cache.svc.name" .}} namespace: {{ include "kubeflow.namespace" . }} path: "/mutate" - failurePolicy: Ignore rules: - operations: [ "CREATE" ] apiGroups: [""] apiVersions: ["v1"] resources: ["pods"] + failurePolicy: Ignore sideEffects: None timeoutSeconds: 5 objectSelector: @@ -33,4 +33,4 @@ webhooks: {{- include "kubeflow.pipelines.cache.cacheEnabledLabel" . | nindent 8}} admissionReviewVersions: ["v1beta1"] -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/kubeflow/values.yaml b/charts/kubeflow/values.yaml index 63fdc4ff2a..32ecdc2cf3 100644 --- a/charts/kubeflow/values.yaml +++ b/charts/kubeflow/values.yaml @@ -418,7 +418,7 @@ notebooks: # "{notebook-name}" is replaced with the Notebook name name: "{notebook-name}-workspace" spec: - #storageClassName: my-storage-class + # storageClassName: my-storage-class resources: requests: storage: 5Gi @@ -433,7 +433,7 @@ notebooks: # a list of additional data volumes to be created and/or mounted value: [] - #value: + # value: # - mount: /home/jovyan/datavol-1 # newPvc: # metadata: @@ -463,7 +463,7 @@ notebooks: # the list of available affinity configs in the dropdown options: [] - #options: + # options: # - configKey: "dedicated_node_per_notebook" # displayName: "Dedicated Node Per Notebook" # affinity: @@ -502,7 +502,7 @@ notebooks: # the list of available toleration groups in the dropdown options: [] - #options: + # options: # - groupKey: "group_1" # displayName: "4 CPU 8Gb Mem at ~$X.XXX USD per day" # tolerations: @@ -553,7 +553,7 @@ notebooks: # the list of PodDefault names that are selected by default # (take care to ensure these PodDefaults exist in Profile Namespaces) value: [] - #value: + # value: # - my-pod-default ################################################################ @@ -813,6 +813,168 @@ profilesController: app.kubernetes.io/part-of: "kubeflow-profile" extraNamespaceLabels: +katib: + urlPrefix: /katib + enabled: true + controller: + enabled: true + name: katib-controller + image: + repository: kubeflowkatib/katib-controller + registryOverwrite: + tagOverwrite: v0.16.0 + pullPolicyOverwrite: + autoscaling: + # If autoscaling is disabled, replica count for a component is equal to minReplicas. + enabled: + minReplicas: + maxReplicas: + targetCPUUtilizationPercentage: + targetMemoryUtilizationPercentage: + service: + create: true + annotations: + prometheus.io/port: "8080" + prometheus.io/scheme: http + prometheus.io/scrape: "true" + serviceAccount: + create: true + name: + annotations: + dbmanager: + enabled: true + name: katib-db-manager + image: + repository: kubeflowkatib/katib-db-manager + registryOverwrite: + tagOverwrite: v0.16.0 + pullPolicyOverwrite: + autoscaling: + # If autoscaling is disabled, replica count for a component is equal to minReplicas. + enabled: + minReplicas: + maxReplicas: + targetCPUUtilizationPercentage: + targetMemoryUtilizationPercentage: + annotations: + sidecar.istio.io/inject: "false" + service: + create: true + annotations: + type: ClusterIP + config: + db: + existingSecretName: + driver: + value: mysql + secretKeyRef: + name: + key: driver + host: + value: mysql.kubeflow.svc.cluster.local + secretKeyRef: + name: + key: host + port: + value: 3306 + secretKeyRef: + name: + key: port + databaseName: + value: katib + secretKeyRef: + name: + key: databaseName + user: + value: katib + secretKeyRef: + name: + key: username + password: + value: katib1234 + secretKeyRef: + name: + key: password + ui: + enabled: true + name: katib-ui + urlPrefix: /katib + image: + repository: kubeflowkatib/katib-ui + registryOverwrite: + tagOverwrite: v0.16.0 + pullPolicyOverwrite: + serviceAccount: + create: true + name: + annotations: + service: + create: true + annotations: + istioIntegration: + create: true + enabled: true + authorizationMode: ingressgateway + gateway: + name: kubeflow-gateway + config: + init: + controller: + webhookPort: 8443 + trialResources: + - Job.v1.batch + - TFJob.v1.kubeflow.org + - PyTorchJob.v1.kubeflow.org + - MPIJob.v1.kubeflow.org + - XGBoostJob.v1.kubeflow.org + - MXJob.v1.kubeflow.org + runtime: + metricsCollectors: + - kind: StdOut + image: docker.io/kubeflowkatib/file-metrics-collector:v0.16.0 + - kind: File + image: docker.io/kubeflowkatib/file-metrics-collector:v0.16.0 + - kind: TensorFlowEvent + image: docker.io/kubeflowkatib/tfevent-metrics-collector:v0.16.0 + resources: + limits: + memory: 1Gi + suggestions: + - algorithmName: random + image: docker.io/kubeflowkatib/suggestion-hyperopt:v0.16.0 + - algorithmName: tpe + image: docker.io/kubeflowkatib/suggestion-hyperopt:v0.16.0 + - algorithmName: grid + image: docker.io/kubeflowkatib/suggestion-optuna:v0.16.0 + - algorithmName: hyperband + image: docker.io/kubeflowkatib/suggestion-hyperband:v0.16.0 + - algorithmName: bayesianoptimization + image: docker.io/kubeflowkatib/suggestion-skopt:v0.16.0 + - algorithmName: cmaes + image: docker.io/kubeflowkatib/suggestion-goptuna:v0.16.0 + - algorithmName: sobol + image: docker.io/kubeflowkatib/suggestion-goptuna:v0.16.0 + - algorithmName: multivariate-tpe + image: docker.io/kubeflowkatib/suggestion-optuna:v0.16.0 + - algorithmName: enas + image: docker.io/kubeflowkatib/suggestion-enas:v0.16.0 + resources: + limits: + memory: 200Mi + - algorithmName: darts + image: docker.io/kubeflowkatib/suggestion-darts:v0.16.0 + - algorithmName: pbt + image: docker.io/kubeflowkatib/suggestion-pbt:v0.16.0 + persistentVolumeClaimSpec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 5Gi + earlyStoppings: + - algorithmName: medianstop + image: docker.io/kubeflowkatib/earlystopping-medianstop:v0.16.0 + # TODO: verify patches in apps/pipeline/upstream/base/installs/multi-user pipelines: enabled: true @@ -1017,7 +1179,8 @@ pipelines: # --- - mlPipeline: # aka api-server + mlPipeline: + # aka api-server enabled: true image: repository: api-server diff --git a/example/helm/katib-experiment.random.yaml b/example/helm/katib-experiment.random.yaml new file mode 100644 index 0000000000..b1e81382de --- /dev/null +++ b/example/helm/katib-experiment.random.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: kubeflow.org/v1beta1 +kind: Experiment +metadata: + namespace: kubeflow-user-example-com + generateName: random- +spec: + objective: + type: minimize + goal: 0.001 + objectiveMetricName: loss + algorithm: + algorithmName: random + parallelTrialCount: 3 + maxTrialCount: 12 + maxFailedTrialCount: 3 + parameters: + - name: lr + parameterType: double + feasibleSpace: + min: "0.01" + max: "0.05" + - name: momentum + parameterType: double + feasibleSpace: + min: "0.5" + max: "0.9" + trialTemplate: + retain: true + primaryContainerName: training-container + trialParameters: + - name: learningRate + description: Learning rate for the training model + reference: lr + - name: momentum + description: Momentum for the training model + reference: momentum + trialSpec: + apiVersion: batch/v1 + kind: Job + spec: + template: + metadata: + labels: + sidecar.istio.io/inject: 'false' + spec: + containers: + - name: training-container + image: docker.io/kubeflowkatib/pytorch-mnist-cpu:latest + command: + - "python3" + - "/opt/pytorch-mnist/mnist.py" + - "--epochs=1" + - "--batch-size=16" + - "--lr=${trialParameters.learningRate}" + - "--momentum=${trialParameters.momentum}" + resources: + limits: + memory: "1Gi" + # cpu: "0.5" + cpu: "2" + restartPolicy: Never diff --git a/example/helm/values.kubeflow.eks.yaml b/example/helm/values.kubeflow.eks.yaml index ed2927c16f..0608d70e77 100644 --- a/example/helm/values.kubeflow.eks.yaml +++ b/example/helm/values.kubeflow.eks.yaml @@ -26,6 +26,23 @@ pipelines: secretKeyRef: name: mlpipeline-minio-artifact +katib: + dbmanager: + config: + db: + user: + secretKeyRef: + name: db-credentials + key: username + password: + secretKeyRef: + name: db-credentials + key: mysql-root-password + host: + secretKeyRef: + name: db-credentials + key: host + notebooks: jupyterWebApp: spawnerFormDefaults: diff --git a/example/helm/values.kubeflow.yaml b/example/helm/values.kubeflow.yaml index 7810eca4fd..b777a48062 100644 --- a/example/helm/values.kubeflow.yaml +++ b/example/helm/values.kubeflow.yaml @@ -19,6 +19,23 @@ pipelines: secretKeyRef: name: mlpipeline-minio-artifact +katib: + dbmanager: + config: + db: + user: + secretKeyRef: + name: db-credentials + key: username + password: + secretKeyRef: + name: db-credentials + key: mysql-root-password + host: + secretKeyRef: + name: db-credentials + key: host + notebooks: jupyterWebApp: spawnerFormDefaults: diff --git a/example/helm/values.mysql.yaml b/example/helm/values.mysql.yaml index 6d87cb90d8..8e72c91efa 100644 --- a/example/helm/values.mysql.yaml +++ b/example/helm/values.mysql.yaml @@ -4,3 +4,23 @@ auth: existingSecret: db-credentials commonLabels: sidecar.istio.io/inject: "false" + +initdbScripts: + create_katib_database.sh: | + #!/bin/bash + # MySQL login details + MYSQL_PORT="${MYSQL_PORT:-3306}" # Default to port 3306 if not set + MYSQL_ROOT_PASSWORD="${MYSQL_ROOT_PASSWORD}" + KATIB_DB_NAME="${KATIB_DB_NAME:-katib}" # Default to 'katib' if not set + + # Check if the specified database exists + DB_EXISTS=$(mysql -P "${MYSQL_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD}" -e "SHOW DATABASES LIKE '${KATIB_DB_NAME}';" | grep "${KATIB_DB_NAME}" > /dev/null; echo "$?") + + # If the database does not exist, create it + if [ "$DB_EXISTS" -eq 1 ]; then + echo "Database '${KATIB_DB_NAME}' does not exist. Creating..." + mysql -P "${MYSQL_PORT}" -uroot -p"${MYSQL_ROOT_PASSWORD}" -e "CREATE DATABASE ${KATIB_DB_NAME};" + echo "Database '${KATIB_DB_NAME}' created successfully." + else + echo "Database '${KATIB_DB_NAME}' already exists." + fi