Skip to content

Commit

Permalink
Add kubernetes dashboard to sandbox overlay (#789)
Browse files Browse the repository at this point in the history
* Add kubernetes dashboard to sandbox overlay

Signed-off-by: Jeev B <jeev.balakrishnan@freenome.com>

* Remove task logs from headless kustomize module

Signed-off-by: Jeev B <jeev.balakrishnan@freenome.com>

* Update first run doc to expose 30082 for kubernetes dashboard

Signed-off-by: Jeev B <jeev.balakrishnan@freenome.com>

* use kubernetes-template-url for specifying log URL in sandbox overlay

Signed-off-by: Jeev B <jeev.balakrishnan@freenome.com>

* Update flytepropeller to v0.6.1 to leverage `kubernetes-template-uri` config

Signed-off-by: Jeev B <jeev.balakrishnan@freenome.com>
  • Loading branch information
jeevb authored Mar 3, 2021
1 parent 4589fcd commit f149af8
Show file tree
Hide file tree
Showing 17 changed files with 351 additions and 29 deletions.
2 changes: 1 addition & 1 deletion deployment/eks/flyte_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8777,7 +8777,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.name
image: ghcr.io/flyteorg/flytepropeller:v0.5.13
image: ghcr.io/flyteorg/flytepropeller:v0.6.1
imagePullPolicy: IfNotPresent
name: flytepropeller
ports:
Expand Down
2 changes: 1 addition & 1 deletion deployment/gcp/flyte_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8809,7 +8809,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.name
image: ghcr.io/flyteorg/flytepropeller:v0.5.13
image: ghcr.io/flyteorg/flytepropeller:v0.6.1
imagePullPolicy: IfNotPresent
name: flytepropeller
ports:
Expand Down
295 changes: 291 additions & 4 deletions deployment/sandbox/flyte_generated.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@ metadata:
---
apiVersion: v1
kind: Namespace
metadata:
name: kubernetes-dashboard
---
apiVersion: v1
kind: Namespace
metadata:
name: projectcontour
---
Expand Down Expand Up @@ -1595,6 +1600,14 @@ metadata:
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: contour
namespace: projectcontour
Expand All @@ -1613,6 +1626,57 @@ metadata:
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
rules:
- apiGroups:
- ""
resourceNames:
- kubernetes-dashboard-key-holder
- kubernetes-dashboard-certs
- kubernetes-dashboard-csrf
resources:
- secrets
verbs:
- get
- update
- delete
- apiGroups:
- ""
resourceNames:
- kubernetes-dashboard-settings
resources:
- configmaps
verbs:
- get
- update
- apiGroups:
- ""
resourceNames:
- heapster
- dashboard-metrics-scraper
resources:
- services
verbs:
- proxy
- apiGroups:
- ""
resourceNames:
- heapster
- 'http:heapster:'
- 'https:heapster:'
- dashboard-metrics-scraper
- http:dashboard-metrics-scraper
resources:
- services/proxy
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: contour-certgen
namespace: projectcontour
Expand Down Expand Up @@ -1824,6 +1888,39 @@ rules:
- deletecollection
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
rules:
- apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: contour
Expand All @@ -1850,6 +1947,32 @@ subjects:
name: contour
namespace: projectcontour
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
Expand Down Expand Up @@ -2157,13 +2280,21 @@ data:
plugins:
logs:
kubernetes-enabled: true
kubernetes-url: "http://localhost:30082"
kubernetes-template-uri: "http://localhost:30082/#/log/{{ .namespace }}/{{ .podName }}/pod?namespace={{ .namespace }}"
kind: ConfigMap
metadata:
name: flyte-propeller-config-94gbkmm6cm
name: flyte-propeller-config-492gkfhbgk
namespace: flyte
---
apiVersion: v1
kind: ConfigMap
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-settings
namespace: kubernetes-dashboard
---
apiVersion: v1
data:
contour.yaml: |
#
Expand Down Expand Up @@ -2295,6 +2426,26 @@ metadata:
type: Opaque
---
apiVersion: v1
data:
csrf: ""
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kubernetes-dashboard
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-key-holder
namespace: kubernetes-dashboard
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
annotations:
Expand Down Expand Up @@ -2408,6 +2559,38 @@ spec:
---
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
ports:
- port: 8000
targetPort: 8000
selector:
k8s-app: dashboard-metrics-scraper
---
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- name: http
nodePort: 30082
port: 80
protocol: TCP
targetPort: 9090
selector:
k8s-app: kubernetes-dashboard
type: NodePort
---
apiVersion: v1
kind: Service
metadata:
name: contour
namespace: projectcontour
Expand Down Expand Up @@ -2715,7 +2898,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.name
image: ghcr.io/flyteorg/flytepropeller:v0.5.13
image: ghcr.io/flyteorg/flytepropeller:v0.6.1
imagePullPolicy: IfNotPresent
name: flytepropeller
ports:
Expand All @@ -2726,7 +2909,7 @@ spec:
serviceAccountName: flytepropeller
volumes:
- configMap:
name: flyte-propeller-config-94gbkmm6cm
name: flyte-propeller-config-492gkfhbgk
name: config-volume
---
apiVersion: apps/v1
Expand Down Expand Up @@ -2796,6 +2979,110 @@ spec:
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: dashboard-metrics-scraper
template:
metadata:
annotations:
seccomp.security.alpha.kubernetes.io/pod: runtime/default
labels:
k8s-app: dashboard-metrics-scraper
spec:
containers:
- image: kubernetesui/metrics-scraper:v1.0.6
livenessProbe:
httpGet:
path: /
port: 8000
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 30
name: dashboard-metrics-scraper
ports:
- containerPort: 8000
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsGroup: 2001
runAsUser: 1001
volumeMounts:
- mountPath: /tmp
name: tmp-volume
nodeSelector:
kubernetes.io/os: linux
serviceAccountName: kubernetes-dashboard
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
volumes:
- emptyDir: {}
name: tmp-volume
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- args:
- --namespace=kubernetes-dashboard
- --enable-insecure-login
- --enable-skip-login
- --disable-settings-authorizer
image: kubernetesui/dashboard:v2.2.0
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
name: kubernetes-dashboard
ports:
- containerPort: 9090
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsGroup: 2001
runAsUser: 1001
volumeMounts:
- mountPath: /tmp
name: tmp-volume
nodeSelector:
kubernetes.io/os: linux
serviceAccountName: kubernetes-dashboard
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
volumes:
- emptyDir: {}
name: tmp-volume
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: contour
Expand Down
Loading

0 comments on commit f149af8

Please sign in to comment.