Skip to content

Commit f592361

Browse files
author
Jeremy Lewi
committed
Create a new cluster for chatbot based on the GCP blueprint.
* We want to create a webhook to respond to Dialogflow. To do that we need be able to modify the ISTIO ingress policy in order to apply different JWT validation for requests routed through IAP vs calls from DialogFlow. * I initially tried that using ISTIO 1.1 and ran into problems. On ISTIO 1.4 it seemed to work. * So this PR defines a new cluster based on the Kubeflow GCP blueprint so using ASM which has ISTIO 1.4. It is also using ACM to manage the deployment. * Related to kubeflow#142
1 parent 29be1c2 commit f592361

File tree

1,413 files changed

+159131
-0
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

1,413 files changed

+159131
-0
lines changed

kubeflow_clusters/code-intelligence/.build/application/apiextensions.k8s.io_v1beta1_customresourcedefinition_applications.app.k8s.io.yaml

Lines changed: 233 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,233 @@
1+
apiVersion: apiextensions.k8s.io/v1beta1
2+
kind: CustomResourceDefinition
3+
metadata:
4+
creationTimestamp: null
5+
name: applications.app.k8s.io
6+
spec:
7+
group: app.k8s.io
8+
names:
9+
kind: Application
10+
plural: applications
11+
scope: Namespaced
12+
validation:
13+
openAPIV3Schema:
14+
properties:
15+
apiVersion:
16+
type: string
17+
kind:
18+
type: string
19+
metadata:
20+
type: object
21+
spec:
22+
properties:
23+
addOwnerRef:
24+
type: boolean
25+
assemblyPhase:
26+
type: string
27+
componentKinds:
28+
items:
29+
type: object
30+
type: array
31+
descriptor:
32+
properties:
33+
description:
34+
type: string
35+
icons:
36+
items:
37+
properties:
38+
size:
39+
type: string
40+
src:
41+
type: string
42+
type:
43+
type: string
44+
required:
45+
- src
46+
type: object
47+
type: array
48+
keywords:
49+
items:
50+
type: string
51+
type: array
52+
links:
53+
items:
54+
properties:
55+
description:
56+
type: string
57+
url:
58+
type: string
59+
type: object
60+
type: array
61+
maintainers:
62+
items:
63+
properties:
64+
email:
65+
type: string
66+
name:
67+
type: string
68+
url:
69+
type: string
70+
type: object
71+
type: array
72+
notes:
73+
type: string
74+
owners:
75+
items:
76+
properties:
77+
email:
78+
type: string
79+
name:
80+
type: string
81+
url:
82+
type: string
83+
type: object
84+
type: array
85+
type:
86+
type: string
87+
version:
88+
type: string
89+
type: object
90+
info:
91+
items:
92+
properties:
93+
name:
94+
type: string
95+
type:
96+
type: string
97+
value:
98+
type: string
99+
valueFrom:
100+
properties:
101+
configMapKeyRef:
102+
properties:
103+
apiVersion:
104+
type: string
105+
fieldPath:
106+
type: string
107+
key:
108+
type: string
109+
kind:
110+
type: string
111+
name:
112+
type: string
113+
namespace:
114+
type: string
115+
resourceVersion:
116+
type: string
117+
uid:
118+
type: string
119+
type: object
120+
ingressRef:
121+
properties:
122+
apiVersion:
123+
type: string
124+
fieldPath:
125+
type: string
126+
host:
127+
type: string
128+
kind:
129+
type: string
130+
name:
131+
type: string
132+
namespace:
133+
type: string
134+
path:
135+
type: string
136+
resourceVersion:
137+
type: string
138+
uid:
139+
type: string
140+
type: object
141+
secretKeyRef:
142+
properties:
143+
apiVersion:
144+
type: string
145+
fieldPath:
146+
type: string
147+
key:
148+
type: string
149+
kind:
150+
type: string
151+
name:
152+
type: string
153+
namespace:
154+
type: string
155+
resourceVersion:
156+
type: string
157+
uid:
158+
type: string
159+
type: object
160+
serviceRef:
161+
properties:
162+
apiVersion:
163+
type: string
164+
fieldPath:
165+
type: string
166+
kind:
167+
type: string
168+
name:
169+
type: string
170+
namespace:
171+
type: string
172+
path:
173+
type: string
174+
port:
175+
format: int32
176+
type: integer
177+
resourceVersion:
178+
type: string
179+
uid:
180+
type: string
181+
type: object
182+
type:
183+
type: string
184+
type: object
185+
type: object
186+
type: array
187+
selector:
188+
type: object
189+
type: object
190+
status:
191+
properties:
192+
components:
193+
items:
194+
properties:
195+
group:
196+
type: string
197+
kind:
198+
type: string
199+
link:
200+
type: string
201+
name:
202+
type: string
203+
status:
204+
type: string
205+
type: object
206+
type: array
207+
conditions:
208+
items:
209+
properties:
210+
lastTransitionTime:
211+
format: date-time
212+
type: string
213+
lastUpdateTime:
214+
format: date-time
215+
type: string
216+
message:
217+
type: string
218+
reason:
219+
type: string
220+
status:
221+
type: string
222+
type:
223+
type: string
224+
required:
225+
- type
226+
- status
227+
type: object
228+
type: array
229+
observedGeneration:
230+
format: int64
231+
type: integer
232+
type: object
233+
version: v1beta1

kubeflow_clusters/code-intelligence/.build/application/app.k8s.io_v1beta1_application_application-controller-kubeflow.yaml

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
apiVersion: app.k8s.io/v1beta1
2+
kind: Application
3+
metadata:
4+
name: application-controller-kubeflow
5+
namespace: kubeflow
6+
spec:
7+
addOwnerRef: true
8+
componentKinds:
9+
- group: app.k8s.io
10+
kind: Application
11+
descriptor:
12+
description: application that aggregates all kubeflow applications
13+
keywords:
14+
- kubeflow
15+
links:
16+
- description: About
17+
url: https://kubeflow.org
18+
maintainers:
19+
- email: [email protected]
20+
name: Jeremy Lewi
21+
- email: [email protected]
22+
name: Kam Kasravi
23+
owners:
24+
- email: [email protected]
25+
name: Jeremy Lewi
26+
type: kubeflow
27+
version: v1beta1
28+
selector:
29+
matchLabels:
30+
app.kubernetes.io/component: kubeflow
31+
app.kubernetes.io/instance: kubeflow-v0.7.0
32+
app.kubernetes.io/managed-by: kfctl
33+
app.kubernetes.io/name: kubeflow
34+
app.kubernetes.io/part-of: kubeflow
35+
app.kubernetes.io/version: v0.7.0

kubeflow_clusters/code-intelligence/.build/application/apps_v1_statefulset_application-controller-stateful-set.yaml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
apiVersion: apps/v1
2+
kind: StatefulSet
3+
metadata:
4+
name: application-controller-stateful-set
5+
namespace: kubeflow
6+
spec:
7+
selector:
8+
matchLabels:
9+
app: application-controller
10+
serviceName: application-controller-service
11+
template:
12+
metadata:
13+
annotations:
14+
sidecar.istio.io/inject: "false"
15+
labels:
16+
app: application-controller
17+
spec:
18+
containers:
19+
- command:
20+
- /root/manager
21+
env:
22+
- name: project
23+
value: $(project)
24+
image: gcr.io/kubeflow-images-public/kubernetes-sigs/application:1.0-beta
25+
imagePullPolicy: Always
26+
name: manager
27+
serviceAccountName: application-controller-service-account
28+
volumeClaimTemplates: []

kubeflow_clusters/code-intelligence/.build/application/rbac.authorization.k8s.io_v1_clusterrole_application-controller-cluster-role.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRole
3+
metadata:
4+
name: application-controller-cluster-role
5+
rules:
6+
- apiGroups:
7+
- '*'
8+
resources:
9+
- '*'
10+
verbs:
11+
- get
12+
- list
13+
- update
14+
- patch
15+
- watch
16+
- apiGroups:
17+
- app.k8s.io
18+
resources:
19+
- '*'
20+
verbs:
21+
- '*'

kubeflow_clusters/code-intelligence/.build/application/rbac.authorization.k8s.io_v1_clusterrolebinding_application-controller-cluster-role-binding.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRoleBinding
3+
metadata:
4+
name: application-controller-cluster-role-binding
5+
roleRef:
6+
apiGroup: rbac.authorization.k8s.io
7+
kind: ClusterRole
8+
name: application-controller-cluster-role
9+
subjects:
10+
- kind: ServiceAccount
11+
name: application-controller-service-account
12+
namespace: kubeflow

kubeflow_clusters/code-intelligence/.build/application/~g_v1_service_application-controller-service.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
apiVersion: v1
2+
kind: Service
3+
metadata:
4+
name: application-controller-service
5+
namespace: kubeflow
6+
spec:
7+
ports:
8+
- port: 443

kubeflow_clusters/code-intelligence/.build/application/~g_v1_serviceaccount_application-controller-service-account.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
name: application-controller-service-account
5+
namespace: kubeflow

0 commit comments

Comments
 (0)