From fecedf0abf7d47dbc9f6725616fae90b6a560b6b Mon Sep 17 00:00:00 2001 From: Suraj Kota Date: Thu, 6 May 2021 03:46:29 +0000 Subject: [PATCH 1/6] helper scripts for canary --- test/canary/Dockerfile.canary | 49 +++++++++++++++++++ test/canary/canary.buildspec.yaml | 32 ++++++++++++ .../canary/scripts/install_controller_helm.sh | 23 +++++++++ test/canary/scripts/run_test.sh | 33 +++++++++++++ test/canary/scripts/setup_oidc.sh | 42 ++++++++++++++++ test/e2e/requirements.txt | 2 +- test/e2e/service_bootstrap.py | 9 +++- 7 files changed, 188 insertions(+), 2 deletions(-) create mode 100644 test/canary/Dockerfile.canary create mode 100644 test/canary/canary.buildspec.yaml create mode 100644 test/canary/scripts/install_controller_helm.sh create mode 100644 test/canary/scripts/run_test.sh create mode 100644 test/canary/scripts/setup_oidc.sh diff --git a/test/canary/Dockerfile.canary b/test/canary/Dockerfile.canary new file mode 100644 index 00000000..97dc0f94 --- /dev/null +++ b/test/canary/Dockerfile.canary @@ -0,0 +1,49 @@ +FROM ubuntu:18.04 + +# Build time parameters +ARG SERVICE_REPO_NAME + +RUN apt-get update && apt-get install -y curl \ + wget \ + git \ + python3.8 \ + python3-pip \ + python3.8-dev \ + vim \ + sudo \ + jq \ + unzip + +# Install awscli +RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ + && unzip -qq awscliv2.zip \ + && ./aws/install + +# Add yq repository and install yq +RUN apt-get update && apt install -y software-properties-common \ + && sudo add-apt-repository ppa:rmescandon/yq \ + && apt update && apt install -y yq + +# Install kubectl +RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kubectl \ + && chmod +x ./kubectl \ + && cp ./kubectl /bin + +# Install eksctl +RUN curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/latest_release/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp && mv /tmp/eksctl /bin + +# Install Helm +RUN curl -q -L "https://get.helm.sh/helm-v3.2.4-linux-amd64.tar.gz" | tar zxf - -C /usr/local/bin/ +RUN mv /usr/local/bin/linux-amd64/helm /usr/local/bin/helm \ + && rm -r /usr/local/bin/linux-amd64 \ + && chmod +x /usr/local/bin/helm + +COPY ./ /$SERVICE_REPO_NAME +ENV SERVICE_REPO_PATH_DOCKER=/$SERVICE_REPO_NAME + +RUN ln -s /usr/bin/python3.8 /usr/bin/python + +RUN python -m pip install -r $SERVICE_REPO_PATH_DOCKER/test/e2e/requirements.txt + +WORKDIR /$SERVICE_REPO_NAME +CMD ["./test/canary/scripts/run_test.sh"] \ No newline at end of file diff --git a/test/canary/canary.buildspec.yaml b/test/canary/canary.buildspec.yaml new file mode 100644 index 00000000..cf407e0e --- /dev/null +++ b/test/canary/canary.buildspec.yaml @@ -0,0 +1,32 @@ +version: 0.2 + +phases: + pre_build: + commands: + # Make all shell scripts executable. This is required when running code copied from S3 + - find ./ -type f -name "*.sh" -exec chmod +x {} \; + - export CODEBUILD_WORKING_DIRECTORY=$(pwd) + + # Get cached test image + - aws ecr get-login-password --region $CLUSTER_REGION | docker login --username AWS --password-stdin $ECR_CACHE_URI || true + - docker pull ${ECR_CACHE_URI}:latest --quiet || true + + # Login to dockerhub to avoid hitting throttle limit + - docker login -u $DOCKER_CONFIG_USERNAME -p $DOCKER_CONFIG_PASSWORD + + # Build test image + - > + docker build -f ./test/canary/Dockerfile.canary . -t ${ECR_CACHE_URI}:latest --quiet + --build-arg SERVICE_REPO_NAME="${SERVICE_REPO_PATH##*/}" + || echo "Docker Build Failed" || true + build: + commands: + - cd $CODEBUILD_WORKING_DIRECTORY + + # Run tests + - docker run --name ack-canary $(env | cut -f1 -d= | sed 's/^/-e /') --mount type=bind,source="$(pwd)/",target="/app/" ${ECR_CACHE_URI}:latest + + # Push test image to cache ECR repo + - docker push ${ECR_CACHE_URI}:latest --quiet || true + + diff --git a/test/canary/scripts/install_controller_helm.sh b/test/canary/scripts/install_controller_helm.sh new file mode 100644 index 00000000..4cc00af0 --- /dev/null +++ b/test/canary/scripts/install_controller_helm.sh @@ -0,0 +1,23 @@ +# Deploy ACK Helm Charts + +# Inputs to this file as environment variables +# SERVICE_REPO_PATH_DOCKER +# OIDC_ROLE_ARN +# SERVICE +# SERVICE_REGION + +cd $SERVICE_REPO_PATH_DOCKER + +yq w -i helm/values.yaml "serviceAccount.annotations" "" +yq w -i helm/values.yaml 'serviceAccount.annotations."eks.amazonaws.com/role-arn"' "$OIDC_ROLE_ARN" +yq w -i helm/values.yaml "aws.region" $SERVICE_REGION + +export ACK_K8S_NAMESPACE=${NAMESPACE:-"ack-system"} +kubectl create namespace $ACK_K8S_NAMESPACE + +helm delete -n $ACK_K8S_NAMESPACE ack-$SERVICE-controller +helm install -n $ACK_K8S_NAMESPACE ack-$SERVICE-controller helm + +echo "Make sure helm charts are deployed properly" +kubectl -n $ACK_K8S_NAMESPACE get pods +kubectl get crds \ No newline at end of file diff --git a/test/canary/scripts/run_test.sh b/test/canary/scripts/run_test.sh new file mode 100644 index 00000000..cfa2325b --- /dev/null +++ b/test/canary/scripts/run_test.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# cleanup on EXIT regardles of error + +# Inputs to this file as environment variables +# SERVICE +# SERVICE_REGION + +function cleanup { + echo "Cleaning up resources" + cd $SERVICE_REPO_PATH_DOCKER/test/e2e/ + python ./cleanup.py $SERVICE +} +trap cleanup EXIT + +# Setup OIDC +. ./test/e2e/canary/scripts/setup_oidc.sh + +# Install service helm chart +. ./test/e2e/canary/scripts/install_controller_helm.sh + +# create resources for test +cd $SERVICE_REPO_PATH_DOCKER/test/e2e/ + +export AWS_ROLE_ARN=$(aws sts get-caller-identity --query "Arn") +export AWS_DEFAULT_REGION=$SERVICE_REGION + +python ./bootstrap.py $SERVICE +sleep 10m + +# TOOODOOOOO: RUN ALL TESTS run tests +echo "Run Tests" +PYTHONPATH=. pytest -n 10 --dist loadfile --log-cli-level INFO $SERVICE -m canary tests/test_model.py \ No newline at end of file diff --git a/test/canary/scripts/setup_oidc.sh b/test/canary/scripts/setup_oidc.sh new file mode 100644 index 00000000..77281d46 --- /dev/null +++ b/test/canary/scripts/setup_oidc.sh @@ -0,0 +1,42 @@ +# OIDC Setup + +# Inputs to this file as environment variables +# CLUSTER_REGION +# CLUSTER_NAME + +NAMESPACE=${NAMESPACE:-"ack-system"} + +AWS_ACC_NUM=$(aws sts get-caller-identity --output text --query "Account") +aws --region $CLUSTER_REGION eks update-kubeconfig --name $CLUSTER_NAME +eksctl utils associate-iam-oidc-provider --cluster $CLUSTER_NAME --region $CLUSTER_REGION --approve + +OIDC_URL=$(aws eks describe-cluster --region $CLUSTER_REGION --name $CLUSTER_NAME --query "cluster.identity.oidc.issuer" --output text | cut -c9-) + +cat < trust.json +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Federated": "arn:aws:iam::$AWS_ACC_NUM:oidc-provider/$OIDC_URL" + }, + "Action": "sts:AssumeRoleWithWebIdentity", + "Condition": { + "StringEquals": { + "$OIDC_URL:aud": "sts.amazonaws.com", + "$OIDC_URL:sub": ["system:serviceaccount:${NAMESPACE}:ack-sagemaker-controller"] + } + } + } + ] +} +EOF + + +# TODO : check if iam role exists +aws iam create-role --role-name ack-oidc-role-$CLUSTER_NAME --assume-role-policy-document file://trust.json +aws iam attach-role-policy --role-name ack-oidc-role-$CLUSTER_NAME --policy-arn arn:aws:iam::aws:policy/AmazonSageMakerFullAccess +aws iam attach-role-policy --role-name ack-oidc-role-$CLUSTER_NAME --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess + +export OIDC_ROLE_ARN=$(aws iam get-role --role-name ack-oidc-role-$CLUSTER_NAME --output text --query 'Role.Arn') \ No newline at end of file diff --git a/test/e2e/requirements.txt b/test/e2e/requirements.txt index fb0a773b..90c5afa1 100644 --- a/test/e2e/requirements.txt +++ b/test/e2e/requirements.txt @@ -1,2 +1,2 @@ -acktest @ git+https://github.com/aws-controllers-k8s/test-infra.git@955d7831ee374a212250179e95a5f3b75e555fd9 +acktest @ git+https://github.com/surajkota/test-infra.git@refresh-token black==20.8b1 diff --git a/test/e2e/service_bootstrap.py b/test/e2e/service_bootstrap.py index b9f1f787..c2063b9e 100644 --- a/test/e2e/service_bootstrap.py +++ b/test/e2e/service_bootstrap.py @@ -17,6 +17,7 @@ import json import logging import time +import subprocess from acktest import resources from acktest.aws.identity import get_region, get_account_id @@ -88,7 +89,13 @@ def create_data_bucket() -> str: source_bucket = s3_resource.Bucket(SAGEMAKER_SOURCE_DATA_BUCKET) destination_bucket = s3_resource.Bucket(bucket_name) - duplicate_bucket_contents(source_bucket, destination_bucket) + temp_dir = "/tmp/ack_s3_data" + # duplicate_bucket_contents(source_bucket, destination_bucket) + # workaround to copy if buckets are across regions + # TODO: check if there is a better way and merge to test-infra + subprocess.call(['mkdir',f'{temp_dir}']) + subprocess.call(['aws', 's3', 'sync', f's3://{SAGEMAKER_SOURCE_DATA_BUCKET}', f'./{temp_dir}/', '--quiet']) + subprocess.call(['aws', 's3', 'sync', f'./{temp_dir}/', f's3://{bucket_name}', '--quiet']) logging.info(f"Synced data bucket") From 727a0d153156a52e69a94bcfcb441d4c669f554b Mon Sep 17 00:00:00 2001 From: Suraj Kota Date: Thu, 6 May 2021 20:11:06 +0000 Subject: [PATCH 2/6] add helm charts --- helm/Chart.yaml | 18 + ...ces.k8s.aws_dataqualityjobdefinitions.yaml | 258 +++++++ ...aker.services.k8s.aws_endpointconfigs.yaml | 201 +++++ .../sagemaker.services.k8s.aws_endpoints.yaml | 205 ++++++ ...ices.k8s.aws_hyperparametertuningjobs.yaml | 686 ++++++++++++++++++ ...vices.k8s.aws_modelbiasjobdefinitions.yaml | 246 +++++++ ...aws_modelexplainabilityjobdefinitions.yaml | 243 +++++++ ...es.k8s.aws_modelqualityjobdefinitions.yaml | 260 +++++++ .../sagemaker.services.k8s.aws_models.yaml | 227 ++++++ ....services.k8s.aws_monitoringschedules.yaml | 313 ++++++++ ...maker.services.k8s.aws_processingjobs.yaml | 323 +++++++++ ...gemaker.services.k8s.aws_trainingjobs.yaml | 506 +++++++++++++ ...emaker.services.k8s.aws_transformjobs.yaml | 270 +++++++ helm/templates/_helpers.tpl | 32 + helm/templates/cluster-role-binding.yaml | 12 + helm/templates/cluster-role-controller.yaml | 264 +++++++ helm/templates/deployment.yaml | 65 ++ helm/templates/role-reader.yaml | 23 + helm/templates/role-writer.yaml | 50 ++ helm/templates/service-account.yaml | 17 + helm/values.yaml | 43 ++ 21 files changed, 4262 insertions(+) create mode 100644 helm/Chart.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_endpoints.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_models.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml create mode 100644 helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml create mode 100644 helm/templates/_helpers.tpl create mode 100644 helm/templates/cluster-role-binding.yaml create mode 100644 helm/templates/cluster-role-controller.yaml create mode 100644 helm/templates/deployment.yaml create mode 100644 helm/templates/role-reader.yaml create mode 100644 helm/templates/role-writer.yaml create mode 100644 helm/templates/service-account.yaml create mode 100644 helm/values.yaml diff --git a/helm/Chart.yaml b/helm/Chart.yaml new file mode 100644 index 00000000..766de3aa --- /dev/null +++ b/helm/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +name: ack-sagemaker-controller +description: A Helm chart for the ACK service controller for sagemaker +version: v0.0.1 +appVersion: v0.0.1 +home: https://github.com/aws-controllers-k8s/sagemaker-controller +icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png +sources: + - https://github.com/aws-controllers-k8s/sagemaker-controller +maintainers: + - name: ACK Admins + url: https://github.com/orgs/aws-controllers-k8s/teams/ack-admin + - name: sagemaker Admins + url: https://github.com/orgs/aws-controllers-k8s/teams/sagemaker-maintainer +keywords: + - aws + - kubernetes + - sagemaker diff --git a/helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml new file mode 100644 index 00000000..6e4596fb --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml @@ -0,0 +1,258 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: dataqualityjobdefinitions.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: DataQualityJobDefinition + listKind: DataQualityJobDefinitionList + plural: dataqualityjobdefinitions + singular: dataqualityjobdefinition + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: DataQualityJobDefinition is the Schema for the DataQualityJobDefinitions + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DataQualityJobDefinitionSpec defines the desired state of + DataQualityJobDefinition + properties: + dataQualityAppSpecification: + description: Specifies the container that runs the monitoring job. + properties: + containerArguments: + items: + type: string + type: array + containerEntrypoint: + items: + type: string + type: array + environment: + additionalProperties: + type: string + type: object + imageURI: + type: string + postAnalyticsProcessorSourceURI: + type: string + recordPreprocessorSourceURI: + type: string + type: object + dataQualityBaselineConfig: + description: Configures the constraints and baselines for the monitoring + job. + properties: + baseliningJobName: + type: string + constraintsResource: + properties: + s3URI: + type: string + type: object + statisticsResource: + properties: + s3URI: + type: string + type: object + type: object + dataQualityJobInput: + description: A list of inputs for the monitoring job. Currently endpoints + are supported as monitoring inputs. + properties: + endpointInput: + properties: + endTimeOffset: + type: string + endpointName: + type: string + featuresAttribute: + type: string + inferenceAttribute: + type: string + localPath: + type: string + probabilityAttribute: + type: string + probabilityThresholdAttribute: + type: number + s3DataDistributionType: + type: string + s3InputMode: + type: string + startTimeOffset: + type: string + type: object + type: object + dataQualityJobOutputConfig: + properties: + kmsKeyID: + type: string + monitoringOutputs: + items: + properties: + s3Output: + properties: + localPath: + type: string + s3URI: + type: string + s3UploadMode: + type: string + type: object + type: object + type: array + type: object + jobDefinitionName: + description: The name for the monitoring job definition. + type: string + jobResources: + properties: + clusterConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: object + networkConfig: + description: Specifies networking configuration for the monitoring + job. + properties: + enableInterContainerTrafficEncryption: + type: boolean + enableNetworkIsolation: + type: boolean + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + roleARN: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon + SageMaker can assume to perform tasks on your behalf. + type: string + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + type: object + required: + - dataQualityAppSpecification + - dataQualityJobInput + - dataQualityJobOutputConfig + - jobDefinitionName + - jobResources + - roleARN + type: object + status: + description: DataQualityJobDefinitionStatus defines the observed state + of DataQualityJobDefinition + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml b/helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml new file mode 100644 index 00000000..febb2b14 --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml @@ -0,0 +1,201 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: endpointconfigs.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: EndpointConfig + listKind: EndpointConfigList + plural: endpointconfigs + singular: endpointconfig + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: EndpointConfig is the Schema for the EndpointConfigs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: EndpointConfigSpec defines the desired state of EndpointConfig + properties: + dataCaptureConfig: + properties: + captureContentTypeHeader: + properties: + csvContentTypes: + items: + type: string + type: array + jsonContentTypes: + items: + type: string + type: array + type: object + captureOptions: + items: + properties: + captureMode: + type: string + type: object + type: array + destinationS3URI: + type: string + enableCapture: + type: boolean + initialSamplingPercentage: + format: int64 + type: integer + kmsKeyID: + type: string + type: object + endpointConfigName: + description: The name of the endpoint configuration. You specify this + name in a CreateEndpoint request. + type: string + kmsKeyID: + description: "The Amazon Resource Name (ARN) of a AWS Key Management + Service key that Amazon SageMaker uses to encrypt data on the storage + volume attached to the ML compute instance that hosts the endpoint. + \n The KmsKeyId can be any of the following formats: \n * Key + ID: 1234abcd-12ab-34cd-56ef-1234567890ab \n * Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + \n * Alias name: alias/ExampleAlias \n * Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias + \n The KMS key policy must grant permission to the IAM role that + you specify in your CreateEndpoint, UpdateEndpoint requests. For + more information, refer to the AWS Key Management Service section + Using Key Policies in AWS KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) + \n Certain Nitro-based instances include local storage, dependent + on the instance type. Local storage volumes are encrypted using + a hardware module on the instance. You can't request a KmsKeyId + when using an instance type with local storage. If any of the models + that you specify in the ProductionVariants parameter use nitro-based + instances with local storage, do not specify a value for the KmsKeyId + parameter. If you specify a value for KmsKeyId when using any nitro-based + instances with local storage, the call to CreateEndpointConfig fails. + \n For a list of instance types that support local instance storage, + see Instance Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes). + \n For more information about local instance storage encryption, + see SSD Instance Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html)." + type: string + productionVariants: + description: An list of ProductionVariant objects, one for each model + that you want to host at this endpoint. + items: + properties: + acceleratorType: + type: string + coreDumpConfig: + properties: + destinationS3URI: + type: string + kmsKeyID: + type: string + type: object + initialInstanceCount: + format: int64 + type: integer + initialVariantWeight: + type: number + instanceType: + type: string + modelName: + type: string + variantName: + type: string + type: object + type: array + required: + - endpointConfigName + - productionVariants + type: object + status: + description: EndpointConfigStatus defines the observed state of EndpointConfig + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_endpoints.yaml b/helm/crds/sagemaker.services.k8s.aws_endpoints.yaml new file mode 100644 index 00000000..3c848867 --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_endpoints.yaml @@ -0,0 +1,205 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: endpoints.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: Endpoint + listKind: EndpointList + plural: endpoints + singular: endpoint + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.endpointStatus + name: EndpointStatus + type: string + - jsonPath: .status.failureReason + name: FailureReason + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Endpoint is the Schema for the Endpoints API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: EndpointSpec defines the desired state of Endpoint + properties: + endpointConfigName: + description: The name of an endpoint configuration. For more information, + see CreateEndpointConfig. + type: string + endpointName: + description: The name of the endpoint.The name must be unique within + an AWS Region in your AWS account. The name is case-insensitive + in CreateEndpoint, but the case is preserved and must be matched + in . + type: string + required: + - endpointConfigName + - endpointName + type: object + status: + description: EndpointStatus defines the observed state of Endpoint + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + creationTime: + description: A timestamp that shows when the endpoint was created. + format: date-time + type: string + endpointStatus: + description: "The status of the endpoint. \n * OutOfService: Endpoint + is not available to take incoming requests. \n * Creating: CreateEndpoint + is executing. \n * Updating: UpdateEndpoint or UpdateEndpointWeightsAndCapacities + is executing. \n * SystemUpdating: Endpoint is undergoing maintenance + and cannot be updated or deleted or re-scaled until it has completed. + This maintenance operation does not change any customer-specified + values such as VPC config, KMS encryption, model, instance type, + or instance count. \n * RollingBack: Endpoint fails to scale + up or down or change its variant weight and is in the process + of rolling back to its previous configuration. Once the rollback + completes, endpoint returns to an InService status. This transitional + status only applies to an endpoint that has autoscaling enabled + and is undergoing variant weight or capacity changes as part of + \ an UpdateEndpointWeightsAndCapacities call or when the UpdateEndpointWeightsAndCapacities + \ operation is called explicitly. \n * InService: Endpoint + is available to process incoming requests. \n * Deleting: DeleteEndpoint + is executing. \n * Failed: Endpoint could not be created, updated, + or re-scaled. Use DescribeEndpointOutput$FailureReason for information + about the failure. DeleteEndpoint is the only operation that + can be performed on a failed endpoint." + type: string + failureReason: + description: If the status of the endpoint is Failed, the reason why + it failed. + type: string + lastEndpointConfigNameForUpdate: + description: Name of the Amazon SageMaker endpoint configuration. + type: string + lastModifiedTime: + description: A timestamp that shows when the endpoint was last modified. + format: date-time + type: string + latestEndpointConfigName: + description: The name of the endpoint configuration associated with + this endpoint. + type: string + productionVariants: + description: An array of ProductionVariantSummary objects, one for + each model hosted behind this endpoint. + items: + properties: + currentInstanceCount: + format: int64 + type: integer + currentWeight: + type: number + deployedImages: + items: + properties: + resolutionTime: + format: date-time + type: string + resolvedImage: + type: string + specifiedImage: + type: string + type: object + type: array + desiredInstanceCount: + format: int64 + type: integer + desiredWeight: + type: number + variantName: + type: string + type: object + type: array + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml new file mode 100644 index 00000000..f0736f81 --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml @@ -0,0 +1,686 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: hyperparametertuningjobs.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: HyperParameterTuningJob + listKind: HyperParameterTuningJobList + plural: hyperparametertuningjobs + singular: hyperparametertuningjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.failureReason + name: FailureReason + type: string + - jsonPath: .status.hyperParameterTuningJobStatus + name: HyperParameterTuningJobStatus + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: HyperParameterTuningJob is the Schema for the HyperParameterTuningJobs + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HyperParameterTuningJobSpec defines the desired state of + HyperParameterTuningJob + properties: + hyperParameterTuningJobConfig: + description: The HyperParameterTuningJobConfig object that describes + the tuning job, including the search strategy, the objective metric + used to evaluate training jobs, ranges of parameters to search, + and resource limits for the tuning job. For more information, see + How Hyperparameter Tuning Works (https://docs.aws.amazon.com/sagemaker/latest/dg/automatic-model-tuning-how-it-works.html). + properties: + hyperParameterTuningJobObjective: + properties: + metricName: + type: string + type_: + type: string + type: object + parameterRanges: + properties: + categoricalParameterRanges: + items: + properties: + name: + type: string + values: + items: + type: string + type: array + type: object + type: array + continuousParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + type: object + type: array + integerParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + type: object + type: array + type: object + resourceLimits: + properties: + maxNumberOfTrainingJobs: + format: int64 + type: integer + maxParallelTrainingJobs: + format: int64 + type: integer + type: object + strategy: + type: string + trainingJobEarlyStoppingType: + type: string + tuningJobCompletionCriteria: + properties: + targetObjectiveMetricValue: + type: number + type: object + type: object + hyperParameterTuningJobName: + description: 'The name of the tuning job. This name is the prefix + for the names of all training jobs that this tuning job launches. + The name must be unique within the same AWS account and AWS Region. + The name must have 1 to 32 characters. Valid characters are a-z, + A-Z, 0-9, and : + = @ _ % - (hyphen). The name is not case sensitive.' + type: string + trainingJobDefinition: + description: The HyperParameterTrainingJobDefinition object that describes + the training jobs that this tuning job launches, including static + hyperparameters, input data configuration, output data configuration, + resource configuration, and stopping condition. + properties: + algorithmSpecification: + properties: + algorithmName: + type: string + metricDefinitions: + items: + properties: + name: + type: string + regex: + type: string + type: object + type: array + trainingImage: + type: string + trainingInputMode: + type: string + type: object + checkpointConfig: + properties: + localPath: + type: string + s3URI: + type: string + type: object + definitionName: + type: string + enableInterContainerTrafficEncryption: + type: boolean + enableManagedSpotTraining: + type: boolean + enableNetworkIsolation: + type: boolean + hyperParameterRanges: + properties: + categoricalParameterRanges: + items: + properties: + name: + type: string + values: + items: + type: string + type: array + type: object + type: array + continuousParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + type: object + type: array + integerParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + type: object + type: array + type: object + inputDataConfig: + items: + properties: + channelName: + type: string + compressionType: + type: string + contentType: + type: string + dataSource: + properties: + fileSystemDataSource: + properties: + directoryPath: + type: string + fileSystemAccessMode: + type: string + fileSystemID: + type: string + fileSystemType: + type: string + type: object + s3DataSource: + properties: + attributeNames: + items: + type: string + type: array + s3DataDistributionType: + type: string + s3DataType: + type: string + s3URI: + type: string + type: object + type: object + inputMode: + type: string + recordWrapperType: + type: string + shuffleConfig: + properties: + seed: + format: int64 + type: integer + type: object + type: object + type: array + outputDataConfig: + properties: + kmsKeyID: + type: string + s3OutputPath: + type: string + type: object + resourceConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + roleARN: + type: string + staticHyperParameters: + additionalProperties: + type: string + type: object + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + maxWaitTimeInSeconds: + format: int64 + type: integer + type: object + tuningObjective: + properties: + metricName: + type: string + type_: + type: string + type: object + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + trainingJobDefinitions: + description: A list of the HyperParameterTrainingJobDefinition objects + launched for this tuning job. + items: + properties: + algorithmSpecification: + properties: + algorithmName: + type: string + metricDefinitions: + items: + properties: + name: + type: string + regex: + type: string + type: object + type: array + trainingImage: + type: string + trainingInputMode: + type: string + type: object + checkpointConfig: + properties: + localPath: + type: string + s3URI: + type: string + type: object + definitionName: + type: string + enableInterContainerTrafficEncryption: + type: boolean + enableManagedSpotTraining: + type: boolean + enableNetworkIsolation: + type: boolean + hyperParameterRanges: + properties: + categoricalParameterRanges: + items: + properties: + name: + type: string + values: + items: + type: string + type: array + type: object + type: array + continuousParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + type: object + type: array + integerParameterRanges: + items: + properties: + maxValue: + type: string + minValue: + type: string + name: + type: string + scalingType: + type: string + type: object + type: array + type: object + inputDataConfig: + items: + properties: + channelName: + type: string + compressionType: + type: string + contentType: + type: string + dataSource: + properties: + fileSystemDataSource: + properties: + directoryPath: + type: string + fileSystemAccessMode: + type: string + fileSystemID: + type: string + fileSystemType: + type: string + type: object + s3DataSource: + properties: + attributeNames: + items: + type: string + type: array + s3DataDistributionType: + type: string + s3DataType: + type: string + s3URI: + type: string + type: object + type: object + inputMode: + type: string + recordWrapperType: + type: string + shuffleConfig: + properties: + seed: + format: int64 + type: integer + type: object + type: object + type: array + outputDataConfig: + properties: + kmsKeyID: + type: string + s3OutputPath: + type: string + type: object + resourceConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + roleARN: + type: string + staticHyperParameters: + additionalProperties: + type: string + type: object + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + maxWaitTimeInSeconds: + format: int64 + type: integer + type: object + tuningObjective: + properties: + metricName: + type: string + type_: + type: string + type: object + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + type: array + warmStartConfig: + description: "Specifies the configuration for starting the hyperparameter + tuning job using one or more previous tuning jobs as a starting + point. The results of previous tuning jobs are used to inform which + combinations of hyperparameters to search over in the new tuning + job. \n All training jobs launched by the new hyperparameter tuning + job are evaluated by using the objective metric. If you specify + IDENTICAL_DATA_AND_ALGORITHM as the WarmStartType value for the + warm start configuration, the training job that performs the best + in the new tuning job is compared to the best training jobs from + the parent tuning jobs. From these, the training job that performs + the best as measured by the objective metric is returned as the + overall best training job. \n All training jobs launched by parent + hyperparameter tuning jobs and the new hyperparameter tuning jobs + count against the limit of training jobs for the tuning job." + properties: + parentHyperParameterTuningJobs: + items: + properties: + hyperParameterTuningJobName: + type: string + type: object + type: array + warmStartType: + type: string + type: object + required: + - hyperParameterTuningJobConfig + - hyperParameterTuningJobName + type: object + status: + description: HyperParameterTuningJobStatus defines the observed state + of HyperParameterTuningJob + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + bestTrainingJob: + description: A TrainingJobSummary object that describes the training + job that completed with the best current HyperParameterTuningJobObjective. + properties: + creationTime: + format: date-time + type: string + failureReason: + type: string + finalHyperParameterTuningJobObjectiveMetric: + properties: + metricName: + type: string + type_: + type: string + value: + type: number + type: object + objectiveStatus: + type: string + trainingEndTime: + format: date-time + type: string + trainingJobARN: + type: string + trainingJobDefinitionName: + type: string + trainingJobName: + type: string + trainingJobStatus: + type: string + trainingStartTime: + format: date-time + type: string + tunedHyperParameters: + additionalProperties: + type: string + type: object + tuningJobName: + type: string + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + failureReason: + description: If the tuning job failed, the reason it failed. + type: string + hyperParameterTuningJobStatus: + description: 'The status of the tuning job: InProgress, Completed, + Failed, Stopping, or Stopped.' + type: string + overallBestTrainingJob: + description: If the hyperparameter tuning job is an warm start tuning + job with a WarmStartType of IDENTICAL_DATA_AND_ALGORITHM, this is + the TrainingJobSummary for the training job with the best objective + metric value of all training jobs launched by this tuning job and + all parent jobs specified for the warm start tuning job. + properties: + creationTime: + format: date-time + type: string + failureReason: + type: string + finalHyperParameterTuningJobObjectiveMetric: + properties: + metricName: + type: string + type_: + type: string + value: + type: number + type: object + objectiveStatus: + type: string + trainingEndTime: + format: date-time + type: string + trainingJobARN: + type: string + trainingJobDefinitionName: + type: string + trainingJobName: + type: string + trainingJobStatus: + type: string + trainingStartTime: + format: date-time + type: string + tunedHyperParameters: + additionalProperties: + type: string + type: object + tuningJobName: + type: string + type: object + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml new file mode 100644 index 00000000..d2f8ee4d --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml @@ -0,0 +1,246 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: modelbiasjobdefinitions.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: ModelBiasJobDefinition + listKind: ModelBiasJobDefinitionList + plural: modelbiasjobdefinitions + singular: modelbiasjobdefinition + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ModelBiasJobDefinition is the Schema for the ModelBiasJobDefinitions + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ModelBiasJobDefinitionSpec defines the desired state of ModelBiasJobDefinition + properties: + jobDefinitionName: + description: The name of the bias job definition. The name must be + unique within an AWS Region in the AWS account. + type: string + jobResources: + properties: + clusterConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: object + modelBiasAppSpecification: + description: Configures the model bias job to run a specified Docker + container image. + properties: + configURI: + type: string + environment: + additionalProperties: + type: string + type: object + imageURI: + type: string + type: object + modelBiasBaselineConfig: + description: The baseline configuration for a model bias job. + properties: + baseliningJobName: + type: string + constraintsResource: + properties: + s3URI: + type: string + type: object + type: object + modelBiasJobInput: + description: Inputs for the model bias job. + properties: + endpointInput: + properties: + endTimeOffset: + type: string + endpointName: + type: string + featuresAttribute: + type: string + inferenceAttribute: + type: string + localPath: + type: string + probabilityAttribute: + type: string + probabilityThresholdAttribute: + type: number + s3DataDistributionType: + type: string + s3InputMode: + type: string + startTimeOffset: + type: string + type: object + groundTruthS3Input: + properties: + s3URI: + type: string + type: object + type: object + modelBiasJobOutputConfig: + properties: + kmsKeyID: + type: string + monitoringOutputs: + items: + properties: + s3Output: + properties: + localPath: + type: string + s3URI: + type: string + s3UploadMode: + type: string + type: object + type: object + type: array + type: object + networkConfig: + description: Networking options for a model bias job. + properties: + enableInterContainerTrafficEncryption: + type: boolean + enableNetworkIsolation: + type: boolean + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + roleARN: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon + SageMaker can assume to perform tasks on your behalf. + type: string + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + type: object + required: + - jobDefinitionName + - jobResources + - modelBiasAppSpecification + - modelBiasJobInput + - modelBiasJobOutputConfig + - roleARN + type: object + status: + description: ModelBiasJobDefinitionStatus defines the observed state of + ModelBiasJobDefinition + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml new file mode 100644 index 00000000..3cf14051 --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml @@ -0,0 +1,243 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: modelexplainabilityjobdefinitions.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: ModelExplainabilityJobDefinition + listKind: ModelExplainabilityJobDefinitionList + plural: modelexplainabilityjobdefinitions + singular: modelexplainabilityjobdefinition + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ModelExplainabilityJobDefinition is the Schema for the ModelExplainabilityJobDefinitions + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ModelExplainabilityJobDefinitionSpec defines the desired + state of ModelExplainabilityJobDefinition + properties: + jobDefinitionName: + description: The name of the model explainability job definition. + The name must be unique within an AWS Region in the AWS account. + type: string + jobResources: + properties: + clusterConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: object + modelExplainabilityAppSpecification: + description: Configures the model explainability job to run a specified + Docker container image. + properties: + configURI: + type: string + environment: + additionalProperties: + type: string + type: object + imageURI: + type: string + type: object + modelExplainabilityBaselineConfig: + description: The baseline configuration for a model explainability + job. + properties: + baseliningJobName: + type: string + constraintsResource: + properties: + s3URI: + type: string + type: object + type: object + modelExplainabilityJobInput: + description: Inputs for the model explainability job. + properties: + endpointInput: + properties: + endTimeOffset: + type: string + endpointName: + type: string + featuresAttribute: + type: string + inferenceAttribute: + type: string + localPath: + type: string + probabilityAttribute: + type: string + probabilityThresholdAttribute: + type: number + s3DataDistributionType: + type: string + s3InputMode: + type: string + startTimeOffset: + type: string + type: object + type: object + modelExplainabilityJobOutputConfig: + properties: + kmsKeyID: + type: string + monitoringOutputs: + items: + properties: + s3Output: + properties: + localPath: + type: string + s3URI: + type: string + s3UploadMode: + type: string + type: object + type: object + type: array + type: object + networkConfig: + description: Networking options for a model explainability job. + properties: + enableInterContainerTrafficEncryption: + type: boolean + enableNetworkIsolation: + type: boolean + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + roleARN: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon + SageMaker can assume to perform tasks on your behalf. + type: string + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + type: object + required: + - jobDefinitionName + - jobResources + - modelExplainabilityAppSpecification + - modelExplainabilityJobInput + - modelExplainabilityJobOutputConfig + - roleARN + type: object + status: + description: ModelExplainabilityJobDefinitionStatus defines the observed + state of ModelExplainabilityJobDefinition + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml new file mode 100644 index 00000000..ea3d0efb --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml @@ -0,0 +1,260 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: modelqualityjobdefinitions.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: ModelQualityJobDefinition + listKind: ModelQualityJobDefinitionList + plural: modelqualityjobdefinitions + singular: modelqualityjobdefinition + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ModelQualityJobDefinition is the Schema for the ModelQualityJobDefinitions + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ModelQualityJobDefinitionSpec defines the desired state of + ModelQualityJobDefinition + properties: + jobDefinitionName: + description: The name of the monitoring job definition. + type: string + jobResources: + properties: + clusterConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: object + modelQualityAppSpecification: + description: The container that runs the monitoring job. + properties: + containerArguments: + items: + type: string + type: array + containerEntrypoint: + items: + type: string + type: array + environment: + additionalProperties: + type: string + type: object + imageURI: + type: string + postAnalyticsProcessorSourceURI: + type: string + problemType: + type: string + recordPreprocessorSourceURI: + type: string + type: object + modelQualityBaselineConfig: + description: Specifies the constraints and baselines for the monitoring + job. + properties: + baseliningJobName: + type: string + constraintsResource: + properties: + s3URI: + type: string + type: object + type: object + modelQualityJobInput: + description: A list of the inputs that are monitored. Currently endpoints + are supported. + properties: + endpointInput: + properties: + endTimeOffset: + type: string + endpointName: + type: string + featuresAttribute: + type: string + inferenceAttribute: + type: string + localPath: + type: string + probabilityAttribute: + type: string + probabilityThresholdAttribute: + type: number + s3DataDistributionType: + type: string + s3InputMode: + type: string + startTimeOffset: + type: string + type: object + groundTruthS3Input: + properties: + s3URI: + type: string + type: object + type: object + modelQualityJobOutputConfig: + properties: + kmsKeyID: + type: string + monitoringOutputs: + items: + properties: + s3Output: + properties: + localPath: + type: string + s3URI: + type: string + s3UploadMode: + type: string + type: object + type: object + type: array + type: object + networkConfig: + description: Specifies the network configuration for the monitoring + job. + properties: + enableInterContainerTrafficEncryption: + type: boolean + enableNetworkIsolation: + type: boolean + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + roleARN: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon + SageMaker can assume to perform tasks on your behalf. + type: string + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + type: object + required: + - jobDefinitionName + - jobResources + - modelQualityAppSpecification + - modelQualityJobInput + - modelQualityJobOutputConfig + - roleARN + type: object + status: + description: ModelQualityJobDefinitionStatus defines the observed state + of ModelQualityJobDefinition + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_models.yaml b/helm/crds/sagemaker.services.k8s.aws_models.yaml new file mode 100644 index 00000000..b8ef8b2b --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_models.yaml @@ -0,0 +1,227 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: models.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: Model + listKind: ModelList + plural: models + singular: model + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Model is the Schema for the Models API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ModelSpec defines the desired state of Model + properties: + containers: + description: Specifies the containers in the inference pipeline. + items: + properties: + containerHostname: + type: string + environment: + additionalProperties: + type: string + type: object + image: + type: string + imageConfig: + properties: + repositoryAccessMode: + type: string + repositoryAuthConfig: + properties: + repositoryCredentialsProviderARN: + type: string + type: object + type: object + mode: + type: string + modelDataURL: + type: string + modelPackageName: + type: string + multiModelConfig: + properties: + modelCacheSetting: + type: string + type: object + type: object + type: array + enableNetworkIsolation: + description: Isolates the model container. No inbound or outbound + network calls can be made to or from the model container. + type: boolean + executionRoleARN: + description: "The Amazon Resource Name (ARN) of the IAM role that + Amazon SageMaker can assume to access model artifacts and docker + image for deployment on ML compute instances or for batch transform + jobs. Deploying on ML compute instances is part of model hosting. + For more information, see Amazon SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). + \n To be able to pass this role to Amazon SageMaker, the caller + of this API must have the iam:PassRole permission." + type: string + inferenceExecutionConfig: + description: Specifies details of how containers in a multi-container + endpoint are called. + properties: + mode: + type: string + type: object + modelName: + description: The name of the new model. + type: string + primaryContainer: + description: The location of the primary docker image containing inference + code, associated artifacts, and custom environment map that the + inference code uses when the model is deployed for predictions. + properties: + containerHostname: + type: string + environment: + additionalProperties: + type: string + type: object + image: + type: string + imageConfig: + properties: + repositoryAccessMode: + type: string + repositoryAuthConfig: + properties: + repositoryCredentialsProviderARN: + type: string + type: object + type: object + mode: + type: string + modelDataURL: + type: string + modelPackageName: + type: string + multiModelConfig: + properties: + modelCacheSetting: + type: string + type: object + type: object + vpcConfig: + description: A VpcConfig object that specifies the VPC that you want + your model to connect to. Control access to and from your model + container by configuring the VPC. VpcConfig is used in hosting services + and in batch transform. For more information, see Protect Endpoints + by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) + and Protect Data in Batch Transform Jobs by Using an Amazon Virtual + Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html). + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + required: + - executionRoleARN + - modelName + type: object + status: + description: ModelStatus defines the observed state of Model + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml b/helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml new file mode 100644 index 00000000..1bf43a0a --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml @@ -0,0 +1,313 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: monitoringschedules.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: MonitoringSchedule + listKind: MonitoringScheduleList + plural: monitoringschedules + singular: monitoringschedule + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.failureReason + name: FailureReason + type: string + - jsonPath: .status.monitoringScheduleStatus + name: MonitoringScheduleStatus + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: MonitoringSchedule is the Schema for the MonitoringSchedules + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MonitoringScheduleSpec defines the desired state of MonitoringSchedule + properties: + monitoringScheduleConfig: + description: The configuration object that specifies the monitoring + schedule and defines the monitoring job. + properties: + monitoringJobDefinition: + properties: + baselineConfig: + properties: + baseliningJobName: + type: string + constraintsResource: + properties: + s3URI: + type: string + type: object + statisticsResource: + properties: + s3URI: + type: string + type: object + type: object + environment: + additionalProperties: + type: string + type: object + monitoringAppSpecification: + properties: + containerArguments: + items: + type: string + type: array + containerEntrypoint: + items: + type: string + type: array + imageURI: + type: string + postAnalyticsProcessorSourceURI: + type: string + recordPreprocessorSourceURI: + type: string + type: object + monitoringInputs: + items: + properties: + endpointInput: + properties: + endTimeOffset: + type: string + endpointName: + type: string + featuresAttribute: + type: string + inferenceAttribute: + type: string + localPath: + type: string + probabilityAttribute: + type: string + probabilityThresholdAttribute: + type: number + s3DataDistributionType: + type: string + s3InputMode: + type: string + startTimeOffset: + type: string + type: object + type: object + type: array + monitoringOutputConfig: + properties: + kmsKeyID: + type: string + monitoringOutputs: + items: + properties: + s3Output: + properties: + localPath: + type: string + s3URI: + type: string + s3UploadMode: + type: string + type: object + type: object + type: array + type: object + monitoringResources: + properties: + clusterConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: object + networkConfig: + properties: + enableInterContainerTrafficEncryption: + type: boolean + enableNetworkIsolation: + type: boolean + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + roleARN: + type: string + stoppingCondition: + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + type: object + type: object + monitoringJobDefinitionName: + type: string + monitoringType: + type: string + scheduleConfig: + properties: + scheduleExpression: + type: string + type: object + type: object + monitoringScheduleName: + description: The name of the monitoring schedule. The name must be + unique within an AWS Region within an AWS account. + type: string + required: + - monitoringScheduleConfig + - monitoringScheduleName + type: object + status: + description: MonitoringScheduleStatus defines the observed state of MonitoringSchedule + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + creationTime: + description: The time at which the monitoring job was created. + format: date-time + type: string + failureReason: + description: A string, up to one KB in size, that contains the reason + a monitoring job failed, if it failed. + type: string + lastModifiedTime: + description: The time at which the monitoring job was last modified. + format: date-time + type: string + lastMonitoringExecutionSummary: + description: Describes metadata on the last execution to run, if there + was one. + properties: + creationTime: + format: date-time + type: string + endpointName: + type: string + failureReason: + type: string + lastModifiedTime: + format: date-time + type: string + monitoringExecutionStatus: + type: string + monitoringJobDefinitionName: + type: string + monitoringScheduleName: + type: string + monitoringType: + type: string + processingJobARN: + type: string + scheduledTime: + format: date-time + type: string + type: object + monitoringScheduleStatus: + description: The status of an monitoring job. + type: string + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml new file mode 100644 index 00000000..05b2ca80 --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml @@ -0,0 +1,323 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: processingjobs.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: ProcessingJob + listKind: ProcessingJobList + plural: processingjobs + singular: processingjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.failureReason + name: FailureReason + type: string + - jsonPath: .status.processingJobStatus + name: ProcessingJobStatus + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ProcessingJob is the Schema for the ProcessingJobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProcessingJobSpec defines the desired state of ProcessingJob + properties: + appSpecification: + description: Configures the processing job to run a specified Docker + container image. + properties: + containerArguments: + items: + type: string + type: array + containerEntrypoint: + items: + type: string + type: array + imageURI: + type: string + type: object + environment: + additionalProperties: + type: string + description: The environment variables to set in the Docker container. + Up to 100 key and values entries in the map are supported. + type: object + experimentConfig: + properties: + experimentName: + type: string + trialComponentDisplayName: + type: string + trialName: + type: string + type: object + networkConfig: + description: Networking options for a processing job, such as whether + to allow inbound and outbound network calls to and from processing + containers, and the VPC subnets and security groups to use for VPC-enabled + processing jobs. + properties: + enableInterContainerTrafficEncryption: + type: boolean + enableNetworkIsolation: + type: boolean + vpcConfig: + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + type: object + processingInputs: + description: An array of inputs configuring the data to download into + the processing container. + items: + properties: + appManaged: + type: boolean + datasetDefinition: + properties: + athenaDatasetDefinition: + properties: + catalog: + type: string + database: + type: string + kmsKeyID: + type: string + outputCompression: + type: string + outputFormat: + type: string + outputS3URI: + type: string + queryString: + type: string + workGroup: + type: string + type: object + dataDistributionType: + type: string + inputMode: + type: string + localPath: + type: string + redshiftDatasetDefinition: + properties: + clusterID: + type: string + clusterRoleARN: + type: string + database: + type: string + dbUser: + type: string + kmsKeyID: + type: string + outputCompression: + type: string + outputFormat: + type: string + outputS3URI: + type: string + queryString: + type: string + type: object + type: object + inputName: + type: string + s3Input: + properties: + localPath: + type: string + s3CompressionType: + type: string + s3DataDistributionType: + type: string + s3DataType: + type: string + s3InputMode: + type: string + s3URI: + type: string + type: object + type: object + type: array + processingJobName: + description: The name of the processing job. The name must be unique + within an AWS Region in the AWS account. + type: string + processingOutputConfig: + description: Output configuration for the processing job. + properties: + kmsKeyID: + type: string + outputs: + items: + properties: + appManaged: + type: boolean + featureStoreOutput: + properties: + featureGroupName: + type: string + type: object + outputName: + type: string + s3Output: + properties: + localPath: + type: string + s3URI: + type: string + s3UploadMode: + type: string + type: object + type: object + type: array + type: object + processingResources: + description: Identifies the resources, ML compute instances, and ML + storage volumes to deploy for a processing job. In distributed training, + you specify more than one instance. + properties: + clusterConfig: + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: object + roleARN: + description: The Amazon Resource Name (ARN) of an IAM role that Amazon + SageMaker can assume to perform tasks on your behalf. + type: string + stoppingCondition: + description: The time limit for how long the processing job is allowed + to run. + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + type: object + required: + - appSpecification + - processingJobName + - processingResources + - roleARN + type: object + status: + description: ProcessingJobStatus defines the observed state of ProcessingJob + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + failureReason: + description: A string, up to one KB in size, that contains the reason + a processing job failed, if it failed. + type: string + processingJobStatus: + description: Provides the status of a processing job. + type: string + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml new file mode 100644 index 00000000..dd85dcf9 --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml @@ -0,0 +1,506 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: trainingjobs.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: TrainingJob + listKind: TrainingJobList + plural: trainingjobs + singular: trainingjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.failureReason + name: FailureReason + type: string + - jsonPath: .status.secondaryStatus + name: SecondaryStatus + type: string + - jsonPath: .status.trainingJobStatus + name: TrainingJobStatus + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: TrainingJob is the Schema for the TrainingJobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TrainingJobSpec defines the desired state of TrainingJob + properties: + algorithmSpecification: + description: The registry path of the Docker image that contains the + training algorithm and algorithm-specific metadata, including the + input mode. For more information about algorithms provided by Amazon + SageMaker, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). + For information about providing your own algorithms, see Using Your + Own Algorithms with Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html). + properties: + algorithmName: + type: string + enableSageMakerMetricsTimeSeries: + type: boolean + metricDefinitions: + items: + properties: + name: + type: string + regex: + type: string + type: object + type: array + trainingImage: + type: string + trainingInputMode: + type: string + type: object + checkpointConfig: + description: Contains information about the output location for managed + spot training checkpoint data. + properties: + localPath: + type: string + s3URI: + type: string + type: object + debugHookConfig: + properties: + collectionConfigurations: + items: + properties: + collectionName: + type: string + collectionParameters: + additionalProperties: + type: string + type: object + type: object + type: array + hookParameters: + additionalProperties: + type: string + type: object + localPath: + type: string + s3OutputPath: + type: string + type: object + debugRuleConfigurations: + description: Configuration information for Debugger rules for debugging + output tensors. + items: + properties: + instanceType: + type: string + localPath: + type: string + ruleConfigurationName: + type: string + ruleEvaluatorImage: + type: string + ruleParameters: + additionalProperties: + type: string + type: object + s3OutputPath: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: array + enableInterContainerTrafficEncryption: + description: To encrypt all communications between ML compute instances + in distributed training, choose True. Encryption provides greater + security for distributed training, but training might take longer. + How long it takes depends on the amount of communication between + compute instances, especially if you use a deep learning algorithm + in distributed training. For more information, see Protect Communications + Between ML Compute Instances in a Distributed Training Job (https://docs.aws.amazon.com/sagemaker/latest/dg/train-encrypt.html). + type: boolean + enableManagedSpotTraining: + description: "To train models using managed spot training, choose + True. Managed spot training provides a fully managed and scalable + infrastructure for training machine learning models. this option + is useful when training jobs can be interrupted and when there is + flexibility when the training job is run. \n The complete and intermediate + results of jobs are stored in an Amazon S3 bucket, and can be used + as a starting point to train models incrementally. Amazon SageMaker + provides metrics and logs in CloudWatch. They can be used to see + when managed spot training jobs are running, interrupted, resumed, + or completed." + type: boolean + enableNetworkIsolation: + description: Isolates the training container. No inbound or outbound + network calls can be made, except for calls between peers within + a training cluster for distributed training. If you enable network + isolation for training jobs that are configured to use a VPC, Amazon + SageMaker downloads and uploads customer data and model artifacts + through the specified VPC, but the training container does not have + network access. + type: boolean + environment: + additionalProperties: + type: string + description: The environment variables to set in the Docker container. + type: object + experimentConfig: + properties: + experimentName: + type: string + trialComponentDisplayName: + type: string + trialName: + type: string + type: object + hyperParameters: + additionalProperties: + type: string + description: "Algorithm-specific parameters that influence the quality + of the model. You set hyperparameters before you start the learning + process. For a list of hyperparameters for each training algorithm + provided by Amazon SageMaker, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). + \n You can specify a maximum of 100 hyperparameters. Each hyperparameter + is a key-value pair. Each key and value is limited to 256 characters, + as specified by the Length Constraint." + type: object + inputDataConfig: + description: "An array of Channel objects. Each channel is a named + input source. InputDataConfig describes the input data and its location. + \n Algorithms can accept input data from one or more channels. For + example, an algorithm might have two channels of input data, training_data + and validation_data. The configuration for each channel provides + the S3, EFS, or FSx location where the input data is stored. It + also provides information about the stored data: the MIME type, + compression method, and whether the data is wrapped in RecordIO + format. \n Depending on the input mode that the algorithm supports, + Amazon SageMaker either copies input data files from an S3 bucket + to a local directory in the Docker container, or makes it available + as input streams. For example, if you specify an EFS location, input + data files will be made available as input streams. They do not + need to be downloaded." + items: + properties: + channelName: + type: string + compressionType: + type: string + contentType: + type: string + dataSource: + properties: + fileSystemDataSource: + properties: + directoryPath: + type: string + fileSystemAccessMode: + type: string + fileSystemID: + type: string + fileSystemType: + type: string + type: object + s3DataSource: + properties: + attributeNames: + items: + type: string + type: array + s3DataDistributionType: + type: string + s3DataType: + type: string + s3URI: + type: string + type: object + type: object + inputMode: + type: string + recordWrapperType: + type: string + shuffleConfig: + properties: + seed: + format: int64 + type: integer + type: object + type: object + type: array + outputDataConfig: + description: Specifies the path to the S3 location where you want + to store model artifacts. Amazon SageMaker creates subfolders for + the artifacts. + properties: + kmsKeyID: + type: string + s3OutputPath: + type: string + type: object + profilerConfig: + properties: + profilingIntervalInMilliseconds: + format: int64 + type: integer + profilingParameters: + additionalProperties: + type: string + type: object + s3OutputPath: + type: string + type: object + profilerRuleConfigurations: + description: Configuration information for Debugger rules for profiling + system and framework metrics. + items: + properties: + instanceType: + type: string + localPath: + type: string + ruleConfigurationName: + type: string + ruleEvaluatorImage: + type: string + ruleParameters: + additionalProperties: + type: string + type: object + s3OutputPath: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + type: array + resourceConfig: + description: "The resources, including the ML compute instances and + ML storage volumes, to use for model training. \n ML storage volumes + store model artifacts and incremental states. Training algorithms + might also use ML storage volumes for scratch space. If you want + Amazon SageMaker to use the ML storage volume to store the training + data, choose File as the TrainingInputMode in the algorithm specification. + For distributed training algorithms, specify an instance count greater + than 1." + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + volumeSizeInGB: + format: int64 + type: integer + type: object + roleARN: + description: "The Amazon Resource Name (ARN) of an IAM role that Amazon + SageMaker can assume to perform tasks on your behalf. \n During + model training, Amazon SageMaker needs your permission to read input + data from an S3 bucket, download a Docker image that contains training + code, write model artifacts to an S3 bucket, write logs to Amazon + CloudWatch Logs, and publish metrics to Amazon CloudWatch. You grant + permissions for all of these tasks to an IAM role. For more information, + see Amazon SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). + \n To be able to pass this role to Amazon SageMaker, the caller + of this API must have the iam:PassRole permission." + type: string + stoppingCondition: + description: "Specifies a limit to how long a model training job can + run. When the job reaches the time limit, Amazon SageMaker ends + the training job. Use this API to cap model training costs. \n To + stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal, + which delays job termination for 120 seconds. Algorithms can use + this 120-second window to save the model artifacts, so the results + of training are not lost." + properties: + maxRuntimeInSeconds: + format: int64 + type: integer + maxWaitTimeInSeconds: + format: int64 + type: integer + type: object + tensorBoardOutputConfig: + properties: + localPath: + type: string + s3OutputPath: + type: string + type: object + trainingJobName: + description: The name of the training job. The name must be unique + within an AWS Region in an AWS account. + type: string + vpcConfig: + description: A VpcConfig object that specifies the VPC that you want + your training job to connect to. Control access to and from your + training container by configuring the VPC. For more information, + see Protect Training Jobs by Using an Amazon Virtual Private Cloud + (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html). + properties: + securityGroupIDs: + items: + type: string + type: array + subnets: + items: + type: string + type: array + type: object + required: + - algorithmSpecification + - outputDataConfig + - resourceConfig + - roleARN + - stoppingCondition + - trainingJobName + type: object + status: + description: TrainingJobStatus defines the observed state of TrainingJob + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + debugRuleEvaluationStatuses: + description: Evaluation status of Debugger rules for debugging on + a training job. + items: + properties: + lastModifiedTime: + format: date-time + type: string + ruleConfigurationName: + type: string + ruleEvaluationJobARN: + type: string + ruleEvaluationStatus: + type: string + statusDetails: + type: string + type: object + type: array + failureReason: + description: If the training job failed, the reason it failed. + type: string + secondaryStatus: + description: "Provides detailed information about the state of the + training job. For detailed information on the secondary status of + the training job, see StatusMessage under SecondaryStatusTransition. + \n Amazon SageMaker provides primary statuses and secondary statuses + that apply to each of them: \n InProgress \n * Starting - Starting + the training job. \n * Downloading - An optional stage for algorithms + that support File training input mode. It indicates that data + is being downloaded to the ML storage volumes. \n * Training + - Training is in progress. \n * Interrupted - The job stopped + because the managed spot training instances were interrupted. + \n * Uploading - Training is complete and the model artifacts + are being uploaded to the S3 location. \n Completed \n * Completed + - The training job has completed. \n Failed \n * Failed - The + training job has failed. The reason for the failure is returned + in the FailureReason field of DescribeTrainingJobResponse. \n Stopped + \n * MaxRuntimeExceeded - The job stopped because it exceeded + the maximum allowed runtime. \n * MaxWaitTimeExceeded - The + job stopped because it exceeded the maximum allowed wait time. + \n * Stopped - The training job has stopped. \n Stopping \n * + Stopping - Stopping the training job. \n Valid values for SecondaryStatus + are subject to change. \n We no longer support the following secondary + statuses: \n * LaunchingMLInstances \n * PreparingTrainingStack + \n * DownloadingTrainingImage" + type: string + trainingJobStatus: + description: "The status of the training job. \n Amazon SageMaker + provides the following training job statuses: \n * InProgress + - The training is in progress. \n * Completed - The training + job has completed. \n * Failed - The training job has failed. + To see the reason for the failure, see the FailureReason field + in the response to a DescribeTrainingJobResponse call. \n * + Stopping - The training job is stopping. \n * Stopped - The training + job has stopped. \n For more detailed information, see SecondaryStatus." + type: string + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml new file mode 100644 index 00000000..4dd1ce6c --- /dev/null +++ b/helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml @@ -0,0 +1,270 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: transformjobs.sagemaker.services.k8s.aws +spec: + group: sagemaker.services.k8s.aws + names: + kind: TransformJob + listKind: TransformJobList + plural: transformjobs + singular: transformjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.failureReason + name: FailureReason + type: string + - jsonPath: .status.transformJobStatus + name: TransformJobStatus + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: TransformJob is the Schema for the TransformJobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TransformJobSpec defines the desired state of TransformJob + properties: + batchStrategy: + description: "Specifies the number of records to include in a mini-batch + for an HTTP inference request. A record is a single unit of input + data that inference can be made on. For example, a single line in + a CSV file is a record. \n To enable the batch strategy, you must + set the SplitType property to Line, RecordIO, or TFRecord. \n To + use only one record when making an HTTP invocation request to a + container, set BatchStrategy to SingleRecord and SplitType to Line. + \n To fit as many records in a mini-batch as can fit within the + MaxPayloadInMB limit, set BatchStrategy to MultiRecord and SplitType + to Line." + type: string + dataProcessing: + description: The data structure used to specify the data to be used + for inference in a batch transform job and to associate the data + that is relevant to the prediction results in the output. The input + filter provided allows you to exclude input data that is not needed + for inference in a batch transform job. The output filter provided + allows you to include input data relevant to interpreting the predictions + in the output from the job. For more information, see Associate + Prediction Results with their Corresponding Input Records (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform-data-processing.html). + properties: + inputFilter: + type: string + joinSource: + type: string + outputFilter: + type: string + type: object + environment: + additionalProperties: + type: string + description: The environment variables to set in the Docker container. + We support up to 16 key and values entries in the map. + type: object + experimentConfig: + properties: + experimentName: + type: string + trialComponentDisplayName: + type: string + trialName: + type: string + type: object + maxConcurrentTransforms: + description: The maximum number of parallel requests that can be sent + to each instance in a transform job. If MaxConcurrentTransforms + is set to 0 or left unset, Amazon SageMaker checks the optional + execution-parameters to determine the settings for your chosen algorithm. + If the execution-parameters endpoint is not enabled, the default + value is 1. For more information on execution-parameters, see How + Containers Serve Requests (https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-batch-code.html#your-algorithms-batch-code-how-containe-serves-requests). + For built-in algorithms, you don't need to set a value for MaxConcurrentTransforms. + format: int64 + type: integer + maxPayloadInMB: + description: "The maximum allowed size of the payload, in MB. A payload + is the data portion of a record (without metadata). The value in + MaxPayloadInMB must be greater than, or equal to, the size of a + single record. To estimate the size of a record in MB, divide the + size of your dataset by the number of records. To ensure that the + records fit within the maximum payload size, we recommend using + a slightly larger value. The default value is 6 MB. \n For cases + where the payload might be arbitrarily large and is transmitted + using HTTP chunked encoding, set the value to 0. This feature works + only in supported algorithms. Currently, Amazon SageMaker built-in + algorithms do not support HTTP chunked encoding." + format: int64 + type: integer + modelClientConfig: + description: Configures the timeout and maximum number of retries + for processing a transform job invocation. + properties: + invocationsMaxRetries: + format: int64 + type: integer + invocationsTimeoutInSeconds: + format: int64 + type: integer + type: object + modelName: + description: The name of the model that you want to use for the transform + job. ModelName must be the name of an existing Amazon SageMaker + model within an AWS Region in an AWS account. + type: string + transformInput: + description: Describes the input source and the way the transform + job consumes it. + properties: + compressionType: + type: string + contentType: + type: string + dataSource: + properties: + s3DataSource: + properties: + s3DataType: + type: string + s3URI: + type: string + type: object + type: object + splitType: + type: string + type: object + transformJobName: + description: The name of the transform job. The name must be unique + within an AWS Region in an AWS account. + type: string + transformOutput: + description: Describes the results of the transform job. + properties: + accept: + type: string + assembleWith: + type: string + kmsKeyID: + type: string + s3OutputPath: + type: string + type: object + transformResources: + description: Describes the resources, including ML instance types + and ML instance count, to use for the transform job. + properties: + instanceCount: + format: int64 + type: integer + instanceType: + type: string + volumeKMSKeyID: + type: string + type: object + required: + - modelName + - transformInput + - transformJobName + - transformOutput + - transformResources + type: object + status: + description: TransformJobStatus defines the observed state of TransformJob + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + required: + - ownerAccountID + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + failureReason: + description: If the transform job failed, FailureReason describes + why it failed. A transform job creates a log file, which includes + error messages, and stores it as an Amazon S3 object. For more information, + see Log Amazon SageMaker Events with Amazon CloudWatch (https://docs.aws.amazon.com/sagemaker/latest/dg/logging-cloudwatch.html). + type: string + transformJobStatus: + description: The status of the transform job. If the transform job + failed, the reason is returned in the FailureReason field. + type: string + required: + - ackResourceMetadata + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl new file mode 100644 index 00000000..ba90cd16 --- /dev/null +++ b/helm/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* The name of the application this chart installs */}} +{{- define "app.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "app.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* The name and version as used by the chart label */}} +{{- define "chart.name-version" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* The name of the service account to use */}} +{{- define "service-account.name" -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} diff --git a/helm/templates/cluster-role-binding.yaml b/helm/templates/cluster-role-binding.yaml new file mode 100644 index 00000000..ff84bc87 --- /dev/null +++ b/helm/templates/cluster-role-binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "app.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "app.name" . }} +subjects: +- kind: ServiceAccount + name: {{ include "service-account.name" . }} + namespace: {{ .Release.Namespace }} diff --git a/helm/templates/cluster-role-controller.yaml b/helm/templates/cluster-role-controller.yaml new file mode 100644 index 00000000..1f649fa3 --- /dev/null +++ b/helm/templates/cluster-role-controller.yaml @@ -0,0 +1,264 @@ + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: ack-sagemaker-controller +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - dataqualityjobdefinitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - dataqualityjobdefinitions/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - endpointconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - endpointconfigs/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - endpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - endpoints/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - hyperparametertuningjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - hyperparametertuningjobs/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - modelbiasjobdefinitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - modelbiasjobdefinitions/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - modelexplainabilityjobdefinitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - modelexplainabilityjobdefinitions/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - modelqualityjobdefinitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - modelqualityjobdefinitions/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - models + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - models/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - monitoringschedules + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - monitoringschedules/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - processingjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - processingjobs/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - trainingjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - trainingjobs/status + verbs: + - get + - patch + - update +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - transformjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - transformjobs/status + verbs: + - get + - patch + - update diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml new file mode 100644 index 00000000..e433186e --- /dev/null +++ b/helm/templates/deployment.yaml @@ -0,0 +1,65 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "app.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "app.name" . }} + helm.sh/chart: {{ include "chart.name-version" . }} + control-plane: controller +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + annotations: + {{- range $key, $value := .Values.deployment.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + labels: + app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + k8s-app: {{ include "app.name" . }} +{{- range $key, $value := .Values.deployment.labels }} + {{ $key }}: {{ $value | quote }} +{{- end }} + spec: + serviceAccountName: {{ include "service-account.name" . }} + containers: + - command: + - ./bin/controller + args: + - --aws-account-id + - "$(AWS_ACCOUNT_ID)" + - --aws-region + - "$(AWS_REGION)" + - --enable-development-logging + - "$(ACK_ENABLE_DEVELOPMENT_LOGGING)" + - --log-level + - "$(ACK_LOG_LEVEL)" + - --resource-tags + - "$(ACK_RESOURCE_TAGS)" + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + name: controller + ports: + - containerPort: {{ .Values.deployment.containerPort }} + resources: + {{- toYaml .Values.resources | nindent 10 }} + env: + - name: K8S_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: AWS_REGION + value: {{ .Values.aws.region }} + - name: ACK_RESOURCE_TAGS + value: {{ join "," .Values.resourceTags | quote }} + terminationGracePeriodSeconds: 10 diff --git a/helm/templates/role-reader.yaml b/helm/templates/role-reader.yaml new file mode 100644 index 00000000..cdbb0e90 --- /dev/null +++ b/helm/templates/role-reader.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-sagemaker-reader + namespace: {{ .Release.Namespace }} +rules: +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - endpoints + - endpointconfigs + - hyperparametertuningjobs + - models + - monitoringschedules + - processingjobs + - trainingjobs + - transformjobs + verbs: + - get + - list + - watch diff --git a/helm/templates/role-writer.yaml b/helm/templates/role-writer.yaml new file mode 100644 index 00000000..badc3c01 --- /dev/null +++ b/helm/templates/role-writer.yaml @@ -0,0 +1,50 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-sagemaker-writer + namespace: {{ .Release.Namespace }} +rules: +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - endpoints + + - endpointconfigs + + - hyperparametertuningjobs + + - models + + - monitoringschedules + + - processingjobs + + - trainingjobs + + - transformjobs + + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - sagemaker.services.k8s.aws + resources: + - endpoints + - endpointconfigs + - hyperparametertuningjobs + - models + - monitoringschedules + - processingjobs + - trainingjobs + - transformjobs + verbs: + - get + - patch + - update diff --git a/helm/templates/service-account.yaml b/helm/templates/service-account.yaml new file mode 100644 index 00000000..4fc81d3b --- /dev/null +++ b/helm/templates/service-account.yaml @@ -0,0 +1,17 @@ +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/name: {{ include "app.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} + k8s-app: {{ include "app.name" . }} + helm.sh/chart: {{ include "chart.name-version" . }} + name: {{ include "service-account.name" . }} + annotations: + {{- range $key, $value := .Values.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/helm/values.yaml b/helm/values.yaml new file mode 100644 index 00000000..79810d15 --- /dev/null +++ b/helm/values.yaml @@ -0,0 +1,43 @@ +# Default values for ack-sagemaker-controller. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: surajkota/ack-sagemaker-controller + tag: sagemaker-v0.0.1 + pullPolicy: IfNotPresent + pullSecrets: [] + +nameOverride: "" +fullnameOverride: "" + +deployment: + annotations: {} + labels: {} + containerPort: 8080 + +resources: + requests: + memory: "64Mi" + cpu: "50m" + limits: + memory: "128Mi" + cpu: "100m" + +aws: + # If specified, use the AWS region for AWS API calls + region: "" + +resourceTags: + # Configures the ACK service controller to always set key/value pairs tags on resources that it manages. + - services.k8s.aws/managed=true + - services.k8s.aws/created=%UTCNOW% + - services.k8s.aws/namespace=%KUBERNETES_NAMESPACE% + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + name: ack-sagemaker-controller + annotations: {} + # eks.amazonaws.com/role-arn: arn:aws:iam::AWS_ACCOUNT_ID:role/IAM_ROLE_NAME From f170388892edbf192826c36e07117a95ca0a8bf3 Mon Sep 17 00:00:00 2001 From: Suraj Kota Date: Thu, 6 May 2021 23:25:39 +0000 Subject: [PATCH 3/6] update acktest --- test/e2e/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/requirements.txt b/test/e2e/requirements.txt index 90c5afa1..8afa5151 100644 --- a/test/e2e/requirements.txt +++ b/test/e2e/requirements.txt @@ -1,2 +1,2 @@ -acktest @ git+https://github.com/surajkota/test-infra.git@refresh-token +acktest @ git+https://github.com/aws-controllers-k8s/test-infra.git@5ed60a505afa953096e53c9d3d6779830250915b black==20.8b1 From b77f141f0f6116c9ec9d9a57cb154391ea6dd352 Mon Sep 17 00:00:00 2001 From: Suraj Kota Date: Fri, 7 May 2021 00:20:18 +0000 Subject: [PATCH 4/6] buildspec and path changs --- test/canary/Dockerfile.canary | 17 +++-- test/canary/canary.buildspec.yaml | 13 ++-- .../canary/scripts/install_controller_helm.sh | 32 ++++---- test/canary/scripts/run_test.sh | 76 +++++++++++++++---- test/canary/scripts/setup_oidc.sh | 65 +++++++++++----- 5 files changed, 134 insertions(+), 69 deletions(-) mode change 100644 => 100755 test/canary/scripts/install_controller_helm.sh mode change 100644 => 100755 test/canary/scripts/run_test.sh mode change 100644 => 100755 test/canary/scripts/setup_oidc.sh diff --git a/test/canary/Dockerfile.canary b/test/canary/Dockerfile.canary index 97dc0f94..4fc03850 100644 --- a/test/canary/Dockerfile.canary +++ b/test/canary/Dockerfile.canary @@ -1,7 +1,7 @@ FROM ubuntu:18.04 # Build time parameters -ARG SERVICE_REPO_NAME +ARG SERVICE=sagemaker RUN apt-get update && apt-get install -y curl \ wget \ @@ -33,17 +33,18 @@ RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.6/b RUN curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/latest_release/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp && mv /tmp/eksctl /bin # Install Helm -RUN curl -q -L "https://get.helm.sh/helm-v3.2.4-linux-amd64.tar.gz" | tar zxf - -C /usr/local/bin/ -RUN mv /usr/local/bin/linux-amd64/helm /usr/local/bin/helm \ +RUN curl -q -L "https://get.helm.sh/helm-v3.2.4-linux-amd64.tar.gz" | tar zxf - -C /usr/local/bin/ \ + && mv /usr/local/bin/linux-amd64/helm /usr/local/bin/helm \ && rm -r /usr/local/bin/linux-amd64 \ && chmod +x /usr/local/bin/helm -COPY ./ /$SERVICE_REPO_NAME -ENV SERVICE_REPO_PATH_DOCKER=/$SERVICE_REPO_NAME +ENV SERVICE_REPO_PATH=/$SERVICE-controller +COPY ./test/e2e/requirements.txt requirements.txt -RUN ln -s /usr/bin/python3.8 /usr/bin/python +RUN ln -s /usr/bin/python3.8 /usr/bin/python \ + && python -m pip install --upgrade pip -RUN python -m pip install -r $SERVICE_REPO_PATH_DOCKER/test/e2e/requirements.txt +RUN python -m pip install -r requirements.txt -WORKDIR /$SERVICE_REPO_NAME +WORKDIR /$SERVICE_REPO_PATH CMD ["./test/canary/scripts/run_test.sh"] \ No newline at end of file diff --git a/test/canary/canary.buildspec.yaml b/test/canary/canary.buildspec.yaml index cf407e0e..6e94affe 100644 --- a/test/canary/canary.buildspec.yaml +++ b/test/canary/canary.buildspec.yaml @@ -4,8 +4,7 @@ phases: pre_build: commands: # Make all shell scripts executable. This is required when running code copied from S3 - - find ./ -type f -name "*.sh" -exec chmod +x {} \; - - export CODEBUILD_WORKING_DIRECTORY=$(pwd) + - find ./ -type f -name "*.sh" -exec chmod +x {} \; # Get cached test image - aws ecr get-login-password --region $CLUSTER_REGION | docker login --username AWS --password-stdin $ECR_CACHE_URI || true @@ -16,17 +15,15 @@ phases: # Build test image - > - docker build -f ./test/canary/Dockerfile.canary . -t ${ECR_CACHE_URI}:latest --quiet - --build-arg SERVICE_REPO_NAME="${SERVICE_REPO_PATH##*/}" + docker build -f ./test/canary/Dockerfile.canary . -t ${ECR_CACHE_URI}:latest + --build-arg SERVICE="${SERVICE##*/}" --quiet || echo "Docker Build Failed" || true build: commands: - - cd $CODEBUILD_WORKING_DIRECTORY - # Run tests - - docker run --name ack-canary $(env | cut -f1 -d= | sed 's/^/-e /') --mount type=bind,source="$(pwd)/",target="/app/" ${ECR_CACHE_URI}:latest + - docker run --name ack-canary $(env | cut -f1 -d= | sed 's/^/-e /') --mount type=bind,source="$(pwd)/",target="/${SERVICE}-controller/" ${ECR_CACHE_URI}:latest # Push test image to cache ECR repo - - docker push ${ECR_CACHE_URI}:latest --quiet || true + - docker push ${ECR_CACHE_URI}:latest || true diff --git a/test/canary/scripts/install_controller_helm.sh b/test/canary/scripts/install_controller_helm.sh old mode 100644 new mode 100755 index 4cc00af0..9b1363a3 --- a/test/canary/scripts/install_controller_helm.sh +++ b/test/canary/scripts/install_controller_helm.sh @@ -1,23 +1,17 @@ -# Deploy ACK Helm Charts +#!/usr/bin/env bash -# Inputs to this file as environment variables -# SERVICE_REPO_PATH_DOCKER -# OIDC_ROLE_ARN -# SERVICE -# SERVICE_REGION +# Deploy ACK Helm Charts -cd $SERVICE_REPO_PATH_DOCKER +function install_helm_chart() { + local service="$1" + local oidc_role_arn="$2" + local region="$3" + local namespace="$4" -yq w -i helm/values.yaml "serviceAccount.annotations" "" -yq w -i helm/values.yaml 'serviceAccount.annotations."eks.amazonaws.com/role-arn"' "$OIDC_ROLE_ARN" -yq w -i helm/values.yaml "aws.region" $SERVICE_REGION + yq w -i helm/values.yaml "serviceAccount.annotations" "" + yq w -i helm/values.yaml 'serviceAccount.annotations."eks.amazonaws.com/role-arn"' "$oidc_role_arn" + yq w -i helm/values.yaml "aws.region" $region -export ACK_K8S_NAMESPACE=${NAMESPACE:-"ack-system"} -kubectl create namespace $ACK_K8S_NAMESPACE - -helm delete -n $ACK_K8S_NAMESPACE ack-$SERVICE-controller -helm install -n $ACK_K8S_NAMESPACE ack-$SERVICE-controller helm - -echo "Make sure helm charts are deployed properly" -kubectl -n $ACK_K8S_NAMESPACE get pods -kubectl get crds \ No newline at end of file + kubectl create namespace $namespace + helm install -n $namespace ack-$service-controller helm +} \ No newline at end of file diff --git a/test/canary/scripts/run_test.sh b/test/canary/scripts/run_test.sh old mode 100644 new mode 100755 index cfa2325b..4546650f --- a/test/canary/scripts/run_test.sh +++ b/test/canary/scripts/run_test.sh @@ -5,29 +5,77 @@ # Inputs to this file as environment variables # SERVICE # SERVICE_REGION +# CLUSTER_REGION +# CLUSTER_NAME +# SERVICE_REPO_PATH +# NAMESPACE + +set -euo pipefail +export NAMESPACE=${NAMESPACE:-"ack-system"} +export AWS_DEFAULT_REGION=$SERVICE_REGION +export E2E_DIR=$SERVICE_REPO_PATH/test/e2e/ +SCRIPTS_DIR=${SERVICE_REPO_PATH}/test/canary/scripts + +source $SCRIPTS_DIR/setup_oidc.sh +source $SCRIPTS_DIR/install_controller_helm.sh + +function print_controller_logs() { + pod_id=$( kubectl get pods -n $NAMESPACE --field-selector="status.phase=Running" \ + --sort-by=.metadata.creationTimestamp \ + | grep ack-sagemaker-controller | awk '{print $1}' 2>/dev/null ) + + kubectl -n $NAMESPACE logs "$pod_id" +} function cleanup { echo "Cleaning up resources" - cd $SERVICE_REPO_PATH_DOCKER/test/e2e/ - python ./cleanup.py $SERVICE + set +e + kubectl delete endpoints.sagemaker --all + kubectl delete endpointconfigs --all + kubectl delete models --all + kubectl delete trainingjobs --all + kubectl delete processingjobs --all + kubectl delete transformjobs --all + kubectl delete hyperparametertuningjobs --all + kubectl delete dataqualityjobdefinitions --all + kubectl delete modelbiasjobdefinitions --all + kubectl delete modelexplainabilityjobdefinitions --all + kubectl delete modelqualityjobdefinitions --all + kubectl delete monitoringschedules --all + kubectl delete adoptedresources --all + + print_controller_logs + + helm delete -n $NAMESPACE ack-$SERVICE-controller + kubectl delete namespace $NAMESPACE + + cd $E2E_DIR + export PYTHONPATH=.. + python service_cleanup.py + } trap cleanup EXIT +# Update kubeconfig +aws --region $CLUSTER_REGION eks update-kubeconfig --name $CLUSTER_NAME + # Setup OIDC -. ./test/e2e/canary/scripts/setup_oidc.sh +create_oidc_role "$CLUSTER_NAME" "$CLUSTER_REGION" "$NAMESPACE" # Install service helm chart -. ./test/e2e/canary/scripts/install_controller_helm.sh - -# create resources for test -cd $SERVICE_REPO_PATH_DOCKER/test/e2e/ +install_helm_chart $SERVICE $OIDC_ROLE_ARN $SERVICE_REGION $NAMESPACE -export AWS_ROLE_ARN=$(aws sts get-caller-identity --query "Arn") -export AWS_DEFAULT_REGION=$SERVICE_REGION +echo "Log helm charts are deployed properly" +kubectl -n $NAMESPACE get pods +kubectl get crds -python ./bootstrap.py $SERVICE -sleep 10m +pushd $E2E_DIR + export PYTHONPATH=.. + # create resources for test + python service_bootstrap.py + sleep 5m -# TOOODOOOOO: RUN ALL TESTS run tests -echo "Run Tests" -PYTHONPATH=. pytest -n 10 --dist loadfile --log-cli-level INFO $SERVICE -m canary tests/test_model.py \ No newline at end of file + # run tests + echo "Run Tests" + pytest -n 10 --dist loadfile --log-cli-level INFO -m canary +popd \ No newline at end of file diff --git a/test/canary/scripts/setup_oidc.sh b/test/canary/scripts/setup_oidc.sh old mode 100644 new mode 100755 index 77281d46..691d8d75 --- a/test/canary/scripts/setup_oidc.sh +++ b/test/canary/scripts/setup_oidc.sh @@ -1,42 +1,67 @@ -# OIDC Setup +#!/usr/bin/env bash +# OIDC Setup -# Inputs to this file as environment variables -# CLUSTER_REGION -# CLUSTER_NAME - -NAMESPACE=${NAMESPACE:-"ack-system"} +# A function to get the OIDC_ID associated with an EKS cluster +function get_oidc_id() { + local cluster_name="$1" + local region = "$2" + eksctl utils associate-iam-oidc-provider --cluster $cluster_name --region $region --approve + local oidc_url=$(aws eks describe-cluster --region $region --name $cluster_name --query "cluster.identity.oidc.issuer" --output text | cut -c9-) + echo "${oidc_url}" +} -AWS_ACC_NUM=$(aws sts get-caller-identity --output text --query "Account") -aws --region $CLUSTER_REGION eks update-kubeconfig --name $CLUSTER_NAME -eksctl utils associate-iam-oidc-provider --cluster $CLUSTER_NAME --region $CLUSTER_REGION --approve -OIDC_URL=$(aws eks describe-cluster --region $CLUSTER_REGION --name $CLUSTER_NAME --query "cluster.identity.oidc.issuer" --output text | cut -c9-) +function generate_trust_policy() { + local oidc_url="$1" + local namespace="$2" + local account_id=$(aws sts get-caller-identity --output text --query "Account") -cat < trust.json + cat < trust.json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { - "Federated": "arn:aws:iam::$AWS_ACC_NUM:oidc-provider/$OIDC_URL" + "Federated": "arn:aws:iam::${account_id}:oidc-provider/${oidc_url}" }, "Action": "sts:AssumeRoleWithWebIdentity", "Condition": { "StringEquals": { - "$OIDC_URL:aud": "sts.amazonaws.com", - "$OIDC_URL:sub": ["system:serviceaccount:${NAMESPACE}:ack-sagemaker-controller"] + "${oidc_url}:aud": "sts.amazonaws.com", + "${oidc_url}:sub": ["system:serviceaccount:${namespace}:ack-sagemaker-controller"] } } } ] } EOF +} +function create_oidc_role() { + local cluster_name="$1" + local region="$2" + local namespace="$3" + local oidc_role_name=ack-oidc-role-$cluster_name-$namespace + + # Create role only if it does not exist + set +e + aws iam get-role --role-name ${oidc_role_name} + exit_code=$? + set -euo pipefail -# TODO : check if iam role exists -aws iam create-role --role-name ack-oidc-role-$CLUSTER_NAME --assume-role-policy-document file://trust.json -aws iam attach-role-policy --role-name ack-oidc-role-$CLUSTER_NAME --policy-arn arn:aws:iam::aws:policy/AmazonSageMakerFullAccess -aws iam attach-role-policy --role-name ack-oidc-role-$CLUSTER_NAME --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess - -export OIDC_ROLE_ARN=$(aws iam get-role --role-name ack-oidc-role-$CLUSTER_NAME --output text --query 'Role.Arn') \ No newline at end of file + if [[ $exit_code -eq 0 ]]; then + echo "A role for this cluster and namespace already exists in this account, assuming sagemaker access and proceeding." + else + echo "Creating new IAM role: $oidc_role_name" + local oidc_url=$(get_oidc_id "$cluster_name" "$region") + local trustfile="trust.json" + generate_trust_policy "$oidc_url" "$namespace" + aws iam create-role --role-name "$oidc_role_name" --assume-role-policy-document file://${trustfile} + aws iam attach-role-policy --role-name "$oidc_role_name" --policy-arn arn:aws:iam::aws:policy/AmazonSageMakerFullAccess + aws iam attach-role-policy --role-name "$oidc_role_name" --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess + rm "${trustfile}" + fi + local oidc_role_arn=$(aws iam get-role --role-name $oidc_role_name --output text --query 'Role.Arn') + export OIDC_ROLE_ARN=$oidc_role_arn +} \ No newline at end of file From db6aa3b878a4efc45b49997d14ad71a27bf4ffd5 Mon Sep 17 00:00:00 2001 From: Suraj Kota Date: Fri, 7 May 2021 08:36:27 +0000 Subject: [PATCH 5/6] remove charts --- CODEOWNERS | 2 +- helm/Chart.yaml | 18 - ...ces.k8s.aws_dataqualityjobdefinitions.yaml | 258 ------- ...aker.services.k8s.aws_endpointconfigs.yaml | 201 ----- .../sagemaker.services.k8s.aws_endpoints.yaml | 205 ------ ...ices.k8s.aws_hyperparametertuningjobs.yaml | 686 ------------------ ...vices.k8s.aws_modelbiasjobdefinitions.yaml | 246 ------- ...aws_modelexplainabilityjobdefinitions.yaml | 243 ------- ...es.k8s.aws_modelqualityjobdefinitions.yaml | 260 ------- .../sagemaker.services.k8s.aws_models.yaml | 227 ------ ....services.k8s.aws_monitoringschedules.yaml | 313 -------- ...maker.services.k8s.aws_processingjobs.yaml | 323 --------- ...gemaker.services.k8s.aws_trainingjobs.yaml | 506 ------------- ...emaker.services.k8s.aws_transformjobs.yaml | 270 ------- helm/templates/_helpers.tpl | 32 - helm/templates/cluster-role-binding.yaml | 12 - helm/templates/cluster-role-controller.yaml | 264 ------- helm/templates/deployment.yaml | 65 -- helm/templates/role-reader.yaml | 23 - helm/templates/role-writer.yaml | 50 -- helm/templates/service-account.yaml | 17 - helm/values.yaml | 43 -- 22 files changed, 1 insertion(+), 4263 deletions(-) delete mode 100644 helm/Chart.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_endpoints.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_models.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml delete mode 100644 helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml delete mode 100644 helm/templates/_helpers.tpl delete mode 100644 helm/templates/cluster-role-binding.yaml delete mode 100644 helm/templates/cluster-role-controller.yaml delete mode 100644 helm/templates/deployment.yaml delete mode 100644 helm/templates/role-reader.yaml delete mode 100644 helm/templates/role-writer.yaml delete mode 100644 helm/templates/service-account.yaml delete mode 100644 helm/values.yaml diff --git a/CODEOWNERS b/CODEOWNERS index 24f705f0..e133bd49 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -3,4 +3,4 @@ # https://github.com/blog/2392-introducing-code-owners # Amazon SageMaker CodeOwners -* @akartsky @jkuruba @mbaijal @RedbackThomson @surajkota +* @akartsky @mbaijal @surajkota diff --git a/helm/Chart.yaml b/helm/Chart.yaml deleted file mode 100644 index 766de3aa..00000000 --- a/helm/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -name: ack-sagemaker-controller -description: A Helm chart for the ACK service controller for sagemaker -version: v0.0.1 -appVersion: v0.0.1 -home: https://github.com/aws-controllers-k8s/sagemaker-controller -icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png -sources: - - https://github.com/aws-controllers-k8s/sagemaker-controller -maintainers: - - name: ACK Admins - url: https://github.com/orgs/aws-controllers-k8s/teams/ack-admin - - name: sagemaker Admins - url: https://github.com/orgs/aws-controllers-k8s/teams/sagemaker-maintainer -keywords: - - aws - - kubernetes - - sagemaker diff --git a/helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml deleted file mode 100644 index 6e4596fb..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_dataqualityjobdefinitions.yaml +++ /dev/null @@ -1,258 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: dataqualityjobdefinitions.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: DataQualityJobDefinition - listKind: DataQualityJobDefinitionList - plural: dataqualityjobdefinitions - singular: dataqualityjobdefinition - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: DataQualityJobDefinition is the Schema for the DataQualityJobDefinitions - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DataQualityJobDefinitionSpec defines the desired state of - DataQualityJobDefinition - properties: - dataQualityAppSpecification: - description: Specifies the container that runs the monitoring job. - properties: - containerArguments: - items: - type: string - type: array - containerEntrypoint: - items: - type: string - type: array - environment: - additionalProperties: - type: string - type: object - imageURI: - type: string - postAnalyticsProcessorSourceURI: - type: string - recordPreprocessorSourceURI: - type: string - type: object - dataQualityBaselineConfig: - description: Configures the constraints and baselines for the monitoring - job. - properties: - baseliningJobName: - type: string - constraintsResource: - properties: - s3URI: - type: string - type: object - statisticsResource: - properties: - s3URI: - type: string - type: object - type: object - dataQualityJobInput: - description: A list of inputs for the monitoring job. Currently endpoints - are supported as monitoring inputs. - properties: - endpointInput: - properties: - endTimeOffset: - type: string - endpointName: - type: string - featuresAttribute: - type: string - inferenceAttribute: - type: string - localPath: - type: string - probabilityAttribute: - type: string - probabilityThresholdAttribute: - type: number - s3DataDistributionType: - type: string - s3InputMode: - type: string - startTimeOffset: - type: string - type: object - type: object - dataQualityJobOutputConfig: - properties: - kmsKeyID: - type: string - monitoringOutputs: - items: - properties: - s3Output: - properties: - localPath: - type: string - s3URI: - type: string - s3UploadMode: - type: string - type: object - type: object - type: array - type: object - jobDefinitionName: - description: The name for the monitoring job definition. - type: string - jobResources: - properties: - clusterConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: object - networkConfig: - description: Specifies networking configuration for the monitoring - job. - properties: - enableInterContainerTrafficEncryption: - type: boolean - enableNetworkIsolation: - type: boolean - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - roleARN: - description: The Amazon Resource Name (ARN) of an IAM role that Amazon - SageMaker can assume to perform tasks on your behalf. - type: string - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - type: object - required: - - dataQualityAppSpecification - - dataQualityJobInput - - dataQualityJobOutputConfig - - jobDefinitionName - - jobResources - - roleARN - type: object - status: - description: DataQualityJobDefinitionStatus defines the observed state - of DataQualityJobDefinition - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml b/helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml deleted file mode 100644 index febb2b14..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_endpointconfigs.yaml +++ /dev/null @@ -1,201 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: endpointconfigs.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: EndpointConfig - listKind: EndpointConfigList - plural: endpointconfigs - singular: endpointconfig - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: EndpointConfig is the Schema for the EndpointConfigs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: EndpointConfigSpec defines the desired state of EndpointConfig - properties: - dataCaptureConfig: - properties: - captureContentTypeHeader: - properties: - csvContentTypes: - items: - type: string - type: array - jsonContentTypes: - items: - type: string - type: array - type: object - captureOptions: - items: - properties: - captureMode: - type: string - type: object - type: array - destinationS3URI: - type: string - enableCapture: - type: boolean - initialSamplingPercentage: - format: int64 - type: integer - kmsKeyID: - type: string - type: object - endpointConfigName: - description: The name of the endpoint configuration. You specify this - name in a CreateEndpoint request. - type: string - kmsKeyID: - description: "The Amazon Resource Name (ARN) of a AWS Key Management - Service key that Amazon SageMaker uses to encrypt data on the storage - volume attached to the ML compute instance that hosts the endpoint. - \n The KmsKeyId can be any of the following formats: \n * Key - ID: 1234abcd-12ab-34cd-56ef-1234567890ab \n * Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab - \n * Alias name: alias/ExampleAlias \n * Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias - \n The KMS key policy must grant permission to the IAM role that - you specify in your CreateEndpoint, UpdateEndpoint requests. For - more information, refer to the AWS Key Management Service section - Using Key Policies in AWS KMS (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) - \n Certain Nitro-based instances include local storage, dependent - on the instance type. Local storage volumes are encrypted using - a hardware module on the instance. You can't request a KmsKeyId - when using an instance type with local storage. If any of the models - that you specify in the ProductionVariants parameter use nitro-based - instances with local storage, do not specify a value for the KmsKeyId - parameter. If you specify a value for KmsKeyId when using any nitro-based - instances with local storage, the call to CreateEndpointConfig fails. - \n For a list of instance types that support local instance storage, - see Instance Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes). - \n For more information about local instance storage encryption, - see SSD Instance Store Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html)." - type: string - productionVariants: - description: An list of ProductionVariant objects, one for each model - that you want to host at this endpoint. - items: - properties: - acceleratorType: - type: string - coreDumpConfig: - properties: - destinationS3URI: - type: string - kmsKeyID: - type: string - type: object - initialInstanceCount: - format: int64 - type: integer - initialVariantWeight: - type: number - instanceType: - type: string - modelName: - type: string - variantName: - type: string - type: object - type: array - required: - - endpointConfigName - - productionVariants - type: object - status: - description: EndpointConfigStatus defines the observed state of EndpointConfig - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_endpoints.yaml b/helm/crds/sagemaker.services.k8s.aws_endpoints.yaml deleted file mode 100644 index 3c848867..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_endpoints.yaml +++ /dev/null @@ -1,205 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: endpoints.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: Endpoint - listKind: EndpointList - plural: endpoints - singular: endpoint - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.endpointStatus - name: EndpointStatus - type: string - - jsonPath: .status.failureReason - name: FailureReason - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Endpoint is the Schema for the Endpoints API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: EndpointSpec defines the desired state of Endpoint - properties: - endpointConfigName: - description: The name of an endpoint configuration. For more information, - see CreateEndpointConfig. - type: string - endpointName: - description: The name of the endpoint.The name must be unique within - an AWS Region in your AWS account. The name is case-insensitive - in CreateEndpoint, but the case is preserved and must be matched - in . - type: string - required: - - endpointConfigName - - endpointName - type: object - status: - description: EndpointStatus defines the observed state of Endpoint - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - creationTime: - description: A timestamp that shows when the endpoint was created. - format: date-time - type: string - endpointStatus: - description: "The status of the endpoint. \n * OutOfService: Endpoint - is not available to take incoming requests. \n * Creating: CreateEndpoint - is executing. \n * Updating: UpdateEndpoint or UpdateEndpointWeightsAndCapacities - is executing. \n * SystemUpdating: Endpoint is undergoing maintenance - and cannot be updated or deleted or re-scaled until it has completed. - This maintenance operation does not change any customer-specified - values such as VPC config, KMS encryption, model, instance type, - or instance count. \n * RollingBack: Endpoint fails to scale - up or down or change its variant weight and is in the process - of rolling back to its previous configuration. Once the rollback - completes, endpoint returns to an InService status. This transitional - status only applies to an endpoint that has autoscaling enabled - and is undergoing variant weight or capacity changes as part of - \ an UpdateEndpointWeightsAndCapacities call or when the UpdateEndpointWeightsAndCapacities - \ operation is called explicitly. \n * InService: Endpoint - is available to process incoming requests. \n * Deleting: DeleteEndpoint - is executing. \n * Failed: Endpoint could not be created, updated, - or re-scaled. Use DescribeEndpointOutput$FailureReason for information - about the failure. DeleteEndpoint is the only operation that - can be performed on a failed endpoint." - type: string - failureReason: - description: If the status of the endpoint is Failed, the reason why - it failed. - type: string - lastEndpointConfigNameForUpdate: - description: Name of the Amazon SageMaker endpoint configuration. - type: string - lastModifiedTime: - description: A timestamp that shows when the endpoint was last modified. - format: date-time - type: string - latestEndpointConfigName: - description: The name of the endpoint configuration associated with - this endpoint. - type: string - productionVariants: - description: An array of ProductionVariantSummary objects, one for - each model hosted behind this endpoint. - items: - properties: - currentInstanceCount: - format: int64 - type: integer - currentWeight: - type: number - deployedImages: - items: - properties: - resolutionTime: - format: date-time - type: string - resolvedImage: - type: string - specifiedImage: - type: string - type: object - type: array - desiredInstanceCount: - format: int64 - type: integer - desiredWeight: - type: number - variantName: - type: string - type: object - type: array - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml deleted file mode 100644 index f0736f81..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_hyperparametertuningjobs.yaml +++ /dev/null @@ -1,686 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: hyperparametertuningjobs.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: HyperParameterTuningJob - listKind: HyperParameterTuningJobList - plural: hyperparametertuningjobs - singular: hyperparametertuningjob - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.failureReason - name: FailureReason - type: string - - jsonPath: .status.hyperParameterTuningJobStatus - name: HyperParameterTuningJobStatus - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: HyperParameterTuningJob is the Schema for the HyperParameterTuningJobs - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HyperParameterTuningJobSpec defines the desired state of - HyperParameterTuningJob - properties: - hyperParameterTuningJobConfig: - description: The HyperParameterTuningJobConfig object that describes - the tuning job, including the search strategy, the objective metric - used to evaluate training jobs, ranges of parameters to search, - and resource limits for the tuning job. For more information, see - How Hyperparameter Tuning Works (https://docs.aws.amazon.com/sagemaker/latest/dg/automatic-model-tuning-how-it-works.html). - properties: - hyperParameterTuningJobObjective: - properties: - metricName: - type: string - type_: - type: string - type: object - parameterRanges: - properties: - categoricalParameterRanges: - items: - properties: - name: - type: string - values: - items: - type: string - type: array - type: object - type: array - continuousParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - type: object - type: array - integerParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - type: object - type: array - type: object - resourceLimits: - properties: - maxNumberOfTrainingJobs: - format: int64 - type: integer - maxParallelTrainingJobs: - format: int64 - type: integer - type: object - strategy: - type: string - trainingJobEarlyStoppingType: - type: string - tuningJobCompletionCriteria: - properties: - targetObjectiveMetricValue: - type: number - type: object - type: object - hyperParameterTuningJobName: - description: 'The name of the tuning job. This name is the prefix - for the names of all training jobs that this tuning job launches. - The name must be unique within the same AWS account and AWS Region. - The name must have 1 to 32 characters. Valid characters are a-z, - A-Z, 0-9, and : + = @ _ % - (hyphen). The name is not case sensitive.' - type: string - trainingJobDefinition: - description: The HyperParameterTrainingJobDefinition object that describes - the training jobs that this tuning job launches, including static - hyperparameters, input data configuration, output data configuration, - resource configuration, and stopping condition. - properties: - algorithmSpecification: - properties: - algorithmName: - type: string - metricDefinitions: - items: - properties: - name: - type: string - regex: - type: string - type: object - type: array - trainingImage: - type: string - trainingInputMode: - type: string - type: object - checkpointConfig: - properties: - localPath: - type: string - s3URI: - type: string - type: object - definitionName: - type: string - enableInterContainerTrafficEncryption: - type: boolean - enableManagedSpotTraining: - type: boolean - enableNetworkIsolation: - type: boolean - hyperParameterRanges: - properties: - categoricalParameterRanges: - items: - properties: - name: - type: string - values: - items: - type: string - type: array - type: object - type: array - continuousParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - type: object - type: array - integerParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - type: object - type: array - type: object - inputDataConfig: - items: - properties: - channelName: - type: string - compressionType: - type: string - contentType: - type: string - dataSource: - properties: - fileSystemDataSource: - properties: - directoryPath: - type: string - fileSystemAccessMode: - type: string - fileSystemID: - type: string - fileSystemType: - type: string - type: object - s3DataSource: - properties: - attributeNames: - items: - type: string - type: array - s3DataDistributionType: - type: string - s3DataType: - type: string - s3URI: - type: string - type: object - type: object - inputMode: - type: string - recordWrapperType: - type: string - shuffleConfig: - properties: - seed: - format: int64 - type: integer - type: object - type: object - type: array - outputDataConfig: - properties: - kmsKeyID: - type: string - s3OutputPath: - type: string - type: object - resourceConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - roleARN: - type: string - staticHyperParameters: - additionalProperties: - type: string - type: object - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - maxWaitTimeInSeconds: - format: int64 - type: integer - type: object - tuningObjective: - properties: - metricName: - type: string - type_: - type: string - type: object - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - trainingJobDefinitions: - description: A list of the HyperParameterTrainingJobDefinition objects - launched for this tuning job. - items: - properties: - algorithmSpecification: - properties: - algorithmName: - type: string - metricDefinitions: - items: - properties: - name: - type: string - regex: - type: string - type: object - type: array - trainingImage: - type: string - trainingInputMode: - type: string - type: object - checkpointConfig: - properties: - localPath: - type: string - s3URI: - type: string - type: object - definitionName: - type: string - enableInterContainerTrafficEncryption: - type: boolean - enableManagedSpotTraining: - type: boolean - enableNetworkIsolation: - type: boolean - hyperParameterRanges: - properties: - categoricalParameterRanges: - items: - properties: - name: - type: string - values: - items: - type: string - type: array - type: object - type: array - continuousParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - type: object - type: array - integerParameterRanges: - items: - properties: - maxValue: - type: string - minValue: - type: string - name: - type: string - scalingType: - type: string - type: object - type: array - type: object - inputDataConfig: - items: - properties: - channelName: - type: string - compressionType: - type: string - contentType: - type: string - dataSource: - properties: - fileSystemDataSource: - properties: - directoryPath: - type: string - fileSystemAccessMode: - type: string - fileSystemID: - type: string - fileSystemType: - type: string - type: object - s3DataSource: - properties: - attributeNames: - items: - type: string - type: array - s3DataDistributionType: - type: string - s3DataType: - type: string - s3URI: - type: string - type: object - type: object - inputMode: - type: string - recordWrapperType: - type: string - shuffleConfig: - properties: - seed: - format: int64 - type: integer - type: object - type: object - type: array - outputDataConfig: - properties: - kmsKeyID: - type: string - s3OutputPath: - type: string - type: object - resourceConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - roleARN: - type: string - staticHyperParameters: - additionalProperties: - type: string - type: object - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - maxWaitTimeInSeconds: - format: int64 - type: integer - type: object - tuningObjective: - properties: - metricName: - type: string - type_: - type: string - type: object - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - type: array - warmStartConfig: - description: "Specifies the configuration for starting the hyperparameter - tuning job using one or more previous tuning jobs as a starting - point. The results of previous tuning jobs are used to inform which - combinations of hyperparameters to search over in the new tuning - job. \n All training jobs launched by the new hyperparameter tuning - job are evaluated by using the objective metric. If you specify - IDENTICAL_DATA_AND_ALGORITHM as the WarmStartType value for the - warm start configuration, the training job that performs the best - in the new tuning job is compared to the best training jobs from - the parent tuning jobs. From these, the training job that performs - the best as measured by the objective metric is returned as the - overall best training job. \n All training jobs launched by parent - hyperparameter tuning jobs and the new hyperparameter tuning jobs - count against the limit of training jobs for the tuning job." - properties: - parentHyperParameterTuningJobs: - items: - properties: - hyperParameterTuningJobName: - type: string - type: object - type: array - warmStartType: - type: string - type: object - required: - - hyperParameterTuningJobConfig - - hyperParameterTuningJobName - type: object - status: - description: HyperParameterTuningJobStatus defines the observed state - of HyperParameterTuningJob - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - bestTrainingJob: - description: A TrainingJobSummary object that describes the training - job that completed with the best current HyperParameterTuningJobObjective. - properties: - creationTime: - format: date-time - type: string - failureReason: - type: string - finalHyperParameterTuningJobObjectiveMetric: - properties: - metricName: - type: string - type_: - type: string - value: - type: number - type: object - objectiveStatus: - type: string - trainingEndTime: - format: date-time - type: string - trainingJobARN: - type: string - trainingJobDefinitionName: - type: string - trainingJobName: - type: string - trainingJobStatus: - type: string - trainingStartTime: - format: date-time - type: string - tunedHyperParameters: - additionalProperties: - type: string - type: object - tuningJobName: - type: string - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - failureReason: - description: If the tuning job failed, the reason it failed. - type: string - hyperParameterTuningJobStatus: - description: 'The status of the tuning job: InProgress, Completed, - Failed, Stopping, or Stopped.' - type: string - overallBestTrainingJob: - description: If the hyperparameter tuning job is an warm start tuning - job with a WarmStartType of IDENTICAL_DATA_AND_ALGORITHM, this is - the TrainingJobSummary for the training job with the best objective - metric value of all training jobs launched by this tuning job and - all parent jobs specified for the warm start tuning job. - properties: - creationTime: - format: date-time - type: string - failureReason: - type: string - finalHyperParameterTuningJobObjectiveMetric: - properties: - metricName: - type: string - type_: - type: string - value: - type: number - type: object - objectiveStatus: - type: string - trainingEndTime: - format: date-time - type: string - trainingJobARN: - type: string - trainingJobDefinitionName: - type: string - trainingJobName: - type: string - trainingJobStatus: - type: string - trainingStartTime: - format: date-time - type: string - tunedHyperParameters: - additionalProperties: - type: string - type: object - tuningJobName: - type: string - type: object - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml deleted file mode 100644 index d2f8ee4d..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_modelbiasjobdefinitions.yaml +++ /dev/null @@ -1,246 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: modelbiasjobdefinitions.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: ModelBiasJobDefinition - listKind: ModelBiasJobDefinitionList - plural: modelbiasjobdefinitions - singular: modelbiasjobdefinition - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ModelBiasJobDefinition is the Schema for the ModelBiasJobDefinitions - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ModelBiasJobDefinitionSpec defines the desired state of ModelBiasJobDefinition - properties: - jobDefinitionName: - description: The name of the bias job definition. The name must be - unique within an AWS Region in the AWS account. - type: string - jobResources: - properties: - clusterConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: object - modelBiasAppSpecification: - description: Configures the model bias job to run a specified Docker - container image. - properties: - configURI: - type: string - environment: - additionalProperties: - type: string - type: object - imageURI: - type: string - type: object - modelBiasBaselineConfig: - description: The baseline configuration for a model bias job. - properties: - baseliningJobName: - type: string - constraintsResource: - properties: - s3URI: - type: string - type: object - type: object - modelBiasJobInput: - description: Inputs for the model bias job. - properties: - endpointInput: - properties: - endTimeOffset: - type: string - endpointName: - type: string - featuresAttribute: - type: string - inferenceAttribute: - type: string - localPath: - type: string - probabilityAttribute: - type: string - probabilityThresholdAttribute: - type: number - s3DataDistributionType: - type: string - s3InputMode: - type: string - startTimeOffset: - type: string - type: object - groundTruthS3Input: - properties: - s3URI: - type: string - type: object - type: object - modelBiasJobOutputConfig: - properties: - kmsKeyID: - type: string - monitoringOutputs: - items: - properties: - s3Output: - properties: - localPath: - type: string - s3URI: - type: string - s3UploadMode: - type: string - type: object - type: object - type: array - type: object - networkConfig: - description: Networking options for a model bias job. - properties: - enableInterContainerTrafficEncryption: - type: boolean - enableNetworkIsolation: - type: boolean - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - roleARN: - description: The Amazon Resource Name (ARN) of an IAM role that Amazon - SageMaker can assume to perform tasks on your behalf. - type: string - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - type: object - required: - - jobDefinitionName - - jobResources - - modelBiasAppSpecification - - modelBiasJobInput - - modelBiasJobOutputConfig - - roleARN - type: object - status: - description: ModelBiasJobDefinitionStatus defines the observed state of - ModelBiasJobDefinition - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml deleted file mode 100644 index 3cf14051..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_modelexplainabilityjobdefinitions.yaml +++ /dev/null @@ -1,243 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: modelexplainabilityjobdefinitions.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: ModelExplainabilityJobDefinition - listKind: ModelExplainabilityJobDefinitionList - plural: modelexplainabilityjobdefinitions - singular: modelexplainabilityjobdefinition - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ModelExplainabilityJobDefinition is the Schema for the ModelExplainabilityJobDefinitions - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ModelExplainabilityJobDefinitionSpec defines the desired - state of ModelExplainabilityJobDefinition - properties: - jobDefinitionName: - description: The name of the model explainability job definition. - The name must be unique within an AWS Region in the AWS account. - type: string - jobResources: - properties: - clusterConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: object - modelExplainabilityAppSpecification: - description: Configures the model explainability job to run a specified - Docker container image. - properties: - configURI: - type: string - environment: - additionalProperties: - type: string - type: object - imageURI: - type: string - type: object - modelExplainabilityBaselineConfig: - description: The baseline configuration for a model explainability - job. - properties: - baseliningJobName: - type: string - constraintsResource: - properties: - s3URI: - type: string - type: object - type: object - modelExplainabilityJobInput: - description: Inputs for the model explainability job. - properties: - endpointInput: - properties: - endTimeOffset: - type: string - endpointName: - type: string - featuresAttribute: - type: string - inferenceAttribute: - type: string - localPath: - type: string - probabilityAttribute: - type: string - probabilityThresholdAttribute: - type: number - s3DataDistributionType: - type: string - s3InputMode: - type: string - startTimeOffset: - type: string - type: object - type: object - modelExplainabilityJobOutputConfig: - properties: - kmsKeyID: - type: string - monitoringOutputs: - items: - properties: - s3Output: - properties: - localPath: - type: string - s3URI: - type: string - s3UploadMode: - type: string - type: object - type: object - type: array - type: object - networkConfig: - description: Networking options for a model explainability job. - properties: - enableInterContainerTrafficEncryption: - type: boolean - enableNetworkIsolation: - type: boolean - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - roleARN: - description: The Amazon Resource Name (ARN) of an IAM role that Amazon - SageMaker can assume to perform tasks on your behalf. - type: string - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - type: object - required: - - jobDefinitionName - - jobResources - - modelExplainabilityAppSpecification - - modelExplainabilityJobInput - - modelExplainabilityJobOutputConfig - - roleARN - type: object - status: - description: ModelExplainabilityJobDefinitionStatus defines the observed - state of ModelExplainabilityJobDefinition - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml b/helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml deleted file mode 100644 index ea3d0efb..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_modelqualityjobdefinitions.yaml +++ /dev/null @@ -1,260 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: modelqualityjobdefinitions.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: ModelQualityJobDefinition - listKind: ModelQualityJobDefinitionList - plural: modelqualityjobdefinitions - singular: modelqualityjobdefinition - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ModelQualityJobDefinition is the Schema for the ModelQualityJobDefinitions - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ModelQualityJobDefinitionSpec defines the desired state of - ModelQualityJobDefinition - properties: - jobDefinitionName: - description: The name of the monitoring job definition. - type: string - jobResources: - properties: - clusterConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: object - modelQualityAppSpecification: - description: The container that runs the monitoring job. - properties: - containerArguments: - items: - type: string - type: array - containerEntrypoint: - items: - type: string - type: array - environment: - additionalProperties: - type: string - type: object - imageURI: - type: string - postAnalyticsProcessorSourceURI: - type: string - problemType: - type: string - recordPreprocessorSourceURI: - type: string - type: object - modelQualityBaselineConfig: - description: Specifies the constraints and baselines for the monitoring - job. - properties: - baseliningJobName: - type: string - constraintsResource: - properties: - s3URI: - type: string - type: object - type: object - modelQualityJobInput: - description: A list of the inputs that are monitored. Currently endpoints - are supported. - properties: - endpointInput: - properties: - endTimeOffset: - type: string - endpointName: - type: string - featuresAttribute: - type: string - inferenceAttribute: - type: string - localPath: - type: string - probabilityAttribute: - type: string - probabilityThresholdAttribute: - type: number - s3DataDistributionType: - type: string - s3InputMode: - type: string - startTimeOffset: - type: string - type: object - groundTruthS3Input: - properties: - s3URI: - type: string - type: object - type: object - modelQualityJobOutputConfig: - properties: - kmsKeyID: - type: string - monitoringOutputs: - items: - properties: - s3Output: - properties: - localPath: - type: string - s3URI: - type: string - s3UploadMode: - type: string - type: object - type: object - type: array - type: object - networkConfig: - description: Specifies the network configuration for the monitoring - job. - properties: - enableInterContainerTrafficEncryption: - type: boolean - enableNetworkIsolation: - type: boolean - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - roleARN: - description: The Amazon Resource Name (ARN) of an IAM role that Amazon - SageMaker can assume to perform tasks on your behalf. - type: string - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - type: object - required: - - jobDefinitionName - - jobResources - - modelQualityAppSpecification - - modelQualityJobInput - - modelQualityJobOutputConfig - - roleARN - type: object - status: - description: ModelQualityJobDefinitionStatus defines the observed state - of ModelQualityJobDefinition - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_models.yaml b/helm/crds/sagemaker.services.k8s.aws_models.yaml deleted file mode 100644 index b8ef8b2b..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_models.yaml +++ /dev/null @@ -1,227 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: models.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: Model - listKind: ModelList - plural: models - singular: model - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Model is the Schema for the Models API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ModelSpec defines the desired state of Model - properties: - containers: - description: Specifies the containers in the inference pipeline. - items: - properties: - containerHostname: - type: string - environment: - additionalProperties: - type: string - type: object - image: - type: string - imageConfig: - properties: - repositoryAccessMode: - type: string - repositoryAuthConfig: - properties: - repositoryCredentialsProviderARN: - type: string - type: object - type: object - mode: - type: string - modelDataURL: - type: string - modelPackageName: - type: string - multiModelConfig: - properties: - modelCacheSetting: - type: string - type: object - type: object - type: array - enableNetworkIsolation: - description: Isolates the model container. No inbound or outbound - network calls can be made to or from the model container. - type: boolean - executionRoleARN: - description: "The Amazon Resource Name (ARN) of the IAM role that - Amazon SageMaker can assume to access model artifacts and docker - image for deployment on ML compute instances or for batch transform - jobs. Deploying on ML compute instances is part of model hosting. - For more information, see Amazon SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). - \n To be able to pass this role to Amazon SageMaker, the caller - of this API must have the iam:PassRole permission." - type: string - inferenceExecutionConfig: - description: Specifies details of how containers in a multi-container - endpoint are called. - properties: - mode: - type: string - type: object - modelName: - description: The name of the new model. - type: string - primaryContainer: - description: The location of the primary docker image containing inference - code, associated artifacts, and custom environment map that the - inference code uses when the model is deployed for predictions. - properties: - containerHostname: - type: string - environment: - additionalProperties: - type: string - type: object - image: - type: string - imageConfig: - properties: - repositoryAccessMode: - type: string - repositoryAuthConfig: - properties: - repositoryCredentialsProviderARN: - type: string - type: object - type: object - mode: - type: string - modelDataURL: - type: string - modelPackageName: - type: string - multiModelConfig: - properties: - modelCacheSetting: - type: string - type: object - type: object - vpcConfig: - description: A VpcConfig object that specifies the VPC that you want - your model to connect to. Control access to and from your model - container by configuring the VPC. VpcConfig is used in hosting services - and in batch transform. For more information, see Protect Endpoints - by Using an Amazon Virtual Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) - and Protect Data in Batch Transform Jobs by Using an Amazon Virtual - Private Cloud (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html). - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - required: - - executionRoleARN - - modelName - type: object - status: - description: ModelStatus defines the observed state of Model - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml b/helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml deleted file mode 100644 index 1bf43a0a..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_monitoringschedules.yaml +++ /dev/null @@ -1,313 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: monitoringschedules.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: MonitoringSchedule - listKind: MonitoringScheduleList - plural: monitoringschedules - singular: monitoringschedule - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.failureReason - name: FailureReason - type: string - - jsonPath: .status.monitoringScheduleStatus - name: MonitoringScheduleStatus - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: MonitoringSchedule is the Schema for the MonitoringSchedules - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MonitoringScheduleSpec defines the desired state of MonitoringSchedule - properties: - monitoringScheduleConfig: - description: The configuration object that specifies the monitoring - schedule and defines the monitoring job. - properties: - monitoringJobDefinition: - properties: - baselineConfig: - properties: - baseliningJobName: - type: string - constraintsResource: - properties: - s3URI: - type: string - type: object - statisticsResource: - properties: - s3URI: - type: string - type: object - type: object - environment: - additionalProperties: - type: string - type: object - monitoringAppSpecification: - properties: - containerArguments: - items: - type: string - type: array - containerEntrypoint: - items: - type: string - type: array - imageURI: - type: string - postAnalyticsProcessorSourceURI: - type: string - recordPreprocessorSourceURI: - type: string - type: object - monitoringInputs: - items: - properties: - endpointInput: - properties: - endTimeOffset: - type: string - endpointName: - type: string - featuresAttribute: - type: string - inferenceAttribute: - type: string - localPath: - type: string - probabilityAttribute: - type: string - probabilityThresholdAttribute: - type: number - s3DataDistributionType: - type: string - s3InputMode: - type: string - startTimeOffset: - type: string - type: object - type: object - type: array - monitoringOutputConfig: - properties: - kmsKeyID: - type: string - monitoringOutputs: - items: - properties: - s3Output: - properties: - localPath: - type: string - s3URI: - type: string - s3UploadMode: - type: string - type: object - type: object - type: array - type: object - monitoringResources: - properties: - clusterConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: object - networkConfig: - properties: - enableInterContainerTrafficEncryption: - type: boolean - enableNetworkIsolation: - type: boolean - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - roleARN: - type: string - stoppingCondition: - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - type: object - type: object - monitoringJobDefinitionName: - type: string - monitoringType: - type: string - scheduleConfig: - properties: - scheduleExpression: - type: string - type: object - type: object - monitoringScheduleName: - description: The name of the monitoring schedule. The name must be - unique within an AWS Region within an AWS account. - type: string - required: - - monitoringScheduleConfig - - monitoringScheduleName - type: object - status: - description: MonitoringScheduleStatus defines the observed state of MonitoringSchedule - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - creationTime: - description: The time at which the monitoring job was created. - format: date-time - type: string - failureReason: - description: A string, up to one KB in size, that contains the reason - a monitoring job failed, if it failed. - type: string - lastModifiedTime: - description: The time at which the monitoring job was last modified. - format: date-time - type: string - lastMonitoringExecutionSummary: - description: Describes metadata on the last execution to run, if there - was one. - properties: - creationTime: - format: date-time - type: string - endpointName: - type: string - failureReason: - type: string - lastModifiedTime: - format: date-time - type: string - monitoringExecutionStatus: - type: string - monitoringJobDefinitionName: - type: string - monitoringScheduleName: - type: string - monitoringType: - type: string - processingJobARN: - type: string - scheduledTime: - format: date-time - type: string - type: object - monitoringScheduleStatus: - description: The status of an monitoring job. - type: string - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml deleted file mode 100644 index 05b2ca80..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_processingjobs.yaml +++ /dev/null @@ -1,323 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: processingjobs.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: ProcessingJob - listKind: ProcessingJobList - plural: processingjobs - singular: processingjob - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.failureReason - name: FailureReason - type: string - - jsonPath: .status.processingJobStatus - name: ProcessingJobStatus - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: ProcessingJob is the Schema for the ProcessingJobs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProcessingJobSpec defines the desired state of ProcessingJob - properties: - appSpecification: - description: Configures the processing job to run a specified Docker - container image. - properties: - containerArguments: - items: - type: string - type: array - containerEntrypoint: - items: - type: string - type: array - imageURI: - type: string - type: object - environment: - additionalProperties: - type: string - description: The environment variables to set in the Docker container. - Up to 100 key and values entries in the map are supported. - type: object - experimentConfig: - properties: - experimentName: - type: string - trialComponentDisplayName: - type: string - trialName: - type: string - type: object - networkConfig: - description: Networking options for a processing job, such as whether - to allow inbound and outbound network calls to and from processing - containers, and the VPC subnets and security groups to use for VPC-enabled - processing jobs. - properties: - enableInterContainerTrafficEncryption: - type: boolean - enableNetworkIsolation: - type: boolean - vpcConfig: - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - type: object - processingInputs: - description: An array of inputs configuring the data to download into - the processing container. - items: - properties: - appManaged: - type: boolean - datasetDefinition: - properties: - athenaDatasetDefinition: - properties: - catalog: - type: string - database: - type: string - kmsKeyID: - type: string - outputCompression: - type: string - outputFormat: - type: string - outputS3URI: - type: string - queryString: - type: string - workGroup: - type: string - type: object - dataDistributionType: - type: string - inputMode: - type: string - localPath: - type: string - redshiftDatasetDefinition: - properties: - clusterID: - type: string - clusterRoleARN: - type: string - database: - type: string - dbUser: - type: string - kmsKeyID: - type: string - outputCompression: - type: string - outputFormat: - type: string - outputS3URI: - type: string - queryString: - type: string - type: object - type: object - inputName: - type: string - s3Input: - properties: - localPath: - type: string - s3CompressionType: - type: string - s3DataDistributionType: - type: string - s3DataType: - type: string - s3InputMode: - type: string - s3URI: - type: string - type: object - type: object - type: array - processingJobName: - description: The name of the processing job. The name must be unique - within an AWS Region in the AWS account. - type: string - processingOutputConfig: - description: Output configuration for the processing job. - properties: - kmsKeyID: - type: string - outputs: - items: - properties: - appManaged: - type: boolean - featureStoreOutput: - properties: - featureGroupName: - type: string - type: object - outputName: - type: string - s3Output: - properties: - localPath: - type: string - s3URI: - type: string - s3UploadMode: - type: string - type: object - type: object - type: array - type: object - processingResources: - description: Identifies the resources, ML compute instances, and ML - storage volumes to deploy for a processing job. In distributed training, - you specify more than one instance. - properties: - clusterConfig: - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: object - roleARN: - description: The Amazon Resource Name (ARN) of an IAM role that Amazon - SageMaker can assume to perform tasks on your behalf. - type: string - stoppingCondition: - description: The time limit for how long the processing job is allowed - to run. - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - type: object - required: - - appSpecification - - processingJobName - - processingResources - - roleARN - type: object - status: - description: ProcessingJobStatus defines the observed state of ProcessingJob - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - failureReason: - description: A string, up to one KB in size, that contains the reason - a processing job failed, if it failed. - type: string - processingJobStatus: - description: Provides the status of a processing job. - type: string - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml deleted file mode 100644 index dd85dcf9..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_trainingjobs.yaml +++ /dev/null @@ -1,506 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: trainingjobs.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: TrainingJob - listKind: TrainingJobList - plural: trainingjobs - singular: trainingjob - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.failureReason - name: FailureReason - type: string - - jsonPath: .status.secondaryStatus - name: SecondaryStatus - type: string - - jsonPath: .status.trainingJobStatus - name: TrainingJobStatus - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: TrainingJob is the Schema for the TrainingJobs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TrainingJobSpec defines the desired state of TrainingJob - properties: - algorithmSpecification: - description: The registry path of the Docker image that contains the - training algorithm and algorithm-specific metadata, including the - input mode. For more information about algorithms provided by Amazon - SageMaker, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). - For information about providing your own algorithms, see Using Your - Own Algorithms with Amazon SageMaker (https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html). - properties: - algorithmName: - type: string - enableSageMakerMetricsTimeSeries: - type: boolean - metricDefinitions: - items: - properties: - name: - type: string - regex: - type: string - type: object - type: array - trainingImage: - type: string - trainingInputMode: - type: string - type: object - checkpointConfig: - description: Contains information about the output location for managed - spot training checkpoint data. - properties: - localPath: - type: string - s3URI: - type: string - type: object - debugHookConfig: - properties: - collectionConfigurations: - items: - properties: - collectionName: - type: string - collectionParameters: - additionalProperties: - type: string - type: object - type: object - type: array - hookParameters: - additionalProperties: - type: string - type: object - localPath: - type: string - s3OutputPath: - type: string - type: object - debugRuleConfigurations: - description: Configuration information for Debugger rules for debugging - output tensors. - items: - properties: - instanceType: - type: string - localPath: - type: string - ruleConfigurationName: - type: string - ruleEvaluatorImage: - type: string - ruleParameters: - additionalProperties: - type: string - type: object - s3OutputPath: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: array - enableInterContainerTrafficEncryption: - description: To encrypt all communications between ML compute instances - in distributed training, choose True. Encryption provides greater - security for distributed training, but training might take longer. - How long it takes depends on the amount of communication between - compute instances, especially if you use a deep learning algorithm - in distributed training. For more information, see Protect Communications - Between ML Compute Instances in a Distributed Training Job (https://docs.aws.amazon.com/sagemaker/latest/dg/train-encrypt.html). - type: boolean - enableManagedSpotTraining: - description: "To train models using managed spot training, choose - True. Managed spot training provides a fully managed and scalable - infrastructure for training machine learning models. this option - is useful when training jobs can be interrupted and when there is - flexibility when the training job is run. \n The complete and intermediate - results of jobs are stored in an Amazon S3 bucket, and can be used - as a starting point to train models incrementally. Amazon SageMaker - provides metrics and logs in CloudWatch. They can be used to see - when managed spot training jobs are running, interrupted, resumed, - or completed." - type: boolean - enableNetworkIsolation: - description: Isolates the training container. No inbound or outbound - network calls can be made, except for calls between peers within - a training cluster for distributed training. If you enable network - isolation for training jobs that are configured to use a VPC, Amazon - SageMaker downloads and uploads customer data and model artifacts - through the specified VPC, but the training container does not have - network access. - type: boolean - environment: - additionalProperties: - type: string - description: The environment variables to set in the Docker container. - type: object - experimentConfig: - properties: - experimentName: - type: string - trialComponentDisplayName: - type: string - trialName: - type: string - type: object - hyperParameters: - additionalProperties: - type: string - description: "Algorithm-specific parameters that influence the quality - of the model. You set hyperparameters before you start the learning - process. For a list of hyperparameters for each training algorithm - provided by Amazon SageMaker, see Algorithms (https://docs.aws.amazon.com/sagemaker/latest/dg/algos.html). - \n You can specify a maximum of 100 hyperparameters. Each hyperparameter - is a key-value pair. Each key and value is limited to 256 characters, - as specified by the Length Constraint." - type: object - inputDataConfig: - description: "An array of Channel objects. Each channel is a named - input source. InputDataConfig describes the input data and its location. - \n Algorithms can accept input data from one or more channels. For - example, an algorithm might have two channels of input data, training_data - and validation_data. The configuration for each channel provides - the S3, EFS, or FSx location where the input data is stored. It - also provides information about the stored data: the MIME type, - compression method, and whether the data is wrapped in RecordIO - format. \n Depending on the input mode that the algorithm supports, - Amazon SageMaker either copies input data files from an S3 bucket - to a local directory in the Docker container, or makes it available - as input streams. For example, if you specify an EFS location, input - data files will be made available as input streams. They do not - need to be downloaded." - items: - properties: - channelName: - type: string - compressionType: - type: string - contentType: - type: string - dataSource: - properties: - fileSystemDataSource: - properties: - directoryPath: - type: string - fileSystemAccessMode: - type: string - fileSystemID: - type: string - fileSystemType: - type: string - type: object - s3DataSource: - properties: - attributeNames: - items: - type: string - type: array - s3DataDistributionType: - type: string - s3DataType: - type: string - s3URI: - type: string - type: object - type: object - inputMode: - type: string - recordWrapperType: - type: string - shuffleConfig: - properties: - seed: - format: int64 - type: integer - type: object - type: object - type: array - outputDataConfig: - description: Specifies the path to the S3 location where you want - to store model artifacts. Amazon SageMaker creates subfolders for - the artifacts. - properties: - kmsKeyID: - type: string - s3OutputPath: - type: string - type: object - profilerConfig: - properties: - profilingIntervalInMilliseconds: - format: int64 - type: integer - profilingParameters: - additionalProperties: - type: string - type: object - s3OutputPath: - type: string - type: object - profilerRuleConfigurations: - description: Configuration information for Debugger rules for profiling - system and framework metrics. - items: - properties: - instanceType: - type: string - localPath: - type: string - ruleConfigurationName: - type: string - ruleEvaluatorImage: - type: string - ruleParameters: - additionalProperties: - type: string - type: object - s3OutputPath: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - type: array - resourceConfig: - description: "The resources, including the ML compute instances and - ML storage volumes, to use for model training. \n ML storage volumes - store model artifacts and incremental states. Training algorithms - might also use ML storage volumes for scratch space. If you want - Amazon SageMaker to use the ML storage volume to store the training - data, choose File as the TrainingInputMode in the algorithm specification. - For distributed training algorithms, specify an instance count greater - than 1." - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - volumeSizeInGB: - format: int64 - type: integer - type: object - roleARN: - description: "The Amazon Resource Name (ARN) of an IAM role that Amazon - SageMaker can assume to perform tasks on your behalf. \n During - model training, Amazon SageMaker needs your permission to read input - data from an S3 bucket, download a Docker image that contains training - code, write model artifacts to an S3 bucket, write logs to Amazon - CloudWatch Logs, and publish metrics to Amazon CloudWatch. You grant - permissions for all of these tasks to an IAM role. For more information, - see Amazon SageMaker Roles (https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html). - \n To be able to pass this role to Amazon SageMaker, the caller - of this API must have the iam:PassRole permission." - type: string - stoppingCondition: - description: "Specifies a limit to how long a model training job can - run. When the job reaches the time limit, Amazon SageMaker ends - the training job. Use this API to cap model training costs. \n To - stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal, - which delays job termination for 120 seconds. Algorithms can use - this 120-second window to save the model artifacts, so the results - of training are not lost." - properties: - maxRuntimeInSeconds: - format: int64 - type: integer - maxWaitTimeInSeconds: - format: int64 - type: integer - type: object - tensorBoardOutputConfig: - properties: - localPath: - type: string - s3OutputPath: - type: string - type: object - trainingJobName: - description: The name of the training job. The name must be unique - within an AWS Region in an AWS account. - type: string - vpcConfig: - description: A VpcConfig object that specifies the VPC that you want - your training job to connect to. Control access to and from your - training container by configuring the VPC. For more information, - see Protect Training Jobs by Using an Amazon Virtual Private Cloud - (https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html). - properties: - securityGroupIDs: - items: - type: string - type: array - subnets: - items: - type: string - type: array - type: object - required: - - algorithmSpecification - - outputDataConfig - - resourceConfig - - roleARN - - stoppingCondition - - trainingJobName - type: object - status: - description: TrainingJobStatus defines the observed state of TrainingJob - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - debugRuleEvaluationStatuses: - description: Evaluation status of Debugger rules for debugging on - a training job. - items: - properties: - lastModifiedTime: - format: date-time - type: string - ruleConfigurationName: - type: string - ruleEvaluationJobARN: - type: string - ruleEvaluationStatus: - type: string - statusDetails: - type: string - type: object - type: array - failureReason: - description: If the training job failed, the reason it failed. - type: string - secondaryStatus: - description: "Provides detailed information about the state of the - training job. For detailed information on the secondary status of - the training job, see StatusMessage under SecondaryStatusTransition. - \n Amazon SageMaker provides primary statuses and secondary statuses - that apply to each of them: \n InProgress \n * Starting - Starting - the training job. \n * Downloading - An optional stage for algorithms - that support File training input mode. It indicates that data - is being downloaded to the ML storage volumes. \n * Training - - Training is in progress. \n * Interrupted - The job stopped - because the managed spot training instances were interrupted. - \n * Uploading - Training is complete and the model artifacts - are being uploaded to the S3 location. \n Completed \n * Completed - - The training job has completed. \n Failed \n * Failed - The - training job has failed. The reason for the failure is returned - in the FailureReason field of DescribeTrainingJobResponse. \n Stopped - \n * MaxRuntimeExceeded - The job stopped because it exceeded - the maximum allowed runtime. \n * MaxWaitTimeExceeded - The - job stopped because it exceeded the maximum allowed wait time. - \n * Stopped - The training job has stopped. \n Stopping \n * - Stopping - Stopping the training job. \n Valid values for SecondaryStatus - are subject to change. \n We no longer support the following secondary - statuses: \n * LaunchingMLInstances \n * PreparingTrainingStack - \n * DownloadingTrainingImage" - type: string - trainingJobStatus: - description: "The status of the training job. \n Amazon SageMaker - provides the following training job statuses: \n * InProgress - - The training is in progress. \n * Completed - The training - job has completed. \n * Failed - The training job has failed. - To see the reason for the failure, see the FailureReason field - in the response to a DescribeTrainingJobResponse call. \n * - Stopping - The training job is stopping. \n * Stopped - The training - job has stopped. \n For more detailed information, see SecondaryStatus." - type: string - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml b/helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml deleted file mode 100644 index 4dd1ce6c..00000000 --- a/helm/crds/sagemaker.services.k8s.aws_transformjobs.yaml +++ /dev/null @@ -1,270 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: transformjobs.sagemaker.services.k8s.aws -spec: - group: sagemaker.services.k8s.aws - names: - kind: TransformJob - listKind: TransformJobList - plural: transformjobs - singular: transformjob - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.failureReason - name: FailureReason - type: string - - jsonPath: .status.transformJobStatus - name: TransformJobStatus - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: TransformJob is the Schema for the TransformJobs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TransformJobSpec defines the desired state of TransformJob - properties: - batchStrategy: - description: "Specifies the number of records to include in a mini-batch - for an HTTP inference request. A record is a single unit of input - data that inference can be made on. For example, a single line in - a CSV file is a record. \n To enable the batch strategy, you must - set the SplitType property to Line, RecordIO, or TFRecord. \n To - use only one record when making an HTTP invocation request to a - container, set BatchStrategy to SingleRecord and SplitType to Line. - \n To fit as many records in a mini-batch as can fit within the - MaxPayloadInMB limit, set BatchStrategy to MultiRecord and SplitType - to Line." - type: string - dataProcessing: - description: The data structure used to specify the data to be used - for inference in a batch transform job and to associate the data - that is relevant to the prediction results in the output. The input - filter provided allows you to exclude input data that is not needed - for inference in a batch transform job. The output filter provided - allows you to include input data relevant to interpreting the predictions - in the output from the job. For more information, see Associate - Prediction Results with their Corresponding Input Records (https://docs.aws.amazon.com/sagemaker/latest/dg/batch-transform-data-processing.html). - properties: - inputFilter: - type: string - joinSource: - type: string - outputFilter: - type: string - type: object - environment: - additionalProperties: - type: string - description: The environment variables to set in the Docker container. - We support up to 16 key and values entries in the map. - type: object - experimentConfig: - properties: - experimentName: - type: string - trialComponentDisplayName: - type: string - trialName: - type: string - type: object - maxConcurrentTransforms: - description: The maximum number of parallel requests that can be sent - to each instance in a transform job. If MaxConcurrentTransforms - is set to 0 or left unset, Amazon SageMaker checks the optional - execution-parameters to determine the settings for your chosen algorithm. - If the execution-parameters endpoint is not enabled, the default - value is 1. For more information on execution-parameters, see How - Containers Serve Requests (https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-batch-code.html#your-algorithms-batch-code-how-containe-serves-requests). - For built-in algorithms, you don't need to set a value for MaxConcurrentTransforms. - format: int64 - type: integer - maxPayloadInMB: - description: "The maximum allowed size of the payload, in MB. A payload - is the data portion of a record (without metadata). The value in - MaxPayloadInMB must be greater than, or equal to, the size of a - single record. To estimate the size of a record in MB, divide the - size of your dataset by the number of records. To ensure that the - records fit within the maximum payload size, we recommend using - a slightly larger value. The default value is 6 MB. \n For cases - where the payload might be arbitrarily large and is transmitted - using HTTP chunked encoding, set the value to 0. This feature works - only in supported algorithms. Currently, Amazon SageMaker built-in - algorithms do not support HTTP chunked encoding." - format: int64 - type: integer - modelClientConfig: - description: Configures the timeout and maximum number of retries - for processing a transform job invocation. - properties: - invocationsMaxRetries: - format: int64 - type: integer - invocationsTimeoutInSeconds: - format: int64 - type: integer - type: object - modelName: - description: The name of the model that you want to use for the transform - job. ModelName must be the name of an existing Amazon SageMaker - model within an AWS Region in an AWS account. - type: string - transformInput: - description: Describes the input source and the way the transform - job consumes it. - properties: - compressionType: - type: string - contentType: - type: string - dataSource: - properties: - s3DataSource: - properties: - s3DataType: - type: string - s3URI: - type: string - type: object - type: object - splitType: - type: string - type: object - transformJobName: - description: The name of the transform job. The name must be unique - within an AWS Region in an AWS account. - type: string - transformOutput: - description: Describes the results of the transform job. - properties: - accept: - type: string - assembleWith: - type: string - kmsKeyID: - type: string - s3OutputPath: - type: string - type: object - transformResources: - description: Describes the resources, including ML instance types - and ML instance count, to use for the transform job. - properties: - instanceCount: - format: int64 - type: integer - instanceType: - type: string - volumeKMSKeyID: - type: string - type: object - required: - - modelName - - transformInput - - transformJobName - - transformOutput - - transformResources - type: object - status: - description: TransformJobStatus defines the observed state of TransformJob - properties: - ackResourceMetadata: - description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` - member that is used to contain resource sync state, account ownership, - constructed ARN for the resource - properties: - arn: - description: 'ARN is the Amazon Resource Name for the resource. - This is a globally-unique identifier and is set only by the - ACK service controller once the controller has orchestrated - the creation of the resource OR when it has verified that an - "adopted" resource (a resource where the ARN annotation was - set by the Kubernetes user on the CR) exists and matches the - supplied CR''s Spec field values. TODO(vijat@): Find a better - strategy for resources that do not have ARN in CreateOutputResponse - https://github.com/aws/aws-controllers-k8s/issues/270' - type: string - ownerAccountID: - description: OwnerAccountID is the AWS Account ID of the account - that owns the backend AWS service API resource. - type: string - required: - - ownerAccountID - type: object - conditions: - description: All CRS managed by ACK have a common `Status.Conditions` - member that contains a collection of `ackv1alpha1.Condition` objects - that describe the various terminal states of the CR and its backend - AWS service API resource - items: - description: Condition is the common struct used by all CRDs managed - by ACK service controllers to indicate terminal states of the - CR and its backend AWS service API resource - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type is the type of the Condition - type: string - required: - - status - - type - type: object - type: array - failureReason: - description: If the transform job failed, FailureReason describes - why it failed. A transform job creates a log file, which includes - error messages, and stores it as an Amazon S3 object. For more information, - see Log Amazon SageMaker Events with Amazon CloudWatch (https://docs.aws.amazon.com/sagemaker/latest/dg/logging-cloudwatch.html). - type: string - transformJobStatus: - description: The status of the transform job. If the transform job - failed, the reason is returned in the FailureReason field. - type: string - required: - - ackResourceMetadata - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl deleted file mode 100644 index ba90cd16..00000000 --- a/helm/templates/_helpers.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* The name of the application this chart installs */}} -{{- define "app.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "app.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* The name and version as used by the chart label */}} -{{- define "chart.name-version" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* The name of the service account to use */}} -{{- define "service-account.name" -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} diff --git a/helm/templates/cluster-role-binding.yaml b/helm/templates/cluster-role-binding.yaml deleted file mode 100644 index ff84bc87..00000000 --- a/helm/templates/cluster-role-binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "app.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "app.name" . }} -subjects: -- kind: ServiceAccount - name: {{ include "service-account.name" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/templates/cluster-role-controller.yaml b/helm/templates/cluster-role-controller.yaml deleted file mode 100644 index 1f649fa3..00000000 --- a/helm/templates/cluster-role-controller.yaml +++ /dev/null @@ -1,264 +0,0 @@ - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: ack-sagemaker-controller -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - dataqualityjobdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - dataqualityjobdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - endpointconfigs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - endpointconfigs/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - endpoints - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - endpoints/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - hyperparametertuningjobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - hyperparametertuningjobs/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - modelbiasjobdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - modelbiasjobdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - modelexplainabilityjobdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - modelexplainabilityjobdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - modelqualityjobdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - modelqualityjobdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - models - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - models/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - monitoringschedules - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - monitoringschedules/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - processingjobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - processingjobs/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - trainingjobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - trainingjobs/status - verbs: - - get - - patch - - update -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - transformjobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - transformjobs/status - verbs: - - get - - patch - - update diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml deleted file mode 100644 index e433186e..00000000 --- a/helm/templates/deployment.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "app.fullname" . }} - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ include "app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "app.name" . }} - helm.sh/chart: {{ include "chart.name-version" . }} - control-plane: controller -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: {{ include "app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - annotations: - {{- range $key, $value := .Values.deployment.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - k8s-app: {{ include "app.name" . }} -{{- range $key, $value := .Values.deployment.labels }} - {{ $key }}: {{ $value | quote }} -{{- end }} - spec: - serviceAccountName: {{ include "service-account.name" . }} - containers: - - command: - - ./bin/controller - args: - - --aws-account-id - - "$(AWS_ACCOUNT_ID)" - - --aws-region - - "$(AWS_REGION)" - - --enable-development-logging - - "$(ACK_ENABLE_DEVELOPMENT_LOGGING)" - - --log-level - - "$(ACK_LOG_LEVEL)" - - --resource-tags - - "$(ACK_RESOURCE_TAGS)" - image: {{ .Values.image.repository }}:{{ .Values.image.tag }} - name: controller - ports: - - containerPort: {{ .Values.deployment.containerPort }} - resources: - {{- toYaml .Values.resources | nindent 10 }} - env: - - name: K8S_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: AWS_REGION - value: {{ .Values.aws.region }} - - name: ACK_RESOURCE_TAGS - value: {{ join "," .Values.resourceTags | quote }} - terminationGracePeriodSeconds: 10 diff --git a/helm/templates/role-reader.yaml b/helm/templates/role-reader.yaml deleted file mode 100644 index cdbb0e90..00000000 --- a/helm/templates/role-reader.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - creationTimestamp: null - name: ack-sagemaker-reader - namespace: {{ .Release.Namespace }} -rules: -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - endpoints - - endpointconfigs - - hyperparametertuningjobs - - models - - monitoringschedules - - processingjobs - - trainingjobs - - transformjobs - verbs: - - get - - list - - watch diff --git a/helm/templates/role-writer.yaml b/helm/templates/role-writer.yaml deleted file mode 100644 index badc3c01..00000000 --- a/helm/templates/role-writer.yaml +++ /dev/null @@ -1,50 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - creationTimestamp: null - name: ack-sagemaker-writer - namespace: {{ .Release.Namespace }} -rules: -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - endpoints - - - endpointconfigs - - - hyperparametertuningjobs - - - models - - - monitoringschedules - - - processingjobs - - - trainingjobs - - - transformjobs - - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sagemaker.services.k8s.aws - resources: - - endpoints - - endpointconfigs - - hyperparametertuningjobs - - models - - monitoringschedules - - processingjobs - - trainingjobs - - transformjobs - verbs: - - get - - patch - - update diff --git a/helm/templates/service-account.yaml b/helm/templates/service-account.yaml deleted file mode 100644 index 4fc81d3b..00000000 --- a/helm/templates/service-account.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/name: {{ include "app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "app.name" . }} - helm.sh/chart: {{ include "chart.name-version" . }} - name: {{ include "service-account.name" . }} - annotations: - {{- range $key, $value := .Values.serviceAccount.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/helm/values.yaml b/helm/values.yaml deleted file mode 100644 index 79810d15..00000000 --- a/helm/values.yaml +++ /dev/null @@ -1,43 +0,0 @@ -# Default values for ack-sagemaker-controller. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -image: - repository: surajkota/ack-sagemaker-controller - tag: sagemaker-v0.0.1 - pullPolicy: IfNotPresent - pullSecrets: [] - -nameOverride: "" -fullnameOverride: "" - -deployment: - annotations: {} - labels: {} - containerPort: 8080 - -resources: - requests: - memory: "64Mi" - cpu: "50m" - limits: - memory: "128Mi" - cpu: "100m" - -aws: - # If specified, use the AWS region for AWS API calls - region: "" - -resourceTags: - # Configures the ACK service controller to always set key/value pairs tags on resources that it manages. - - services.k8s.aws/managed=true - - services.k8s.aws/created=%UTCNOW% - - services.k8s.aws/namespace=%KUBERNETES_NAMESPACE% - -serviceAccount: - # Specifies whether a service account should be created - create: true - # The name of the service account to use. - name: ack-sagemaker-controller - annotations: {} - # eks.amazonaws.com/role-arn: arn:aws:iam::AWS_ACCOUNT_ID:role/IAM_ROLE_NAME From 41fdbe29b5569a2a24e4e0a354000020300b2138 Mon Sep 17 00:00:00 2001 From: Suraj Kota Date: Fri, 7 May 2021 17:13:50 +0000 Subject: [PATCH 6/6] bug fix after rebase --- test/e2e/tests/test_endpoint_config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/tests/test_endpoint_config.py b/test/e2e/tests/test_endpoint_config.py index 5c60a757..f4ad9dc3 100644 --- a/test/e2e/tests/test_endpoint_config.py +++ b/test/e2e/tests/test_endpoint_config.py @@ -26,7 +26,7 @@ create_sagemaker_resource, ) from e2e.replacement_values import REPLACEMENT_VALUES -from e2e.common.config import config as cfg +from e2e.common import config as cfg @pytest.fixture(scope="module")