diff --git a/charts/flyte-binary/README.md b/charts/flyte-binary/README.md index 63a351d0f5..b0234919dc 100644 --- a/charts/flyte-binary/README.md +++ b/charts/flyte-binary/README.md @@ -104,6 +104,8 @@ Chart for basic single Flyte executable deployment | deployment.podSecurityContext.runAsGroup | int | `65534` | | | deployment.podSecurityContext.runAsUser | int | `65534` | | | deployment.readinessProbe | object | `{}` | | +| deployment.resources.requests.cpu | string | `"4"` | | +| deployment.resources.requests.memory | string | `"4Gi"` | | | deployment.sidecars | list | `[]` | | | deployment.startupProbe | object | `{}` | | | deployment.waitForDB.args | list | `[]` | | diff --git a/charts/flyte-binary/eks-production.yaml b/charts/flyte-binary/eks-production.yaml deleted file mode 100644 index 987269a5aa..0000000000 --- a/charts/flyte-binary/eks-production.yaml +++ /dev/null @@ -1,123 +0,0 @@ -configuration: - database: - username: postgres - password: - host: - dbname: flyte - storage: - #Learn more about how Flyte handles data: https://docs.flyte.org/en/latest/concepts/data_management.html - metadataContainer: - userDataContainer: - provider: s3 - providerConfig: - s3: - region: "" - authType: "iam" - #For logging to work, you need to setup an agent. - # Learn more: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Container-Insights-EKS-logs.html - logging: - level: 5 - plugins: - cloudwatch: - enabled: true - templateUri: |- - https://console.aws.amazon.com/cloudwatch/home?region=#logEventViewer:group=/aws/eks//cluster;stream=var.log.containers.{{ .podName }}_{{ .namespace }}_{{ .containerName }}-{{ .containerId }}.log - # To configure auth, refer to https://docs.flyte.org/en/latest/deployment/configuration/auth_setup.html - auth: - enabled: false - oidc: - baseUrl: - clientId: - clientSecret: - internal: - clientSecret: - clientSecretHash: - authorizedUris: - - https://flyte.company.com #change to your authorized URI - inline: - #This section automates the IAM Role annotation for the default KSA on each project namespace to enable IRSA - #Learn more: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html - cluster_resources: - customData: - - production: - - defaultIamRole: - value: - - staging: - - defaultIamRole: - value: - - development: - - defaultIamRole: - value: - flyteadmin: - roleNameKey: "iam.amazonaws.com/role" - plugins: - k8s: - inject-finalizer: true - default-env-vars: - - AWS_METADATA_SERVICE_TIMEOUT: 5 - - AWS_METADATA_SERVICE_NUM_ATTEMPTS: 20 - # Configuration for the Datacatalog engine, used when caching is enabled - # Learn more: https://docs.flyte.org/en/latest/deployment/configuration/generated/datacatalog_config.html - storage: - cache: - max_size_mbs: 10 - target_gc_percent: 100 - tasks: - task-plugins: - enabled-plugins: - - container - - sidecar - - K8S-ARRAY #used for MapTasks - - agent-service - default-for-task-types: - - container: container - - container_array: K8S-ARRAY -clusterResourceTemplates: - inline: - #This section automates the creation of the project-domain namespaces - 001_namespace.yaml: | - apiVersion: v1 - kind: Namespace - metadata: - name: '{{ namespace }}' - # This block performs the automated annotation of KSAs across all project-domain namespaces - 002_serviceaccount.yaml: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: default - namespace: '{{ namespace }}' - annotations: - eks.amazonaws.com/role-arn: '{{ defaultIamRole }}' -ingress: - create: true - ##-- Uncomment the following section if you plan to use NGINX Ingress Controller - #ingressClassName: nginx - #commonAnnotations: - # ingress.kubernetes.io/rewrite-target: / - # nginx.ingress.kubernetes.io/ssl-redirect: "true" - #httpAnnotations: - # nginx.ingress.kubernetes.io/app-root: /console - #grpcAnnotations: - # nginx.ingress.kubernetes.io/backend-protocol: GRPC - #host: # change for the URL you'll use to connect to Flyte - ## --- - - #This section assumes you are using the ALB Ingress controller. - ingressClassName: alb - commonAnnotations: - alb.ingress.kubernetes.io/certificate-arn: 'arn:aws:acm:::certificate/' - alb.ingress.kubernetes.io/group.name: flyte - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/ssl-redirect: '443' - alb.ingress.kubernetes.io/target-type: ip - httpAnnotations: - alb.ingress.kubernetes.io/actions.app-root: '{"Type": "redirect", "RedirectConfig": {"Path": "/console", "StatusCode": "HTTP_302"}}' - grpcAnnotations: - alb.ingress.kubernetes.io/backend-protocol-version: GRPC - host: flyte.mydomain.com #replace with your fully-qualified domain name -serviceAccount: - create: true - annotations: - eks.amazonaws.com/role-arn: "" \ No newline at end of file diff --git a/charts/flyte-binary/values.yaml b/charts/flyte-binary/values.yaml index 66d1e1feae..dde00fd678 100644 --- a/charts/flyte-binary/values.yaml +++ b/charts/flyte-binary/values.yaml @@ -234,12 +234,10 @@ deployment: # lifecycleHooks Specify hooks to run in Flyte container before or after startup lifecycleHooks: {} # resources Resource limits and requests for Flyte container - # Uncomment and update to specify resources for deployment - # resources: - # limits: - # memory: 1Gi - # requests: - # cpu: 1 + resources: + requests: + cpu: "4" + memory: "4Gi" # podSecurityContext Specify security context for Flyte pod # See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ podSecurityContext: diff --git a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml index 08599c13f7..3ddeec8644 100644 --- a/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml +++ b/deployment/sandbox-binary/flyte_sandbox_binary_helm_generated.yaml @@ -381,6 +381,10 @@ spec: echo waiting for database sleep 0.1 done + resources: + requests: + cpu: "4" + memory: 4Gi containers: - name: flyte image: "cr.flyte.org/flyteorg/flyte-binary:latest" @@ -415,6 +419,10 @@ spec: path: /healthcheck port: http initialDelaySeconds: 30 + resources: + requests: + cpu: "4" + memory: 4Gi volumeMounts: - name: cluster-resource-templates mountPath: /etc/flyte/cluster-resource-templates diff --git a/docker/sandbox-bundled/manifests/complete-agent.yaml b/docker/sandbox-bundled/manifests/complete-agent.yaml index 4b0dc5c172..c3c41f4c39 100644 --- a/docker/sandbox-bundled/manifests/complete-agent.yaml +++ b/docker/sandbox-bundled/manifests/complete-agent.yaml @@ -817,7 +817,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: RVJtRHVFeUtzZHdDMjRTQQ== + haSharedSecret: Nmszb2dnV0lvdDV4cTFKRw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1289,6 +1289,10 @@ spec: path: /healthcheck port: http initialDelaySeconds: 30 + resources: + requests: + cpu: "4" + memory: 4Gi volumeMounts: - mountPath: /etc/flyte/cluster-resource-templates name: cluster-resource-templates @@ -1313,6 +1317,10 @@ spec: image: bitnami/postgresql:sandbox imagePullPolicy: Never name: wait-for-db + resources: + requests: + cpu: "4" + memory: 4Gi serviceAccountName: flyte-sandbox volumes: - name: cluster-resource-templates @@ -1414,7 +1422,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: b56109123fc8874c06e091766f6e86bd5ffdc4cdc86ea7861092332870babf0e + checksum/secret: e61f7c68a179663c34a4ed4be490c02741a0ee38ef152e5651859418cb4b36bd labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/complete.yaml b/docker/sandbox-bundled/manifests/complete.yaml index db86678c70..7e75525b3d 100644 --- a/docker/sandbox-bundled/manifests/complete.yaml +++ b/docker/sandbox-bundled/manifests/complete.yaml @@ -797,7 +797,7 @@ type: Opaque --- apiVersion: v1 data: - haSharedSecret: dGZGeUR3THl1ODFKV2ROdA== + haSharedSecret: aEp3U2hKVXdzUmtNQXZzYw== proxyPassword: "" proxyUsername: "" kind: Secret @@ -1236,6 +1236,10 @@ spec: path: /healthcheck port: http initialDelaySeconds: 30 + resources: + requests: + cpu: "4" + memory: 4Gi volumeMounts: - mountPath: /etc/flyte/cluster-resource-templates name: cluster-resource-templates @@ -1260,6 +1264,10 @@ spec: image: bitnami/postgresql:sandbox imagePullPolicy: Never name: wait-for-db + resources: + requests: + cpu: "4" + memory: 4Gi serviceAccountName: flyte-sandbox volumes: - name: cluster-resource-templates @@ -1361,7 +1369,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 953e371a21c81445990201881e1603b35558441bea4c3702cc1f3dbdbc66c6b7 + checksum/secret: 6a1c2ce15560b5de6ff90d8437ed712de1c3ef32be3420e327d77d3cd0bcfbe2 labels: app: docker-registry release: flyte-sandbox diff --git a/docker/sandbox-bundled/manifests/dev.yaml b/docker/sandbox-bundled/manifests/dev.yaml index bdd5143bb3..4e63cbb066 100644 --- a/docker/sandbox-bundled/manifests/dev.yaml +++ b/docker/sandbox-bundled/manifests/dev.yaml @@ -499,7 +499,7 @@ metadata: --- apiVersion: v1 data: - haSharedSecret: clA0NmJsaW9TUHNJYjRYTA== + haSharedSecret: ZlpjYUVxZ3FYMVljSGlCNA== proxyPassword: "" proxyUsername: "" kind: Secret @@ -934,7 +934,7 @@ spec: metadata: annotations: checksum/config: 8f50e768255a87f078ba8b9879a0c174c3e045ffb46ac8723d2eedbe293c8d81 - checksum/secret: 51051b8a95112e2aa1aed0e472540340697cf3481a144444d65dfaa220ae471d + checksum/secret: 23e3effcf66f6c4c67c3b40f34b919e52d7bb808206286c9412673a5b248d44d labels: app: docker-registry release: flyte-sandbox diff --git a/docs/deployment/configuration/index.md b/docs/deployment/configuration/index.md index b5758679d7..a090f735d2 100644 --- a/docs/deployment/configuration/index.md +++ b/docs/deployment/configuration/index.md @@ -5,22 +5,7 @@ This section will cover how to configure your Flyte cluster for features like authentication, monitoring, and notifications. -````{important} -The configuration instructions in this section are for the `flyte` and `flyte-core` Helm charts, which is for -the {ref}`multi-cluster setup `. -If you're using the `flyte-binary` chart for the {ref}`single cluster setup `, -instead of specifying configuration under a yaml file like `cloud_events.yaml` in {ref}`deployment-configuration-cloud-event`, -you'll need to add the configuration settings under the `inline` section in the `eks-production.yaml` file: - -```{eval-rst} -.. literalinclude:: ../../../charts/flyte-binary/eks-production.yaml - :language: yaml - :lines: 30-41 - :caption: charts/flyte-binary/eks-production.yaml -``` - -```` ```{list-table}