You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As many people we don’t deploy Kubeflow on GCP, therefore we don’t need/have GCP cred. Unfortunately the GCP env vars and more annoyingly the secret is hardcoded into the BaseComponent. Therefore no component pod can be started without the required secret (named user-gcp-sa per default).
Possible Solution
Please make this mount optionally, controlled via an option given to the runner.
This can go in hand with a better documentation of the additional arguments of the Pipeline class.
A possible solution is to create an overall platform parameter, similar to the solution in the Pipelines example:
The relevant code is around line 124 in tfx.orchestration.kubeflow.base_component. I am happy to assist if needed.
The text was updated successfully, but these errors were encountered:
rummens
changed the title
Kubeflow Runner dont force inject GCP credentials into pods
Kubeflow Runner dont force inject GCP credentials/secret into pods
Jun 5, 2019
rummens
changed the title
Kubeflow Runner dont force inject GCP credentials/secret into pods
Kubeflow Runner/BaseComponent dont force inject GCP credentials/secret into pods
Jun 5, 2019
KubeflowConfigRunner. This enables users to perform operations suchs as
specifying custom k8s secrets or mounting volumes when running TFX pipelines
under Kubeflow.
Fixes#201 and also solves the issue in PR #202.
PiperOrigin-RevId: 251677229
KubeflowConfigRunner. This enables users to perform operations suchs as
specifying custom k8s secrets or mounting volumes when running TFX pipelines
under Kubeflow.
Fixes#201 and also solves the issue in PR #202.
PiperOrigin-RevId: 251677229
KubeflowConfigRunner. This enables users to perform operations suchs as
specifying custom k8s secrets or mounting volumes when running TFX pipelines
under Kubeflow.
Fixes#201 and also solves the issue in PR #202.
PiperOrigin-RevId: 251677229
Description
As many people we don’t deploy Kubeflow on GCP, therefore we don’t need/have GCP cred. Unfortunately the GCP env vars and more annoyingly the secret is hardcoded into the BaseComponent. Therefore no component pod can be started without the required secret (named user-gcp-sa per default).
Possible Solution
Please make this mount optionally, controlled via an option given to the runner.
This can go in hand with a better documentation of the additional arguments of the Pipeline class.
A possible solution is to create an overall platform parameter, similar to the solution in the Pipelines example:
The relevant code is around line 124 in
tfx.orchestration.kubeflow.base_component
. I am happy to assist if needed.Workaround
Deploy a fake secret:
The text was updated successfully, but these errors were encountered: