From 92542398b2efbbfd9498e40a7cef6e94c68430bf Mon Sep 17 00:00:00 2001 From: Daniela Plascencia Date: Thu, 7 Sep 2023 17:00:33 +0200 Subject: [PATCH] Update kubeflow/kubeflow manifests from v1.8.0-rc.0 (#2522) --- README.md | 16 +- .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/deployment.yaml | 6 + .../upstream/base/kustomization.yaml | 2 +- .../base/configs/spawner_ui_config.yaml | 373 ++++++++++++------ .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/kustomization.yaml | 2 +- .../profiles/upstream/base/kustomization.yaml | 2 +- .../overlays/kubeflow/kustomization.yaml | 2 +- .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/cluster-role.yaml | 24 ++ .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/cluster-role.yaml | 25 ++ .../upstream/base/deployment.yaml | 10 + .../upstream/base/kustomization.yaml | 5 +- .../upstream/base/viewer-spec.yaml | 37 ++ 16 files changed, 371 insertions(+), 141 deletions(-) create mode 100644 apps/volumes-web-app/upstream/base/viewer-spec.yaml diff --git a/README.md b/README.md index abc7c2c05b..effd82c71c 100644 --- a/README.md +++ b/README.md @@ -45,14 +45,14 @@ This repo periodically syncs all official Kubeflow components from their respect | Component | Local Manifests Path | Upstream Revision | | - | - | - | | Training Operator | apps/training-operator/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/training-operator/tree/v1.7.0-rc.0/manifests) | -| Notebook Controller | apps/jupyter/notebook-controller/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/notebook-controller/config) | -| Tensorboard Controller | apps/tensorboard/tensorboard-controller/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/tensorboard-controller/config) | -| Central Dashboard | apps/centraldashboard/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/centraldashboard/manifests) | -| Profiles + KFAM | apps/profiles/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/profile-controller/config) | -| PodDefaults Webhook | apps/admission-webhook/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/admission-webhook/manifests) | -| Jupyter Web App | apps/jupyter/jupyter-web-app/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/crud-web-apps/jupyter/manifests) | -| Tensorboards Web App | apps/tensorboard/tensorboards-web-app/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/crud-web-apps/tensorboards/manifests) | -| Volumes Web App | apps/volumes-web-app/upstream | [v1.7.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.7.0-rc.0/components/crud-web-apps/volumes/manifests) | +| Notebook Controller | apps/jupyter/notebook-controller/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/notebook-controller/config) | +| Tensorboard Controller | apps/tensorboard/tensorboard-controller/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/tensorboard-controller/config) | +| Central Dashboard | apps/centraldashboard/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/centraldashboard/manifests) | +| Profiles + KFAM | apps/profiles/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/profile-controller/config) | +| PodDefaults Webhook | apps/admission-webhook/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/admission-webhook/manifests) | +| Jupyter Web App | apps/jupyter/jupyter-web-app/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/crud-web-apps/jupyter/manifests) | +| Tensorboards Web App | apps/tensorboard/tensorboards-web-app/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/crud-web-apps/tensorboards/manifests) | +| Volumes Web App | apps/volumes-web-app/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0-rc.0/components/crud-web-apps/volumes/manifests) | | Katib | apps/katib/upstream | [v0.16.0-rc.1](https://github.com/kubeflow/katib/tree/v0.16.0-rc.1/manifests/v1beta1) | | KServe | contrib/kserve/kserve | [v0.11.0](https://github.com/kserve/kserve/tree/v0.11.0/install/v0.11.0) | | KServe Models Web App | contrib/kserve/models-web-app | [v0.10.0](https://github.com/kserve/models-web-app/tree/v0.10.0/config) | diff --git a/apps/admission-webhook/upstream/base/kustomization.yaml b/apps/admission-webhook/upstream/base/kustomization.yaml index 792ff34364..a30c04c457 100644 --- a/apps/admission-webhook/upstream/base/kustomization.yaml +++ b/apps/admission-webhook/upstream/base/kustomization.yaml @@ -16,7 +16,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/poddefaults-webhook newName: docker.io/kubeflownotebookswg/poddefaults-webhook - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 namespace: kubeflow generatorOptions: disableNameSuffixHash: true diff --git a/apps/centraldashboard/upstream/base/deployment.yaml b/apps/centraldashboard/upstream/base/deployment.yaml index d978d454e1..7e2da581cf 100644 --- a/apps/centraldashboard/upstream/base/deployment.yaml +++ b/apps/centraldashboard/upstream/base/deployment.yaml @@ -40,4 +40,10 @@ spec: value: $(CD_REGISTRATION_FLOW) - name: DASHBOARD_LINKS_CONFIGMAP value: $(CD_CONFIGMAP_NAME) + - name: LOGOUT_URL + value: '/authservice/logout' + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace serviceAccountName: centraldashboard diff --git a/apps/centraldashboard/upstream/base/kustomization.yaml b/apps/centraldashboard/upstream/base/kustomization.yaml index 4b25b23854..f98473f271 100644 --- a/apps/centraldashboard/upstream/base/kustomization.yaml +++ b/apps/centraldashboard/upstream/base/kustomization.yaml @@ -18,7 +18,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/centraldashboard newName: docker.io/kubeflownotebookswg/centraldashboard - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 configMapGenerator: - envs: - params.env diff --git a/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml b/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml index 5fa1efad9b..0d8e3956b9 100644 --- a/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml +++ b/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml @@ -1,182 +1,307 @@ -# Configuration file for the Jupyter UI. +# -------------------------------------------------------------- +# Configuration file for the Kubeflow Notebooks UI. # -# Each Jupyter UI option is configured by two keys: 'value' and 'readOnly' -# - The 'value' key contains the default value -# - The 'readOnly' key determines if the option will be available to users -# -# If the 'readOnly' key is present and set to 'true', the respective option -# will be disabled for users and only set by the admin. Also when a -# Notebook is POSTED to the API if a necessary field is not present then -# the value from the config will be used. -# -# If the 'readOnly' key is missing (defaults to 'false'), the respective option -# will be available for users to edit. -# -# Note that some values can be templated. Such values are the names of the -# Volumes as well as their StorageClass +# About the `readOnly` configs: +# - when `readOnly` is set to "true", the respective option +# will be disabled for users and only set by the admin +# - when 'readOnly' is missing, it defaults to 'false' +# -------------------------------------------------------------- + spawnerFormDefaults: + ################################################################ + # Container Images + ################################################################ + # if users can input custom images, or only select from dropdowns + allowCustomImage: true + + # if the registry of the container image is hidden from display + hideRegistry: true + + # if the tag of the container image is hidden from display + hideTag: false + + # configs for the ImagePullPolicy + imagePullPolicy: + readOnly: false + + # the default ImagePullPolicy + # (possible values: "Always", "IfNotPresent", "Never") + value: IfNotPresent + + ################################################################ + # Jupyter-like Container Images + # + # NOTES: + # - the `image` section is used for "Jupyter-like" apps whose + # HTTP path is configured by the "NB_PREFIX" environment variable + ################################################################ image: - # The container Image for the user's Jupyter Notebook - value: kubeflownotebookswg/jupyter-scipy:v1.7.0-rc.0 - # The list of available standard container Images + # the default container image + value: kubeflownotebookswg/jupyter-scipy:v1.8.0-rc.0 + + # the list of available container images in the dropdown options: - - kubeflownotebookswg/jupyter-scipy:v1.7.0-rc.0 - - kubeflownotebookswg/jupyter-pytorch-full:v1.7.0-rc.0 - - kubeflownotebookswg/jupyter-pytorch-cuda-full:v1.7.0-rc.0 - - kubeflownotebookswg/jupyter-tensorflow-full:v1.7.0-rc.0 - - kubeflownotebookswg/jupyter-tensorflow-cuda-full:v1.7.0-rc.0 + - kubeflownotebookswg/jupyter-scipy:v1.8.0-rc.0 + - kubeflownotebookswg/jupyter-pytorch-full:v1.8.0-rc.0 + - kubeflownotebookswg/jupyter-pytorch-cuda-full:v1.8.0-rc.0 + - kubeflownotebookswg/jupyter-tensorflow-full:v1.8.0-rc.0 + - kubeflownotebookswg/jupyter-tensorflow-cuda-full:v1.8.0-rc.0 + + ################################################################ + # VSCode-like Container Images (Group 1) + # + # NOTES: + # - the `imageGroupOne` section is used for "VSCode-like" apps that + # expose themselves under the HTTP root path "/" and support path + # rewriting without breaking + # - the annotation `notebooks.kubeflow.org/http-rewrite-uri: "/"` is + # set on Notebooks spawned by this group, to make Istio rewrite + # the path of HTTP requests to the HTTP root + ################################################################ imageGroupOne: - # The container Image for the user's Group One Server - # The annotation `notebooks.kubeflow.org/http-rewrite-uri: /` - # is applied to notebook in this group, configuring - # the Istio rewrite for containers that host their web UI at `/` - value: kubeflownotebookswg/codeserver-python:v1.7.0-rc.0 - # The list of available standard container Images + # the default container image + value: kubeflownotebookswg/codeserver-python:v1.8.0-rc.0 + + # the list of available container images in the dropdown options: - - kubeflownotebookswg/codeserver-python:v1.7.0-rc.0 + - kubeflownotebookswg/codeserver-python:v1.8.0-rc.0 + + ################################################################ + # RStudio-like Container Images (Group 2) + # + # NOTES: + # - the `imageGroupTwo` section is used for "RStudio-like" apps whose + # HTTP path is configured by the "X-RStudio-Root-Path" header + # - the annotation `notebooks.kubeflow.org/http-rewrite-uri: "/"` is + # set on Notebooks spawned by this group, to make Istio rewrite + # the path of HTTP requests to the HTTP root + # - the annotation `notebooks.kubeflow.org/http-headers-request-set` is + # set on Notebooks spawned by this group, such that Istio injects the + # "X-RStudio-Root-Path" header to all request + ################################################################ imageGroupTwo: - # The container Image for the user's Group Two Server - # The annotation `notebooks.kubeflow.org/http-rewrite-uri: /` - # is applied to notebook in this group, configuring - # the Istio rewrite for containers that host their web UI at `/` - # The annotation `notebooks.kubeflow.org/http-headers-request-set` - # is applied to notebook in this group, configuring Istio - # to add the `X-RStudio-Root-Path` header to requests - value: kubeflownotebookswg/rstudio-tidyverse:v1.7.0-rc.0 - # The list of available standard container Images + # the default container image + value: kubeflownotebookswg/rstudio-tidyverse:v1.8.0-rc.0 + + # the list of available container images in the dropdown options: - - kubeflownotebookswg/rstudio-tidyverse:v1.7.0-rc.0 - # If true, hide registry and/or tag name in the image selection dropdown - hideRegistry: true - hideTag: false - allowCustomImage: true - # If true, users can input custom images - # If false, users can only select from the images in this config - imagePullPolicy: - # Supported values: Always, IfNotPresent, Never - value: IfNotPresent - readOnly: false + - kubeflownotebookswg/rstudio-tidyverse:v1.8.0-rc.0 + + ################################################################ + # CPU Resources + ################################################################ cpu: - # CPU for user's Notebook - value: '0.5' - # Factor by with to multiply request to calculate limit - # if no limit is set, to disable set "none" - limitFactor: "1.2" readOnly: false - memory: - # Memory for user's Notebook - value: 1.0Gi - # Factor by with to multiply request to calculate limit - # if no limit is set, to disable set "none" + + # the default cpu request for the container + value: "0.5" + + # a factor by which to multiply the CPU request calculate the cpu limit + # (to disable cpu limits, set as "none") limitFactor: "1.2" + + ################################################################ + # Memory Resources + ################################################################ + memory: readOnly: false - environment: - value: {} + + # the default memory request for the container + value: "1.0Gi" + + # a factor by which to multiply the memory request calculate the memory limit + # (to disable memory limits, set as "none") + limitFactor: "1.2" + + ################################################################ + # GPU/Device-Plugin Resources + ################################################################ + gpus: readOnly: false + + # configs for gpu/device-plugin limits of the container + # https://kubernetes.io/docs/tasks/manage-gpus/scheduling-gpus/#using-device-plugins + value: + # the `limitKey` of the default vendor + # (to have no default, set as "") + vendor: "" + + # the list of available vendors in the dropdown + # `limitsKey` - what will be set as the actual limit + # `uiName` - what will be displayed in the dropdown UI + vendors: [] + #vendors: + # - limitsKey: "nvidia.com/gpu" + # uiName: "NVIDIA" + # - limitsKey: "amd.com/gpu" + # uiName: "AMD" + + # the default value of the limit + # (possible values: "none", "1", "2", "4", "8") + num: "none" + + ################################################################ + # Workspace Volumes + ################################################################ workspaceVolume: - # Workspace Volume to be attached to user's Notebook - # If you don't want a workspace volume then delete the 'value' key + readOnly: false + + # the default workspace volume to be created and mounted + # (to have no default, set `value: null`) value: mount: /home/jovyan + + # pvc configs for creating new workspace volumes + # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#persistentvolumeclaim-v1-core newPvc: metadata: - name: '{notebook-name}-workspace' + # "{notebook-name}" is replaced with the Notebook name + name: "{notebook-name}-workspace" spec: + #storageClassName: my-storage-class resources: requests: - storage: 10Gi + storage: 5Gi accessModes: - ReadWriteOnce - readOnly: false + + ################################################################ + # Data Volumes + ################################################################ dataVolumes: - # List of additional Data Volumes to be attached to the user's Notebook - value: [] - # For example, a list with 2 Data Volumes: - # value: - # - mount: /home/jovyan/datavol-1 - # newPvc: - # metadata: - # name: '{notebook-name}-datavol-1' - # spec: - # resources: - # requests: - # storage: 5Gi - # accessModes: - # - ReadWriteOnce - # - mount: /home/jovyan/datavol-1 - # existingSource: - # persistentVolumeClaim: - # claimName: test-pvc - readOnly: false - gpus: - # Number of GPUs to be assigned to the Notebook Container - value: - # values: "none", "1", "2", "4", "8" - num: "none" - # Determines what the UI will show and send to the backend - vendors: - - limitsKey: "nvidia.com/gpu" - uiName: "NVIDIA" - - limitsKey: "amd.com/gpu" - uiName: "AMD" - # Values: "" or a `limits-key` from the vendors list - vendor: "" readOnly: false + + # a list of additional data volumes to be created and/or mounted + value: [] + #value: + # - mount: /home/jovyan/datavol-1 + # newPvc: + # metadata: + # name: "{notebook-name}-datavol-1" + # spec: + # resources: + # requests: + # storage: 5Gi + # accessModes: + # - ReadWriteOnce + # + # - mount: /home/jovyan/datavol-1 + # existingSource: + # persistentVolumeClaim: + # claimName: "test-pvc" + + ################################################################ + # Affinity + ################################################################ affinityConfig: - # If readonly, the default value will be the only option - # value is a list of `configKey`s that we want to be selected by default + readOnly: false + + # the `configKey` of the default affinity config + # (to have no default, set as "") + # (if `readOnly`, the default `value` will be the only accessible option) value: "" - # The list of available affinity configs + + # the list of available affinity configs in the dropdown options: [] #options: - # - configKey: "exclusive__n1-standard-2" - # displayName: "Exclusive: n1-standard-2" + # - configKey: "dedicated_node_per_notebook" + # displayName: "Dedicated Node Per Notebook" # affinity: - # # (Require) Node having label: `node_pool=notebook-n1-standard-2` + # # Require a Node with label `lifecycle=kubeflow-notebook` # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: - # - key: "node_pool" + # - key: "lifecycle" # operator: "In" # values: - # - "notebook-n1-standard-2" - # # (Require) Node WITHOUT existing Pod having label: `notebook-name` + # - "kubeflow-notebook" + # + # # Require a Node WITHOUT an existing Pod having `notebook-name` label # podAntiAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # - labelSelector: # matchExpressions: # - key: "notebook-name" # operator: "Exists" - # namespaces: [] # topologyKey: "kubernetes.io/hostname" - #readOnly: false + # # WARNING: `namespaceSelector` is Beta in 1.22 and Stable in 1.24, + # # setting to {} is required for affinity to work across Namespaces + # namespaceSelector: {} + + ################################################################ + # Tolerations + ################################################################ tolerationGroup: - # The default `groupKey` from the options list - # If readonly, the default value will be the only option + readOnly: false + + # the `groupKey` of the default toleration group + # (to have no default, set as "") + # (if `readOnly`, the default `value` will be the only accessible option) value: "" - # The list of available tolerationGroup configs + + # the list of available toleration groups in the dropdown options: [] #options: # - groupKey: "group_1" - # displayName: "Group 1: description" + # displayName: "4 CPU 8Gb Mem at ~$X.XXX USD per day" + # tolerations: + # - key: "dedicated" + # operator: "Equal" + # value: "kubeflow-c5.xlarge" + # effect: "NoSchedule" + # + # - groupKey: "group_2" + # displayName: "8 CPU 16Gb Mem at ~$X.XXX USD per day" # tolerations: - # - key: "key1" + # - key: "dedicated" # operator: "Equal" - # value: "value1" + # value: "kubeflow-c5.2xlarge" # effect: "NoSchedule" - # - key: "key2" + # + # - groupKey: "group_3" + # displayName: "16 CPU 32Gb Mem at ~$X.XXX USD per day" + # tolerations: + # - key: "dedicated" # operator: "Equal" - # value: "value2" + # value: "kubeflow-c5.4xlarge" # effect: "NoSchedule" - readOnly: false + # + # - groupKey: "group_4" + # displayName: "32 CPU 256Gb Mem at ~$X.XXX USD per day" + # tolerations: + # - key: "dedicated" + # operator: "Equal" + # value: "kubeflow-r5.8xlarge" + # effect: "NoSchedule" + + ################################################################ + # Shared Memory + ################################################################ shm: - value: true readOnly: false + + # the default state of the "Enable Shared Memory" toggle + value: true + + ################################################################ + # PodDefaults + ################################################################ configurations: - # List of labels to be selected, these are the labels from PodDefaults - # value: - # - add-gcp-secret - # - default-editor + readOnly: false + + # the list of PodDefault names that are selected by default + # (take care to ensure these PodDefaults exist in Profile Namespaces) value: [] + #value: + # - my-pod-default + + ################################################################ + # Environment + # + # NOTE: + # - these configs are only used by the ROK "flavor" of the UI + ################################################################ + environment: readOnly: false + value: {} diff --git a/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml b/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml index 86a87cb5bc..b5cc22ac38 100644 --- a/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml +++ b/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml @@ -23,7 +23,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/jupyter-web-app newName: docker.io/kubeflownotebookswg/jupyter-web-app - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 # We need the name to be unique without the suffix because the original name is what # gets used with patches configMapGenerator: diff --git a/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml b/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml index a0d4fb5c67..7380fb9938 100644 --- a/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml +++ b/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml @@ -5,4 +5,4 @@ resources: images: - name: docker.io/kubeflownotebookswg/notebook-controller newName: docker.io/kubeflownotebookswg/notebook-controller - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 diff --git a/apps/profiles/upstream/base/kustomization.yaml b/apps/profiles/upstream/base/kustomization.yaml index 8fefc12998..29bc9663be 100644 --- a/apps/profiles/upstream/base/kustomization.yaml +++ b/apps/profiles/upstream/base/kustomization.yaml @@ -12,7 +12,7 @@ patchesStrategicMerge: images: - name: docker.io/kubeflownotebookswg/profile-controller newName: docker.io/kubeflownotebookswg/profile-controller - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 configMapGenerator: - name: namespace-labels-data diff --git a/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml b/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml index ce7d0076bf..6151ca4c7d 100644 --- a/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml +++ b/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml @@ -29,4 +29,4 @@ vars: images: - name: docker.io/kubeflownotebookswg/kfam newName: docker.io/kubeflownotebookswg/kfam - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 diff --git a/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml b/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml index abbcd898bb..573c50df22 100644 --- a/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml +++ b/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml @@ -13,4 +13,4 @@ patchesStrategicMerge: images: - name: docker.io/kubeflownotebookswg/tensorboard-controller newName: docker.io/kubeflownotebookswg/tensorboard-controller - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 diff --git a/apps/tensorboard/tensorboards-web-app/upstream/base/cluster-role.yaml b/apps/tensorboard/tensorboards-web-app/upstream/base/cluster-role.yaml index 7fd6cad2a1..2a8758580c 100644 --- a/apps/tensorboard/tensorboards-web-app/upstream/base/cluster-role.yaml +++ b/apps/tensorboard/tensorboards-web-app/upstream/base/cluster-role.yaml @@ -43,6 +43,14 @@ rules: - get - list - watch +- apiGroups: + - kubeflow.org + resources: + - poddefaults + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -69,6 +77,14 @@ rules: - list - create - delete +- apiGroups: + - kubeflow.org + resources: + - poddefaults + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -93,3 +109,11 @@ rules: - get - list - watch +- apiGroups: + - kubeflow.org + resources: + - poddefaults + verbs: + - get + - list + - watch diff --git a/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml b/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml index d998d651c8..5d1a4db2e1 100644 --- a/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml +++ b/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml @@ -14,7 +14,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/tensorboards-web-app newName: docker.io/kubeflownotebookswg/tensorboards-web-app - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 # We need the name to be unique without the suffix because the original name is what # gets used with patches configMapGenerator: diff --git a/apps/volumes-web-app/upstream/base/cluster-role.yaml b/apps/volumes-web-app/upstream/base/cluster-role.yaml index b914348930..ad3dc71cf2 100644 --- a/apps/volumes-web-app/upstream/base/cluster-role.yaml +++ b/apps/volumes-web-app/upstream/base/cluster-role.yaml @@ -49,6 +49,15 @@ rules: - notebooks verbs: - list +- apiGroups: + - kubeflow.org + resources: + - pvcviewers + verbs: + - get + - list + - create + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -77,6 +86,15 @@ rules: - watch - update - patch +- apiGroups: + - kubeflow.org + resources: + - pvcviewers + verbs: + - get + - list + - create + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -101,3 +119,10 @@ rules: - get - list - watch +- apiGroups: + - kubeflow.org + resources: + - pvcviewers + verbs: + - get + - list diff --git a/apps/volumes-web-app/upstream/base/deployment.yaml b/apps/volumes-web-app/upstream/base/deployment.yaml index 638ac406de..ab144d0314 100644 --- a/apps/volumes-web-app/upstream/base/deployment.yaml +++ b/apps/volumes-web-app/upstream/base/deployment.yaml @@ -20,4 +20,14 @@ spec: value: $(VWA_USERID_PREFIX) - name: APP_SECURE_COOKIES value: $(VWA_APP_SECURE_COOKIES) + - name: VOLUME_VIEWER_IMAGE + value: filebrowser/filebrowser:latest + volumeMounts: + - name: viewer-spec + mountPath: /etc/config/viewer-spec.yaml + subPath: viewer-spec.yaml serviceAccountName: service-account + volumes: + - name: viewer-spec + configMap: + name: viewer-spec diff --git a/apps/volumes-web-app/upstream/base/kustomization.yaml b/apps/volumes-web-app/upstream/base/kustomization.yaml index eeeb2ea387..e8992fbb8e 100644 --- a/apps/volumes-web-app/upstream/base/kustomization.yaml +++ b/apps/volumes-web-app/upstream/base/kustomization.yaml @@ -14,13 +14,16 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/volumes-web-app newName: docker.io/kubeflownotebookswg/volumes-web-app - newTag: v1.7.0-rc.0 + newTag: v1.8.0-rc.0 # We need the name to be unique without the suffix because the original name is what # gets used with patches configMapGenerator: - envs: - params.env name: parameters +- files: + - viewer-spec.yaml + name: viewer-spec vars: - fieldref: fieldPath: data.VWA_CLUSTER_DOMAIN diff --git a/apps/volumes-web-app/upstream/base/viewer-spec.yaml b/apps/volumes-web-app/upstream/base/viewer-spec.yaml new file mode 100644 index 0000000000..46a87ffd78 --- /dev/null +++ b/apps/volumes-web-app/upstream/base/viewer-spec.yaml @@ -0,0 +1,37 @@ +# Note: the volumes-web-app allows expanding strings using ${VAR_NAME} +# You may use any environment variable. This lets us e.g. specify images that can be modified using kustomize's image transformer. +# Additionally, 'PVC_NAME', 'NAME' and 'NAMESPACE' are defined +# Name of the pvc is set by the volumes web app +pvc: $NAME +podTemplate: + containers: + - name: main + image: $VOLUME_VIEWER_IMAGE + env: + - name: FB_ADDRESS + value: "0.0.0.0" + - name: FB_PORT + value: "8080" + - name: FB_DATABASE + value: /tmp/filebrowser.db + - name: FB_NOAUTH + value: "true" + - name: FB_BASEURL + value: /pvcviewers/$NAMESPACE/$NAME/ + readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 2 + periodSeconds: 10 + # viewer-volume is provided automatically by the volumes web app + volumeMounts: + - name: viewer-volume + mountPath: /data + workingDir: /data + serviceAccountName: default-editor +networking: + targetPort: 8080 + basePrefix: "/pvcviewers" + rewrite: "/" + timeout: 30s +rwoScheduling: true \ No newline at end of file