From 39fbd604fbcfe7636a5f59fbf0d9b38de25be029 Mon Sep 17 00:00:00 2001 From: Helber Belmiro Date: Thu, 25 Jul 2024 09:53:54 -0300 Subject: [PATCH] test: Removed mkp tests (#10924) Signed-off-by: hbelmiro --- manifests/gcp_marketplace/test/presubmit.sh | 47 - .../gcp_marketplace/test/snapshot-base.yaml | 2779 ---------------- .../test/snapshot-emissary.yaml | 2779 ---------------- ...apshot-managed-storage-with-db-prefix.yaml | 2829 ----------------- .../test/snapshot-managed-storage.yaml | 2829 ----------------- manifests/gcp_marketplace/test/snapshots.sh | 33 - .../gcp_marketplace/test/values-base.yaml | 9 - .../gcp_marketplace/test/values-emissary.yaml | 9 - ...values-managed-storage-with-db-prefix.yaml | 9 - .../test/values-managed-storage.yaml | 9 - test/cloudbuild/mkp_verify.yaml | 21 - test/deploy-pipeline-mkp-cli.sh | 28 - test/images/Dockerfile | 12 - test/images/README.md | 20 - ...stsubmit-tests-with-pipeline-deployment.sh | 165 - test/presubmit-tests-mkp.sh | 38 - 16 files changed, 11616 deletions(-) delete mode 100755 manifests/gcp_marketplace/test/presubmit.sh delete mode 100644 manifests/gcp_marketplace/test/snapshot-base.yaml delete mode 100644 manifests/gcp_marketplace/test/snapshot-emissary.yaml delete mode 100644 manifests/gcp_marketplace/test/snapshot-managed-storage-with-db-prefix.yaml delete mode 100644 manifests/gcp_marketplace/test/snapshot-managed-storage.yaml delete mode 100755 manifests/gcp_marketplace/test/snapshots.sh delete mode 100644 manifests/gcp_marketplace/test/values-base.yaml delete mode 100644 manifests/gcp_marketplace/test/values-emissary.yaml delete mode 100644 manifests/gcp_marketplace/test/values-managed-storage-with-db-prefix.yaml delete mode 100644 manifests/gcp_marketplace/test/values-managed-storage.yaml delete mode 100644 test/cloudbuild/mkp_verify.yaml delete mode 100755 test/deploy-pipeline-mkp-cli.sh delete mode 100644 test/images/Dockerfile delete mode 100644 test/images/README.md delete mode 100755 test/postsubmit-tests-with-pipeline-deployment.sh delete mode 100755 test/presubmit-tests-mkp.sh diff --git a/manifests/gcp_marketplace/test/presubmit.sh b/manifests/gcp_marketplace/test/presubmit.sh deleted file mode 100755 index 908a982f3c7..00000000000 --- a/manifests/gcp_marketplace/test/presubmit.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash -# -# Copyright 2020-2021 The Kubeflow Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -# When running this in MacOS, we can run `OS=darwin-amd64 ./presubmit.sh` -OS="${OS:-linux-amd64}" - -DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" > /dev/null && pwd)" - -if ! which helm; then - HELM_VERSION=v3.8.0 - if ! which curl; then - apk --no-cache add curl - fi - curl -sLO "https://get.helm.sh/helm-${HELM_VERSION}-${OS}.tar.gz" - tar xvf "helm-${HELM_VERSION}-${OS}.tar.gz" - mv ./${OS}/helm /usr/local/bin/helm - helm version -c # Check client side version only -fi - -if ! which bash; then - apk --no-cache add bash -fi -bash "${DIR}/snapshots.sh" - - -if ! which git; then - apk --no-cache add git -fi -# exit 1 if snapshots are not up-to-date. -git diff --exit-code -- "${DIR}" || \ - (echo "gcp_marketplace test snapshots are not tidy, run 'manifests/gcp_marketplace/test/snapshots.sh' to update them." \ - && exit 1) diff --git a/manifests/gcp_marketplace/test/snapshot-base.yaml b/manifests/gcp_marketplace/test/snapshot-base.yaml deleted file mode 100644 index ce4f8c6c877..00000000000 --- a/manifests/gcp_marketplace/test/snapshot-base.yaml +++ /dev/null @@ -1,2779 +0,0 @@ ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache-deployer-sa - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-metadata-writer - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-persistenceagent - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-scheduledworkflow - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-ui - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-viewer-crd-service-account - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-visualizationserver - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-container-builder ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: proxy-agent-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - accesskey: bWluaW8= - secretkey: bWluaW8xMjM= -kind: Secret -metadata: - name: mlpipeline-minio-artifact - labels: - app.kubernetes.io/name: "my-release" -type: Opaque ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: Secret -metadata: - name: ml-pipeline-install-secret-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install secrets. There's no effect modifying this. -type: Opaque -# ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Secret -metadata: - name: mlpipeline-minio-artifact -stringData: - accesskey: minio - secretkey: minio123 ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - # References: - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/config/config.go - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.md - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.yaml - - # Choice of an executor is deprecated in favor of emissary executor - executor: | - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 0.01 - memory: 32Mi - limits: - cpu: 0.5 - memory: 512Mi - - # Note, some-string-{{without}}-template-interpretation is a way to avoid some brackets interpreted as template. - # Reference: https://github.com/helm/helm/issues/2798#issuecomment-467319526 - artifactRepository: | - archiveLogs: true - s3: - endpoint: "minio-service.kubeflow:9000" - bucket: "mlpipeline" - # keyFormat is a format pattern to define how artifacts will be organized in a bucket. - # It can reference workflow metadata variables such as workflow.namespace, workflow.name, - # pod.name. Can also use strftime formating of workflow.creationTimestamp so that workflow - # artifacts can be organized by date. If omitted, will use workflow.name/pod.name, - # which has potential for have collisions, because names do not guarantee they are unique - # over the lifetime of the cluster. - # Refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. - # - # The following format looks like: - # artifacts/my-workflow-abc123/2018/08/23/my-workflow-abc123-1234567890 - # Adding date into the path greatly reduces the chance of pod.name collision. - keyFormat: "artifacts/{{workflow.name}}/{{workflow.creationTimestamp.Y}}/{{workflow.creationTimestamp.m}}/{{workflow.creationTimestamp.d}}/{{pod.name}}" - # insecure will disable TLS. Primarily used for minio installs not configured with TLS - insecure: true - accessKeySecret: - name: mlpipeline-minio-artifact - key: accesskey - secretKeySecret: - name: mlpipeline-minio-artifact - key: secretkey -kind: ConfigMap -metadata: - name: workflow-controller-configmap - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: cache-configmap - labels: - component: cache-server -data: - mysql_database: 'my_release_cachedb' - mysql_driver: "mysql" - mysql_host: "mysql" - mysql_port: "3306" - cache_image: "gcr.io/google-containers/busybox" - cache_node_restrictions: "false" ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: ml-pipeline-install-config-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install parameters. There's no effect modifying this. -data: - appName: 'my-release' - namespace: 'kubeflow' - emissaryExecutor: 'true' - managedStorageEnabled: 'false' - # ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-mysql-configmap - labels: - component: metadata-server -data: - MYSQL_DATABASE: 'my_release_metadata' - MYSQL_HOST: "mysql" - MYSQL_PORT: "3306" ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-grpc-configmap - labels: - component: metadata-grpc-server -data: - METADATA_GRPC_SERVICE_HOST: "metadata-grpc-service" - METADATA_GRPC_SERVICE_PORT: "8080" ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: inverse-proxy-config - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/minio.yaml ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: minio-pvc - labels: - app.kubernetes.io/name: my-release -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 20Gi ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mysql-pv-claim - labels: - app.kubernetes.io/name: my-release -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 20Gi ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: Workflow - listKind: WorkflowList - plural: workflows - shortNames: - - wf - singular: workflow - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Status of the workflow - jsonPath: .status.phase - name: Status - type: string - - description: When the workflow was started - format: date-time - jsonPath: .status.startedAt - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: ClusterWorkflowTemplate - listKind: ClusterWorkflowTemplateList - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft - singular: clusterworkflowtemplate - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: CronWorkflow - listKind: CronWorkflowList - plural: cronworkflows - shortNames: - - cwf - - cronwf - singular: cronworkflow - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workfloweventbindings.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowEventBinding - listKind: WorkflowEventBindingList - plural: workfloweventbindings - shortNames: - - wfeb - singular: workfloweventbinding - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowTemplate - listKind: WorkflowTemplateList - plural: workflowtemplates - shortNames: - - wftmpl - singular: workflowtemplate - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtaskresults.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskResult - listKind: WorkflowTaskResultList - plural: workflowtaskresults - singular: workflowtaskresult - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - message: - type: string - metadata: - type: object - outputs: - properties: - artifacts: - items: - properties: - archive: - properties: - none: - type: object - tar: - properties: - compressionLevel: - format: int32 - type: integer - type: object - zip: - type: object - type: object - archiveLogs: - type: boolean - artifactory: - properties: - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - url: - type: string - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - url - type: object - from: - type: string - fromExpression: - type: string - gcs: - properties: - bucket: - type: string - key: - type: string - serviceAccountKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - key - type: object - git: - properties: - depth: - format: int64 - type: integer - disableSubmodules: - type: boolean - fetch: - items: - type: string - type: array - insecureIgnoreHostKey: - type: boolean - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - repo: - type: string - revision: - type: string - sshPrivateKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - repo - type: object - globalName: - type: string - hdfs: - properties: - addresses: - items: - type: string - type: array - force: - type: boolean - hdfsUser: - type: string - krbCCacheSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbConfigConfigMap: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbKeytabSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbRealm: - type: string - krbServicePrincipalName: - type: string - krbUsername: - type: string - path: - type: string - required: - - path - type: object - http: - properties: - headers: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - url: - type: string - required: - - url - type: object - mode: - format: int32 - type: integer - name: - type: string - optional: - type: boolean - oss: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - type: boolean - endpoint: - type: string - key: - type: string - lifecycleRule: - properties: - markDeletionAfterDays: - format: int32 - type: integer - markInfrequentAccessAfterDays: - format: int32 - type: integer - type: object - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - securityToken: - type: string - required: - - key - type: object - path: - type: string - raw: - properties: - data: - type: string - required: - - data - type: object - recurseMode: - type: boolean - s3: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - properties: - objectLocking: - type: boolean - type: object - encryptionOptions: - properties: - enableEncryption: - type: boolean - kmsEncryptionContext: - type: string - kmsKeyId: - type: string - serverSideCustomerKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - endpoint: - type: string - insecure: - type: boolean - key: - type: string - region: - type: string - roleARN: - type: string - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - useSDKCreds: - type: boolean - type: object - subPath: - type: string - required: - - name - type: object - type: array - exitCode: - type: string - parameters: - items: - properties: - default: - type: string - description: - type: string - enum: - items: - type: string - type: array - globalName: - type: string - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - default: - type: string - event: - type: string - expression: - type: string - jqFilter: - type: string - jsonPath: - type: string - parameter: - type: string - path: - type: string - supplied: - type: object - type: object - required: - - name - type: object - type: array - result: - type: string - type: object - phase: - type: string - progress: - type: string - required: - - metadata - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtasksets.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskSet - listKind: WorkflowTaskSetList - plural: workflowtasksets - shortNames: - - wfts - singular: workflowtaskset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: scheduledworkflows.kubeflow.org - labels: - app.kubernetes.io/name: my-release -spec: - group: kubeflow.org - names: - kind: ScheduledWorkflow - listKind: ScheduledWorkflowList - plural: scheduledworkflows - shortNames: - - swf - singular: scheduledworkflow - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - status: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - - status - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: my-release - name: viewers.kubeflow.org -spec: - group: kubeflow.org - names: - kind: Viewer - listKind: ViewerList - plural: viewers - shortNames: - - vi - singular: viewer - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-clusterrole - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-clusterrole -rules: -- apiGroups: - - certificates.k8s.io - resources: - - certificatesigningrequests - - certificatesigningrequests/approval - verbs: - - create - - delete - - get - - update -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - delete - - get - - list - - patch -- apiGroups: - - certificates.k8s.io - resources: - - signers - resourceNames: - - kubernetes.io/* - verbs: - - approve ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-clusterrolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kubeflow-pipelines-cache-deployer-clusterrole -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argo-role - labels: - app.kubernetes.io/name: "my-release" -rules: -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - update -- apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - persistentvolumeclaims - - persistentvolumeclaims/finalizers - verbs: - - create - - update - - delete - - get -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtasksets - - workflowtasksets/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete - - create -- apiGroups: - - argoproj.io - resources: - - workflowtemplates - - workflowtemplates/finalizers - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - argoproj.io - resources: - - workflowtaskresults - verbs: - - list - - watch - - deletecollection -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - "" - resources: - - secrets - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - cronworkflows - - cronworkflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - create - - get - - delete ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - patch - - list ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-metadata-writer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-metadata-writer-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-persistenceagent-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - get - - list - - watch - - apiGroups: - - pipelines.kubeflow.org - resources: - - scheduledworkflows - - workflows - verbs: - - report - - apiGroups: - - '' - resources: - - namespaces - verbs: - - get - - apiGroups: - - '' - resources: - - events - verbs: - - create - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-scheduledworkflow-role - name: ml-pipeline-scheduledworkflow-role -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -rules: - - apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - create - - get - - list - - apiGroups: - - "" - resources: - - events - verbs: - - list - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - delete - - apiGroups: - - "argoproj.io" - resources: - - workflows - verbs: - - get - - list ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-viewer-controller-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - '*' - resources: - - deployments - - services - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - delete - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list - - apiGroups: - - "" - resources: - - persistentvolumes - - persistentvolumeclaims - verbs: - - '*' - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - create - - delete - - get - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - "" - resources: - - pods - - pods/exec - - pods/log - - services - verbs: - - '*' - - apiGroups: - - "" - - apps - - extensions - resources: - - deployments - - replicasets - verbs: - - '*' - - apiGroups: - - kubeflow.org - resources: - - '*' - verbs: - - '*' - - apiGroups: - - batch - resources: - - jobs - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: proxy-agent-runner - app.kubernetes.io/name: my-release - name: proxy-agent-runner -rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argo-binding - labels: - app.kubernetes.io/name: "my-release" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argo-role -subjects: -- kind: ServiceAccount - name: argo - namespace: "kubeflow" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-rolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-deployer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-metadata-writer-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-metadata-writer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-metadata-writer - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-persistenceagent-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-persistenceagent-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-persistenceagent - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-scheduledworkflow-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-scheduledworkflow-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-scheduledworkflow - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-ui -subjects: - - kind: ServiceAccount - name: ml-pipeline-ui - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline -subjects: - - kind: ServiceAccount - name: ml-pipeline - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pipeline-runner-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: pipeline-runner -subjects: - - kind: ServiceAccount - name: pipeline-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-viewer-crd-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-viewer-controller-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-viewer-crd-service-account - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: proxy-agent-runner - name: proxy-agent-runner -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: proxy-agent-runner -subjects: - - kind: ServiceAccount - name: proxy-agent-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: Service -metadata: - annotations: - workflows.argoproj.io/description: | - This service is deprecated. It will be removed in v3.4. - - https://github.com/argoproj/argo-workflows/issues/8441 - labels: - app: workflow-controller - name: workflow-controller-metrics -spec: - ports: - - name: metrics - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: workflow-controller ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: Service -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - selector: - app: cache-server - app.kubernetes.io/name: my-release - ports: - - port: 443 - targetPort: webhook-api ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-grpc-service -spec: - ports: - - name: grpc-api - port: 8080 - protocol: TCP - selector: - component: metadata-grpc-server - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -kind: Service -apiVersion: v1 -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-envoy-service -spec: - selector: - component: metadata-envoy - type: ClusterIP - ports: - - port: 9090 - protocol: TCP - name: md-envoy ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Service -metadata: - name: minio-service - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - ports: - - port: 9000 - protocol: TCP - targetPort: 9000 - selector: - app: minio - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: Service -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - port: 3306 - selector: - - app: mysql - - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - ports: - - port: 80 - targetPort: 3000 - selector: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline-visualizationserver -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - selector: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - - name: grpc - port: 8887 - protocol: TCP - targetPort: 8887 - selector: - app: ml-pipeline - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: workflow-controller - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" -spec: - selector: - matchLabels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - template: - metadata: - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - spec: - serviceAccountName: argo - containers: - - name: workflow-controller - image: "gcr.io/ml-pipeline/google/pipelines/argoworkflowcontroller:dummy" - command: - - workflow-controller - args: - - --configmap - - workflow-controller-configmap - - --executor-image - - "gcr.io/ml-pipeline/google/pipelines/argoexecutor:dummy" - - --namespaced - env: - - name: LEADER_ELECTION_IDENTITY - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - ports: - - name: metrics - containerPort: 9090 - - containerPort: 6060 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 6060 - initialDelaySeconds: 90 - periodSeconds: 60 - timeoutSeconds: 30 - resources: - requests: - cpu: 100m - memory: 500Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - nodeSelector: - kubernetes.io/os: linux - priorityClassName: workflow-controller - securityContext: - runAsNonRoot: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-deployer-deployment - labels: - app: cache-deployer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-deployer - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: cache-deployer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/cachedeployer:dummy - imagePullPolicy: Always - env: - - name: NAMESPACE_TO_WATCH - value: kubeflow - serviceAccountName: kubeflow-pipelines-cache-deployer-sa - restartPolicy: Always ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: cache-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: server - image: gcr.io/ml-pipeline/google/pipelines/cacheserver:dummy - env: - - - name: DBCONFIG_USER - value: 'root' - - name: DBCONFIG_PASSWORD - value: '' - - - name: CACHE_IMAGE - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_image - - name: CACHE_NODE_RESTRICTIONS - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_node_restrictions - - name: DBCONFIG_DRIVER - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_driver - - name: DBCONFIG_DB_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_database - - name: DBCONFIG_HOST_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_host - - name: DBCONFIG_PORT - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_port - - name: NAMESPACE_TO_WATCH - value: kubeflow - args: ["--db_driver=$(DBCONFIG_DRIVER)", - "--db_host=$(DBCONFIG_HOST_NAME)", - "--db_port=$(DBCONFIG_PORT)", - "--db_name=$(DBCONFIG_DB_NAME)", - "--db_user=$(DBCONFIG_USER)", - "--db_password=$(DBCONFIG_PASSWORD)", - "--namespace_to_watch=$(NAMESPACE_TO_WATCH)", - ] - imagePullPolicy: Always - ports: - - containerPort: 8443 - name: webhook-api - volumeMounts: - - name: webhook-tls-certs - mountPath: /etc/webhook/certs - readOnly: true - volumes: - - name: webhook-tls-certs - secret: - secretName: webhook-server-tls - serviceAccountName: kubeflow-pipelines-cache ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - name: metadata-grpc-deployment -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataserver:dummy - imagePullPolicy: 'Always' - env: - # TODO: merge all into mysql-credential - - - name: DBCONFIG_USER - value: 'root' - - name: DBCONFIG_PASSWORD - value: '' - - - name: MYSQL_DATABASE - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_DATABASE - - name: MYSQL_HOST - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_PORT - command: ["/bin/metadata_store_server"] - args: ["--grpc_port=8080", - "--mysql_config_database=$(MYSQL_DATABASE)", - "--mysql_config_host=$(MYSQL_HOST)", - "--mysql_config_port=$(MYSQL_PORT)", - "--mysql_config_user=$(DBCONFIG_USER)", - "--mysql_config_password=$(DBCONFIG_PASSWORD)", - "--enable_database_upgrade=true" - ] - ports: - - containerPort: 8080 - name: grpc-api - livenessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - readinessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-envoy - labels: - component: metadata-envoy - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-envoy - template: - metadata: - labels: - component: metadata-envoy - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataenvoy:dummy - ports: - - name: md-envoy - containerPort: 9090 - - name: envoy-admin - containerPort: 9901 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-writer - labels: - app: metadata-writer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: metadata-writer - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: metadata-writer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/metadatawriter:dummy - env: - - name: NAMESPACE_TO_WATCH - valueFrom: - fieldRef: - fieldPath: metadata.namespace - serviceAccountName: kubeflow-pipelines-metadata-writer ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: minio - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: minio - app.kubernetes.io/name: my-release - spec: - containers: - - args: - - server - - /data - env: - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: accesskey - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: secretkey - image: gcr.io/ml-pipeline/google/pipelines/minio:dummy - name: minio - ports: - - containerPort: 9000 - volumeMounts: - - mountPath: /data - name: data - subPath: minio - volumes: - - name: data - persistentVolumeClaim: - claimName: minio-pvc ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: mysql - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: mysql - app.kubernetes.io/name: my-release - spec: - serviceAccountName: mysql - containers: - - name: mysql - image: gcr.io/ml-pipeline/google/pipelines/mysql:dummy - args: - # https://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_ignore-db-dir - # Ext4, Btrfs etc. volumes root directories have a lost+found directory that should not be treated as a database. - # ignore-db-dir option has been deprecated in mysql v5.7.16. - # - # If upgrading MySQL to v8.0 fails, try removing /var/lib/mysql/lost+found folder in - # mysql-pv-claim (mysql-persistent-storage): - # - # kubectl exec -it -n kubeflow -- bash - # rm -rf /var/lib/mysql/lost+found - # - # More details on upgrading MySQL can be found here: - # https://dev.mysql.com/doc/refman/8.0/en/upgrade-prerequisites.html - # https://dev.mysql.com/doc/refman/8.0/en/upgrade-docker-mysql.html - - --datadir - - /var/lib/mysql - # MLMD workloads (metadata-grpc-deployment and metadata-writer) depend on mysql_native_password authentication plugin. - # mysql_native_password plugin implements native authentication; that is, authentication based on the password - # hashing method in use from before the introduction of pluggable authentication in MySQL 8.0. - # - # As default_authentication_plugin option is deprecated in MySQL 8.0.27 this needs to be replaced with - # appropriate authentication_policy in the next upgrade. See more details: - # https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin - # https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_authentication_policy - - --default-authentication-plugin=mysql_native_password - # Disable binlog as the logs grow fast and eat up all disk spaces eventually. And KFP doesn't currently utilize binlog. - # https://dev.mysql.com/doc/refman/8.0/en/replication-options-binary-log.html#option_mysqld_log-bin - - --disable-log-bin - env: - - name: MYSQL_ALLOW_EMPTY_PASSWORD - value: "true" - ports: - - containerPort: 3306 - name: mysql - volumeMounts: - - mountPath: /var/lib/mysql - name: mysql-persistent-storage - resources: - requests: - cpu: 100m - memory: 800Mi - volumes: - - name: mysql-persistent-storage - persistentVolumeClaim: - claimName: mysql-pv-claim ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - name: ml-pipeline-persistenceagent -spec: - selector: - matchLabels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - - name: TTL_SECONDS_AFTER_WORKFLOW_FINISH - value: "86400" - image: gcr.io/ml-pipeline/google/pipelines/persistenceagent:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-persistenceagent - resources: - requests: - cpu: 120m - memory: 500Mi - volumeMounts: - - mountPath: /var/run/secrets/kubeflow/tokens - name: persistenceagent-sa-token - serviceAccountName: ml-pipeline-persistenceagent - volumes: - - name: persistenceagent-sa-token - projected: - sources: - - serviceAccountToken: - path: persistenceagent-sa-token - expirationSeconds: 3600 - audience: pipelines.kubeflow.org ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - name: ml-pipeline-scheduledworkflow -spec: - selector: - matchLabels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/scheduledworkflow:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-scheduledworkflow - serviceAccountName: ml-pipeline-scheduledworkflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - selector: - matchLabels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MINIO_NAMESPACE - value: kubeflow - - name: ALLOW_CUSTOM_VISUALIZATIONS - value: "true" - - name: DEPLOYMENT - value: MARKETPLACE - image: gcr.io/ml-pipeline/google/pipelines/frontend:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-ui - ports: - - containerPort: 3000 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 10m - memory: 70Mi - serviceAccountName: ml-pipeline-ui ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - name: ml-pipeline-viewer-crd -spec: - selector: - matchLabels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MAX_NUM_VIEWERS - value: "50" - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/viewercrd:dummy - imagePullPolicy: Always - name: ml-pipeline-viewer-crd - serviceAccountName: ml-pipeline-viewer-crd-service-account ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - name: ml-pipeline-visualizationserver -spec: - selector: - matchLabels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - spec: - containers: - - image: gcr.io/ml-pipeline/google/pipelines/visualizationserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-visualizationserver - ports: - - name: http - containerPort: 8888 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 30m - memory: 500Mi - serviceAccountName: ml-pipeline-visualizationserver ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - name: ml-pipeline -spec: - selector: - matchLabels: - app: ml-pipeline - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - - name: HAS_DEFAULT_BUCKET - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "has_default_bucket" - - name: BUCKET_NAME - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "bucket_name" - - - name: PROJECT_ID - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "project_id" - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DEFAULTPIPELINERUNNERSERVICEACCOUNT - value: 'pipeline-runner' - - name: OBJECTSTORECONFIG_SECURE - value: "false" - - image: gcr.io/ml-pipeline/google/pipelines/apiserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-api-server - ports: - - name: http - containerPort: 8888 - - name: grpc - containerPort: 8887 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 250m - memory: 500Mi - serviceAccountName: ml-pipeline ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - name: proxy-agent -spec: - selector: - matchLabels: - app: proxy-agent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - spec: - hostNetwork: true - containers: - - image: gcr.io/ml-pipeline/google/pipelines/proxyagent:dummy - imagePullPolicy: IfNotPresent - name: proxy-agent - serviceAccountName: proxy-agent-runner ---- -# Source: kubeflow-pipelines/templates/application.yaml -apiVersion: app.k8s.io/v1beta1 -kind: Application -metadata: - name: "my-release" - namespace: "kubeflow" - annotations: - kubernetes-engine.cloud.google.com/icon: >- - data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADMAAAAyCAYAAADx/eOPAAALuUlEQVRogd2afWxd9XnHP99bK4pS3yhiGUIRiiJUVVVqbq8ppdR20ibqpuIMtDRkUYERp29J57gMZVuxsrZiK7oZXVv5re1AiOuoG+N1DMkuytprsGPEVMouxqQZJVHEWIdQlGVxZlmZdb/747zcc869jpMO+seOdPz7nd/L83tev89zzjX8Bq795Rq9o17zXp+Tey+Ijkyboela29DRWkhffyT733pH/Z3este9F2cC6N0kNjxtjD+FdRD8UF9X7u97y7UbQFPAivC0BdllS381slun3s3z3xVhhqeds90tqR/oMB7u68z19ZZra0E/l1if3WOziPx3skrDPTr+bvDxfxImEIJbgX6gGBJ7EfHJX/ySReDHwO9KYAenyWCMFKw21GSeslwa2Z17+TcuzPBRr7B8m6Df5oOJqdPAR/u6cm/2lmv3At+IT3GiXZqbcaxSLsfRoTsvn7XL2jE87ZXGnwf+VGiDY86ETM1wU1+XjvSW/RlgTJADQ2QaCZKWcX1/aDIcjE8i3SdzZLjn0lm8pJXD02417BM+gLmq2Rqjr/d16Vu95dp6wc8Ra5O8NrPIcoZCvIR1H+KZkd2qLcfnRYUZOuorJO+3uQt0RerolGYZR7r5+C9ZATwPviGyQprd6Liszy3bnwVKwGMjPbnFyxJmeNpX2T4gaR/QmmSpyYZTho/2depMb9k/kNh3KawuJ1bWauHzUcyXRpZAv5Zmg7aHBLcmNN9ECAFeAO3s69KZ3nLtDuF9dnBs0IT9JO24rbPb0JfP2syCZpFfE5q1mRWcvlgMNcwMTRq9z/+OWXdx4AGjvX1deqC37DbwPwOrMgsufol5mWMWs1ivEbjTrOCtLNNb+udygqsNbUBtopR/NkuuwTJ6Hxsw67KSuvH5MPDA/nJttfGTdUFCMUlp/ALwOtIs9muBxpnFnBzuSQf21oP/BbXclVvumWuTaDN8WNBm2GizJkxPM0CDMA2WGZ72bbb/Njue2TRj9Il/PcG87SeBz4ZTNaSTsmctHcO8SqDp14d7dCFLZ2v/3OpQ023Ah4n65kohvETUCdcsfmuilD+bpNdgGZvOODuHqYGIVGCec9g7+7o031v2jaBTiD0ysxbHRnZrPktzyz1zK7f0z10nh5pWwLRhvZro1KqznVJhNB8UyDeSsU4zAOiIXV1OuEqQ2AR79nflXgcY6dGLwIvR8q39cy1b+uc2Emo6dI824BpMSxz8iVhy4m/2WiYHdV5UmOHp2mpwm52ESCdwRn+9v0tPAWzpn9sAFAQbMdc60PaHsFZEWd9uxk4z8G3seykECfObTEd2KmuZG4CWyLXkYLMwtiYt+hMsTUdAEZQzjs9apv66SHJRk73ZjBQ+iRu29s+1VEr5OImmXs4MHUahVoLWgK23wbv6OrU4OulcuHYehWsVHhpXwpE2FNRayTszX2cwDpQEzTB+QvrJHCXUaigk+c++aXZiE98YmUVgV19X7u3ypH/fgfUA5h2usY2jNjmWoGVn50nvC9T2NviA5OPBGPW91OlG+0Xa1WJhhqadk3WjpKCilQIQFP19XZocnfIHgIeFWyNh6goXyX6gdNWfU8aJ5tNjEheAHZVS/ruGj0s8k6VPhh6ms6kwgoLl1aGuCEuSpwXfHZ2qrTJ+HHkNCpOjmbdFcEcGUIhUSj/H65rPO6j+766U8i/QXV0z8cqJc4btwF8AtWgtMb1wj+j41Df/s1EYQwdEDiqM3hDes9quGY3IKoYOvCrU7HlCoZtEWapPkzEpsU8uq8b36a6uBqaBv5l45URLpZT/pmGH8LnkvlAdAOt1oeXqRsuYTjlEMJiXvWN/Z+5szfqioKcOKo7qr/nAEesKiOyv2A/q88rOx8+8bPhK5dUTAA8jbUT6MuKnbKteNVHKP23xCeD1LC0F2TWOmzoAKEiWxmC+sr8rN1OerF2HGaqXFcZhDWaYj11S4ZxcXxVqyKqPZOeNTwM7Jkr5BeDPQJ8NFQaoC/gZ26rXT5TyxxAfRx6P94d0gU0pYYama+tsbwix/AHM4fKUrwAeB68kRJ5AZsWWieGTjLipsVCgrKCwKHF7pZQ/RXf104j76i4ZMmquxkzRXb2zUsqfxdxsfCiA70hRjZbpCDHmJcRdeZPDHkVck0Ul5PeHZ81DgHxKtglXaHCxVN9fr5TyR9hW3QA8Amqp5526SyKtBEbZVv1eZeZkbqKU7xfsFJwPqRW29s+11oUxnUhnkHf2dWoB+R5Jv5dNaGHh1wog8d/ZAI+0GgVpFPTp4AfJT2Hup7u6EvMk0tpkboutEz0HMPzHyD+mu3pFpZR/Aug0Pgm0RLkvFzLWYfjDvs7cqfKUt2LuXTLhue5mdWhVDJdEzxDDcRKawceN9lRePVkDfgBcR/LKVqNpz/s08DO6q4VKKT8j8zHgJ1HyzA1P11YZjfV1arw85auBR4RalDB5lEjDKi0CgPPphKZ0QiNRwUQeg88B2ydKreew9yH1NCxe/r4GaZpt1Vsrh/JnDDcBLwPkbLVgf6s86RXYj4KvtJKJM8KsGLkSlsmUL6mSg1RJY1xD7KmU8sfprnYgBqJsGVsiEfupsca7FfMo26p/OfHKiVqllB8HyPV16VxfV66G/G1QBwY5xvCgTT7X3/MTaBbFVr0fJvqw2ASZ+yul/FN0V68CHsesiDl3UopM3CwhDZDD/Dnwj3S/sjoYAMqTtc1YX02jVqYOiuuqsAKIkqZCfFIz/IrfFY8gDrKt2gI8irSuwQezyTeNaOl+6qYb+fpYGKEXJE9GSTObK5ItrheaLHE5/XRKcHul+kYN8x2kzWlLNNuVtUqibzKW5CBjxUoszO7NWrS1E/xWvMeJjck2WQHEKJeMD+qH4gWCSvg00m3AVxv5TMRKsp9Cs0Q/Ka/1BOZQNBSXMz2b9Q5oO9JCKgkqg2aKofl8uvTPeE1w3t5KKf8y26pFxINhLRa5R9JV6huT/aZuFu7Ds+A9jBdj+VIvZz2b9BL2Xi5yJQEgUFqinI9SZBDx358o5Q/HiRGtquOEmxJu6DcbC/afQWxnvHg+Odrwm2bP5txh5OEYjOM3vaiu8qqHJw1mPmK/Xs7HJf0LRncDMF5cAL6NWUxDrX/duwbczljxjSzvTX+gtXU3MBlrRCltrsxBTgorACKrRGf5bczOiVLrhUL74B2F9oHVjBd/iLwTWEhr+CIWaLYumDjIWLHha+aSwvRs1iJmJ9Kb9ZJRETS3ACsMC8i1ZNwgXZDYWTmU/1WhfeAW8Cjo+UL7wDrGik8jfid0kYz/Z2ODepv+GPIY+FAznpcUJhAo9w5mh81CFtEsWieCTzwXkogmfKBSyh8ttA98EDPqoPouYqYLxYEPMVY8itmEeTM+KEaqZhVAkiPPIL6QDPhLFiYQSC9J7M3mGlF/24zWSvwIM1xoH2gF/sFiTcSPxQakqUJxsIPx4jGCr0AzCUYTbROJ7DPAdsbSAX9ZwgDs3qTDiMGUOxF/1DgfekLVsPf0sw8DPARsDNwy8iYBXov4p0L7wC2MF99CfBJ4rqmbJbO/qYE+x1jx5HK8Xtp/aFgHDM/FX+RM9FFjHjjj4NV3HvlPsP4g+SqQgm6zCuvJQnHgi4wVz2JuAj8RnLGEVaCf8Y8cuRQ2L0mYEBB2Gb8ZHKD4NQBx+0Qpf7LQPrAVVGqiiWTpCcEn4QcLxcF7C7+aXMDahT1YX5IS5DHE/ZfC4yULEwr0DtIOWwuuvwZ8rVLKP1soDqzHPGJoyRao9b4SXiQQ30A8eO1/PJ8D7gK+BtQSJcQM8AXGlg747LUkmi91lad8J3CuZ5OeBii0D64ET2FdH1N0omWJvgLPkvwM8LmZf7lrnm3VO4CHsM4DH2P8I8vGSfK67P9q8v9wWPAcQLH4PbBHbK6Pq+3M9+Ml+6FL2dyC+WmhOLiWseKPMDeDd12uIPBrWCZ5Xds++AHsAwGlBKnoB5747c2J+aSJEuvRL8CDv/2Zz+cqh/LL/gPD//vrfwFjcI5oX6jDBwAAAABJRU5ErkJggg== - marketplace.cloud.google.com/deploy-info: '{"partner_id": "ml-pipeline", "product_id": "kubeflow-pipelines", "partner_name": "Google Cloud AI Platform"}' - labels: - app.kubernetes.io/name: "my-release" -spec: - descriptor: - type: Kubeflow Pipelines - version: 2.1.0 - description: |- - Reusable end-to-end ML workflow - maintainers: - - name: Google Cloud AI Platform - url: https://cloud.google.com/ai-platform/ - - name: Kubeflow Pipelines - url: https://github.com/kubeflow/pipelines - links: - - description: 'Kubeflow Pipelines Documentation' - url: https://www.kubeflow.org/docs/pipelines/ - notes: |- - Please go to [Hosted Kubeflow Pipelines Console](https://console.cloud.google.com/ai-platform/pipelines/clusters). - info: - - name: Application Namespace - value: "kubeflow" - - name: Console - value: 'https://console.cloud.google.com/ai-platform/pipelines/clusters' - componentKinds: - - group: v1 - kind: ServiceAccount - - group: rbac.authorization.k8s.io/v1 - kind: Role - - group: rbac.authorization.k8s.io/v1 - kind: RoleBinding - - group: v1 - kind: Service - - group: v1 - kind: ConfigMap - - group: v1 - kind: Secret - - group: apps/v1 - kind: Deployment ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: scheduling.k8s.io/v1 -kind: PriorityClass -metadata: - name: workflow-controller -value: 1000000 diff --git a/manifests/gcp_marketplace/test/snapshot-emissary.yaml b/manifests/gcp_marketplace/test/snapshot-emissary.yaml deleted file mode 100644 index ce4f8c6c877..00000000000 --- a/manifests/gcp_marketplace/test/snapshot-emissary.yaml +++ /dev/null @@ -1,2779 +0,0 @@ ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache-deployer-sa - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-metadata-writer - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-persistenceagent - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-scheduledworkflow - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-ui - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-viewer-crd-service-account - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-visualizationserver - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-container-builder ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: proxy-agent-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - accesskey: bWluaW8= - secretkey: bWluaW8xMjM= -kind: Secret -metadata: - name: mlpipeline-minio-artifact - labels: - app.kubernetes.io/name: "my-release" -type: Opaque ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: Secret -metadata: - name: ml-pipeline-install-secret-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install secrets. There's no effect modifying this. -type: Opaque -# ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Secret -metadata: - name: mlpipeline-minio-artifact -stringData: - accesskey: minio - secretkey: minio123 ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - # References: - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/config/config.go - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.md - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.yaml - - # Choice of an executor is deprecated in favor of emissary executor - executor: | - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 0.01 - memory: 32Mi - limits: - cpu: 0.5 - memory: 512Mi - - # Note, some-string-{{without}}-template-interpretation is a way to avoid some brackets interpreted as template. - # Reference: https://github.com/helm/helm/issues/2798#issuecomment-467319526 - artifactRepository: | - archiveLogs: true - s3: - endpoint: "minio-service.kubeflow:9000" - bucket: "mlpipeline" - # keyFormat is a format pattern to define how artifacts will be organized in a bucket. - # It can reference workflow metadata variables such as workflow.namespace, workflow.name, - # pod.name. Can also use strftime formating of workflow.creationTimestamp so that workflow - # artifacts can be organized by date. If omitted, will use workflow.name/pod.name, - # which has potential for have collisions, because names do not guarantee they are unique - # over the lifetime of the cluster. - # Refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. - # - # The following format looks like: - # artifacts/my-workflow-abc123/2018/08/23/my-workflow-abc123-1234567890 - # Adding date into the path greatly reduces the chance of pod.name collision. - keyFormat: "artifacts/{{workflow.name}}/{{workflow.creationTimestamp.Y}}/{{workflow.creationTimestamp.m}}/{{workflow.creationTimestamp.d}}/{{pod.name}}" - # insecure will disable TLS. Primarily used for minio installs not configured with TLS - insecure: true - accessKeySecret: - name: mlpipeline-minio-artifact - key: accesskey - secretKeySecret: - name: mlpipeline-minio-artifact - key: secretkey -kind: ConfigMap -metadata: - name: workflow-controller-configmap - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: cache-configmap - labels: - component: cache-server -data: - mysql_database: 'my_release_cachedb' - mysql_driver: "mysql" - mysql_host: "mysql" - mysql_port: "3306" - cache_image: "gcr.io/google-containers/busybox" - cache_node_restrictions: "false" ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: ml-pipeline-install-config-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install parameters. There's no effect modifying this. -data: - appName: 'my-release' - namespace: 'kubeflow' - emissaryExecutor: 'true' - managedStorageEnabled: 'false' - # ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-mysql-configmap - labels: - component: metadata-server -data: - MYSQL_DATABASE: 'my_release_metadata' - MYSQL_HOST: "mysql" - MYSQL_PORT: "3306" ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-grpc-configmap - labels: - component: metadata-grpc-server -data: - METADATA_GRPC_SERVICE_HOST: "metadata-grpc-service" - METADATA_GRPC_SERVICE_PORT: "8080" ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: inverse-proxy-config - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/minio.yaml ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: minio-pvc - labels: - app.kubernetes.io/name: my-release -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 20Gi ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mysql-pv-claim - labels: - app.kubernetes.io/name: my-release -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 20Gi ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: Workflow - listKind: WorkflowList - plural: workflows - shortNames: - - wf - singular: workflow - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Status of the workflow - jsonPath: .status.phase - name: Status - type: string - - description: When the workflow was started - format: date-time - jsonPath: .status.startedAt - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: ClusterWorkflowTemplate - listKind: ClusterWorkflowTemplateList - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft - singular: clusterworkflowtemplate - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: CronWorkflow - listKind: CronWorkflowList - plural: cronworkflows - shortNames: - - cwf - - cronwf - singular: cronworkflow - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workfloweventbindings.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowEventBinding - listKind: WorkflowEventBindingList - plural: workfloweventbindings - shortNames: - - wfeb - singular: workfloweventbinding - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowTemplate - listKind: WorkflowTemplateList - plural: workflowtemplates - shortNames: - - wftmpl - singular: workflowtemplate - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtaskresults.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskResult - listKind: WorkflowTaskResultList - plural: workflowtaskresults - singular: workflowtaskresult - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - message: - type: string - metadata: - type: object - outputs: - properties: - artifacts: - items: - properties: - archive: - properties: - none: - type: object - tar: - properties: - compressionLevel: - format: int32 - type: integer - type: object - zip: - type: object - type: object - archiveLogs: - type: boolean - artifactory: - properties: - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - url: - type: string - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - url - type: object - from: - type: string - fromExpression: - type: string - gcs: - properties: - bucket: - type: string - key: - type: string - serviceAccountKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - key - type: object - git: - properties: - depth: - format: int64 - type: integer - disableSubmodules: - type: boolean - fetch: - items: - type: string - type: array - insecureIgnoreHostKey: - type: boolean - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - repo: - type: string - revision: - type: string - sshPrivateKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - repo - type: object - globalName: - type: string - hdfs: - properties: - addresses: - items: - type: string - type: array - force: - type: boolean - hdfsUser: - type: string - krbCCacheSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbConfigConfigMap: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbKeytabSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbRealm: - type: string - krbServicePrincipalName: - type: string - krbUsername: - type: string - path: - type: string - required: - - path - type: object - http: - properties: - headers: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - url: - type: string - required: - - url - type: object - mode: - format: int32 - type: integer - name: - type: string - optional: - type: boolean - oss: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - type: boolean - endpoint: - type: string - key: - type: string - lifecycleRule: - properties: - markDeletionAfterDays: - format: int32 - type: integer - markInfrequentAccessAfterDays: - format: int32 - type: integer - type: object - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - securityToken: - type: string - required: - - key - type: object - path: - type: string - raw: - properties: - data: - type: string - required: - - data - type: object - recurseMode: - type: boolean - s3: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - properties: - objectLocking: - type: boolean - type: object - encryptionOptions: - properties: - enableEncryption: - type: boolean - kmsEncryptionContext: - type: string - kmsKeyId: - type: string - serverSideCustomerKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - endpoint: - type: string - insecure: - type: boolean - key: - type: string - region: - type: string - roleARN: - type: string - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - useSDKCreds: - type: boolean - type: object - subPath: - type: string - required: - - name - type: object - type: array - exitCode: - type: string - parameters: - items: - properties: - default: - type: string - description: - type: string - enum: - items: - type: string - type: array - globalName: - type: string - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - default: - type: string - event: - type: string - expression: - type: string - jqFilter: - type: string - jsonPath: - type: string - parameter: - type: string - path: - type: string - supplied: - type: object - type: object - required: - - name - type: object - type: array - result: - type: string - type: object - phase: - type: string - progress: - type: string - required: - - metadata - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtasksets.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskSet - listKind: WorkflowTaskSetList - plural: workflowtasksets - shortNames: - - wfts - singular: workflowtaskset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: scheduledworkflows.kubeflow.org - labels: - app.kubernetes.io/name: my-release -spec: - group: kubeflow.org - names: - kind: ScheduledWorkflow - listKind: ScheduledWorkflowList - plural: scheduledworkflows - shortNames: - - swf - singular: scheduledworkflow - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - status: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - - status - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: my-release - name: viewers.kubeflow.org -spec: - group: kubeflow.org - names: - kind: Viewer - listKind: ViewerList - plural: viewers - shortNames: - - vi - singular: viewer - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-clusterrole - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-clusterrole -rules: -- apiGroups: - - certificates.k8s.io - resources: - - certificatesigningrequests - - certificatesigningrequests/approval - verbs: - - create - - delete - - get - - update -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - delete - - get - - list - - patch -- apiGroups: - - certificates.k8s.io - resources: - - signers - resourceNames: - - kubernetes.io/* - verbs: - - approve ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-clusterrolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kubeflow-pipelines-cache-deployer-clusterrole -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argo-role - labels: - app.kubernetes.io/name: "my-release" -rules: -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - update -- apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - persistentvolumeclaims - - persistentvolumeclaims/finalizers - verbs: - - create - - update - - delete - - get -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtasksets - - workflowtasksets/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete - - create -- apiGroups: - - argoproj.io - resources: - - workflowtemplates - - workflowtemplates/finalizers - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - argoproj.io - resources: - - workflowtaskresults - verbs: - - list - - watch - - deletecollection -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - "" - resources: - - secrets - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - cronworkflows - - cronworkflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - create - - get - - delete ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - patch - - list ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-metadata-writer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-metadata-writer-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-persistenceagent-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - get - - list - - watch - - apiGroups: - - pipelines.kubeflow.org - resources: - - scheduledworkflows - - workflows - verbs: - - report - - apiGroups: - - '' - resources: - - namespaces - verbs: - - get - - apiGroups: - - '' - resources: - - events - verbs: - - create - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-scheduledworkflow-role - name: ml-pipeline-scheduledworkflow-role -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -rules: - - apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - create - - get - - list - - apiGroups: - - "" - resources: - - events - verbs: - - list - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - delete - - apiGroups: - - "argoproj.io" - resources: - - workflows - verbs: - - get - - list ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-viewer-controller-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - '*' - resources: - - deployments - - services - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - delete - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list - - apiGroups: - - "" - resources: - - persistentvolumes - - persistentvolumeclaims - verbs: - - '*' - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - create - - delete - - get - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - "" - resources: - - pods - - pods/exec - - pods/log - - services - verbs: - - '*' - - apiGroups: - - "" - - apps - - extensions - resources: - - deployments - - replicasets - verbs: - - '*' - - apiGroups: - - kubeflow.org - resources: - - '*' - verbs: - - '*' - - apiGroups: - - batch - resources: - - jobs - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: proxy-agent-runner - app.kubernetes.io/name: my-release - name: proxy-agent-runner -rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argo-binding - labels: - app.kubernetes.io/name: "my-release" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argo-role -subjects: -- kind: ServiceAccount - name: argo - namespace: "kubeflow" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-rolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-deployer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-metadata-writer-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-metadata-writer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-metadata-writer - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-persistenceagent-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-persistenceagent-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-persistenceagent - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-scheduledworkflow-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-scheduledworkflow-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-scheduledworkflow - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-ui -subjects: - - kind: ServiceAccount - name: ml-pipeline-ui - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline -subjects: - - kind: ServiceAccount - name: ml-pipeline - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pipeline-runner-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: pipeline-runner -subjects: - - kind: ServiceAccount - name: pipeline-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-viewer-crd-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-viewer-controller-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-viewer-crd-service-account - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: proxy-agent-runner - name: proxy-agent-runner -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: proxy-agent-runner -subjects: - - kind: ServiceAccount - name: proxy-agent-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: Service -metadata: - annotations: - workflows.argoproj.io/description: | - This service is deprecated. It will be removed in v3.4. - - https://github.com/argoproj/argo-workflows/issues/8441 - labels: - app: workflow-controller - name: workflow-controller-metrics -spec: - ports: - - name: metrics - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: workflow-controller ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: Service -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - selector: - app: cache-server - app.kubernetes.io/name: my-release - ports: - - port: 443 - targetPort: webhook-api ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-grpc-service -spec: - ports: - - name: grpc-api - port: 8080 - protocol: TCP - selector: - component: metadata-grpc-server - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -kind: Service -apiVersion: v1 -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-envoy-service -spec: - selector: - component: metadata-envoy - type: ClusterIP - ports: - - port: 9090 - protocol: TCP - name: md-envoy ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Service -metadata: - name: minio-service - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - ports: - - port: 9000 - protocol: TCP - targetPort: 9000 - selector: - app: minio - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: Service -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - port: 3306 - selector: - - app: mysql - - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - ports: - - port: 80 - targetPort: 3000 - selector: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline-visualizationserver -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - selector: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - - name: grpc - port: 8887 - protocol: TCP - targetPort: 8887 - selector: - app: ml-pipeline - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: workflow-controller - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" -spec: - selector: - matchLabels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - template: - metadata: - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - spec: - serviceAccountName: argo - containers: - - name: workflow-controller - image: "gcr.io/ml-pipeline/google/pipelines/argoworkflowcontroller:dummy" - command: - - workflow-controller - args: - - --configmap - - workflow-controller-configmap - - --executor-image - - "gcr.io/ml-pipeline/google/pipelines/argoexecutor:dummy" - - --namespaced - env: - - name: LEADER_ELECTION_IDENTITY - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - ports: - - name: metrics - containerPort: 9090 - - containerPort: 6060 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 6060 - initialDelaySeconds: 90 - periodSeconds: 60 - timeoutSeconds: 30 - resources: - requests: - cpu: 100m - memory: 500Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - nodeSelector: - kubernetes.io/os: linux - priorityClassName: workflow-controller - securityContext: - runAsNonRoot: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-deployer-deployment - labels: - app: cache-deployer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-deployer - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: cache-deployer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/cachedeployer:dummy - imagePullPolicy: Always - env: - - name: NAMESPACE_TO_WATCH - value: kubeflow - serviceAccountName: kubeflow-pipelines-cache-deployer-sa - restartPolicy: Always ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: cache-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: server - image: gcr.io/ml-pipeline/google/pipelines/cacheserver:dummy - env: - - - name: DBCONFIG_USER - value: 'root' - - name: DBCONFIG_PASSWORD - value: '' - - - name: CACHE_IMAGE - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_image - - name: CACHE_NODE_RESTRICTIONS - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_node_restrictions - - name: DBCONFIG_DRIVER - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_driver - - name: DBCONFIG_DB_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_database - - name: DBCONFIG_HOST_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_host - - name: DBCONFIG_PORT - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_port - - name: NAMESPACE_TO_WATCH - value: kubeflow - args: ["--db_driver=$(DBCONFIG_DRIVER)", - "--db_host=$(DBCONFIG_HOST_NAME)", - "--db_port=$(DBCONFIG_PORT)", - "--db_name=$(DBCONFIG_DB_NAME)", - "--db_user=$(DBCONFIG_USER)", - "--db_password=$(DBCONFIG_PASSWORD)", - "--namespace_to_watch=$(NAMESPACE_TO_WATCH)", - ] - imagePullPolicy: Always - ports: - - containerPort: 8443 - name: webhook-api - volumeMounts: - - name: webhook-tls-certs - mountPath: /etc/webhook/certs - readOnly: true - volumes: - - name: webhook-tls-certs - secret: - secretName: webhook-server-tls - serviceAccountName: kubeflow-pipelines-cache ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - name: metadata-grpc-deployment -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataserver:dummy - imagePullPolicy: 'Always' - env: - # TODO: merge all into mysql-credential - - - name: DBCONFIG_USER - value: 'root' - - name: DBCONFIG_PASSWORD - value: '' - - - name: MYSQL_DATABASE - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_DATABASE - - name: MYSQL_HOST - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_PORT - command: ["/bin/metadata_store_server"] - args: ["--grpc_port=8080", - "--mysql_config_database=$(MYSQL_DATABASE)", - "--mysql_config_host=$(MYSQL_HOST)", - "--mysql_config_port=$(MYSQL_PORT)", - "--mysql_config_user=$(DBCONFIG_USER)", - "--mysql_config_password=$(DBCONFIG_PASSWORD)", - "--enable_database_upgrade=true" - ] - ports: - - containerPort: 8080 - name: grpc-api - livenessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - readinessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-envoy - labels: - component: metadata-envoy - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-envoy - template: - metadata: - labels: - component: metadata-envoy - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataenvoy:dummy - ports: - - name: md-envoy - containerPort: 9090 - - name: envoy-admin - containerPort: 9901 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-writer - labels: - app: metadata-writer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: metadata-writer - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: metadata-writer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/metadatawriter:dummy - env: - - name: NAMESPACE_TO_WATCH - valueFrom: - fieldRef: - fieldPath: metadata.namespace - serviceAccountName: kubeflow-pipelines-metadata-writer ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: minio - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: minio - app.kubernetes.io/name: my-release - spec: - containers: - - args: - - server - - /data - env: - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: accesskey - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: secretkey - image: gcr.io/ml-pipeline/google/pipelines/minio:dummy - name: minio - ports: - - containerPort: 9000 - volumeMounts: - - mountPath: /data - name: data - subPath: minio - volumes: - - name: data - persistentVolumeClaim: - claimName: minio-pvc ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: mysql - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: mysql - app.kubernetes.io/name: my-release - spec: - serviceAccountName: mysql - containers: - - name: mysql - image: gcr.io/ml-pipeline/google/pipelines/mysql:dummy - args: - # https://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_ignore-db-dir - # Ext4, Btrfs etc. volumes root directories have a lost+found directory that should not be treated as a database. - # ignore-db-dir option has been deprecated in mysql v5.7.16. - # - # If upgrading MySQL to v8.0 fails, try removing /var/lib/mysql/lost+found folder in - # mysql-pv-claim (mysql-persistent-storage): - # - # kubectl exec -it -n kubeflow -- bash - # rm -rf /var/lib/mysql/lost+found - # - # More details on upgrading MySQL can be found here: - # https://dev.mysql.com/doc/refman/8.0/en/upgrade-prerequisites.html - # https://dev.mysql.com/doc/refman/8.0/en/upgrade-docker-mysql.html - - --datadir - - /var/lib/mysql - # MLMD workloads (metadata-grpc-deployment and metadata-writer) depend on mysql_native_password authentication plugin. - # mysql_native_password plugin implements native authentication; that is, authentication based on the password - # hashing method in use from before the introduction of pluggable authentication in MySQL 8.0. - # - # As default_authentication_plugin option is deprecated in MySQL 8.0.27 this needs to be replaced with - # appropriate authentication_policy in the next upgrade. See more details: - # https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin - # https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_authentication_policy - - --default-authentication-plugin=mysql_native_password - # Disable binlog as the logs grow fast and eat up all disk spaces eventually. And KFP doesn't currently utilize binlog. - # https://dev.mysql.com/doc/refman/8.0/en/replication-options-binary-log.html#option_mysqld_log-bin - - --disable-log-bin - env: - - name: MYSQL_ALLOW_EMPTY_PASSWORD - value: "true" - ports: - - containerPort: 3306 - name: mysql - volumeMounts: - - mountPath: /var/lib/mysql - name: mysql-persistent-storage - resources: - requests: - cpu: 100m - memory: 800Mi - volumes: - - name: mysql-persistent-storage - persistentVolumeClaim: - claimName: mysql-pv-claim ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - name: ml-pipeline-persistenceagent -spec: - selector: - matchLabels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - - name: TTL_SECONDS_AFTER_WORKFLOW_FINISH - value: "86400" - image: gcr.io/ml-pipeline/google/pipelines/persistenceagent:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-persistenceagent - resources: - requests: - cpu: 120m - memory: 500Mi - volumeMounts: - - mountPath: /var/run/secrets/kubeflow/tokens - name: persistenceagent-sa-token - serviceAccountName: ml-pipeline-persistenceagent - volumes: - - name: persistenceagent-sa-token - projected: - sources: - - serviceAccountToken: - path: persistenceagent-sa-token - expirationSeconds: 3600 - audience: pipelines.kubeflow.org ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - name: ml-pipeline-scheduledworkflow -spec: - selector: - matchLabels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/scheduledworkflow:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-scheduledworkflow - serviceAccountName: ml-pipeline-scheduledworkflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - selector: - matchLabels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MINIO_NAMESPACE - value: kubeflow - - name: ALLOW_CUSTOM_VISUALIZATIONS - value: "true" - - name: DEPLOYMENT - value: MARKETPLACE - image: gcr.io/ml-pipeline/google/pipelines/frontend:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-ui - ports: - - containerPort: 3000 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 10m - memory: 70Mi - serviceAccountName: ml-pipeline-ui ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - name: ml-pipeline-viewer-crd -spec: - selector: - matchLabels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MAX_NUM_VIEWERS - value: "50" - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/viewercrd:dummy - imagePullPolicy: Always - name: ml-pipeline-viewer-crd - serviceAccountName: ml-pipeline-viewer-crd-service-account ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - name: ml-pipeline-visualizationserver -spec: - selector: - matchLabels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - spec: - containers: - - image: gcr.io/ml-pipeline/google/pipelines/visualizationserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-visualizationserver - ports: - - name: http - containerPort: 8888 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 30m - memory: 500Mi - serviceAccountName: ml-pipeline-visualizationserver ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - name: ml-pipeline -spec: - selector: - matchLabels: - app: ml-pipeline - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - - name: HAS_DEFAULT_BUCKET - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "has_default_bucket" - - name: BUCKET_NAME - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "bucket_name" - - - name: PROJECT_ID - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "project_id" - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DEFAULTPIPELINERUNNERSERVICEACCOUNT - value: 'pipeline-runner' - - name: OBJECTSTORECONFIG_SECURE - value: "false" - - image: gcr.io/ml-pipeline/google/pipelines/apiserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-api-server - ports: - - name: http - containerPort: 8888 - - name: grpc - containerPort: 8887 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 250m - memory: 500Mi - serviceAccountName: ml-pipeline ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - name: proxy-agent -spec: - selector: - matchLabels: - app: proxy-agent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - spec: - hostNetwork: true - containers: - - image: gcr.io/ml-pipeline/google/pipelines/proxyagent:dummy - imagePullPolicy: IfNotPresent - name: proxy-agent - serviceAccountName: proxy-agent-runner ---- -# Source: kubeflow-pipelines/templates/application.yaml -apiVersion: app.k8s.io/v1beta1 -kind: Application -metadata: - name: "my-release" - namespace: "kubeflow" - annotations: - kubernetes-engine.cloud.google.com/icon: >- - data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADMAAAAyCAYAAADx/eOPAAALuUlEQVRogd2afWxd9XnHP99bK4pS3yhiGUIRiiJUVVVqbq8ppdR20ibqpuIMtDRkUYERp29J57gMZVuxsrZiK7oZXVv5re1AiOuoG+N1DMkuytprsGPEVMouxqQZJVHEWIdQlGVxZlmZdb/747zcc869jpMO+seOdPz7nd/L83tev89zzjX8Bq795Rq9o17zXp+Tey+Ijkyboela29DRWkhffyT733pH/Z3este9F2cC6N0kNjxtjD+FdRD8UF9X7u97y7UbQFPAivC0BdllS381slun3s3z3xVhhqeds90tqR/oMB7u68z19ZZra0E/l1if3WOziPx3skrDPTr+bvDxfxImEIJbgX6gGBJ7EfHJX/ySReDHwO9KYAenyWCMFKw21GSeslwa2Z17+TcuzPBRr7B8m6Df5oOJqdPAR/u6cm/2lmv3At+IT3GiXZqbcaxSLsfRoTsvn7XL2jE87ZXGnwf+VGiDY86ETM1wU1+XjvSW/RlgTJADQ2QaCZKWcX1/aDIcjE8i3SdzZLjn0lm8pJXD02417BM+gLmq2Rqjr/d16Vu95dp6wc8Ra5O8NrPIcoZCvIR1H+KZkd2qLcfnRYUZOuorJO+3uQt0RerolGYZR7r5+C9ZATwPviGyQprd6Liszy3bnwVKwGMjPbnFyxJmeNpX2T4gaR/QmmSpyYZTho/2depMb9k/kNh3KawuJ1bWauHzUcyXRpZAv5Zmg7aHBLcmNN9ECAFeAO3s69KZ3nLtDuF9dnBs0IT9JO24rbPb0JfP2syCZpFfE5q1mRWcvlgMNcwMTRq9z/+OWXdx4AGjvX1deqC37DbwPwOrMgsufol5mWMWs1ivEbjTrOCtLNNb+udygqsNbUBtopR/NkuuwTJ6Hxsw67KSuvH5MPDA/nJttfGTdUFCMUlp/ALwOtIs9muBxpnFnBzuSQf21oP/BbXclVvumWuTaDN8WNBm2GizJkxPM0CDMA2WGZ72bbb/Njue2TRj9Il/PcG87SeBz4ZTNaSTsmctHcO8SqDp14d7dCFLZ2v/3OpQ023Ah4n65kohvETUCdcsfmuilD+bpNdgGZvOODuHqYGIVGCec9g7+7o031v2jaBTiD0ysxbHRnZrPktzyz1zK7f0z10nh5pWwLRhvZro1KqznVJhNB8UyDeSsU4zAOiIXV1OuEqQ2AR79nflXgcY6dGLwIvR8q39cy1b+uc2Emo6dI824BpMSxz8iVhy4m/2WiYHdV5UmOHp2mpwm52ESCdwRn+9v0tPAWzpn9sAFAQbMdc60PaHsFZEWd9uxk4z8G3seykECfObTEd2KmuZG4CWyLXkYLMwtiYt+hMsTUdAEZQzjs9apv66SHJRk73ZjBQ+iRu29s+1VEr5OImmXs4MHUahVoLWgK23wbv6OrU4OulcuHYehWsVHhpXwpE2FNRayTszX2cwDpQEzTB+QvrJHCXUaigk+c++aXZiE98YmUVgV19X7u3ypH/fgfUA5h2usY2jNjmWoGVn50nvC9T2NviA5OPBGPW91OlG+0Xa1WJhhqadk3WjpKCilQIQFP19XZocnfIHgIeFWyNh6goXyX6gdNWfU8aJ5tNjEheAHZVS/ruGj0s8k6VPhh6ms6kwgoLl1aGuCEuSpwXfHZ2qrTJ+HHkNCpOjmbdFcEcGUIhUSj/H65rPO6j+766U8i/QXV0z8cqJc4btwF8AtWgtMb1wj+j41Df/s1EYQwdEDiqM3hDes9quGY3IKoYOvCrU7HlCoZtEWapPkzEpsU8uq8b36a6uBqaBv5l45URLpZT/pmGH8LnkvlAdAOt1oeXqRsuYTjlEMJiXvWN/Z+5szfqioKcOKo7qr/nAEesKiOyv2A/q88rOx8+8bPhK5dUTAA8jbUT6MuKnbKteNVHKP23xCeD1LC0F2TWOmzoAKEiWxmC+sr8rN1OerF2HGaqXFcZhDWaYj11S4ZxcXxVqyKqPZOeNTwM7Jkr5BeDPQJ8NFQaoC/gZ26rXT5TyxxAfRx6P94d0gU0pYYama+tsbwix/AHM4fKUrwAeB68kRJ5AZsWWieGTjLipsVCgrKCwKHF7pZQ/RXf104j76i4ZMmquxkzRXb2zUsqfxdxsfCiA70hRjZbpCDHmJcRdeZPDHkVck0Ul5PeHZ81DgHxKtglXaHCxVN9fr5TyR9hW3QA8Amqp5526SyKtBEbZVv1eZeZkbqKU7xfsFJwPqRW29s+11oUxnUhnkHf2dWoB+R5Jv5dNaGHh1wog8d/ZAI+0GgVpFPTp4AfJT2Hup7u6EvMk0tpkboutEz0HMPzHyD+mu3pFpZR/Aug0Pgm0RLkvFzLWYfjDvs7cqfKUt2LuXTLhue5mdWhVDJdEzxDDcRKawceN9lRePVkDfgBcR/LKVqNpz/s08DO6q4VKKT8j8zHgJ1HyzA1P11YZjfV1arw85auBR4RalDB5lEjDKi0CgPPphKZ0QiNRwUQeg88B2ydKreew9yH1NCxe/r4GaZpt1Vsrh/JnDDcBLwPkbLVgf6s86RXYj4KvtJKJM8KsGLkSlsmUL6mSg1RJY1xD7KmU8sfprnYgBqJsGVsiEfupsca7FfMo26p/OfHKiVqllB8HyPV16VxfV66G/G1QBwY5xvCgTT7X3/MTaBbFVr0fJvqw2ASZ+yul/FN0V68CHsesiDl3UopM3CwhDZDD/Dnwj3S/sjoYAMqTtc1YX02jVqYOiuuqsAKIkqZCfFIz/IrfFY8gDrKt2gI8irSuwQezyTeNaOl+6qYb+fpYGKEXJE9GSTObK5ItrheaLHE5/XRKcHul+kYN8x2kzWlLNNuVtUqibzKW5CBjxUoszO7NWrS1E/xWvMeJjck2WQHEKJeMD+qH4gWCSvg00m3AVxv5TMRKsp9Cs0Q/Ka/1BOZQNBSXMz2b9Q5oO9JCKgkqg2aKofl8uvTPeE1w3t5KKf8y26pFxINhLRa5R9JV6huT/aZuFu7Ds+A9jBdj+VIvZz2b9BL2Xi5yJQEgUFqinI9SZBDx358o5Q/HiRGtquOEmxJu6DcbC/afQWxnvHg+Odrwm2bP5txh5OEYjOM3vaiu8qqHJw1mPmK/Xs7HJf0LRncDMF5cAL6NWUxDrX/duwbczljxjSzvTX+gtXU3MBlrRCltrsxBTgorACKrRGf5bczOiVLrhUL74B2F9oHVjBd/iLwTWEhr+CIWaLYumDjIWLHha+aSwvRs1iJmJ9Kb9ZJRETS3ACsMC8i1ZNwgXZDYWTmU/1WhfeAW8Cjo+UL7wDrGik8jfid0kYz/Z2ODepv+GPIY+FAznpcUJhAo9w5mh81CFtEsWieCTzwXkogmfKBSyh8ttA98EDPqoPouYqYLxYEPMVY8itmEeTM+KEaqZhVAkiPPIL6QDPhLFiYQSC9J7M3mGlF/24zWSvwIM1xoH2gF/sFiTcSPxQakqUJxsIPx4jGCr0AzCUYTbROJ7DPAdsbSAX9ZwgDs3qTDiMGUOxF/1DgfekLVsPf0sw8DPARsDNwy8iYBXov4p0L7wC2MF99CfBJ4rqmbJbO/qYE+x1jx5HK8Xtp/aFgHDM/FX+RM9FFjHjjj4NV3HvlPsP4g+SqQgm6zCuvJQnHgi4wVz2JuAj8RnLGEVaCf8Y8cuRQ2L0mYEBB2Gb8ZHKD4NQBx+0Qpf7LQPrAVVGqiiWTpCcEn4QcLxcF7C7+aXMDahT1YX5IS5DHE/ZfC4yULEwr0DtIOWwuuvwZ8rVLKP1soDqzHPGJoyRao9b4SXiQQ30A8eO1/PJ8D7gK+BtQSJcQM8AXGlg747LUkmi91lad8J3CuZ5OeBii0D64ET2FdH1N0omWJvgLPkvwM8LmZf7lrnm3VO4CHsM4DH2P8I8vGSfK67P9q8v9wWPAcQLH4PbBHbK6Pq+3M9+Ml+6FL2dyC+WmhOLiWseKPMDeDd12uIPBrWCZ5Xds++AHsAwGlBKnoB5747c2J+aSJEuvRL8CDv/2Zz+cqh/LL/gPD//vrfwFjcI5oX6jDBwAAAABJRU5ErkJggg== - marketplace.cloud.google.com/deploy-info: '{"partner_id": "ml-pipeline", "product_id": "kubeflow-pipelines", "partner_name": "Google Cloud AI Platform"}' - labels: - app.kubernetes.io/name: "my-release" -spec: - descriptor: - type: Kubeflow Pipelines - version: 2.1.0 - description: |- - Reusable end-to-end ML workflow - maintainers: - - name: Google Cloud AI Platform - url: https://cloud.google.com/ai-platform/ - - name: Kubeflow Pipelines - url: https://github.com/kubeflow/pipelines - links: - - description: 'Kubeflow Pipelines Documentation' - url: https://www.kubeflow.org/docs/pipelines/ - notes: |- - Please go to [Hosted Kubeflow Pipelines Console](https://console.cloud.google.com/ai-platform/pipelines/clusters). - info: - - name: Application Namespace - value: "kubeflow" - - name: Console - value: 'https://console.cloud.google.com/ai-platform/pipelines/clusters' - componentKinds: - - group: v1 - kind: ServiceAccount - - group: rbac.authorization.k8s.io/v1 - kind: Role - - group: rbac.authorization.k8s.io/v1 - kind: RoleBinding - - group: v1 - kind: Service - - group: v1 - kind: ConfigMap - - group: v1 - kind: Secret - - group: apps/v1 - kind: Deployment ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: scheduling.k8s.io/v1 -kind: PriorityClass -metadata: - name: workflow-controller -value: 1000000 diff --git a/manifests/gcp_marketplace/test/snapshot-managed-storage-with-db-prefix.yaml b/manifests/gcp_marketplace/test/snapshot-managed-storage-with-db-prefix.yaml deleted file mode 100644 index 62eacb6cfb3..00000000000 --- a/manifests/gcp_marketplace/test/snapshot-managed-storage-with-db-prefix.yaml +++ /dev/null @@ -1,2829 +0,0 @@ ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache-deployer-sa - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-metadata-writer - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-persistenceagent - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-scheduledworkflow - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-ui - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-viewer-crd-service-account - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-visualizationserver - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-container-builder ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: proxy-agent-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - accesskey: bWluaW8= - secretkey: bWluaW8xMjM= -kind: Secret -metadata: - name: mlpipeline-minio-artifact - labels: - app.kubernetes.io/name: "my-release" -type: Opaque ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: Secret -metadata: - name: ml-pipeline-install-secret-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install secrets. There's no effect modifying this. -type: Opaque -# -data: - managedStorageDbPassword: 'MTIzNA==' -# ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Secret -metadata: - name: mlpipeline-minio-artifact -stringData: - accesskey: minio - secretkey: minio123 ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: Secret -metadata: - name: mysql-credential - labels: - app: mysql-credential - app.kubernetes.io/name: my-release -type: Opaque -data: - username: "cm9vdA==" - password: "MTIzNA==" ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - # References: - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/config/config.go - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.md - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.yaml - - # Choice of an executor is deprecated in favor of emissary executor - executor: | - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 0.01 - memory: 32Mi - limits: - cpu: 0.5 - memory: 512Mi - - # Note, some-string-{{without}}-template-interpretation is a way to avoid some brackets interpreted as template. - # Reference: https://github.com/helm/helm/issues/2798#issuecomment-467319526 - artifactRepository: | - archiveLogs: true - s3: - endpoint: "minio-service.kubeflow:9000" - bucket: "mybucket" - # keyFormat is a format pattern to define how artifacts will be organized in a bucket. - # It can reference workflow metadata variables such as workflow.namespace, workflow.name, - # pod.name. Can also use strftime formating of workflow.creationTimestamp so that workflow - # artifacts can be organized by date. If omitted, will use workflow.name/pod.name, - # which has potential for have collisions, because names do not guarantee they are unique - # over the lifetime of the cluster. - # Refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. - # - # The following format looks like: - # artifacts/my-workflow-abc123/2018/08/23/my-workflow-abc123-1234567890 - # Adding date into the path greatly reduces the chance of pod.name collision. - keyFormat: "artifacts/{{workflow.name}}/{{workflow.creationTimestamp.Y}}/{{workflow.creationTimestamp.m}}/{{workflow.creationTimestamp.d}}/{{pod.name}}" - # insecure will disable TLS. Primarily used for minio installs not configured with TLS - insecure: true - accessKeySecret: - name: mlpipeline-minio-artifact - key: accesskey - secretKeySecret: - name: mlpipeline-minio-artifact - key: secretkey -kind: ConfigMap -metadata: - name: workflow-controller-configmap - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: cache-configmap - labels: - component: cache-server -data: - mysql_database: 'my_kfp_cachedb' - mysql_driver: "mysql" - mysql_host: "mysql" - mysql_port: "3306" - cache_image: "gcr.io/google-containers/busybox" - cache_node_restrictions: "false" ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: ml-pipeline-install-config-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install parameters. There's no effect modifying this. -data: - appName: 'my-release' - namespace: 'kubeflow' - emissaryExecutor: 'true' - managedStorageEnabled: 'true' - # - managedStorageCloudSqlInstanceConnectionName: 'myproject:us-central1:myinstance' - managedStorageGcsBucketName: 'mybucket' - managedStorageDatabasePrefix: 'my_kfp' - managedstorageDbUserName: 'root' - # ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-mysql-configmap - labels: - component: metadata-server -data: - MYSQL_DATABASE: 'my_kfp_metadata' - MYSQL_HOST: "mysql" - MYSQL_PORT: "3306" ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-grpc-configmap - labels: - component: metadata-grpc-server -data: - METADATA_GRPC_SERVICE_HOST: "metadata-grpc-service" - METADATA_GRPC_SERVICE_PORT: "8080" ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: kfp-launcher -data: - defaultPipelineRoot: 'gs://mybucket/v2/artifacts' ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: inverse-proxy-config - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: Workflow - listKind: WorkflowList - plural: workflows - shortNames: - - wf - singular: workflow - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Status of the workflow - jsonPath: .status.phase - name: Status - type: string - - description: When the workflow was started - format: date-time - jsonPath: .status.startedAt - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: ClusterWorkflowTemplate - listKind: ClusterWorkflowTemplateList - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft - singular: clusterworkflowtemplate - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: CronWorkflow - listKind: CronWorkflowList - plural: cronworkflows - shortNames: - - cwf - - cronwf - singular: cronworkflow - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workfloweventbindings.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowEventBinding - listKind: WorkflowEventBindingList - plural: workfloweventbindings - shortNames: - - wfeb - singular: workfloweventbinding - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowTemplate - listKind: WorkflowTemplateList - plural: workflowtemplates - shortNames: - - wftmpl - singular: workflowtemplate - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtaskresults.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskResult - listKind: WorkflowTaskResultList - plural: workflowtaskresults - singular: workflowtaskresult - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - message: - type: string - metadata: - type: object - outputs: - properties: - artifacts: - items: - properties: - archive: - properties: - none: - type: object - tar: - properties: - compressionLevel: - format: int32 - type: integer - type: object - zip: - type: object - type: object - archiveLogs: - type: boolean - artifactory: - properties: - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - url: - type: string - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - url - type: object - from: - type: string - fromExpression: - type: string - gcs: - properties: - bucket: - type: string - key: - type: string - serviceAccountKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - key - type: object - git: - properties: - depth: - format: int64 - type: integer - disableSubmodules: - type: boolean - fetch: - items: - type: string - type: array - insecureIgnoreHostKey: - type: boolean - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - repo: - type: string - revision: - type: string - sshPrivateKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - repo - type: object - globalName: - type: string - hdfs: - properties: - addresses: - items: - type: string - type: array - force: - type: boolean - hdfsUser: - type: string - krbCCacheSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbConfigConfigMap: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbKeytabSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbRealm: - type: string - krbServicePrincipalName: - type: string - krbUsername: - type: string - path: - type: string - required: - - path - type: object - http: - properties: - headers: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - url: - type: string - required: - - url - type: object - mode: - format: int32 - type: integer - name: - type: string - optional: - type: boolean - oss: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - type: boolean - endpoint: - type: string - key: - type: string - lifecycleRule: - properties: - markDeletionAfterDays: - format: int32 - type: integer - markInfrequentAccessAfterDays: - format: int32 - type: integer - type: object - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - securityToken: - type: string - required: - - key - type: object - path: - type: string - raw: - properties: - data: - type: string - required: - - data - type: object - recurseMode: - type: boolean - s3: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - properties: - objectLocking: - type: boolean - type: object - encryptionOptions: - properties: - enableEncryption: - type: boolean - kmsEncryptionContext: - type: string - kmsKeyId: - type: string - serverSideCustomerKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - endpoint: - type: string - insecure: - type: boolean - key: - type: string - region: - type: string - roleARN: - type: string - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - useSDKCreds: - type: boolean - type: object - subPath: - type: string - required: - - name - type: object - type: array - exitCode: - type: string - parameters: - items: - properties: - default: - type: string - description: - type: string - enum: - items: - type: string - type: array - globalName: - type: string - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - default: - type: string - event: - type: string - expression: - type: string - jqFilter: - type: string - jsonPath: - type: string - parameter: - type: string - path: - type: string - supplied: - type: object - type: object - required: - - name - type: object - type: array - result: - type: string - type: object - phase: - type: string - progress: - type: string - required: - - metadata - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtasksets.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskSet - listKind: WorkflowTaskSetList - plural: workflowtasksets - shortNames: - - wfts - singular: workflowtaskset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: scheduledworkflows.kubeflow.org - labels: - app.kubernetes.io/name: my-release -spec: - group: kubeflow.org - names: - kind: ScheduledWorkflow - listKind: ScheduledWorkflowList - plural: scheduledworkflows - shortNames: - - swf - singular: scheduledworkflow - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - status: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - - status - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: my-release - name: viewers.kubeflow.org -spec: - group: kubeflow.org - names: - kind: Viewer - listKind: ViewerList - plural: viewers - shortNames: - - vi - singular: viewer - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-clusterrole - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-clusterrole -rules: -- apiGroups: - - certificates.k8s.io - resources: - - certificatesigningrequests - - certificatesigningrequests/approval - verbs: - - create - - delete - - get - - update -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - delete - - get - - list - - patch -- apiGroups: - - certificates.k8s.io - resources: - - signers - resourceNames: - - kubernetes.io/* - verbs: - - approve ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-clusterrolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kubeflow-pipelines-cache-deployer-clusterrole -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argo-role - labels: - app.kubernetes.io/name: "my-release" -rules: -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - update -- apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - persistentvolumeclaims - - persistentvolumeclaims/finalizers - verbs: - - create - - update - - delete - - get -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtasksets - - workflowtasksets/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete - - create -- apiGroups: - - argoproj.io - resources: - - workflowtemplates - - workflowtemplates/finalizers - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - argoproj.io - resources: - - workflowtaskresults - verbs: - - list - - watch - - deletecollection -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - "" - resources: - - secrets - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - cronworkflows - - cronworkflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - create - - get - - delete ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - patch - - list ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-metadata-writer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-metadata-writer-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-persistenceagent-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - get - - list - - watch - - apiGroups: - - pipelines.kubeflow.org - resources: - - scheduledworkflows - - workflows - verbs: - - report - - apiGroups: - - '' - resources: - - namespaces - verbs: - - get - - apiGroups: - - '' - resources: - - events - verbs: - - create - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-scheduledworkflow-role - name: ml-pipeline-scheduledworkflow-role -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -rules: - - apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - create - - get - - list - - apiGroups: - - "" - resources: - - events - verbs: - - list - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - delete - - apiGroups: - - "argoproj.io" - resources: - - workflows - verbs: - - get - - list ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-viewer-controller-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - '*' - resources: - - deployments - - services - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - delete - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list - - apiGroups: - - "" - resources: - - persistentvolumes - - persistentvolumeclaims - verbs: - - '*' - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - create - - delete - - get - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - "" - resources: - - pods - - pods/exec - - pods/log - - services - verbs: - - '*' - - apiGroups: - - "" - - apps - - extensions - resources: - - deployments - - replicasets - verbs: - - '*' - - apiGroups: - - kubeflow.org - resources: - - '*' - verbs: - - '*' - - apiGroups: - - batch - resources: - - jobs - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: proxy-agent-runner - app.kubernetes.io/name: my-release - name: proxy-agent-runner -rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argo-binding - labels: - app.kubernetes.io/name: "my-release" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argo-role -subjects: -- kind: ServiceAccount - name: argo - namespace: "kubeflow" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-rolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-deployer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-metadata-writer-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-metadata-writer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-metadata-writer - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-persistenceagent-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-persistenceagent-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-persistenceagent - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-scheduledworkflow-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-scheduledworkflow-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-scheduledworkflow - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-ui -subjects: - - kind: ServiceAccount - name: ml-pipeline-ui - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline -subjects: - - kind: ServiceAccount - name: ml-pipeline - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pipeline-runner-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: pipeline-runner -subjects: - - kind: ServiceAccount - name: pipeline-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-viewer-crd-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-viewer-controller-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-viewer-crd-service-account - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: proxy-agent-runner - name: proxy-agent-runner -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: proxy-agent-runner -subjects: - - kind: ServiceAccount - name: proxy-agent-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: Service -metadata: - annotations: - workflows.argoproj.io/description: | - This service is deprecated. It will be removed in v3.4. - - https://github.com/argoproj/argo-workflows/issues/8441 - labels: - app: workflow-controller - name: workflow-controller-metrics -spec: - ports: - - name: metrics - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: workflow-controller ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: Service -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - selector: - app: cache-server - app.kubernetes.io/name: my-release - ports: - - port: 443 - targetPort: webhook-api ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-grpc-service -spec: - ports: - - name: grpc-api - port: 8080 - protocol: TCP - selector: - component: metadata-grpc-server - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -kind: Service -apiVersion: v1 -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-envoy-service -spec: - selector: - component: metadata-envoy - type: ClusterIP - ports: - - port: 9090 - protocol: TCP - name: md-envoy ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Service -metadata: - name: minio-service - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - ports: - - port: 9000 - protocol: TCP - targetPort: 9000 - selector: - app: minio - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: Service -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - port: 3306 - selector: - - app: cloudsqlproxy - - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - ports: - - port: 80 - targetPort: 3000 - selector: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline-visualizationserver -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - selector: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - - name: grpc - port: 8887 - protocol: TCP - targetPort: 8887 - selector: - app: ml-pipeline - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: workflow-controller - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" -spec: - selector: - matchLabels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - template: - metadata: - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - spec: - serviceAccountName: argo - containers: - - name: workflow-controller - image: "gcr.io/ml-pipeline/google/pipelines/argoworkflowcontroller:dummy" - command: - - workflow-controller - args: - - --configmap - - workflow-controller-configmap - - --executor-image - - "gcr.io/ml-pipeline/google/pipelines/argoexecutor:dummy" - - --namespaced - env: - - name: LEADER_ELECTION_IDENTITY - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - ports: - - name: metrics - containerPort: 9090 - - containerPort: 6060 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 6060 - initialDelaySeconds: 90 - periodSeconds: 60 - timeoutSeconds: 30 - resources: - requests: - cpu: 100m - memory: 500Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - nodeSelector: - kubernetes.io/os: linux - priorityClassName: workflow-controller - securityContext: - runAsNonRoot: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-deployer-deployment - labels: - app: cache-deployer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-deployer - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: cache-deployer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/cachedeployer:dummy - imagePullPolicy: Always - env: - - name: NAMESPACE_TO_WATCH - value: kubeflow - serviceAccountName: kubeflow-pipelines-cache-deployer-sa - restartPolicy: Always ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: cache-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: server - image: gcr.io/ml-pipeline/google/pipelines/cacheserver:dummy - env: - - - name: DBCONFIG_USER - valueFrom: - secretKeyRef: - name: mysql-credential - key: username - - name: DBCONFIG_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-credential - key: password - - - name: CACHE_IMAGE - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_image - - name: CACHE_NODE_RESTRICTIONS - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_node_restrictions - - name: DBCONFIG_DRIVER - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_driver - - name: DBCONFIG_DB_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_database - - name: DBCONFIG_HOST_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_host - - name: DBCONFIG_PORT - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_port - - name: NAMESPACE_TO_WATCH - value: kubeflow - args: ["--db_driver=$(DBCONFIG_DRIVER)", - "--db_host=$(DBCONFIG_HOST_NAME)", - "--db_port=$(DBCONFIG_PORT)", - "--db_name=$(DBCONFIG_DB_NAME)", - "--db_user=$(DBCONFIG_USER)", - "--db_password=$(DBCONFIG_PASSWORD)", - "--namespace_to_watch=$(NAMESPACE_TO_WATCH)", - ] - imagePullPolicy: Always - ports: - - containerPort: 8443 - name: webhook-api - volumeMounts: - - name: webhook-tls-certs - mountPath: /etc/webhook/certs - readOnly: true - volumes: - - name: webhook-tls-certs - secret: - secretName: webhook-server-tls - serviceAccountName: kubeflow-pipelines-cache ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - name: metadata-grpc-deployment -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataserver:dummy - imagePullPolicy: 'Always' - env: - # TODO: merge all into mysql-credential - - - name: DBCONFIG_USER - valueFrom: - secretKeyRef: - name: mysql-credential - key: username - - name: DBCONFIG_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-credential - key: password - - - name: MYSQL_DATABASE - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_DATABASE - - name: MYSQL_HOST - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_PORT - command: ["/bin/metadata_store_server"] - args: ["--grpc_port=8080", - "--mysql_config_database=$(MYSQL_DATABASE)", - "--mysql_config_host=$(MYSQL_HOST)", - "--mysql_config_port=$(MYSQL_PORT)", - "--mysql_config_user=$(DBCONFIG_USER)", - "--mysql_config_password=$(DBCONFIG_PASSWORD)", - "--enable_database_upgrade=true" - ] - ports: - - containerPort: 8080 - name: grpc-api - livenessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - readinessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-envoy - labels: - component: metadata-envoy - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-envoy - template: - metadata: - labels: - component: metadata-envoy - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataenvoy:dummy - ports: - - name: md-envoy - containerPort: 9090 - - name: envoy-admin - containerPort: 9901 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-writer - labels: - app: metadata-writer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: metadata-writer - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: metadata-writer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/metadatawriter:dummy - env: - - name: NAMESPACE_TO_WATCH - valueFrom: - fieldRef: - fieldPath: metadata.namespace - serviceAccountName: kubeflow-pipelines-metadata-writer ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: minio - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: minio - app.kubernetes.io/name: my-release - spec: - containers: - - args: - - gateway - - gcs - - $(PROJECT_ID) - env: - - name: PROJECT_ID - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "project_id" - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: accesskey - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: secretkey - # Minio is KFP system workload and we use GCE's default service account - # or later Workload Identity's corresponding service account. - # So here no need to setup GOOGLE_APPLICATION_CREDENTIALS. - # - name: GOOGLE_APPLICATION_CREDENTIALS - # value: "/etc/credentials/application_default_credentials.json" - image: gcr.io/ml-pipeline/google/pipelines/minio:dummy - name: minio - ports: - - containerPort: 9000 - resources: - requests: - cpu: 20m - memory: 100Mi ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cloudsqlproxy - labels: - app: cloudsqlproxy - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: cloudsqlproxy - app.kubernetes.io/name: my-release - replicas: 1 - template: - metadata: - labels: - app: cloudsqlproxy - app.kubernetes.io/name: my-release - spec: - serviceAccountName: mysql - containers: - - image: gcr.io/ml-pipeline/google/pipelines/cloudsqlproxy:dummy - name: cloudsqlproxy - env: - command: ["/cloud_sql_proxy", - "-dir=/cloudsql", - # Replace with your own CloudSQL instance ID - "-instances=myproject:us-central1:myinstance=tcp:0.0.0.0:3306", - # Enables HTTP health checks. - "-use_http_health_check", - # System workload uses GCE default service account or Workload Identity's service account - # "-credential_file=/credentials/application_default_credentials.json", - "term_timeout=10s"] - # set term_timeout if require graceful handling of shutdown - # NOTE: proxy will stop accepting new connections; only wait on existing connections - lifecycle: - preStop: - exec: - # (optional) add a preStop hook so that termination is delayed - # this is required if your server still require new connections (e.g., connection pools) - command: ['sleep', '10'] - # Liveness probe configuration is adviced by Cloud SQL Proxy examples: - # https://github.com/GoogleCloudPlatform/cloudsql-proxy/tree/main/examples/k8s-health-check - # For details, see https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ - livenessProbe: - httpGet: - path: /liveness - port: 8090 - # Number of seconds after the container has started before the first probe is scheduled. Defaults to 0. - # Not necessary when the startup probe is in use. - initialDelaySeconds: 0 - # Frequency of the probe. - periodSeconds: 60 - # Number of seconds after which the probe times out. - timeoutSeconds: 30 - # Number of times the probe is allowed to fail before the transition - # from healthy to failure state. - # - # If periodSeconds = 60, 5 tries will result in five minutes of - # checks. The proxy starts to refresh a certificate five minutes - # before its expiration. If those five minutes lapse without a - # successful refresh, the liveness probe will fail and the pod will be - # restarted. - failureThreshold: 5 - readinessProbe: - httpGet: - path: /readiness - port: 8090 - initialDelaySeconds: 0 - periodSeconds: 10 - timeoutSeconds: 5 - # Number of times the probe must report success to transition from failure to healthy state. - # Defaults to 1 for readiness probe. - successThreshold: 1 - failureThreshold: 1 - startupProbe: - httpGet: - path: /startup - port: 8090 - periodSeconds: 1 - timeoutSeconds: 5 - failureThreshold: 20 - ports: - - name: mysql - containerPort: 3306 - volumeMounts: - - mountPath: /cloudsql - name: cloudsql - volumes: - - name: cloudsql - emptyDir: ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - name: ml-pipeline-persistenceagent -spec: - selector: - matchLabels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - - name: TTL_SECONDS_AFTER_WORKFLOW_FINISH - value: "86400" - image: gcr.io/ml-pipeline/google/pipelines/persistenceagent:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-persistenceagent - resources: - requests: - cpu: 120m - memory: 500Mi - volumeMounts: - - mountPath: /var/run/secrets/kubeflow/tokens - name: persistenceagent-sa-token - serviceAccountName: ml-pipeline-persistenceagent - volumes: - - name: persistenceagent-sa-token - projected: - sources: - - serviceAccountToken: - path: persistenceagent-sa-token - expirationSeconds: 3600 - audience: pipelines.kubeflow.org ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - name: ml-pipeline-scheduledworkflow -spec: - selector: - matchLabels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/scheduledworkflow:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-scheduledworkflow - serviceAccountName: ml-pipeline-scheduledworkflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - selector: - matchLabels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MINIO_NAMESPACE - value: kubeflow - - name: ALLOW_CUSTOM_VISUALIZATIONS - value: "true" - - name: DEPLOYMENT - value: MARKETPLACE - image: gcr.io/ml-pipeline/google/pipelines/frontend:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-ui - ports: - - containerPort: 3000 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 10m - memory: 70Mi - serviceAccountName: ml-pipeline-ui ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - name: ml-pipeline-viewer-crd -spec: - selector: - matchLabels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MAX_NUM_VIEWERS - value: "50" - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/viewercrd:dummy - imagePullPolicy: Always - name: ml-pipeline-viewer-crd - serviceAccountName: ml-pipeline-viewer-crd-service-account ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - name: ml-pipeline-visualizationserver -spec: - selector: - matchLabels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - spec: - containers: - - image: gcr.io/ml-pipeline/google/pipelines/visualizationserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-visualizationserver - ports: - - name: http - containerPort: 8888 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 30m - memory: 500Mi - serviceAccountName: ml-pipeline-visualizationserver ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - name: ml-pipeline -spec: - selector: - matchLabels: - app: ml-pipeline - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - - name: HAS_DEFAULT_BUCKET - value: "true" - - name: BUCKET_NAME - value: "mybucket" - - - name: PROJECT_ID - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "project_id" - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DEFAULTPIPELINERUNNERSERVICEACCOUNT - value: 'pipeline-runner' - - name: OBJECTSTORECONFIG_SECURE - value: "false" - - - name: OBJECTSTORECONFIG_BUCKETNAME - value: "mybucket" - - name: DBCONFIG_DBNAME - value: 'my_kfp_pipeline' - - name: DBCONFIG_USER - valueFrom: - secretKeyRef: - name: mysql-credential - key: username - - name: DBCONFIG_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-credential - key: password - - image: gcr.io/ml-pipeline/google/pipelines/apiserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-api-server - ports: - - name: http - containerPort: 8888 - - name: grpc - containerPort: 8887 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 250m - memory: 500Mi - serviceAccountName: ml-pipeline ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - name: proxy-agent -spec: - selector: - matchLabels: - app: proxy-agent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - spec: - hostNetwork: true - containers: - - image: gcr.io/ml-pipeline/google/pipelines/proxyagent:dummy - imagePullPolicy: IfNotPresent - name: proxy-agent - serviceAccountName: proxy-agent-runner ---- -# Source: kubeflow-pipelines/templates/application.yaml -apiVersion: app.k8s.io/v1beta1 -kind: Application -metadata: - name: "my-release" - namespace: "kubeflow" - annotations: - kubernetes-engine.cloud.google.com/icon: >- - data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADMAAAAyCAYAAADx/eOPAAALuUlEQVRogd2afWxd9XnHP99bK4pS3yhiGUIRiiJUVVVqbq8ppdR20ibqpuIMtDRkUYERp29J57gMZVuxsrZiK7oZXVv5re1AiOuoG+N1DMkuytprsGPEVMouxqQZJVHEWIdQlGVxZlmZdb/747zcc869jpMO+seOdPz7nd/L83tev89zzjX8Bq795Rq9o17zXp+Tey+Ijkyboela29DRWkhffyT733pH/Z3este9F2cC6N0kNjxtjD+FdRD8UF9X7u97y7UbQFPAivC0BdllS381slun3s3z3xVhhqeds90tqR/oMB7u68z19ZZra0E/l1if3WOziPx3skrDPTr+bvDxfxImEIJbgX6gGBJ7EfHJX/ySReDHwO9KYAenyWCMFKw21GSeslwa2Z17+TcuzPBRr7B8m6Df5oOJqdPAR/u6cm/2lmv3At+IT3GiXZqbcaxSLsfRoTsvn7XL2jE87ZXGnwf+VGiDY86ETM1wU1+XjvSW/RlgTJADQ2QaCZKWcX1/aDIcjE8i3SdzZLjn0lm8pJXD02417BM+gLmq2Rqjr/d16Vu95dp6wc8Ra5O8NrPIcoZCvIR1H+KZkd2qLcfnRYUZOuorJO+3uQt0RerolGYZR7r5+C9ZATwPviGyQprd6Liszy3bnwVKwGMjPbnFyxJmeNpX2T4gaR/QmmSpyYZTho/2depMb9k/kNh3KawuJ1bWauHzUcyXRpZAv5Zmg7aHBLcmNN9ECAFeAO3s69KZ3nLtDuF9dnBs0IT9JO24rbPb0JfP2syCZpFfE5q1mRWcvlgMNcwMTRq9z/+OWXdx4AGjvX1deqC37DbwPwOrMgsufol5mWMWs1ivEbjTrOCtLNNb+udygqsNbUBtopR/NkuuwTJ6Hxsw67KSuvH5MPDA/nJttfGTdUFCMUlp/ALwOtIs9muBxpnFnBzuSQf21oP/BbXclVvumWuTaDN8WNBm2GizJkxPM0CDMA2WGZ72bbb/Njue2TRj9Il/PcG87SeBz4ZTNaSTsmctHcO8SqDp14d7dCFLZ2v/3OpQ023Ah4n65kohvETUCdcsfmuilD+bpNdgGZvOODuHqYGIVGCec9g7+7o031v2jaBTiD0ysxbHRnZrPktzyz1zK7f0z10nh5pWwLRhvZro1KqznVJhNB8UyDeSsU4zAOiIXV1OuEqQ2AR79nflXgcY6dGLwIvR8q39cy1b+uc2Emo6dI824BpMSxz8iVhy4m/2WiYHdV5UmOHp2mpwm52ESCdwRn+9v0tPAWzpn9sAFAQbMdc60PaHsFZEWd9uxk4z8G3seykECfObTEd2KmuZG4CWyLXkYLMwtiYt+hMsTUdAEZQzjs9apv66SHJRk73ZjBQ+iRu29s+1VEr5OImmXs4MHUahVoLWgK23wbv6OrU4OulcuHYehWsVHhpXwpE2FNRayTszX2cwDpQEzTB+QvrJHCXUaigk+c++aXZiE98YmUVgV19X7u3ypH/fgfUA5h2usY2jNjmWoGVn50nvC9T2NviA5OPBGPW91OlG+0Xa1WJhhqadk3WjpKCilQIQFP19XZocnfIHgIeFWyNh6goXyX6gdNWfU8aJ5tNjEheAHZVS/ruGj0s8k6VPhh6ms6kwgoLl1aGuCEuSpwXfHZ2qrTJ+HHkNCpOjmbdFcEcGUIhUSj/H65rPO6j+766U8i/QXV0z8cqJc4btwF8AtWgtMb1wj+j41Df/s1EYQwdEDiqM3hDes9quGY3IKoYOvCrU7HlCoZtEWapPkzEpsU8uq8b36a6uBqaBv5l45URLpZT/pmGH8LnkvlAdAOt1oeXqRsuYTjlEMJiXvWN/Z+5szfqioKcOKo7qr/nAEesKiOyv2A/q88rOx8+8bPhK5dUTAA8jbUT6MuKnbKteNVHKP23xCeD1LC0F2TWOmzoAKEiWxmC+sr8rN1OerF2HGaqXFcZhDWaYj11S4ZxcXxVqyKqPZOeNTwM7Jkr5BeDPQJ8NFQaoC/gZ26rXT5TyxxAfRx6P94d0gU0pYYama+tsbwix/AHM4fKUrwAeB68kRJ5AZsWWieGTjLipsVCgrKCwKHF7pZQ/RXf104j76i4ZMmquxkzRXb2zUsqfxdxsfCiA70hRjZbpCDHmJcRdeZPDHkVck0Ul5PeHZ81DgHxKtglXaHCxVN9fr5TyR9hW3QA8Amqp5526SyKtBEbZVv1eZeZkbqKU7xfsFJwPqRW29s+11oUxnUhnkHf2dWoB+R5Jv5dNaGHh1wog8d/ZAI+0GgVpFPTp4AfJT2Hup7u6EvMk0tpkboutEz0HMPzHyD+mu3pFpZR/Aug0Pgm0RLkvFzLWYfjDvs7cqfKUt2LuXTLhue5mdWhVDJdEzxDDcRKawceN9lRePVkDfgBcR/LKVqNpz/s08DO6q4VKKT8j8zHgJ1HyzA1P11YZjfV1arw85auBR4RalDB5lEjDKi0CgPPphKZ0QiNRwUQeg88B2ydKreew9yH1NCxe/r4GaZpt1Vsrh/JnDDcBLwPkbLVgf6s86RXYj4KvtJKJM8KsGLkSlsmUL6mSg1RJY1xD7KmU8sfprnYgBqJsGVsiEfupsca7FfMo26p/OfHKiVqllB8HyPV16VxfV66G/G1QBwY5xvCgTT7X3/MTaBbFVr0fJvqw2ASZ+yul/FN0V68CHsesiDl3UopM3CwhDZDD/Dnwj3S/sjoYAMqTtc1YX02jVqYOiuuqsAKIkqZCfFIz/IrfFY8gDrKt2gI8irSuwQezyTeNaOl+6qYb+fpYGKEXJE9GSTObK5ItrheaLHE5/XRKcHul+kYN8x2kzWlLNNuVtUqibzKW5CBjxUoszO7NWrS1E/xWvMeJjck2WQHEKJeMD+qH4gWCSvg00m3AVxv5TMRKsp9Cs0Q/Ka/1BOZQNBSXMz2b9Q5oO9JCKgkqg2aKofl8uvTPeE1w3t5KKf8y26pFxINhLRa5R9JV6huT/aZuFu7Ds+A9jBdj+VIvZz2b9BL2Xi5yJQEgUFqinI9SZBDx358o5Q/HiRGtquOEmxJu6DcbC/afQWxnvHg+Odrwm2bP5txh5OEYjOM3vaiu8qqHJw1mPmK/Xs7HJf0LRncDMF5cAL6NWUxDrX/duwbczljxjSzvTX+gtXU3MBlrRCltrsxBTgorACKrRGf5bczOiVLrhUL74B2F9oHVjBd/iLwTWEhr+CIWaLYumDjIWLHha+aSwvRs1iJmJ9Kb9ZJRETS3ACsMC8i1ZNwgXZDYWTmU/1WhfeAW8Cjo+UL7wDrGik8jfid0kYz/Z2ODepv+GPIY+FAznpcUJhAo9w5mh81CFtEsWieCTzwXkogmfKBSyh8ttA98EDPqoPouYqYLxYEPMVY8itmEeTM+KEaqZhVAkiPPIL6QDPhLFiYQSC9J7M3mGlF/24zWSvwIM1xoH2gF/sFiTcSPxQakqUJxsIPx4jGCr0AzCUYTbROJ7DPAdsbSAX9ZwgDs3qTDiMGUOxF/1DgfekLVsPf0sw8DPARsDNwy8iYBXov4p0L7wC2MF99CfBJ4rqmbJbO/qYE+x1jx5HK8Xtp/aFgHDM/FX+RM9FFjHjjj4NV3HvlPsP4g+SqQgm6zCuvJQnHgi4wVz2JuAj8RnLGEVaCf8Y8cuRQ2L0mYEBB2Gb8ZHKD4NQBx+0Qpf7LQPrAVVGqiiWTpCcEn4QcLxcF7C7+aXMDahT1YX5IS5DHE/ZfC4yULEwr0DtIOWwuuvwZ8rVLKP1soDqzHPGJoyRao9b4SXiQQ30A8eO1/PJ8D7gK+BtQSJcQM8AXGlg747LUkmi91lad8J3CuZ5OeBii0D64ET2FdH1N0omWJvgLPkvwM8LmZf7lrnm3VO4CHsM4DH2P8I8vGSfK67P9q8v9wWPAcQLH4PbBHbK6Pq+3M9+Ml+6FL2dyC+WmhOLiWseKPMDeDd12uIPBrWCZ5Xds++AHsAwGlBKnoB5747c2J+aSJEuvRL8CDv/2Zz+cqh/LL/gPD//vrfwFjcI5oX6jDBwAAAABJRU5ErkJggg== - marketplace.cloud.google.com/deploy-info: '{"partner_id": "ml-pipeline", "product_id": "kubeflow-pipelines", "partner_name": "Google Cloud AI Platform"}' - labels: - app.kubernetes.io/name: "my-release" -spec: - descriptor: - type: Kubeflow Pipelines - version: 2.1.0 - description: |- - Reusable end-to-end ML workflow - maintainers: - - name: Google Cloud AI Platform - url: https://cloud.google.com/ai-platform/ - - name: Kubeflow Pipelines - url: https://github.com/kubeflow/pipelines - links: - - description: 'Kubeflow Pipelines Documentation' - url: https://www.kubeflow.org/docs/pipelines/ - notes: |- - Please go to [Hosted Kubeflow Pipelines Console](https://console.cloud.google.com/ai-platform/pipelines/clusters). - info: - - name: Application Namespace - value: "kubeflow" - - name: Console - value: 'https://console.cloud.google.com/ai-platform/pipelines/clusters' - componentKinds: - - group: v1 - kind: ServiceAccount - - group: rbac.authorization.k8s.io/v1 - kind: Role - - group: rbac.authorization.k8s.io/v1 - kind: RoleBinding - - group: v1 - kind: Service - - group: v1 - kind: ConfigMap - - group: v1 - kind: Secret - - group: apps/v1 - kind: Deployment ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: scheduling.k8s.io/v1 -kind: PriorityClass -metadata: - name: workflow-controller -value: 1000000 diff --git a/manifests/gcp_marketplace/test/snapshot-managed-storage.yaml b/manifests/gcp_marketplace/test/snapshot-managed-storage.yaml deleted file mode 100644 index d18c440d263..00000000000 --- a/manifests/gcp_marketplace/test/snapshot-managed-storage.yaml +++ /dev/null @@ -1,2829 +0,0 @@ ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache-deployer-sa - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-cache - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-metadata-writer - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-persistenceagent - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-scheduledworkflow - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-ui - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-viewer-crd-service-account - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline-visualizationserver - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubeflow-pipelines-container-builder ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: proxy-agent-runner - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - accesskey: bWluaW8= - secretkey: bWluaW8xMjM= -kind: Secret -metadata: - name: mlpipeline-minio-artifact - labels: - app.kubernetes.io/name: "my-release" -type: Opaque ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: Secret -metadata: - name: ml-pipeline-install-secret-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install secrets. There's no effect modifying this. -type: Opaque -# -data: - managedStorageDbPassword: 'MTIzNA==' -# ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Secret -metadata: - name: mlpipeline-minio-artifact -stringData: - accesskey: minio - secretkey: minio123 ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: Secret -metadata: - name: mysql-credential - labels: - app: mysql-credential - app.kubernetes.io/name: my-release -type: Opaque -data: - username: "cm9vdA==" - password: "MTIzNA==" ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -data: - # References: - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/config/config.go - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.md - # * https://github.com/argoproj/argo-workflows/blob/v3.4.16/docs/workflow-controller-configmap.yaml - - # Choice of an executor is deprecated in favor of emissary executor - executor: | - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 0.01 - memory: 32Mi - limits: - cpu: 0.5 - memory: 512Mi - - # Note, some-string-{{without}}-template-interpretation is a way to avoid some brackets interpreted as template. - # Reference: https://github.com/helm/helm/issues/2798#issuecomment-467319526 - artifactRepository: | - archiveLogs: true - s3: - endpoint: "minio-service.kubeflow:9000" - bucket: "mybucket" - # keyFormat is a format pattern to define how artifacts will be organized in a bucket. - # It can reference workflow metadata variables such as workflow.namespace, workflow.name, - # pod.name. Can also use strftime formating of workflow.creationTimestamp so that workflow - # artifacts can be organized by date. If omitted, will use workflow.name/pod.name, - # which has potential for have collisions, because names do not guarantee they are unique - # over the lifetime of the cluster. - # Refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/. - # - # The following format looks like: - # artifacts/my-workflow-abc123/2018/08/23/my-workflow-abc123-1234567890 - # Adding date into the path greatly reduces the chance of pod.name collision. - keyFormat: "artifacts/{{workflow.name}}/{{workflow.creationTimestamp.Y}}/{{workflow.creationTimestamp.m}}/{{workflow.creationTimestamp.d}}/{{pod.name}}" - # insecure will disable TLS. Primarily used for minio installs not configured with TLS - insecure: true - accessKeySecret: - name: mlpipeline-minio-artifact - key: accesskey - secretKeySecret: - name: mlpipeline-minio-artifact - key: secretkey -kind: ConfigMap -metadata: - name: workflow-controller-configmap - labels: - app.kubernetes.io/name: "my-release" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: cache-configmap - labels: - component: cache-server -data: - mysql_database: 'my_release_cachedb' - mysql_driver: "mysql" - mysql_host: "mysql" - mysql_port: "3306" - cache_image: "gcr.io/google-containers/busybox" - cache_node_restrictions: "false" ---- -# Source: kubeflow-pipelines/templates/config-snapshot.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: ml-pipeline-install-config-snapshot - labels: - app.kubernetes.io/name: 'my-release' - annotations: - pipelines.kubeflow.org/comment: |- - This is a snapshot of install parameters. There's no effect modifying this. -data: - appName: 'my-release' - namespace: 'kubeflow' - emissaryExecutor: 'true' - managedStorageEnabled: 'true' - # - managedStorageCloudSqlInstanceConnectionName: 'myproject:us-central1:myinstance' - managedStorageGcsBucketName: 'mybucket' - managedStorageDatabasePrefix: 'my_release' - managedstorageDbUserName: 'root' - # ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-mysql-configmap - labels: - component: metadata-server -data: - MYSQL_DATABASE: 'my_release_metadata' - MYSQL_HOST: "mysql" - MYSQL_PORT: "3306" ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: metadata-grpc-configmap - labels: - component: metadata-grpc-server -data: - METADATA_GRPC_SERVICE_HOST: "metadata-grpc-service" - METADATA_GRPC_SERVICE_PORT: "8080" ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: kfp-launcher -data: - defaultPipelineRoot: 'gs://mybucket/v2/artifacts' ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: inverse-proxy-config - labels: - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: Workflow - listKind: WorkflowList - plural: workflows - shortNames: - - wf - singular: workflow - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Status of the workflow - jsonPath: .status.phase - name: Status - type: string - - description: When the workflow was started - format: date-time - jsonPath: .status.startedAt - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterworkflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: ClusterWorkflowTemplate - listKind: ClusterWorkflowTemplateList - plural: clusterworkflowtemplates - shortNames: - - clusterwftmpl - - cwft - singular: clusterworkflowtemplate - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: cronworkflows.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: CronWorkflow - listKind: CronWorkflowList - plural: cronworkflows - shortNames: - - cwf - - cronwf - singular: cronworkflow - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workfloweventbindings.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowEventBinding - listKind: WorkflowEventBindingList - plural: workfloweventbindings - shortNames: - - wfeb - singular: workfloweventbinding - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtemplates.argoproj.io - labels: - app.kubernetes.io/name: "my-release" -spec: - group: argoproj.io - names: - kind: WorkflowTemplate - listKind: WorkflowTemplateList - plural: workflowtemplates - shortNames: - - wftmpl - singular: workflowtemplate - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtaskresults.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskResult - listKind: WorkflowTaskResultList - plural: workflowtaskresults - singular: workflowtaskresult - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - message: - type: string - metadata: - type: object - outputs: - properties: - artifacts: - items: - properties: - archive: - properties: - none: - type: object - tar: - properties: - compressionLevel: - format: int32 - type: integer - type: object - zip: - type: object - type: object - archiveLogs: - type: boolean - artifactory: - properties: - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - url: - type: string - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - url - type: object - from: - type: string - fromExpression: - type: string - gcs: - properties: - bucket: - type: string - key: - type: string - serviceAccountKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - key - type: object - git: - properties: - depth: - format: int64 - type: integer - disableSubmodules: - type: boolean - fetch: - items: - type: string - type: array - insecureIgnoreHostKey: - type: boolean - passwordSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - repo: - type: string - revision: - type: string - sshPrivateKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - usernameSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - required: - - repo - type: object - globalName: - type: string - hdfs: - properties: - addresses: - items: - type: string - type: array - force: - type: boolean - hdfsUser: - type: string - krbCCacheSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbConfigConfigMap: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbKeytabSecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - krbRealm: - type: string - krbServicePrincipalName: - type: string - krbUsername: - type: string - path: - type: string - required: - - path - type: object - http: - properties: - headers: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - url: - type: string - required: - - url - type: object - mode: - format: int32 - type: integer - name: - type: string - optional: - type: boolean - oss: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - type: boolean - endpoint: - type: string - key: - type: string - lifecycleRule: - properties: - markDeletionAfterDays: - format: int32 - type: integer - markInfrequentAccessAfterDays: - format: int32 - type: integer - type: object - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - securityToken: - type: string - required: - - key - type: object - path: - type: string - raw: - properties: - data: - type: string - required: - - data - type: object - recurseMode: - type: boolean - s3: - properties: - accessKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - bucket: - type: string - createBucketIfNotPresent: - properties: - objectLocking: - type: boolean - type: object - encryptionOptions: - properties: - enableEncryption: - type: boolean - kmsEncryptionContext: - type: string - kmsKeyId: - type: string - serverSideCustomerKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - endpoint: - type: string - insecure: - type: boolean - key: - type: string - region: - type: string - roleARN: - type: string - secretKeySecret: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - useSDKCreds: - type: boolean - type: object - subPath: - type: string - required: - - name - type: object - type: array - exitCode: - type: string - parameters: - items: - properties: - default: - type: string - description: - type: string - enum: - items: - type: string - type: array - globalName: - type: string - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - default: - type: string - event: - type: string - expression: - type: string - jqFilter: - type: string - jsonPath: - type: string - parameter: - type: string - path: - type: string - supplied: - type: object - type: object - required: - - name - type: object - type: array - result: - type: string - type: object - phase: - type: string - progress: - type: string - required: - - metadata - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: workflowtasksets.argoproj.io -spec: - group: argoproj.io - names: - kind: WorkflowTaskSet - listKind: WorkflowTaskSetList - plural: workflowtasksets - shortNames: - - wfts - singular: workflowtaskset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: scheduledworkflows.kubeflow.org - labels: - app.kubernetes.io/name: my-release -spec: - group: kubeflow.org - names: - kind: ScheduledWorkflow - listKind: ScheduledWorkflowList - plural: scheduledworkflows - shortNames: - - swf - singular: scheduledworkflow - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - status: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - - status - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: my-release - name: viewers.kubeflow.org -spec: - group: kubeflow.org - names: - kind: Viewer - listKind: ViewerList - plural: viewers - shortNames: - - vi - singular: viewer - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - x-kubernetes-map-type: atomic - required: - - spec - type: object - served: true - storage: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-clusterrole - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-clusterrole -rules: -- apiGroups: - - certificates.k8s.io - resources: - - certificatesigningrequests - - certificatesigningrequests/approval - verbs: - - create - - delete - - get - - update -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - delete - - get - - list - - patch -- apiGroups: - - certificates.k8s.io - resources: - - signers - resourceNames: - - kubernetes.io/* - verbs: - - approve ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-clusterrolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kubeflow-pipelines-cache-deployer-clusterrole -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argo-role - labels: - app.kubernetes.io/name: "my-release" -rules: -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - update -- apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list -- apiGroups: - - "" - resources: - - persistentvolumeclaims - - persistentvolumeclaims/finalizers - verbs: - - create - - update - - delete - - get -- apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtasksets - - workflowtasksets/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete - - create -- apiGroups: - - argoproj.io - resources: - - workflowtemplates - - workflowtemplates/finalizers - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - argoproj.io - resources: - - workflowtaskresults - verbs: - - list - - watch - - deletecollection -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list -- apiGroups: - - "" - resources: - - secrets - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - cronworkflows - - cronworkflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - create - - get - - delete ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-deployer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-deployer-role -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - patch - - list ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-cache-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-cache-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: kubeflow-pipelines-metadata-writer-role - app.kubernetes.io/name: my-release - name: kubeflow-pipelines-metadata-writer-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-persistenceagent-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - get - - list - - watch - - apiGroups: - - pipelines.kubeflow.org - resources: - - scheduledworkflows - - workflows - verbs: - - report - - apiGroups: - - '' - resources: - - namespaces - verbs: - - get - - apiGroups: - - '' - resources: - - events - verbs: - - create - - patch ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-scheduledworkflow-role - name: ml-pipeline-scheduledworkflow-role -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -rules: - - apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - create - - get - - list - - apiGroups: - - "" - resources: - - events - verbs: - - list - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - delete - - apiGroups: - - "argoproj.io" - resources: - - workflows - verbs: - - get - - list ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ml-pipeline-viewer-controller-role - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - '*' - resources: - - deployments - - services - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - viewers - verbs: - - create - - get - - list - - watch - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - delete - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - kubeflow.org - resources: - - scheduledworkflows - verbs: - - create - - get - - list - - update - - patch - - delete ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: pipeline-runner - labels: - app.kubernetes.io/name: my-release -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - watch - - list - - apiGroups: - - "" - resources: - - persistentvolumes - - persistentvolumeclaims - verbs: - - '*' - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - create - - delete - - get - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - "" - resources: - - pods - - pods/exec - - pods/log - - services - verbs: - - '*' - - apiGroups: - - "" - - apps - - extensions - resources: - - deployments - - replicasets - verbs: - - '*' - - apiGroups: - - kubeflow.org - resources: - - '*' - verbs: - - '*' - - apiGroups: - - batch - resources: - - jobs - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: proxy-agent-runner - app.kubernetes.io/name: my-release - name: proxy-agent-runner -rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - '*' ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argo-binding - labels: - app.kubernetes.io/name: "my-release" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argo-role -subjects: -- kind: ServiceAccount - name: argo - namespace: "kubeflow" ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-cache-deployer-rolebinding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-cache-deployer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-cache-deployer-sa - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubeflow-pipelines-metadata-writer-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kubeflow-pipelines-metadata-writer-role -subjects: -- kind: ServiceAccount - name: kubeflow-pipelines-metadata-writer - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-persistenceagent-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-persistenceagent-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-persistenceagent - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-scheduledworkflow-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-scheduledworkflow-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-scheduledworkflow - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline-ui - name: ml-pipeline-ui -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-ui -subjects: - - kind: ServiceAccount - name: ml-pipeline-ui - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: ml-pipeline - name: ml-pipeline -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline -subjects: - - kind: ServiceAccount - name: ml-pipeline - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pipeline-runner-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: pipeline-runner -subjects: - - kind: ServiceAccount - name: pipeline-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ml-pipeline-viewer-crd-binding - labels: - app.kubernetes.io/name: my-release -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ml-pipeline-viewer-controller-role -subjects: - - kind: ServiceAccount - name: ml-pipeline-viewer-crd-service-account - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: my-release - app: proxy-agent-runner - name: proxy-agent-runner -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: proxy-agent-runner -subjects: - - kind: ServiceAccount - name: proxy-agent-runner - namespace: kubeflow ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: v1 -kind: Service -metadata: - annotations: - workflows.argoproj.io/description: | - This service is deprecated. It will be removed in v3.4. - - https://github.com/argoproj/argo-workflows/issues/8441 - labels: - app: workflow-controller - name: workflow-controller-metrics -spec: - ports: - - name: metrics - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: workflow-controller ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: v1 -kind: Service -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - selector: - app: cache-server - app.kubernetes.io/name: my-release - ports: - - port: 443 - targetPort: webhook-api ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-grpc-service -spec: - ports: - - name: grpc-api - port: 8080 - protocol: TCP - selector: - component: metadata-grpc-server - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -kind: Service -apiVersion: v1 -metadata: - labels: - app: metadata - app.kubernetes.io/name: my-release - name: metadata-envoy-service -spec: - selector: - component: metadata-envoy - type: ClusterIP - ports: - - port: 9090 - protocol: TCP - name: md-envoy ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: v1 -kind: Service -metadata: - name: minio-service - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - ports: - - port: 9000 - protocol: TCP - targetPort: 9000 - selector: - app: minio - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: v1 -kind: Service -metadata: - name: mysql - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - port: 3306 - selector: - - app: cloudsqlproxy - - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - ports: - - port: 80 - targetPort: 3000 - selector: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline-visualizationserver -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - selector: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: v1 -kind: Service -metadata: - name: ml-pipeline - labels: - app.kubernetes.io/name: my-release -spec: - ports: - - name: http - port: 8888 - protocol: TCP - targetPort: 8888 - - name: grpc - port: 8887 - protocol: TCP - targetPort: 8887 - selector: - app: ml-pipeline - app.kubernetes.io/name: my-release ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: workflow-controller - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" -spec: - selector: - matchLabels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - template: - metadata: - labels: - app: workflow-controller - app.kubernetes.io/name: "my-release" - spec: - serviceAccountName: argo - containers: - - name: workflow-controller - image: "gcr.io/ml-pipeline/google/pipelines/argoworkflowcontroller:dummy" - command: - - workflow-controller - args: - - --configmap - - workflow-controller-configmap - - --executor-image - - "gcr.io/ml-pipeline/google/pipelines/argoexecutor:dummy" - - --namespaced - env: - - name: LEADER_ELECTION_IDENTITY - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - ports: - - name: metrics - containerPort: 9090 - - containerPort: 6060 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 6060 - initialDelaySeconds: 90 - periodSeconds: 60 - timeoutSeconds: 30 - resources: - requests: - cpu: 100m - memory: 500Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - nodeSelector: - kubernetes.io/os: linux - priorityClassName: workflow-controller - securityContext: - runAsNonRoot: true ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-deployer-deployment - labels: - app: cache-deployer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-deployer - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: cache-deployer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/cachedeployer:dummy - imagePullPolicy: Always - env: - - name: NAMESPACE_TO_WATCH - value: kubeflow - serviceAccountName: kubeflow-pipelines-cache-deployer-sa - restartPolicy: Always ---- -# Source: kubeflow-pipelines/templates/cache.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cache-server - labels: - app: cache-server - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: cache-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: cache-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: server - image: gcr.io/ml-pipeline/google/pipelines/cacheserver:dummy - env: - - - name: DBCONFIG_USER - valueFrom: - secretKeyRef: - name: mysql-credential - key: username - - name: DBCONFIG_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-credential - key: password - - - name: CACHE_IMAGE - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_image - - name: CACHE_NODE_RESTRICTIONS - valueFrom: - configMapKeyRef: - name: cache-configmap - key: cache_node_restrictions - - name: DBCONFIG_DRIVER - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_driver - - name: DBCONFIG_DB_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_database - - name: DBCONFIG_HOST_NAME - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_host - - name: DBCONFIG_PORT - valueFrom: - configMapKeyRef: - name: cache-configmap - key: mysql_port - - name: NAMESPACE_TO_WATCH - value: kubeflow - args: ["--db_driver=$(DBCONFIG_DRIVER)", - "--db_host=$(DBCONFIG_HOST_NAME)", - "--db_port=$(DBCONFIG_PORT)", - "--db_name=$(DBCONFIG_DB_NAME)", - "--db_user=$(DBCONFIG_USER)", - "--db_password=$(DBCONFIG_PASSWORD)", - "--namespace_to_watch=$(NAMESPACE_TO_WATCH)", - ] - imagePullPolicy: Always - ports: - - containerPort: 8443 - name: webhook-api - volumeMounts: - - name: webhook-tls-certs - mountPath: /etc/webhook/certs - readOnly: true - volumes: - - name: webhook-tls-certs - secret: - secretName: webhook-server-tls - serviceAccountName: kubeflow-pipelines-cache ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - name: metadata-grpc-deployment -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - template: - metadata: - labels: - component: metadata-grpc-server - app.kubernetes.io/name: my-release - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataserver:dummy - imagePullPolicy: 'Always' - env: - # TODO: merge all into mysql-credential - - - name: DBCONFIG_USER - valueFrom: - secretKeyRef: - name: mysql-credential - key: username - - name: DBCONFIG_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-credential - key: password - - - name: MYSQL_DATABASE - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_DATABASE - - name: MYSQL_HOST - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - configMapKeyRef: - name: metadata-mysql-configmap - key: MYSQL_PORT - command: ["/bin/metadata_store_server"] - args: ["--grpc_port=8080", - "--mysql_config_database=$(MYSQL_DATABASE)", - "--mysql_config_host=$(MYSQL_HOST)", - "--mysql_config_port=$(MYSQL_PORT)", - "--mysql_config_user=$(DBCONFIG_USER)", - "--mysql_config_password=$(DBCONFIG_PASSWORD)", - "--enable_database_upgrade=true" - ] - ports: - - containerPort: 8080 - name: grpc-api - livenessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - readinessProbe: - tcpSocket: - port: grpc-api - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-envoy - labels: - component: metadata-envoy - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - component: metadata-envoy - template: - metadata: - labels: - component: metadata-envoy - spec: - containers: - - name: container - image: gcr.io/ml-pipeline/google/pipelines/metadataenvoy:dummy - ports: - - name: md-envoy - containerPort: 9090 - - name: envoy-admin - containerPort: 9901 ---- -# Source: kubeflow-pipelines/templates/metadata.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metadata-writer - labels: - app: metadata-writer - app.kubernetes.io/name: my-release -spec: - replicas: 1 - selector: - matchLabels: - app: metadata-writer - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: metadata-writer - app.kubernetes.io/name: my-release - spec: - containers: - - name: main - image: gcr.io/ml-pipeline/google/pipelines/metadatawriter:dummy - env: - - name: NAMESPACE_TO_WATCH - valueFrom: - fieldRef: - fieldPath: metadata.namespace - serviceAccountName: kubeflow-pipelines-metadata-writer ---- -# Source: kubeflow-pipelines/templates/minio.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: minio - labels: - app: minio - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: minio - app.kubernetes.io/name: my-release - strategy: - type: Recreate - template: - metadata: - labels: - app: minio - app.kubernetes.io/name: my-release - spec: - containers: - - args: - - gateway - - gcs - - $(PROJECT_ID) - env: - - name: PROJECT_ID - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "project_id" - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: accesskey - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: mlpipeline-minio-artifact - key: secretkey - # Minio is KFP system workload and we use GCE's default service account - # or later Workload Identity's corresponding service account. - # So here no need to setup GOOGLE_APPLICATION_CREDENTIALS. - # - name: GOOGLE_APPLICATION_CREDENTIALS - # value: "/etc/credentials/application_default_credentials.json" - image: gcr.io/ml-pipeline/google/pipelines/minio:dummy - name: minio - ports: - - containerPort: 9000 - resources: - requests: - cpu: 20m - memory: 100Mi ---- -# Source: kubeflow-pipelines/templates/mysql.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cloudsqlproxy - labels: - app: cloudsqlproxy - app.kubernetes.io/name: my-release -spec: - selector: - matchLabels: - app: cloudsqlproxy - app.kubernetes.io/name: my-release - replicas: 1 - template: - metadata: - labels: - app: cloudsqlproxy - app.kubernetes.io/name: my-release - spec: - serviceAccountName: mysql - containers: - - image: gcr.io/ml-pipeline/google/pipelines/cloudsqlproxy:dummy - name: cloudsqlproxy - env: - command: ["/cloud_sql_proxy", - "-dir=/cloudsql", - # Replace with your own CloudSQL instance ID - "-instances=myproject:us-central1:myinstance=tcp:0.0.0.0:3306", - # Enables HTTP health checks. - "-use_http_health_check", - # System workload uses GCE default service account or Workload Identity's service account - # "-credential_file=/credentials/application_default_credentials.json", - "term_timeout=10s"] - # set term_timeout if require graceful handling of shutdown - # NOTE: proxy will stop accepting new connections; only wait on existing connections - lifecycle: - preStop: - exec: - # (optional) add a preStop hook so that termination is delayed - # this is required if your server still require new connections (e.g., connection pools) - command: ['sleep', '10'] - # Liveness probe configuration is adviced by Cloud SQL Proxy examples: - # https://github.com/GoogleCloudPlatform/cloudsql-proxy/tree/main/examples/k8s-health-check - # For details, see https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ - livenessProbe: - httpGet: - path: /liveness - port: 8090 - # Number of seconds after the container has started before the first probe is scheduled. Defaults to 0. - # Not necessary when the startup probe is in use. - initialDelaySeconds: 0 - # Frequency of the probe. - periodSeconds: 60 - # Number of seconds after which the probe times out. - timeoutSeconds: 30 - # Number of times the probe is allowed to fail before the transition - # from healthy to failure state. - # - # If periodSeconds = 60, 5 tries will result in five minutes of - # checks. The proxy starts to refresh a certificate five minutes - # before its expiration. If those five minutes lapse without a - # successful refresh, the liveness probe will fail and the pod will be - # restarted. - failureThreshold: 5 - readinessProbe: - httpGet: - path: /readiness - port: 8090 - initialDelaySeconds: 0 - periodSeconds: 10 - timeoutSeconds: 5 - # Number of times the probe must report success to transition from failure to healthy state. - # Defaults to 1 for readiness probe. - successThreshold: 1 - failureThreshold: 1 - startupProbe: - httpGet: - path: /startup - port: 8090 - periodSeconds: 1 - timeoutSeconds: 5 - failureThreshold: 20 - ports: - - name: mysql - containerPort: 3306 - volumeMounts: - - mountPath: /cloudsql - name: cloudsql - volumes: - - name: cloudsql - emptyDir: ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - name: ml-pipeline-persistenceagent -spec: - selector: - matchLabels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-persistenceagent - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - - name: TTL_SECONDS_AFTER_WORKFLOW_FINISH - value: "86400" - image: gcr.io/ml-pipeline/google/pipelines/persistenceagent:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-persistenceagent - resources: - requests: - cpu: 120m - memory: 500Mi - volumeMounts: - - mountPath: /var/run/secrets/kubeflow/tokens - name: persistenceagent-sa-token - serviceAccountName: ml-pipeline-persistenceagent - volumes: - - name: persistenceagent-sa-token - projected: - sources: - - serviceAccountToken: - path: persistenceagent-sa-token - expirationSeconds: 3600 - audience: pipelines.kubeflow.org ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - name: ml-pipeline-scheduledworkflow -spec: - selector: - matchLabels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-scheduledworkflow - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/scheduledworkflow:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-scheduledworkflow - serviceAccountName: ml-pipeline-scheduledworkflow ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - name: ml-pipeline-ui -spec: - selector: - matchLabels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-ui - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MINIO_NAMESPACE - value: kubeflow - - name: ALLOW_CUSTOM_VISUALIZATIONS - value: "true" - - name: DEPLOYMENT - value: MARKETPLACE - image: gcr.io/ml-pipeline/google/pipelines/frontend:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-ui - ports: - - containerPort: 3000 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:3000/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 10m - memory: 70Mi - serviceAccountName: ml-pipeline-ui ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - name: ml-pipeline-viewer-crd -spec: - selector: - matchLabels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-viewer-crd - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - name: MAX_NUM_VIEWERS - value: "50" - - name: NAMESPACE - value: kubeflow - image: gcr.io/ml-pipeline/google/pipelines/viewercrd:dummy - imagePullPolicy: Always - name: ml-pipeline-viewer-crd - serviceAccountName: ml-pipeline-viewer-crd-service-account ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - name: ml-pipeline-visualizationserver -spec: - selector: - matchLabels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline-visualizationserver - app.kubernetes.io/name: my-release - spec: - containers: - - image: gcr.io/ml-pipeline/google/pipelines/visualizationserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-visualizationserver - ports: - - name: http - containerPort: 8888 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/ - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 30m - memory: 500Mi - serviceAccountName: ml-pipeline-visualizationserver ---- -# Source: kubeflow-pipelines/templates/pipeline.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - name: ml-pipeline -spec: - selector: - matchLabels: - app: ml-pipeline - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: ml-pipeline - app.kubernetes.io/name: my-release - spec: - containers: - - env: - - - name: HAS_DEFAULT_BUCKET - value: "true" - - name: BUCKET_NAME - value: "mybucket" - - - name: PROJECT_ID - valueFrom: - configMapKeyRef: - name: "gcp-default-config" - key: "project_id" - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: DEFAULTPIPELINERUNNERSERVICEACCOUNT - value: 'pipeline-runner' - - name: OBJECTSTORECONFIG_SECURE - value: "false" - - - name: OBJECTSTORECONFIG_BUCKETNAME - value: "mybucket" - - name: DBCONFIG_DBNAME - value: 'my_release_pipeline' - - name: DBCONFIG_USER - valueFrom: - secretKeyRef: - name: mysql-credential - key: username - - name: DBCONFIG_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-credential - key: password - - image: gcr.io/ml-pipeline/google/pipelines/apiserver:dummy - imagePullPolicy: IfNotPresent - name: ml-pipeline-api-server - ports: - - name: http - containerPort: 8888 - - name: grpc - containerPort: 8887 - readinessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - livenessProbe: - exec: - command: - - wget - - -q # quiet - - -S # show server response - - -O - - "-" # Redirect output to stdout - - http://localhost:8888/apis/v1beta1/healthz - initialDelaySeconds: 3 - periodSeconds: 5 - timeoutSeconds: 2 - resources: - requests: - cpu: 250m - memory: 500Mi - serviceAccountName: ml-pipeline ---- -# Source: kubeflow-pipelines/templates/proxy.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - name: proxy-agent -spec: - selector: - matchLabels: - app: proxy-agent - app.kubernetes.io/name: my-release - template: - metadata: - labels: - app: proxy-agent - app.kubernetes.io/name: my-release - spec: - hostNetwork: true - containers: - - image: gcr.io/ml-pipeline/google/pipelines/proxyagent:dummy - imagePullPolicy: IfNotPresent - name: proxy-agent - serviceAccountName: proxy-agent-runner ---- -# Source: kubeflow-pipelines/templates/application.yaml -apiVersion: app.k8s.io/v1beta1 -kind: Application -metadata: - name: "my-release" - namespace: "kubeflow" - annotations: - kubernetes-engine.cloud.google.com/icon: >- - data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADMAAAAyCAYAAADx/eOPAAALuUlEQVRogd2afWxd9XnHP99bK4pS3yhiGUIRiiJUVVVqbq8ppdR20ibqpuIMtDRkUYERp29J57gMZVuxsrZiK7oZXVv5re1AiOuoG+N1DMkuytprsGPEVMouxqQZJVHEWIdQlGVxZlmZdb/747zcc869jpMO+seOdPz7nd/L83tev89zzjX8Bq795Rq9o17zXp+Tey+Ijkyboela29DRWkhffyT733pH/Z3este9F2cC6N0kNjxtjD+FdRD8UF9X7u97y7UbQFPAivC0BdllS381slun3s3z3xVhhqeds90tqR/oMB7u68z19ZZra0E/l1if3WOziPx3skrDPTr+bvDxfxImEIJbgX6gGBJ7EfHJX/ySReDHwO9KYAenyWCMFKw21GSeslwa2Z17+TcuzPBRr7B8m6Df5oOJqdPAR/u6cm/2lmv3At+IT3GiXZqbcaxSLsfRoTsvn7XL2jE87ZXGnwf+VGiDY86ETM1wU1+XjvSW/RlgTJADQ2QaCZKWcX1/aDIcjE8i3SdzZLjn0lm8pJXD02417BM+gLmq2Rqjr/d16Vu95dp6wc8Ra5O8NrPIcoZCvIR1H+KZkd2qLcfnRYUZOuorJO+3uQt0RerolGYZR7r5+C9ZATwPviGyQprd6Liszy3bnwVKwGMjPbnFyxJmeNpX2T4gaR/QmmSpyYZTho/2depMb9k/kNh3KawuJ1bWauHzUcyXRpZAv5Zmg7aHBLcmNN9ECAFeAO3s69KZ3nLtDuF9dnBs0IT9JO24rbPb0JfP2syCZpFfE5q1mRWcvlgMNcwMTRq9z/+OWXdx4AGjvX1deqC37DbwPwOrMgsufol5mWMWs1ivEbjTrOCtLNNb+udygqsNbUBtopR/NkuuwTJ6Hxsw67KSuvH5MPDA/nJttfGTdUFCMUlp/ALwOtIs9muBxpnFnBzuSQf21oP/BbXclVvumWuTaDN8WNBm2GizJkxPM0CDMA2WGZ72bbb/Njue2TRj9Il/PcG87SeBz4ZTNaSTsmctHcO8SqDp14d7dCFLZ2v/3OpQ023Ah4n65kohvETUCdcsfmuilD+bpNdgGZvOODuHqYGIVGCec9g7+7o031v2jaBTiD0ysxbHRnZrPktzyz1zK7f0z10nh5pWwLRhvZro1KqznVJhNB8UyDeSsU4zAOiIXV1OuEqQ2AR79nflXgcY6dGLwIvR8q39cy1b+uc2Emo6dI824BpMSxz8iVhy4m/2WiYHdV5UmOHp2mpwm52ESCdwRn+9v0tPAWzpn9sAFAQbMdc60PaHsFZEWd9uxk4z8G3seykECfObTEd2KmuZG4CWyLXkYLMwtiYt+hMsTUdAEZQzjs9apv66SHJRk73ZjBQ+iRu29s+1VEr5OImmXs4MHUahVoLWgK23wbv6OrU4OulcuHYehWsVHhpXwpE2FNRayTszX2cwDpQEzTB+QvrJHCXUaigk+c++aXZiE98YmUVgV19X7u3ypH/fgfUA5h2usY2jNjmWoGVn50nvC9T2NviA5OPBGPW91OlG+0Xa1WJhhqadk3WjpKCilQIQFP19XZocnfIHgIeFWyNh6goXyX6gdNWfU8aJ5tNjEheAHZVS/ruGj0s8k6VPhh6ms6kwgoLl1aGuCEuSpwXfHZ2qrTJ+HHkNCpOjmbdFcEcGUIhUSj/H65rPO6j+766U8i/QXV0z8cqJc4btwF8AtWgtMb1wj+j41Df/s1EYQwdEDiqM3hDes9quGY3IKoYOvCrU7HlCoZtEWapPkzEpsU8uq8b36a6uBqaBv5l45URLpZT/pmGH8LnkvlAdAOt1oeXqRsuYTjlEMJiXvWN/Z+5szfqioKcOKo7qr/nAEesKiOyv2A/q88rOx8+8bPhK5dUTAA8jbUT6MuKnbKteNVHKP23xCeD1LC0F2TWOmzoAKEiWxmC+sr8rN1OerF2HGaqXFcZhDWaYj11S4ZxcXxVqyKqPZOeNTwM7Jkr5BeDPQJ8NFQaoC/gZ26rXT5TyxxAfRx6P94d0gU0pYYama+tsbwix/AHM4fKUrwAeB68kRJ5AZsWWieGTjLipsVCgrKCwKHF7pZQ/RXf104j76i4ZMmquxkzRXb2zUsqfxdxsfCiA70hRjZbpCDHmJcRdeZPDHkVck0Ul5PeHZ81DgHxKtglXaHCxVN9fr5TyR9hW3QA8Amqp5526SyKtBEbZVv1eZeZkbqKU7xfsFJwPqRW29s+11oUxnUhnkHf2dWoB+R5Jv5dNaGHh1wog8d/ZAI+0GgVpFPTp4AfJT2Hup7u6EvMk0tpkboutEz0HMPzHyD+mu3pFpZR/Aug0Pgm0RLkvFzLWYfjDvs7cqfKUt2LuXTLhue5mdWhVDJdEzxDDcRKawceN9lRePVkDfgBcR/LKVqNpz/s08DO6q4VKKT8j8zHgJ1HyzA1P11YZjfV1arw85auBR4RalDB5lEjDKi0CgPPphKZ0QiNRwUQeg88B2ydKreew9yH1NCxe/r4GaZpt1Vsrh/JnDDcBLwPkbLVgf6s86RXYj4KvtJKJM8KsGLkSlsmUL6mSg1RJY1xD7KmU8sfprnYgBqJsGVsiEfupsca7FfMo26p/OfHKiVqllB8HyPV16VxfV66G/G1QBwY5xvCgTT7X3/MTaBbFVr0fJvqw2ASZ+yul/FN0V68CHsesiDl3UopM3CwhDZDD/Dnwj3S/sjoYAMqTtc1YX02jVqYOiuuqsAKIkqZCfFIz/IrfFY8gDrKt2gI8irSuwQezyTeNaOl+6qYb+fpYGKEXJE9GSTObK5ItrheaLHE5/XRKcHul+kYN8x2kzWlLNNuVtUqibzKW5CBjxUoszO7NWrS1E/xWvMeJjck2WQHEKJeMD+qH4gWCSvg00m3AVxv5TMRKsp9Cs0Q/Ka/1BOZQNBSXMz2b9Q5oO9JCKgkqg2aKofl8uvTPeE1w3t5KKf8y26pFxINhLRa5R9JV6huT/aZuFu7Ds+A9jBdj+VIvZz2b9BL2Xi5yJQEgUFqinI9SZBDx358o5Q/HiRGtquOEmxJu6DcbC/afQWxnvHg+Odrwm2bP5txh5OEYjOM3vaiu8qqHJw1mPmK/Xs7HJf0LRncDMF5cAL6NWUxDrX/duwbczljxjSzvTX+gtXU3MBlrRCltrsxBTgorACKrRGf5bczOiVLrhUL74B2F9oHVjBd/iLwTWEhr+CIWaLYumDjIWLHha+aSwvRs1iJmJ9Kb9ZJRETS3ACsMC8i1ZNwgXZDYWTmU/1WhfeAW8Cjo+UL7wDrGik8jfid0kYz/Z2ODepv+GPIY+FAznpcUJhAo9w5mh81CFtEsWieCTzwXkogmfKBSyh8ttA98EDPqoPouYqYLxYEPMVY8itmEeTM+KEaqZhVAkiPPIL6QDPhLFiYQSC9J7M3mGlF/24zWSvwIM1xoH2gF/sFiTcSPxQakqUJxsIPx4jGCr0AzCUYTbROJ7DPAdsbSAX9ZwgDs3qTDiMGUOxF/1DgfekLVsPf0sw8DPARsDNwy8iYBXov4p0L7wC2MF99CfBJ4rqmbJbO/qYE+x1jx5HK8Xtp/aFgHDM/FX+RM9FFjHjjj4NV3HvlPsP4g+SqQgm6zCuvJQnHgi4wVz2JuAj8RnLGEVaCf8Y8cuRQ2L0mYEBB2Gb8ZHKD4NQBx+0Qpf7LQPrAVVGqiiWTpCcEn4QcLxcF7C7+aXMDahT1YX5IS5DHE/ZfC4yULEwr0DtIOWwuuvwZ8rVLKP1soDqzHPGJoyRao9b4SXiQQ30A8eO1/PJ8D7gK+BtQSJcQM8AXGlg747LUkmi91lad8J3CuZ5OeBii0D64ET2FdH1N0omWJvgLPkvwM8LmZf7lrnm3VO4CHsM4DH2P8I8vGSfK67P9q8v9wWPAcQLH4PbBHbK6Pq+3M9+Ml+6FL2dyC+WmhOLiWseKPMDeDd12uIPBrWCZ5Xds++AHsAwGlBKnoB5747c2J+aSJEuvRL8CDv/2Zz+cqh/LL/gPD//vrfwFjcI5oX6jDBwAAAABJRU5ErkJggg== - marketplace.cloud.google.com/deploy-info: '{"partner_id": "ml-pipeline", "product_id": "kubeflow-pipelines", "partner_name": "Google Cloud AI Platform"}' - labels: - app.kubernetes.io/name: "my-release" -spec: - descriptor: - type: Kubeflow Pipelines - version: 2.1.0 - description: |- - Reusable end-to-end ML workflow - maintainers: - - name: Google Cloud AI Platform - url: https://cloud.google.com/ai-platform/ - - name: Kubeflow Pipelines - url: https://github.com/kubeflow/pipelines - links: - - description: 'Kubeflow Pipelines Documentation' - url: https://www.kubeflow.org/docs/pipelines/ - notes: |- - Please go to [Hosted Kubeflow Pipelines Console](https://console.cloud.google.com/ai-platform/pipelines/clusters). - info: - - name: Application Namespace - value: "kubeflow" - - name: Console - value: 'https://console.cloud.google.com/ai-platform/pipelines/clusters' - componentKinds: - - group: v1 - kind: ServiceAccount - - group: rbac.authorization.k8s.io/v1 - kind: Role - - group: rbac.authorization.k8s.io/v1 - kind: RoleBinding - - group: v1 - kind: Service - - group: v1 - kind: ConfigMap - - group: v1 - kind: Secret - - group: apps/v1 - kind: Deployment ---- -# Source: kubeflow-pipelines/templates/argo.yaml -apiVersion: scheduling.k8s.io/v1 -kind: PriorityClass -metadata: - name: workflow-controller -value: 1000000 diff --git a/manifests/gcp_marketplace/test/snapshots.sh b/manifests/gcp_marketplace/test/snapshots.sh deleted file mode 100755 index 2eb43d1c656..00000000000 --- a/manifests/gcp_marketplace/test/snapshots.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# -# Copyright 2020-2021 The Kubeflow Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" > /dev/null && pwd)" - -CASES=( - "base" - "emissary" - "managed-storage" - "managed-storage-with-db-prefix" -) - -for case in "${CASES[@]}" -do - echo "Generating helm template for test/values-$case.yaml" - helm template "my-release" "${DIR}/../chart/kubeflow-pipelines" \ - --namespace "kubeflow" \ - --values "${DIR}/values-$case.yaml" \ - > "${DIR}/snapshot-$case.yaml" -done diff --git a/manifests/gcp_marketplace/test/values-base.yaml b/manifests/gcp_marketplace/test/values-base.yaml deleted file mode 100644 index 16e6f671db0..00000000000 --- a/manifests/gcp_marketplace/test/values-base.yaml +++ /dev/null @@ -1,9 +0,0 @@ -gcpDefaultConfigName: "gcp-default-config" - -managedstorage: - enabled: false - cloudsqlInstanceConnectionName: null - gcsBucketName: null - databaseNamePrefix: '{{ .Release.Name | replace "-" "_" | replace "." "_" }}' - dbUsername: 'root' - dbPassword: '' diff --git a/manifests/gcp_marketplace/test/values-emissary.yaml b/manifests/gcp_marketplace/test/values-emissary.yaml deleted file mode 100644 index 0302f6a1d2f..00000000000 --- a/manifests/gcp_marketplace/test/values-emissary.yaml +++ /dev/null @@ -1,9 +0,0 @@ -executor: - emissary: true -managedstorage: - enabled: false - cloudsqlInstanceConnectionName: null - gcsBucketName: null - databaseNamePrefix: '{{ .Release.Name | replace "-" "_" | replace "." "_" }}' - dbUsername: 'root' - dbPassword: '' diff --git a/manifests/gcp_marketplace/test/values-managed-storage-with-db-prefix.yaml b/manifests/gcp_marketplace/test/values-managed-storage-with-db-prefix.yaml deleted file mode 100644 index 60f75187719..00000000000 --- a/manifests/gcp_marketplace/test/values-managed-storage-with-db-prefix.yaml +++ /dev/null @@ -1,9 +0,0 @@ -gcpDefaultConfigName: "gcp-default-config" - -managedstorage: - enabled: true - cloudsqlInstanceConnectionName: 'myproject:us-central1:myinstance' - gcsBucketName: 'mybucket' - databaseNamePrefix: 'my_kfp' - dbUsername: 'root' - dbPassword: '1234' diff --git a/manifests/gcp_marketplace/test/values-managed-storage.yaml b/manifests/gcp_marketplace/test/values-managed-storage.yaml deleted file mode 100644 index 45879692b2a..00000000000 --- a/manifests/gcp_marketplace/test/values-managed-storage.yaml +++ /dev/null @@ -1,9 +0,0 @@ -gcpDefaultConfigName: "gcp-default-config" - -managedstorage: - enabled: true - cloudsqlInstanceConnectionName: 'myproject:us-central1:myinstance' - gcsBucketName: 'mybucket' - databaseNamePrefix: '{{ .Release.Name | replace "-" "_" | replace "." "_" }}' - dbUsername: 'root' - dbPassword: '1234' diff --git a/test/cloudbuild/mkp_verify.yaml b/test/cloudbuild/mkp_verify.yaml deleted file mode 100644 index d263a038957..00000000000 --- a/test/cloudbuild/mkp_verify.yaml +++ /dev/null @@ -1,21 +0,0 @@ -steps: -- id: 'pullDeployer' - name: 'gcr.io/cloud-builders/docker' - args: ['pull', 'gcr.io/$PROJECT_ID/hosted/$COMMIT_SHA/deployer:${_DEPLOYER_VERSION}'] -- id: "verify" - waitFor: ['pullDeployer'] - name: "gcr.io/cloud-marketplace-tools/k8s/dev:latest" - entrypoint: '/bin/bash' - args: - - -ceux - - | - gcloud container clusters get-credentials hosted-verify-test --zone us-central1-c --project ml-pipeline-test - kubectl apply -f "https://raw.githubusercontent.com/GoogleCloudPlatform/marketplace-k8s-app-tools/master/crd/app-crd.yaml" - /scripts/verify --deployer="gcr.io/$PROJECT_ID/hosted/$COMMIT_SHA/deployer:${_DEPLOYER_VERSION}" --wait_timeout="1800" - -timeout: '3600s' -options: - machineType: N1_HIGHCPU_8 - -substitutions: - _DEPLOYER_VERSION: '' diff --git a/test/deploy-pipeline-mkp-cli.sh b/test/deploy-pipeline-mkp-cli.sh deleted file mode 100755 index 440b4f5d02c..00000000000 --- a/test/deploy-pipeline-mkp-cli.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# -# Copyright 2020 The Kubeflow Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -# Test before submit: -# test/deploy-pipline-mkp-cli.sh 0.3 $(git rev-parse HEAD) $(pwd)/test - -set -ex - -VERSION=$1 -COMMIT_SHA=$2 -TEST_FOLDER=$3 - -# sync trigger to avoid wait -gcloud builds submit --config=$TEST_FOLDER/cloudbuild/mkp_verify.yaml --substitutions=_DEPLOYER_VERSION="$VERSION",COMMIT_SHA="$COMMIT_SHA" --project=ml-pipeline-test \ No newline at end of file diff --git a/test/images/Dockerfile b/test/images/Dockerfile deleted file mode 100644 index 2820a0656cd..00000000000 --- a/test/images/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -# This image is the base image for Kubeflow Pipelines e2e test - -FROM gcr.io/k8s-testimages/kubekins-e2e:v20200204-8eefa86-master - -# install sudo to enable docker command on mkp deployment: -# https://github.com/kubeflow/pipelines/blob/master/test/deploy-pipeline-mkp-cli.sh#L64 -RUN apt-get update && \ - apt-get -y install sudo - -# start docker daemon -RUN service docker stop && \ - nohup docker daemon -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock & diff --git a/test/images/README.md b/test/images/README.md deleted file mode 100644 index b55f54dea20..00000000000 --- a/test/images/README.md +++ /dev/null @@ -1,20 +0,0 @@ -This image is the base image for Kubeflow Pipelines [Prow job](https://github.com/kubernetes/test-infra/blob/6555278147dfff550706b41c3f69f41ecf5a8c5a/config/jobs/kubeflow/kubeflow-postsubmits.yaml#L245). Including presubmit and postsubmit jobs. - -## How to build the image -To build this Docker image, run the following Docker command from the directory containing the image's files: - -``` -docker build -t gcr.io/ml-pipeline/test-worker:latest . -``` -## Where to push the image -This image is stored in the repo ml-pipeline, which is a public GCR repo. To push the image, run the following command: -1. Configure docker to use the gcloud command-line tool as a credential helper: - -``` -gcloud auth configure-docker -``` -2. Push the image to Container Registry: - -``` -docker push gcr.io/ml-pipeline/test-worker:latest -``` diff --git a/test/postsubmit-tests-with-pipeline-deployment.sh b/test/postsubmit-tests-with-pipeline-deployment.sh deleted file mode 100755 index e7ed5c57120..00000000000 --- a/test/postsubmit-tests-with-pipeline-deployment.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# -# Copyright 2018 The Kubeflow Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -usage() -{ - echo "usage: deploy.sh - [--platform the deployment platform. Valid values are: [gcp, minikube]. Default is gcp.] - [--kfp_deployment the deployment method of kfp. Valid values are: [standalone, mkp]. Default is standalone.] - [--workflow_file the file name of the argo workflow to run] - [--test_result_bucket the gcs bucket that argo workflow store the result to. Default is ml-pipeline-test - [--test_result_folder the gcs folder that argo workflow store the result to. Always a relative directory to gs:///[PULL_SHA]] - [--timeout timeout of the tests in seconds. Default is 1800 seconds. ] - [-h help]" -} - -PLATFORM=gcp -PROJECT=ml-pipeline-test -KFP_DEPLOYMENT=standalone -TEST_RESULT_BUCKET=ml-pipeline-test -CLOUDBUILD_PROJECT=ml-pipeline-test -GCR_IMAGE_BASE_DIR=gcr.io/ml-pipeline-test -TARGET_IMAGE_BASE_DIR=gcr.io/ml-pipeline-test/${PULL_BASE_SHA} -TIMEOUT_SECONDS=1800 -NAMESPACE=kubeflow -IS_INTEGRATION_TEST=false -ENABLE_WORKLOAD_IDENTITY=true -COMMIT_SHA="$PULL_BASE_SHA" - -while [ "$1" != "" ]; do - case $1 in - --platform ) shift - PLATFORM=$1 - ;; - --kfp_deployment ) shift - KFP_DEPLOYMENT=$1 - ;; - --workflow_file ) shift - WORKFLOW_FILE=$1 - ;; - --test_result_bucket ) shift - TEST_RESULT_BUCKET=$1 - ;; - --test_result_folder ) shift - TEST_RESULT_FOLDER=$1 - ;; - --is_integration_test ) shift - IS_INTEGRATION_TEST=$1 - ;; - --timeout ) shift - TIMEOUT_SECONDS=$1 - ;; - -h | --help ) usage - exit - ;; - * ) usage - exit 1 - esac - shift -done - -# Variables -# Refer to https://github.com/kubernetes/test-infra/blob/e357ffaaeceafe737bd6ab89d2feff132d92ea50/prow/jobs.md for the Prow job environment variables -TEST_RESULTS_GCS_DIR=gs://${TEST_RESULT_BUCKET}/${PULL_BASE_SHA}/${TEST_RESULT_FOLDER} -DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" > /dev/null && pwd)" - -if [ ${KFP_DEPLOYMENT} != standalone ]; then - ENABLE_WORKLOAD_IDENTITY=false -fi - -echo "postsubmit test starts" - -source "${DIR}/test-prep.sh" - -## Wait for the cloudbuild job to be started -CLOUDBUILD_TIMEOUT_SECONDS=3600 -PULL_CLOUDBUILD_STATUS_MAX_ATTEMPT=$(expr ${CLOUDBUILD_TIMEOUT_SECONDS} / 20 ) -CLOUDBUILD_STARTED=TIMEOUT -CLOUDBUILD_FILTER="substitutions.COMMIT_SHA:${PULL_BASE_SHA} AND tags:build-each-commit" - -for i in $(seq 1 ${PULL_CLOUDBUILD_STATUS_MAX_ATTEMPT}) -do - output=`gcloud builds list --project="$CLOUDBUILD_PROJECT" --filter="$CLOUDBUILD_FILTER"` - if [[ ${output} != "" ]]; then - CLOUDBUILD_STARTED=True - break - fi - sleep 20 -done - -if [[ ${CLOUDBUILD_STARTED} == TIMEOUT ]];then - echo "Wait for cloudbuild job to start, timeout exiting..." - exit 1 -fi - -## Wait for the cloudbuild job to complete -CLOUDBUILD_FINISHED=TIMEOUT -for i in $(seq 1 ${PULL_CLOUDBUILD_STATUS_MAX_ATTEMPT}) -do - output=`gcloud builds list --project="$CLOUDBUILD_PROJECT" --filter="$CLOUDBUILD_FILTER"` - if [[ ${output} == *"SUCCESS"* ]]; then - CLOUDBUILD_FINISHED=SUCCESS - break - elif [[ ${output} == *"FAILURE"* ]]; then - CLOUDBUILD_FINISHED=FAILURE - break - fi - sleep 20 -done - -if [[ ${CLOUDBUILD_FINISHED} == FAILURE ]];then - echo "Cloud build failure, postsubmit tests cannot proceed. exiting..." - exit 1 -elif [[ ${CLOUDBUILD_FINISHED} == TIMEOUT ]];then - echo "Wait for cloudbuild job to finish, timeout exiting..." - exit 1 -fi - -source "${DIR}/deploy-cluster.sh" -echo "cluster deployed" - -# Install Argo -source "${DIR}/install-argo.sh" -echo "argo installed" - -# Deploy the pipeline -GCR_IMAGE_TAG=${PULL_BASE_SHA} -if [ ${KFP_DEPLOYMENT} == standalone ]; then - time source "${DIR}/deploy-pipeline-lite.sh" - echo "KFP standalone deployed" - # Submit the argo job and check the results - echo "submitting argo workflow for commit ${PULL_BASE_SHA}..." - ARGO_WORKFLOW=`argo submit ${DIR}/${WORKFLOW_FILE} \ - -p image-build-context-gcs-uri="$remote_code_archive_uri" \ - -p commit-sha="${PULL_BASE_SHA}" \ - -p component-image-prefix="${GCR_IMAGE_BASE_DIR}/" \ - -p target-image-prefix="${TARGET_IMAGE_BASE_DIR}/" \ - -p test-results-gcs-dir="${TEST_RESULTS_GCS_DIR}" \ - -p is-integration-test="${IS_INTEGRATION_TEST}" \ - -n ${NAMESPACE} \ - --serviceaccount test-runner \ - -o name - ` - echo "argo workflow submitted successfully" - source "${DIR}/check-argo-status.sh" - echo "test workflow completed" -else - SEM_VERSION="$(cat ${DIR}/../VERSION)" - source "${DIR}/deploy-pipeline-mkp-cli.sh" $SEM_VERSION $COMMIT_SHA ${DIR} - exit $? -fi diff --git a/test/presubmit-tests-mkp.sh b/test/presubmit-tests-mkp.sh deleted file mode 100755 index f50027cdb3e..00000000000 --- a/test/presubmit-tests-mkp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# -# Copyright 2020 The Kubeflow Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -echo "Presubmit test with Hosted/MKP. It's also runable before sending out PR" - -if [[ ! -z "${GOOGLE_APPLICATION_CREDENTIALS}" ]]; then - # activating the service account - gcloud auth activate-service-account --key-file="${GOOGLE_APPLICATION_CREDENTIALS}" -fi - -# Build all required images used for Hosted (sync style) -echo "Building, it may take ~30 minutes" -echo "Images can be found in gcr.io/ml-pipeline-test/hosted/$(git rev-parse HEAD)/" -gcloud builds submit --config=.cloudbuild.yaml --substitutions=COMMIT_SHA="$(git rev-parse HEAD)" --project=ml-pipeline-test - -# Install & uninstsall -echo "Verify hosted images, it may take ~10 minutes" -# Parse major minor version -# e.g. 1.0.0-rc.1 and 1.0.1 are parsed as 1.0 -MM_VER=$(cat VERSION | sed -e "s#[^0-9]*\([0-9]*\)[.]\([0-9]*\)[.]\([0-9]*\).*#\1.\2#") -gcloud builds submit --config=test/cloudbuild/mkp_verify.yaml --substitutions=COMMIT_SHA="$(git rev-parse HEAD)",_DEPLOYER_VERSION=$MM_VER --project=ml-pipeline-test - -echo "Well done!"