Skip to content

Commit

Permalink
Add Support for Custom CA Certificates in NIMCacheReconciler for Prox…
Browse files Browse the repository at this point in the history 
…y Environments

This PR introduces support for custom CA certificates in the NIMCacheReconciler, enabling secure communication in proxy environments and Kubernetes clusters that require custom certificates. Certificates are managed via a ConfigMap and are automatically mounted into the NIM cache job. This enhancement ensures compatibility with environments that use self-signed or custom CA certificates

Signed-off-by: Shiva Krishna, Merla <[email protected]>
  • Loading branch information
@shivamerla
shivamerla committed Aug 30, 2024
1 parent 0af0135 commit 3dc8b72
Show file tree
Hide file tree
Showing 14 changed files with 258 additions and 8 deletions.
10 changes: 10 additions & 0 deletions api/apps/v1alpha1/common_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ type Autoscaling struct {
HPA HorizontalPodAutoscalerSpec `json:"hpa,omitempty"`
}

// HorizontalPodAutoscalerSpec defines the parameters required to setup HPA
type HorizontalPodAutoscalerSpec struct {
MinReplicas *int32 `json:"minReplicas,omitempty"`
MaxReplicas int32 `json:"maxReplicas"`
Expand Down Expand Up @@ -93,7 +94,16 @@ type IngressPath struct {
ServiceType string `json:"serviceType,omitempty"`
}

// Probe defines attributes for startup/liveness/readiness probes
type Probe struct {
Enabled *bool `json:"enabled,omitempty"`
Probe *corev1.Probe `json:"probe,omitempty"`
}

// CertConfig defines the configuration for custom certificates.
type CertConfig struct {
// Name of the ConfigMap containing the certificate data.
Name string `json:"name"`
// MountPath is the path where the certificates should be mounted in the container.
MountPath string `json:"mountPath"`
}
9 changes: 7 additions & 2 deletions api/apps/v1alpha1/nimcache_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,13 @@ type NIMCacheSpec struct {
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
// NodeSelectors are the node selector labels to schedule the caching job.
NodeSelectors map[string]string `json:"gpuSelectors,omitempty"`
UserID *int64 `json:"userID,omitempty"`
GroupID *int64 `json:"groupID,omitempty"`
// UserID is the user ID for the caching job
UserID *int64 `json:"userID,omitempty"`
// GroupID is the group ID for the caching job
GroupID *int64 `json:"groupID,omitempty"`
// CertConfig is the name of the ConfigMap containing the custom certificates.
// for secure communication.
CertConfig *CertConfig `json:"certConfig,omitempty"`
}

// NIMSource defines the source for caching NIM model
Expand Down
20 changes: 20 additions & 0 deletions api/apps/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

19 changes: 19 additions & 0 deletions bundle/manifests/apps.nvidia.com_nimcaches.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,31 @@ spec:
spec:
description: NIMCacheSpec defines the desired state of NIMCache
properties:
certConfig:
description: |-
CertConfig is the name of the ConfigMap containing the custom certificates.
for secure communication.
properties:
mountPath:
description: MountPath is the path where the certificates should
be mounted in the container.
type: string
name:
description: Name of the ConfigMap containing the certificate
data.
type: string
required:
- mountPath
- name
type: object
gpuSelectors:
additionalProperties:
type: string
description: NodeSelectors are the node selector labels to schedule
the caching job.
type: object
groupID:
description: GroupID is the group ID for the caching job
format: int64
type: integer
resources:
Expand Down Expand Up @@ -267,6 +285,7 @@ spec:
type: object
type: array
userID:
description: UserID is the user ID for the caching job
format: int64
type: integer
required:
Expand Down
8 changes: 8 additions & 0 deletions bundle/manifests/apps.nvidia.com_nimpipelines.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1108,6 +1110,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1335,6 +1339,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the
parameters required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1947,6 +1953,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
8 changes: 8 additions & 0 deletions bundle/manifests/apps.nvidia.com_nimservices.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -502,6 +502,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1050,6 +1052,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1273,6 +1277,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the parameters
required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1867,6 +1873,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
19 changes: 19 additions & 0 deletions config/crd/bases/apps.nvidia.com_nimcaches.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,31 @@ spec:
spec:
description: NIMCacheSpec defines the desired state of NIMCache
properties:
certConfig:
description: |-
CertConfig is the name of the ConfigMap containing the custom certificates.
for secure communication.
properties:
mountPath:
description: MountPath is the path where the certificates should
be mounted in the container.
type: string
name:
description: Name of the ConfigMap containing the certificate
data.
type: string
required:
- mountPath
- name
type: object
gpuSelectors:
additionalProperties:
type: string
description: NodeSelectors are the node selector labels to schedule
the caching job.
type: object
groupID:
description: GroupID is the group ID for the caching job
format: int64
type: integer
resources:
Expand Down Expand Up @@ -267,6 +285,7 @@ spec:
type: object
type: array
userID:
description: UserID is the user ID for the caching job
format: int64
type: integer
required:
Expand Down
8 changes: 8 additions & 0 deletions config/crd/bases/apps.nvidia.com_nimpipelines.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1108,6 +1110,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1335,6 +1339,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the
parameters required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1947,6 +1953,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
8 changes: 8 additions & 0 deletions config/crd/bases/apps.nvidia.com_nimservices.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -502,6 +502,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1050,6 +1052,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1273,6 +1277,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the parameters
required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1867,6 +1873,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
19 changes: 19 additions & 0 deletions deployments/helm/k8s-nim-operator/crds/apps.nvidia.com_nimcaches.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,31 @@ spec:
spec:
description: NIMCacheSpec defines the desired state of NIMCache
properties:
certConfig:
description: |-
CertConfig is the name of the ConfigMap containing the custom certificates.
for secure communication.
properties:
mountPath:
description: MountPath is the path where the certificates should
be mounted in the container.
type: string
name:
description: Name of the ConfigMap containing the certificate
data.
type: string
required:
- mountPath
- name
type: object
gpuSelectors:
additionalProperties:
type: string
description: NodeSelectors are the node selector labels to schedule
the caching job.
type: object
groupID:
description: GroupID is the group ID for the caching job
format: int64
type: integer
resources:
Expand Down Expand Up @@ -267,6 +285,7 @@ spec:
type: object
type: array
userID:
description: UserID is the user ID for the caching job
format: int64
type: integer
required:
Expand Down
8 changes: 8 additions & 0 deletions deployments/helm/k8s-nim-operator/crds/apps.nvidia.com_nimpipelines.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1108,6 +1110,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1335,6 +1339,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the
parameters required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1947,6 +1953,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
Loading

0 comments on commit 3dc8b72

Please sign in to comment.