From 29abc1556b16a7f0467d75bc181bfcd35b69d708 Mon Sep 17 00:00:00 2001 From: Yee Hing Tong Date: Sat, 28 Oct 2023 10:06:32 +0800 Subject: [PATCH 1/4] this effectively reverts 7df67dedde9220fdd792988ddade0465a7d2bca2 which was added so that we could use redis in place of sqs for local testing Signed-off-by: Yee Hing Tong --- charts/flyte-sandbox/Chart.lock | 7 +- charts/flyte-sandbox/Chart.yaml | 4 - charts/flyte-sandbox/values.yaml | 15 - docker/sandbox-bundled/images/manifest.txt | 1 - .../manifests/complete-agent.yaml | 1994 +++++++++++++++++ .../sandbox-bundled/manifests/complete.yaml | 623 +---- docker/sandbox-bundled/manifests/dev.yaml | 623 +---- 7 files changed, 2000 insertions(+), 1267 deletions(-) create mode 100644 docker/sandbox-bundled/manifests/complete-agent.yaml diff --git a/charts/flyte-sandbox/Chart.lock b/charts/flyte-sandbox/Chart.lock index e759b845a7..3b64136d9d 100644 --- a/charts/flyte-sandbox/Chart.lock +++ b/charts/flyte-sandbox/Chart.lock @@ -14,8 +14,5 @@ dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami version: 12.1.9 -- name: redis - repository: https://charts.bitnami.com/bitnami - version: 17.15.6 -digest: sha256:1bcc5f102768a19c19d444b3460dabd0f90847b2d4423134f0ce9c7aa0a256ea -generated: "2023-08-31T16:46:00.478623-07:00" +digest: sha256:e7155e540bbdb98f690eb12e2bd301a19d8b36833336f6991410cb44d8d9bb5e +generated: "2023-10-28T10:05:34.269916+08:00" diff --git a/charts/flyte-sandbox/Chart.yaml b/charts/flyte-sandbox/Chart.yaml index b66a93a0a5..cf60b48492 100644 --- a/charts/flyte-sandbox/Chart.yaml +++ b/charts/flyte-sandbox/Chart.yaml @@ -44,7 +44,3 @@ dependencies: version: 12.1.9 repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled - - name: redis - version: 17.15.6 - repository: https://charts.bitnami.com/bitnami - condition: redis.enabled diff --git a/charts/flyte-sandbox/values.yaml b/charts/flyte-sandbox/values.yaml index be79a69f95..4f272bef01 100644 --- a/charts/flyte-sandbox/values.yaml +++ b/charts/flyte-sandbox/values.yaml @@ -159,21 +159,6 @@ postgresql: tag: sandbox pullPolicy: Never -redis: - enabled: true - image: - tag: sandbox - pullPolicy: Never - auth: - enabled: false - master: - service: - type: NodePort - nodePorts: - redis: 30004 - replica: - replicaCount: 0 - sandbox: # dev Routes requests to an instance of Flyte running locally on a developer's # development environment. This is only usable if the flyte-binary chart is disabled. diff --git a/docker/sandbox-bundled/images/manifest.txt b/docker/sandbox-bundled/images/manifest.txt index d2b127ac89..04fb34627c 100644 --- a/docker/sandbox-bundled/images/manifest.txt +++ b/docker/sandbox-bundled/images/manifest.txt @@ -1,7 +1,6 @@ docker.io/bitnami/bitnami-shell:sandbox=bitnami/bitnami-shell:11-debian-11-r76 docker.io/bitnami/minio:sandbox=bitnami/minio:2023.1.25-debian-11-r0 docker.io/bitnami/postgresql:sandbox=bitnami/postgresql:15.1.0-debian-11-r20 -docker.io/bitnami/redis:sandbox=bitnami/redis:7.2.0-debian-11-r3 docker.io/envoyproxy/envoy:sandbox=envoyproxy/envoy:v1.23-latest docker.io/kubernetesui/dashboard:sandbox=kubernetesui/dashboard:v2.7.0 docker.io/library/registry:sandbox=registry:2.8.1 diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml new file mode 100644 index 0000000000..28026c9c6f --- /dev/null +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -0,0 +1,1994 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox + namespace: flyte +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +--- +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +secrets: +- name: flyte-sandbox-minio +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + name: flyteagent + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +rules: +- apiGroups: + - "" + resourceNames: + - kubernetes-dashboard-key-holder + - kubernetes-dashboard-certs + - kubernetes-dashboard-csrf + resources: + - secrets + verbs: + - get + - update + - delete +- apiGroups: + - "" + resourceNames: + - kubernetes-dashboard-settings + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - "" + resourceNames: + - heapster + - dashboard-metrics-scraper + resources: + - services + verbs: + - proxy +- apiGroups: + - "" + resourceNames: + - heapster + - 'http:heapster:' + - 'https:heapster:' + - dashboard-metrics-scraper + - http:dashboard-metrics-scraper + resources: + - services/proxy + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-cluster-role + namespace: flyte +rules: +- apiGroups: + - "" + resources: + - namespaces + - resourcequotas + - secrets + verbs: + - create + - get + - list + - patch + - update +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - podtemplates + verbs: + - get + - list + - watch +- apiGroups: + - flyte.lyft.com + resources: + - flyteworkflows + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - post + - update + - watch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - get + - list +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - list + - patch + - update +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard-readonly +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - persistentvolumeclaims + - pods + - replicationcontrollers + - replicationcontrollers/scale + - serviceaccounts + - services + - nodes + - persistentvolumeclaims + - persistentvolumes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - bindings + - events + - limitranges + - namespaces/status + - pods/log + - pods/status + - replicationcontrollers/status + - resourcequotas + - resourcequotas/status + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - deployments/scale + - replicasets + - replicasets/scale + - statefulsets + verbs: + - get + - list + - watch +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch +- apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch +- apiGroups: + - extensions + resources: + - daemonsets + - deployments + - deployments/scale + - ingresses + - networkpolicies + - replicasets + - replicasets/scale + - replicationcontrollers/scale + verbs: + - get + - list + - watch +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + - volumeattachments + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - roles + - rolebindings + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: flyte-sandbox-kubernetes-dashboard +subjects: +- kind: ServiceAccount + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-cluster-role-binding + namespace: flyte +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyte-sandbox-cluster-role +subjects: +- kind: ServiceAccount + name: flyte-sandbox + namespace: flyte +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard-readonly +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flyte-sandbox-kubernetes-dashboard-readonly +subjects: +- kind: ServiceAccount + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +--- +apiVersion: v1 +data: + namespace.yaml: | + apiVersion: v1 + kind: Namespace + metadata: + name: '{{ namespace }}' +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-cluster-resource-templates + namespace: flyte +--- +apiVersion: v1 +data: + 000-core.yaml: | + admin: + endpoint: localhost:8089 + insecure: true + catalog-cache: + endpoint: localhost:8081 + insecure: true + type: datacatalog + cluster_resources: + standaloneDeployment: false + templatePath: /etc/flyte/cluster-resource-templates + logger: + show-source: true + level: 5 + propeller: + create-flyteworkflow-crd: true + webhook: + certDir: /var/run/flyte/certs + localCert: true + secretName: flyte-sandbox-webhook-secret + serviceName: flyte-sandbox-webhook + servicePort: 443 + flyte: + admin: + disableClusterResourceManager: false + disableScheduler: false + disabled: false + seedProjects: + - flytesnacks + dataCatalog: + disabled: false + propeller: + disableWebhook: false + disabled: false + 001-plugins.yaml: | + tasks: + task-plugins: + default-for-task-types: + container: container + container_array: k8s-array + sidecar: sidecar + enabled-plugins: + - container + - sidecar + - k8s-array + - agent-service + plugins: + logs: + kubernetes-enabled: true + kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} + cloudwatch-enabled: false + stackdriver-enabled: false + k8s: + co-pilot: + image: "cr.flyte.org/flyteorg/flytecopilot:v1.9.4" + k8s-array: + logs: + config: + kubernetes-enabled: true + kubernetes-template-uri: http://localhost:30080/kubernetes-dashboard/#/log/{{.namespace }}/{{ .podName }}/pod?namespace={{ .namespace }} + cloudwatch-enabled: false + stackdriver-enabled: false + agent-service: + defaultAgent: + defaultTimeout: 10s + endpoint: dns:///flyteagent.flyte.svc.cluster.local:8000 + insecure: true + timeouts: + GetTask: 10s + supportedTaskTypes: + - default_task + 002-database.yaml: | + database: + postgres: + username: postgres + host: flyte-sandbox-postgresql + port: 5432 + dbname: flyte + options: "sslmode=disable" + 003-storage.yaml: | + propeller: + rawoutput-prefix: s3://my-s3-bucket/data + storage: + type: stow + stow: + kind: s3 + config: + region: us-east-1 + disable_ssl: true + v2_signing: true + endpoint: http://flyte-sandbox-minio.flyte:9000 + auth_type: accesskey + container: my-s3-bucket + 100-inline-config.yaml: | + artifacts: + host: artifact-service.flyte.svc.cluster.local + insecure: true + port: 50051 + cloudEvents: + enable: true + redis: + addr: flyte-sandbox-redis-headless.flyte.svc.cluster.local:6379 + transformToCloudEvents: true + type: redis + plugins: + k8s: + default-env-vars: + - FLYTE_AWS_ENDPOINT: http://flyte-sandbox-minio.flyte:9000 + - FLYTE_AWS_ACCESS_KEY_ID: minio + - FLYTE_AWS_SECRET_ACCESS_KEY: miniostorage + storage: + signedURL: + stowConfigOverride: + endpoint: http://localhost:30002 + task_resources: + defaults: + cpu: 500m + ephemeralStorage: 0 + gpu: 0 + memory: 1Gi + limits: + cpu: 0 + ephemeralStorage: 0 + gpu: 0 + memory: 0 +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-config + namespace: flyte +--- +apiVersion: v1 +data: + config.yml: |- + health: + storagedriver: + enabled: true + interval: 10s + threshold: 3 + http: + addr: :5000 + debug: + addr: :5001 + prometheus: + enabled: false + path: /metrics + headers: + X-Content-Type-Options: + - nosniff + log: + fields: + service: registry + storage: + cache: + blobdescriptor: inmemory + version: 0.1 +kind: ConfigMap +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry-config + namespace: flyte +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: flyte-sandbox-extra-cluster-resource-templates + namespace: flyte +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: flyte-sandbox-extra-config + namespace: flyte +--- +apiVersion: v1 +data: + envoy.yaml: | + admin: + access_log_path: /dev/stdout + static_resources: + listeners: + - address: + socket_address: + address: 0.0.0.0 + port_value: 8000 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + codec_type: AUTO + upgrade_configs: + - upgrade_type: websocket + route_config: + name: local_route + virtual_hosts: + - name: backend + domains: + - "*" + routes: + - match: + path: "/" + redirect: + path_redirect: "/console/" + - match: + prefix: "/.well-known" + route: + cluster: flyte + - match: + prefix: "/__webpack_hmr" + route: + cluster: flyte + - match: + prefix: "/api" + route: + cluster: flyte + - match: + prefix: "/callback" + route: + cluster: flyte + - match: + prefix: "/config" + route: + cluster: flyte + - match: + prefix: "/console" + route: + cluster: flyte + - match: + prefix: "/healthcheck" + route: + cluster: flyte + - match: + prefix: "/login" + route: + cluster: flyte + - match: + prefix: "/logout" + route: + cluster: flyte + - match: + prefix: "/me" + route: + cluster: flyte + - match: + prefix: "/oauth2" + route: + cluster: flyte + - match: + prefix: "/v1" + route: + cluster: flyte + - match: + prefix: "/flyteidl.service.AdminService" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.AuthMetadataService" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.DataProxyService" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.IdentityService" + route: + cluster: flyte_grpc + - match: + prefix: "/grpc.health.v1.Health" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.service.SignalService" + route: + cluster: flyte_grpc + - match: + prefix: "/flyteidl.artifact.ArtifactRegistry" + route: + cluster: artifact + - match: + path: "/kubernetes-dashboard" + redirect: + path_redirect: "/kubernetes-dashboard/" + - match: + prefix: "/kubernetes-dashboard/" + route: + cluster: kubernetes-dashboard + prefix_rewrite: / + - match: + path: "/minio" + redirect: + path_redirect: "/minio/" + - match: + prefix: "/minio/" + route: + cluster: minio + prefix_rewrite: / + http_filters: + - name: envoy.filters.http.router + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + clusters: + - name: flyte + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: flyte + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-http + port_value: 8088 + - name: flyte_grpc + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + http2_protocol_options: {} + load_assignment: + cluster_name: flyte_grpc + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-grpc + port_value: 8089 + - name: kubernetes-dashboard + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: kubernetes-dashboard + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-kubernetes-dashboard + port_value: 80 + - name: minio + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + load_assignment: + cluster_name: minio + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: flyte-sandbox-minio + port_value: 9001 + - name: artifact + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + http2_protocol_options: {} + load_assignment: + cluster_name: artifact + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: artifact-service + port_value: 50051 +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-proxy-config + namespace: flyte +--- +apiVersion: v1 +data: null +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: kubernetes-dashboard-settings + namespace: flyte +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-config-secret + namespace: flyte +stringData: + 012-database-secrets.yaml: | + database: + postgres: + password: "postgres" + 013-storage-secrets.yaml: | + storage: + stow: + config: + access_key_id: "minio" + secret_key: "miniostorage" +type: Opaque +--- +apiVersion: v1 +data: + haSharedSecret: MFFzaWFuNWNIMHozSFh6Yg== + proxyPassword: "" + proxyUsername: "" +kind: Secret +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry-secret + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard-certs + namespace: flyte +type: Opaque +--- +apiVersion: v1 +data: + root-password: bWluaW9zdG9yYWdl + root-user: bWluaW8= +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +type: Opaque +--- +apiVersion: v1 +data: + postgres-password: cG9zdGdyZXM= +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + namespace: flyte +type: Opaque +--- +apiVersion: v1 +data: + username: User +kind: Secret +metadata: + name: flyteagent + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: kubernetes-dashboard-csrf + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: kubernetes-dashboard-key-holder + namespace: flyte +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: artifact-service + name: artifact-service + namespace: flyte +spec: + ports: + - name: grpc + port: 50051 + targetPort: 50051 + selector: + app: artifact-service + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry + namespace: flyte +spec: + ports: + - name: http-5000 + nodePort: 30000 + port: 5000 + protocol: TCP + targetPort: 5000 + selector: + app: docker-registry + release: flyte-sandbox + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-grpc + namespace: flyte +spec: + ports: + - name: grpc + nodePort: null + port: 8089 + targetPort: grpc + selector: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-http + namespace: flyte +spec: + ports: + - name: http + nodePort: null + port: 8088 + targetPort: http + selector: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + kubernetes.io/cluster-service: "true" + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +spec: + ports: + - name: http + port: 80 + targetPort: http + selector: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: kubernetes-dashboard + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +spec: + externalTrafficPolicy: Cluster + ports: + - name: minio-api + nodePort: 30002 + port: 9000 + targetPort: minio-api + - name: minio-console + port: 9001 + targetPort: minio-console + selector: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: minio + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + namespace: flyte +spec: + externalTrafficPolicy: Cluster + ports: + - name: tcp-postgresql + nodePort: 30001 + port: 5432 + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" + name: flyte-sandbox-postgresql-hl + namespace: flyte +spec: + clusterIP: None + ports: + - name: tcp-postgresql + port: 5432 + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-proxy + namespace: flyte +spec: + ports: + - name: http + nodePort: 30080 + port: 8000 + protocol: TCP + selector: + app.kubernetes.io/component: proxy + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: NodePort +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox-webhook + namespace: flyte +spec: + ports: + - name: webhook + port: 443 + targetPort: webhook + selector: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + projectcontour.io/upstream-protocol.h2c: grpc + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + name: flyteagent + namespace: flyte +spec: + ports: + - name: agent-grpc + port: 8000 + protocol: TCP + targetPort: agent-grpc + selector: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/name: flyteagent + type: ClusterIP +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-db-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1Gi + hostPath: + path: /var/lib/flyte/storage/db + storageClassName: manual +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-minio-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1Gi + hostPath: + path: /var/lib/flyte/storage/minio + storageClassName: manual +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-db-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: manual + volumeName: flyte-sandbox-db-storage +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-minio-storage + namespace: flyte +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: manual + volumeName: flyte-sandbox-minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: artifact-service + name: artifact-service + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app: artifact-service + template: + metadata: + labels: + app: artifact-service + spec: + containers: + - env: + - name: DATABASE_URL + value: postgresql://postgres:postgres@flyte-sandbox-postgresql.flyte:5432/postgres + - name: REDIS_HOST + value: flyte-sandbox-redis-headless.flyte.svc.cluster.local + - name: REDIS_PORT + value: "6379" + image: ghcr.io/unionai/artifacts:sandbox + livenessProbe: + initialDelaySeconds: 30 + tcpSocket: + port: grpc + name: main + ports: + - containerPort: 50051 + name: grpc + readinessProbe: + tcpSocket: + port: grpc +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-binary-v0.1.10 + name: flyte-sandbox + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + strategy: + type: Recreate + template: + metadata: + annotations: + checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 + checksum/configuration: c86a3f997d43ba1f7612d3f5e9675ef534131308a682edc09d06cf4f6e79be64 + checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 + labels: + app.kubernetes.io/component: flyte-binary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + spec: + containers: + - args: + - start + - --config + - /etc/flyte/config.d/*.yaml + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: flyte-binary:sandbox + imagePullPolicy: Never + livenessProbe: + httpGet: + path: /healthcheck + port: http + name: flyte + ports: + - containerPort: 8088 + name: http + - containerPort: 8089 + name: grpc + - containerPort: 9443 + name: webhook + readinessProbe: + httpGet: + path: /healthcheck + port: http + volumeMounts: + - mountPath: /etc/flyte/cluster-resource-templates + name: cluster-resource-templates + - mountPath: /etc/flyte/config.d + name: config + - mountPath: /var/run/flyte + name: state + initContainers: + - args: + - | + until pg_isready \ + -h flyte-sandbox-postgresql \ + -p 5432 \ + -U postgres + do + echo waiting for database + sleep 0.1 + done + command: + - sh + - -ec + image: bitnami/postgresql:sandbox + imagePullPolicy: Never + name: wait-for-db + serviceAccountName: flyte-sandbox + volumes: + - name: cluster-resource-templates + projected: + sources: + - configMap: + name: flyte-sandbox-cluster-resource-templates + - configMap: + name: flyte-sandbox-extra-cluster-resource-templates + - name: config + projected: + sources: + - configMap: + name: flyte-sandbox-config + - secret: + name: flyte-sandbox-config-secret + - configMap: + name: flyte-sandbox-extra-config + - emptyDir: {} + name: state +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-buildkit + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: buildkit + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + template: + metadata: + labels: + app.kubernetes.io/component: buildkit + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + spec: + containers: + - args: + - --addr + - unix:///run/buildkit/buildkitd.sock + - --addr + - tcp://0.0.0.0:30003 + image: moby/buildkit:sandbox + imagePullPolicy: Never + livenessProbe: + exec: + command: + - buildctl + - debug + - workers + initialDelaySeconds: 5 + periodSeconds: 30 + name: buildkit + ports: + - containerPort: 30003 + name: tcp + protocol: TCP + readinessProbe: + exec: + command: + - buildctl + - debug + - workers + initialDelaySeconds: 5 + periodSeconds: 30 + securityContext: + privileged: true + hostNetwork: true +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: docker-registry + chart: docker-registry-2.2.2 + heritage: Helm + release: flyte-sandbox + name: flyte-sandbox-docker-registry + namespace: flyte +spec: + minReadySeconds: 5 + replicas: 1 + selector: + matchLabels: + app: docker-registry + release: flyte-sandbox + template: + metadata: + annotations: + checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 + checksum/secret: beab063e2091f135bea9b399b4781b3cfc6a1f8daaa6f36c9457ad57a747c018 + labels: + app: docker-registry + release: flyte-sandbox + spec: + containers: + - command: + - /bin/registry + - serve + - /etc/docker/registry/config.yml + env: + - name: REGISTRY_HTTP_SECRET + valueFrom: + secretKeyRef: + key: haSharedSecret + name: flyte-sandbox-docker-registry-secret + - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY + value: /var/lib/registry + image: registry:sandbox + imagePullPolicy: Never + livenessProbe: + httpGet: + path: / + port: 5000 + name: docker-registry + ports: + - containerPort: 5000 + readinessProbe: + httpGet: + path: / + port: 5000 + resources: {} + volumeMounts: + - mountPath: /etc/docker/registry + name: flyte-sandbox-docker-registry-config + - mountPath: /var/lib/registry/ + name: data + securityContext: + fsGroup: 1000 + runAsUser: 1000 + volumes: + - configMap: + name: flyte-sandbox-docker-registry-config + name: flyte-sandbox-docker-registry-config + - emptyDir: {} + name: data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + name: flyte-sandbox-kubernetes-dashboard + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: kubernetes-dashboard + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + annotations: null + labels: + app.kubernetes.io/component: kubernetes-dashboard + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kubernetes-dashboard + app.kubernetes.io/version: 2.7.0 + helm.sh/chart: kubernetes-dashboard-6.0.0 + spec: + containers: + - args: + - --namespace=flyte + - --metrics-provider=none + - --enable-insecure-login + - --enable-skip-login + image: kubernetesui/dashboard:sandbox + imagePullPolicy: Never + livenessProbe: + httpGet: + path: / + port: 9090 + scheme: HTTP + initialDelaySeconds: 30 + timeoutSeconds: 30 + name: kubernetes-dashboard + ports: + - containerPort: 9090 + name: http + protocol: TCP + resources: + limits: + cpu: 2 + memory: 200Mi + requests: + cpu: 100m + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsGroup: 2001 + runAsUser: 1001 + volumeMounts: + - mountPath: /certs + name: kubernetes-dashboard-certs + - mountPath: /tmp + name: tmp-volume + securityContext: + seccompProfile: + type: RuntimeDefault + serviceAccountName: flyte-sandbox-kubernetes-dashboard + volumes: + - name: kubernetes-dashboard-certs + secret: + secretName: flyte-sandbox-kubernetes-dashboard-certs + - emptyDir: {} + name: tmp-volume +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + name: flyte-sandbox-minio + namespace: flyte +spec: + selector: + matchLabels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: minio + strategy: + type: Recreate + template: + metadata: + annotations: + checksum/credentials-secret: c199ac45f9d95d97966921c814d6c8b38cbf7416458e19cbe6d001a04c264448 + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: minio + helm.sh/chart: minio-12.1.1 + spec: + affinity: + nodeAffinity: null + podAffinity: null + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: minio + topologyKey: kubernetes.io/hostname + weight: 1 + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: MINIO_SCHEME + value: http + - name: MINIO_FORCE_NEW_KEYS + value: "no" + - name: MINIO_ROOT_USER + valueFrom: + secretKeyRef: + key: root-user + name: flyte-sandbox-minio + - name: MINIO_ROOT_PASSWORD + valueFrom: + secretKeyRef: + key: root-password + name: flyte-sandbox-minio + - name: MINIO_DEFAULT_BUCKETS + value: my-s3-bucket + - name: MINIO_BROWSER + value: "on" + - name: MINIO_PROMETHEUS_AUTH_TYPE + value: public + - name: MINIO_CONSOLE_PORT_NUMBER + value: "9001" + - name: MINIO_BROWSER_REDIRECT_URL + value: http://localhost:30080/minio + envFrom: null + image: docker.io/bitnami/minio:sandbox + imagePullPolicy: Never + livenessProbe: + failureThreshold: 5 + httpGet: + path: /minio/health/live + port: minio-api + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + name: minio + ports: + - containerPort: 9000 + name: minio-api + protocol: TCP + - containerPort: 9001 + name: minio-console + protocol: TCP + readinessProbe: + failureThreshold: 5 + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: minio-api + timeoutSeconds: 1 + resources: + limits: {} + requests: {} + securityContext: + runAsNonRoot: true + runAsUser: 1001 + volumeMounts: + - mountPath: /data + name: data + initContainers: + - command: + - /bin/bash + - -ec + - | + chown -R 1001:1001 /data + image: docker.io/bitnami/bitnami-shell:sandbox + imagePullPolicy: Never + name: volume-permissions + resources: + limits: {} + requests: {} + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /data + name: data + securityContext: + fsGroup: 1001 + serviceAccountName: flyte-sandbox-minio + volumes: + - name: data + persistentVolumeClaim: + claimName: flyte-sandbox-minio-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyte-sandbox + app.kubernetes.io/version: 1.16.0 + helm.sh/chart: flyte-sandbox-0.1.0 + name: flyte-sandbox-proxy + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: proxy + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + template: + metadata: + labels: + app.kubernetes.io/component: proxy + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: flyte-sandbox + spec: + containers: + - image: envoyproxy/envoy:sandbox + imagePullPolicy: Never + name: proxy + ports: + - containerPort: 8000 + name: http + volumeMounts: + - mountPath: /etc/envoy + name: config + volumes: + - configMap: + name: flyte-sandbox-proxy-config + name: config +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + name: flyteagent + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/name: flyteagent + template: + metadata: + annotations: null + labels: + app.kubernetes.io/instance: flyteagent + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: flyteagent + helm.sh/chart: flyteagent-v0.1.10 + spec: + containers: + - command: + - pyflyte + - serve + image: ghcr.io/flyteorg/flyteagent:1.9.1 + imagePullPolicy: IfNotPresent + name: flyteagent + ports: + - containerPort: 8000 + name: agent-grpc + resources: + limits: + cpu: 500m + ephemeral-storage: 200Mi + memory: 200Mi + requests: + cpu: 500m + ephemeral-storage: 200Mi + memory: 200Mi + volumeMounts: + - mountPath: /etc/secrets + name: flyteagent + serviceAccountName: flyteagent + volumes: + - name: flyteagent + secret: + secretName: flyteagent +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + namespace: flyte +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + serviceName: flyte-sandbox-postgresql-hl + template: + metadata: + annotations: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + helm.sh/chart: postgresql-12.1.9 + name: flyte-sandbox-postgresql + spec: + affinity: + nodeAffinity: null + podAffinity: null + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: flyte-sandbox + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: flyte-sandbox-postgresql + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:sandbox + imagePullPolicy: Never + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: {} + requests: + cpu: 250m + memory: 256Mi + securityContext: + runAsUser: 1001 + volumeMounts: + - mountPath: /bitnami/postgresql + name: data + hostIPC: false + hostNetwork: false + initContainers: + - command: + - /bin/sh + - -ec + - | + chown 1001:1001 /bitnami/postgresql + mkdir -p /bitnami/postgresql/data + chmod 700 /bitnami/postgresql/data + find /bitnami/postgresql -mindepth 1 -maxdepth 1 -not -name "conf" -not -name ".snapshot" -not -name "lost+found" | \ + xargs -r chown -R 1001:1001 + image: docker.io/bitnami/bitnami-shell:sandbox + imagePullPolicy: Never + name: init-chmod-data + resources: + limits: {} + requests: {} + securityContext: + runAsUser: 0 + volumeMounts: + - mountPath: /bitnami/postgresql + name: data + securityContext: + fsGroup: 1001 + serviceAccountName: default + volumes: + - name: data + persistentVolumeClaim: + claimName: flyte-sandbox-db-storage + updateStrategy: + rollingUpdate: {} + type: RollingUpdate diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index 40ca662ae3..fbd3b6047f 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -41,18 +41,6 @@ metadata: secrets: - name: flyte-sandbox-minio --- -apiVersion: v1 -automountServiceAccountToken: true -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis - namespace: flyte ---- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -807,221 +795,6 @@ metadata: namespace: flyte --- apiVersion: v1 -data: - master.conf: |- - dir /data - # User-supplied master configuration: - rename-command FLUSHDB "" - rename-command FLUSHALL "" - # End of master configuration - redis.conf: |- - # User-supplied common configuration: - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly yes - # Disable RDB persistence, AOF persistence already enabled. - save "" - # End of common configuration - replica.conf: |- - dir /data - # User-supplied replica configuration: - rename-command FLUSHDB "" - rename-command FLUSHALL "" - # End of replica configuration -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-configuration - namespace: flyte ---- -apiVersion: v1 -data: - ping_liveness_local.sh: |- - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') - if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ] && [ "$responseFirstWord" != "MASTERDOWN" ]; then - echo "$response" - exit 1 - fi - ping_liveness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_liveness_local.sh" $1 || exit_status=$? - "$script_dir/ping_liveness_master.sh" $1 || exit_status=$? - exit $exit_status - ping_liveness_master.sh: |- - #!/bin/bash - - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') - if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ]; then - echo "$response" - exit 1 - fi - ping_readiness_local.sh: |- - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_readiness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_readiness_local.sh" $1 || exit_status=$? - "$script_dir/ping_readiness_master.sh" $1 || exit_status=$? - exit $exit_status - ping_readiness_master.sh: |- - #!/bin/bash - - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-health - namespace: flyte ---- -apiVersion: v1 -data: - start-master.sh: | - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - if [[ -f /opt/bitnami/redis/mounted-etc/master.conf ]];then - cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf - fi - if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - ARGS=("--port" "${REDIS_PORT}") - ARGS+=("--protected-mode" "no") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf") - exec redis-server "${ARGS[@]}" - start-replica.sh: | - #!/bin/bash - - get_port() { - hostname="$1" - type="$2" - - port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g") - port=${!port_var} - - if [ -z "$port" ]; then - case $type in - "SENTINEL") - echo 26379 - ;; - "REDIS") - echo 6379 - ;; - esac - else - echo $port - fi - } - - get_full_hostname() { - hostname="$1" - full_hostname="${hostname}.${HEADLESS_SERVICE}" - echo "${full_hostname}" - } - - REDISPORT=$(get_port "$HOSTNAME" "REDIS") - HEADLESS_SERVICE="flyte-sandbox-redis-headless.flyte.svc.cluster.local" - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - if [[ -f /opt/bitnami/redis/mounted-etc/replica.conf ]];then - cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf - fi - if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - - echo "" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf - ARGS=("--port" "${REDIS_PORT}") - ARGS+=("--replicaof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}") - ARGS+=("--protected-mode" "no") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf") - exec redis-server "${ARGS[@]}" -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-scripts - namespace: flyte ---- -apiVersion: v1 data: null kind: ConfigMap metadata: @@ -1060,7 +833,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: VUh0UzRWS0RyQ0l1WDBDUw== + haSharedSecret: TE1wU3o5Q2l1RWx0SXRRTQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1350,78 +1123,6 @@ spec: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-headless - namespace: flyte -spec: - clusterIP: None - ports: - - name: tcp-redis - port: 6379 - targetPort: redis - selector: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-master - namespace: flyte -spec: - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ports: - - name: tcp-redis - nodePort: 30004 - port: 6379 - targetPort: redis - selector: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - sessionAffinity: None - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-replicas - namespace: flyte -spec: - internalTrafficPolicy: Cluster - ports: - - name: tcp-redis - nodePort: null - port: 6379 - targetPort: redis - selector: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - sessionAffinity: None - type: ClusterIP ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/instance: flyte-sandbox @@ -1747,7 +1448,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: b5ceec74c1c81a90b9f028e7a45c5138a85dd5a20b522ac8e2bcdd7182948f79 + checksum/secret: ea153da2dd4c25ceb7cde56d4d150289b3f5b0e34db15031b84bdfe2802f56a9 labels: app: docker-registry release: flyte-sandbox @@ -2195,323 +1896,3 @@ spec: updateStrategy: rollingUpdate: {} type: RollingUpdate ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-master - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - serviceName: flyte-sandbox-redis-headless - template: - metadata: - annotations: - checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 - checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 - checksum/scripts: d8e7bccfb1b74138543285406c65b9316cacb0f2da164a6baa00faed05079b7f - checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - spec: - affinity: - nodeAffinity: null - podAffinity: null - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: true - containers: - - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-master.sh - command: - - /bin/bash - env: - - name: BITNAMI_DEBUG - value: "false" - - name: REDIS_REPLICATION_MODE - value: master - - name: ALLOW_EMPTY_PASSWORD - value: "yes" - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - image: docker.io/bitnami/redis:sandbox - imagePullPolicy: Never - livenessProbe: - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh 5 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 6 - name: redis - ports: - - containerPort: 6379 - name: redis - readinessProbe: - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 1 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 2 - resources: - limits: {} - requests: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsGroup: 0 - runAsNonRoot: true - runAsUser: 1001 - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data - name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc/ - name: redis-tmp-conf - - mountPath: /tmp - name: tmp - securityContext: - fsGroup: 1001 - serviceAccountName: flyte-sandbox-redis - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-scripts - name: start-scripts - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-health - name: health - - configMap: - name: flyte-sandbox-redis-configuration - name: config - - emptyDir: {} - name: redis-tmp-conf - - emptyDir: {} - name: tmp - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - name: redis-data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-replicas - namespace: flyte -spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - serviceName: flyte-sandbox-redis-headless - template: - metadata: - annotations: - checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 - checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 - checksum/scripts: d8e7bccfb1b74138543285406c65b9316cacb0f2da164a6baa00faed05079b7f - checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - spec: - affinity: - nodeAffinity: null - podAffinity: null - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: true - containers: - - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-replica.sh - command: - - /bin/bash - env: - - name: BITNAMI_DEBUG - value: "false" - - name: REDIS_REPLICATION_MODE - value: replica - - name: REDIS_MASTER_HOST - value: flyte-sandbox-redis-master-0.flyte-sandbox-redis-headless.flyte.svc.cluster.local - - name: REDIS_MASTER_PORT_NUMBER - value: "6379" - - name: ALLOW_EMPTY_PASSWORD - value: "yes" - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - image: docker.io/bitnami/redis:sandbox - imagePullPolicy: Never - livenessProbe: - exec: - command: - - sh - - -c - - /health/ping_liveness_local_and_master.sh 5 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 6 - name: redis - ports: - - containerPort: 6379 - name: redis - readinessProbe: - exec: - command: - - sh - - -c - - /health/ping_readiness_local_and_master.sh 1 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 2 - resources: - limits: {} - requests: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsGroup: 0 - runAsNonRoot: true - runAsUser: 1001 - seccompProfile: - type: RuntimeDefault - startupProbe: - failureThreshold: 22 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: redis - timeoutSeconds: 5 - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data - name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc - name: redis-tmp-conf - securityContext: - fsGroup: 1001 - serviceAccountName: flyte-sandbox-redis - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-scripts - name: start-scripts - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-health - name: health - - configMap: - name: flyte-sandbox-redis-configuration - name: config - - emptyDir: {} - name: redis-tmp-conf - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - name: redis-data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 07dd4781ac..08aa528882 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -29,18 +29,6 @@ metadata: secrets: - name: flyte-sandbox-minio --- -apiVersion: v1 -automountServiceAccountToken: true -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis - namespace: flyte ---- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -515,221 +503,6 @@ metadata: namespace: flyte --- apiVersion: v1 -data: - master.conf: |- - dir /data - # User-supplied master configuration: - rename-command FLUSHDB "" - rename-command FLUSHALL "" - # End of master configuration - redis.conf: |- - # User-supplied common configuration: - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly yes - # Disable RDB persistence, AOF persistence already enabled. - save "" - # End of common configuration - replica.conf: |- - dir /data - # User-supplied replica configuration: - rename-command FLUSHDB "" - rename-command FLUSHALL "" - # End of replica configuration -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-configuration - namespace: flyte ---- -apiVersion: v1 -data: - ping_liveness_local.sh: |- - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') - if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ] && [ "$responseFirstWord" != "MASTERDOWN" ]; then - echo "$response" - exit 1 - fi - ping_liveness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_liveness_local.sh" $1 || exit_status=$? - "$script_dir/ping_liveness_master.sh" $1 || exit_status=$? - exit $exit_status - ping_liveness_master.sh: |- - #!/bin/bash - - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') - if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ]; then - echo "$response" - exit 1 - fi - ping_readiness_local.sh: |- - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_readiness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_readiness_local.sh" $1 || exit_status=$? - "$script_dir/ping_readiness_master.sh" $1 || exit_status=$? - exit $exit_status - ping_readiness_master.sh: |- - #!/bin/bash - - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-health - namespace: flyte ---- -apiVersion: v1 -data: - start-master.sh: | - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - if [[ -f /opt/bitnami/redis/mounted-etc/master.conf ]];then - cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf - fi - if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - ARGS=("--port" "${REDIS_PORT}") - ARGS+=("--protected-mode" "no") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf") - exec redis-server "${ARGS[@]}" - start-replica.sh: | - #!/bin/bash - - get_port() { - hostname="$1" - type="$2" - - port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g") - port=${!port_var} - - if [ -z "$port" ]; then - case $type in - "SENTINEL") - echo 26379 - ;; - "REDIS") - echo 6379 - ;; - esac - else - echo $port - fi - } - - get_full_hostname() { - hostname="$1" - full_hostname="${hostname}.${HEADLESS_SERVICE}" - echo "${full_hostname}" - } - - REDISPORT=$(get_port "$HOSTNAME" "REDIS") - HEADLESS_SERVICE="flyte-sandbox-redis-headless.flyte.svc.cluster.local" - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - if [[ -f /opt/bitnami/redis/mounted-etc/replica.conf ]];then - cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf - fi - if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - - echo "" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf - ARGS=("--port" "${REDIS_PORT}") - ARGS+=("--replicaof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}") - ARGS+=("--protected-mode" "no") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf") - exec redis-server "${ARGS[@]}" -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-scripts - namespace: flyte ---- -apiVersion: v1 data: null kind: ConfigMap metadata: @@ -744,7 +517,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: VFpQSXduUGEyZkgxQ0IyYQ== + haSharedSecret: QzdLYnVTeFBUQ0J0MU80bg== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1036,78 +809,6 @@ spec: type: NodePort --- apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-headless - namespace: flyte -spec: - clusterIP: None - ports: - - name: tcp-redis - port: 6379 - targetPort: redis - selector: - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-master - namespace: flyte -spec: - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ports: - - name: tcp-redis - nodePort: 30004 - port: 6379 - targetPort: redis - selector: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - sessionAffinity: None - type: NodePort ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-replicas - namespace: flyte -spec: - internalTrafficPolicy: Cluster - ports: - - name: tcp-redis - nodePort: null - port: 6379 - targetPort: redis - selector: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - sessionAffinity: None - type: ClusterIP ---- -apiVersion: v1 kind: PersistentVolume metadata: labels: @@ -1304,7 +1005,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: db7f477669a3dd30b567a390215b0840d15f6598ea01d2c9a8e640552796e9b4 + checksum/secret: 5127d2ab37b9913091f260a9f57fda82066cd397915f953fa5d184f5b6257d9f labels: app: docker-registry release: flyte-sandbox @@ -1752,323 +1453,3 @@ spec: updateStrategy: rollingUpdate: {} type: RollingUpdate ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-master - namespace: flyte -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - serviceName: flyte-sandbox-redis-headless - template: - metadata: - annotations: - checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 - checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 - checksum/scripts: d8e7bccfb1b74138543285406c65b9316cacb0f2da164a6baa00faed05079b7f - checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - spec: - affinity: - nodeAffinity: null - podAffinity: null - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: true - containers: - - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-master.sh - command: - - /bin/bash - env: - - name: BITNAMI_DEBUG - value: "false" - - name: REDIS_REPLICATION_MODE - value: master - - name: ALLOW_EMPTY_PASSWORD - value: "yes" - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - image: docker.io/bitnami/redis:sandbox - imagePullPolicy: Never - livenessProbe: - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh 5 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 6 - name: redis - ports: - - containerPort: 6379 - name: redis - readinessProbe: - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 1 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 2 - resources: - limits: {} - requests: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsGroup: 0 - runAsNonRoot: true - runAsUser: 1001 - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data - name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc/ - name: redis-tmp-conf - - mountPath: /tmp - name: tmp - securityContext: - fsGroup: 1001 - serviceAccountName: flyte-sandbox-redis - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-scripts - name: start-scripts - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-health - name: health - - configMap: - name: flyte-sandbox-redis-configuration - name: config - - emptyDir: {} - name: redis-tmp-conf - - emptyDir: {} - name: tmp - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - labels: - app.kubernetes.io/component: master - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - name: redis-data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - name: flyte-sandbox-redis-replicas - namespace: flyte -spec: - replicas: 0 - selector: - matchLabels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - serviceName: flyte-sandbox-redis-headless - template: - metadata: - annotations: - checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 - checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 - checksum/scripts: d8e7bccfb1b74138543285406c65b9316cacb0f2da164a6baa00faed05079b7f - checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis - helm.sh/chart: redis-17.15.6 - spec: - affinity: - nodeAffinity: null - podAffinity: null - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - topologyKey: kubernetes.io/hostname - weight: 1 - automountServiceAccountToken: true - containers: - - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-replica.sh - command: - - /bin/bash - env: - - name: BITNAMI_DEBUG - value: "false" - - name: REDIS_REPLICATION_MODE - value: replica - - name: REDIS_MASTER_HOST - value: flyte-sandbox-redis-master-0.flyte-sandbox-redis-headless.flyte.svc.cluster.local - - name: REDIS_MASTER_PORT_NUMBER - value: "6379" - - name: ALLOW_EMPTY_PASSWORD - value: "yes" - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - image: docker.io/bitnami/redis:sandbox - imagePullPolicy: Never - livenessProbe: - exec: - command: - - sh - - -c - - /health/ping_liveness_local_and_master.sh 5 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 6 - name: redis - ports: - - containerPort: 6379 - name: redis - readinessProbe: - exec: - command: - - sh - - -c - - /health/ping_readiness_local_and_master.sh 1 - failureThreshold: 5 - initialDelaySeconds: 20 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 2 - resources: - limits: {} - requests: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsGroup: 0 - runAsNonRoot: true - runAsUser: 1001 - seccompProfile: - type: RuntimeDefault - startupProbe: - failureThreshold: 22 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: redis - timeoutSeconds: 5 - volumeMounts: - - mountPath: /opt/bitnami/scripts/start-scripts - name: start-scripts - - mountPath: /health - name: health - - mountPath: /data - name: redis-data - - mountPath: /opt/bitnami/redis/mounted-etc - name: config - - mountPath: /opt/bitnami/redis/etc - name: redis-tmp-conf - securityContext: - fsGroup: 1001 - serviceAccountName: flyte-sandbox-redis - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-scripts - name: start-scripts - - configMap: - defaultMode: 493 - name: flyte-sandbox-redis-health - name: health - - configMap: - name: flyte-sandbox-redis-configuration - name: config - - emptyDir: {} - name: redis-tmp-conf - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - labels: - app.kubernetes.io/component: replica - app.kubernetes.io/instance: flyte-sandbox - app.kubernetes.io/name: redis - name: redis-data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi From 14ea496621cc1ecca37c4747fa40847320146363 Mon Sep 17 00:00:00 2001 From: Yee Hing Tong Date: Sat, 28 Oct 2023 10:13:20 +0800 Subject: [PATCH 2/4] remove temporary redis publisher Signed-off-by: Yee Hing Tong --- .../async/cloudevent/redis/redis_publisher.go | 62 ------------------- .../cloudevent/redis/redis_publisher_test.go | 33 ---------- 2 files changed, 95 deletions(-) delete mode 100644 flyteadmin/pkg/async/cloudevent/redis/redis_publisher.go delete mode 100644 flyteadmin/pkg/async/cloudevent/redis/redis_publisher_test.go diff --git a/flyteadmin/pkg/async/cloudevent/redis/redis_publisher.go b/flyteadmin/pkg/async/cloudevent/redis/redis_publisher.go deleted file mode 100644 index 76ad9a6514..0000000000 --- a/flyteadmin/pkg/async/cloudevent/redis/redis_publisher.go +++ /dev/null @@ -1,62 +0,0 @@ -package redis - -import ( - "context" - "fmt" - "github.com/flyteorg/flyte/flytestdlib/logger" - - "github.com/flyteorg/flyte/flyteadmin/pkg/runtime/interfaces" - "github.com/golang/protobuf/proto" - redisAPI "github.com/redis/go-redis/v9" -) - -// Publisher satisfies the gizmo/pubsub.Publisher interface. -type Publisher struct { - config interfaces.RedisConfig - client *redisAPI.Client - topicName string -} - -func (p *Publisher) Publish(ctx context.Context, topic string, msg proto.Message) error { - if len(topic) == 0 { - topic = p.topicName - } - logger.Debugf(ctx, "Publishing message to topic [%s]", topic) - - msgBytes, err := proto.Marshal(msg) - if err != nil { - return fmt.Errorf("failed to marshal message: %w", err) - } - - res := p.client.Publish(ctx, topic, msgBytes) - if res.Err() != nil { - return fmt.Errorf("failed to publish message to topic [%s]: %w", topic, res.Err()) - } - return nil -} - -func (p *Publisher) PublishRaw(ctx context.Context, topic string, msgBytes []byte) error { - if len(topic) == 0 { - topic = p.topicName - } - logger.Debugf(ctx, "Publishing raw message to topic [%s]", topic) - - res := p.client.Publish(ctx, topic, msgBytes) - if res.Err() != nil { - return fmt.Errorf("failed to publish raw message to topic [%s]: %w", topic, res.Err()) - } - return nil -} - -func NewPublisher(config interfaces.RedisConfig) (*Publisher, error) { - client := redisAPI.NewClient(&redisAPI.Options{ - Addr: config.Addr, - Password: config.Password, - DB: config.DB, - }) - - return &Publisher{ - config: config, - client: client, - }, nil -} diff --git a/flyteadmin/pkg/async/cloudevent/redis/redis_publisher_test.go b/flyteadmin/pkg/async/cloudevent/redis/redis_publisher_test.go deleted file mode 100644 index 74a9776b4e..0000000000 --- a/flyteadmin/pkg/async/cloudevent/redis/redis_publisher_test.go +++ /dev/null @@ -1,33 +0,0 @@ -package redis - -import ( - "context" - "github.com/flyteorg/flyteidl/gen/pb-go/flyteidl/core" - "github.com/flyteorg/flyteidl/gen/pb-go/flyteidl/event" - "github.com/golang/protobuf/proto" - "github.com/stretchr/testify/assert" - "testing" - - redisAPI "github.com/redis/go-redis/v9" -) - -func TestRjkl(t *testing.T) { - ctx := context.TODO() - - client := redisAPI.NewClient(&redisAPI.Options{ - Addr: "localhost:6379", - }) - - e := event.WorkflowExecutionEvent{ - ExecutionId: &core.WorkflowExecutionIdentifier{ - Project: "project", - Domain: "domain", - Name: "name", - }, - ProducerId: "", - Phase: 0, - } - ee, _ := proto.Marshal(&e) - r := client.Publish(ctx, "channel007", ee) - assert.NoError(t, r.Err()) -} From 097dfc5f9a58a913f8f602da36a5419a8ea92f75 Mon Sep 17 00:00:00 2001 From: Yee Hing Tong Date: Sat, 28 Oct 2023 10:23:34 +0800 Subject: [PATCH 3/4] remove values Signed-off-by: Yee Hing Tong --- charts/flyte-sandbox/values.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/flyte-sandbox/values.yaml b/charts/flyte-sandbox/values.yaml index 4f272bef01..353d44012e 100644 --- a/charts/flyte-sandbox/values.yaml +++ b/charts/flyte-sandbox/values.yaml @@ -49,12 +49,10 @@ flyte-binary: memory: 0 cloudEvents: enable: true - transformToCloudEvents: true - type: redis - redis: - addr: "flyte-sandbox-redis-headless.flyte.svc.cluster.local:6379" + cloudEventVersion: v2 + type: sandbox artifacts: - host: artifact-service.flyte.svc.cluster.local + host: localhost port: 50051 insecure: true storage: From 6f36e2147e2ccbcc9ca0e7e8dd77a711f2f083bc Mon Sep 17 00:00:00 2001 From: Yee Hing Tong Date: Sat, 28 Oct 2023 10:24:26 +0800 Subject: [PATCH 4/4] regenerate manifests Signed-off-by: Yee Hing Tong --- .../sandbox-bundled/manifests/complete-agent.yaml | 14 ++++++-------- docker/sandbox-bundled/manifests/complete.yaml | 14 ++++++-------- docker/sandbox-bundled/manifests/dev.yaml | 4 ++-- 3 files changed, 14 insertions(+), 18 deletions(-) diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 28026c9c6f..cdcbf7b4f8 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -509,15 +509,13 @@ data: container: my-s3-bucket 100-inline-config.yaml: | artifacts: - host: artifact-service.flyte.svc.cluster.local + host: localhost insecure: true port: 50051 cloudEvents: + cloudEventVersion: v2 enable: true - redis: - addr: flyte-sandbox-redis-headless.flyte.svc.cluster.local:6379 - transformToCloudEvents: true - type: redis + type: sandbox plugins: k8s: default-env-vars: @@ -844,7 +842,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: MFFzaWFuNWNIMHozSFh6Yg== + haSharedSecret: bHpJN3NncmQzSGVzZkhpWQ== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1328,7 +1326,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: c86a3f997d43ba1f7612d3f5e9675ef534131308a682edc09d06cf4f6e79be64 + checksum/configuration: 8d7c7929fda964a4ac1982becf5115c6074afbb8146eddd279352492ed6043cd checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1491,7 +1489,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: beab063e2091f135bea9b399b4781b3cfc6a1f8daaa6f36c9457ad57a747c018 + checksum/secret: 24d3ab901378068911558ada4baa51b1930a530c2e2baba642b785d17498480e labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index fbd3b6047f..336662e745 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -498,15 +498,13 @@ data: container: my-s3-bucket 100-inline-config.yaml: | artifacts: - host: artifact-service.flyte.svc.cluster.local + host: localhost insecure: true port: 50051 cloudEvents: + cloudEventVersion: v2 enable: true - redis: - addr: flyte-sandbox-redis-headless.flyte.svc.cluster.local:6379 - transformToCloudEvents: true - type: redis + type: sandbox plugins: k8s: default-env-vars: @@ -833,7 +831,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: TE1wU3o5Q2l1RWx0SXRRTQ== + haSharedSecret: dFhsdmt2TUFXM29MeWY1Qg== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1285,7 +1283,7 @@ spec: metadata: annotations: checksum/cluster-resource-templates: 6fd9b172465e3089fcc59f738b92b8dc4d8939360c19de8ee65f68b0e7422035 - checksum/configuration: c86a3f997d43ba1f7612d3f5e9675ef534131308a682edc09d06cf4f6e79be64 + checksum/configuration: 8d7c7929fda964a4ac1982becf5115c6074afbb8146eddd279352492ed6043cd checksum/configuration-secret: 09216ffaa3d29e14f88b1f30af580d02a2a5e014de4d750b7f275cc07ed4e914 labels: app.kubernetes.io/component: flyte-binary @@ -1448,7 +1446,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: ea153da2dd4c25ceb7cde56d4d150289b3f5b0e34db15031b84bdfe2802f56a9 + checksum/secret: 27beb280f64955492d3f8a5849cf020195b3ebbaa196c7cae1370ea56a5c8909 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index 08aa528882..1f0f3c51ea 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -517,7 +517,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: QzdLYnVTeFBUQ0J0MU80bg== + haSharedSecret: NHdBdUNTRkFPVzV0RlY5Zw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1005,7 +1005,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 5127d2ab37b9913091f260a9f57fda82066cd397915f953fa5d184f5b6257d9f + checksum/secret: ae9a1315b23289912279d91f720e96a0766e6502378f25c551260b27f39a64d1 labels: app: docker-registry release: flyte-sandbox