From 33af57d3bb7d9502a222a90397339641d036e3e6 Mon Sep 17 00:00:00 2001 From: vsoch Date: Sun, 21 Jul 2024 01:32:43 -0600 Subject: [PATCH] pod: additional features for skypilot Problem: skypilot requires exposing additional pod features for the service account token and restart policy. Solution: add them to the spec. Signed-off-by: vsoch --- api/v1alpha2/minicluster_types.go | 8 +++ api/v1alpha2/swagger.json | 8 +++ api/v1alpha2/zz_generated.openapi.go | 14 +++++ chart/templates/minicluster-crd.yaml | 6 ++ .../flux-framework.org_miniclusters.yaml | 6 ++ controllers/flux/job.go | 19 +++--- controllers/flux/pods.go | 17 +++--- examples/dist/flux-operator-arm.yaml | 6 ++ examples/dist/flux-operator.yaml | 6 ++ .../interactive/minicluster-persistent.yaml | 1 + sdk/python/v1alpha2/docs/PodSpec.md | 2 + .../v1alpha2/fluxoperator/models/pod_spec.py | 58 ++++++++++++++++++- 12 files changed, 133 insertions(+), 18 deletions(-) diff --git a/api/v1alpha2/minicluster_types.go b/api/v1alpha2/minicluster_types.go index 7afafcab..dee7c59a 100644 --- a/api/v1alpha2/minicluster_types.go +++ b/api/v1alpha2/minicluster_types.go @@ -180,10 +180,18 @@ type PodSpec struct { // +optional Labels map[string]string `json:"labels"` + // Restart Policy + // +optional + RestartPolicy string `json:"restartPolicy,omitempty"` + // Service account name for the pod // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` + // Automatically mount the service account name + // +optional + AutomountServiceAccountToken bool `json:"automountServiceAccountToken,omitempty"` + // Scheduler name for the pod // +optional SchedulerName string `json:"schedulerName,omitempty"` diff --git a/api/v1alpha2/swagger.json b/api/v1alpha2/swagger.json index 424ab982..a4e931c9 100644 --- a/api/v1alpha2/swagger.json +++ b/api/v1alpha2/swagger.json @@ -744,6 +744,10 @@ "default": "" } }, + "automountServiceAccountToken": { + "description": "Automatically mount the service account name", + "type": "boolean" + }, "labels": { "description": "Labels for each pod", "type": "object", @@ -767,6 +771,10 @@ "$ref": "#/definitions/IntOrString" } }, + "restartPolicy": { + "description": "Restart Policy", + "type": "string" + }, "schedulerName": { "description": "Scheduler name for the pod", "type": "string" diff --git a/api/v1alpha2/zz_generated.openapi.go b/api/v1alpha2/zz_generated.openapi.go index 0b1792a1..e8d7a275 100644 --- a/api/v1alpha2/zz_generated.openapi.go +++ b/api/v1alpha2/zz_generated.openapi.go @@ -1335,6 +1335,13 @@ func schema_flux_framework_flux_operator_api_v1alpha2_PodSpec(ref common.Referen }, }, }, + "restartPolicy": { + SchemaProps: spec.SchemaProps{ + Description: "Restart Policy", + Type: []string{"string"}, + Format: "", + }, + }, "serviceAccountName": { SchemaProps: spec.SchemaProps{ Description: "Service account name for the pod", @@ -1342,6 +1349,13 @@ func schema_flux_framework_flux_operator_api_v1alpha2_PodSpec(ref common.Referen Format: "", }, }, + "automountServiceAccountToken": { + SchemaProps: spec.SchemaProps{ + Description: "Automatically mount the service account name", + Type: []string{"boolean"}, + Format: "", + }, + }, "schedulerName": { SchemaProps: spec.SchemaProps{ Description: "Scheduler name for the pod", diff --git a/chart/templates/minicluster-crd.yaml b/chart/templates/minicluster-crd.yaml index f8f22982..f4d6c966 100644 --- a/chart/templates/minicluster-crd.yaml +++ b/chart/templates/minicluster-crd.yaml @@ -531,6 +531,9 @@ spec: type: string description: Annotations for each pod type: object + automountServiceAccountToken: + description: Automatically mount the service account name + type: boolean labels: additionalProperties: type: string @@ -549,6 +552,9 @@ spec: x-kubernetes-int-or-string: true description: Resources include limits and requests type: object + restartPolicy: + description: Restart Policy + type: string schedulerName: description: Scheduler name for the pod type: string diff --git a/config/crd/bases/flux-framework.org_miniclusters.yaml b/config/crd/bases/flux-framework.org_miniclusters.yaml index d6190f39..7e8c1db7 100644 --- a/config/crd/bases/flux-framework.org_miniclusters.yaml +++ b/config/crd/bases/flux-framework.org_miniclusters.yaml @@ -534,6 +534,9 @@ spec: type: string description: Annotations for each pod type: object + automountServiceAccountToken: + description: Automatically mount the service account name + type: boolean labels: additionalProperties: type: string @@ -552,6 +555,9 @@ spec: x-kubernetes-int-or-string: true description: Resources include limits and requests type: object + restartPolicy: + description: Restart Policy + type: string schedulerName: description: Scheduler name for the pod type: string diff --git a/controllers/flux/job.go b/controllers/flux/job.go index ee79eeb0..6be186d4 100644 --- a/controllers/flux/job.go +++ b/controllers/flux/job.go @@ -63,15 +63,16 @@ func NewMiniClusterJob(cluster *api.MiniCluster) (*batchv1.Job, error) { }, Spec: corev1.PodSpec{ // matches the service - Subdomain: cluster.Spec.Network.HeadlessName, - ShareProcessNamespace: &cluster.Spec.ShareProcessNamespace, - SetHostnameAsFQDN: &setAsFQDN, - Volumes: getVolumes(cluster), - RestartPolicy: corev1.RestartPolicyOnFailure, - ImagePullSecrets: getImagePullSecrets(cluster), - ServiceAccountName: cluster.Spec.Pod.ServiceAccountName, - NodeSelector: cluster.Spec.Pod.NodeSelector, - SchedulerName: cluster.Spec.Pod.SchedulerName, + Subdomain: cluster.Spec.Network.HeadlessName, + ShareProcessNamespace: &cluster.Spec.ShareProcessNamespace, + SetHostnameAsFQDN: &setAsFQDN, + Volumes: getVolumes(cluster), + ImagePullSecrets: getImagePullSecrets(cluster), + ServiceAccountName: cluster.Spec.Pod.ServiceAccountName, + AutomountServiceAccountToken: &cluster.Spec.Pod.AutomountServiceAccountToken, + RestartPolicy: corev1.RestartPolicy(cluster.Spec.Pod.RestartPolicy), + NodeSelector: cluster.Spec.Pod.NodeSelector, + SchedulerName: cluster.Spec.Pod.SchedulerName, }, }, }, diff --git a/controllers/flux/pods.go b/controllers/flux/pods.go index bf3b67b1..9a4649bf 100644 --- a/controllers/flux/pods.go +++ b/controllers/flux/pods.go @@ -130,14 +130,15 @@ func (r *MiniClusterReconciler) newServicePod( }, Spec: corev1.PodSpec{ // This is the headless service name - Subdomain: cluster.Spec.Network.HeadlessName, - Hostname: podServiceName, - SetHostnameAsFQDN: &setAsFQDN, - Volumes: existingVolumes, - RestartPolicy: corev1.RestartPolicyOnFailure, - ImagePullSecrets: getImagePullSecrets(cluster), - ServiceAccountName: cluster.Spec.Pod.ServiceAccountName, - NodeSelector: cluster.Spec.Pod.NodeSelector, + Subdomain: cluster.Spec.Network.HeadlessName, + Hostname: podServiceName, + SetHostnameAsFQDN: &setAsFQDN, + Volumes: existingVolumes, + ImagePullSecrets: getImagePullSecrets(cluster), + RestartPolicy: corev1.RestartPolicy(cluster.Spec.Pod.RestartPolicy), + ServiceAccountName: cluster.Spec.Pod.ServiceAccountName, + AutomountServiceAccountToken: &cluster.Spec.Pod.AutomountServiceAccountToken, + NodeSelector: cluster.Spec.Pod.NodeSelector, }, } diff --git a/examples/dist/flux-operator-arm.yaml b/examples/dist/flux-operator-arm.yaml index 055bdced..e8862a65 100644 --- a/examples/dist/flux-operator-arm.yaml +++ b/examples/dist/flux-operator-arm.yaml @@ -540,6 +540,9 @@ spec: type: string description: Annotations for each pod type: object + automountServiceAccountToken: + description: Automatically mount the service account name + type: boolean labels: additionalProperties: type: string @@ -558,6 +561,9 @@ spec: x-kubernetes-int-or-string: true description: Resources include limits and requests type: object + restartPolicy: + description: Restart Policy + type: string schedulerName: description: Scheduler name for the pod type: string diff --git a/examples/dist/flux-operator.yaml b/examples/dist/flux-operator.yaml index 8a982953..3436899b 100644 --- a/examples/dist/flux-operator.yaml +++ b/examples/dist/flux-operator.yaml @@ -540,6 +540,9 @@ spec: type: string description: Annotations for each pod type: object + automountServiceAccountToken: + description: Automatically mount the service account name + type: boolean labels: additionalProperties: type: string @@ -558,6 +561,9 @@ spec: x-kubernetes-int-or-string: true description: Resources include limits and requests type: object + restartPolicy: + description: Restart Policy + type: string schedulerName: description: Scheduler name for the pod type: string diff --git a/examples/interactive/minicluster-persistent.yaml b/examples/interactive/minicluster-persistent.yaml index 85b24b29..f7c31e4f 100644 --- a/examples/interactive/minicluster-persistent.yaml +++ b/examples/interactive/minicluster-persistent.yaml @@ -9,6 +9,7 @@ spec: # source /mnt/flux/flux-view.sh # flux proxy $fluxsocket bash # flux resource list + # flux getattr broker.rc1_path # This starts the flux broker without a command (interactive) interactive: true diff --git a/sdk/python/v1alpha2/docs/PodSpec.md b/sdk/python/v1alpha2/docs/PodSpec.md index e282058c..26574529 100644 --- a/sdk/python/v1alpha2/docs/PodSpec.md +++ b/sdk/python/v1alpha2/docs/PodSpec.md @@ -6,9 +6,11 @@ PodSpec controlls variables for the cluster pod Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **annotations** | **dict[str, str]** | Annotations for each pod | [optional] +**automount_service_account_token** | **bool** | Automatically mount the service account name | [optional] **labels** | **dict[str, str]** | Labels for each pod | [optional] **node_selector** | **dict[str, str]** | NodeSelectors for a pod | [optional] **resources** | [**dict[str, IntOrString]**](IntOrString.md) | Resources include limits and requests | [optional] +**restart_policy** | **str** | Restart Policy | [optional] **scheduler_name** | **str** | Scheduler name for the pod | [optional] **service_account_name** | **str** | Service account name for the pod | [optional] diff --git a/sdk/python/v1alpha2/fluxoperator/models/pod_spec.py b/sdk/python/v1alpha2/fluxoperator/models/pod_spec.py index 4879911e..8e082277 100644 --- a/sdk/python/v1alpha2/fluxoperator/models/pod_spec.py +++ b/sdk/python/v1alpha2/fluxoperator/models/pod_spec.py @@ -37,44 +37,54 @@ class PodSpec(object): """ openapi_types = { 'annotations': 'dict[str, str]', + 'automount_service_account_token': 'bool', 'labels': 'dict[str, str]', 'node_selector': 'dict[str, str]', 'resources': 'dict[str, IntOrString]', + 'restart_policy': 'str', 'scheduler_name': 'str', 'service_account_name': 'str' } attribute_map = { 'annotations': 'annotations', + 'automount_service_account_token': 'automountServiceAccountToken', 'labels': 'labels', 'node_selector': 'nodeSelector', 'resources': 'resources', + 'restart_policy': 'restartPolicy', 'scheduler_name': 'schedulerName', 'service_account_name': 'serviceAccountName' } - def __init__(self, annotations=None, labels=None, node_selector=None, resources=None, scheduler_name=None, service_account_name=None, local_vars_configuration=None): # noqa: E501 + def __init__(self, annotations=None, automount_service_account_token=None, labels=None, node_selector=None, resources=None, restart_policy=None, scheduler_name=None, service_account_name=None, local_vars_configuration=None): # noqa: E501 """PodSpec - a model defined in OpenAPI""" # noqa: E501 if local_vars_configuration is None: local_vars_configuration = Configuration.get_default_copy() self.local_vars_configuration = local_vars_configuration self._annotations = None + self._automount_service_account_token = None self._labels = None self._node_selector = None self._resources = None + self._restart_policy = None self._scheduler_name = None self._service_account_name = None self.discriminator = None if annotations is not None: self.annotations = annotations + if automount_service_account_token is not None: + self.automount_service_account_token = automount_service_account_token if labels is not None: self.labels = labels if node_selector is not None: self.node_selector = node_selector if resources is not None: self.resources = resources + if restart_policy is not None: + self.restart_policy = restart_policy if scheduler_name is not None: self.scheduler_name = scheduler_name if service_account_name is not None: @@ -103,6 +113,29 @@ def annotations(self, annotations): self._annotations = annotations + @property + def automount_service_account_token(self): + """Gets the automount_service_account_token of this PodSpec. # noqa: E501 + + Automatically mount the service account name # noqa: E501 + + :return: The automount_service_account_token of this PodSpec. # noqa: E501 + :rtype: bool + """ + return self._automount_service_account_token + + @automount_service_account_token.setter + def automount_service_account_token(self, automount_service_account_token): + """Sets the automount_service_account_token of this PodSpec. + + Automatically mount the service account name # noqa: E501 + + :param automount_service_account_token: The automount_service_account_token of this PodSpec. # noqa: E501 + :type automount_service_account_token: bool + """ + + self._automount_service_account_token = automount_service_account_token + @property def labels(self): """Gets the labels of this PodSpec. # noqa: E501 @@ -172,6 +205,29 @@ def resources(self, resources): self._resources = resources + @property + def restart_policy(self): + """Gets the restart_policy of this PodSpec. # noqa: E501 + + Restart Policy # noqa: E501 + + :return: The restart_policy of this PodSpec. # noqa: E501 + :rtype: str + """ + return self._restart_policy + + @restart_policy.setter + def restart_policy(self, restart_policy): + """Sets the restart_policy of this PodSpec. + + Restart Policy # noqa: E501 + + :param restart_policy: The restart_policy of this PodSpec. # noqa: E501 + :type restart_policy: str + """ + + self._restart_policy = restart_policy + @property def scheduler_name(self): """Gets the scheduler_name of this PodSpec. # noqa: E501