v1alpha1

package
v0.2.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 8, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the modelregistry v1 API group +kubebuilder:object:generate=true +groupName=modelregistry.opendatahub.io

Index

Constants

View Source
const (
	// default ports
	DefaultHttpPort  = 80
	DefaultHttpsPort = 443

	DefaultTlsMode      = IstioMutualTlsMode
	IstioMutualTlsMode  = "ISTIO_MUTUAL"
	DefaultIstioGateway = "ingressgateway"
)

Variables

View Source
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "modelregistry.opendatahub.io", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func HandleResetDefaults added in v0.2.10

func HandleResetDefaults(r *ModelRegistry)

HandleResetDefaults resets operator default properties

Types

type ConfigMapKeyValue added in v0.2.9

type ConfigMapKeyValue struct {
	// +kubebuilder:validation:Required
	// Kubernetes configmap name
	Name string `json:"name"`
	// +kubebuilder:validation:Required
	// Key name in configmap
	Key string `json:"key"`
}

func (*ConfigMapKeyValue) DeepCopy added in v0.2.9

func (in *ConfigMapKeyValue) DeepCopy() *ConfigMapKeyValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapKeyValue.

func (*ConfigMapKeyValue) DeepCopyInto added in v0.2.9

func (in *ConfigMapKeyValue) DeepCopyInto(out *ConfigMapKeyValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GatewayConfig added in v0.1.3

type GatewayConfig struct {

	// Domain name for Gateway configuration.
	// If not provided, it is set automatically using model registry operator env variable DEFAULT_DOMAIN.
	// If the env variable is not set, it is set to the OpenShift `cluster` ingress domain in an OpenShift cluster.
	Domain string `json:"domain,omitempty"`

	// Value of label `istio` used to identify the Ingress Gateway
	IstioIngress *string `json:"istioIngress,omitempty"`

	// Maistra/OpenShift Servicemesh control plane name
	//+optional
	ControlPlane *string `json:"controlPlane,omitempty"`

	// Rest gateway server config
	Rest ServerConfig `json:"rest"`

	// gRPC  gateway server config
	Grpc ServerConfig `json:"grpc"`
}

func (*GatewayConfig) DeepCopy added in v0.1.3

func (in *GatewayConfig) DeepCopy() *GatewayConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayConfig.

func (*GatewayConfig) DeepCopyInto added in v0.1.3

func (in *GatewayConfig) DeepCopyInto(out *GatewayConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GrpcSpec

type GrpcSpec struct {

	// Listen port for gRPC connections, defaults to 9090.
	Port *int32 `json:"port,omitempty"`

	// Resource requirements
	//+optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`

	// Optional image to support overriding the image deployed by the operator.
	//+optional
	Image string `json:"image,omitempty"`
}

func (*GrpcSpec) DeepCopy

func (in *GrpcSpec) DeepCopy() *GrpcSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrpcSpec.

func (*GrpcSpec) DeepCopyInto

func (in *GrpcSpec) DeepCopyInto(out *GrpcSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IstioConfig added in v0.1.3

type IstioConfig struct {

	// Authorino authentication provider name
	//
	// If missing, it is set using the operator environment property DEFAULT_AUTH_PROVIDER
	// Model registry will have an error status if the operator property is also missing
	AuthProvider string `json:"authProvider,omitempty"`

	// Authorino AuthConfig selector labels.
	//
	// If missing, it is set using the operator environment property DEFAULT_AUTH_CONFIG_LABELS
	//+optional
	AuthConfigLabels map[string]string `json:"authConfigLabels,omitempty"`

	// DestinationRule TLS mode. Defaults to ISTIO_MUTUAL.
	//
	// DISABLE: Do not setup a TLS connection to the upstream endpoint.
	//
	// SIMPLE: Originate a TLS connection to the upstream endpoint.
	//
	// MUTUAL: Secure connections to the upstream using mutual TLS by presenting
	// client certificates for authentication.
	//
	// ISTIO_MUTUAL: Secure connections to the upstream using mutual TLS by presenting
	// client certificates for authentication.
	// Compared to Mutual mode, this mode uses certificates generated
	// automatically by Istio for mTLS authentication. When this mode is
	// used, all other fields in `ClientTLSSettings` should be empty.
	TlsMode string `json:"tlsMode,omitempty"`

	// Optional Istio Gateway for registry services.
	// Gateway is not created if set to null (default).
	//+optional
	Gateway *GatewayConfig `json:"gateway,omitempty"`

	// Optional Authorino AuthConfig credential audiences. This depends on the cluster identity provider.
	// If not specified, operator will determine the cluster's audience using its own service account.
	//+optional
	Audiences []string `json:"audiences,omitempty"`
}

func (*IstioConfig) DeepCopy added in v0.1.3

func (in *IstioConfig) DeepCopy() *IstioConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IstioConfig.

func (*IstioConfig) DeepCopyInto added in v0.1.3

func (in *IstioConfig) DeepCopyInto(out *IstioConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ModelRegistry

type ModelRegistry struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ModelRegistrySpec   `json:"spec,omitempty"`
	Status ModelRegistryStatus `json:"status,omitempty"`
}

ModelRegistry is the Schema for the modelregistries API

func (*ModelRegistry) CleanupRuntimeDefaults added in v0.2.10

func (r *ModelRegistry) CleanupRuntimeDefaults()

CleanupRuntimeDefaults removes runtime defaults. Usually on first reconcile, when specDefaults is empty, or for model registries reconciled by older operator versions before adding specDefaults support. It removes images if they are the same as the operator defaults (ignoring version tag), and it removes default runtime values that match default runtime properties set in the operator since they are redundant as custom property values.

func (*ModelRegistry) DeepCopy

func (in *ModelRegistry) DeepCopy() *ModelRegistry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModelRegistry.

func (*ModelRegistry) DeepCopyInto

func (in *ModelRegistry) DeepCopyInto(out *ModelRegistry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ModelRegistry) DeepCopyObject

func (in *ModelRegistry) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ModelRegistry) Default

func (r *ModelRegistry) Default()

Default implements webhook.Defaulter so a webhook will be registered for the type

func (*ModelRegistry) HandleAnnotations added in v0.2.10

func (r *ModelRegistry) HandleAnnotations()

HandleAnnotations calls annotation handlers

func (*ModelRegistry) RuntimeDefaults added in v0.2.10

func (r *ModelRegistry) RuntimeDefaults()

RuntimeDefaults sets default values from the operator environment, which could change at runtime.

func (*ModelRegistry) SetupWebhookWithManager

func (r *ModelRegistry) SetupWebhookWithManager(mgr ctrl.Manager) error

func (*ModelRegistry) ValidateDatabase added in v0.1.1

func (r *ModelRegistry) ValidateDatabase() (admission.Warnings, field.ErrorList)

ValidateDatabase validates that at least one database config is present

func (*ModelRegistry) ValidateIstioConfig added in v0.2.7

func (r *ModelRegistry) ValidateIstioConfig() (warnings admission.Warnings, err field.ErrorList)

ValidateIstioConfig validates the istio and gateway config

func (*ModelRegistry) ValidateRegistry added in v0.2.7

func (r *ModelRegistry) ValidateRegistry() (warnings admission.Warnings, err error)

ValidateRegistry validates registry spec

type ModelRegistryList

type ModelRegistryList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ModelRegistry `json:"items"`
}

ModelRegistryList contains a list of ModelRegistry

func (*ModelRegistryList) DeepCopy

func (in *ModelRegistryList) DeepCopy() *ModelRegistryList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModelRegistryList.

func (*ModelRegistryList) DeepCopyInto

func (in *ModelRegistryList) DeepCopyInto(out *ModelRegistryList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ModelRegistryList) DeepCopyObject

func (in *ModelRegistryList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ModelRegistrySpec

type ModelRegistrySpec struct {

	// Configuration for REST endpoint
	Rest RestSpec `json:"rest"`

	// Configuration for gRPC endpoint
	Grpc GrpcSpec `json:"grpc"`

	// PostgreSQL configuration options
	//+optional
	Postgres *PostgresConfig `json:"postgres,omitempty"`

	// MySQL configuration options
	//+optional
	MySQL *MySQLConfig `json:"mysql,omitempty"`

	// Flag specifying database upgrade option. If set to true, it enables
	// database migration during initialization (Optional parameter)
	//+optional
	EnableDatabaseUpgrade *bool `json:"enable_database_upgrade,omitempty"`

	// Database downgrade schema version value. If set the database
	// schema version is downgraded to the set value during
	// initialization (Optional Parameter)
	//+optional
	DowngradeDbSchemaVersion *int64 `json:"downgrade_db_schema_version,omitempty"`

	// Istio servicemesh configuration options
	//+optional
	Istio *IstioConfig `json:"istio,omitempty"`
}

ModelRegistrySpec defines the desired state of ModelRegistry. One of `postgres` or `mysql` database configurations MUST be provided!

func (*ModelRegistrySpec) DeepCopy

func (in *ModelRegistrySpec) DeepCopy() *ModelRegistrySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModelRegistrySpec.

func (*ModelRegistrySpec) DeepCopyInto

func (in *ModelRegistrySpec) DeepCopyInto(out *ModelRegistrySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ModelRegistryStatus

type ModelRegistryStatus struct {

	// Hosts where model registry services are available
	// NOTE: Gateway service names are different for gRPC and REST service routes
	Hosts []string `json:"hosts,omitempty"`

	// Formatted Host names separated by comma
	HostsStr string `json:"hostsStr,omitempty"`

	// SpecDefaults is a JSON string containing default spec values that were used for model registry deployment
	SpecDefaults string `json:"specDefaults,omitempty"`

	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

ModelRegistryStatus defines the observed state of ModelRegistry

func (*ModelRegistryStatus) DeepCopy

func (in *ModelRegistryStatus) DeepCopy() *ModelRegistryStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModelRegistryStatus.

func (*ModelRegistryStatus) DeepCopyInto

func (in *ModelRegistryStatus) DeepCopyInto(out *ModelRegistryStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MySQLConfig added in v0.1.1

type MySQLConfig struct {
	//+kubebuilder:required
	// The hostname or IP address of the MYSQL server:
	// If unspecified, a connection to the local host is assumed.
	// Currently, a replicated MYSQL backend is not supported.
	Host string `json:"host"`

	//+kubebuilder:default=3306
	//+kubebuilder:validation:Minimum=1
	//+kubebuilder:validation:Maximum=65535
	// Port number to connect to at the server host.
	// The TCP Port number that the MYSQL server accepts connections on.
	// If unspecified, the default MYSQL port (3306) is used.
	Port *int32 `json:"port,omitempty"`

	//+kubebuilder:required
	// The MYSQL login id.
	Username string `json:"username"`

	// The password to use for `Username`. If empty, only MYSQL user ids that don't
	// have a password set are allowed to connect.
	PasswordSecret *SecretKeyValue `json:"passwordSecret,omitempty"`

	//+kubebuilder:required
	// The database to connect to. Must be specified.
	// After connecting to the MYSQL server, this database is created if not
	// already present unless SkipDBCreation is set.
	// All queries after Connect() are assumed to be for this database.
	Database string `json:"database"`

	//+kubebuilder:default=false
	// True if skipping database instance creation during ML Metadata
	// service initialization. By default, it is false.
	SkipDBCreation bool `json:"skipDBCreation,omitempty"`

	// This parameter specifies the Kubernetes Secret name and key of the client public key certificate.
	SSLCertificateSecret *SecretKeyValue `json:"sslCertificateSecret,omitempty"`
	// This parameter specifies the Kubernetes Secret name and key used for the
	// client private key.
	SSLKeySecret *SecretKeyValue `json:"sslKeySecret,omitempty"`
	// This parameter specifies the Kubernetes ConfigMap name and key containing
	// certificate authority (CA) certificate.
	SSLRootCertificateConfigMap *ConfigMapKeyValue `json:"sslRootCertificateConfigMap,omitempty"`
	// This parameter specifies the Kubernetes ConfigMap name containing
	// multiple certificate authority (CA) certificate(s) as keys.
	SSLRootCertificatesConfigMapName *string `json:"sslRootCertificatesConfigMapName,omitempty"`
	// This parameter specifies the Kubernetes Secret name and key containing
	// certificate authority (CA) certificate.
	SSLRootCertificateSecret *SecretKeyValue `json:"sslRootCertificateSecret,omitempty"`
	// This parameter specifies the Kubernetes Secret name containing
	// multiple certificate authority (CA) certificate(s) as keys.
	SSLRootCertificatesSecretName *string `json:"sslRootCertificatesSecretName,omitempty"`
	// This parameter specifies the list of permissible ciphers for SSL encryption.
	SSLCipher *string `json:"sslCipher,omitempty"`
	// If set, enable verification of the server certificate against the host
	// name used when connecting to the server.
	VerifyServerCert *bool `json:"verifyServerCert,omitempty"`
}

func (*MySQLConfig) DeepCopy added in v0.1.1

func (in *MySQLConfig) DeepCopy() *MySQLConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MySQLConfig.

func (*MySQLConfig) DeepCopyInto added in v0.1.1

func (in *MySQLConfig) DeepCopyInto(out *MySQLConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PostgresConfig

type PostgresConfig struct {
	// Name of host to connect to.
	Host string `json:"host,omitempty"`
	// Numeric IP address of host to connect to. If this field is
	// provided, "host" field is ignored.
	HostAddress string `json:"hostAddress,omitempty"`

	//+kubebuilder:default=5432
	//+kubebuilder:validation:Minimum=1
	//+kubebuilder:validation:Maximum=65535
	// Port number to connect to at the server host.
	Port *int32 `json:"port,omitempty"`

	//+kubebuilder:required
	// PostgreSQL username to connect as.
	Username string `json:"username,omitempty"`

	// Password to be used if required by the PostgreSQL server.
	PasswordSecret *SecretKeyValue `json:"passwordSecret,omitempty"`

	//+kubebuilder:required
	// The database name.
	Database string `json:"database"`

	//+kubebuilder:default=false
	// True if skipping database instance creation during ML Metadata
	// service initialization. By default, it is false.
	SkipDBCreation bool `json:"skipDBCreation,omitempty"`

	//+kubebuilder:validation:Enum=disable;allow;prefer;require;verify-ca;verify-full
	//+kubebuilder:default=disable
	// PostgreSQL sslmode setup. Values can be disable, allow, prefer,
	// require, verify-ca, verify-full.
	SSLMode string `json:"sslMode,omitempty"`
	// This parameter specifies the Kubernetes Secret name and key of the client SSL certificate.
	SSLCertificateSecret *SecretKeyValue `json:"sslCertificateSecret,omitempty"`
	// This parameter specifies the Kubernetes Secret name and key used for the
	// client certificate SSL secret key.
	SSLKeySecret *SecretKeyValue `json:"sslKeySecret,omitempty"`
	// This parameter specifies the Kubernetes Secret name and key of the password for the SSL secret key
	// specified in sslKeySecret, allowing client certificate private keys
	// to be stored in encrypted form on disk even when interactive
	// passphrase input is not practical.
	SSLPasswordSecret *SecretKeyValue `json:"sslPasswordSecret,omitempty"`
	// This parameter specifies the Kubernetes ConfigMap name and key containing SSL
	// certificate authority (CA) certificate(s).
	SSLRootCertificateConfigMap *ConfigMapKeyValue `json:"sslRootCertificateConfigMap,omitempty"`
	// This parameter specifies the Kubernetes Secret name and key containing SSL
	// certificate authority (CA) certificate(s).
	SSLRootCertificateSecret *SecretKeyValue `json:"sslRootCertificateSecret,omitempty"`
}

func (*PostgresConfig) DeepCopy

func (in *PostgresConfig) DeepCopy() *PostgresConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PostgresConfig.

func (*PostgresConfig) DeepCopyInto

func (in *PostgresConfig) DeepCopyInto(out *PostgresConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RestSpec

type RestSpec struct {

	// Listen port for REST connections, defaults to 8080.
	Port *int32 `json:"port,omitempty"`

	//+kubebuilder:validation:Enum=disabled;enabled
	//+kubebuilder:default=disabled
	// Create an OpenShift Route for REST Service
	ServiceRoute string `json:"serviceRoute,omitempty"`

	// Resource requirements
	//+optional
	Resources *v1.ResourceRequirements `json:"resources,omitempty"`

	// Optional image to support overriding the image deployed by the operator.
	//+optional
	Image string `json:"image,omitempty"`
}

func (*RestSpec) DeepCopy

func (in *RestSpec) DeepCopy() *RestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RestSpec.

func (*RestSpec) DeepCopyInto

func (in *RestSpec) DeepCopyInto(out *RestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretKeyValue

type SecretKeyValue struct {
	// +kubebuilder:validation:Required
	// Kubernetes secret name
	Name string `json:"name"`
	// +kubebuilder:validation:Required
	// Key name in secret
	Key string `json:"key"`
}

func (*SecretKeyValue) DeepCopy

func (in *SecretKeyValue) DeepCopy() *SecretKeyValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretKeyValue.

func (*SecretKeyValue) DeepCopyInto

func (in *SecretKeyValue) DeepCopyInto(out *SecretKeyValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServerConfig added in v0.1.3

type ServerConfig struct {

	// Listen port for server connections, defaults to 80 without TLS and 443 when TLS settings are present.
	Port *int32 `json:"port,omitempty"`

	// Set of TLS related options that govern the server's behavior. Use
	// these options to control if all http requests should be redirected to
	// https, and the TLS modes to use.
	//+optional
	TLS *TLSServerSettings `json:"tls,omitempty"`

	// Creates an OpenShift Route for Gateway Service when set to enabled (default).
	GatewayRoute string `json:"gatewayRoute,omitempty"`
}

func (*ServerConfig) DeepCopy added in v0.1.3

func (in *ServerConfig) DeepCopy() *ServerConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServerConfig.

func (*ServerConfig) DeepCopyInto added in v0.1.3

func (in *ServerConfig) DeepCopyInto(out *ServerConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSServerSettings added in v0.1.3

type TLSServerSettings struct {

	// The value of this field determines how TLS is enforced.
	// SIMPLE: Secure connections with standard TLS semantics. In this mode client certificate is not requested during handshake.
	//
	// MUTUAL: Secure connections to the downstream using mutual TLS by presenting server certificates for authentication. A client certificate will also be requested during the handshake and at least one valid certificate is required to be sent by the client.
	//
	// ISTIO_MUTUAL: Secure connections from the downstream using mutual TLS by presenting server certificates for authentication. Compared to Mutual mode, this mode uses certificates, representing gateway workload identity, generated automatically by Istio for mTLS authentication. When this mode is used, all other TLS fields should be empty.
	//
	// OPTIONAL_MUTUAL: Similar to MUTUAL mode, except that the client certificate is optional. Unlike SIMPLE mode, A client certificate will still be explicitly requested during handshake, but the client is not required to send a certificate. If a client certificate is presented, it will be validated. ca_certificates should be specified for validating client certificates.
	Mode string `json:"mode,omitempty"`

	// The name of the secret that holds the TLS certs including the CA certificates.
	// If not provided, it is set automatically using model registry operator env variable DEFAULT_CERT.
	// An Opaque secret should contain the following
	// keys and values: `tls.key: <privateKey>` and `tls.crt: <serverCert>` or
	// `key: <privateKey>` and `cert: <serverCert>`.
	// For mutual TLS, `cacert: <CACertificate>` and `crl: <CertificateRevocationList>`
	// can be provided in the same secret or a separate secret named `<secret>-cacert`.
	// A TLS secret for server certificates with an additional `tls.ocsp-staple` key
	// for specifying OCSP staple information, `ca.crt` key for CA certificates
	// and `ca.crl` for certificate revocation list is also supported.
	// Only one of server certificates and CA certificate
	// or credentialName can be specified.
	//+optional
	CredentialName *string `json:"credentialName,omitempty"`
}

func (*TLSServerSettings) DeepCopy added in v0.1.3

func (in *TLSServerSettings) DeepCopy() *TLSServerSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSServerSettings.

func (*TLSServerSettings) DeepCopyInto added in v0.1.3

func (in *TLSServerSettings) DeepCopyInto(out *TLSServerSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL