Documentation ¶
Index ¶
- Variables
- func AddRegistry(registry string, imageName string) string
- func AmazonIAMRoleSecret(region, bucket, distribution string) map[string][]byte
- func AmazonSecret(region, bucket, id, secret, token, distribution string) map[string][]byte
- func AmazonVaultSecret(region, bucket, vaultAddress, vaultRole, vaultToken, distribution string) map[string][]byte
- func ClusterRole(opts *AssetOpts) *rbacv1.ClusterRole
- func ClusterRoleBinding(opts *AssetOpts) *rbacv1.ClusterRoleBinding
- func DashDeployment(opts *AssetOpts) *apps.Deployment
- func DashService(opts *AssetOpts) *v1.Service
- func EtcdDeployment(opts *AssetOpts, hostPath string) *apps.Deployment
- func EtcdHeadlessService(opts *AssetOpts) *v1.Service
- func EtcdNodePortService(local bool, opts *AssetOpts) *v1.Service
- func EtcdStatefulSet(opts *AssetOpts, backend backend, diskSpace int) interface{}
- func EtcdStorageClass(opts *AssetOpts, backend backend) (interface{}, error)
- func EtcdVolume(persistentDiskBackend backend, opts *AssetOpts, hostPath string, name string, ...) (*v1.PersistentVolume, error)
- func EtcdVolumeClaim(size int, opts *AssetOpts) *v1.PersistentVolumeClaim
- func GetSecretVolumeAndMount(backend string) (v1.Volume, v1.VolumeMount)
- func GithookService(namespace string) *v1.Service
- func GoogleSecret(bucket string, cred string) map[string][]byte
- func Images(opts *AssetOpts) []string
- func LocalSecret() map[string][]byte
- func MicrosoftSecret(container string, id string, secret string) map[string][]byte
- func MinioSecret(bucket string, id string, secret string, endpoint string, secure, isS3V2 bool) map[string][]byte
- func PachdDeployment(opts *AssetOpts, objectStoreBackend backend, hostPath string) *apps.Deployment
- func PachdService(opts *AssetOpts) *v1.Service
- func ServiceAccount(opts *AssetOpts) *v1.ServiceAccount
- func WriteAmazonAssets(encoder Encoder, opts *AssetOpts, region string, bucket string, volumeSize int, ...) error
- func WriteAssets(encoder Encoder, opts *AssetOpts, objectStoreBackend backend, ...) error
- func WriteCustomAssets(encoder Encoder, opts *AssetOpts, args []string, objectStoreBackend string, ...) error
- func WriteDashboardAssets(encoder Encoder, opts *AssetOpts) error
- func WriteGoogleAssets(encoder Encoder, opts *AssetOpts, bucket string, cred string, volumeSize int) error
- func WriteLocalAssets(encoder Encoder, opts *AssetOpts, hostPath string) error
- func WriteMicrosoftAssets(encoder Encoder, opts *AssetOpts, container string, id string, secret string, ...) error
- func WriteSecret(encoder Encoder, data map[string][]byte, opts *AssetOpts) error
- type AmazonCreds
- type AssetOpts
- type Encoder
Constants ¶
This section is empty.
Variables ¶
var ( // ServiceAccountName is the name of Pachyderm's service account. // It's public because it's needed by pps.APIServer to create the RCs for // workers. ServiceAccountName = "pachyderm" // PrometheusPort hosts the prometheus stats for scraping PrometheusPort = 9091 )
Functions ¶
func AddRegistry ¶ added in v1.6.1
AddRegistry switchs the registry that an image is targetting.
func AmazonIAMRoleSecret ¶ added in v1.7.2
AmazonIAMRoleSecret creates an amazon secret with the following parameters:
region - AWS region bucket - S3 bucket name distribution - cloudfront distribution
func AmazonSecret ¶
AmazonSecret creates an amazon secret with the following parameters:
region - AWS region bucket - S3 bucket name id - AWS access key id secret - AWS secret access key token - AWS access token distribution - cloudfront distribution
func AmazonVaultSecret ¶ added in v1.7.1
func AmazonVaultSecret(region, bucket, vaultAddress, vaultRole, vaultToken, distribution string) map[string][]byte
AmazonVaultSecret creates an amazon secret with the following parameters:
region - AWS region bucket - S3 bucket name vaultAddress - address/hostport of vault vaultRole - pachd's role in vault vaultToken - pachd's vault token distribution - cloudfront distribution
func ClusterRole ¶ added in v1.6.7
func ClusterRole(opts *AssetOpts) *rbacv1.ClusterRole
ClusterRole returns a ClusterRole that should be bound to the Pachyderm service account.
func ClusterRoleBinding ¶ added in v1.6.7
func ClusterRoleBinding(opts *AssetOpts) *rbacv1.ClusterRoleBinding
ClusterRoleBinding returns a ClusterRoleBinding that binds Pachyderm's ClusterRole to its ServiceAccount.
func DashDeployment ¶ added in v1.4.5
func DashDeployment(opts *AssetOpts) *apps.Deployment
DashDeployment creates a Deployment for the pachyderm dashboard.
func DashService ¶ added in v1.4.5
DashService creates a Service for the pachyderm dashboard.
func EtcdDeployment ¶ added in v1.4.5
func EtcdDeployment(opts *AssetOpts, hostPath string) *apps.Deployment
EtcdDeployment returns an etcd k8s Deployment.
func EtcdHeadlessService ¶ added in v1.3.19
EtcdHeadlessService returns a headless etcd service, which is only for DNS resolution.
func EtcdNodePortService ¶ added in v1.3.19
EtcdNodePortService returns a NodePort etcd service. This will let non-etcd pods talk to etcd
func EtcdStatefulSet ¶ added in v1.3.19
EtcdStatefulSet returns a stateful set that manages an etcd cluster
func EtcdStorageClass ¶ added in v1.3.19
EtcdStorageClass creates a storage class used for dynamic volume provisioning. Currently dynamic volume provisioning only works on AWS and GCE.
func EtcdVolume ¶ added in v1.3.19
func EtcdVolume(persistentDiskBackend backend, opts *AssetOpts, hostPath string, name string, size int) (*v1.PersistentVolume, error)
EtcdVolume creates a persistent volume backed by a volume with name "name"
func EtcdVolumeClaim ¶ added in v1.3.19
func EtcdVolumeClaim(size int, opts *AssetOpts) *v1.PersistentVolumeClaim
EtcdVolumeClaim creates a persistent volume claim of 'size' GB.
Note that if you're controlling Etcd with a Stateful Set, this is unnecessary (the stateful set controller will create PVCs automatically).
func GetSecretVolumeAndMount ¶ added in v1.4.6
func GetSecretVolumeAndMount(backend string) (v1.Volume, v1.VolumeMount)
GetSecretVolumeAndMount returns a properly configured Volume and VolumeMount object given a backend. The backend needs to be one of the constants defined in pfs/server.
func GithookService ¶ added in v1.6.7
GithookService returns a k8s service that exposes a public IP
func GoogleSecret ¶ added in v1.0.349
GoogleSecret creates a google secret with a bucket name.
func Images ¶ added in v1.6.1
Images returns a list of all the images that are used by a pachyderm deployment.
func LocalSecret ¶ added in v1.6.0
LocalSecret creates an empty secret.
func MicrosoftSecret ¶ added in v1.2.3
MicrosoftSecret creates a microsoft secret with following parameters:
container - Azure blob container id - Azure storage account name secret - Azure storage account key
func MinioSecret ¶ added in v1.3.5
func MinioSecret(bucket string, id string, secret string, endpoint string, secure, isS3V2 bool) map[string][]byte
MinioSecret creates an amazon secret with the following parameters:
bucket - S3 bucket name id - S3 access key id secret - S3 secret access key endpoint - S3 compatible endpoint secure - set to true for a secure connection. isS3V2 - Set to true if client follows S3V2
func PachdDeployment ¶ added in v1.4.5
func PachdDeployment(opts *AssetOpts, objectStoreBackend backend, hostPath string) *apps.Deployment
PachdDeployment returns a pachd k8s Deployment.
func PachdService ¶
PachdService returns a pachd service.
func ServiceAccount ¶
func ServiceAccount(opts *AssetOpts) *v1.ServiceAccount
ServiceAccount returns a kubernetes service account for use with Pachyderm.
func WriteAmazonAssets ¶ added in v1.0.349
func WriteAmazonAssets(encoder Encoder, opts *AssetOpts, region string, bucket string, volumeSize int, creds *AmazonCreds, cloudfrontDistro string) error
WriteAmazonAssets writes assets to an amazon backend.
func WriteAssets ¶
func WriteAssets(encoder Encoder, opts *AssetOpts, objectStoreBackend backend, persistentDiskBackend backend, volumeSize int, hostPath string) error
WriteAssets writes the assets to encoder.
func WriteCustomAssets ¶ added in v1.3.12
func WriteCustomAssets(encoder Encoder, opts *AssetOpts, args []string, objectStoreBackend string, persistentDiskBackend string, secure, isS3V2 bool) error
WriteCustomAssets writes assets to a custom combination of object-store and persistent disk.
func WriteDashboardAssets ¶ added in v1.4.5
WriteDashboardAssets writes the k8s config for deploying the Pachyderm dashboard to 'encoder'
func WriteGoogleAssets ¶ added in v1.0.349
func WriteGoogleAssets(encoder Encoder, opts *AssetOpts, bucket string, cred string, volumeSize int) error
WriteGoogleAssets writes assets to a google backend.
func WriteLocalAssets ¶ added in v1.0.349
WriteLocalAssets writes assets to a local backend.
Types ¶
type AmazonCreds ¶ added in v1.7.1
type AmazonCreds struct { // Direct credentials. Only applicable if Pachyderm is given its own permanent // AWS credentials ID string // Access Key ID Secret string // Secret Access Key Token string // Access token (if using temporary security credentials // Vault options (if getting AWS credentials from Vault) VaultAddress string // normally addresses come from env, but don't have vault service name VaultRole string VaultToken string }
AmazonCreds are options that are applicable specifically to Pachd's credentials in an AWS deployment
type AssetOpts ¶ added in v1.2.4
type AssetOpts struct { PachdShards uint64 Version string LogLevel string Metrics bool Dynamic bool EtcdNodes int EtcdVolume string DashOnly bool NoDash bool DashImage string Registry string EtcdPrefix string // NoGuaranteed will not generate assets that have both resource limits and // resource requests set which causes kubernetes to give the pods // guaranteed QoS. Guaranteed QoS generally leads to more stable clusters // but on smaller test clusters such as those run on minikube it doesn't // help much and may cause more instability than it prevents. NoGuaranteed bool // DisableAuthentication stops Pachyderm's authentication service // from talking to GitHub, for testing. Instead users can authenticate // simply by providing a username. DisableAuthentication bool // BlockCacheSize is the amount of memory each PachD node allocates towards // its cache of PFS blocks. If empty, assets.go will choose a default size. BlockCacheSize string // PachdCPURequest is the amount of CPU we request for each pachd node. If // empty, assets.go will choose a default size. PachdCPURequest string // PachdNonCacheMemRequest is the amount of memory we request for each // pachd node in addition to BlockCacheSize. If empty, assets.go will choose // a default size. PachdNonCacheMemRequest string // EtcdCPURequest is the amount of CPU (in cores) we request for each etcd // node. If empty, assets.go will choose a default size. EtcdCPURequest string // EtcdMemRequest is the amount of memory we request for each etcd node. If // empty, assets.go will choose a default size. EtcdMemRequest string // IAM role that the Pachyderm deployment should assume when talking to AWS // services (if using kube2iam + metadata service + IAM role to delegate // permissions to pachd via its instance). // This is in AssetOpts rather than AmazonCreds because it must be passed // as an annotation on the pachd pod rather than as a k8s secret IAMRole string // ImagePullSecret specifies an image pull secret that gets attached to the // various deployments so that their images can be pulled from a private // registry. ImagePullSecret string // NoRBAC, if true, will disable creation of RBAC assets. NoRBAC bool // Namespace is the kubernetes namespace to deploy to. Namespace string // NoExposeDockerSocket if true prevents pipelines from accessing the docker socket. NoExposeDockerSocket bool }
AssetOpts are options that are applicable to all the asset types.
type Encoder ¶ added in v1.7.2
type Encoder interface { // Encodes the given struct to the wrapped output stream. This also will write out a separator // value, suitable for differentiating multiple objects in the stream. Encode(interface{}) (err error) }
Encoder is the interface for writing out assets. This is assumed to wrap an output writer.