-
Notifications
You must be signed in to change notification settings - Fork 979
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow using SSL between transformer and predictor/explainer #2911
Conversation
Signed-off-by: Jin Dong <jdong183@bloomberg.net>
Thanks @greenmoon55 ! Can you help update the local transformer testing instruction here for using https predictor url? |
@@ -232,9 +237,10 @@ def postprocess(self, response: Union[Dict, InferResponse, ModelInferResponse], | |||
return response | |||
|
|||
async def _http_predict(self, payload: Union[Dict, InferRequest], headers: Dict[str, str] = None) -> Dict: | |||
predict_url = PREDICTOR_URL_FORMAT.format(self.predictor_host, self.name) | |||
protocol = "https" if self.use_ssl else "http" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we have test cases for this function to verify if http or https is used?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unfortunately not. I can't find a good way to add tests here. We have e2e tests for http but not for https.
@@ -311,9 +317,11 @@ async def explain(self, payload: Dict, headers: Dict[str, str] = None) -> Dict: | |||
""" | |||
if self.explainer_host is None: | |||
raise NotImplementedError("Could not find explainer_host.") | |||
explain_url = EXPLAINER_URL_FORMAT.format(self.explainer_host, self.name) | |||
|
|||
protocol = "https" if self.use_ssl else "http" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am wondering if we have test cases for this function.
Signed-off-by: Jin Dong <jdong183@bloomberg.net>
Signed-off-by: Jin Dong <jdong183@bloomberg.net>
python/kserve/kserve/model.py
Outdated
self.predictor_host = self.predictor_host + ":80" | ||
_channel = grpc.aio.insecure_channel(self.predictor_host) | ||
port = 443 if self.use_ssl else 80 | ||
self.predictor_host = self.predictor_host + f":{port}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: both predictor_host and port can be in the fstring
Signed-off-by: Jin Dong <jdong183@bloomberg.net>
@@ -103,9 +104,12 @@ def postprocess(self, infer_response: Union[Dict, ModelInferResponse], headers: | |||
parser.add_argument( | |||
"--model_name", help="The name that the model is served under." | |||
) | |||
parser.add_argument( | |||
"--use_ssl", help="Use ssl for connecting to the predictor", action='store_true' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It will be true with --use_ssl
, otherwise False.
Great work @greenmoon55 ! /lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: greenmoon55, yuzisun The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
) * Allow using SSL between transformer and predictor/explainer Signed-off-by: Jin Dong <jdong183@bloomberg.net> * Update custom transformer example Signed-off-by: Jin Dong <jdong183@bloomberg.net> * Update document Signed-off-by: Jin Dong <jdong183@bloomberg.net> * Update doc and use f string format Signed-off-by: Jin Dong <jdong183@bloomberg.net> --------- Signed-off-by: Jin Dong <jdong183@bloomberg.net> Signed-off-by: iamlovingit <freecode666@gmail.com>
What this PR does / why we need it: Currently the transformer is hard-coded to use http to communicate with the predictor. We add a
use_ssl
property toModel
class to allow using SSL between transformer and predictor/explainer for both rest and grpc.Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #2863
Type of changes
Please delete options that are not relevant.
Feature/Issue validation/testing:
Please describe the tests that you ran to verify your changes and relevant result summary. Provide instructions so it can be reproduced.
Please also list any relevant details for your test configuration.
Note that if you need a custom root CA, you can set an environment variable like this
export GRPC_DEFAULT_SSL_ROOTS_FILE_PATH=bundle.pem
Special notes for your reviewer:
No.
Checklist:
Release note: