From a92ceddbe933b44436634c8d10b902285213b867 Mon Sep 17 00:00:00 2001 From: Kimonas Sotirchos Date: Wed, 29 May 2024 14:08:37 +0300 Subject: [PATCH] Update kubeflow/kubeflow manifests from v1.9.0-rc.0 Signed-off-by: Kimonas Sotirchos --- README.md | 18 +- .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/configmap.yaml | 225 ++++++++-------- .../upstream/base/deployment.yaml | 10 +- .../upstream/base/kustomization.yaml | 87 ++++--- .../overlays/istio/kustomization.yaml | 49 +++- .../overlays/istio/virtual-service.yaml | 2 +- .../overlays/kserve/kustomization.yaml | 19 +- .../overlays/kserve/patches/configmap.yaml | 231 ++++++++--------- .../overlays/oauth2-proxy/kustomization.yaml | 9 - .../base/configs/spawner_ui_config.yaml | 20 +- .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/kustomization.yaml | 2 +- .../upstream/crd/kustomization.yaml | 9 + .../crd/patches/validation_patches.yaml | 29 +++ .../upstream/manager/manager.yaml | 5 + .../upstream/manager/params.env | 3 +- .../profiles/upstream/base/kustomization.yaml | 2 +- .../upstream/manager/kustomization.yaml | 5 +- .../overlays/kubeflow/kustomization.yaml | 2 +- .../upstream/samples/_v1beta1_profile.yaml | 13 +- .../upstream/base/kustomization.yaml | 2 +- .../crd/bases/kubeflow.org_pvcviewers.yaml | 244 +++++++++++++++++- .../upstream/base/kustomization.yaml | 3 +- .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/params.env | 2 +- .../upstream/base/deployment.yaml | 2 +- .../upstream/base/kustomization.yaml | 2 +- .../upstream/base/viewer-spec.yaml | 19 +- 29 files changed, 668 insertions(+), 352 deletions(-) delete mode 100644 apps/centraldashboard/upstream/overlays/oauth2-proxy/kustomization.yaml create mode 100644 apps/jupyter/notebook-controller/upstream/crd/patches/validation_patches.yaml diff --git a/README.md b/README.md index 29be5cb803..35fbc69715 100644 --- a/README.md +++ b/README.md @@ -44,15 +44,15 @@ This repo periodically syncs all official Kubeflow components from their respect | Component | Local Manifests Path | Upstream Revision | | - | - | - | | Training Operator | apps/training-operator/upstream | [v1.8.0-rc.0](https://github.com/kubeflow/training-operator/tree/v1.8.0-rc.0/manifests) | -| Notebook Controller | apps/jupyter/notebook-controller/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/notebook-controller/config) | -| PVC Viewer Controller | apps/pvcviewer-roller/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/pvcviewer-controller/config) | -| Tensorboard Controller | apps/tensorboard/tensorboard-controller/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/tensorboard-controller/config) | -| Central Dashboard | apps/centraldashboard/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/centraldashboard/manifests) | -| Profiles + KFAM | apps/profiles/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/profile-controller/config) | -| PodDefaults Webhook | apps/admission-webhook/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/admission-webhook/manifests) | -| Jupyter Web App | apps/jupyter/jupyter-web-app/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/crud-web-apps/jupyter/manifests) | -| Tensorboards Web App | apps/tensorboard/tensorboards-web-app/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/crud-web-apps/tensorboards/manifests) | -| Volumes Web App | apps/volumes-web-app/upstream | [v1.8.0](https://github.com/kubeflow/kubeflow/tree/v1.8.0/components/crud-web-apps/volumes/manifests) | +| Notebook Controller | apps/jupyter/notebook-controller/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/notebook-controller/config) | +| PVC Viewer Controller | apps/pvcviewer-roller/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/pvcviewer-controller/config) | +| Tensorboard Controller | apps/tensorboard/tensorboard-controller/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/tensorboard-controller/config) | +| Central Dashboard | apps/centraldashboard/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/centraldashboard/manifests) | +| Profiles + KFAM | apps/profiles/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/profile-controller/config) | +| PodDefaults Webhook | apps/admission-webhook/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/admission-webhook/manifests) | +| Jupyter Web App | apps/jupyter/jupyter-web-app/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/crud-web-apps/jupyter/manifests) | +| Tensorboards Web App | apps/tensorboard/tensorboards-web-app/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/crud-web-apps/tensorboards/manifests) | +| Volumes Web App | apps/volumes-web-app/upstream | [v1.9.0-rc.0](https://github.com/kubeflow/kubeflow/tree/v1.9.0-rc.0/components/crud-web-apps/volumes/manifests) | | Katib | apps/katib/upstream | [v0.17.0-rc.0](https://github.com/kubeflow/katib/tree/v0.17.0-rc.0/manifests/v1beta1) | | KServe | contrib/kserve/kserve | [0.12.1](https://github.com/kserve/kserve/tree/0.12.1/install/v0.12.1) | | KServe Models Web App | contrib/kserve/models-web-app | [v0.10.0](https://github.com/kserve/models-web-app/tree/v0.10.0/config) | diff --git a/apps/admission-webhook/upstream/base/kustomization.yaml b/apps/admission-webhook/upstream/base/kustomization.yaml index 30e42fc695..df9c9358a5 100644 --- a/apps/admission-webhook/upstream/base/kustomization.yaml +++ b/apps/admission-webhook/upstream/base/kustomization.yaml @@ -16,7 +16,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/poddefaults-webhook newName: docker.io/kubeflownotebookswg/poddefaults-webhook - newTag: v1.8.0 + newTag: v1.9.0-rc.0 namespace: kubeflow generatorOptions: disableNameSuffixHash: true diff --git a/apps/centraldashboard/upstream/base/configmap.yaml b/apps/centraldashboard/upstream/base/configmap.yaml index 62f4e3becc..387be4e15f 100644 --- a/apps/centraldashboard/upstream/base/configmap.yaml +++ b/apps/centraldashboard/upstream/base/configmap.yaml @@ -6,128 +6,113 @@ data: } links: |- { - "menuLinks": [ - { - "type": "item", - "link": "/jupyter/", - "text": "Notebooks", - "icon": "book" - }, - { - "type": "item", - "link": "/tensorboards/", - "text": "Tensorboards", - "icon": "assessment" - }, - { - "type": "item", - "link": "/volumes/", - "text": "Volumes", - "icon": "device:storage" - }, - { - "type": "item", - "link": "/models/", - "text": "Endpoints", - "icon": "kubeflow:models" - }, - { - "type": "item", - "link": "/katib/", - "text": "Experiments (AutoML)", - "icon": "kubeflow:katib" - }, - { - "type": "item", - "text": "Experiments (KFP)", - "link": "/pipeline/#/experiments", - "icon": "done-all" - }, - { - "type": "item", - "link": "/pipeline/#/pipelines", - "text": "Pipelines", - "icon": "kubeflow:pipeline-centered" - }, - { - "type": "item", - "link": "/pipeline/#/runs", - "text": "Runs", - "icon": "maps:directions-run" - }, - { - "type": "item", - "link": "/pipeline/#/recurringruns", - "text": "Recurring Runs", - "icon": "device:access-alarm" - }, - { - "type": "item", - "link": "/pipeline/#/artifacts", - "text": "Artifacts", - "icon": "editor:bubble-chart" - }, - { - "type": "item", - "link": "/pipeline/#/executions", - "text": "Executions", - "icon": "av:play-arrow" - } - ], - "externalLinks": [ ], - "quickLinks": [ - { - "text": "Upload a pipeline", - "desc": "Pipelines", - "link": "/pipeline/" - }, - { - "text": "View all pipeline runs", - "desc": "Pipelines", - "link": "/pipeline/#/runs" - }, - { - "text": "Create a new Notebook server", - "desc": "Notebook Servers", - "link": "/jupyter/new?namespace=kubeflow" - }, - { - "text": "View Katib Experiments", - "desc": "Katib", - "link": "/katib/" - } + "menuLinks": [ + { + "icon": "book", + "link": "/jupyter/", + "text": "Notebooks", + "type": "item" + }, + { + "icon": "assessment", + "link": "/tensorboards/", + "text": "TensorBoards", + "type": "item" + }, + { + "icon": "device:storage", + "link": "/volumes/", + "text": "Volumes", + "type": "item" + }, + { + "icon": "kubeflow:katib", + "link": "/katib/", + "text": "Katib Experiments", + "type": "item" + }, + { + "icon": "kubeflow:pipeline-centered", + "items": [ + { + "link": "/pipeline/#/pipelines", + "text": "Pipelines", + "type": "item" + }, + { + "link": "/pipeline/#/experiments", + "text": "Experiments", + "type": "item" + }, + { + "link": "/pipeline/#/runs", + "text": "Runs", + "type": "item" + }, + { + "link": "/pipeline/#/recurringruns", + "text": "Recurring Runs", + "type": "item" + }, + { + "link": "/pipeline/#/artifacts", + "text": "Artifacts", + "type": "item" + }, + { + "link": "/pipeline/#/executions", + "text": "Executions", + "type": "item" + } + ], + "text": "Pipelines", + "type": "section" + } ], + "externalLinks": [], "documentationItems": [ - { - "text": "Getting Started with Kubeflow", - "desc": "Get your machine-learning workflow up and running on Kubeflow", - "link": "https://www.kubeflow.org/docs/started/getting-started/" - }, - { - "text": "MiniKF", - "desc": "A fast and easy way to deploy Kubeflow locally", - "link": "https://www.kubeflow.org/docs/distributions/minikf/" - }, - { - "text": "Microk8s for Kubeflow", - "desc": "Quickly get Kubeflow running locally on native hypervisors", - "link": "https://www.kubeflow.org/docs/distributions/microk8s/kubeflow-on-microk8s/" - }, - { - "text": "Kubeflow on GCP", - "desc": "Running Kubeflow on Kubernetes Engine and Google Cloud Platform", - "link": "https://www.kubeflow.org/docs/gke/" - }, - { - "text": "Kubeflow on AWS", - "desc": "Running Kubeflow on Elastic Container Service and Amazon Web Services", - "link": "https://www.kubeflow.org/docs/aws/" - }, - { - "text": "Requirements for Kubeflow", - "desc": "Get more detailed information about using Kubeflow and its components", - "link": "https://www.kubeflow.org/docs/started/requirements/" - } + { + "desc": "The Kubeflow website", + "link": "https://www.kubeflow.org/", + "text": "Kubeflow Website" + }, + { + "desc": "Documentation for Kubeflow Pipelines", + "link": "https://www.kubeflow.org/docs/components/pipelines/", + "text": "Kubeflow Pipelines Documentation" + }, + { + "desc": "Documentation for Kubeflow Notebooks", + "link": "https://www.kubeflow.org/docs/components/notebooks/", + "text": "Kubeflow Notebooks Documentation" + }, + { + "desc": "Documentation for Kubeflow Training Operator", + "link": "https://www.kubeflow.org/docs/components/training/", + "text": "Kubeflow Training Operator Documentation" + }, + { + "desc": "Documentation for Katib", + "link": "https://www.kubeflow.org/docs/components/katib/", + "text": "Katib Documentation" + } + ], + "quickLinks": [ + { + "desc": "Kubeflow Notebooks", + "link": "/jupyter/new", + "text": "Create a new Notebook" + }, + { + "desc": "Kubeflow Pipelines", + "link": "/pipeline/#/pipelines", + "text": "Upload a Pipeline" + }, + { + "desc": "Pipelines", + "link": "/pipeline/#/runs", + "text": "View Pipeline Runs" + } ] } kind: ConfigMap diff --git a/apps/centraldashboard/upstream/base/deployment.yaml b/apps/centraldashboard/upstream/base/deployment.yaml index 7e2da581cf..f9094e822e 100644 --- a/apps/centraldashboard/upstream/base/deployment.yaml +++ b/apps/centraldashboard/upstream/base/deployment.yaml @@ -31,15 +31,15 @@ spec: protocol: TCP env: - name: USERID_HEADER - value: $(CD_USERID_HEADER) + value: CD_USERID_HEADER_PLACEHOLDER - name: USERID_PREFIX - value: $(CD_USERID_PREFIX) + value: CD_USERID_PREFIX_PLACEHOLDER - name: PROFILES_KFAM_SERVICE_HOST value: profiles-kfam.kubeflow - name: REGISTRATION_FLOW - value: $(CD_REGISTRATION_FLOW) - - name: DASHBOARD_LINKS_CONFIGMAP - value: $(CD_CONFIGMAP_NAME) + value: CD_REGISTRATION_FLOW_PLACEHOLDER + - name: DASHBOARD_CONFIGMAP + value: CD_CONFIGMAP_NAME_PLACEHOLDER - name: LOGOUT_URL value: '/authservice/logout' - name: POD_NAMESPACE diff --git a/apps/centraldashboard/upstream/base/kustomization.yaml b/apps/centraldashboard/upstream/base/kustomization.yaml index d483f351d2..ad03205359 100644 --- a/apps/centraldashboard/upstream/base/kustomization.yaml +++ b/apps/centraldashboard/upstream/base/kustomization.yaml @@ -10,61 +10,74 @@ resources: - service-account.yaml - service.yaml - configmap.yaml -commonLabels: - kustomize.component: centraldashboard - app: centraldashboard - app.kubernetes.io/component: centraldashboard - app.kubernetes.io/name: centraldashboard images: - name: docker.io/kubeflownotebookswg/centraldashboard newName: docker.io/kubeflownotebookswg/centraldashboard - newTag: v1.8.0 + newTag: v1.9.0-rc.0 configMapGenerator: - envs: - params.env name: centraldashboard-parameters generatorOptions: disableNameSuffixHash: true -vars: -- fieldref: - fieldPath: metadata.namespace - name: CD_NAMESPACE - objref: - apiVersion: v1 - kind: Service - name: centraldashboard -- fieldref: - fieldPath: data.CD_CLUSTER_DOMAIN - name: CD_CLUSTER_DOMAIN - objref: - apiVersion: v1 - kind: ConfigMap - name: centraldashboard-parameters -- fieldref: +labels: +- includeSelectors: true + pairs: + app: centraldashboard + app.kubernetes.io/component: centraldashboard + app.kubernetes.io/name: centraldashboard + kustomize.component: centraldashboard + +replacements: +- source: fieldPath: data.CD_USERID_HEADER - name: CD_USERID_HEADER - objref: - apiVersion: v1 kind: ConfigMap name: centraldashboard-parameters -- fieldref: + version: v1 + targets: + - fieldPaths: + - spec.template.spec.containers.0.env.0.value + select: + group: apps + kind: Deployment + name: centraldashboard + version: v1 +- source: fieldPath: data.CD_USERID_PREFIX - name: CD_USERID_PREFIX - objref: - apiVersion: v1 kind: ConfigMap name: centraldashboard-parameters -- fieldref: + version: v1 + targets: + - fieldPaths: + - spec.template.spec.containers.0.env.1.value + select: + group: apps + kind: Deployment + name: centraldashboard + version: v1 +- source: fieldPath: data.CD_REGISTRATION_FLOW - name: CD_REGISTRATION_FLOW - objref: - apiVersion: v1 kind: ConfigMap name: centraldashboard-parameters -- fieldref: + version: v1 + targets: + - fieldPaths: + - spec.template.spec.containers.0.env.3.value + select: + group: apps + kind: Deployment + name: centraldashboard + version: v1 +- source: fieldPath: metadata.name - name: CD_CONFIGMAP_NAME - objref: - apiVersion: v1 kind: ConfigMap name: centraldashboard-config + version: v1 + targets: + - fieldPaths: + - spec.template.spec.containers.0.env.4.value + select: + group: apps + kind: Deployment + name: centraldashboard + version: v1 diff --git a/apps/centraldashboard/upstream/overlays/istio/kustomization.yaml b/apps/centraldashboard/upstream/overlays/istio/kustomization.yaml index 701c5cd71d..c2d2eb6f1e 100644 --- a/apps/centraldashboard/upstream/overlays/istio/kustomization.yaml +++ b/apps/centraldashboard/upstream/overlays/istio/kustomization.yaml @@ -1,18 +1,49 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - ../../base - virtual-service.yaml - authorizationpolicy.yaml - namespace: kubeflow - -commonLabels: - kustomize.component: centraldashboard - app: centraldashboard - app.kubernetes.io/component: centraldashboard - app.kubernetes.io/name: centraldashboard - +replacements: +- source: + fieldPath: metadata.namespace + kind: Service + name: centraldashboard + version: v1 + targets: + - fieldPaths: + - spec.http.0.route.0.destination.host + options: + delimiter: . + index: 1 + select: + group: networking.istio.io + kind: VirtualService + name: centraldashboard + version: v1alpha3 +- source: + fieldPath: data.CD_CLUSTER_DOMAIN + kind: ConfigMap + name: centraldashboard-parameters + version: v1 + targets: + - fieldPaths: + - spec.http.0.route.0.destination.host + options: + delimiter: . + index: 3 + select: + group: networking.istio.io + kind: VirtualService + name: centraldashboard + version: v1alpha3 configurations: - params.yaml +labels: +- includeSelectors: true + pairs: + app: centraldashboard + app.kubernetes.io/component: centraldashboard + app.kubernetes.io/name: centraldashboard + kustomize.component: centraldashboard diff --git a/apps/centraldashboard/upstream/overlays/istio/virtual-service.yaml b/apps/centraldashboard/upstream/overlays/istio/virtual-service.yaml index 0792aff153..30f98018a9 100644 --- a/apps/centraldashboard/upstream/overlays/istio/virtual-service.yaml +++ b/apps/centraldashboard/upstream/overlays/istio/virtual-service.yaml @@ -15,6 +15,6 @@ spec: uri: / route: - destination: - host: centraldashboard.$(CD_NAMESPACE).svc.$(CD_CLUSTER_DOMAIN) + host: centraldashboard.CD_NAMESPACE_PLACEHOLDER.svc.CD_CLUSTER_DOMAIN_PLACEHOLDER port: number: 80 diff --git a/apps/centraldashboard/upstream/overlays/kserve/kustomization.yaml b/apps/centraldashboard/upstream/overlays/kserve/kustomization.yaml index 32945dc1d6..821bd92119 100644 --- a/apps/centraldashboard/upstream/overlays/kserve/kustomization.yaml +++ b/apps/centraldashboard/upstream/overlays/kserve/kustomization.yaml @@ -1,14 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - ../istio - -commonLabels: - kustomize.component: centraldashboard - app: centraldashboard - app.kubernetes.io/component: centraldashboard - app.kubernetes.io/name: centraldashboard - -patchesStrategicMerge: -- patches/configmap.yaml +labels: +- includeSelectors: true + pairs: + app: centraldashboard + app.kubernetes.io/component: centraldashboard + app.kubernetes.io/name: centraldashboard + kustomize.component: centraldashboard +patches: +- path: patches/configmap.yaml diff --git a/apps/centraldashboard/upstream/overlays/kserve/patches/configmap.yaml b/apps/centraldashboard/upstream/overlays/kserve/patches/configmap.yaml index f4c43c1104..581039b313 100644 --- a/apps/centraldashboard/upstream/overlays/kserve/patches/configmap.yaml +++ b/apps/centraldashboard/upstream/overlays/kserve/patches/configmap.yaml @@ -6,128 +6,119 @@ data: } links: |- { - "menuLinks": [ - { - "type": "item", - "link": "/jupyter/", - "text": "Notebooks", - "icon": "book" - }, - { - "type": "item", - "link": "/tensorboards/", - "text": "Tensorboards", - "icon": "assessment" - }, - { - "type": "item", - "link": "/volumes/", - "text": "Volumes", - "icon": "device:storage" - }, - { - "type": "item", - "link": "/kserve-endpoints/", - "text": "Endpoints", - "icon": "kubeflow:models" - }, - { - "type": "item", - "link": "/katib/", - "text": "Experiments (AutoML)", - "icon": "kubeflow:katib" - }, - { - "type": "item", - "text": "Experiments (KFP)", - "link": "/pipeline/#/experiments", - "icon": "done-all" - }, - { - "type": "item", - "link": "/pipeline/#/pipelines", - "text": "Pipelines", - "icon": "kubeflow:pipeline-centered" - }, - { - "type": "item", - "link": "/pipeline/#/runs", - "text": "Runs", - "icon": "maps:directions-run" - }, - { - "type": "item", - "link": "/pipeline/#/recurringruns", - "text": "Recurring Runs", - "icon": "device:access-alarm" - }, - { - "type": "item", - "link": "/pipeline/#/artifacts", - "text": "Artifacts", - "icon": "editor:bubble-chart" - }, - { - "type": "item", - "link": "/pipeline/#/executions", - "text": "Executions", - "icon": "av:play-arrow" - } - ], - "externalLinks": [ ], - "quickLinks": [ - { - "text": "Upload a pipeline", - "desc": "Pipelines", - "link": "/pipeline/" - }, - { - "text": "View all pipeline runs", - "desc": "Pipelines", - "link": "/pipeline/#/runs" - }, - { - "text": "Create a new Notebook server", - "desc": "Notebook Servers", - "link": "/jupyter/new?namespace=kubeflow" - }, - { - "text": "View Katib Experiments", - "desc": "Katib", - "link": "/katib/" - } + "menuLinks": [ + { + "icon": "book", + "link": "/jupyter/", + "text": "Notebooks", + "type": "item" + }, + { + "icon": "assessment", + "link": "/tensorboards/", + "text": "TensorBoards", + "type": "item" + }, + { + "icon": "device:storage", + "link": "/volumes/", + "text": "Volumes", + "type": "item" + }, + { + "icon": "kubeflow:katib", + "link": "/katib/", + "text": "Katib Experiments", + "type": "item" + }, + { + "type": "item", + "link": "/models/", + "text": "KServe Endpoints", + "icon": "kubeflow:models" + }, + { + "icon": "kubeflow:pipeline-centered", + "items": [ + { + "link": "/pipeline/#/pipelines", + "text": "Pipelines", + "type": "item" + }, + { + "link": "/pipeline/#/experiments", + "text": "Experiments", + "type": "item" + }, + { + "link": "/pipeline/#/runs", + "text": "Runs", + "type": "item" + }, + { + "link": "/pipeline/#/recurringruns", + "text": "Recurring Runs", + "type": "item" + }, + { + "link": "/pipeline/#/artifacts", + "text": "Artifacts", + "type": "item" + }, + { + "link": "/pipeline/#/executions", + "text": "Executions", + "type": "item" + } + ], + "text": "Pipelines", + "type": "section" + } ], + "externalLinks": [], "documentationItems": [ - { - "text": "Getting Started with Kubeflow", - "desc": "Get your machine-learning workflow up and running on Kubeflow", - "link": "https://www.kubeflow.org/docs/started/getting-started/" - }, - { - "text": "MiniKF", - "desc": "A fast and easy way to deploy Kubeflow locally", - "link": "https://www.kubeflow.org/docs/distributions/minikf/" - }, - { - "text": "Microk8s for Kubeflow", - "desc": "Quickly get Kubeflow running locally on native hypervisors", - "link": "https://www.kubeflow.org/docs/distributions/microk8s/kubeflow-on-microk8s/" - }, - { - "text": "Kubeflow on GCP", - "desc": "Running Kubeflow on Kubernetes Engine and Google Cloud Platform", - "link": "https://www.kubeflow.org/docs/gke/" - }, - { - "text": "Kubeflow on AWS", - "desc": "Running Kubeflow on Elastic Container Service and Amazon Web Services", - "link": "https://www.kubeflow.org/docs/aws/" - }, - { - "text": "Requirements for Kubeflow", - "desc": "Get more detailed information about using Kubeflow and its components", - "link": "https://www.kubeflow.org/docs/started/requirements/" - } + { + "desc": "The Kubeflow website", + "link": "https://www.kubeflow.org/", + "text": "Kubeflow Website" + }, + { + "desc": "Documentation for Kubeflow Pipelines", + "link": "https://www.kubeflow.org/docs/components/pipelines/", + "text": "Kubeflow Pipelines Documentation" + }, + { + "desc": "Documentation for Kubeflow Notebooks", + "link": "https://www.kubeflow.org/docs/components/notebooks/", + "text": "Kubeflow Notebooks Documentation" + }, + { + "desc": "Documentation for Kubeflow Training Operator", + "link": "https://www.kubeflow.org/docs/components/training/", + "text": "Kubeflow Training Operator Documentation" + }, + { + "desc": "Documentation for Katib", + "link": "https://www.kubeflow.org/docs/components/katib/", + "text": "Katib Documentation" + } + ], + "quickLinks": [ + { + "desc": "Kubeflow Notebooks", + "link": "/jupyter/new", + "text": "Create a new Notebook" + }, + { + "desc": "Kubeflow Pipelines", + "link": "/pipeline/#/pipelines", + "text": "Upload a Pipeline" + }, + { + "desc": "Pipelines", + "link": "/pipeline/#/runs", + "text": "View Pipeline Runs" + } ] } kind: ConfigMap diff --git a/apps/centraldashboard/upstream/overlays/oauth2-proxy/kustomization.yaml b/apps/centraldashboard/upstream/overlays/oauth2-proxy/kustomization.yaml deleted file mode 100644 index 7115c8893a..0000000000 --- a/apps/centraldashboard/upstream/overlays/oauth2-proxy/kustomization.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: -# Using kserve overlay because it's also used in example installation. -- ../kserve - -components: -- ../../../../../common/oidc-client/oauth2-proxy/components/central-dashboard diff --git a/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml b/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml index 8f880c53f3..ddd910f7bb 100644 --- a/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml +++ b/apps/jupyter/jupyter-web-app/upstream/base/configs/spawner_ui_config.yaml @@ -37,15 +37,15 @@ spawnerFormDefaults: ################################################################ image: # the default container image - value: kubeflownotebookswg/jupyter-scipy:v1.8.0 + value: kubeflownotebookswg/jupyter-scipy:v1.9.0-rc.0 # the list of available container images in the dropdown options: - - kubeflownotebookswg/jupyter-scipy:v1.8.0 - - kubeflownotebookswg/jupyter-pytorch-full:v1.8.0 - - kubeflownotebookswg/jupyter-pytorch-cuda-full:v1.8.0 - - kubeflownotebookswg/jupyter-tensorflow-full:v1.8.0 - - kubeflownotebookswg/jupyter-tensorflow-cuda-full:v1.8.0 + - kubeflownotebookswg/jupyter-scipy:v1.9.0-rc.0 + - kubeflownotebookswg/jupyter-pytorch-full:v1.9.0-rc.0 + - kubeflownotebookswg/jupyter-pytorch-cuda-full:v1.9.0-rc.0 + - kubeflownotebookswg/jupyter-tensorflow-full:v1.9.0-rc.0 + - kubeflownotebookswg/jupyter-tensorflow-cuda-full:v1.9.0-rc.0 ################################################################ # VSCode-like Container Images (Group 1) @@ -60,11 +60,11 @@ spawnerFormDefaults: ################################################################ imageGroupOne: # the default container image - value: kubeflownotebookswg/codeserver-python:v1.8.0 + value: kubeflownotebookswg/codeserver-python:v1.9.0-rc.0 # the list of available container images in the dropdown options: - - kubeflownotebookswg/codeserver-python:v1.8.0 + - kubeflownotebookswg/codeserver-python:v1.9.0-rc.0 ################################################################ # RStudio-like Container Images (Group 2) @@ -81,11 +81,11 @@ spawnerFormDefaults: ################################################################ imageGroupTwo: # the default container image - value: kubeflownotebookswg/rstudio-tidyverse:v1.8.0 + value: kubeflownotebookswg/rstudio-tidyverse:v1.9.0-rc.0 # the list of available container images in the dropdown options: - - kubeflownotebookswg/rstudio-tidyverse:v1.8.0 + - kubeflownotebookswg/rstudio-tidyverse:v1.9.0-rc.0 ################################################################ # CPU Resources diff --git a/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml b/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml index b6dbc23420..4f5f7583d3 100644 --- a/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml +++ b/apps/jupyter/jupyter-web-app/upstream/base/kustomization.yaml @@ -23,7 +23,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/jupyter-web-app newName: docker.io/kubeflownotebookswg/jupyter-web-app - newTag: v1.8.0 + newTag: v1.9.0-rc.0 # We need the name to be unique without the suffix because the original name is what # gets used with patches configMapGenerator: diff --git a/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml b/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml index bbc7391844..066a3bbd11 100644 --- a/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml +++ b/apps/jupyter/notebook-controller/upstream/base/kustomization.yaml @@ -5,4 +5,4 @@ resources: images: - name: docker.io/kubeflownotebookswg/notebook-controller newName: docker.io/kubeflownotebookswg/notebook-controller - newTag: v1.8.0 + newTag: v1.9.0-rc.0 diff --git a/apps/jupyter/notebook-controller/upstream/crd/kustomization.yaml b/apps/jupyter/notebook-controller/upstream/crd/kustomization.yaml index 4e55699a05..8dac3f0e48 100644 --- a/apps/jupyter/notebook-controller/upstream/crd/kustomization.yaml +++ b/apps/jupyter/notebook-controller/upstream/crd/kustomization.yaml @@ -21,3 +21,12 @@ patchesStrategicMerge: # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: - kustomizeconfig.yaml + +patchesJson6902: + - target: + group: apiextensions.k8s.io + version: v1 + kind: CustomResourceDefinition + name: notebooks.kubeflow.org + path: patches/validation_patches.yaml + diff --git a/apps/jupyter/notebook-controller/upstream/crd/patches/validation_patches.yaml b/apps/jupyter/notebook-controller/upstream/crd/patches/validation_patches.yaml new file mode 100644 index 0000000000..7bb93c2f47 --- /dev/null +++ b/apps/jupyter/notebook-controller/upstream/crd/patches/validation_patches.yaml @@ -0,0 +1,29 @@ +- op: replace + path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/template/properties/spec/properties/containers/items/required + value: + - name + - image + +- op: replace + path: /spec/versions/1/schema/openAPIV3Schema/properties/spec/properties/template/properties/spec/properties/containers/items/required + value: + - name + - image + +- op: replace + path: /spec/versions/2/schema/openAPIV3Schema/properties/spec/properties/template/properties/spec/properties/containers/items/required + value: + - name + - image + +- op: add + path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/template/properties/spec/properties/containers/minItems + value: 1 + +- op: add + path: /spec/versions/1/schema/openAPIV3Schema/properties/spec/properties/template/properties/spec/properties/containers/minItems + value: 1 + +- op: add + path: /spec/versions/2/schema/openAPIV3Schema/properties/spec/properties/template/properties/spec/properties/containers/minItems + value: 1 diff --git a/apps/jupyter/notebook-controller/upstream/manager/manager.yaml b/apps/jupyter/notebook-controller/upstream/manager/manager.yaml index c51a7b1cd8..e66fbe7f4b 100644 --- a/apps/jupyter/notebook-controller/upstream/manager/manager.yaml +++ b/apps/jupyter/notebook-controller/upstream/manager/manager.yaml @@ -32,6 +32,11 @@ spec: configMapKeyRef: name: config key: ISTIO_GATEWAY + - name: ISTIO_HOST + valueFrom: + configMapKeyRef: + name: config + key: ISTIO_HOST - name: CLUSTER_DOMAIN valueFrom: configMapKeyRef: diff --git a/apps/jupyter/notebook-controller/upstream/manager/params.env b/apps/jupyter/notebook-controller/upstream/manager/params.env index 8ab2bf275c..232af1d568 100644 --- a/apps/jupyter/notebook-controller/upstream/manager/params.env +++ b/apps/jupyter/notebook-controller/upstream/manager/params.env @@ -1,6 +1,7 @@ USE_ISTIO=true ISTIO_GATEWAY=kubeflow/kubeflow-gateway +ISTIO_HOST=* CLUSTER_DOMAIN=cluster.local ENABLE_CULLING=false CULL_IDLE_TIME=1440 -IDLENESS_CHECK_PERIOD=1 \ No newline at end of file +IDLENESS_CHECK_PERIOD=1 diff --git a/apps/profiles/upstream/base/kustomization.yaml b/apps/profiles/upstream/base/kustomization.yaml index b6e7d641ce..b4a42ce328 100644 --- a/apps/profiles/upstream/base/kustomization.yaml +++ b/apps/profiles/upstream/base/kustomization.yaml @@ -12,7 +12,7 @@ patchesStrategicMerge: images: - name: docker.io/kubeflownotebookswg/profile-controller newName: docker.io/kubeflownotebookswg/profile-controller - newTag: v1.8.0 + newTag: v1.9.0-rc.0 configMapGenerator: - name: namespace-labels-data diff --git a/apps/profiles/upstream/manager/kustomization.yaml b/apps/profiles/upstream/manager/kustomization.yaml index e5b6827b42..f72d05bd23 100644 --- a/apps/profiles/upstream/manager/kustomization.yaml +++ b/apps/profiles/upstream/manager/kustomization.yaml @@ -8,4 +8,7 @@ configMapGenerator: - WORKLOAD_IDENTITY= - USERID_HEADER="kubeflow-userid" - USERID_PREFIX= - name: config \ No newline at end of file + - ISTIO_INGRESS_GATEWAY_PRINCIPAL="cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account" + - NOTEBOOK_CONTROLLER_PRINCIPAL="cluster.local/ns/kubeflow/sa/notebook-controller-service-account" + - KFP_UI_PRINCIPAL="cluster.local/ns/kubeflow/sa/ml-pipeline-ui" + name: config diff --git a/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml b/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml index 22c6de2933..692f8c7ed5 100644 --- a/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml +++ b/apps/profiles/upstream/overlays/kubeflow/kustomization.yaml @@ -29,4 +29,4 @@ vars: images: - name: docker.io/kubeflownotebookswg/kfam newName: docker.io/kubeflownotebookswg/kfam - newTag: v1.8.0 + newTag: v1.9.0-rc.0 diff --git a/apps/profiles/upstream/samples/_v1beta1_profile.yaml b/apps/profiles/upstream/samples/_v1beta1_profile.yaml index 7e4a070b45..624cf322cc 100644 --- a/apps/profiles/upstream/samples/_v1beta1_profile.yaml +++ b/apps/profiles/upstream/samples/_v1beta1_profile.yaml @@ -1,6 +1,15 @@ apiVersion: kubeflow.org/v1beta1 kind: Profile metadata: - name: profile-sample + name: test-user-profile #replace with the name of profile you want, this will be user's namespace name spec: - # TODO(user): Add fields here + owner: + kind: User + name: test-user@kubeflow.org + resourceQuotaSpec: # resource quota can be set optionally + hard: + cpu: "2" + memory: 2Gi + requests.nvidia.com/gpu: "1" + persistentvolumeclaims: "1" + requests.storage: "5Gi" \ No newline at end of file diff --git a/apps/pvcviewer-controller/upstream/base/kustomization.yaml b/apps/pvcviewer-controller/upstream/base/kustomization.yaml index 6eefe718db..3bb3239efa 100644 --- a/apps/pvcviewer-controller/upstream/base/kustomization.yaml +++ b/apps/pvcviewer-controller/upstream/base/kustomization.yaml @@ -6,4 +6,4 @@ resources: images: - name: docker.io/kubeflownotebookswg/pvcviewer-controller newName: docker.io/kubeflownotebookswg/pvcviewer-controller - newTag: v1.8.0 + newTag: v1.9.0-rc.0 diff --git a/apps/pvcviewer-controller/upstream/crd/bases/kubeflow.org_pvcviewers.yaml b/apps/pvcviewer-controller/upstream/crd/bases/kubeflow.org_pvcviewers.yaml index 7fe67094bb..f5d89ced02 100644 --- a/apps/pvcviewer-controller/upstream/crd/bases/kubeflow.org_pvcviewers.yaml +++ b/apps/pvcviewer-controller/upstream/crd/bases/kubeflow.org_pvcviewers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.10.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: pvcviewers.kubeflow.org spec: group: kubeflow.org @@ -172,6 +172,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -240,6 +250,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -306,6 +326,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -374,6 +404,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -553,6 +593,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -603,6 +651,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -799,8 +855,33 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -818,6 +899,8 @@ spec: x-kubernetes-int-or-string: true type: object type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -1170,6 +1253,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1220,6 +1311,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1416,8 +1515,33 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -1435,6 +1559,8 @@ spec: x-kubernetes-int-or-string: true type: object type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -1794,6 +1920,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1844,6 +1978,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2040,8 +2182,33 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -2059,6 +2226,8 @@ spec: x-kubernetes-int-or-string: true type: object type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2284,12 +2453,43 @@ spec: - conditionType type: object type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map restartPolicy: type: string runtimeClassName: type: string schedulerName: type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map securityContext: properties: fsGroup: @@ -2661,11 +2861,12 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name type: object - x-kubernetes-map-type: atomic resources: properties: limits: @@ -2711,6 +2912,8 @@ spec: x-kubernetes-map-type: atomic storageClassName: type: string + volumeAttributesClassName: + type: string volumeMode: type: string volumeName: @@ -2899,6 +3102,43 @@ spec: sources: items: properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object configMap: properties: items: diff --git a/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml b/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml index 46084b2639..05df21bff5 100644 --- a/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml +++ b/apps/tensorboard/tensorboard-controller/upstream/base/kustomization.yaml @@ -8,9 +8,10 @@ configMapGenerator: - RWO_PVC_SCHEDULING="True" - TENSORBOARD_IMAGE=tensorflow/tensorflow:2.5.1 - ISTIO_GATEWAY=kubeflow/kubeflow-gateway + - ISTIO_HOST=* patchesStrategicMerge: - patches/add_controller_config.yaml images: - name: docker.io/kubeflownotebookswg/tensorboard-controller newName: docker.io/kubeflownotebookswg/tensorboard-controller - newTag: v1.8.0 + newTag: v1.9.0-rc.0 diff --git a/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml b/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml index 09a0e9848e..8822c054de 100644 --- a/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml +++ b/apps/tensorboard/tensorboards-web-app/upstream/base/kustomization.yaml @@ -14,7 +14,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/tensorboards-web-app newName: docker.io/kubeflownotebookswg/tensorboards-web-app - newTag: v1.8.0 + newTag: v1.9.0-rc.0 # We need the name to be unique without the suffix because the original name is what # gets used with patches configMapGenerator: diff --git a/apps/tensorboard/tensorboards-web-app/upstream/base/params.env b/apps/tensorboard/tensorboards-web-app/upstream/base/params.env index e21d77d542..d85c165482 100644 --- a/apps/tensorboard/tensorboards-web-app/upstream/base/params.env +++ b/apps/tensorboard/tensorboards-web-app/upstream/base/params.env @@ -2,4 +2,4 @@ TWA_CLUSTER_DOMAIN=cluster.local TWA_USERID_HEADER=kubeflow-userid TWA_USERID_PREFIX= TWA_PREFIX=/tensorboards -TWA_APP_SECURE_COOKIES=true +TWA_APP_SECURE_COOKIES=true diff --git a/apps/volumes-web-app/upstream/base/deployment.yaml b/apps/volumes-web-app/upstream/base/deployment.yaml index ab144d0314..de520ba55a 100644 --- a/apps/volumes-web-app/upstream/base/deployment.yaml +++ b/apps/volumes-web-app/upstream/base/deployment.yaml @@ -21,7 +21,7 @@ spec: - name: APP_SECURE_COOKIES value: $(VWA_APP_SECURE_COOKIES) - name: VOLUME_VIEWER_IMAGE - value: filebrowser/filebrowser:latest + value: filebrowser/filebrowser:v2.25.0 volumeMounts: - name: viewer-spec mountPath: /etc/config/viewer-spec.yaml diff --git a/apps/volumes-web-app/upstream/base/kustomization.yaml b/apps/volumes-web-app/upstream/base/kustomization.yaml index 058a8a81c3..1f8b38dd05 100644 --- a/apps/volumes-web-app/upstream/base/kustomization.yaml +++ b/apps/volumes-web-app/upstream/base/kustomization.yaml @@ -14,7 +14,7 @@ commonLabels: images: - name: docker.io/kubeflownotebookswg/volumes-web-app newName: docker.io/kubeflownotebookswg/volumes-web-app - newTag: v1.8.0 + newTag: v1.9.0-rc.0 # We need the name to be unique without the suffix because the original name is what # gets used with patches configMapGenerator: diff --git a/apps/volumes-web-app/upstream/base/viewer-spec.yaml b/apps/volumes-web-app/upstream/base/viewer-spec.yaml index 46a87ffd78..2bf7ff70ca 100644 --- a/apps/volumes-web-app/upstream/base/viewer-spec.yaml +++ b/apps/volumes-web-app/upstream/base/viewer-spec.yaml @@ -3,7 +3,8 @@ # Additionally, 'PVC_NAME', 'NAME' and 'NAMESPACE' are defined # Name of the pvc is set by the volumes web app pvc: $NAME -podTemplate: +podSpec: + serviceAccountName: default-editor containers: - name: main image: $VOLUME_VIEWER_IMAGE @@ -26,12 +27,20 @@ podTemplate: # viewer-volume is provided automatically by the volumes web app volumeMounts: - name: viewer-volume - mountPath: /data - workingDir: /data - serviceAccountName: default-editor + mountPath: /srv + workingDir: /srv + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + volumes: + - name: viewer-volume + persistentVolumeClaim: + claimName: $NAME networking: targetPort: 8080 basePrefix: "/pvcviewers" rewrite: "/" timeout: 30s -rwoScheduling: true \ No newline at end of file +rwoScheduling: true