Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add in Region Support #3

Merged
merged 1 commit into from
Feb 20, 2024
Merged

Add in Region Support #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/pull-request.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ jobs:
run: make license
- name: Validate OpenAPI Schema
run: make validate
- name: Validate documentation
run: sudo apt -y install wbritish && make validate-docs
#- name: Validate documentation
# run: sudo apt -y install wbritish && make validate-docs
Runtime:
runs-on: ubuntu-latest
steps:
Expand Down
205 changes: 205 additions & 0 deletions charts/unikorn/crds/unikorn-cloud.org_regions.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,205 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.1
name: regions.unikorn-cloud.org
spec:
group: unikorn-cloud.org
names:
categories:
- unikorn
kind: Region
listKind: RegionList
plural: regions
singular: region
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.provider
name: provider
type: string
- jsonPath: .status.conditions[?(@.type=="Available")].reason
name: status
type: string
- jsonPath: .metadata.creationTimestamp
name: age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Region defines a geographical region where clusters can be provisioned.
A region defines the endpoints that can be used to derive information about
the provider for that region.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RegionSpec defines metadata about the region.
properties:
openstack:
description: Openstack is provider specific configuration for the
region.
properties:
compute:
description: Compute is configuration for the compute service.
properties:
flavorExtraSpecsExclude:
description: FlavorExtraSpecsExclude discards any flavors
with the listed extra specs keys.
items:
type: string
type: array
gpuDescriptors:
description: GPUDescriptors defines a set of keys that can
be probed to list GPU topology information.
items:
properties:
expression:
description: Expression describes how to extract the
number of GPUs from the property if it exists. This
must contain exactly one submatch that is a number
e.g. "^(\d+)$".
type: string
property:
description: Property is the property name to examine
e.g. "resources.VGPU".
type: string
required:
- expression
- property
type: object
type: array
serverGroupPolicy:
description: ServerGroupPolicy defines the anti-affinity policy
to use for scheduling cluster nodes. Defaults to "soft-anti-affinity".
type: string
type: object
endpoint:
description: Endpoint is the Keystone URL e.g. https://foo.bar:5000.
type: string
identity:
description: Identity is configuration for the identity service.
properties:
clusterRoles:
description: ClusterRoles are the roles required to be assigned
to an application credential in order to provision, scale
and deprovision a cluster, along with any required for CNI/CSI
functionality.
items:
type: string
type: array
type: object
image:
description: Image is configuration for the image service.
properties:
propertiesInclude:
description: PropertiesInclude defines the set of properties
that must all exist for an image to be advertised by the
provider.
items:
type: string
type: array
signingKey:
description: SigningKey defines a PEM encoded public ECDSA
signing key used to verify the image is trusted. If specified,
an image must contain the "digest" property, the value of
which must be a base64 encoded ECDSA signature of the SHA256
hash of the image ID.
format: byte
type: string
type: object
serviceAccountSecret:
description: ServiceAccountSecretName points to the secret containing
credentials required to perform the tasks the provider needs
to perform.
properties:
name:
description: Name is the name of the object.
type: string
namespace:
description: Namespace is the namespace in which the object
resides.
type: string
required:
- name
- namespace
type: object
required:
- endpoint
- serviceAccountSecret
type: object
provider:
description: Type defines the provider type.
enum:
- openstack
type: string
required:
- provider
type: object
status:
description: RegionStatus defines the status of the region.
properties:
conditions:
description: Current service state of a region.
items:
description: Condition is a generic condition type for use across
all resource types. It's generic so that the underlying controller-manager
functionality can be shared across all resources.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
message:
description: Human-readable message indicating details about
last transition.
type: string
reason:
description: Unique, one-word, CamelCase reason for the condition's
last transition.
enum:
- Provisioning
- Provisioned
- Cancelled
- Errored
- Deprovisioning
- Deprovisioned
type: string
status:
description: Status is the status of the condition. Can be True,
False, Unknown.
type: string
type:
description: Type is the type of the condition.
enum:
- Available
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
57 changes: 57 additions & 0 deletions charts/unikorn/templates/region.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
{{- range $region := .Values.regions }}
apiVersion: unikorn-cloud.org/v1alpha1
kind: Region
metadata:
name: {{ $region.name }}
labels:
{{- include "unikorn.labels" $ | nindent 4 }}
spec:
provider: {{ $region.provider }}
{{- with $openstack := $region.openstack }}
openstack:
endpoint: {{ $openstack.endpoint }}
serviceAccountSecret:
namespace: {{ $openstack.serviceAccountSecret.namespace }}
name: {{ $openstack.serviceAccountSecret.name }}
{{- with $identity := $openstack.identity }}
{{ printf "identity:" | nindent 4 }}
{{- with $roles := $identity.clusterRoles }}
{{ printf "clusterRoles:" | nindent 6 }}
{{- range $role := $roles }}
{{ printf "- %s" $role | nindent 6 }}
{{- end }}
{{- end }}
{{- end }}
{{- with $compute := $openstack.compute }}
{{ printf "compute:" | nindent 4 }}
{{- with $policy := $compute.serverGroupPolicy }}
{{ printf "serverGroupPolicy: %s" $policy | nindent 6 }}
{{- end }}
{{- with $specs := $compute.flavorExtraSpecsExclude }}
{{ printf "flavorExtraSpecsExclude:" | nindent 6 }}
{{- range $spec := $specs }}
{{ printf "- %s" $spec | nindent 6 }}
{{- end }}
{{- end }}
{{- with $descriptors := $compute.gpuDescriptors }}
{{ printf "gpuDescriptors:" | nindent 6 }}
{{- range $descriptor := $descriptors }}
{{ printf "- property: %s" $descriptor.property | nindent 6 }}
{{ printf "expresison: %s" $descriptor.property | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}
{{- with $image := $openstack.image}}
{{ printf "image:" | nindent 4 }}
{{- with $properties := $image.propertiesInclude }}
{{ printf "propertiesInclude:" | nindent 6 }}
{{- range $property := $properties }}
{{ printf "- %s" $property | nindent 6 }}
{{- end }}
{{- end }}
{{- with $signingKey := $image.signingKey }}
{{ printf "signingKey: %s" $signingKey | nindent 6 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
48 changes: 1 addition & 47 deletions charts/unikorn/templates/unikorn-server.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ rules:
- apiGroups:
- unikorn-cloud.org
resources:
- regions
- controlplaneapplicationbundles
- kubernetesclusterapplicationbundles
- helmapplications
Expand Down Expand Up @@ -107,48 +108,6 @@ spec:
{{ printf "- --oidc-issuer-ca=%s" $oidc.issuerCA | nindent 8 }}
{{- end }}
{{- end }}
{{- with $openstack := .Values.server.provider.openstack }}
{{ printf "- --openstack-endpoint=%s" $openstack.endpoint | nindent 8 }}
{{- with $secret := $openstack.serviceAccount.secret }}
{{ printf "- --openstack-serviceaccount-secret=%s" $secret.name | nindent 8 }}
{{- end }}
{{- with $identity := $openstack.identity }}
{{- range $roles := $identity.applicationCredentialRoles }}
{{ printf "- --openstack-identity-application-credential-roles=%s" (join "," $roles) | nindent 8 }}
{{- end }}
{{- end }}
{{- with $compute := $openstack.compute }}
{{- with $policy := $compute.serverGroupPolicy }}
{{ printf "- --openstack-servergroup-policy=%s" $policy | nindent 8 }}
{{- end }}
{{- with $props := $compute.flavorPropertiesExclude }}
{{ printf "- --openstack-flavor-properties-exclude=%s" (join "," $props) | nindent 8 }}
{{- end }}
{{- range $desc := $compute.flavorGpuDescriptors }}
{{ printf "- --openstack-flavor-gpu-descriptor=property=%s,expression=%s" $desc.property $desc.expression | nindent 8 }}
{{- end }}
{{- end }}
{{- with $image := $openstack.image }}
{{ with $props := $image.properties }}
{{ printf "- --openstack-image-properties=%s" (join "," $props) | nindent 8 }}
{{- end }}
{{- with $key := $image.signingKey }}
{{ printf "- --openstack-image-signing-key=%s" $key | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}

{{- if .Values.server.imageSigningKey }}
- --image-signing-key={{ .Values.server.imageSigningKey }}
{{- end }}
{{- with $properties := .Values.server.imageProperties -}}
{{ printf "- --image-properties=%s" (join "," $properties) | nindent 8 }}
{{- end }}
{{- with $credentials := .Values.server.applicationCredentials -}}
{{- with $roles := $credentials.roles -}}
{{ printf "- --application-credential-roles=%s" (join "," $roles) | nindent 8 }}
{{- end }}
{{- end }}
{{- if .Values.server.otlpEndpoint }}
{{ printf "- --otlp-endpoint=%s" .Values.server.otlpEndpoint | nindent 8 }}
{{- end }}
Expand All @@ -157,11 +116,6 @@ spec:
containerPort: 6080
- name: prometheus
containerPort: 8080
env:
- name: KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# Note, this is quite CPU intensive, especially when going wide!
# TODO: profile me.
resources:
Expand Down
Loading
Loading