def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
image_info = layer.docker_resource.get_info('oci-image')
layer.caas_base.pod_spec_set({
'version':
2,
'containers': [{
'name':
'minio',
'args': ['server', '/data'],
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'ports': [{
'name': 'minio',
'containerPort': hookenv.config('port')
}],
'config': {
'MINIO_ACCESS_KEY': hookenv.config('access-key'),
'MINIO_SECRET_KEY': hookenv.config('secret-key'),
},
}],
})
layer.status.maintenance('creating container')
set_flag('charm.started')
def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
image_info = layer.docker_resource.get_info('oci-image')
api = endpoint_from_name('metadata-api').services()[0]
grpc = endpoint_from_name('metadata-grpc').services()[0]
port = hookenv.config('port')
layer.caas_base.pod_spec_set({
'version':
2,
'serviceAccount': {
'rules': [
{
'apiGroups': [''],
'resources': ['pods', 'pods/log'],
'verbs': ['create', 'get', 'list'],
},
{
'apiGroups': ['kubeflow.org'],
'resources': ['viewers'],
'verbs': ['create', 'get', 'list', 'watch', 'delete'],
},
]
},
'containers': [{
'name': 'metadata-ui',
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'ports': [{
'name': 'http',
'containerPort': port
}],
'config': {
'METADATA_SERVICE_SERVICE_HOST': api['service_name'],
'METADATA_SERVICE_SERVICE_PORT': api['hosts'][0]['port'],
'METADATA_ENVOY_SERVICE_SERVICE_HOST': grpc['service_name'],
'METADATA_ENVOY_SERVICE_SERVICE_PORT':
grpc['hosts'][0]['port'],
},
}],
})
layer.status.maintenance('creating container')
set_flag('charm.started')
def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
if not Path('/run/password').exists():
Path('/run/password').write_text(''.join(
choices(ascii_uppercase + digits, k=30)))
image_info = layer.docker_resource.get_info('oci-image')
config = dict(hookenv.config())
layer.caas_base.pod_spec_set({
'version':
2,
'containers': [{
'name':
'minio',
'args': ['server', '/data'],
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'ports': [{
'name': 'minio',
'containerPort': config['port']
}],
'config': {
'MINIO_ACCESS_KEY': config['access-key'],
'MINIO_SECRET_KEY': Path('/run/password').read_text(),
},
}],
})
layer.status.maintenance('creating container')
set_flag('charm.started')
def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
image_info = layer.docker_resource.get_info('oci-image')
model = os.environ['JUJU_MODEL_NAME']
profiles = endpoint_from_name('kubeflow-profiles').services()[0]
profiles_service = profiles['service_name']
port = hookenv.config('port')
profile = hookenv.config('profile')
layer.caas_base.pod_spec_set(
{
'version':
2,
'serviceAccount': {
'global':
True,
'rules': [
{
'apiGroups': [''],
'resources': ['events', 'namespaces', 'nodes'],
'verbs': ['get', 'list', 'watch'],
},
{
'apiGroups': ['', 'app.k8s.io'],
'resources':
['applications', 'pods', 'pods/exec', 'pods/log'],
'verbs': ['get', 'list', 'watch'],
},
{
'apiGroups': [''],
'resources': ['secrets'],
'verbs': ['get']
},
],
},
'containers': [{
'name': 'kubeflow-dashboard',
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'config': {
'USERID_HEADER': 'kubeflow-userid',
'USERID_PREFIX': '',
'PROFILES_KFAM_SERVICE_HOST':
f'{profiles_service}.{model}',
'REGISTRATION_FLOW': hookenv.config('registration-flow'),
},
'ports': [{
'name': 'ui',
'containerPort': port
}],
'kubernetes': {
'livenessProbe': {
'httpGet': {
'path': '/healthz',
'port': 8082
},
'initialDelaySeconds': 30,
'periodSeconds': 30,
}
},
}],
},
{
'kubernetesResources': {
'customResourceDefinitions': {
crd['metadata']['name']: crd['spec']
for crd in yaml.safe_load_all(
Path("files/crds.yaml").read_text())
},
'customResources': {
'profiles.kubeflow.org': [{
'apiVersion': 'kubeflow.org/v1beta1',
'kind': 'Profile',
'metadata': {
'name': profile
},
'spec': {
'owner': {
'kind': 'User',
'name': profile
}
},
}]
},
}
},
)
layer.status.maintenance('creating container')
set_flag('charm.started')
def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
image_info = layer.docker_resource.get_info('oci-image')
service_name = hookenv.service_name()
api = endpoint_from_name('pipelines-api').services()[0]
minio = endpoint_from_name('minio').services()[0]['hosts'][0]
port = hookenv.config('port')
layer.caas_base.pod_spec_set({
'version':
2,
'serviceAccount': {
'rules': [
{
'apiGroups': [''],
'resources': ['pods', 'pods/log'],
'verbs': ['create', 'get', 'list'],
},
{
'apiGroups': ['kubeflow.org'],
'resources': ['viewers'],
'verbs': ['create', 'get', 'list', 'watch', 'delete'],
},
]
},
'service': {
'annotations': {
'getambassador.io/config':
yaml.dump_all([{
'apiVersion': 'ambassador/v0',
'kind': 'Mapping',
'name': 'pipeline-ui',
'prefix': '/pipeline',
'rewrite': '/pipeline',
'service': f'{service_name}:{port}',
'use_websocket': True,
'timeout_ms': 30000,
}])
}
},
'containers': [{
'name': 'pipelines-ui',
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'config': {
'ML_PIPELINE_SERVICE_HOST': api['service_name'],
'ML_PIPELINE_SERVICE_PORT': api['hosts'][0]['port'],
'MINIO_HOST': minio['hostname'],
'MINIO_PORT': minio['port'],
'MINIO_NAMESPACE': os.environ['JUJU_MODEL_NAME'],
'ALLOW_CUSTOM_VISUALIZATIONS': True,
},
'ports': [{
'name': 'ui',
'containerPort': port
}],
}],
})
layer.status.maintenance('creating container')
set_flag('charm.started')
def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
image_info = layer.docker_resource.get_info('oci-image')
mysql = endpoint_from_name('mysql')
try:
minio = endpoint_from_name('minio').mailman3()[0]
except IndexError:
layer.status.blocked('Waiting for minio relation.')
return False
if minio['ip'] is None:
layer.status.blocked("Waiting for full minio relation.")
return False
hookenv.log("DEBUG")
hookenv.log(minio)
grpc_port = hookenv.config('grpc-port')
http_port = hookenv.config('http-port')
config_json = {
'DBConfig': {
'DriverName': 'mysql',
'DataSourceName': mysql.database(),
'Host': mysql.host(),
'Port': mysql.port(),
'User': '******',
'Password': mysql.root_password(),
'DBName': 'mlpipeline',
},
'ObjectStoreConfig': {
'Host': minio['ip'],
'Port': minio['port'],
'AccessKey': minio['user'],
'SecretAccessKey': minio['password'],
'BucketName': hookenv.config('minio-bucket-name'),
'Secure': False,
},
'InitConnectionTimeout': '5s',
"DefaultPipelineRunnerServiceAccount": "pipeline-runner",
}
profiles = endpoint_from_name('kubeflow-profiles')
if profiles and profiles.services():
profiles = profiles.services()[0]['hosts'][0]
config_json["PROFILES_KFAM_SERVICE_HOST"] = profiles['hostname']
config_json["PROFILES_KFAM_SERVICE_PORT"] = profiles['port']
viz = endpoint_from_name('pipelines-visualization')
if viz and viz.services():
viz = viz.services()[0]['hosts'][0]
config_json["ML_PIPELINE_VISUALIZATIONSERVER_SERVICE_HOST"] = viz[
'hostname']
config_json["ML_PIPELINE_VISUALIZATIONSERVER_SERVICE_PORT"] = viz[
'port']
else:
config_json["ML_PIPELINE_VISUALIZATIONSERVER_SERVICE_HOST"] = 'foobar'
config_json["ML_PIPELINE_VISUALIZATIONSERVER_SERVICE_PORT"] = '1234'
layer.caas_base.pod_spec_set(
{
'version':
3,
'serviceAccount': {
'roles': [{
'rules': [
{
'apiGroups': ['argoproj.io'],
'resources': ['workflows'],
'verbs': [
'create',
'get',
'list',
'watch',
'update',
'patch',
'delete',
],
},
{
'apiGroups': ['kubeflow.org'],
'resources': ['scheduledworkflows'],
'verbs': [
'create', 'get', 'list', 'update', 'patch',
'delete'
],
},
{
'apiGroups': [''],
'resources': ['pods'],
'verbs': ['delete']
},
]
}]
},
'containers': [{
'name':
'pipelines-api',
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'ports': [
{
'name': 'grpc',
'containerPort': grpc_port
},
{
'name': 'http',
'containerPort': http_port
},
],
'command': [
'apiserver',
'--config=/config',
'--sampleconfig=/config/sample_config.json',
'-logtostderr=true',
],
'envConfig': {
'POD_NAMESPACE': os.environ['JUJU_MODEL_NAME']
},
'volumeConfig': [
{
'name':
'config',
'mountPath':
'/config',
'files': [
{
'path': 'config.json',
'content': json.dumps(config_json)
},
{
'path':
'sample_config.json',
'content':
Path('files/sample_config.json').read_text(),
},
],
},
{
'name':
'samples',
'mountPath':
'/samples',
'files': [{
'path': Path(sample).name,
'content': Path(sample).read_text()
} for sample in glob('files/*.yaml')],
},
],
}],
},
k8s_resources={
'kubernetesResources': {
'serviceAccounts': [{
'name':
'pipeline-runner',
'roles': [{
'name':
'pipeline-runner',
'rules': [
{
'apiGroups': [''],
'resources': ['secrets'],
'verbs': ['get']
},
{
'apiGroups': [''],
'resources': ['configmaps'],
'verbs': ['get', 'watch', 'list'],
},
{
'apiGroups': [''],
'resources': ['persistentvolumeclaims'],
'verbs': ['create', 'delete', 'get'],
},
{
'apiGroups': ['snapshot.storage.k8s.io'],
'resources': ['volumesnapshots'],
'verbs': ['create', 'delete', 'get'],
},
{
'apiGroups': ['argoproj.io'],
'resources': ['workflows'],
'verbs':
['get', 'list', 'watch', 'update', 'patch'],
},
{
'apiGroups': [''],
'resources':
['pods', 'pods/exec', 'pods/log', 'services'],
'verbs': ['*'],
},
{
'apiGroups': ['', 'apps', 'extensions'],
'resources': ['deployments', 'replicasets'],
'verbs': ['*'],
},
{
'apiGroups': ['kubeflow.org'],
'resources': ['*'],
'verbs': ['*'],
},
{
'apiGroups': ['batch'],
'resources': ['jobs'],
'verbs': ['*']
},
],
}],
}]
}
},
)
layer.status.maintenance('creating container')
clear_flag('mysql.changed')
set_flag('charm.started')
def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
image_info = layer.docker_resource.get_info('oci-image')
service_name = hookenv.service_name()
crd = yaml.load(Path('files/crd-v1beta1.yaml').read_text())
port = hookenv.config('port')
layer.caas_base.pod_spec_set(
{
'version':
2,
'serviceAccount': {
'global':
True,
'rules': [
{
'apiGroups': ['*'],
'resources': ['deployments', 'services'],
'verbs': [
'create', 'get', 'list', 'watch', 'update',
'patch', 'delete'
],
},
{
'apiGroups': ['kubeflow.org'],
'resources': ['viewers'],
'verbs': [
'create', 'get', 'list', 'watch', 'update',
'patch', 'delete'
],
},
],
},
'service': {
'annotations': {
'getambassador.io/config':
yaml.dump_all([{
'apiVersion': 'ambassador/v0',
'kind': 'Mapping',
'name': 'pipelines-viewer',
'prefix': '/data',
'rewrite': '/data',
'service': f'{service_name}:{port}',
'use_websocket': True,
'timeout_ms': 30000,
}])
}
},
'containers': [{
'name': 'pipelines-viewer',
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'config': {
'POD_NAMESPACE': os.environ['JUJU_MODEL_NAME']
},
}],
},
{
'kubernetesResources': {
'customResourceDefinitions': {
crd['metadata']['name']: crd['spec']
}
}
},
)
layer.status.maintenance('creating container')
set_flag('charm.started')
def start_charm():
if not hookenv.is_leader():
hookenv.log("This unit is not a leader.")
return False
layer.status.maintenance('configuring container')
image_info = layer.docker_resource.get_info('oci-image')
api = endpoint_from_name('pipelines-api').services()[0]
try:
minio = endpoint_from_name('minio').mailman3()[0]
except IndexError:
layer.status.blocked('Waiting for minio relation.')
return False
if minio['ip'] is None:
layer.status.blocked("Waiting for full minio relation.")
return False
port = hookenv.config('port')
layer.caas_base.pod_spec_set(
{
'version': 2,
'serviceAccount': {
'rules': [
{
'apiGroups': [''],
'resources': ['pods', 'pods/log'],
'verbs': ['create', 'get', 'list'],
},
{
'apiGroups': ['kubeflow.org'],
'resources': ['viewers'],
'verbs': ['create', 'get', 'list', 'watch', 'delete'],
},
]
},
'containers': [
{
'name': 'pipelines-ui',
'imageDetails': {
'imagePath': image_info.registry_path,
'username': image_info.username,
'password': image_info.password,
},
'config': {
'ML_PIPELINE_SERVICE_HOST': api['service_name'],
'ML_PIPELINE_SERVICE_PORT': api['hosts'][0]['port'],
'MINIO_HOST': minio['ip'],
'MINIO_PORT': minio['port'],
'MINIO_NAMESPACE': os.environ['JUJU_MODEL_NAME'],
'ALLOW_CUSTOM_VISUALIZATIONS': True,
},
'ports': [{'name': 'ui', 'containerPort': port}],
}
],
}
)
layer.status.maintenance('creating container')
set_flag('charm.started')
