Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sync kserve/master into ODH/master #459

Merged
merged 13 commits into from
Jan 10, 2025
Merged

Sync kserve/master into ODH/master #459

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
e6230c2
Detect missing models and redownload models (#4095)
greenmoon55 Dec 17, 2024
23c0396
introduce service configuration at configmap level (#3672)
spolti Dec 18, 2024
9b2fc4b
Allow multiple node groups in the model cache CR (#4134)
greenmoon55 Dec 19, 2024
fd48d8c
Annotation to disable model cache (#4118)
greenmoon55 Dec 20, 2024
d7f32fa
Clean up jobs in model cache agent (#4140)
greenmoon55 Dec 21, 2024
2f0620c
Ensure Model root folder exists (#4142)
greenmoon55 Dec 21, 2024
daaa913
Add NodeGroup Name Into PVC Name (#4141)
HotsauceLee Dec 22, 2024
d82da6f
Make LocalModel Agent reconcilation frequency configurable (#4143)
greenmoon55 Dec 22, 2024
523f401
Remove deepcopy-gen in favour of controller-gen (#4109)
sivanantha321 Dec 22, 2024
1158022
Add ability to set annotations on controll/webhook service and expose…
mhowell24 Dec 22, 2024
b2a7f67
Fix EOF error for downloading zip files (#4082)
Jonas-Bruns Dec 23, 2024
a0f5af9
Merge branch 'kserve/master' into 'odh/master'
spolti Dec 23, 2024
33b1600
[RHOAIENG-17229] - Routing and Headless Service Support in KServe Raw…
spolti Dec 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions .github/workflows/e2e-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -788,11 +788,25 @@ jobs:
kubectl get pods -n kserve
kubectl describe pods -n kserve

- name: Log the config map
run: |
kubectl describe configmaps -n kserve inferenceservice-config

- name: Run E2E tests
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "raw" "6"

- name: Patch inferenceservice config for cluster ip none
run: |
kubectl patch configmaps -n kserve inferenceservice-config --patch-file config/overlays/test/configmap/inferenceservice-enable-cluster-ip.yaml
kubectl describe configmaps -n kserve inferenceservice-config

- name: Run E2E tests - cluster ip none
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "rawcipn" "1"

- name: Check system status
if: always()
run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/verify-codegen.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,6 @@ jobs:
for x in $(git diff-index --name-only HEAD -- ./pkg ./python ./charts); do
echo "::error file=$x::Please run make generate.%0A$(git diff $x | urlencode)"
done
echo "${{ github.repository }} is out of date. Please run make generate"
echo "${{ github.repository }} is out of date. Please run make generate | manifest"
exit 1
fi
11 changes: 9 additions & 2 deletions charts/kserve-resources/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,10 @@ $ helm install kserve oci://ghcr.io/kserve/charts/kserve --version v0.14.0
| kserve.controller.imagePullSecrets | list | `[]` | Reference to one or more secrets to be used when pulling images. For more information, see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). For example: imagePullSecrets: - name: "image-pull-secret" |
| kserve.controller.knativeAddressableResolver | object | `{"enabled":false}` | Indicates whether to create an addressable resolver ClusterRole for Knative Eventing. This ClusterRole grants the necessary permissions for the Knative's DomainMapping reconciler to resolve InferenceService addressables. |
| kserve.controller.labels | object | `{}` | Optional additional labels to add to the controller deployment. |
| kserve.controller.metricsBindAddress | string | `"127.0.0.1"` | Metrics bind address |
| kserve.controller.metricsBindPort | string | `"8080"` | Metrics bind port |
| kserve.controller.nodeSelector | object | `{}` | The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with matching labels. For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). |
| kserve.controller.podAnnotations | object | `{}` | Optional additional labels to add to the controller Pods. |
| kserve.controller.podAnnotations | object | `{}` | Optional additional annotations to add to the controller Pods. |
| kserve.controller.podLabels | object | `{}` | Optional additional labels to add to the controller Pods. |
| kserve.controller.rbacProxy.resources.limits.cpu | string | `"100m"` | |
| kserve.controller.rbacProxy.resources.limits.memory | string | `"300Mi"` | |
Expand All @@ -52,18 +54,22 @@ $ helm install kserve oci://ghcr.io/kserve/charts/kserve --version v0.14.0
| kserve.controller.rbacProxyImage | string | `"quay.io/brancz/kube-rbac-proxy:v0.18.0"` | KServe controller manager rbac proxy contrainer image |
| kserve.controller.resources | object | `{"limits":{"cpu":"100m","memory":"300Mi"},"requests":{"cpu":"100m","memory":"300Mi"}}` | Resources to provide to the kserve controller pod. For example: requests: cpu: 10m memory: 32Mi For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). |
| kserve.controller.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). |
| kserve.controller.serviceAnnotations | object | `{}` | Optional additional annotations to add to the controller service. |
| kserve.controller.tag | string | `"v0.14.0"` | KServe controller contrainer image tag. |
| kserve.controller.tolerations | list | `[]` | A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). For example: tolerations: - key: foo.bar.com/role operator: Equal value: master effect: NoSchedule |
| kserve.controller.topologySpreadConstraints | list | `[]` | A list of Kubernetes TopologySpreadConstraints, if required. For more information, see [Topology spread constraint v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core For example: topologySpreadConstraints: - maxSkew: 2 topologyKey: topology.kubernetes.io/zone whenUnsatisfiable: ScheduleAnyway labelSelector: matchLabels: app.kubernetes.io/instance: kserve-controller-manager app.kubernetes.io/component: controller |
| kserve.controller.webhookServiceAnnotations | object | `{}` | Optional additional annotations to add to the webhook service. |
| kserve.localmodel.agent.hostPath | string | `"/mnt/models"` | |
| kserve.localmodel.agent.image | string | `"kserve/kserve-localmodelnode-agent"` | |
| kserve.localmodel.agent.nodeSelector | object | `{}` | |
| kserve.localmodel.agent.reconcilationFrequencyInSecs | int | `60` | |
| kserve.localmodel.agent.tag | string | `"v0.14.0"` | |
| kserve.localmodel.controller.image | string | `"kserve/kserve-localmodel-controller"` | |
| kserve.localmodel.controller.tag | string | `"v0.14.0"` | |
| kserve.localmodel.enabled | bool | `false` | |
| kserve.localmodel.jobNamespace | string | `"kserve-localmodel-jobs"` | |
| kserve.localmodel.securityContext.FSGroup | int | `1000` | |
| kserve.localmodel.jobTTLSecondsAfterFinished | int | `3600` | |
| kserve.localmodel.securityContext.fsGroup | int | `1000` | |
| kserve.metricsaggregator.enableMetricAggregation | string | `"false"` | configures metric aggregation annotation. This adds the annotation serving.kserve.io/enable-metric-aggregation to every service with the specified boolean value. If true enables metric aggregation in queue-proxy by setting env vars in the queue proxy container to configure scraping ports. |
| kserve.metricsaggregator.enablePrometheusScraping | string | `"false"` | If true, prometheus annotations are added to the pod to scrape the metrics. If serving.kserve.io/enable-metric-aggregation is false, the prometheus port is set with the default prometheus scraping port 9090, otherwise the prometheus port annotation is set with the metric aggregation port. |
| kserve.modelmesh.config.modelmeshImage | string | `"kserve/modelmesh"` | |
Expand All @@ -88,6 +94,7 @@ $ helm install kserve oci://ghcr.io/kserve/charts/kserve --version v0.14.0
| kserve.router.image | string | `"kserve/router"` | |
| kserve.router.tag | string | `"v0.14.0"` | |
| kserve.security.autoMountServiceAccountToken | bool | `true` | |
| kserve.service.serviceClusterIPNone | bool | `false` | |
| kserve.servingruntime.art.defaultVersion | string | `"v0.14.0"` | |
| kserve.servingruntime.art.image | string | `"kserve/art-explainer"` | |
| kserve.servingruntime.art.imagePullSecrets | list | `[]` | |
Expand Down
30 changes: 27 additions & 3 deletions charts/kserve-resources/templates/configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -420,6 +420,19 @@ data:
"defaultDeploymentMode": "Serverless"
}

# ====================================== SERVICE CONFIGURATION ======================================
# Example
service: |-
{
"serviceClusterIPNone": "false"
}
service: |-
{
# ServiceClusterIPNone is a flag to indicate if the service should have a clusterIP set to None.
# If the DeploymentMode is Raw, the default value for ServiceClusterIPNone if not set is false
# "serviceClusterIPNone": "false"
}

# ====================================== METRICS CONFIGURATION ======================================
# Example
metricsAggregator: |-
Expand Down Expand Up @@ -451,7 +464,12 @@ data:
# defaultJobImage specifies the default image used for the download job.
"defaultJobImage" : "kserve/storage-initializer:latest",
# Kubernetes modifies the filesystem group ID on the attached volume.
"FSGroup": 1000
"fsGroup": 1000,
# TTL for the download job after it is finished.
"jobTTLSecondsAfterFinished": 3600,
# The frequency at which the local model agent reconciles the local models
# This is to detect if models are missing from local disk
"reconcilationFrequencyInSecs": {{ .Values.kserve.localmodel.agent.reconcilationFrequencyInSecs }}
}

agent: |-
Expand Down Expand Up @@ -503,6 +521,10 @@ data:
{
"defaultDeploymentMode": "{{ .Values.kserve.controller.deploymentMode }}"
}
service: |-
{
"serviceClusterIPNone": "{{ .Values.kserve.service.serviceClusterIPNone }}"
}
explainers: |-
{
"art": {
Expand Down Expand Up @@ -560,8 +582,10 @@ data:
{
"enabled": {{ .Values.kserve.localmodel.enabled }},
"jobNamespace": "{{ .Values.kserve.localmodel.jobNamespace }}",
"defaultJobImage" : "kserve/storage-initializer:latest",
"FSGroup": {{ .Values.kserve.localmodel.securityContext.FSGroup }}
"jobTTLSecondsAfterFinished": {{ .Values.kserve.localmodel.jobTTLSecondsAfterFinished }},
"defaultJobImage": "kserve/storage-initializer:latest",
"fsGroup": {{ .Values.kserve.localmodel.securityContext.fsGroup }},
"reconcilationFrequencyInSecs": {{ .Values.kserve.localmodel.agent.reconcilationFrequencyInSecs }}
}
security: |-
{
Expand Down
2 changes: 1 addition & 1 deletion charts/kserve-resources/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ spec:
{{- toYaml . | nindent 10 }}
{{- end }}
args:
- "--metrics-addr=127.0.0.1:8080"
- "--metrics-addr={{ .Values.kserve.controller.metricsBindAddress }}:{{ .Values.kserve.controller.metricsBindPort }}"
- "--leader-elect"
env:
- name: POD_NAMESPACE
Expand Down
6 changes: 6 additions & 0 deletions charts/kserve-resources/templates/service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ kind: Service
metadata:
name: kserve-webhook-server-service
namespace: {{ .Release.Namespace }}
{{- with .Values.kserve.controller.webhookServiceAnnotations }}
annotations: {{ toYaml . | nindent 4 }}
{{- end }}
spec:
ports:
- port: 443
Expand All @@ -20,6 +23,9 @@ metadata:
labels:
control-plane: kserve-controller-manager
controller-tools.k8s.io: "1.0"
{{- with .Values.kserve.controller.serviceAnnotations }}
annotations: {{ toYaml . | nindent 4 }}
{{- end }}
spec:
selector:
control-plane: kserve-controller-manager
Expand Down
20 changes: 18 additions & 2 deletions charts/kserve-resources/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ kserve:
router:
image: kserve/router
tag: *defaultVersion
service:
serviceClusterIPNone: false
storage:
image: kserve/storage-initializer
tag: *defaultVersion
Expand Down Expand Up @@ -111,9 +113,15 @@ kserve:
# -- Optional additional annotations to add to the controller deployment.
annotations: {}

# -- Optional additional labels to add to the controller Pods.
# -- Optional additional annotations to add to the controller Pods.
podAnnotations: {}

# -- Optional additional annotations to add to the controller service.
serviceAnnotations: {}

# -- Optional additional annotations to add to the webhook service.
webhookServiceAnnotations: {}

# -- Pod Security Context.
# For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/).
securityContext:
Expand All @@ -130,6 +138,12 @@ kserve:
readOnlyRootFilesystem: true
runAsNonRoot: true

# -- Metrics bind address
metricsBindAddress: "127.0.0.1"

# -- Metrics bind port
metricsBindPort: "8080"

gateway:
# -- Ingress domain for RawDeployment mode, for Serverless it is configured in Knative.
domain: example.com
Expand Down Expand Up @@ -401,12 +415,14 @@ kserve:
image: kserve/kserve-localmodel-controller
tag: *defaultVersion
jobNamespace: kserve-localmodel-jobs
jobTTLSecondsAfterFinished: 3600
securityContext:
FSGroup: 1000
fsGroup: 1000
agent:
nodeSelector: {}
hostPath: /mnt/models
image: kserve/kserve-localmodelnode-agent
tag: *defaultVersion
reconcilationFrequencyInSecs: 60
security:
autoMountServiceAccountToken: true
29 changes: 26 additions & 3 deletions config/configmap/inferenceservice.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -430,7 +430,20 @@ data:
# ModelMesh https://kserve.github.io/website/master/admin/modelmesh/
"defaultDeploymentMode": "Serverless"
}


# ====================================== SERVICE CONFIGURATION ======================================
# Example
service: |-
{
"serviceClusterIPNone": false
}
service: |-
{
# ServiceClusterIPNone is a boolean flag to indicate if the service should have a clusterIP set to None.
# If the DeploymentMode is Raw, the default value for ServiceClusterIPNone if not set is false
# "serviceClusterIPNone": false
}

# ====================================== METRICS CONFIGURATION ======================================
# Example
metricsAggregator: |-
Expand Down Expand Up @@ -462,7 +475,12 @@ data:
# defaultJobImage specifies the default image used for the download job.
"defaultJobImage" : "kserve/storage-initializer:latest",
# Kubernetes modifies the filesystem group ID on the attached volume.
"FSGroup": 1000
"fsGroup": 1000,
# TTL for the download job after it is finished.
"jobTTLSecondsAfterFinished": 3600,
# The frequency at which the local model agent reconciles the local models
# This is to detect if models are missing from local disk
"reconcilationFrequencyInSecs": 60
}

explainers: |-
Expand Down Expand Up @@ -577,10 +595,15 @@ data:
"enabled": false,
"jobNamespace": "kserve-localmodel-jobs",
"defaultJobImage" : "kserve/storage-initializer:latest",
"FSGroup": 1000
"fsGroup": 1000
}

security: |-
{
"autoMountServiceAccountToken": true
}

service: |-
{
"serviceClusterIPNone": true
}
10 changes: 7 additions & 3 deletions config/crd/full/serving.kserve.io_localmodelcaches.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,16 +32,20 @@ spec:
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
nodeGroup:
type: string
nodeGroups:
items:
type: string
maxItems: 1
minItems: 1
type: array
sourceModelUri:
type: string
x-kubernetes-validations:
- message: StorageUri is immutable
rule: self == oldSelf
required:
- modelSize
- nodeGroup
- nodeGroups
- sourceModelUri
type: object
status:
Expand Down
10 changes: 10 additions & 0 deletions config/overlays/test/configmap/inferenceservice-enable-cluster-ip.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: inferenceservice-config
namespace: kserve
data:
service: |-
{
"serviceClusterIPNone": true
}
4 changes: 4 additions & 0 deletions config/overlays/test/configmap/inferenceservice.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,4 +74,8 @@ data:
"memoryLimit": "500Mi",
"cpuRequest": "100m",
"cpuLimit": "100m"
}
service: |-
{
"serviceClusterIPNone": false
}
3 changes: 3 additions & 0 deletions hack/update-codegen.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@ SCRIPT_DIR="$(dirname "${BASH_SOURCE[0]}")"
SCRIPT_ROOT="${SCRIPT_DIR}/.."
CODEGEN_VERSION=$(cd "${SCRIPT_ROOT}" && grep 'k8s.io/code-generator' go.mod | awk '{print $2}')

# For debugging purposes
echo "Codegen version ${CODEGEN_VERSION}"

if [ -z "${GOPATH:-}" ]; then
GOPATH=$(go env GOPATH)
export GOPATH
Expand Down
1 change: 1 addition & 0 deletions hack/violation_exceptions.list
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
API rule violation: list_type_missing,github.com/kserve/kserve/pkg/apis/serving/v1alpha1,BuiltInAdapter,Env
API rule violation: list_type_missing,github.com/kserve/kserve/pkg/apis/serving/v1alpha1,InferenceGraphList,Items
API rule violation: list_type_missing,github.com/kserve/kserve/pkg/apis/serving/v1alpha1,InferenceRouter,Steps
API rule violation: list_type_missing,github.com/kserve/kserve/pkg/apis/serving/v1alpha1,LocalModelCacheSpec,NodeGroups
API rule violation: list_type_missing,github.com/kserve/kserve/pkg/apis/serving/v1alpha1,LocalModelNodeSpec,LocalModels
API rule violation: list_type_missing,github.com/kserve/kserve/pkg/apis/serving/v1alpha1,ServingRuntimePodSpec,Containers
API rule violation: list_type_missing,github.com/kserve/kserve/pkg/apis/serving/v1alpha1,ServingRuntimePodSpec,ImagePullSecrets
Expand Down
7 changes: 4 additions & 3 deletions pkg/agent/storage/https.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,7 @@ func extractZipFiles(reader io.Reader, dest string) error {
return fmt.Errorf("unable to open file: %w", err)
}

_, err = io.CopyN(file, rc, DEFAULT_MAX_DECOMPRESSION_SIZE) // gosec G110
_, ioErr := io.CopyN(file, rc, DEFAULT_MAX_DECOMPRESSION_SIZE) // gosec G110
closeErr := file.Close()
if closeErr != nil {
return closeErr
Expand All @@ -200,7 +200,7 @@ func extractZipFiles(reader io.Reader, dest string) error {
if closeErr != nil {
return closeErr
}
if err != nil {
if ioErr != nil && !errors.Is(ioErr, io.EOF) {
return fmt.Errorf("unable to copy file content: %w", err)
}
}
Expand Down Expand Up @@ -246,7 +246,8 @@ func extractTarFiles(reader io.Reader, dest string) error {
}

// gosec G110
if _, err := io.CopyN(newFile, tr, DEFAULT_MAX_DECOMPRESSION_SIZE); err != nil {
_, ioErr := io.CopyN(newFile, tr, DEFAULT_MAX_DECOMPRESSION_SIZE)
if ioErr != nil && !errors.Is(ioErr, io.EOF) {
return fmt.Errorf("unable to copy contents to %s: %w", header.Name, err)
}
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/apis/serving/v1alpha1/doc.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ limitations under the License.
*/

// +groupName=serving.kserve.io
// +k8s:deepcopy-gen=package
// +kubebuilder:object:generate=true

// Package v1alpha1 contains API Schema definitions for the serving v1alpha1 API group
package v1alpha1
2 changes: 0 additions & 2 deletions pkg/apis/serving/v1alpha1/inference_graph.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import (

// InferenceGraph is the Schema for the InferenceGraph API for multiple models
// +k8s:openapi-gen=true
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +genclient
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
Expand Down Expand Up @@ -310,7 +309,6 @@ type InferenceGraphStatus struct {
// InferenceGraphList contains a list of InferenceGraph
// +k8s:openapi-gen=true
// +kubebuilder:object:root=true
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type InferenceGraphList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Expand Down
Loading
Loading