diff --git a/charts/lazy-koala/.helmignore b/charts/lazy-koala/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/lazy-koala/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/lazy-koala/Chart.yaml b/charts/lazy-koala/Chart.yaml new file mode 100644 index 0000000..7f5cf47 --- /dev/null +++ b/charts/lazy-koala/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: lazy-koala +description: A toolkit to apply AIOps to distributed systems + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 1.0.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.0.0" diff --git a/charts/lazy-koala/crds/lazykoala.isala.me_inspectors.yaml b/charts/lazy-koala/crds/lazykoala.isala.me_inspectors.yaml new file mode 100644 index 0000000..cc0ca5d --- /dev/null +++ b/charts/lazy-koala/crds/lazykoala.isala.me_inspectors.yaml @@ -0,0 +1,107 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: inspectors.lazykoala.isala.me +spec: + group: lazykoala.isala.me + names: + kind: Inspector + listKind: InspectorList + plural: inspectors + singular: inspector + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.namespace + name: Namespace + type: string + - jsonPath: .spec.deploymentRef + name: Target Deployment + type: string + - jsonPath: .spec.serviceRef + name: Target ClusterIP + type: string + - jsonPath: .spec.modelName + name: Model Name + type: string + - jsonPath: .status.status + name: Status + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Inspector is the Schema for the inspectors API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: InspectorSpec defines the desired state of Inspector + properties: + deploymentRef: + description: Foo is an example field of Inspector. Edit inspector_types.go + to remove/update + type: string + modelName: + type: string + namespace: + type: string + serviceRef: + type: string + required: + - deploymentRef + - modelName + - namespace + - serviceRef + type: object + status: + description: InspectorStatus defines the observed state of Inspector + properties: + monitoredIPs: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file' + items: + type: string + type: array + podsSelector: + additionalProperties: + type: string + description: MatchingLabels filters the list/delete operation on the + given set of labels. + type: object + status: + enum: + - Creating + - Running + - Error + type: string + required: + - monitoredIPs + - podsSelector + - status + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/lazy-koala/templates/NOTES.txt b/charts/lazy-koala/templates/NOTES.txt new file mode 100644 index 0000000..b87e900 --- /dev/null +++ b/charts/lazy-koala/templates/NOTES.txt @@ -0,0 +1,14 @@ +Lazy Koala was successfully installed the {{ .Release.Namespace }} namespace + +To access the main dashboard, + 1. Run + $ kubectl port-forward svc/inspector 8090:80 -n {{ .Release.Namespace }} + 2. Open http://localhost:8090 in your browser + +Under the settings tab you will be able to find out list of service that's running inside the cluster. +From there you can mark them to be monitored by the gazer agent. + +Finally, Once you navigated to the main dashboard, you can see the list of services that are being monitored and how they interact with each other. + +To Uninstall the Lazy Koala, Simply run + $ helm uninstall {{ .Release.Name }} -n {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/_helpers.tpl b/charts/lazy-koala/templates/_helpers.tpl new file mode 100644 index 0000000..271a1e2 --- /dev/null +++ b/charts/lazy-koala/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "lazy-koala.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "lazy-koala.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "lazy-koala.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "lazy-koala.labels" -}} +helm.sh/chart: {{ include "lazy-koala.chart" . }} +{{ include "lazy-koala.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "lazy-koala.selectorLabels" -}} +app.kubernetes.io/name: {{ include "lazy-koala.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "lazy-koala.serviceAccount.name" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "lazy-koala.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/lazy-koala/templates/gazer/configmap.yaml b/charts/lazy-koala/templates/gazer/configmap.yaml new file mode 100644 index 0000000..975edfa --- /dev/null +++ b/charts/lazy-koala/templates/gazer/configmap.yaml @@ -0,0 +1,9 @@ +{{- if .Values.gazer.create -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: gazer-config + namespace: {{ .Release.Namespace }} +data: + config.yaml: | +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/gazer/daemonset.yaml b/charts/lazy-koala/templates/gazer/daemonset.yaml new file mode 100644 index 0000000..15beace --- /dev/null +++ b/charts/lazy-koala/templates/gazer/daemonset.yaml @@ -0,0 +1,80 @@ +{{- if .Values.gazer.create -}} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: "gazer" + namespace: {{ .Release.Namespace }} + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: gazer +spec: + selector: + matchLabels: + {{- include "lazy-koala.selectorLabels" . | nindent 6 }} + lazykoala: gazer + template: + metadata: + {{- with .Values.gazer.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lazy-koala.selectorLabels" . | nindent 8 }} + lazykoala: gazer + spec: + {{- with .Values.gazer.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + hostNetwork: true + hostPID: true + serviceAccountName: {{ .Values.gazer.serviceAccount.name }} + securityContext: + {{- toYaml .Values.gazer.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.gazer.securityContext | nindent 12 }} + image: "{{ .Values.gazer.image.repository }}:{{ .Values.gazer.image.tag }}" + imagePullPolicy: {{ .Values.gazer.image.pullPolicy }} + ports: + - containerPort: 8000 + name: metrics + resources: + {{- toYaml .Values.gazer.resources | nindent 12 }} + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: PYTHONUNBUFFERED + value: "1" + - name: PYTHONWARNINGS + value: "ignore:Unverified HTTPS request" + volumeMounts: + {{- toYaml .Values.gazer.volumeMounts | nindent 12 }} + initContainers: + - name: init-headers + image: "{{ .Values.gazer.initImage.repository }}:{{ .Values.gazer.initImage.tag }}" + imagePullPolicy: {{ .Values.gazer.initImage.pullPolicy }} + securityContext: + {{- toYaml .Values.gazer.securityContext | nindent 12 }} + volumeMounts: + {{- toYaml .Values.gazer.volumeMounts | nindent 12 }} + {{- with .Values.gazer.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.gazer.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.gazer.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.gazer.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/lazy-koala/templates/gazer/prometheus/configmap.yaml b/charts/lazy-koala/templates/gazer/prometheus/configmap.yaml new file mode 100644 index 0000000..26597d1 --- /dev/null +++ b/charts/lazy-koala/templates/gazer/prometheus/configmap.yaml @@ -0,0 +1,26 @@ +{{- if .Values.gazer.create -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: prometheus-config + namespace: {{ .Release.Namespace }} +data: + prometheus.yml: | + global: + scrape_interval: 10s + scrape_configs: + - job_name: 'lazy-koala' + scrape_interval: 1s + metrics_path: / + kubernetes_sd_configs: + - role: pod + relabel_configs: + - source_labels: [__meta_kubernetes_pod_annotationpresent_lazy_koala_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_pod_container_port_name] + regex: metrics + action: keep + - source_labels: [__meta_kubernetes_pod_container_name] + target_label: gazer +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/gazer/prometheus/deployment.yaml b/charts/lazy-koala/templates/gazer/prometheus/deployment.yaml new file mode 100644 index 0000000..aca50c1 --- /dev/null +++ b/charts/lazy-koala/templates/gazer/prometheus/deployment.yaml @@ -0,0 +1,50 @@ +{{- if .Values.gazer.create -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prometheus + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: prometheus +spec: + selector: + matchLabels: + {{- include "lazy-koala.selectorLabels" . | nindent 6 }} + lazykoala: prometheus + replicas: 1 + template: + metadata: + labels: + {{- include "lazy-koala.selectorLabels" . | nindent 8 }} + lazykoala: prometheus + spec: + serviceAccountName: {{ .Values.gazer.serviceAccount.name }} + securityContext: + runAsUser: 65534 + runAsNonRoot: true + runAsGroup: 65534 + fsGroup: 65534 + containers: + - name: prometheus + image: prom/prometheus:v2.33.1 + args: + [ + "--storage.tsdb.path=/data", + "--config.file=/etc/prometheus/prometheus.yml", + ] + ports: + - containerPort: 9090 + name: default + volumeMounts: + - name: config-volume + mountPath: /etc/prometheus + - name: prom-pvc + mountPath: /data + volumes: + - name: config-volume + configMap: + name: prometheus-config + - name: prom-pvc + persistentVolumeClaim: + claimName: prometheus-lazy-koala-pv +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/gazer/prometheus/volumeclaim.yaml b/charts/lazy-koala/templates/gazer/prometheus/volumeclaim.yaml new file mode 100644 index 0000000..8aeafed --- /dev/null +++ b/charts/lazy-koala/templates/gazer/prometheus/volumeclaim.yaml @@ -0,0 +1,13 @@ +{{- if .Values.gazer.create -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: prometheus-lazy-koala-pv + namespace: {{ .Release.Namespace }} +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/gazer/rolebinding.yaml b/charts/lazy-koala/templates/gazer/rolebinding.yaml new file mode 100644 index 0000000..c67a93a --- /dev/null +++ b/charts/lazy-koala/templates/gazer/rolebinding.yaml @@ -0,0 +1,14 @@ +{{- if .Values.gazer.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gazer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gazer +subjects: + - kind: ServiceAccount + name: {{ .Values.gazer.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/gazer/roles.yaml b/charts/lazy-koala/templates/gazer/roles.yaml new file mode 100644 index 0000000..9ace8b0 --- /dev/null +++ b/charts/lazy-koala/templates/gazer/roles.yaml @@ -0,0 +1,61 @@ +{{- if .Values.gazer.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gazer +rules: + - apiGroups: + - "" + resources: + - nodes/metrics + verbs: + - get + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + - namespaces + - configmaps + verbs: + - get + - list + - watch + - apiGroups: ["apps"] + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - "metrics.k8s.io" + resources: + - podmetrics + - pods + verbs: + - get + - list + - watch + - apiGroups: + - lazykoala.isala.me + resources: + - inspectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/gazer/service.yaml b/charts/lazy-koala/templates/gazer/service.yaml new file mode 100644 index 0000000..95127e5 --- /dev/null +++ b/charts/lazy-koala/templates/gazer/service.yaml @@ -0,0 +1,15 @@ +{{- if .Values.gazer.create -}} +apiVersion: v1 +kind: Service +metadata: + name: prometheus + namespace: {{ .Release.Namespace }} +spec: + selector: + {{- include "lazy-koala.selectorLabels" . | nindent 4 }} + lazykoala: prometheus + ports: + - protocol: TCP + port: 80 + targetPort: 9090 +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/gazer/serviceaccount.yaml b/charts/lazy-koala/templates/gazer/serviceaccount.yaml new file mode 100644 index 0000000..cb069f9 --- /dev/null +++ b/charts/lazy-koala/templates/gazer/serviceaccount.yaml @@ -0,0 +1,14 @@ +{{- if .Values.gazer.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.gazer.serviceAccount.name }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: gazer + {{- with .Values.gazer.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/inspector/inspector.yaml b/charts/lazy-koala/templates/inspector/inspector.yaml new file mode 100644 index 0000000..cf4de3d --- /dev/null +++ b/charts/lazy-koala/templates/inspector/inspector.yaml @@ -0,0 +1,58 @@ +{{- if .Values.inspector.create -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "inspector" + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: inspector +spec: + replicas: 1 + selector: + matchLabels: + {{- include "lazy-koala.selectorLabels" . | nindent 6 }} + lazykoala: inspector + template: + metadata: + {{- with .Values.inspector.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lazy-koala.selectorLabels" . | nindent 8 }} + lazykoala: inspector + spec: + {{- with .Values.inspector.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.operator.serviceAccount.name }} + securityContext: + {{- toYaml .Values.inspector.podSecurityContext | nindent 8 }} + containers: + - name: inspector + command: ["inspector"] + securityContext: + {{- toYaml .Values.inspector.securityContext | nindent 12 }} + image: "{{ .Values.inspector.image.repository }}:{{ .Values.inspector.image.tag }}" + imagePullPolicy: {{ .Values.inspector.image.pullPolicy }} + ports: + - containerPort: 8090 + name: http + env: + {{- toYaml .Values.inspector.env | nindent 12 }} + resources: + {{- toYaml .Values.inspector.resources | nindent 12 }} + {{- with .Values.inspector.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.inspector.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.inspector.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/inspector/service.yaml b/charts/lazy-koala/templates/inspector/service.yaml new file mode 100644 index 0000000..b5790b5 --- /dev/null +++ b/charts/lazy-koala/templates/inspector/service.yaml @@ -0,0 +1,15 @@ +{{- if .Values.sherlock.create -}} +apiVersion: v1 +kind: Service +metadata: + name: inspector + namespace: {{ .Release.Namespace }} +spec: + selector: + {{- include "lazy-koala.selectorLabels" . | nindent 4 }} + lazykoala: inspector + ports: + - protocol: TCP + port: 80 + targetPort: 8090 +{{- end }} diff --git a/charts/lazy-koala/templates/operator/deployment.yaml b/charts/lazy-koala/templates/operator/deployment.yaml new file mode 100644 index 0000000..c78d0d5 --- /dev/null +++ b/charts/lazy-koala/templates/operator/deployment.yaml @@ -0,0 +1,64 @@ +{{- if .Values.operator.create -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "lazy-koala-operator" + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: operator +spec: + replicas: 1 + selector: + matchLabels: + {{- include "lazy-koala.selectorLabels" . | nindent 6 }} + lazykoala: operator + template: + metadata: + {{- with .Values.operator.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lazy-koala.selectorLabels" . | nindent 8 }} + lazykoala: operator + spec: + {{- with .Values.operator.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.operator.serviceAccount.name }} + securityContext: + {{- toYaml .Values.operator.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.operator.securityContext | nindent 12 }} + image: "{{ .Values.operator.image.repository }}:{{ .Values.operator.image.tag }}" + imagePullPolicy: {{ .Values.operator.image.pullPolicy }} + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + {{- toYaml .Values.operator.resources | nindent 12 }} + {{- with .Values.operator.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.operator.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.operator.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/operator/rolebiddings.yaml b/charts/lazy-koala/templates/operator/rolebiddings.yaml new file mode 100644 index 0000000..31dbde1 --- /dev/null +++ b/charts/lazy-koala/templates/operator/rolebiddings.yaml @@ -0,0 +1,14 @@ +{{- if .Values.gazer.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: lazy-koala +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: lazy-koala +subjects: + - kind: ServiceAccount + name: {{ .Values.operator.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/operator/roles.yaml b/charts/lazy-koala/templates/operator/roles.yaml new file mode 100644 index 0000000..380d99a --- /dev/null +++ b/charts/lazy-koala/templates/operator/roles.yaml @@ -0,0 +1,69 @@ +{{- if .Values.operator.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: lazy-koala +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - namespaces + - pods + - services + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list + - watch +- apiGroups: + - lazykoala.isala.me + resources: + - inspectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - lazykoala.isala.me + resources: + - inspectors/finalizers + verbs: + - update +- apiGroups: + - lazykoala.isala.me + resources: + - inspectors/status + verbs: + - get + - patch + - update +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/operator/serviceaccount.yaml b/charts/lazy-koala/templates/operator/serviceaccount.yaml new file mode 100644 index 0000000..ee43e9f --- /dev/null +++ b/charts/lazy-koala/templates/operator/serviceaccount.yaml @@ -0,0 +1,14 @@ +{{- if .Values.operator.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.operator.serviceAccount.name }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: operator + {{- with .Values.operator.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/sherlock/configmap.yaml b/charts/lazy-koala/templates/sherlock/configmap.yaml new file mode 100644 index 0000000..06c17c7 --- /dev/null +++ b/charts/lazy-koala/templates/sherlock/configmap.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: sherlock-config + namespace: {{ .Release.Namespace }} +data: + models.config: | + services.yaml: | \ No newline at end of file diff --git a/charts/lazy-koala/templates/sherlock/deployment.yaml b/charts/lazy-koala/templates/sherlock/deployment.yaml new file mode 100644 index 0000000..6f68069 --- /dev/null +++ b/charts/lazy-koala/templates/sherlock/deployment.yaml @@ -0,0 +1,92 @@ +{{- if .Values.sherlock.create -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "lazy-koala-sherlock" + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: sherlock +spec: + replicas: 1 + selector: + matchLabels: + {{- include "lazy-koala.selectorLabels" . | nindent 6 }} + lazykoala: sherlock + template: + metadata: + {{- with .Values.sherlock.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lazy-koala.selectorLabels" . | nindent 8 }} + lazykoala: sherlock + spec: + {{- with .Values.sherlock.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Values.sherlock.serviceAccountName }} + securityContext: + {{- toYaml .Values.sherlock.podSecurityContext | nindent 8 }} + containers: + - name: sherlock + securityContext: + {{- toYaml .Values.sherlock.securityContext | nindent 12 }} + image: "{{ .Values.sherlock.image.repository }}:{{ .Values.sherlock.image.tag }}" + imagePullPolicy: {{ .Values.sherlock.image.pullPolicy }} + ports: + - containerPort: 9898 + name: metrics + env: + {{- toYaml .Values.sherlock.env | nindent 12 }} + volumeMounts: + - name: sherlock-config + mountPath: /app/config + - name: model-poller + image: "{{ .Values.sherlock.pollerImage.repository }}:{{ .Values.sherlock.pollerImage.tag }}" + imagePullPolicy: {{ .Values.sherlock.pollerImage.pullPolicy }} + env: + - name: BUCKET_NAME + value: {{ .Values.sherlock.bucketName }} + command: + - /bin/bash + - -ce + - |- + mkdir -p models + while true; do gsutil -m rsync -d -r gs://$BUCKET_NAME models; sleep 60; done + - name: servings + image: "{{ .Values.sherlock.servingImage.repository }}:{{ .Values.sherlock.servingImage.tag }}" + imagePullPolicy: {{ .Values.sherlock.servingImage.pullPolicy }} + args: + [ + "--model_config_file_poll_wait_seconds=60", + "--model_config_file=/config/models.config", + ] + ports: + - containerPort: 8501 + name: http + volumeMounts: + - name: sherlock-config + mountPath: /config + - name: model-files + mountPath: /models + volumes: + - name: sherlock-config + configMap: + name: sherlock-config + - name: model-files + emptyDir: {} + {{- with .Values.sherlock.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.sherlock.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.sherlock.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/templates/sherlock/serviceaccount.yaml b/charts/lazy-koala/templates/sherlock/serviceaccount.yaml new file mode 100644 index 0000000..a17267e --- /dev/null +++ b/charts/lazy-koala/templates/sherlock/serviceaccount.yaml @@ -0,0 +1,14 @@ +{{- if .Values.sherlock.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.sherlock.serviceAccount.name }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "lazy-koala.labels" . | nindent 4 }} + lazykoala: sherlock + {{- with .Values.sherlock.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/lazy-koala/values.yaml b/charts/lazy-koala/values.yaml new file mode 100644 index 0000000..48c4da0 --- /dev/null +++ b/charts/lazy-koala/values.yaml @@ -0,0 +1,288 @@ +# Default values for lazy-koala. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +operator: + create: true + image: + repository: ghcr.io/mrsupiri/lazy-koala/controller + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "latest" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + serviceAccount: + annotations: {} + name: "lazy-koala" + + podAnnotations: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +gazer: + create: true + image: + repository: ghcr.io/mrsupiri/lazy-koala/gazer + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "latest" + + initImage: + repository: ghcr.io/mrsupiri/lazy-koala/gazer + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "init" + + prometheusImage: + repository: prom/prometheus + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "v2.33.1" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + serviceAccount: + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "gazer" + + podAnnotations: + lazy-koala/scrape: "true" + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: + privileged: true + capabilities: + add: + - SYS_ADMIN + + volumeMounts: + - name: lsb-release + mountPath: /etc/lsb-release.host + readOnly: false + - name: os-release + mountPath: /etc/os-release.host + readOnly: false + - name: modules-dir + mountPath: /lib/modules + readOnly: false + - name: modules-host + mountPath: /lib/modules.host + readOnly: false + - name: linux-headers-generated + mountPath: /usr/src/ + readOnly: false + - name: boot-host + mountPath: /boot.host + readOnly: false + - name: debug + mountPath: /sys/kernel/debug + readOnly: false + - name: config + mountPath: "/gazer/config" + readOnly: true + + volumes: + - name: lsb-release + hostPath: + path: /etc/lsb-release + - name: os-release + hostPath: + path: /etc/os-release + - name: modules-dir + hostPath: + path: /var/cache/linux-headers/modules_dir + - name: linux-headers-generated + hostPath: + path: /var/cache/linux-headers/generated + - name: boot-host + hostPath: + path: / + - name: modules-host + hostPath: + path: /lib/modules + - name: debug + hostPath: + path: /sys/kernel/debug + - name: config + configMap: + name: gazer-config + + resources: + limits: + ephemeral-storage: "5Gi" + cpu: 500m + memory: 512Mi + requests: + ephemeral-storage: "2Gi" + cpu: 75m + memory: 175Mi + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +sherlock: + create: true + image: + repository: ghcr.io/mrsupiri/lazy-koala/sherlock + pullPolicy: IfNotPresent + tag: "latest" + + pollerImage: + repository: google/cloud-sdk + pullPolicy: IfNotPresent + tag: "latest" + + servingImage: + repository: tensorflow/serving + pullPolicy: IfNotPresent + tag: "latest" + + bucketName: sherlock.isala.me + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + serviceAccount: + # Annotations to add to the service account + annotations: + iam.gke.io/gcp-service-account: sherlock@lazy-koala.iam.gserviceaccount.com + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "sherlock" + + podAnnotations: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + env: + - name: TENSORFLOW_END_POINT + value: "http://localhost:8501/v1/models" + - name: POOL_DURATION + value: "60" + - name: DATA_COLLECT_ONLY + value: "off" + - name: PROMETHEUS_END_POINT + value: "http://prometheus.lazy-koala.svc.cluster.local" + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +inspector: + create: true + image: + repository: ghcr.io/mrsupiri/lazy-koala/inspector + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "latest" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + serviceAccount: + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "inspector" + + podAnnotations: {} + + podSecurityContext: {} + # fsGroup: 2000 + + env: + - name: PROMETHEUS_END_POINT + value: "http://prometheus.lazy-koala.svc.cluster.local" + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + service: + type: ClusterIP + port: 9090 + + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + nodeSelector: {} + + tolerations: [] + + affinity: {} \ No newline at end of file diff --git a/gazer/deployment.yaml b/gazer/deployment.yaml index b913c57..a83542a 100644 --- a/gazer/deployment.yaml +++ b/gazer/deployment.yaml @@ -1,138 +1,139 @@ --- -#apiVersion: v1 -#kind: Namespace -#metadata: -# name: lazy-koala -#--- -#apiVersion: v1 -#kind: ConfigMap -#metadata: -# name: gazer-config -# namespace: lazy-koala -#data: -# config.yaml: | -# apiVersion: apps/v1 -# kind: DaemonSet -# metadata: -# name: gazer -# namespace: lazy-koala -# labels: -# app: gazer -# spec: -# selector: -# matchLabels: -# name: gazer -# template: -# metadata: -# labels: -# name: gazer -# annotations: -# lazy-koala/scrape: "true" -# spec: -# containers: -# - name: gazer -# image: ghcr.io/mrsupiri/lazy-koala/gazer:latest -# ports: -# - containerPort: 8000 -# name: metrics -# imagePullPolicy: IfNotPresent -# resources: -# requests: -# ephemeral-storage: "2Gi" -# env: -# - name: NODE_NAME -# valueFrom: -# fieldRef: -# fieldPath: spec.nodeName -# - name: PYTHONUNBUFFERED -# value: "1" -# - name: PYTHONWARNINGS -# value: "ignore:Unverified HTTPS request" -# securityContext: -# privileged: true -# capabilities: -# add: -# - SYS_ADMIN -# volumeMounts: -# - name: lsb-release -# mountPath: /etc/lsb-release.host -# readOnly: false -# - name: os-release -# mountPath: /etc/os-release.host -# readOnly: false -# - name: modules-dir -# mountPath: /lib/modules -# readOnly: false -# - name: modules-host -# mountPath: /lib/modules.host -# readOnly: false -# - name: linux-headers-generated -# mountPath: /usr/src/ -# readOnly: false -# - name: boot-host -# mountPath: /boot.host -# readOnly: false -# - name: debug -# mountPath: /sys/kernel/debug -# readOnly: false -# - name: config -# mountPath: "/gazer/config" -# readOnly: true -# hostNetwork: true -# hostPID: true -# serviceAccountName: gazer -# initContainers: -# - name: init-headers -# image: ghcr.io/mrsupiri/lazy-koala/gazer:init -# imagePullPolicy: IfNotPresent -# securityContext: -# privileged: true -# capabilities: -# add: ["SYS_ADMIN"] -# volumeMounts: -# - name: lsb-release -# mountPath: /etc/lsb-release.host -# readOnly: false -# - name: os-release -# mountPath: /etc/os-release.host -# readOnly: false -# - name: modules-dir -# mountPath: /lib/modules -# readOnly: false -# - name: modules-host -# mountPath: /lib/modules.host -# readOnly: false -# - name: linux-headers-generated -# mountPath: /usr/src/ -# readOnly: false -# - name: boot-host -# mountPath: /boot.host -# readOnly: false -# volumes: -# - name: lsb-release -# hostPath: -# path: /etc/lsb-release -# - name: os-release -# hostPath: -# path: /etc/os-release -# - name: modules-dir -# hostPath: -# path: /var/cache/linux-headers/modules_dir -# - name: linux-headers-generated -# hostPath: -# path: /var/cache/linux-headers/generated -# - name: boot-host -# hostPath: -# path: / -# - name: modules-host -# hostPath: -# path: /lib/modules -# - name: debug -# hostPath: -# path: /sys/kernel/debug -# - name: config -# configMap: -# name: gazer-config +apiVersion: v1 +kind: Namespace +metadata: + name: lazy-koala +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: gazer-config + namespace: lazy-koala +data: + config.yaml: | +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: gazer + namespace: lazy-koala + labels: + app: gazer +spec: + selector: + matchLabels: + name: gazer + template: + metadata: + labels: + name: gazer + annotations: + lazy-koala/scrape: "true" + spec: + containers: + - name: gazer + image: ghcr.io/mrsupiri/lazy-koala/gazer:latest + ports: + - containerPort: 8000 + name: metrics + imagePullPolicy: IfNotPresent + resources: + requests: + ephemeral-storage: "2Gi" + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: PYTHONUNBUFFERED + value: "1" + - name: PYTHONWARNINGS + value: "ignore:Unverified HTTPS request" + securityContext: + privileged: true + capabilities: + add: + - SYS_ADMIN + volumeMounts: + - name: lsb-release + mountPath: /etc/lsb-release.host + readOnly: false + - name: os-release + mountPath: /etc/os-release.host + readOnly: false + - name: modules-dir + mountPath: /lib/modules + readOnly: false + - name: modules-host + mountPath: /lib/modules.host + readOnly: false + - name: linux-headers-generated + mountPath: /usr/src/ + readOnly: false + - name: boot-host + mountPath: /boot.host + readOnly: false + - name: debug + mountPath: /sys/kernel/debug + readOnly: false + - name: config + mountPath: "/gazer/config" + readOnly: true + hostNetwork: true + hostPID: true + serviceAccountName: gazer + initContainers: + - name: init-headers + image: ghcr.io/mrsupiri/lazy-koala/gazer:init + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + volumeMounts: + - name: lsb-release + mountPath: /etc/lsb-release.host + readOnly: false + - name: os-release + mountPath: /etc/os-release.host + readOnly: false + - name: modules-dir + mountPath: /lib/modules + readOnly: false + - name: modules-host + mountPath: /lib/modules.host + readOnly: false + - name: linux-headers-generated + mountPath: /usr/src/ + readOnly: false + - name: boot-host + mountPath: /boot.host + readOnly: false + volumes: + - name: lsb-release + hostPath: + path: /etc/lsb-release + - name: os-release + hostPath: + path: /etc/os-release + - name: modules-dir + hostPath: + path: /var/cache/linux-headers/modules_dir + - name: linux-headers-generated + hostPath: + path: /var/cache/linux-headers/generated + - name: boot-host + hostPath: + path: / + - name: modules-host + hostPath: + path: /lib/modules + - name: debug + hostPath: + path: /sys/kernel/debug + - name: config + configMap: + name: gazer-config --- apiVersion: apps/v1 kind: Deployment @@ -191,119 +192,119 @@ spec: requests: storage: 8Gi --- -# apiVersion: v1 -# kind: Service -# metadata: -# name: prometheus -# namespace: lazy-koala -# spec: -# selector: -# app: prometheus -# ports: -# - protocol: TCP -# port: 80 -# targetPort: 9090 -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: ClusterRole -# metadata: -# name: gazer -# rules: -# - apiGroups: -# - "" -# resources: -# - nodes/metrics -# verbs: -# - get -# - apiGroups: [""] -# resources: -# - nodes -# - services -# - endpoints -# - pods -# - namespaces -# - configmaps -# verbs: -# - get -# - list -# - watch -# - apiGroups: ["apps"] -# resources: -# - deployments -# verbs: -# - get -# - list -# - watch -# - apiGroups: -# - extensions -# resources: -# - ingresses -# verbs: -# - get -# - list -# - watch -# - apiGroups: -# - "metrics.k8s.io" -# resources: -# - podmetrics -# - pods -# verbs: -# - get -# - list -# - watch -# - apiGroups: -# - lazykoala.isala.me -# resources: -# - inspectors -# verbs: -# - create -# - delete -# - get -# - list -# - patch -# - update -# - watch -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: ClusterRoleBinding -# metadata: -# name: gazer -# roleRef: -# apiGroup: rbac.authorization.k8s.io -# kind: ClusterRole -# name: gazer -# subjects: -# - kind: ServiceAccount -# name: gazer -# namespace: lazy-koala -# --- -# apiVersion: v1 -# kind: ServiceAccount -# metadata: -# name: gazer -# namespace: lazy-koala -# --- -# apiVersion: v1 -# kind: ConfigMap -# metadata: -# name: prometheus-config -# namespace: lazy-koala -# data: -# prometheus.yml: | -# global: -# scrape_interval: 10s -# scrape_configs: -# - job_name: 'lazy-koala' -# scrape_interval: 1s -# metrics_path: / -# kubernetes_sd_configs: -# - role: pod -# relabel_configs: -# - source_labels: [__meta_kubernetes_pod_annotationpresent_lazy_koala_scrape] -# action: keep -# regex: true -# - source_labels: [__meta_kubernetes_pod_container_port_name] -# regex: metrics -# action: keep -# - source_labels: [__meta_kubernetes_pod_container_name] -# target_label: gazer +apiVersion: v1 +kind: Service +metadata: + name: prometheus + namespace: lazy-koala +spec: + selector: + app: prometheus + ports: + - protocol: TCP + port: 80 + targetPort: 9090 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gazer +rules: + - apiGroups: + - "" + resources: + - nodes/metrics + verbs: + - get + - apiGroups: [""] + resources: + - nodes + - services + - endpoints + - pods + - namespaces + - configmaps + verbs: + - get + - list + - watch + - apiGroups: ["apps"] + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - "metrics.k8s.io" + resources: + - podmetrics + - pods + verbs: + - get + - list + - watch + - apiGroups: + - lazykoala.isala.me + resources: + - inspectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gazer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gazer +subjects: + - kind: ServiceAccount + name: gazer + namespace: lazy-koala +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gazer + namespace: lazy-koala +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: prometheus-config + namespace: lazy-koala +data: + prometheus.yml: | + global: + scrape_interval: 10s + scrape_configs: + - job_name: 'lazy-koala' + scrape_interval: 1s + metrics_path: / + kubernetes_sd_configs: + - role: pod + relabel_configs: + - source_labels: [__meta_kubernetes_pod_annotationpresent_lazy_koala_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_pod_container_port_name] + regex: metrics + action: keep + - source_labels: [__meta_kubernetes_pod_container_name] + target_label: gazer diff --git a/inspector/deployment.yaml b/inspector/deployment.yaml index ae81c6d..8e5b817 100644 --- a/inspector/deployment.yaml +++ b/inspector/deployment.yaml @@ -17,7 +17,6 @@ spec: containers: - name: inspector command: ["inspector"] - # args: ["-c", "while true; do echo hello; sleep 10;done"] imagePullPolicy: Always image: ghcr.io/mrsupiri/lazy-koala/inspector:latest ports: diff --git a/sherlock/deployment.yaml b/sherlock/deployment.yaml index cbd7dbc..903b164 100644 --- a/sherlock/deployment.yaml +++ b/sherlock/deployment.yaml @@ -34,15 +34,6 @@ spec: volumeMounts: - name: sherlock-config mountPath: /app/config - # - name: data-exporter - # imagePullPolicy: Always - # image: asia.gcr.io/iconicto/data-exporter:latest - # ports: - # - containerPort: 5000 - # name: http - # env: - # - name: MONGODB_URI - # value: "" - image: google/cloud-sdk name: model-poller imagePullPolicy: IfNotPresent @@ -80,21 +71,21 @@ spec: name: sherlock-config - name: model-files emptyDir: {} -# --- -# apiVersion: v1 -# kind: ConfigMap -# metadata: -# name: sherlock-config -# namespace: lazy-koala -# data: -# models.config: | -# services.yaml: | -# --- -## https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity -# apiVersion: v1 -# kind: ServiceAccount -# metadata: -# annotations: -# iam.gke.io/gcp-service-account: sherlock@lazy-koala.iam.gserviceaccount.com -# name: gke-workload-identity -# namespace: lazy-koala \ No newline at end of file +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: sherlock-config + namespace: lazy-koala +data: + models.config: | + services.yaml: | +--- +# https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + iam.gke.io/gcp-service-account: sherlock@lazy-koala.iam.gserviceaccount.com + name: gke-workload-identity + namespace: lazy-koala \ No newline at end of file