From c4b257046be6e78cf42308c93b18594feeb7fc4a Mon Sep 17 00:00:00 2001 From: "Shiva Krishna, Merla" Date: Fri, 31 Jan 2025 06:34:51 -0800 Subject: [PATCH 1/2] Fix project scaffolding for all microservices Signed-off-by: Shiva Krishna, Merla --- PROJECT | 31 +++++++ config/crd/kustomization.yaml | 14 ++++ config/rbac/kustomization.yaml | 8 ++ config/rbac/nemodatastore_editor_role.yaml | 27 +++++++ config/rbac/nemodatastore_viewer_role.yaml | 23 ++++++ config/rbac/nemoentitystore_editor_role.yaml | 27 +++++++ config/rbac/nemoentitystore_viewer_role.yaml | 23 ++++++ config/rbac/nemoevaluator_editor_role.yaml | 27 +++++++ config/rbac/nemoevaluator_viewer_role.yaml | 23 ++++++ config/rbac/nemoguardrails_editor_role.yaml | 27 +++++++ config/rbac/nemoguardrails_viewer_role.yaml | 23 ++++++ .../samples/apps_v1alpha1_nemodatastore.yaml | 80 +++++++++++++++++++ .../apps_v1alpha1_nemoentitystore.yaml | 3 + .../samples/apps_v1alpha1_nemoevaluator.yaml | 30 +++++++ .../samples/apps_v1alpha1_nemoguardrails.yaml | 63 +++++++++++++++ config/samples/kustomization.yaml | 7 ++ 16 files changed, 436 insertions(+) create mode 100644 config/rbac/nemodatastore_editor_role.yaml create mode 100644 config/rbac/nemodatastore_viewer_role.yaml create mode 100644 config/rbac/nemoentitystore_editor_role.yaml create mode 100644 config/rbac/nemoentitystore_viewer_role.yaml create mode 100644 config/rbac/nemoevaluator_editor_role.yaml create mode 100644 config/rbac/nemoevaluator_viewer_role.yaml create mode 100644 config/rbac/nemoguardrails_editor_role.yaml create mode 100644 config/rbac/nemoguardrails_viewer_role.yaml create mode 100644 config/samples/apps_v1alpha1_nemodatastore.yaml create mode 100644 config/samples/apps_v1alpha1_nemoevaluator.yaml create mode 100644 config/samples/apps_v1alpha1_nemoguardrails.yaml diff --git a/PROJECT b/PROJECT index 51db69fb..d101b394 100644 --- a/PROJECT +++ b/PROJECT @@ -41,7 +41,38 @@ resources: controller: true domain: nvidia.com group: apps +<<<<<<< HEAD kind: NemoCustomizer +======= + kind: NemoEvaluator + path: github.com/NVIDIA/k8s-nim-operator/api/apps/v1alpha1 + version: v1alpha1 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: nvidia.com + group: apps + kind: NemoEntitystore + path: github.com/NVIDIA/k8s-nim-operator/api/apps/v1alpha1 + version: v1alpha1 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: nvidia.com + group: apps + kind: NemoDatastore + path: github.com/NVIDIA/k8s-nim-operator/api/apps/v1alpha1 + version: v1alpha1 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: nvidia.com + group: apps + kind: NemoGuardrails +>>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) path: github.com/NVIDIA/k8s-nim-operator/api/apps/v1alpha1 version: v1alpha1 version: "3" diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index c37e9ccf..5239514c 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -5,7 +5,14 @@ resources: - bases/apps.nvidia.com_nimservices.yaml - bases/apps.nvidia.com_nimcaches.yaml - bases/apps.nvidia.com_nimpipelines.yaml +<<<<<<< HEAD - bases/apps.nvidia.com_nemocustomizers.yaml +======= +- bases/apps.nvidia.com_nemoguardrails.yaml +- bases/apps.nvidia.com_nemoevaluators.yaml +- bases/apps.nvidia.com_nemodatastores.yaml +- bases/apps.nvidia.com_nemoentitystores.yaml +>>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) # +kubebuilder:scaffold:crdkustomizeresource patches: @@ -19,7 +26,14 @@ patches: #- path: patches/cainjection_in_nimworkflows.yaml #- path: patches/cainjection_in_nimcaches.yaml #- path: patches/cainjection_in_nimpipelines.yaml +<<<<<<< HEAD #- path: patches/cainjection_in_nemocustomizers.yaml +======= +#- path: patches/cainjection_in_nemoguardrails.yaml +#- path: patches/cainjection_in_nemoevaluators.yaml +#- path: patches/cainjection_in_nemodatastores.yaml +#- path: patches/cainjection_in_nemoentitystores.yaml +>>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) # +kubebuilder:scaffold:crdkustomizecainjectionpatch # [WEBHOOK] To enable webhook, uncomment the following section diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index df593a02..2eeff133 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -15,6 +15,14 @@ resources: # if you do not want those helpers be installed with your Project. - nemocustomizer_editor_role.yaml - nemocustomizer_viewer_role.yaml +- nemoentitystore_editor_role.yaml +- nemoentitystore_viewer_role.yaml +- nemodatastore_editor_role.yaml +- nemodatastore_viewer_role.yaml +- nemoevaluator_editor_role.yaml +- nemoevaluator_viewer_role.yaml +- nemoguardrails_editor_role.yaml +- nemoguardrails_viewer_role.yaml - nimpipeline_editor_role.yaml - nimpipeline_viewer_role.yaml - nimcache_editor_role.yaml diff --git a/config/rbac/nemodatastore_editor_role.yaml b/config/rbac/nemodatastore_editor_role.yaml new file mode 100644 index 00000000..74633e5f --- /dev/null +++ b/config/rbac/nemodatastore_editor_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to edit nemodatastores. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemodatastore-editor-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemodatastores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemodatastores/status + verbs: + - get diff --git a/config/rbac/nemodatastore_viewer_role.yaml b/config/rbac/nemodatastore_viewer_role.yaml new file mode 100644 index 00000000..a3b70062 --- /dev/null +++ b/config/rbac/nemodatastore_viewer_role.yaml @@ -0,0 +1,23 @@ +# permissions for end users to view nemodatastores. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemodatastore-viewer-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemodatastores + verbs: + - get + - list + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemodatastores/status + verbs: + - get diff --git a/config/rbac/nemoentitystore_editor_role.yaml b/config/rbac/nemoentitystore_editor_role.yaml new file mode 100644 index 00000000..ed8de2ef --- /dev/null +++ b/config/rbac/nemoentitystore_editor_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to edit nemoentitystores. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoentitystore-editor-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemoentitystores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemoentitystores/status + verbs: + - get diff --git a/config/rbac/nemoentitystore_viewer_role.yaml b/config/rbac/nemoentitystore_viewer_role.yaml new file mode 100644 index 00000000..2455ba36 --- /dev/null +++ b/config/rbac/nemoentitystore_viewer_role.yaml @@ -0,0 +1,23 @@ +# permissions for end users to view nemoentitystores. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoentitystore-viewer-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemoentitystores + verbs: + - get + - list + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemoentitystores/status + verbs: + - get diff --git a/config/rbac/nemoevaluator_editor_role.yaml b/config/rbac/nemoevaluator_editor_role.yaml new file mode 100644 index 00000000..b4266ca3 --- /dev/null +++ b/config/rbac/nemoevaluator_editor_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to edit nemoevaluators. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoevaluator-editor-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemoevaluators + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemoevaluators/status + verbs: + - get diff --git a/config/rbac/nemoevaluator_viewer_role.yaml b/config/rbac/nemoevaluator_viewer_role.yaml new file mode 100644 index 00000000..9199ad9c --- /dev/null +++ b/config/rbac/nemoevaluator_viewer_role.yaml @@ -0,0 +1,23 @@ +# permissions for end users to view nemoevaluators. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoevaluator-viewer-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemoevaluators + verbs: + - get + - list + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemoevaluators/status + verbs: + - get diff --git a/config/rbac/nemoguardrails_editor_role.yaml b/config/rbac/nemoguardrails_editor_role.yaml new file mode 100644 index 00000000..0d3f951e --- /dev/null +++ b/config/rbac/nemoguardrails_editor_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to edit nemoguardrails. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoguardrails-editor-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemoguardrails + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemoguardrails/status + verbs: + - get diff --git a/config/rbac/nemoguardrails_viewer_role.yaml b/config/rbac/nemoguardrails_viewer_role.yaml new file mode 100644 index 00000000..7dcd13a0 --- /dev/null +++ b/config/rbac/nemoguardrails_viewer_role.yaml @@ -0,0 +1,23 @@ +# permissions for end users to view nemoguardrails. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoguardrails-viewer-role +rules: +- apiGroups: + - apps.nvidia.com + resources: + - nemoguardrails + verbs: + - get + - list + - watch +- apiGroups: + - apps.nvidia.com + resources: + - nemoguardrails/status + verbs: + - get diff --git a/config/samples/apps_v1alpha1_nemodatastore.yaml b/config/samples/apps_v1alpha1_nemodatastore.yaml new file mode 100644 index 00000000..c87037ad --- /dev/null +++ b/config/samples/apps_v1alpha1_nemodatastore.yaml @@ -0,0 +1,80 @@ +apiVersion: apps.nvidia.com/v1alpha1 +kind: NemoDatastore +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemodatastore-sample +spec: + authSecret: ngc-image-pull-secret + secrets: + datastoreConfigSecret: "nemo-ms-nemo-datastore" + datastoreInitSecret: "nemo-ms-nemo-datastore-init" + datastoreInlineConfigSecret: "nemo-ms-nemo-datastore-inline-config" + giteaAdminSecret: "gitea-admin-credentials" + lfsJwtSecret: "nemo-ms-nemo-datastore--lfs-jwt" + objectStoreConfig: + credentials: + user: minioUser + secretName: nds-minio-existing-secret + passwordKey: objectStoreSecret + serveDirect: true + endpoint: minio.k8s-nim-operator-system.svc.cluster.local:9000 + bucketName: datastore-dev + region: object-store-region + ssl: false + databaseConfig: + credentials: + user: ndsuser + secretName: nds-pg-existing-secret + passwordKey: postgresPassword + host: nds-pg-postgresql + port: 5432 + databaseName: ndsdb + pvc: + name: "pvc-shared-data" + create: true + storageClass: "local-path" + volumeAccessMode: ReadWriteOnce + size: "10Gi" + expose: + service: + port: 3000 + type: ClusterIP + image: + repository: "nvcr.io/nvidian/nemo-llm/datastore" + tag: "25.01-rc8" + pullPolicy: IfNotPresent + replicas: 1 + resources: + requests: + memory: "256Mi" + cpu: "500m" + limits: + memory: "512Mi" + cpu: "1" + livenessProbe: + enabled: true + probe: + httpGet: + path: /v1/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 10 + timeoutSeconds: 5 + readinessProbe: + enabled: true + probe: + httpGet: + path: /v1/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 5 + timeoutSeconds: 3 + # metrics: + # enabled: true + # serviceMonitor: + # additionalLabels: + # app: sample-nemodatastore + # interval: "30s" + # scrapeTimeout: "10s" diff --git a/config/samples/apps_v1alpha1_nemoentitystore.yaml b/config/samples/apps_v1alpha1_nemoentitystore.yaml index 14f94eaa..041c2686 100644 --- a/config/samples/apps_v1alpha1_nemoentitystore.yaml +++ b/config/samples/apps_v1alpha1_nemoentitystore.yaml @@ -1,6 +1,9 @@ apiVersion: apps.nvidia.com/v1alpha1 kind: NemoEntitystore metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize name: nemoentitystore-sample spec: image: diff --git a/config/samples/apps_v1alpha1_nemoevaluator.yaml b/config/samples/apps_v1alpha1_nemoevaluator.yaml new file mode 100644 index 00000000..8a9ca046 --- /dev/null +++ b/config/samples/apps_v1alpha1_nemoevaluator.yaml @@ -0,0 +1,30 @@ +apiVersion: apps.nvidia.com/v1alpha1 +kind: NemoEvaluator +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoevaluator-sample +spec: + image: + repository: nvcr.io/nvidia/nemo-microservices/evaluation-ms + tag: "25.01" + pullPolicy: IfNotPresent + pullSecrets: + - ngc-secret + argoWorkFlows: + endpoint: "http://argo-workflows-server:2746" + serviceAccount: "argo-workflows-executor" + milvus: + endpoint: "http://milvus-eval:19530" + dataStore: + endpoint: "http://datastore.default.svc.cluster.local:3000/v1/hf" + databaseConfig: + host: "evaluator-pg-postgresql" + port: 5432 + databaseName: "evaluation" + credentials: + user: "nemo" + secretName: "evaluator-pg-postgresql" + passwordKey: "password" + replicas: 1 diff --git a/config/samples/apps_v1alpha1_nemoguardrails.yaml b/config/samples/apps_v1alpha1_nemoguardrails.yaml new file mode 100644 index 00000000..df2037a4 --- /dev/null +++ b/config/samples/apps_v1alpha1_nemoguardrails.yaml @@ -0,0 +1,63 @@ +apiVersion: apps.nvidia.com/v1alpha1 +kind: NemoGuardrails +metadata: + labels: + app.kubernetes.io/name: k8s-nim-operator + app.kubernetes.io/managed-by: kustomize + name: nemoguardrails-sample +spec: + authSecret: ngc-api-secret + configStore: + configMap: gr-config + env: + - name: NEMO_GR_SVC_SERVICE_PORT + value: "7331" + - name: NEMO_GR_SVC_SERVICE_PORT + value: "7331" + - name: NIM_ENDPOINT_URL + value: http://:/v1 + - name: NIM_ENDPOINT_API_KEY + value: dummy + expose: + ingress: + spec: {} + service: + port: 7331 + type: ClusterIP + image: + pullPolicy: IfNotPresent + pullSecrets: + - ngc-secret + repository: nvcr.io/nvidian/nemo-llm/nemo-guardrails-microservice + tag: "25.02-rc4" + livenessProbe: + enabled: true + probe: + httpGet: + path: /v1/health + port: 7331 + initialDelaySeconds: 5 + timeoutSeconds: 30 + metrics: + serviceMonitor: {} + readinessProbe: + enabled: true + probe: + httpGet: + path: /v1/health + port: 7331 + initialDelaySeconds: 5 + timeoutSeconds: 30 + replicas: 1 + resources: + limits: + cpu: "1" + ephemeral-storage: 10Gi + startupProbe: + enabled: true + probe: + httpGet: + path: /v1/health + port: 7331 + initialDelaySeconds: 5 + timeoutSeconds: 30 diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index fd58ae5e..a035d8f2 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -3,5 +3,12 @@ resources: - apps_v1alpha1_nimservice.yaml - apps_v1alpha1_nimcache.yaml - apps_v1alpha1_nimpipeline.yaml +<<<<<<< HEAD - apps_v1alpha1_nemocustomizer.yaml +======= +- apps_v1alpha1_nemoguardrails.yaml +- apps_v1alpha1_nemoevaluator.yaml +- apps_v1alpha1_nemodatastore.yaml +- apps_v1alpha1_nemoentitystore.yaml +>>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) # +kubebuilder:scaffold:manifestskustomizesamples From 7042290417fb83467d26999bfcf44e91b5d3bd44 Mon Sep 17 00:00:00 2001 From: "Shiva Krishna, Merla" Date: Tue, 4 Feb 2025 07:24:27 -0800 Subject: [PATCH 2/2] Fix rebase errors Signed-off-by: Shiva Krishna, Merla --- PROJECT | 13 +++++++++---- config/crd/kustomization.yaml | 6 ------ config/samples/kustomization.yaml | 3 --- 3 files changed, 9 insertions(+), 13 deletions(-) diff --git a/PROJECT b/PROJECT index d101b394..affc699a 100644 --- a/PROJECT +++ b/PROJECT @@ -41,9 +41,6 @@ resources: controller: true domain: nvidia.com group: apps -<<<<<<< HEAD - kind: NemoCustomizer -======= kind: NemoEvaluator path: github.com/NVIDIA/k8s-nim-operator/api/apps/v1alpha1 version: v1alpha1 @@ -72,7 +69,15 @@ resources: domain: nvidia.com group: apps kind: NemoGuardrails ->>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) + path: github.com/NVIDIA/k8s-nim-operator/api/apps/v1alpha1 + version: v1alpha1 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: nvidia.com + group: apps + kind: NemoCustomizer path: github.com/NVIDIA/k8s-nim-operator/api/apps/v1alpha1 version: v1alpha1 version: "3" diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 5239514c..9201741b 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -5,14 +5,11 @@ resources: - bases/apps.nvidia.com_nimservices.yaml - bases/apps.nvidia.com_nimcaches.yaml - bases/apps.nvidia.com_nimpipelines.yaml -<<<<<<< HEAD - bases/apps.nvidia.com_nemocustomizers.yaml -======= - bases/apps.nvidia.com_nemoguardrails.yaml - bases/apps.nvidia.com_nemoevaluators.yaml - bases/apps.nvidia.com_nemodatastores.yaml - bases/apps.nvidia.com_nemoentitystores.yaml ->>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) # +kubebuilder:scaffold:crdkustomizeresource patches: @@ -26,14 +23,11 @@ patches: #- path: patches/cainjection_in_nimworkflows.yaml #- path: patches/cainjection_in_nimcaches.yaml #- path: patches/cainjection_in_nimpipelines.yaml -<<<<<<< HEAD #- path: patches/cainjection_in_nemocustomizers.yaml -======= #- path: patches/cainjection_in_nemoguardrails.yaml #- path: patches/cainjection_in_nemoevaluators.yaml #- path: patches/cainjection_in_nemodatastores.yaml #- path: patches/cainjection_in_nemoentitystores.yaml ->>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) # +kubebuilder:scaffold:crdkustomizecainjectionpatch # [WEBHOOK] To enable webhook, uncomment the following section diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index a035d8f2..f9796b52 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -3,12 +3,9 @@ resources: - apps_v1alpha1_nimservice.yaml - apps_v1alpha1_nimcache.yaml - apps_v1alpha1_nimpipeline.yaml -<<<<<<< HEAD - apps_v1alpha1_nemocustomizer.yaml -======= - apps_v1alpha1_nemoguardrails.yaml - apps_v1alpha1_nemoevaluator.yaml - apps_v1alpha1_nemodatastore.yaml - apps_v1alpha1_nemoentitystore.yaml ->>>>>>> 4cb6b28 (Fix project scaffolding for all microservices) # +kubebuilder:scaffold:manifestskustomizesamples