diff --git a/istio/add-anonymous-user-filter-istio-1.6/envoy-filter.yaml b/istio/add-anonymous-user-filter-istio-1.6/envoy-filter.yaml new file mode 100644 index 0000000000..084b1725d7 --- /dev/null +++ b/istio/add-anonymous-user-filter-istio-1.6/envoy-filter.yaml @@ -0,0 +1,29 @@ +apiVersion: networking.istio.io/v1alpha3 +kind: EnvoyFilter +metadata: + name: add-user-filter + namespace: istio-system +spec: + workloadSelector: + labels: + app: istio-ingressgateway + configPatches: + - applyTo: HTTP_FILTER + match: + context: GATEWAY + listener: + filterChain: + filter: + name: "envoy.http_connection_manager" + subFilter: + name: "envoy.router" + patch: + operation: INSERT_BEFORE + value: + name: envoy.lua + typed_config: + "@type": "type.googleapis.com/envoy.config.filter.http.lua.v2.Lua" + inlineCode: | + function envoy_on_request(request_handle) + request_handle:headers():add("kubeflow-userid","anonymous@kubeflow.org") + end diff --git a/istio/add-anonymous-user-filter-istio-1.6/kustomization.yaml b/istio/add-anonymous-user-filter-istio-1.6/kustomization.yaml new file mode 100644 index 0000000000..45e61bd377 --- /dev/null +++ b/istio/add-anonymous-user-filter-istio-1.6/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: istio-system +resources: +- envoy-filter.yaml diff --git a/kfdef/OWNERS b/kfdef/OWNERS index b6f709397a..f79d6210ad 100644 --- a/kfdef/OWNERS +++ b/kfdef/OWNERS @@ -1,6 +1,9 @@ approvers: - adrian555 + - dtzar + - eedorenko - Jeffwan - kkasravi - krishnadurai + - sudivate - yanniszark diff --git a/kfdef/kfctl_azure.v1.1.0.yaml b/kfdef/kfctl_azure.v1.1.0.yaml new file mode 100644 index 0000000000..d034ebd11d --- /dev/null +++ b/kfdef/kfctl_azure.v1.1.0.yaml @@ -0,0 +1,58 @@ +apiVersion: kfdef.apps.kubeflow.org/v1 +kind: KfDef +metadata: + name: kubeflowmanifests + namespace: kubeflow +spec: + applications: + # It is expected to have Istio 1.6.x installed in istio-system namespace + - kustomizeConfig: + repoRef: + name: manifests + path: namespaces/base + name: namespaces + - kustomizeConfig: + repoRef: + name: manifests + path: application/v3 + name: application + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-crds + name: cert-manager-crds + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-kube-system-resources + name: cert-manager-kube-system-resources + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/istio + name: istio + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/add-anonymous-user-filter-istio-1.6 + name: add-anonymous-user-filter + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager + name: cert-manager + - kustomizeConfig: + repoRef: + name: manifests + path: metacontroller/base + name: metacontroller + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure + name: kubeflow-apps + repos: + - name: manifests + uri: https://github.com/kubeflow/manifests/archive/v1.1-branch.tar.gz + version: v1.1-branch + diff --git a/kfdef/kfctl_azure.v1.2.0.yaml b/kfdef/kfctl_azure.v1.2.0.yaml new file mode 100644 index 0000000000..7ca08f2fe2 --- /dev/null +++ b/kfdef/kfctl_azure.v1.2.0.yaml @@ -0,0 +1,58 @@ +apiVersion: kfdef.apps.kubeflow.org/v1 +kind: KfDef +metadata: + name: kubeflowmanifests + namespace: kubeflow +spec: + applications: + # It is expected to have Istio 1.6.x installed in istio-system namespace + - kustomizeConfig: + repoRef: + name: manifests + path: namespaces/base + name: namespaces + - kustomizeConfig: + repoRef: + name: manifests + path: application/v3 + name: application + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-crds + name: cert-manager-crds + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-kube-system-resources + name: cert-manager-kube-system-resources + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/istio + name: istio + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/add-anonymous-user-filter-istio-1.6 + name: add-anonymous-user-filter + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager + name: cert-manager + - kustomizeConfig: + repoRef: + name: manifests + path: metacontroller/base + name: metacontroller + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure + name: kubeflow-apps + repos: + - name: manifests + uri: https://github.com/kubeflow/manifests/archive/v1.2-branch.tar.gz + version: v1.2-branch + diff --git a/kfdef/kfctl_azure_aad.v1.1.0.yaml b/kfdef/kfctl_azure_aad.v1.1.0.yaml new file mode 100644 index 0000000000..5c9e70217e --- /dev/null +++ b/kfdef/kfctl_azure_aad.v1.1.0.yaml @@ -0,0 +1,65 @@ +apiVersion: kfdef.apps.kubeflow.org/v1 +kind: KfDef +metadata: + namespace: kubeflow +spec: + applications: + - kustomizeConfig: + repoRef: + name: manifests + path: namespaces/base + name: namespaces + - kustomizeConfig: + repoRef: + name: manifests + path: application/v3 + name: application + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/istio-1-3-1-stack + name: istio-stack + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/kubernetes/application/cluster-local-gateway-1-3-1 + name: cluster-local-gateway + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/istio + name: istio + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-crds + name: cert-manager-crds + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-kube-system-resources + name: cert-manager-kube-system-resources + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager + name: cert-manager + - kustomizeConfig: + repoRef: + name: manifests + path: metacontroller/base + name: metacontroller + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/oidc-authservice + name: oidc-authservice + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure + name: kubeflow-apps + repos: + - name: manifests + uri: https://github.com/kubeflow/manifests/archive/v1.1-branch.tar.gz + version: v1.1-branch \ No newline at end of file diff --git a/kfdef/kfctl_azure_aad.v1.2.0.yaml b/kfdef/kfctl_azure_aad.v1.2.0.yaml new file mode 100644 index 0000000000..2599bd614d --- /dev/null +++ b/kfdef/kfctl_azure_aad.v1.2.0.yaml @@ -0,0 +1,65 @@ +apiVersion: kfdef.apps.kubeflow.org/v1 +kind: KfDef +metadata: + namespace: kubeflow +spec: + applications: + - kustomizeConfig: + repoRef: + name: manifests + path: namespaces/base + name: namespaces + - kustomizeConfig: + repoRef: + name: manifests + path: application/v3 + name: application + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/istio-1-3-1-stack + name: istio-stack + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/kubernetes/application/cluster-local-gateway-1-3-1 + name: cluster-local-gateway + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/istio + name: istio + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-crds + name: cert-manager-crds + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager-kube-system-resources + name: cert-manager-kube-system-resources + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/cert-manager + name: cert-manager + - kustomizeConfig: + repoRef: + name: manifests + path: metacontroller/base + name: metacontroller + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure/application/oidc-authservice + name: oidc-authservice + - kustomizeConfig: + repoRef: + name: manifests + path: stacks/azure + name: kubeflow-apps + repos: + - name: manifests + uri: https://github.com/kubeflow/manifests/archive/v1.2-branch.tar.gz + version: v1.2-branch diff --git a/stacks/azure/OWNERS b/stacks/azure/OWNERS new file mode 100644 index 0000000000..be48d59998 --- /dev/null +++ b/stacks/azure/OWNERS @@ -0,0 +1,5 @@ +approvers: +- berndverst +- dtzar +- eedorenko +- sudivate diff --git a/stacks/azure/application/add-anonymous-user-filter-istio-1.6/kustomization.yaml b/stacks/azure/application/add-anonymous-user-filter-istio-1.6/kustomization.yaml new file mode 100644 index 0000000000..8cc68968b4 --- /dev/null +++ b/stacks/azure/application/add-anonymous-user-filter-istio-1.6/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: istio-system +resources: +- ../../../../istio/add-anonymous-user-filter-istio-1.6 diff --git a/stacks/azure/application/cert-manager-crds/kustomization.yaml b/stacks/azure/application/cert-manager-crds/kustomization.yaml new file mode 100644 index 0000000000..7046d1031a --- /dev/null +++ b/stacks/azure/application/cert-manager-crds/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: cert-manager +resources: +- ../../../../cert-manager/cert-manager-crds/base diff --git a/stacks/azure/application/cert-manager-kube-system-resources/kustomization.yaml b/stacks/azure/application/cert-manager-kube-system-resources/kustomization.yaml new file mode 100644 index 0000000000..35d6700694 --- /dev/null +++ b/stacks/azure/application/cert-manager-kube-system-resources/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kube-system +resources: +- ../../../../cert-manager/cert-manager-kube-system-resources/base diff --git a/stacks/azure/application/cert-manager/kustomization.yaml b/stacks/azure/application/cert-manager/kustomization.yaml new file mode 100644 index 0000000000..58579b6269 --- /dev/null +++ b/stacks/azure/application/cert-manager/kustomization.yaml @@ -0,0 +1,14 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +commonLabels: + app.kubernetes.io/component: cert-manager + app.kubernetes.io/name: cert-manager + kustomize.component: cert-manager +kind: Kustomization +namespace: cert-manager +resources: +- ../../../../cert-manager/cert-manager/base +- ../../../../cert-manager/cert-manager/overlays/application/application.yaml +- ../../../../cert-manager/cert-manager/overlays/self-signed/cluster-issuer.yaml +configurations: +- ../../../../cert-manager/cert-manager/overlays/application/params.yaml + diff --git a/stacks/azure/application/istio-1-3-1-stack/kustomization.yaml b/stacks/azure/application/istio-1-3-1-stack/kustomization.yaml new file mode 100644 index 0000000000..47428640e2 --- /dev/null +++ b/stacks/azure/application/istio-1-3-1-stack/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: istio-system +resources: +- ../../../../istio-1-3-1/istio-crds-1-3-1/base +- ../../../../istio-1-3-1/istio-install-1-3-1/base diff --git a/stacks/azure/application/istio/kustomization.yaml b/stacks/azure/application/istio/kustomization.yaml new file mode 100644 index 0000000000..3552e93675 --- /dev/null +++ b/stacks/azure/application/istio/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kubeflow +resources: +- ../../../../istio/istio/base +configMapGenerator: +- name: istio-parameters + behavior: merge + envs: + - params.env +configurations: +- params.yaml diff --git a/stacks/azure/application/istio/params.env b/stacks/azure/application/istio/params.env new file mode 100644 index 0000000000..b39a745766 --- /dev/null +++ b/stacks/azure/application/istio/params.env @@ -0,0 +1 @@ +clusterRbacConfig=OFF diff --git a/stacks/azure/application/istio/params.yaml b/stacks/azure/application/istio/params.yaml new file mode 100644 index 0000000000..e894f9bd68 --- /dev/null +++ b/stacks/azure/application/istio/params.yaml @@ -0,0 +1,3 @@ +varReference: +- path: spec/mode + kind: ClusterRbacConfig diff --git a/stacks/azure/application/jupyter-web-app/base/deployment_patch.yaml b/stacks/azure/application/jupyter-web-app/base/deployment_patch.yaml new file mode 100644 index 0000000000..34e9493408 --- /dev/null +++ b/stacks/azure/application/jupyter-web-app/base/deployment_patch.yaml @@ -0,0 +1,33 @@ +# TODO(https://github.com/kubeflow/manifests/issues/774): This is a patch +# that pulls out from core the parts that should be in pulled into stacks. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: deployment +spec: + template: + spec: + containers: + - name: jupyter-web-app + imagePullPolicy: $(policy) + env: + - name: ROK_SECRET_NAME + valueFrom: + configMapKeyRef: + name: jupyter-web-app-parameters + key: ROK_SECRET_NAME + - name: UI + valueFrom: + configMapKeyRef: + name: jupyter-web-app-parameters + key: UI + - name: USERID_HEADER + valueFrom: + configMapKeyRef: + name: kubeflow-config + key: userid-header + - name: USERID_PREFIX + valueFrom: + configMapKeyRef: + name: kubeflow-config + key: userid-prefix diff --git a/stacks/azure/application/jupyter-web-app/base/kustomization.yaml b/stacks/azure/application/jupyter-web-app/base/kustomization.yaml new file mode 100644 index 0000000000..3679563942 --- /dev/null +++ b/stacks/azure/application/jupyter-web-app/base/kustomization.yaml @@ -0,0 +1,49 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +commonLabels: + app.kubernetes.io/component: jupyter-web-app + app.kubernetes.io/name: jupyter-web-app + app: jupyter-web-app + kustomize.component: jupyter-web-app +namePrefix: jupyter-web-app- +namespace: kubeflow +images: +- name: gcr.io/kubeflow-images-public/jupyter-web-app + newName: gcr.io/kubeflow-images-public/jupyter-web-app + newTag: vmaster-gd9be4b9e +resources: +- ../../../../../jupyter/jupyter-web-app/base/cluster-role-binding.yaml +- ../../../../../jupyter/jupyter-web-app/base/cluster-role.yaml +- ../../../../../jupyter/jupyter-web-app/base/deployment.yaml +- ../../../../../jupyter/jupyter-web-app/base/role-binding.yaml +- ../../../../../jupyter/jupyter-web-app/base/role.yaml +- ../../../../../jupyter/jupyter-web-app/base/service-account.yaml +- ../../../../../jupyter/jupyter-web-app/base/service.yaml +patchesStrategicMerge: +- deployment_patch.yaml +generatorOptions: + disableNameSuffixHash: true +configMapGenerator: +- name: jupyter-web-app-config + files: + - ../../../../../jupyter/jupyter-web-app/base/configs/spawner_ui_config.yaml +- name: parameters + envs: + - params.env +vars: +- fieldref: + fieldPath: data.policy + name: policy + objref: + apiVersion: v1 + kind: ConfigMap + name: parameters +- fieldref: + fieldPath: data.prefix + name: prefix + objref: + apiVersion: v1 + kind: ConfigMap + name: parameters +configurations: +- params.yaml diff --git a/stacks/azure/application/jupyter-web-app/base/params.env b/stacks/azure/application/jupyter-web-app/base/params.env new file mode 100644 index 0000000000..0d6dd92898 --- /dev/null +++ b/stacks/azure/application/jupyter-web-app/base/params.env @@ -0,0 +1,4 @@ +UI=default +ROK_SECRET_NAME=secret-rok-{username} +policy=Always +prefix=jupyter diff --git a/stacks/azure/application/jupyter-web-app/base/params.yaml b/stacks/azure/application/jupyter-web-app/base/params.yaml new file mode 100644 index 0000000000..c665650a15 --- /dev/null +++ b/stacks/azure/application/jupyter-web-app/base/params.yaml @@ -0,0 +1,7 @@ +varReference: +- path: spec/template/spec/containers/imagePullPolicy + kind: Deployment +- path: metadata/annotations/getambassador.io\/config + kind: Service +- path: spec/http/route/destination/host + kind: VirtualService diff --git a/stacks/azure/application/jupyter-web-app/kustomization.yaml b/stacks/azure/application/jupyter-web-app/kustomization.yaml new file mode 100644 index 0000000000..10fe1d1d97 --- /dev/null +++ b/stacks/azure/application/jupyter-web-app/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kubeflow +resources: +- base +- ../../../../jupyter/jupyter-web-app/overlays/istio +- ../../../../jupyter/jupyter-web-app/overlays/application diff --git a/stacks/azure/application/oidc-authservice/kustomization.yaml b/stacks/azure/application/oidc-authservice/kustomization.yaml new file mode 100644 index 0000000000..80ceb78b5b --- /dev/null +++ b/stacks/azure/application/oidc-authservice/kustomization.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: istio-system +resources: +- ../../../../istio/oidc-authservice/overlays/application +configMapGenerator: +- name: oidc-authservice-parameters + behavior: merge + literals: + - client_id= + - oidc_provider=https://login.microsoftonline.com//v2.0 + - oidc_redirect_uri=https:///login/oidc + - oidc_auth_url=https://login.microsoftonline.com//oauth2/v2.0/authorize + - application_secret= + - skip_auth_uri= + - namespace=istio-system + - userid-header=kubeflow-userid + - userid-prefix= diff --git a/stacks/azure/application/spark-operator/kustomization.yaml b/stacks/azure/application/spark-operator/kustomization.yaml new file mode 100644 index 0000000000..0928ac4434 --- /dev/null +++ b/stacks/azure/application/spark-operator/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kubeflow +resources: +- ../../../../spark/spark-operator/overlays/application diff --git a/stacks/azure/application/spartakus/kustomization.yaml b/stacks/azure/application/spartakus/kustomization.yaml new file mode 100644 index 0000000000..10560182cd --- /dev/null +++ b/stacks/azure/application/spartakus/kustomization.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kubeflow +resources: +- ../../../../common/spartakus/overlays/application +configMapGenerator: +- name: spartakus-config + behavior: merge + literals: + - usageId= diff --git a/stacks/azure/config/params.env b/stacks/azure/config/params.env new file mode 100644 index 0000000000..e296f8f01b --- /dev/null +++ b/stacks/azure/config/params.env @@ -0,0 +1,5 @@ +clusterDomain=cluster.local +userid-header=kubeflow-userid +userid-prefix= +cluster-name= +istio-namespace=istio-system diff --git a/stacks/azure/kustomization.yaml b/stacks/azure/kustomization.yaml new file mode 100644 index 0000000000..2184a67aae --- /dev/null +++ b/stacks/azure/kustomization.yaml @@ -0,0 +1,52 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kubeflow +resources: + - ../../admission-webhook/webhook/v3 + - ../../common/centraldashboard/overlays/stacks + - ../../kubeflow-roles/base + - ./application/jupyter-web-app + - ../../jupyter/notebook-controller/base_v3 + - ../../profiles/base_v3 + - ./application/spark-operator + - ./application/spartakus + # Training Operators + - ../../pytorch-job/pytorch-job-crds/overlays/application + - ../../pytorch-job/pytorch-operator/overlays/application + - ../../tf-training/tf-job-crds/overlays/application + - ../../tf-training/tf-job-operator/overlays/application + - ../../mxnet-job/mxnet-operator/overlays/application + - ../../mpi-job/mpi-operator/overlays/application + - ../../katib/installs/katib-standalone + # Pipeline + - ../../pipeline/minio/installs/generic + - ../../pipeline/mysql/installs/generic + - ../../pipeline/installs/generic + - ../../argo/base_v3 + # Serving components + - ../../knative/installs/generic + - ../../kfserving/installs/generic + # Kubernetes resources - anonymous user + - ../../default-install/base + # Metadata + - ../../metadata/v3 + # Uncomment the line below if you want to use Azure MySQL + # - ./metadata +configMapGenerator: +- name: workflow-controller-parameters + behavior: merge + literals: + - containerRuntimeExecutor=pns +- name: kubeflow-config + envs: + - ./config/params.env +vars: +# We need to define vars at the top level otherwise we will get +# conflicts. +- fieldref: + fieldpath: metadata.namespace + name: katib-ui-namespace + objref: + kind: Service + name: katib-ui + apiVersion: v1 diff --git a/stacks/azure/metadata/Readme.md b/stacks/azure/metadata/Readme.md new file mode 100644 index 0000000000..a40ca2de23 --- /dev/null +++ b/stacks/azure/metadata/Readme.md @@ -0,0 +1,31 @@ +# Metadata Kustomization for Azure + +This directory contains configurations and guidelines on setting up metadata service to connect to an [Azure MySQL](https://docs.microsoft.com/en-us/azure/mysql/) database. + +#### 1. Create an Azure MySQL database +Create an Azure MySQL data base following the [guidance](https://docs.microsoft.com/en-us/azure/mysql/quickstart-create-mysql-server-database-using-azure-portal) using Azure Portal. Alternatively, you could also use Azure CLI by following [steps](https://docs.microsoft.com/en-us/azure/mysql/quickstart-create-mysql-server-database-using-azure-cli) here. Take notes for ```Server Name```, ```Admin username```, and ```Password```. + +By default the server created is protected with a firewall and is not accessible publicly. Follow the [guidance](https://docs.microsoft.com/en-us/azure/mysql/quickstart-create-mysql-server-database-using-azure-portal#configure-a-server-level-firewall-rule) to allow database to be accessible from external IP addresses. Based on your configuration, you might also enable all IP addresses, and disable ```Enforce SSL connection```. + +#### 2. Deploy Kubeflow to use Azure metadata overlay +Follow the [installation document for Azure AKS](https://www.kubeflow.org/docs/azure/deploy/install-kubeflow/) until the step to build and apply the ```CONFIG_URI```. Download your configuration file, so that you can customize the configuration before deploying Kubeflow by running ```wget -O kfctl_azure.yaml ${CONFIG_URI}```, where the ```${CONFIG_URL}``` should be the one you specified in the previous steps. Run +```kfctl build -V -f kfctl_azure.yaml```. + +Edit the Azure stack at ```/stacks/azure``` and make change under ```resources``` from ```- ../../metadata/v3``` to ```metadata``` to use Azure MySQL. + +Edit ```params.env``` to provide parameters to config map as follows (change the ```[db_name]``` to the server name you used): +``` +MYSQL_HOST=[db_name].mysql.database.azure.com +MYSQL_DATABASE=mlmetadata +MYSQL_PORT=3306 +MYSQL_ALLOW_EMPTY_PASSWORD=true +``` + +Edit ```secrets.env``` to create a secret based on your database configuration (make sure the user name follows the pattern with an "@", like the one showed below): +``` +MYSQL_USERNAME=[admin_user_name]@[db_name] +MYSQL_PASSWORD=[admin_password] +``` + +#### 3. Run Kubeflow Installation +```kfctl apply -V -f kfctl_azure.yaml``` diff --git a/stacks/azure/metadata/kustomization.yaml b/stacks/azure/metadata/kustomization.yaml new file mode 100644 index 0000000000..3ef3ce8efb --- /dev/null +++ b/stacks/azure/metadata/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +commonLabels: + kustomize.component: metadata +configMapGenerator: +- name: metadata-db-parameters + envs: + - params.env +secretGenerator: +- name: metadata-db-secrets + envs: + - secrets.env +bases: +- ../../../metadata/base/ +patchesStrategicMerge: +- metadata-deployment.yaml \ No newline at end of file diff --git a/stacks/azure/metadata/metadata-deployment.yaml b/stacks/azure/metadata/metadata-deployment.yaml new file mode 100644 index 0000000000..9ef0583623 --- /dev/null +++ b/stacks/azure/metadata/metadata-deployment.yaml @@ -0,0 +1,63 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: deployment + labels: + component: server +spec: + replicas: 1 + selector: + matchLabels: + component: server + template: + metadata: + labels: + component: server + spec: + containers: + - name: container + envFrom: + - configMapRef: + name: metadata-db-parameters + - secretRef: + name: metadata-db-secrets + command: ["./server/server", + "--http_port=8080", + "--mysql_service_host=$(MYSQL_HOST)", + "--mlmd_db_name=$(MYSQL_DATABASE)", + "--mysql_service_port=$(MYSQL_PORT)", + "--mysql_service_user=$(MYSQL_USERNAME)", + "--mysql_service_password=$(MYSQL_PASSWORD)"] +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: grpc-deployment + labels: + component: grpc-server +spec: + replicas: 1 + selector: + matchLabels: + component: grpc-server + template: + metadata: + labels: + component: grpc-server + spec: + containers: + - name: container + envFrom: + - configMapRef: + name: metadata-db-parameters + - secretRef: + name: metadata-db-secrets + - configMapRef: + name: grpc-configmap + args: ["--grpc_port=$(METADATA_GRPC_SERVICE_PORT)", + "--mysql_config_host=$(MYSQL_HOST)", + "--mysql_config_database=$(MYSQL_DATABASE)", + "--mysql_config_port=$(MYSQL_PORT)", + "--mysql_config_user=$(MYSQL_USERNAME)", + "--mysql_config_password=$(MYSQL_PASSWORD)" + ] diff --git a/stacks/azure/metadata/params.env b/stacks/azure/metadata/params.env new file mode 100644 index 0000000000..5c1670f2ad --- /dev/null +++ b/stacks/azure/metadata/params.env @@ -0,0 +1,4 @@ +MYSQL_HOST=[db_name].mysql.database.azure.com +MYSQL_DATABASE=mlmetadata +MYSQL_PORT=3306 +MYSQL_ALLOW_EMPTY_PASSWORD=true diff --git a/stacks/azure/metadata/secrets.env b/stacks/azure/metadata/secrets.env new file mode 100644 index 0000000000..a0f000e4f3 --- /dev/null +++ b/stacks/azure/metadata/secrets.env @@ -0,0 +1,3 @@ +MYSQL_USERNAME=[admin_user_name]@[db_name] +MYSQL_PASSWORD=[admin_password] +