diff --git a/clusters/default/kustomization.yaml b/clusters/default/kustomization.yaml index f1d7ad98..0f70b101 100644 --- a/clusters/default/kustomization.yaml +++ b/clusters/default/kustomization.yaml @@ -7,3 +7,4 @@ resources: - ../../components/configs/cluster/rbac/overlays/default - ../../components/operators/web-terminal/operator/overlays/fast - ../../components/configs/cluster/web-terminal/overlays/enhanced +- ../../components/configs/cluster/console-samples diff --git a/components/configs/aggragates/rhods/kustomization.yaml b/components/configs/aggragates/rhods/kustomization.yaml deleted file mode 100644 index bc287a53..00000000 --- a/components/configs/aggragates/rhods/kustomization.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - ../../../configs/cluster/console/overlays/default - - ../../../operators/rhods-operator/operator/overlays/stable - - ../../kustomized/rhods - - ../../kustomized/rhods-projects - - ../../kustomized/custom-notebook-images/overlays/rhods - -patches: - - target: - kind: ConsoleNotification - name: banner-top - patch: |- - - op: replace - path: /spec/text - value: 'DEMO: Red Hat Open Data Science (RHODS)' - - target: - group: user.openshift.io - version: v1 - kind: Group - name: workshop-users - path: patch-workshop-users.yaml diff --git a/components/configs/cluster/console-samples/kustomization.yaml b/components/configs/cluster/console-samples/kustomization.yaml new file mode 100644 index 00000000..1dd8b8f5 --- /dev/null +++ b/components/configs/cluster/console-samples/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- sample-build-config-dockerfile.yaml +- sample-custom-s2i-quickstart.yaml diff --git a/components/configs/cluster/machine/hugepages-1g/hugepages-1g-mcp.yml b/components/configs/cluster/machine-config/hugepages-1g/hugepages-1g-mcp.yml similarity index 100% rename from components/configs/cluster/machine/hugepages-1g/hugepages-1g-mcp.yml rename to components/configs/cluster/machine-config/hugepages-1g/hugepages-1g-mcp.yml diff --git a/components/configs/cluster/machine/hugepages-1g/hugepages-1g-ms.yml b/components/configs/cluster/machine-config/hugepages-1g/hugepages-1g-ms.yml similarity index 100% rename from components/configs/cluster/machine/hugepages-1g/hugepages-1g-ms.yml rename to components/configs/cluster/machine-config/hugepages-1g/hugepages-1g-ms.yml diff --git a/components/configs/cluster/machine/hugepages-1g/hugepages-1g-tuned-boottime.yml b/components/configs/cluster/machine-config/hugepages-1g/hugepages-1g-tuned-boottime.yml similarity index 100% rename from components/configs/cluster/machine/hugepages-1g/hugepages-1g-tuned-boottime.yml rename to components/configs/cluster/machine-config/hugepages-1g/hugepages-1g-tuned-boottime.yml diff --git a/components/configs/cluster/machine/hugepages-2m/hugepages-2m-mc-50.yml b/components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-mc-50.yml similarity index 100% rename from components/configs/cluster/machine/hugepages-2m/hugepages-2m-mc-50.yml rename to components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-mc-50.yml diff --git a/components/configs/cluster/machine/hugepages-2m/hugepages-2m-mcp.yml b/components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-mcp.yml similarity index 100% rename from components/configs/cluster/machine/hugepages-2m/hugepages-2m-mcp.yml rename to components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-mcp.yml diff --git a/components/configs/cluster/machine/hugepages-2m/hugepages-2m-ms.yml b/components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-ms.yml similarity index 100% rename from components/configs/cluster/machine/hugepages-2m/hugepages-2m-ms.yml rename to components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-ms.yml diff --git a/components/configs/cluster/machine/hugepages-2m/hugepages-2m-tuned-boottime.yml b/components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-tuned-boottime.yml similarity index 100% rename from components/configs/cluster/machine/hugepages-2m/hugepages-2m-tuned-boottime.yml rename to components/configs/cluster/machine-config/hugepages-2m/hugepages-2m-tuned-boottime.yml diff --git a/components/configs/cluster/rbac/base/kustomization.yaml b/components/configs/cluster/rbac/base/kustomization.yaml index 0fdddb57..e09f5eb2 100644 --- a/components/configs/cluster/rbac/base/kustomization.yaml +++ b/components/configs/cluster/rbac/base/kustomization.yaml @@ -4,5 +4,7 @@ kind: Kustomization resources: - 99-master-ssh-machineconfig.yaml - 99-worker-ssh-machineconfig.yaml + - workshop-admins-group.yaml + - workshop-users-group.yaml # see components/configs/namespaces/base # - self-provisioner-clusterrolebinding.yaml diff --git a/components/configs/cluster/rbac/base/workshop-admins-group.yaml b/components/configs/cluster/rbac/base/workshop-admins-group.yaml new file mode 100644 index 00000000..6de19b7b --- /dev/null +++ b/components/configs/cluster/rbac/base/workshop-admins-group.yaml @@ -0,0 +1,5 @@ +kind: Group +apiVersion: user.openshift.io/v1 +metadata: + name: workshop-admins +users: [] diff --git a/components/configs/cluster/rbac/base/workshop-users-group.yaml b/components/configs/cluster/rbac/base/workshop-users-group.yaml new file mode 100644 index 00000000..2cd930c0 --- /dev/null +++ b/components/configs/cluster/rbac/base/workshop-users-group.yaml @@ -0,0 +1,5 @@ +kind: Group +apiVersion: user.openshift.io/v1 +metadata: + name: workshop-users +users: [] diff --git a/components/configs/cluster/rbac/overlays/default/patch-cluster-admins-group.yaml b/components/configs/cluster/rbac/overlays/default/patch-cluster-admins-group.yaml deleted file mode 100644 index c6eccb94..00000000 --- a/components/configs/cluster/rbac/overlays/default/patch-cluster-admins-group.yaml +++ /dev/null @@ -1,5 +0,0 @@ -- op: add - path: /users - value: - - admin - - opentlc-mgr diff --git a/components/configs/cluster/rbac/overlays/default/patch-cluster-readers-group.yaml b/components/configs/cluster/rbac/overlays/default/patch-cluster-readers-group.yaml deleted file mode 100644 index 79a54cba..00000000 --- a/components/configs/cluster/rbac/overlays/default/patch-cluster-readers-group.yaml +++ /dev/null @@ -1,3 +0,0 @@ -- op: replace - path: /users - value: [] diff --git a/components/configs/cluster/rbac/overlays/rhdp/kustomization.yaml b/components/configs/cluster/rbac/overlays/rhdp/kustomization.yaml index 63903420..0166df58 100644 --- a/components/configs/cluster/rbac/overlays/rhdp/kustomization.yaml +++ b/components/configs/cluster/rbac/overlays/rhdp/kustomization.yaml @@ -7,17 +7,3 @@ resources: - cluster-admins-custom-rolebinding.yaml - cluster-readers-custom-group.yaml - cluster-readers-custom-rolebinding.yaml - -patches: - - target: - group: machineconfiguration.openshift.io - version: v1 - kind: MachineConfig - name: 99-master-ssh - path: patch-ssh.yaml - - target: - group: machineconfiguration.openshift.io - version: v1 - kind: MachineConfig - name: 99-worker-ssh - path: patch-ssh.yaml diff --git a/components/configs/cluster/rbac/overlays/rhdp/patch-ssh.yaml b/components/configs/cluster/rbac/overlays/rhdp/patch-ssh.yaml deleted file mode 100644 index 5302ff80..00000000 --- a/components/configs/cluster/rbac/overlays/rhdp/patch-ssh.yaml +++ /dev/null @@ -1,9 +0,0 @@ -- op: remove - path: /spec/config/passwd/users/0/sshAuthorizedKeys/0 - -- op: add - path: /spec/config/passwd/users/0/sshAuthorizedKeys/- - value: >- - ssh-rsa - AAAAB3NzaC1yc2EAAAADAQABAAABgQC5Ydtf2FA4Pj48KO7bhg0X3OWOA9Fx38RcCMumr+s6Pr4T30tbdp9qyu4036yl4wUoXMKQW5Ql5pKBy+6APdG/E7xAf8W9IV1MKxuwtg9kuYKmKL9YbPZ4C37p/OaudZp2iiubBxCDa4CM7sX+DgUKq7uVCH0L1ukYqwciv9eF4FRSK4ARn+TQ8Zx3tMX/VTUniriDKOBbTWqQpqPTxT+oW5hypEtei89si8jB/7wtm1TngzQlVOcHYCT/x14r0INJJpX8gvkEr7f1aZPwsPsULxYrskuitXEK0MzZcRjh6xtVq5e/8T6M1pdY4k4m7BK6m5NY1prL25ELtuOYYgJAfpuUc0z+pt0mhGv5CbFAf86E4VkIWn1wo7GbtSKgc8p0TeCOYQIslzN1MH8O/BZW1WyAsQJXaodfoAbm0UTsP32G+1mzM1d4yL8smw1SJdg+BbCAtVBhMaELMI3993jkO93RM/KNNYKNQKU1krC3+HuxYtGqnBb5TTDXMTvg/FU= - koree@macntoss.sgu diff --git a/components/configs/kustomized/custom-notebook-images/base/opencv/buildconfig.yaml b/components/configs/kustomized/custom-notebook-images/base/opencv/buildconfig.yaml index fea1092e..df95fba1 100644 --- a/components/configs/kustomized/custom-notebook-images/base/opencv/buildconfig.yaml +++ b/components/configs/kustomized/custom-notebook-images/base/opencv/buildconfig.yaml @@ -13,7 +13,7 @@ spec: dockerStrategy: from: kind: ImageStreamTag - name: tensorflow:2023.1-cuda-11.8 + name: tensorflow:2023.1 namespace: custom-notebooks dockerfilePath: Containerfile output: diff --git a/components/configs/kustomized/minio/data-connector-rb.yaml b/components/configs/kustomized/minio/data-connector-rb.yaml new file mode 100644 index 00000000..050dfa3d --- /dev/null +++ b/components/configs/kustomized/minio/data-connector-rb.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + argocd.argoproj.io/sync-wave: "1" + name: data-connector-setup-edit +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: edit +subjects: +- kind: ServiceAccount + name: data-connector-setup + namespace: ds-group-project diff --git a/components/configs/kustomized/minio/kustomization.yaml b/components/configs/kustomized/minio/kustomization.yaml index 97852671..4dea5d23 100644 --- a/components/configs/kustomized/minio/kustomization.yaml +++ b/components/configs/kustomized/minio/kustomization.yaml @@ -11,10 +11,11 @@ commonLabels: # app.kubernetes.io/part-of: minio resources: +- data-connector-rb.yaml - deployment.yaml - namespace.yaml - pvc.yaml - route.yaml -- secret.yaml +# - secret.yaml - service.yaml -# - setup-job.yaml +- setup-root-user-job.yaml diff --git a/components/configs/kustomized/minio/namespace.yaml b/components/configs/kustomized/minio/namespace.yaml index e9974b1f..a2585275 100644 --- a/components/configs/kustomized/minio/namespace.yaml +++ b/components/configs/kustomized/minio/namespace.yaml @@ -6,5 +6,5 @@ metadata: labels: app: minio annotations: - openshift.io/display-name: "MinIO Object Storage" + openshift.io/display-name: "Minio Object Storage" argocd.argoproj.io/sync-wave: "0" diff --git a/components/configs/kustomized/minio/setup-job.yaml b/components/configs/kustomized/minio/setup-root-user-job.yaml similarity index 79% rename from components/configs/kustomized/minio/setup-job.yaml rename to components/configs/kustomized/minio/setup-root-user-job.yaml index 6a655110..83781053 100644 --- a/components/configs/kustomized/minio/setup-job.yaml +++ b/components/configs/kustomized/minio/setup-root-user-job.yaml @@ -15,24 +15,33 @@ spec: - name: create-minio-root-user image: image-registry.openshift-image-registry.svc:5000/openshift/tools:latest imagePullPolicy: IfNotPresent + env: + - name: SECRET_NAME + value: minio-root-user command: ["/bin/bash"] args: - -ec - |- - if [ -n "$(oc get secret minio-root-user -oname 2>/dev/null)" ]; then - echo "Secret already exists. Skipping." >&2 - exit 0 + # FORCE=true + + if [ -n "$(oc get secret minio-root-user -o name 2>/dev/null)" ]; then + echo "Secret already exists." + [ -z ${FORCE+x} ] && exit 0 + echo "Forcing creation." fi + genpass() { < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c"${1:-32}" } + id=$(genpass 16) secret=$(genpass) + cat << EOF | oc apply -f- apiVersion: v1 kind: Secret metadata: - name: minio-root-user + name: ${SECRET_NAME} type: Opqaue stringData: MINIO_ROOT_USER: ${id} diff --git a/components/configs/kustomized/rhods-data-connector/create-data-connection-job.yaml b/components/configs/kustomized/rhods-data-connector/create-data-connection-job.yaml new file mode 100644 index 00000000..c2c2ba76 --- /dev/null +++ b/components/configs/kustomized/rhods-data-connector/create-data-connection-job.yaml @@ -0,0 +1,88 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + annotations: + argocd.argoproj.io/sync-wave: "1" + name: create-data-connection +spec: + backoffLimit: 4 + template: + spec: + serviceAccount: data-connector-setup + serviceAccountName: data-connector-setup + containers: + - name: create-data-connection + image: image-registry.openshift-image-registry.svc:5000/openshift/tools:latest + imagePullPolicy: IfNotPresent + env: + - name: MINIO_SECRET_NAME + value: minio-root-user + - name: MINIO_NAMESPACE + value: minio + - name: DATA_CONNECTION_NAME + value: s3-connection-minio + - name: AWS_DEFAULT_REGION + value: us + - name: AWS_S3_ENDPOINT + value: http://minio.minio.svc:9000 + - name: AWS_S3_BUCKET + value: serving-demo + command: ["/bin/bash"] + args: + - -ec + - | + echo "MINIO_NAMESPACE: ${MINIO_NAMESPACE}" + echo -n "Waiting for secret ${MINIO_SECRET_NAME}." + + while [ -z "$(oc get secret -n minio ${MINIO_SECRET_NAME} -o name 2>/dev/null)" ]; do + echo -n '.' + sleep 1 + done; echo + + id=$(oc get secret -n minio ${MINIO_SECRET_NAME} -o go-template='{{.data.MINIO_ROOT_USER|base64decode}}') + secret=$(oc get secret -n minio ${MINIO_SECRET_NAME} -o go-template='{{.data.MINIO_ROOT_PASSWORD|base64decode}}') + + echo "Creating secret ${DATA_CONNECTION_NAME}" + cat << EOF | oc apply -f- + apiVersion: v1 + kind: Secret + metadata: + name: ${DATA_CONNECTION_NAME} + labels: + opendatahub.io/dashboard: "true" + opendatahub.io/managed: "true" + annotations: + opendatahub.io/connection-type: s3 + openshift.io/display-name: Minio + type: Opaque + stringData: + AWS_ACCESS_KEY_ID: ${id} + AWS_SECRET_ACCESS_KEY: ${secret} + AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION} + AWS_S3_ENDPOINT: ${AWS_S3_ENDPOINT} + AWS_S3_BUCKET: ${AWS_S3_BUCKET} + EOF + restartPolicy: Never +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + argocd.argoproj.io/sync-wave: "1" + name: data-connector-setup +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + argocd.argoproj.io/sync-wave: "1" + name: data-connector-setup-edit +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: edit +subjects: +- kind: ServiceAccount + name: data-connector-setup + namespace: ds-group-project diff --git a/components/configs/kustomized/rhods-data-connector/kustomization.yaml b/components/configs/kustomized/rhods-data-connector/kustomization.yaml new file mode 100644 index 00000000..76d8e32f --- /dev/null +++ b/components/configs/kustomized/rhods-data-connector/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: ds-group-project + +resources: + - create-data-connection-job.yaml diff --git a/components/configs/kustomized/rhods-model-instances/kustomization.yaml b/components/configs/kustomized/rhods-model-instances/kustomization.yaml new file mode 100644 index 00000000..b837fb45 --- /dev/null +++ b/components/configs/kustomized/rhods-model-instances/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: ds-group-project + +resources: +- openvino +- triton diff --git a/components/configs/kustomized/model-server/inference.yaml b/components/configs/kustomized/rhods-model-instances/openvino/inference.yaml similarity index 90% rename from components/configs/kustomized/model-server/inference.yaml rename to components/configs/kustomized/rhods-model-instances/openvino/inference.yaml index 3eeefb0e..02cf13bd 100644 --- a/components/configs/kustomized/model-server/inference.yaml +++ b/components/configs/kustomized/rhods-model-instances/openvino/inference.yaml @@ -8,14 +8,14 @@ metadata: labels: name: stocks opendatahub.io/dashboard: "true" - name: stocks + name: openvino-stocks spec: predictor: model: modelFormat: name: onnx version: "1" - runtime: stocks + runtime: vino storage: key: minio-connection path: stocks.onnx \ No newline at end of file diff --git a/components/configs/kustomized/model-server/kustomization.yaml b/components/configs/kustomized/rhods-model-instances/openvino/kustomization.yaml similarity index 78% rename from components/configs/kustomized/model-server/kustomization.yaml rename to components/configs/kustomized/rhods-model-instances/openvino/kustomization.yaml index 58c9c20d..0dc50166 100644 --- a/components/configs/kustomized/model-server/kustomization.yaml +++ b/components/configs/kustomized/rhods-model-instances/openvino/kustomization.yaml @@ -1,6 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ds-group-project + resources: - inference.yaml - runtime.yaml diff --git a/components/configs/kustomized/model-server/runtime.yaml b/components/configs/kustomized/rhods-model-instances/openvino/runtime.yaml similarity index 94% rename from components/configs/kustomized/model-server/runtime.yaml rename to components/configs/kustomized/rhods-model-instances/openvino/runtime.yaml index 9152d92d..07a89ef5 100644 --- a/components/configs/kustomized/model-server/runtime.yaml +++ b/components/configs/kustomized/rhods-model-instances/openvino/runtime.yaml @@ -8,11 +8,11 @@ metadata: opendatahub.io/disable-gpu: "true" opendatahub.io/template-display-name: OpenVINO Model Server opendatahub.io/template-name: ovms - openshift.io/display-name: stocks + openshift.io/display-name: vino labels: - name: stocks + name: vino opendatahub.io/dashboard: "true" - name: stocks + name: vino spec: builtInAdapter: memBufferBytes: 134217728 diff --git a/components/configs/kustomized/rhods-model-instances/triton/inference.yaml b/components/configs/kustomized/rhods-model-instances/triton/inference.yaml new file mode 100644 index 00000000..6c7bd605 --- /dev/null +++ b/components/configs/kustomized/rhods-model-instances/triton/inference.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: serving.kserve.io/v1beta1 +kind: InferenceService +metadata: + annotations: + openshift.io/display-name: stocks + serving.kserve.io/deploymentMode: ModelMesh + labels: + name: stocks + opendatahub.io/dashboard: "true" + name: triton-stocks +spec: + predictor: + model: + modelFormat: + name: tensorflow + version: "1" + runtime: triton + storage: + key: minio-connection + path: stocks.onnx \ No newline at end of file diff --git a/components/configs/kustomized/rhods-model-instances/triton/kustomization.yaml b/components/configs/kustomized/rhods-model-instances/triton/kustomization.yaml new file mode 100644 index 00000000..0dc50166 --- /dev/null +++ b/components/configs/kustomized/rhods-model-instances/triton/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: ds-group-project + +resources: +- inference.yaml +- runtime.yaml diff --git a/components/configs/kustomized/rhods-model-instances/triton/runtime.yaml b/components/configs/kustomized/rhods-model-instances/triton/runtime.yaml new file mode 100644 index 00000000..89c09ba4 --- /dev/null +++ b/components/configs/kustomized/rhods-model-instances/triton/runtime.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: serving.kserve.io/v1alpha1 +kind: ServingRuntime +metadata: + annotations: + enable-auth: "false" + enable-route: "false" + opendatahub.io/disable-gpu: "true" + opendatahub.io/template-display-name: OpenVINO Model Server + opendatahub.io/template-name: triton + openshift.io/display-name: trition + labels: + name: triton + opendatahub.io/dashboard: "true" + name: triton +spec: + builtInAdapter: + memBufferBytes: 134217728 + modelLoadingTimeoutMillis: 90000 + runtimeManagementPort: 8888 + serverType: ovms + containers: + - args: + - --port=8001 + - --rest_port=8888 + - --config_path=/models/model_config_list.json + - --file_system_poll_wait_seconds=0 + - --grpc_bind_address=127.0.0.1 + - --rest_bind_address=127.0.0.1 + image: quay.io/opendatahub/openvino_model_server@sha256:20dbfbaf53d1afbd47c612d953984238cb0e207972ed544a5ea662c2404f276d + name: ovms + resources: + limits: + cpu: "2" + memory: 8Gi + requests: + cpu: "1" + memory: 4Gi + grpcDataEndpoint: port:8001 + grpcEndpoint: port:8085 + multiModel: true + protocolVersions: + - grpc-v1 + replicas: 1 + supportedModelFormats: + - autoSelect: true + name: openvino_ir + version: opset1 + - autoSelect: true + name: onnx + version: "1" + - autoSelect: true + name: tensorflow + version: "2" diff --git a/components/configs/kustomized/rhods-model-runtimes/NOTES.md b/components/configs/kustomized/rhods-model-runtimes/NOTES.md new file mode 100644 index 00000000..b950aaf5 --- /dev/null +++ b/components/configs/kustomized/rhods-model-runtimes/NOTES.md @@ -0,0 +1,5 @@ +# Notes + +## Links + +- https://github.com/jharmison-redhat/custom-serving-runtime-gitops/tree/main/bases/custom-serving-runtime diff --git a/components/configs/kustomized/rhods-model-runtimes/kustomization.yaml b/components/configs/kustomized/rhods-model-runtimes/kustomization.yaml new file mode 100644 index 00000000..3a80eadb --- /dev/null +++ b/components/configs/kustomized/rhods-model-runtimes/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: redhat-ods-applications + +resources: +- triton diff --git a/components/configs/kustomized/rhods-model-runtimes/triton/kustomization.yaml b/components/configs/kustomized/rhods-model-runtimes/triton/kustomization.yaml new file mode 100644 index 00000000..644134a0 --- /dev/null +++ b/components/configs/kustomized/rhods-model-runtimes/triton/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- runtime-template.yaml diff --git a/components/configs/kustomized/rhods-model-runtimes/triton/runtime-template.yaml b/components/configs/kustomized/rhods-model-runtimes/triton/runtime-template.yaml new file mode 100644 index 00000000..59723c37 --- /dev/null +++ b/components/configs/kustomized/rhods-model-runtimes/triton/runtime-template.yaml @@ -0,0 +1,110 @@ +apiVersion: template.openshift.io/v1 +kind: Template +metadata: + annotations: + opendatahub.io/template-enabled: "true" + tags: triton-23.05,servingruntime + argocd.argoproj.io/sync-wave: "2" + description: Nvidia Triton Inference Server Runtime Definition + labels: + opendatahub.io/configurable: "true" + opendatahub.io/dashboard: "true" + # opendatahub.io/ootb: "true" + name: triton +objects: + - apiVersion: serving.kserve.io/v1alpha1 + kind: ServingRuntime + metadata: + name: triton + labels: + name: triton + annotations: + maxLoadingConcurrency: "2" + openshift.io/display-name: "Nvidia Triton Model Server" + spec: + supportedModelFormats: + - name: keras + version: "2" + autoSelect: true + - name: onnx + version: "1" + autoSelect: true + - name: pytorch + version: "1" + autoSelect: true + - name: tensorflow + version: "1" + autoSelect: true + - name: tensorflow + version: "2" + autoSelect: true + - name: tensorrt + version: "7" + autoSelect: true + + protocolVersions: + - grpc-v2 + multiModel: true + + grpcEndpoint: "port:8085" + grpcDataEndpoint: "port:8001" + + volumes: + - name: shm + emptyDir: + medium: Memory + sizeLimit: 2Gi + containers: + - name: triton + image: nvcr.io/nvidia/tritonserver:23.05-py3 + command: + - /bin/sh + - -c + - | + #!/bin/sh + mkdir -p /models/_triton_models + + chmod 775 /models/_triton_models + exec tritonserver \ + --model-repository=/models/_triton_models \ + --model-control-mode=explicit \ + --strict-model-config=false \ + --strict-readiness=false \ + --allow-http=true \ + --allow-sagemaker=false + + volumeMounts: + - name: shm + mountPath: /dev/shm + resources: + requests: + cpu: 500m + memory: 1Gi + limits: + cpu: "5" + memory: 2Gi + livenessProbe: + # the server is listening only on 127.0.0.1, so an httpGet probe sent + # from the kublet running on the node cannot connect to the server + # (not even with the Host header or host field) + # exec a curl call to have the request originate from localhost in the + # container + exec: + command: + - /bin/sh + - -c + - | + curl \ + --fail \ + --silent \ + --show-error \ + --max-time "8" \ + http://localhost:8000/v2/health/live + initialDelaySeconds: 5 + periodSeconds: 30 + timeoutSeconds: 10 + builtInAdapter: + serverType: triton + runtimeManagementPort: 8001 + memBufferBytes: 134217728 + modelLoadingTimeoutMillis: 90000 diff --git a/components/configs/kustomized/notebook/kustomization.yaml b/components/configs/kustomized/rhods-notebook/base/kustomization.yaml similarity index 100% rename from components/configs/kustomized/notebook/kustomization.yaml rename to components/configs/kustomized/rhods-notebook/base/kustomization.yaml diff --git a/components/configs/kustomized/notebook/notebook.yaml b/components/configs/kustomized/rhods-notebook/base/notebook.yaml similarity index 83% rename from components/configs/kustomized/notebook/notebook.yaml rename to components/configs/kustomized/rhods-notebook/base/notebook.yaml index ec704fe1..ec45bf82 100644 --- a/components/configs/kustomized/notebook/notebook.yaml +++ b/components/configs/kustomized/rhods-notebook/base/notebook.yaml @@ -6,16 +6,14 @@ metadata: notebooks.opendatahub.io/inject-oauth: "true" notebooks.opendatahub.io/last-image-selection: 'tensorflow:2023.1' notebooks.opendatahub.io/last-size-selection: Small - notebooks.opendatahub.io/oauth-logout-url: https://rhods-dashboard-redhat-ods-applications.apps.cluster-xx7jv.xx7jv.sandbox1365.opentlc.com/projects/pipelines-tutorial?notebookLogout=science - opendatahub.io/username: opentlc-mgr + opendatahub.io/username: user openshift.io/description: "" - openshift.io/display-name: Notebook + openshift.io/display-name: Exploration Notebook labels: app: science opendatahub.io/dashboard: "true" opendatahub.io/odh-managed: "true" name: science - namespace: pipelines-tutorial spec: template: spec: @@ -36,20 +34,20 @@ spec: --ServerApp.port=8888 --ServerApp.token='' --ServerApp.password='' - --ServerApp.base_url=/notebook/pipelines-tutorial/science + --ServerApp.base_url=/notebook/ds-group-project/science --ServerApp.quit_button=False - --ServerApp.tornado_settings={"user":"opentlc-2dmgr","hub_host":"https://rhods-dashboard-redhat-ods-applications.apps.cluster-xx7jv.xx7jv.sandbox1365.opentlc.com","hub_prefix":"/projects/pipelines-tutorial"} + # --ServerApp.tornado_settings={"user":"opentlc-2dmgr","hub_host":"https://rhods-dashboard-redhat-ods-applications.apps.example.com","hub_prefix":"/projects/ds-group-project"} - name: JUPYTER_IMAGE value: image-registry.openshift-image-registry.svc:5000/redhat-ods-applications/tensorflow:2023.1 envFrom: - secretRef: - name: minio-connection + name: s3-connection-minio image: image-registry.openshift-image-registry.svc:5000/redhat-ods-applications/tensorflow:2023.1 imagePullPolicy: Always livenessProbe: failureThreshold: 3 httpGet: - path: /notebook/pipelines-tutorial/science/api + path: /notebook/ds-group-project/science/api port: notebook-port scheme: HTTP initialDelaySeconds: 10 @@ -64,7 +62,7 @@ spec: readinessProbe: failureThreshold: 3 httpGet: - path: /notebook/pipelines-tutorial/science/api + path: /notebook/ds-group-project/science/api port: notebook-port scheme: HTTP initialDelaySeconds: 10 @@ -96,7 +94,7 @@ spec: - --email-domain=* - --skip-provider-button - --openshift-sar={"verb":"get","resource":"notebooks","resourceAPIGroup":"kubeflow.org","resourceName":"science","namespace":"$(NAMESPACE)"} - - --logout-url=https://rhods-dashboard-redhat-ods-applications.apps.cluster-xx7jv.xx7jv.sandbox1365.opentlc.com/projects/pipelines-tutorial?notebookLogout=science + # - --logout-url=https://rhods-dashboard-redhat-ods-applications.apps.cluster-xx7jv.xx7jv.sandbox1365.opentlc.com/projects/ds-group-project?notebookLogout=science env: - name: NAMESPACE valueFrom: diff --git a/components/configs/kustomized/notebook/pvc.yaml b/components/configs/kustomized/rhods-notebook/base/pvc.yaml similarity index 67% rename from components/configs/kustomized/notebook/pvc.yaml rename to components/configs/kustomized/rhods-notebook/base/pvc.yaml index d9f7d3b2..3baacf6a 100644 --- a/components/configs/kustomized/notebook/pvc.yaml +++ b/components/configs/kustomized/rhods-notebook/base/pvc.yaml @@ -2,8 +2,8 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: - openshift.io/description: "" - openshift.io/display-name: Science + openshift.io/description: "Connect a project dataset to a notebook" + openshift.io/display-name: Project Dataset labels: opendatahub.io/dashboard: "true" name: science diff --git a/components/configs/kustomized/rhods-notebook/kustomization.yaml b/components/configs/kustomized/rhods-notebook/kustomization.yaml new file mode 100644 index 00000000..200ea837 --- /dev/null +++ b/components/configs/kustomized/rhods-notebook/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- overlays/default diff --git a/components/configs/kustomized/rhods-notebook/overlays/default/kustomization.yaml b/components/configs/kustomized/rhods-notebook/overlays/default/kustomization.yaml new file mode 100644 index 00000000..76a234fd --- /dev/null +++ b/components/configs/kustomized/rhods-notebook/overlays/default/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: ds-group-project + +resources: +- ../../base diff --git a/components/configs/kustomized/rhods-projects/group-project/admin-rolebinding.yaml b/components/configs/kustomized/rhods-projects/group-project/admin-rolebinding.yaml index 82b242ba..1fcd6391 100644 --- a/components/configs/kustomized/rhods-projects/group-project/admin-rolebinding.yaml +++ b/components/configs/kustomized/rhods-projects/group-project/admin-rolebinding.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: group-project-admin-rolebinding - namespace: group-project roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/components/configs/kustomized/rhods-projects/group-project/edit-rolebinding.yaml b/components/configs/kustomized/rhods-projects/group-project/edit-rolebinding.yaml index b31e304e..f912f1fa 100644 --- a/components/configs/kustomized/rhods-projects/group-project/edit-rolebinding.yaml +++ b/components/configs/kustomized/rhods-projects/group-project/edit-rolebinding.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: group-project-edit-rolebinding - namespace: group-project roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/components/configs/kustomized/rhods-projects/group-project/kustomization.yaml b/components/configs/kustomized/rhods-projects/group-project/kustomization.yaml index aa68f016..aa5fa3d0 100644 --- a/components/configs/kustomized/rhods-projects/group-project/kustomization.yaml +++ b/components/configs/kustomized/rhods-projects/group-project/kustomization.yaml @@ -1,6 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ds-group-project + resources: - admin-rolebinding.yaml - edit-rolebinding.yaml diff --git a/components/configs/kustomized/rhods-projects/group-project/limit-range.yaml b/components/configs/kustomized/rhods-projects/group-project/limit-range.yaml index 146131eb..9aaa3902 100644 --- a/components/configs/kustomized/rhods-projects/group-project/limit-range.yaml +++ b/components/configs/kustomized/rhods-projects/group-project/limit-range.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: LimitRange metadata: name: group-project-limit-range - namespace: group-project spec: limits: - type: Container diff --git a/components/configs/kustomized/rhods-projects/group-project/namespace.yaml b/components/configs/kustomized/rhods-projects/group-project/namespace.yaml index 03e34caf..64b037ea 100644 --- a/components/configs/kustomized/rhods-projects/group-project/namespace.yaml +++ b/components/configs/kustomized/rhods-projects/group-project/namespace.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Namespace metadata: - name: group-project + name: ds-group-project annotations: openshift.io/description: | A friendly, open project to allow collaboration around unrestricted data diff --git a/components/configs/kustomized/rhods-projects/group-project/quota.yaml b/components/configs/kustomized/rhods-projects/group-project/quota.yaml index 75b5a801..ebb63719 100644 --- a/components/configs/kustomized/rhods-projects/group-project/quota.yaml +++ b/components/configs/kustomized/rhods-projects/group-project/quota.yaml @@ -3,7 +3,6 @@ apiVersion: v1 kind: ResourceQuota metadata: name: group-project-quota-compute - namespace: group-project spec: hard: # requests.cpu: '1' @@ -15,7 +14,6 @@ apiVersion: v1 kind: ResourceQuota metadata: name: group-project-quota-storage - namespace: group-project spec: hard: requests.storage: 100Gi diff --git a/components/configs/kustomized/rhods-projects/individual-project/admin-rolebinding.yaml b/components/configs/kustomized/rhods-projects/individual-project/admin-rolebinding.yaml index 8f7da161..7a8021eb 100644 --- a/components/configs/kustomized/rhods-projects/individual-project/admin-rolebinding.yaml +++ b/components/configs/kustomized/rhods-projects/individual-project/admin-rolebinding.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: individual-project-admin-rolebinding - namespace: individual-project roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/components/configs/kustomized/rhods-projects/individual-project/kustomization.yaml b/components/configs/kustomized/rhods-projects/individual-project/kustomization.yaml index a3d734d8..1931fedb 100644 --- a/components/configs/kustomized/rhods-projects/individual-project/kustomization.yaml +++ b/components/configs/kustomized/rhods-projects/individual-project/kustomization.yaml @@ -1,6 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ds-individual-project + resources: - admin-rolebinding.yaml - namespace.yaml diff --git a/components/configs/kustomized/rhods-projects/individual-project/namespace.yaml b/components/configs/kustomized/rhods-projects/individual-project/namespace.yaml index 95a67fb3..e5c3a36d 100644 --- a/components/configs/kustomized/rhods-projects/individual-project/namespace.yaml +++ b/components/configs/kustomized/rhods-projects/individual-project/namespace.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Namespace metadata: - name: individual-project + name: ds-individual-project annotations: openshift.io/description: | A personal project to explore alone diff --git a/components/configs/kustomized/rhods-projects/secret-project/admin-rolebinding.yaml b/components/configs/kustomized/rhods-projects/secret-project/admin-rolebinding.yaml index 3fe438fb..58c49940 100644 --- a/components/configs/kustomized/rhods-projects/secret-project/admin-rolebinding.yaml +++ b/components/configs/kustomized/rhods-projects/secret-project/admin-rolebinding.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: secret-project-admin-rolebinding - namespace: secret-project roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/components/configs/kustomized/rhods-projects/secret-project/kustomization.yaml b/components/configs/kustomized/rhods-projects/secret-project/kustomization.yaml index a3d734d8..c96706b7 100644 --- a/components/configs/kustomized/rhods-projects/secret-project/kustomization.yaml +++ b/components/configs/kustomized/rhods-projects/secret-project/kustomization.yaml @@ -1,6 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: ds-secret-project + resources: - admin-rolebinding.yaml - namespace.yaml diff --git a/components/configs/kustomized/rhods-projects/secret-project/namespace.yaml b/components/configs/kustomized/rhods-projects/secret-project/namespace.yaml index 06591f9a..eb57097d 100644 --- a/components/configs/kustomized/rhods-projects/secret-project/namespace.yaml +++ b/components/configs/kustomized/rhods-projects/secret-project/namespace.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Namespace metadata: - name: secret-project + name: ds-secret-project annotations: openshift.io/description: | A secret project to explore dark rainbows in space diff --git a/components/configs/kustomized/rhods/rhods-admins-group.yaml b/components/configs/kustomized/rhods/rhods-admins-group.yaml index 83ce81e5..00f7b0ba 100644 --- a/components/configs/kustomized/rhods/rhods-admins-group.yaml +++ b/components/configs/kustomized/rhods/rhods-admins-group.yaml @@ -3,5 +3,6 @@ apiVersion: user.openshift.io/v1 metadata: name: rhods-admins users: + - b64:kube:admin - admin - opentlc-mgr diff --git a/demos/rhods/kustomization.yaml b/demos/rhods/kustomization.yaml new file mode 100644 index 00000000..a9a5ca9b --- /dev/null +++ b/demos/rhods/kustomization.yaml @@ -0,0 +1,29 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../clusters/default + - ../../components/operators/rhods-operator/operator/overlays/stable + - ../../components/operators/openshift-pipelines-operator-rh/operator/overlays/latest + - ../../components/configs/kustomized/rhods + - ../../components/configs/kustomized/rhods-projects + - ../../components/configs/kustomized/rhods-model-runtimes + # - ../../components/configs/kustomized/rhods-model-instances + - ../../components/configs/kustomized/rhods-notebook + - ../../components/configs/kustomized/rhods-data-connector + - ../../components/configs/kustomized/custom-notebook-images/overlays/rhods + - ../../components/configs/kustomized/minio + +patches: + - target: + kind: ConsoleNotification + name: banner-top + patch: |- + - op: replace + path: /spec/text + value: 'DEMO: Red Hat Open Data Science (RHODS)' + - target: + group: user.openshift.io + kind: Group + name: workshop-users + path: patch-workshop-users.yaml diff --git a/components/configs/aggragates/rhods/patch-workshop-users.yaml b/demos/rhods/patch-workshop-users.yaml similarity index 100% rename from components/configs/aggragates/rhods/patch-workshop-users.yaml rename to demos/rhods/patch-workshop-users.yaml diff --git a/components/configs/workshops/workshop-users/admin-rolebinding.yaml b/dump/workshops/workshop-users/admin-rolebinding.yaml similarity index 100% rename from components/configs/workshops/workshop-users/admin-rolebinding.yaml rename to dump/workshops/workshop-users/admin-rolebinding.yaml diff --git a/components/configs/workshops/workshop-users/kustomization.yaml b/dump/workshops/workshop-users/kustomization.yaml similarity index 100% rename from components/configs/workshops/workshop-users/kustomization.yaml rename to dump/workshops/workshop-users/kustomization.yaml diff --git a/components/configs/workshops/workshop-users/namespace.yaml b/dump/workshops/workshop-users/namespace.yaml similarity index 100% rename from components/configs/workshops/workshop-users/namespace.yaml rename to dump/workshops/workshop-users/namespace.yaml diff --git a/components/configs/workshops/workshop-users/workshop-admins-group.yaml b/dump/workshops/workshop-users/workshop-admins-group.yaml similarity index 100% rename from components/configs/workshops/workshop-users/workshop-admins-group.yaml rename to dump/workshops/workshop-users/workshop-admins-group.yaml diff --git a/components/configs/workshops/workshop-users/workshop-users-group.yaml b/dump/workshops/workshop-users/workshop-users-group.yaml similarity index 100% rename from components/configs/workshops/workshop-users/workshop-users-group.yaml rename to dump/workshops/workshop-users/workshop-users-group.yaml