Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-16 06:47:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/mlflow] feat: 🔒 Add resource preset support (#23490)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-02-15 12:27:51 +01:00
committed by GitHub
parent 27a4bb00b2
commit 9e744fe7c7
8 changed files with 274 additions and 263 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bitnami/mlflow/Chart.lock
View File

@@ -7,6 +7,6 @@ dependencies:
version: 13.4.4
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.14.1
digest: sha256:4f4239bb40f51aa940469e0f057cd584b03e9a376f67844e8515b6cd1c26e930
generated: "2024-02-02T23:55:28.138368506Z"
version: 2.15.3
digest: sha256:51b52404204c6eb8c640ce1f584bbd17d42c67474da18d678d50338bcbbc90b0
generated: "2024-02-14T15:33:26.152717876+01:00"

2
bitnami/mlflow/Chart.yaml
View File

@@ -43,4 +43,4 @@ name: mlflow
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mlflow
- https://github.com/mlflow/mlflow
version: 0.8.0
version: 0.9.0

442
bitnami/mlflow/README.md
View File

@@ -101,107 +101,107 @@ The command removes all the Kubernetes components associated with the chart and
### MLflow Tracking parameters
| Name | Description | Value |
| ------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
| `tracking.enabled` | Enable Tracking server | `true` |
| `tracking.replicaCount` | Number of mlflow replicas to deploy | `1` |
| `tracking.containerPorts.http` | mlflow HTTP container port | `5000` |
| `tracking.livenessProbe.enabled` | Enable livenessProbe on mlflow containers | `true` |
| `tracking.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `tracking.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `tracking.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `tracking.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `tracking.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `tracking.readinessProbe.enabled` | Enable readinessProbe on mlflow containers | `true` |
| `tracking.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `tracking.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `tracking.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `tracking.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `tracking.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `tracking.startupProbe.enabled` | Enable startupProbe on mlflow containers | `false` |
| `tracking.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` |
| `tracking.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `tracking.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `tracking.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` |
| `tracking.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `tracking.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `tracking.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `tracking.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `tracking.resources.limits` | The resources limits for the mlflow containers | `{}` |
| `tracking.resources.requests` | The requested resources for the mlflow containers | `{}` |
| `tracking.podSecurityContext.enabled` | Enabled mlflow pods' Security Context | `true` |
| `tracking.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `tracking.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `tracking.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `tracking.podSecurityContext.fsGroup` | Set mlflow pod's Security Context fsGroup | `1001` |
| `tracking.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `tracking.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `tracking.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `tracking.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` |
| `tracking.containerSecurityContext.privileged` | Set containers' Security Context privileged | `false` |
| `tracking.containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` |
| `tracking.containerSecurityContext.readOnlyRootFilesystem` | Set containers' Security Context runAsNonRoot | `true` |
| `tracking.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
| `tracking.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
| `tracking.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `tracking.auth.enabled` | Enable basic authentication | `true` |
| `tracking.auth.username` | Admin username | `user` |
| `tracking.auth.password` | Admin password | `""` |
| `tracking.auth.existingSecret` | Name of a secret containing the admin password | `""` |
| `tracking.auth.existingSecretUserKey` | Key inside the secret containing the admin password | `""` |
| `tracking.auth.existingSecretPasswordKey` | Key inside the secret containing the admin password | `""` |
| `tracking.auth.extraOverrides` | Add extra settings to the basic_auth.ini file | `{}` |
| `tracking.auth.overridesConfigMap` | Name of a ConfigMap containing overrides to the basic_auth.ini file | `""` |
| `tracking.tls.enabled` | Enable TLS traffic support | `false` |
| `tracking.tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` |
| `tracking.tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` |
| `tracking.tls.certFilename` | Certificate filename | `""` |
| `tracking.tls.certKeyFilename` | Certificate key filename | `""` |
| `tracking.tls.certCAFilename` | CA Certificate filename | `""` |
| `tracking.command` | Override default container command (useful when using custom images) | `[]` |
| `tracking.args` | Override default container args (useful when using custom images) | `[]` |
| `tracking.extraArgs` | Add extra arguments together with the default ones | `[]` |
| `tracking.runUpgradeDB` | Add an init container to run mlflow db upgrade | `false` |
| `tracking.automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `tracking.hostAliases` | mlflow pods host aliases | `[]` |
| `tracking.podLabels` | Extra labels for mlflow pods | `{}` |
| `tracking.podAnnotations` | Annotations for mlflow pods | `{}` |
| `tracking.podAffinityPreset` | Pod affinity preset. Ignored if `.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `tracking.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `tracking.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` |
| `tracking.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` |
| `tracking.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` |
| `tracking.autoscaling.hpa.enabled` | Enable HPA | `false` |
| `tracking.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` |
| `tracking.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` |
| `tracking.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
| `tracking.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
| `tracking.autoscaling.vpa.enabled` | Enable VPA | `false` |
| `tracking.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` |
| `tracking.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` |
| `tracking.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
| `tracking.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
| `tracking.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
| `tracking.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `tracking.nodeAffinityPreset.key` | Node label key to match. Ignored if `.affinity` is set | `""` |
| `tracking.nodeAffinityPreset.values` | Node label values to match. Ignored if `.affinity` is set | `[]` |
| `tracking.affinity` | Affinity for mlflow pods assignment | `{}` |
| `tracking.nodeSelector` | Node labels for mlflow pods assignment | `{}` |
| `tracking.tolerations` | Tolerations for mlflow pods assignment | `[]` |
| `tracking.updateStrategy.type` | mlflow statefulset strategy type | `RollingUpdate` |
| `tracking.priorityClassName` | mlflow pods' priorityClassName | `""` |
| `tracking.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
| `tracking.schedulerName` | Name of the k8s scheduler (other than default) for mlflow pods | `""` |
| `tracking.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` |
| `tracking.lifecycleHooks` | for the mlflow container(s) to automate configuration before or after startup | `{}` |
| `tracking.extraEnvVars` | Array with extra environment variables to add to mlflow nodes | `[]` |
| `tracking.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for mlflow nodes | `""` |
| `tracking.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for mlflow nodes | `""` |
| `tracking.extraVolumes` | Optionally specify extra list of additional volumes for the mlflow pod(s) | `[]` |
| `tracking.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the mlflow container(s) | `[]` |
| `tracking.sidecars` | Add additional sidecar containers to the mlflow pod(s) | `[]` |
| `tracking.enableDefaultInitContainers` | Add default init containers to the deployment | `true` |
| `tracking.initContainers` | Add additional init containers to the mlflow pod(s) | `[]` |
| Name | Description | Value |
| ------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
| `tracking.enabled` | Enable Tracking server | `true` |
| `tracking.replicaCount` | Number of mlflow replicas to deploy | `1` |
| `tracking.containerPorts.http` | mlflow HTTP container port | `5000` |
| `tracking.livenessProbe.enabled` | Enable livenessProbe on mlflow containers | `true` |
| `tracking.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `tracking.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `tracking.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `tracking.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `tracking.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `tracking.readinessProbe.enabled` | Enable readinessProbe on mlflow containers | `true` |
| `tracking.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `tracking.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `tracking.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `tracking.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `tracking.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `tracking.startupProbe.enabled` | Enable startupProbe on mlflow containers | `false` |
| `tracking.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` |
| `tracking.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `tracking.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `tracking.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` |
| `tracking.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `tracking.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `tracking.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `tracking.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `tracking.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if tracking.resources is set (tracking.resources is recommended for production). | `none` |
| `tracking.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `tracking.podSecurityContext.enabled` | Enabled mlflow pods' Security Context | `true` |
| `tracking.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `tracking.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `tracking.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `tracking.podSecurityContext.fsGroup` | Set mlflow pod's Security Context fsGroup | `1001` |
| `tracking.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `tracking.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `tracking.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `tracking.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` |
| `tracking.containerSecurityContext.privileged` | Set containers' Security Context privileged | `false` |
| `tracking.containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` |
| `tracking.containerSecurityContext.readOnlyRootFilesystem` | Set containers' Security Context runAsNonRoot | `true` |
| `tracking.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
| `tracking.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
| `tracking.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `tracking.auth.enabled` | Enable basic authentication | `true` |
| `tracking.auth.username` | Admin username | `user` |
| `tracking.auth.password` | Admin password | `""` |
| `tracking.auth.existingSecret` | Name of a secret containing the admin password | `""` |
| `tracking.auth.existingSecretUserKey` | Key inside the secret containing the admin password | `""` |
| `tracking.auth.existingSecretPasswordKey` | Key inside the secret containing the admin password | `""` |
| `tracking.auth.extraOverrides` | Add extra settings to the basic_auth.ini file | `{}` |
| `tracking.auth.overridesConfigMap` | Name of a ConfigMap containing overrides to the basic_auth.ini file | `""` |
| `tracking.tls.enabled` | Enable TLS traffic support | `false` |
| `tracking.tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` |
| `tracking.tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` |
| `tracking.tls.certFilename` | Certificate filename | `""` |
| `tracking.tls.certKeyFilename` | Certificate key filename | `""` |
| `tracking.tls.certCAFilename` | CA Certificate filename | `""` |
| `tracking.command` | Override default container command (useful when using custom images) | `[]` |
| `tracking.args` | Override default container args (useful when using custom images) | `[]` |
| `tracking.extraArgs` | Add extra arguments together with the default ones | `[]` |
| `tracking.runUpgradeDB` | Add an init container to run mlflow db upgrade | `false` |
| `tracking.automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `tracking.hostAliases` | mlflow pods host aliases | `[]` |
| `tracking.podLabels` | Extra labels for mlflow pods | `{}` |
| `tracking.podAnnotations` | Annotations for mlflow pods | `{}` |
| `tracking.podAffinityPreset` | Pod affinity preset. Ignored if `.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `tracking.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `tracking.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` |
| `tracking.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` |
| `tracking.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` |
| `tracking.autoscaling.hpa.enabled` | Enable HPA | `false` |
| `tracking.autoscaling.hpa.minReplicas` | Minimum number of replicas | `""` |
| `tracking.autoscaling.hpa.maxReplicas` | Maximum number of replicas | `""` |
| `tracking.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
| `tracking.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
| `tracking.autoscaling.vpa.enabled` | Enable VPA | `false` |
| `tracking.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` |
| `tracking.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` |
| `tracking.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
| `tracking.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
| `tracking.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
| `tracking.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `tracking.nodeAffinityPreset.key` | Node label key to match. Ignored if `.affinity` is set | `""` |
| `tracking.nodeAffinityPreset.values` | Node label values to match. Ignored if `.affinity` is set | `[]` |
| `tracking.affinity` | Affinity for mlflow pods assignment | `{}` |
| `tracking.nodeSelector` | Node labels for mlflow pods assignment | `{}` |
| `tracking.tolerations` | Tolerations for mlflow pods assignment | `[]` |
| `tracking.updateStrategy.type` | mlflow statefulset strategy type | `RollingUpdate` |
| `tracking.priorityClassName` | mlflow pods' priorityClassName | `""` |
| `tracking.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
| `tracking.schedulerName` | Name of the k8s scheduler (other than default) for mlflow pods | `""` |
| `tracking.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` |
| `tracking.lifecycleHooks` | for the mlflow container(s) to automate configuration before or after startup | `{}` |
| `tracking.extraEnvVars` | Array with extra environment variables to add to mlflow nodes | `[]` |
| `tracking.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for mlflow nodes | `""` |
| `tracking.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for mlflow nodes | `""` |
| `tracking.extraVolumes` | Optionally specify extra list of additional volumes for the mlflow pod(s) | `[]` |
| `tracking.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the mlflow container(s) | `[]` |
| `tracking.sidecars` | Add additional sidecar containers to the mlflow pod(s) | `[]` |
| `tracking.enableDefaultInitContainers` | Add default init containers to the deployment | `true` |
| `tracking.initContainers` | Add additional init containers to the mlflow pod(s) | `[]` |
### MLflow Tracking Traffic Exposure Parameters
@@ -287,100 +287,100 @@ The command removes all the Kubernetes components associated with the chart and
### MLflow Run Parameters
| Name | Description | Value |
| ------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | ---------------- |
| `run.enabled` | Enable Run deployment | `true` |
| `run.useJob` | Deploy as job | `false` |
| `run.backoffLimit` | set backoff limit of the job | `10` |
| `run.restartPolicy` | set restart policy of the job | `OnFailure` |
| `run.extraEnvVars` | Array with extra environment variables to add to run nodes | `[]` |
| `run.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for run nodes | `""` |
| `run.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for run nodes | `""` |
| `run.annotations` | Annotations for the run deployment | `{}` |
| `run.command` | Override default container command (useful when using custom images) | `[]` |
| `run.args` | Override default container args (useful when using custom images) | `[]` |
| `run.terminationGracePeriodSeconds` | Run termination grace period (in seconds) | `""` |
| `run.livenessProbe.enabled` | Enable livenessProbe on Run nodes | `true` |
| `run.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `run.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` |
| `run.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `20` |
| `run.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `run.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `run.readinessProbe.enabled` | Enable readinessProbe on Run nodes | `true` |
| `run.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `run.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` |
| `run.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `20` |
| `run.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `run.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `run.startupProbe.enabled` | Enable startupProbe on Run containers | `false` |
| `run.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` |
| `run.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` |
| `run.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `run.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` |
| `run.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `run.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `run.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `run.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `run.resources.limits` | The resources limits for the run containers | `{}` |
| `run.resources.requests` | The requested resources for the run containers | `{}` |
| `run.podSecurityContext.enabled` | Enabled Run pods' Security Context | `true` |
| `run.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `run.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `run.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `run.podSecurityContext.fsGroup` | Set Run pod's Security Context fsGroup | `1001` |
| `run.containerSecurityContext.enabled` | Enabled Run containers' Security Context | `true` |
| `run.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `run.containerSecurityContext.runAsUser` | Set Run containers' Security Context runAsUser | `1001` |
| `run.containerSecurityContext.runAsGroup` | Set Run containers' Security Context runAsGroup | `1001` |
| `run.containerSecurityContext.runAsNonRoot` | Set Run containers' Security Context runAsNonRoot | `true` |
| `run.containerSecurityContext.privileged` | Set Run containers' Security Context privileged | `false` |
| `run.containerSecurityContext.readOnlyRootFilesystem` | Set Run containers' Security Context runAsNonRoot | `true` |
| `run.containerSecurityContext.allowPrivilegeEscalation` | Set Run container's privilege escalation | `false` |
| `run.containerSecurityContext.capabilities.drop` | Set Run container's Security Context runAsNonRoot | `["ALL"]` |
| `run.containerSecurityContext.seccompProfile.type` | Set Run container's Security Context seccomp profile | `RuntimeDefault` |
| `run.lifecycleHooks` | for the run container(s) to automate configuration before or after startup | `{}` |
| `run.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` |
| `run.automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `run.hostAliases` | run pods host aliases | `[]` |
| `run.labels` | Extra labels for the run deployment | `{}` |
| `run.podLabels` | Extra labels for run pods | `{}` |
| `run.podAnnotations` | Annotations for run pods | `{}` |
| `run.podAffinityPreset` | Pod affinity preset. Ignored if `run.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `run.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `run.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `run.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `run.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `run.nodeAffinityPreset.key` | Node label key to match. Ignored if `run.affinity` is set | `""` |
| `run.nodeAffinityPreset.values` | Node label values to match. Ignored if `run.affinity` is set | `[]` |
| `run.affinity` | Affinity for Run pods assignment | `{}` |
| `run.nodeSelector` | Node labels for Run pods assignment | `{}` |
| `run.tolerations` | Tolerations for Run pods assignment | `[]` |
| `run.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` |
| `run.priorityClassName` | Run pods' priorityClassName | `""` |
| `run.schedulerName` | Kubernetes pod scheduler registry | `""` |
| `run.updateStrategy.type` | Run statefulset strategy type | `RollingUpdate` |
| `run.updateStrategy.rollingUpdate` | Run statefulset rolling update configuration parameters | `{}` |
| `run.extraVolumes` | Optionally specify extra list of additional volumes for the Run pod(s) | `[]` |
| `run.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Run container(s) | `[]` |
| `run.sidecars` | Add additional sidecar containers to the Run pod(s) | `[]` |
| `run.enableDefaultInitContainers` | Deploy default init containers | `true` |
| `run.initContainers` | Add additional init containers to the Run pod(s) | `[]` |
| `run.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `true` |
| `run.networkPolicy.allowExternal` | The Policy model to apply | `true` |
| `run.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` |
| `run.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
| `run.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
| `run.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
| `run.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
| `run.source.type` | Where the source comes from: Possible values: configmap, git, custom | `configmap` |
| `run.source.launchCommand` | deepspeed command to run over the project | `""` |
| `run.source.configMap` | List of files of the project | `{}` |
| `run.source.existingConfigMap` | Name of a configmap containing the files of the project | `""` |
| `run.source.git.repository` | Repository that holds the files | `""` |
| `run.source.git.revision` | Revision from the repository to checkout | `""` |
| `run.source.git.extraVolumeMounts` | Add extra volume mounts for the Git container | `[]` |
| `run.serviceAccount.create` | Enable creation of ServiceAccount for Run pods | `true` |
| `run.serviceAccount.name` | The name of the ServiceAccount to use | `""` |
| `run.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` |
| `run.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` |
| Name | Description | Value |
| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------- |
| `run.enabled` | Enable Run deployment | `true` |
| `run.useJob` | Deploy as job | `false` |
| `run.backoffLimit` | set backoff limit of the job | `10` |
| `run.restartPolicy` | set restart policy of the job | `OnFailure` |
| `run.extraEnvVars` | Array with extra environment variables to add to run nodes | `[]` |
| `run.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for run nodes | `""` |
| `run.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for run nodes | `""` |
| `run.annotations` | Annotations for the run deployment | `{}` |
| `run.command` | Override default container command (useful when using custom images) | `[]` |
| `run.args` | Override default container args (useful when using custom images) | `[]` |
| `run.terminationGracePeriodSeconds` | Run termination grace period (in seconds) | `""` |
| `run.livenessProbe.enabled` | Enable livenessProbe on Run nodes | `true` |
| `run.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `run.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` |
| `run.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `20` |
| `run.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `run.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `run.readinessProbe.enabled` | Enable readinessProbe on Run nodes | `true` |
| `run.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `run.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` |
| `run.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `20` |
| `run.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `run.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `run.startupProbe.enabled` | Enable startupProbe on Run containers | `false` |
| `run.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` |
| `run.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` |
| `run.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `run.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` |
| `run.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `run.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `run.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `run.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `run.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if run.resources is set (run.resources is recommended for production). | `none` |
| `run.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `run.podSecurityContext.enabled` | Enabled Run pods' Security Context | `true` |
| `run.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `run.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `run.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `run.podSecurityContext.fsGroup` | Set Run pod's Security Context fsGroup | `1001` |
| `run.containerSecurityContext.enabled` | Enabled Run containers' Security Context | `true` |
| `run.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `run.containerSecurityContext.runAsUser` | Set Run containers' Security Context runAsUser | `1001` |
| `run.containerSecurityContext.runAsGroup` | Set Run containers' Security Context runAsGroup | `1001` |
| `run.containerSecurityContext.runAsNonRoot` | Set Run containers' Security Context runAsNonRoot | `true` |
| `run.containerSecurityContext.privileged` | Set Run containers' Security Context privileged | `false` |
| `run.containerSecurityContext.readOnlyRootFilesystem` | Set Run containers' Security Context runAsNonRoot | `true` |
| `run.containerSecurityContext.allowPrivilegeEscalation` | Set Run container's privilege escalation | `false` |
| `run.containerSecurityContext.capabilities.drop` | Set Run container's Security Context runAsNonRoot | `["ALL"]` |
| `run.containerSecurityContext.seccompProfile.type` | Set Run container's Security Context seccomp profile | `RuntimeDefault` |
| `run.lifecycleHooks` | for the run container(s) to automate configuration before or after startup | `{}` |
| `run.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` |
| `run.automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `run.hostAliases` | run pods host aliases | `[]` |
| `run.labels` | Extra labels for the run deployment | `{}` |
| `run.podLabels` | Extra labels for run pods | `{}` |
| `run.podAnnotations` | Annotations for run pods | `{}` |
| `run.podAffinityPreset` | Pod affinity preset. Ignored if `run.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `run.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `run.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `run.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `run.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `run.nodeAffinityPreset.key` | Node label key to match. Ignored if `run.affinity` is set | `""` |
| `run.nodeAffinityPreset.values` | Node label values to match. Ignored if `run.affinity` is set | `[]` |
| `run.affinity` | Affinity for Run pods assignment | `{}` |
| `run.nodeSelector` | Node labels for Run pods assignment | `{}` |
| `run.tolerations` | Tolerations for Run pods assignment | `[]` |
| `run.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` |
| `run.priorityClassName` | Run pods' priorityClassName | `""` |
| `run.schedulerName` | Kubernetes pod scheduler registry | `""` |
| `run.updateStrategy.type` | Run statefulset strategy type | `RollingUpdate` |
| `run.updateStrategy.rollingUpdate` | Run statefulset rolling update configuration parameters | `{}` |
| `run.extraVolumes` | Optionally specify extra list of additional volumes for the Run pod(s) | `[]` |
| `run.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Run container(s) | `[]` |
| `run.sidecars` | Add additional sidecar containers to the Run pod(s) | `[]` |
| `run.enableDefaultInitContainers` | Deploy default init containers | `true` |
| `run.initContainers` | Add additional init containers to the Run pod(s) | `[]` |
| `run.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `true` |
| `run.networkPolicy.allowExternal` | The Policy model to apply | `true` |
| `run.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` |
| `run.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
| `run.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
| `run.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
| `run.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
| `run.source.type` | Where the source comes from: Possible values: configmap, git, custom | `configmap` |
| `run.source.launchCommand` | deepspeed command to run over the project | `""` |
| `run.source.configMap` | List of files of the project | `{}` |
| `run.source.existingConfigMap` | Name of a configmap containing the files of the project | `""` |
| `run.source.git.repository` | Repository that holds the files | `""` |
| `run.source.git.revision` | Revision from the repository to checkout | `""` |
| `run.source.git.extraVolumeMounts` | Add extra volume mounts for the Git container | `[]` |
| `run.serviceAccount.create` | Enable creation of ServiceAccount for Run pods | `true` |
| `run.serviceAccount.name` | The name of the ServiceAccount to use | `""` |
| `run.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` |
| `run.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` |
### Mlflow Run persistence paramaters
@@ -400,32 +400,32 @@ The command removes all the Kubernetes components associated with the chart and
### Init Container Parameters
| Name | Description | Value |
| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` |
| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` |
| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` |
| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` |
| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` |
| `volumePermissions.containerSecurityContext.enabled` | Set container security context settings | `true` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
| `waitContainer.image.registry` | Init container wait-container image registry | `REGISTRY_NAME` |
| `waitContainer.image.repository` | Init container wait-container image name | `REPOSITORY_NAME/os-shell` |
| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` |
| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `waitContainer.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `waitContainer.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `waitContainer.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `waitContainer.containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` |
| `waitContainer.containerSecurityContext.privileged` | Set containers' Security Context privileged | `false` |
| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set containers' Security Context runAsNonRoot | `true` |
| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
| `waitContainer.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
| `waitContainer.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| Name | Description | Value |
| ----------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` |
| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` |
| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` |
| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none` |
| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `volumePermissions.containerSecurityContext.enabled` | Set container security context settings | `true` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
| `waitContainer.image.registry` | Init container wait-container image registry | `REGISTRY_NAME` |
| `waitContainer.image.repository` | Init container wait-container image name | `REPOSITORY_NAME/os-shell` |
| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` |
| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `waitContainer.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `waitContainer.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `waitContainer.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `waitContainer.containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` |
| `waitContainer.containerSecurityContext.privileged` | Set containers' Security Context privileged | `false` |
| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set containers' Security Context runAsNonRoot | `true` |
| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
| `waitContainer.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
| `waitContainer.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
### PostgreSQL chart configuration

1
bitnami/mlflow/templates/NOTES.txt
View File

@@ -101,3 +101,4 @@ To access your MLflow site from outside the cluster follow the steps below:
{{- include "common.warnings.rollingTag" .Values.image }}
{{- include "mlflow.v0.validateValues" . }}
{{- include "common.warnings.resources" (dict "sections" (list "run" "tracking" "volumePermissions") "context" $) }}

2
bitnami/mlflow/templates/_helpers.tpl
View File

@@ -523,6 +523,8 @@ Return the volume-permissions init container
{{- end }}
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- else if ne .Values.volumePermissions.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }}
{{- end }}
volumeMounts:
- name: data

2
bitnami/mlflow/templates/run/dep-job.yaml
View File

@@ -171,6 +171,8 @@ spec:
{{- end }}
{{- if .Values.run.resources }}
resources: {{- toYaml .Values.run.resources | nindent 12 }}
{{- else if ne .Values.run.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.run.resourcesPreset) | nindent 12 }}
{{- end }}
{{- if not .Values.diagnosticMode.enabled }}
{{- if .Values.run.customLivenessProbe }}

2
bitnami/mlflow/templates/tracking/deployment.yaml
View File

@@ -202,6 +202,8 @@ spec:
{{- end }}
{{- if .Values.tracking.resources }}
resources: {{- toYaml .Values.tracking.resources | nindent 12 }}
{{- else if ne .Values.tracking.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.tracking.resourcesPreset) | nindent 12 }}
{{- end }}
ports:
- name: {{ include "mlflow.v0.tracking.portName" . }}

80
bitnami/mlflow/values.yaml
View File

@@ -19,7 +19,6 @@ global:
##
imagePullSecrets: []
storageClass: ""
## @section Common parameters
##
@@ -47,7 +46,6 @@ clusterDomain: cluster.local
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []
## Enable diagnostic mode in the deployment
##
diagnosticMode:
@@ -62,7 +60,6 @@ diagnosticMode:
##
args:
- infinity
## @section MLflow common Parameters
##
@@ -97,7 +94,6 @@ image:
## Enable debug mode
##
debug: false
## Bitnami git image version
## ref: https://hub.docker.com/r/bitnami/git/tags/
## @param gitImage.registry [default: REGISTRY_NAME] Git image registry
@@ -121,7 +117,6 @@ gitImage:
## - myRegistryKeySecretName
##
pullSecrets: []
## @section MLflow Tracking parameters
##
tracking:
@@ -190,12 +185,21 @@ tracking:
customStartupProbe: {}
## mlflow resource requests and limits
## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
## @param tracking.resources.limits The resources limits for the mlflow containers
## @param tracking.resources.requests The requested resources for the mlflow containers
## @param tracking.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if tracking.resources is set (tracking.resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
##
resources:
limits: {}
requests: {}
resourcesPreset: "none"
## @param tracking.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 2
## memory: 512Mi
## limits:
## cpu: 3
## memory: 1024Mi
##
resources: {}
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param tracking.podSecurityContext.enabled Enabled mlflow pods' Security Context
@@ -236,7 +240,6 @@ tracking:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
## Basic authentication
## @param tracking.auth.enabled Enable basic authentication
## @param tracking.auth.username Admin username
@@ -405,7 +408,6 @@ tracking:
## Can be set to RollingUpdate or OnDelete
##
type: RollingUpdate
## @param tracking.priorityClassName mlflow pods' priorityClassName
##
priorityClassName: ""
@@ -467,7 +469,6 @@ tracking:
## command: ['sh', '-c', 'echo "hello world"']
##
initContainers: []
## @section MLflow Tracking Traffic Exposure Parameters
##
@@ -632,7 +633,6 @@ tracking:
## name: http
##
extraRules: []
## Network Policy configuration
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
##
@@ -687,7 +687,6 @@ tracking:
##
ingressNSMatchLabels: {}
ingressNSPodMatchLabels: {}
## @section MLflow Tracking Persistence Parameters
##
@@ -739,7 +738,6 @@ tracking:
## @param tracking.persistence.dataSource Custom PVC data source
##
dataSource: {}
## @section MLflow Tracking Other Parameters
##
serviceAccount:
@@ -756,7 +754,6 @@ tracking:
## @param tracking.serviceAccount.automountServiceAccountToken Automount service account token for the server service account
##
automountServiceAccountToken: false
## @section MLflow Tracking Metrics Parameters
##
metrics:
@@ -812,7 +809,6 @@ tracking:
## prometheus: my-prometheus
##
selector: {}
## @section MLflow Run Parameters
##
run:
@@ -908,12 +904,21 @@ run:
customStartupProbe: {}
## run resource requests and limits
## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
## @param run.resources.limits The resources limits for the run containers
## @param run.resources.requests The requested resources for the run containers
## @param run.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if run.resources is set (run.resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
##
resources:
limits: {}
requests: {}
resourcesPreset: "none"
## @param run.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 2
## memory: 512Mi
## limits:
## cpu: 3
## memory: 1024Mi
##
resources: {}
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param run.podSecurityContext.enabled Enabled Run pods' Security Context
@@ -1150,7 +1155,6 @@ run:
## mountPath: /.ssh/
##
extraVolumeMounts: []
## Service account for Run to use
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
@@ -1218,7 +1222,6 @@ run:
## @param run.persistence.annotations Persistent Volume annotations
##
annotations: {}
## @section Init Container Parameters
##
@@ -1253,12 +1256,21 @@ volumePermissions:
pullSecrets: []
## Init container's resource requests and limits
## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
## @param volumePermissions.resources.limits The resources limits for the init container
## @param volumePermissions.resources.requests The requested resources for the init container
## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
##
resources:
limits: {}
requests: {}
resourcesPreset: "none"
## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 2
## memory: 512Mi
## limits:
## cpu: 3
## memory: 1024Mi
##
resources: {}
## Init container Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param volumePermissions.containerSecurityContext.enabled Set container security context settings
@@ -1272,7 +1284,6 @@ volumePermissions:
enabled: true
seLinuxOptions: null
runAsUser: 0
waitContainer:
## @param waitContainer.image.registry [default: REGISTRY_NAME] Init container wait-container image registry
## @param waitContainer.image.repository [default: REPOSITORY_NAME/os-shell] Init container wait-container image name
@@ -1296,7 +1307,6 @@ waitContainer:
## - myRegistryKeySecretName
##
pullSecrets: []
## Configure Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param waitContainer.containerSecurityContext.enabled Enabled containers' Security Context
@@ -1321,7 +1331,6 @@ waitContainer:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
## @section PostgreSQL chart configuration
## ref: https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.yaml
## @param postgresql.enabled Switch to enable or disable the PostgreSQL helm chart
@@ -1353,7 +1362,6 @@ postgresql:
PGPASSWORD=$POSTGRES_POSTGRES_PASSWORD psql -U postgres <<< "CREATE DATABASE {{ include "mlflow.v0.database-auth.name" . }}"
PGPASSWORD=$POSTGRES_POSTGRES_PASSWORD psql -U postgres <<< "GRANT ALL PRIVILEGES ON DATABASE {{ include "mlflow.v0.database-auth.name" . }} to {{ .Values.auth.username }}"
PGPASSWORD=$POSTGRES_POSTGRES_PASSWORD psql -U postgres <<< "ALTER DATABASE {{ include "mlflow.v0.database-auth.name" . }} OWNER TO {{ .Values.auth.username }}"
## @section External PostgreSQL configuration
## All of these values are only used when postgresql.enabled is set to false
## @param externalDatabase.host Database host
@@ -1374,7 +1382,6 @@ externalDatabase:
password: ""
existingSecret: ""
existingSecretPasswordKey: "db-password"
## @section MinIO&reg; chart parameters
## @extra minio For full list of MinIO&reg; values configurations please refere [here](https://github.com/bitnami/charts/tree/main/bitnami/minio)
##
@@ -1398,7 +1405,6 @@ minio:
## @param minio.defaultBuckets Comma, semi-colon or space separated list of MinIO&reg; buckets to create
##
defaultBuckets: "mlflow"
## @param minio.provisioning.enabled Enable/disable MinIO&reg; provisioning job
## @param minio.provisioning.extraCommands Extra commands to run on MinIO&reg; provisioning job
##
@@ -1406,7 +1412,6 @@ minio:
enabled: true
# We need to allow downloads in order for the UI to work
extraCommands: ["mc anonymous set download provisioning/mlflow"]
## @param minio.tls.enabled Enable/disable MinIO&reg; TLS support
##
tls:
@@ -1420,7 +1425,6 @@ minio:
loadBalancerIP: ""
ports:
api: 80
## @section External S3 parameters
## All of these values are only used when minio.enabled is set to false
## @param externalS3.host External S3 host