From 72123d475c528127cc1f48a86871d0706e27ca47 Mon Sep 17 00:00:00 2001 From: Chris Butler Date: Thu, 16 May 2024 12:56:29 +1000 Subject: [PATCH] feat: example with MCG pre-configured as a data connection Signed-off-by: Chris Butler --- charts/all/mcg/templates/bucket-class.yaml | 2 +- .../templates/rhoai-datasciencecluster.yaml | 2 + charts/all/test-dsp/Chart.yaml | 15 ++ .../test-dsp/templates/data-connection.yaml | 21 +++ charts/all/test-dsp/templates/dsp.yaml | 10 + charts/all/test-dsp/templates/notebook.yaml | 177 ++++++++++++++++++ charts/all/test-dsp/templates/obc.yaml | 15 ++ charts/all/test-dsp/templates/pvc.yaml | 39 ++++ charts/all/test-dsp/values.yaml | 20 ++ values-hub.yaml | 9 +- 10 files changed, 308 insertions(+), 2 deletions(-) create mode 100644 charts/all/test-dsp/Chart.yaml create mode 100644 charts/all/test-dsp/templates/data-connection.yaml create mode 100644 charts/all/test-dsp/templates/dsp.yaml create mode 100644 charts/all/test-dsp/templates/notebook.yaml create mode 100644 charts/all/test-dsp/templates/obc.yaml create mode 100644 charts/all/test-dsp/templates/pvc.yaml create mode 100644 charts/all/test-dsp/values.yaml diff --git a/charts/all/mcg/templates/bucket-class.yaml b/charts/all/mcg/templates/bucket-class.yaml index 3c05fa3..07c8698 100644 --- a/charts/all/mcg/templates/bucket-class.yaml +++ b/charts/all/mcg/templates/bucket-class.yaml @@ -9,5 +9,5 @@ spec: placementPolicy: tiers: - backingStores: - - mcg-backingstore + - local-backingstore placement: Spread \ No newline at end of file diff --git a/charts/all/rhoai/templates/rhoai-datasciencecluster.yaml b/charts/all/rhoai/templates/rhoai-datasciencecluster.yaml index 6aae6c7..c203231 100644 --- a/charts/all/rhoai/templates/rhoai-datasciencecluster.yaml +++ b/charts/all/rhoai/templates/rhoai-datasciencecluster.yaml @@ -30,4 +30,6 @@ spec: trustyai: managementState: Managed workbenches: + managementState: Managed + kueue: managementState: Managed \ No newline at end of file diff --git a/charts/all/test-dsp/Chart.yaml b/charts/all/test-dsp/Chart.yaml new file mode 100644 index 0000000..6f711fc --- /dev/null +++ b/charts/all/test-dsp/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +description: Example helm chart for configuring a OpenShift AI project +name: test-dsp +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.0.0" diff --git a/charts/all/test-dsp/templates/data-connection.yaml b/charts/all/test-dsp/templates/data-connection.yaml new file mode 100644 index 0000000..c589a91 --- /dev/null +++ b/charts/all/test-dsp/templates/data-connection.yaml @@ -0,0 +1,21 @@ +# apiVersion: v1 +# data: +# AWS_ACCESS_KEY_ID: b0VQQ2lpamo2NnpwYnVNUUR0ZU0= +# AWS_DEFAULT_REGION: "" +# AWS_S3_BUCKET: dGVzdC1vYmMtZDZhYzdmOGYtMjIxMC00MjFkLWJjY2YtNjQ2MGEyNTc1OTNh +# AWS_S3_ENDPOINT: aHR0cHM6Ly9zMy5vcGVuc2hpZnQtc3RvcmFnZS5zdmM6NDQz +# AWS_SECRET_ACCESS_KEY: VTBaa1BmTXNINXBkMEZwV2ZKdW50UWFpbk1qcHNKU3dNay9VOEk1aA== +# kind: Secret +# metadata: +# annotations: +# opendatahub.io/connection-type: s3 +# openshift.io/display-name: test +# creationTimestamp: "2024-05-16T01:14:47Z" +# labels: +# opendatahub.io/dashboard: "true" +# opendatahub.io/managed: "true" +# name: aws-connection-test +# namespace: test2 +# resourceVersion: "178464" +# uid: da7dd0a8-7256-48d0-ac24-2aa95f7436c1 +# type: Opaque \ No newline at end of file diff --git a/charts/all/test-dsp/templates/dsp.yaml b/charts/all/test-dsp/templates/dsp.yaml new file mode 100644 index 0000000..386aa43 --- /dev/null +++ b/charts/all/test-dsp/templates/dsp.yaml @@ -0,0 +1,10 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: {{ .Values.dsp.name }} + labels: + opendatahub.io/dashboard: 'true' + annotations: + openshift.io/description: 'RHOAI llm demo project' + openshift.io/display-name: {{ .Values.dsp.name }} +spec: {} \ No newline at end of file diff --git a/charts/all/test-dsp/templates/notebook.yaml b/charts/all/test-dsp/templates/notebook.yaml new file mode 100644 index 0000000..f9e4b5a --- /dev/null +++ b/charts/all/test-dsp/templates/notebook.yaml @@ -0,0 +1,177 @@ +apiVersion: kubeflow.org/v1 +kind: Notebook +metadata: + annotations: + notebooks.opendatahub.io/inject-oauth: "true" + notebooks.opendatahub.io/last-image-selection: s2i-minimal-notebook:2024.1 + notebooks.opendatahub.io/last-size-selection: Small + notebooks.opendatahub.io/oauth-logout-url: https://rhods-dashboard-redhat-ods-applications.apps.cluster-vwmdn.dynamic.redhatworkshops.io/projects/test2?notebookLogout=test + opendatahub.io/accelerator-name: "" + opendatahub.io/image-display-name: Minimal Python + openshift.io/description: "" + openshift.io/display-name: test + creationTimestamp: "2024-05-16T01:15:21Z" + generation: 1 + labels: + app: test + opendatahub.io/dashboard: "true" + opendatahub.io/odh-managed: "true" + opendatahub.io/user: admin + name: test + namespace: {{ .Values.dsp.name }} + resourceVersion: "180908" + uid: f7e4e737-1ff1-4349-b01d-75edcc530e75 +spec: + template: + spec: + affinity: {} + containers: + - env: + - name: NOTEBOOK_ARGS + value: |- + --ServerApp.port=8888 + --ServerApp.token='' + --ServerApp.password='' + --ServerApp.base_url=/notebook/test2/test + --ServerApp.quit_button=False + --ServerApp.tornado_settings={"user":"admin","hub_host":"https://rhods-dashboard-redhat-ods-applications.apps.cluster-vwmdn.dynamic.redhatworkshops.io","hub_prefix":"/projects/test2"} + - name: JUPYTER_IMAGE + value: image-registry.openshift-image-registry.svc:5000/redhat-ods-applications/s2i-minimal-notebook:2024.1 + - name: SSL_CERT_FILE + value: /etc/pki/tls/custom-certs/ca-bundle.crt + - name: PIPELINES_SSL_SA_CERTS + value: /etc/pki/tls/custom-certs/ca-bundle.crt + - name: PIP_CERT + value: /etc/pki/tls/custom-certs/ca-bundle.crt + - name: REQUESTS_CA_BUNDLE + value: /etc/pki/tls/custom-certs/ca-bundle.crt + envFrom: + - secretRef: + name: aws-connection-test + image: image-registry.openshift-image-registry.svc:5000/redhat-ods-applications/s2i-minimal-notebook:2024.1 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /notebook/test2/test/api + port: notebook-port + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 1 + name: test + ports: + - containerPort: 8888 + name: notebook-port + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /notebook/test2/test/api + port: notebook-port + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: "2" + memory: 8Gi + requests: + cpu: "1" + memory: 8Gi + volumeMounts: + - mountPath: /opt/app-root/src + name: test + - mountPath: /dev/shm + name: shm + - mountPath: /etc/pki/tls/custom-certs/ca-bundle.crt + name: trusted-ca + readOnly: true + subPath: ca-bundle.crt + workingDir: /opt/app-root/src + - args: + - --provider=openshift + - --https-address=:8443 + - --http-address= + - --openshift-service-account=test + - --cookie-secret-file=/etc/oauth/config/cookie_secret + - --cookie-expire=24h0m0s + - --tls-cert=/etc/tls/private/tls.crt + - --tls-key=/etc/tls/private/tls.key + - --upstream=http://localhost:8888 + - --upstream-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt + - --email-domain=* + - --skip-provider-button + - --openshift-sar={"verb":"get","resource":"notebooks","resourceAPIGroup":"kubeflow.org","resourceName":"test","namespace":"$(NAMESPACE)"} + - --logout-url=https://rhods-dashboard-redhat-ods-applications.apps.cluster-vwmdn.dynamic.redhatworkshops.io/projects/test2?notebookLogout=test + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.redhat.io/openshift4/ose-oauth-proxy@sha256:4bef31eb993feb6f1096b51b4876c65a6fb1f4401fee97fa4f4542b6b7c9bc46 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /oauth/healthz + port: oauth-proxy + scheme: HTTPS + initialDelaySeconds: 30 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 1 + name: oauth-proxy + ports: + - containerPort: 8443 + name: oauth-proxy + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /oauth/healthz + port: oauth-proxy + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 100m + memory: 64Mi + requests: + cpu: 100m + memory: 64Mi + volumeMounts: + - mountPath: /etc/oauth/config + name: oauth-config + - mountPath: /etc/tls/private + name: tls-certificates + enableServiceLinks: false + serviceAccountName: test + volumes: + - name: test + persistentVolumeClaim: + claimName: test + - emptyDir: + medium: Memory + name: shm + - configMap: + items: + - key: ca-bundle.crt + path: ca-bundle.crt + name: workbench-trusted-ca-bundle + optional: true + name: trusted-ca + - name: oauth-config + secret: + defaultMode: 420 + secretName: test-oauth-config + - name: tls-certificates + secret: + defaultMode: 420 + secretName: test-tls \ No newline at end of file diff --git a/charts/all/test-dsp/templates/obc.yaml b/charts/all/test-dsp/templates/obc.yaml new file mode 100644 index 0000000..ea5bbcf --- /dev/null +++ b/charts/all/test-dsp/templates/obc.yaml @@ -0,0 +1,15 @@ +apiVersion: objectbucket.io/v1alpha1 +kind: ObjectBucketClaim +metadata: + labels: + app: noobaa + bucket-provisioner: openshift-storage.noobaa.io-obc + noobaa-domain: openshift-storage.noobaa.io + name: test-obc + namespace: {{ .Values.dsp.name }} +spec: + additionalConfig: + bucketclass: default-bucket + bucketName: test-obc-{{ .Values.dsp.name }} + objectBucketName: obc-default-test-obc + storageClassName: openshift-storage.noobaa.io \ No newline at end of file diff --git a/charts/all/test-dsp/templates/pvc.yaml b/charts/all/test-dsp/templates/pvc.yaml new file mode 100644 index 0000000..6b38ef0 --- /dev/null +++ b/charts/all/test-dsp/templates/pvc.yaml @@ -0,0 +1,39 @@ +# apiVersion: v1 +# items: +# - apiVersion: v1 +# kind: PersistentVolumeClaim +# metadata: +# annotations: +# openshift.io/description: "" +# openshift.io/display-name: test-workbench +# pv.kubernetes.io/bind-completed: "yes" +# pv.kubernetes.io/bound-by-controller: "yes" +# volume.beta.kubernetes.io/storage-provisioner: openshift-storage.rbd.csi.ceph.com +# volume.kubernetes.io/storage-provisioner: openshift-storage.rbd.csi.ceph.com +# creationTimestamp: "2024-03-18T03:25:58Z" +# finalizers: +# - kubernetes.io/pvc-protection +# labels: +# opendatahub.io/dashboard: "true" +# name: test-workbench +# namespace: test001 +# resourceVersion: "556509" +# uid: 70358b71-aa56-456b-890b-9f00f5ac8cc1 +# spec: +# accessModes: +# - ReadWriteOnce +# resources: +# requests: +# storage: 20Gi +# storageClassName: ocs-external-storagecluster-ceph-rbd +# volumeMode: Filesystem +# volumeName: pvc-70358b71-aa56-456b-890b-9f00f5ac8cc1 +# status: +# accessModes: +# - ReadWriteOnce +# capacity: +# storage: 20Gi +# phase: Bound +# kind: List +# metadata: +# resourceVersion: "" \ No newline at end of file diff --git a/charts/all/test-dsp/values.yaml b/charts/all/test-dsp/values.yaml new file mode 100644 index 0000000..8d91f75 --- /dev/null +++ b/charts/all/test-dsp/values.yaml @@ -0,0 +1,20 @@ + + + +secretStore: + name: vault-backend + kind: ClusterSecretStore + +# Secret provisioned for the AWS Controller for Kubernetes - S3 +# Begin global parameters + + +dsp: + name: test-project + description: "My dsp test project" + bucketName: bucket + notebookStorage: '20Gi' + + +# https://github.com/openshift-ai-examples/openshift-ai-examples/blob/main/openshift-ai-deploy-llm/manifests/3-notebook-template.yaml + diff --git a/values-hub.yaml b/values-hub.yaml index 0bc6f82..0fe1cae 100644 --- a/values-hub.yaml +++ b/values-hub.yaml @@ -54,6 +54,8 @@ clusterGroup: channel: production source: certified-operators + + # rhdh: # name: rhdh # namespace: rhdh-operator @@ -109,7 +111,12 @@ clusterGroup: namespace: redhat-ods-operator project: hub path: charts/all/rhoai - + # Example project + test-dsp: + name: test-dsp + namespace: default + project: hub + path: charts/all/test-dsp imperative: # NOTE: We *must* use lists and not hashes. As hashes lose ordering once parsed by helm # The default schedule is every 10 minutes: imperative.schedule