Skip to content

Commit

Permalink
Add Support for Custom CA Certificates in NIMCacheReconciler for Prox…
Browse files Browse the repository at this point in the history 
…y Environments (#112)

This PR introduces support for custom CA certificates in the NIMCacheReconciler, enabling secure communication in proxy environments and Kubernetes clusters that require custom certificates. Certificates are managed via a ConfigMap and are automatically mounted into the NIM cache job. This enhancement ensures compatibility with environments that use self-signed or custom CA certificates

Signed-off-by: Shiva Krishna, Merla <[email protected]>
  • Loading branch information
@shivamerla
shivamerla authored Aug 30, 2024
1 parent df9d2e5 commit c662ab7
Show file tree
Hide file tree
Showing 14 changed files with 258 additions and 8 deletions.
10 changes: 10 additions & 0 deletions api/apps/v1alpha1/common_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ type Autoscaling struct {
HPA HorizontalPodAutoscalerSpec `json:"hpa,omitempty"`
}

// HorizontalPodAutoscalerSpec defines the parameters required to setup HPA
type HorizontalPodAutoscalerSpec struct {
MinReplicas *int32 `json:"minReplicas,omitempty"`
MaxReplicas int32 `json:"maxReplicas"`
Expand Down Expand Up @@ -93,7 +94,16 @@ type IngressPath struct {
ServiceType string `json:"serviceType,omitempty"`
}

// Probe defines attributes for startup/liveness/readiness probes
type Probe struct {
Enabled *bool `json:"enabled,omitempty"`
Probe *corev1.Probe `json:"probe,omitempty"`
}

// CertConfig defines the configuration for custom certificates.
type CertConfig struct {
// Name of the ConfigMap containing the certificate data.
Name string `json:"name"`
// MountPath is the path where the certificates should be mounted in the container.
MountPath string `json:"mountPath"`
}
9 changes: 7 additions & 2 deletions api/apps/v1alpha1/nimcache_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,13 @@ type NIMCacheSpec struct {
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
// NodeSelectors are the node selector labels to schedule the caching job.
NodeSelectors map[string]string `json:"gpuSelectors,omitempty"`
UserID *int64 `json:"userID,omitempty"`
GroupID *int64 `json:"groupID,omitempty"`
// UserID is the user ID for the caching job
UserID *int64 `json:"userID,omitempty"`
// GroupID is the group ID for the caching job
GroupID *int64 `json:"groupID,omitempty"`
// CertConfig is the name of the ConfigMap containing the custom certificates.
// for secure communication.
CertConfig *CertConfig `json:"certConfig,omitempty"`
}

// NIMSource defines the source for caching NIM model
Expand Down
20 changes: 20 additions & 0 deletions api/apps/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

19 changes: 19 additions & 0 deletions bundle/manifests/apps.nvidia.com_nimcaches.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,31 @@ spec:
spec:
description: NIMCacheSpec defines the desired state of NIMCache
properties:
certConfig:
description: |-
CertConfig is the name of the ConfigMap containing the custom certificates.
for secure communication.
properties:
mountPath:
description: MountPath is the path where the certificates should
be mounted in the container.
type: string
name:
description: Name of the ConfigMap containing the certificate
data.
type: string
required:
- mountPath
- name
type: object
gpuSelectors:
additionalProperties:
type: string
description: NodeSelectors are the node selector labels to schedule
the caching job.
type: object
groupID:
description: GroupID is the group ID for the caching job
format: int64
type: integer
resources:
Expand Down Expand Up @@ -259,6 +277,7 @@ spec:
type: object
type: array
userID:
description: UserID is the user ID for the caching job
format: int64
type: integer
required:
Expand Down
8 changes: 8 additions & 0 deletions bundle/manifests/apps.nvidia.com_nimpipelines.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1108,6 +1110,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1335,6 +1339,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the
parameters required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1947,6 +1953,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
8 changes: 8 additions & 0 deletions bundle/manifests/apps.nvidia.com_nimservices.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -502,6 +502,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1050,6 +1052,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1273,6 +1277,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the parameters
required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1867,6 +1873,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
19 changes: 19 additions & 0 deletions config/crd/bases/apps.nvidia.com_nimcaches.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,31 @@ spec:
spec:
description: NIMCacheSpec defines the desired state of NIMCache
properties:
certConfig:
description: |-
CertConfig is the name of the ConfigMap containing the custom certificates.
for secure communication.
properties:
mountPath:
description: MountPath is the path where the certificates should
be mounted in the container.
type: string
name:
description: Name of the ConfigMap containing the certificate
data.
type: string
required:
- mountPath
- name
type: object
gpuSelectors:
additionalProperties:
type: string
description: NodeSelectors are the node selector labels to schedule
the caching job.
type: object
groupID:
description: GroupID is the group ID for the caching job
format: int64
type: integer
resources:
Expand Down Expand Up @@ -259,6 +277,7 @@ spec:
type: object
type: array
userID:
description: UserID is the user ID for the caching job
format: int64
type: integer
required:
Expand Down
8 changes: 8 additions & 0 deletions config/crd/bases/apps.nvidia.com_nimpipelines.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1108,6 +1110,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1335,6 +1339,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the
parameters required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1947,6 +1953,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
8 changes: 8 additions & 0 deletions config/crd/bases/apps.nvidia.com_nimservices.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -502,6 +502,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1050,6 +1052,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1273,6 +1277,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the parameters
required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1867,6 +1873,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
19 changes: 19 additions & 0 deletions deployments/helm/k8s-nim-operator/crds/apps.nvidia.com_nimcaches.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,31 @@ spec:
spec:
description: NIMCacheSpec defines the desired state of NIMCache
properties:
certConfig:
description: |-
CertConfig is the name of the ConfigMap containing the custom certificates.
for secure communication.
properties:
mountPath:
description: MountPath is the path where the certificates should
be mounted in the container.
type: string
name:
description: Name of the ConfigMap containing the certificate
data.
type: string
required:
- mountPath
- name
type: object
gpuSelectors:
additionalProperties:
type: string
description: NodeSelectors are the node selector labels to schedule
the caching job.
type: object
groupID:
description: GroupID is the group ID for the caching job
format: int64
type: integer
resources:
Expand Down Expand Up @@ -259,6 +277,7 @@ spec:
type: object
type: array
userID:
description: UserID is the user ID for the caching job
format: int64
type: integer
required:
Expand Down
8 changes: 8 additions & 0 deletions deployments/helm/k8s-nim-operator/crds/apps.nvidia.com_nimpipelines.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,8 @@ spec:
type: string
type: object
livenessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1108,6 +1110,8 @@ spec:
x-kubernetes-list-type: atomic
type: object
readinessProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down Expand Up @@ -1335,6 +1339,8 @@ spec:
enabled:
type: boolean
hpa:
description: HorizontalPodAutoscalerSpec defines the
parameters required to setup HPA
properties:
behavior:
description: |-
Expand Down Expand Up @@ -1947,6 +1953,8 @@ spec:
type: object
type: object
startupProbe:
description: Probe defines attributes for startup/liveness/readiness
probes
properties:
enabled:
type: boolean
Expand Down
Loading

0 comments on commit c662ab7

Please sign in to comment.