Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mlflow and k8s from bitnami (2.18.0) #65

Open
DaniilAnd opened this issue Dec 19, 2024 · 7 comments
Open

Mlflow and k8s from bitnami (2.18.0) #65

DaniilAnd opened this issue Dec 19, 2024 · 7 comments

Comments

@DaniilAnd
Copy link

Hi! I use mlflow k8s from bitnami (2.18.0-debian-12-r0),
image:
registry: docker.io
repository: bitnami/mlflow
tag: 2.18.0-debian-12-r0

and i rebuild Dockerfile (screenshot 1).
After i add extraenvs in helm chart (screenshot 2) and install new version with plugin OIDC, but mlflow running with error from sqlalchemy (screenshot 3), I also added enable auth (screenshot 4).

Could there be a conflict between the first and fourth screenshot ?

1
2
3
4
)
@kharkevich
Copy link
Member

Hello.
You need to configure databases for both the store and the users.
Regarding the Bitnami image, I have no information about its compatibility or configuration. It would be better to contact them directly.

@DaniilAnd
Copy link
Author

@kharkevich Hi! I use for users external database. Can I take out the store and add external storе ?

@ion-elgreco
Copy link
Contributor

The bitnami chart is compatible, I have it working

@DaniilAnd
Copy link
Author

@ion-elgreco Hi! Are you using the Entry ID cloud or a local ADFS ?

@DaniilAnd
Copy link
Author

image
This answer from ADFS

@rojo1997
Copy link

@ion-elgreco can you share an example of a values.yaml? Thanks in advance

@ion-elgreco
Copy link
Contributor

ion-elgreco commented Jan 21, 2025
edited
Loading

@rojo1997 Here is the bitnami values.yaml

tracking:
  enabled: true
  auth:
    enabled: false
  command: []
  args: []
  extraArgs:
    - --app-name=oidc-auth
  extraEnvVars:
    - name: OIDC_CLIENT_ID
      value: -
    - name: OIDC_DISCOVERY_URL
      value: "-/.well-known/openid-configuration"
    - name: OIDC_REDIRECT_URI
      value: "-/callback"
    - name: OIDC_PROVIDER_DISPLAY_NAME
      value: "Login"
    - name: OIDC_SCOPE
      value: "openid email profile"
    - name: OIDC_ADMIN_GROUP_NAME
      value: "-"
    - name: OIDC_GROUP_NAME
      value: "-"
    - name: REQUESTS_CA_BUNDLE
      value: "/usr/local/share/ca-certificates/bundle.crt"

extraDeploy:
  # Create secret for mlflow deployment
  - apiVersion: v1
    kind: Secret
    metadata:
      name: mlflow-secrets
    stringData:
      AZURE_STORAGE_ACCESS_KEY:
      OIDC_CLIENT_SECRET:
      OIDC_USERS_DB_URI:

And then custom image:

ARG VERSION
FROM docker.io/bitnami/mlflow:$VERSION
ARG VERSION

USER root
RUN update-ca-certificates
RUN pip install mlflow-oidc-auth==3.2.0 mlflow-skinny==$(echo $VERSION | awk -F'-' '{print $1}')

# Create a writable directory for flask_session
RUN mkdir -p /tmp/flask_session
RUN chmod -R 777 /tmp/flask_session

# Set the environment variable for the writable directory
ENV SESSION_FILE_DIR=/tmp/flask_session

# Switch back to the original user
USER 1001

# Set the working directory to the writable directory
WORKDIR /opt/bitnami/mlflow

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kharkevich @ion-elgreco @rojo1997 @DaniilAnd