From 2f17c2146844a5f83195d283fac6785ad4e76a12 Mon Sep 17 00:00:00 2001 From: Julian Einhaus Date: Wed, 3 Apr 2024 07:38:02 +0200 Subject: [PATCH] Create separate grpc service for flyteadmin This allows setting annotations that are required for some ingress controllers for grpc communication only on the parts that actually use grpc. Without this separation either the console or the grpc endpoints did not work properly with some ingress controllers, e.g. traefik. --- .../templates/admin/service-grpc.yaml | 29 +++++++++++++++++++ .../flyte-core/templates/admin/service.yaml | 14 ++++----- .../flyte-core/templates/common/ingress.yaml | 24 +++++++-------- charts/flyte-core/values-gcp.yaml | 8 ++--- ...loak-idp-flyteclients-without-browser.yaml | 2 +- charts/flyte-core/values-sandbox.yaml | 2 +- charts/flyte-core/values.yaml | 7 +++-- 7 files changed, 59 insertions(+), 27 deletions(-) create mode 100644 charts/flyte-core/templates/admin/service-grpc.yaml diff --git a/charts/flyte-core/templates/admin/service-grpc.yaml b/charts/flyte-core/templates/admin/service-grpc.yaml new file mode 100644 index 0000000000..77906627a2 --- /dev/null +++ b/charts/flyte-core/templates/admin/service-grpc.yaml @@ -0,0 +1,29 @@ +{{- if .Values.flyteadmin.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "flyteadmin.name" . }}-grpc + namespace: {{ template "flyte.namespace" . }} + labels: {{ include "flyteadmin.labels" . | nindent 4 }} + annotations: + {{- if .Values.flyteadmin.service.annotations }} + {{ tpl ( .Values.flyteadmin.service.annotations | toYaml ) . | nindent 4 }} + {{- end }} + {{- if .Values.flyteadmin.service.grpcAnnotations }} + {{ tpl ( .Values.flyteadmin.service.grpcAnnotations | toYaml ) . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.flyteadmin.service.type}} + type: {{ . }} + {{- end }} + {{- with .Values.flyteadmin.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{ . }} + {{- end }} + ports: + - name: grpc + port: 81 + protocol: TCP + targetPort: 8089 + selector: {{ include "flyteadmin.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/flyte-core/templates/admin/service.yaml b/charts/flyte-core/templates/admin/service.yaml index 577533e48b..95bdb5ae7d 100644 --- a/charts/flyte-core/templates/admin/service.yaml +++ b/charts/flyte-core/templates/admin/service.yaml @@ -5,9 +5,13 @@ metadata: name: {{ template "flyteadmin.name" . }} namespace: {{ template "flyte.namespace" . }} labels: {{ include "flyteadmin.labels" . | nindent 4 }} - {{- with .Values.flyteadmin.service.annotations }} - annotations: {{ tpl (toYaml .) $ | nindent 4 }} - {{- end }} + annotations: + {{- if .Values.flyteadmin.service.annotations }} + {{ tpl ( .Values.flyteadmin.service.annotations | toYaml ) . | nindent 4 }} + {{- end }} + {{- if .Values.flyteadmin.service.httpAnnotations }} + {{ tpl ( .Values.flyteadmin.service.httpAnnotations | toYaml ) . | nindent 4 }} + {{- end }} spec: {{- with .Values.flyteadmin.service.type}} type: {{ . }} @@ -21,10 +25,6 @@ spec: port: 80 protocol: TCP targetPort: 8088 - - name: grpc - port: 81 - protocol: TCP - targetPort: 8089 - name: redoc protocol: TCP port: 87 diff --git a/charts/flyte-core/templates/common/ingress.yaml b/charts/flyte-core/templates/common/ingress.yaml index d812f2abe3..e58073434f 100644 --- a/charts/flyte-core/templates/common/ingress.yaml +++ b/charts/flyte-core/templates/common/ingress.yaml @@ -8,84 +8,84 @@ pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.SignalService/* pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.AdminService pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.AdminService/* pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.DataProxyService pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.DataProxyService/* pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.AuthMetadataService pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.AuthMetadataService/* pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.IdentityService pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /flyteidl.service.IdentityService/* pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /grpc.health.v1.Health pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} - path: /grpc.health.v1.Health/* pathType: ImplementationSpecific backend: service: - name: flyteadmin + name: flyteadmin-grpc port: number: {{ $grpcPort }} {{- end }} diff --git a/charts/flyte-core/values-gcp.yaml b/charts/flyte-core/values-gcp.yaml index b402924699..57b08c0570 100644 --- a/charts/flyte-core/values-gcp.yaml +++ b/charts/flyte-core/values-gcp.yaml @@ -6,9 +6,9 @@ userSettings: dbHost: dbPassword: # These two storage buckets could be the same or you could specify different buckets if required. Both keys are required. -# Learn more https://docs.flyte.org/en/latest/concepts/data_management.html#understand-how-flyte-handles-data - bucketName: - rawDataBucketName: +# Learn more https://docs.flyte.org/en/latest/concepts/data_management.html#understand-how-flyte-handles-data + bucketName: + rawDataBucketName: hostName: # @@ -35,7 +35,7 @@ flyteadmin: ephemeral-storage: 2Gi memory: 1G service: - annotations: + grpcAnnotations: # Required for the ingress to properly route grpc traffic to grpc port cloud.google.com/app-protocols: '{"grpc":"HTTP2"}' affinity: diff --git a/charts/flyte-core/values-keycloak-idp-flyteclients-without-browser.yaml b/charts/flyte-core/values-keycloak-idp-flyteclients-without-browser.yaml index 5b12b7b3f9..6f2f7ef6c5 100644 --- a/charts/flyte-core/values-keycloak-idp-flyteclients-without-browser.yaml +++ b/charts/flyte-core/values-keycloak-idp-flyteclients-without-browser.yaml @@ -52,7 +52,7 @@ flyteadmin: - flyteexamples # -- Service settings for Flyteadmin service: - annotations: + grpcAnnotations: projectcontour.io/upstream-protocol.h2c: grpc type: ClusterIP loadBalancerSourceRanges: [] diff --git a/charts/flyte-core/values-sandbox.yaml b/charts/flyte-core/values-sandbox.yaml index c0e6d38404..76abd98b63 100644 --- a/charts/flyte-core/values-sandbox.yaml +++ b/charts/flyte-core/values-sandbox.yaml @@ -3,7 +3,7 @@ flyteadmin: serviceMonitor: enabled: false service: - annotations: + grpcAnnotations: projectcontour.io/upstream-protocol.h2c: grpc type: ClusterIP loadBalancerSourceRanges: [] diff --git a/charts/flyte-core/values.yaml b/charts/flyte-core/values.yaml index 8b1e4b89d6..d6c03d1fc2 100755 --- a/charts/flyte-core/values.yaml +++ b/charts/flyte-core/values.yaml @@ -50,8 +50,11 @@ flyteadmin: - flyteexamples # -- Service settings for Flyteadmin service: - annotations: - projectcontour.io/upstream-protocol.h2c: grpc + annotations: {} + httpAnnotations: {} + grpcAnnotations: {} + # projectcontour.io/upstream-protocol.h2c: grpc + # traefik.ingress.kubernetes.io/service.serversscheme: h2c type: ClusterIP loadBalancerSourceRanges: [] # -- Configuration for service accounts for FlyteAdmin