170 lines
5.3 KiB
YAML
170 lines
5.3 KiB
YAML
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
namespace: "{{ namespace }}"
|
|
resources:
|
|
- rendered.yaml
|
|
- weights-pvc.yaml
|
|
patches:
|
|
- target:
|
|
group: apps
|
|
version: v1
|
|
kind: Deployment
|
|
name: "{{ name }}"
|
|
patch: |
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: "{{ name }}"
|
|
labels:
|
|
app.kubernetes.io/component: ide
|
|
app.kubernetes.io/part-of: ocdp-workload
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: ide
|
|
app.kubernetes.io/part-of: ocdp-workload
|
|
spec:
|
|
imagePullSecrets:
|
|
- name: regcred
|
|
schedulerName: hami-scheduler
|
|
securityContext:
|
|
fsGroup: 1000
|
|
volumes:
|
|
- name: identity
|
|
emptyDir: {}
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: "{{ name }}"
|
|
- name: model-weights
|
|
persistentVolumeClaim:
|
|
claimName: "{{ name }}-weights"
|
|
initContainers:
|
|
- name: prepare-identity
|
|
image: harbor.bwgdi.com/library/earth2studio-demo:v6
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- /bin/bash
|
|
- -lc
|
|
args:
|
|
- |
|
|
set -euo pipefail
|
|
cp /etc/passwd /identity/passwd
|
|
cp /etc/group /identity/group
|
|
if ! awk -F: '$3 == 1000 { found=1 } END { exit !found }' /identity/passwd; then
|
|
printf 'coder:x:1000:1000:OCDP code-server user:/workspace:/bin/bash\n' >> /identity/passwd
|
|
fi
|
|
if ! awk -F: '$3 == 1000 { found=1 } END { exit !found }' /identity/group; then
|
|
printf 'coder:x:1000:\n' >> /identity/group
|
|
fi
|
|
volumeMounts:
|
|
- name: identity
|
|
mountPath: /identity
|
|
containers:
|
|
- name: code-server
|
|
image: harbor.bwgdi.com/library/earth2studio-demo:v6
|
|
imagePullPolicy: IfNotPresent
|
|
securityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
command:
|
|
- code-server
|
|
args:
|
|
- --bind-addr
|
|
- 0.0.0.0:8080
|
|
- --auth
|
|
- none
|
|
- /workspace
|
|
ports:
|
|
- name: http
|
|
containerPort: 8080
|
|
protocol: TCP
|
|
env:
|
|
- name: HOME
|
|
value: /workspace
|
|
- name: SHELL
|
|
value: /bin/bash
|
|
- name: XDG_CONFIG_HOME
|
|
value: /workspace/.config
|
|
- name: MODEL_ROOT
|
|
value: /models
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: http
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: http
|
|
periodSeconds: 20
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
startupProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: http
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 30
|
|
resources:
|
|
requests:
|
|
cpu: "{{ cpuRequestMillicores }}m"
|
|
memory: "{{ memoryRequestMiB }}Mi"
|
|
limits:
|
|
cpu: "{{ cpuLimitMillicores }}m"
|
|
memory: "{{ memoryLimitMiB }}Mi"
|
|
nvidia.com/gpu: "{{ gpuCount }}"
|
|
nvidia.com/gpumem: "{{ gpuMemoryMiB }}"
|
|
volumeMounts:
|
|
- name: identity
|
|
mountPath: /etc/passwd
|
|
subPath: passwd
|
|
readOnly: true
|
|
- name: identity
|
|
mountPath: /etc/group
|
|
subPath: group
|
|
readOnly: true
|
|
- name: data
|
|
mountPath: /workspace
|
|
- name: model-weights
|
|
mountPath: /models
|
|
- target:
|
|
version: v1
|
|
kind: Secret
|
|
name: "{{ name }}"
|
|
patch: |
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: "{{ name }}"
|
|
labels:
|
|
app.kubernetes.io/component: auth
|
|
app.kubernetes.io/part-of: ocdp-workload
|
|
annotations: {}
|
|
type: Opaque
|
|
data:
|
|
password: dW51c2Vk
|
|
- target:
|
|
version: v1
|
|
kind: Service
|
|
name: "{{ name }}"
|
|
patch: |
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: "{{ name }}"
|
|
labels:
|
|
app.kubernetes.io/component: ide
|
|
app.kubernetes.io/part-of: ocdp-workload
|
|
spec:
|
|
type: NodePort
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
targetPort: http
|
|
protocol: TCP
|