-
Notifications
You must be signed in to change notification settings - Fork 674
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add first version of gke-starter values file
Signed-off-by: Cornelis Boon <[email protected]>
- Loading branch information
1 parent
d0245d6
commit 2ab13a2
Showing
1 changed file
with
119 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,119 @@ | ||
| # configuration Specify configuration for Flyte | ||
| configuration: | ||
| # database Specify configuration for Flyte's database connection | ||
| database: | ||
| # username Name for user to connect to database as | ||
| username: postgres | ||
| # password Password to connect to database with | ||
| # If set, a Secret will be created with this value and mounted to Flyte pod | ||
| password: "" | ||
| # host Hostname of database instance | ||
| host: 127.0.0.1 | ||
| # dbname Name of database to use | ||
| dbname: flyteadmin | ||
| # storage Specify configuration for object store | ||
| storage: | ||
| # metadataContainer Bucket to store Flyte metadata | ||
| metadataContainer: "my-organization-flyte-container" | ||
| # userDataContainer Bucket to store Flyte user data | ||
| userDataContainer: "my-organization-flyte-container" | ||
| # provider Object store provider (Supported values: s3, gcs) | ||
| provider: gcs | ||
| # providerConfig Additional object store provider-specific configuration | ||
| providerConfig: | ||
| # gcs Provider configuration for GCS object store | ||
| gcs: | ||
| # project Google Cloud project in which bucket resides | ||
| project: "my-organization-gcp-project" | ||
| # logging Specify configuration for logs emitted by Flyte | ||
| logging: | ||
| # level Set the log level | ||
| level: 5 | ||
| # plugins Specify additional logging plugins | ||
| plugins: | ||
| # stackdriver Configure logging plugin to have logs visible in StackDriver | ||
| stackdriver: | ||
| enabled: true | ||
| templateUri: | | ||
| https://console.cloud.google.com/logs/query;query=resource.labels.pod_name={{.podName}}×tamp>{{.podRFC3339StartTime}} | ||
| # auth Specify configuration for Flyte authentication | ||
| auth: | ||
| # enabled Enable Flyte authentication | ||
| enabled: false | ||
| # oidc OIDC configuration for Flyte authentication | ||
| oidc: | ||
| # baseUrl URL for OIDC provider | ||
| baseUrl: "" | ||
| # clientId Flyte application client ID | ||
| clientId: "" | ||
| # clientSecret Flyte application client secret | ||
| clientSecret: "" | ||
| # internal Configuration for internal authentication | ||
| # The settings for internal still need to be defined if you wish to use an external auth server | ||
| # These credentials are used during communication between the FlyteAdmin and Propeller microservices | ||
| internal: | ||
| # clientId Client ID for internal authentication - set to flytepropeller or external auth server | ||
| clientId: flytepropeller | ||
| # clientSecret Client secret for internal authentication | ||
| clientSecret: "" | ||
| # clientSecretHash Bcrypt hash of clientSecret | ||
| clientSecretHash: "" | ||
| # authorizedUris Set of URIs that clients are allowed to visit the service on | ||
| authorizedUris: [] | ||
|
|
||
| # inline Specify additional configuration or overrides for Flyte, to be merged with the base configuration | ||
| inline: | ||
| #This section automates the IAM Role annotation for the default KSA on each project namespace to enable IRSA | ||
| #Learn more: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html | ||
| cluster_resources: | ||
| customData: | ||
| - production: | ||
| - defaultIamServiceAccount: | ||
| value: <FLYTE_IAM_SA_EMAIL> | ||
| - staging: | ||
| - defaultIamServiceAccount: | ||
| value: <FLYTE_IAM_SA_EMAIL> | ||
| - development: | ||
| - defaultIamServiceAccount: | ||
| value: <FLYTE_IAM_SA_EMAIL> | ||
| plugins: | ||
| k8s: | ||
| inject-finalizer: true | ||
| default-env-vars: | ||
| - AWS_METADATA_SERVICE_TIMEOUT: 5 | ||
| - AWS_METADATA_SERVICE_NUM_ATTEMPTS: 20 | ||
| # Configuration for the Datacatalog engine, used when caching is enabled | ||
| # Learn more: https://docs.flyte.org/en/latest/deployment/configuration/generated/datacatalog_config.html | ||
| storage: | ||
| cache: | ||
| max_size_mbs: 10 | ||
| target_gc_percent: 100 | ||
| tasks: | ||
| task-plugins: | ||
| enabled-plugins: | ||
| - container | ||
| - sidecar | ||
| - K8S-ARRAY #used for MapTasks | ||
| default-for-task-types: | ||
| - container: container | ||
| - container_array: K8S-ARRAY | ||
|
|
||
| # clusterResourceTemplates Specify templates for Kubernetes resources that should be created for new Flyte projects | ||
| clusterResourceTemplates: | ||
| # inline Specify additional cluster resource templates, to be merged with the base configuration | ||
| inline: | ||
| #This section automates the creation of the project-domain namespaces | ||
| 001_namespace.yaml: | | ||
| apiVersion: v1 | ||
| kind: Namespace | ||
| metadata: | ||
| name: '{{ namespace }}' | ||
| # This block performs the automated annotation of KSAs across all project-domain namespaces | ||
| 002_serviceaccount.yaml: | | ||
| apiVersion: v1 | ||
| kind: ServiceAccount | ||
| metadata: | ||
| name: default | ||
| namespace: '{{ namespace }}' | ||
| annotations: | ||
| iam.gke.io/gcp-service-account: '{{ defaultIamServiceAccount }}' |