English 中文(简体)
Kubeflow输油管中的共享秘密
原标题:Sharing secrets in Kubeflow pipeline

I want to share some secrets with my Kubeflow pipeline so I can use them as environment variables in my containers. I ve written a pipeline-secrets.yaml that looks like this:

apiVersion: v1
kind: Secret
metadata:
  name: pipeline-secrets
  namespace: kubeflow
type: Opaque
data:
  mysql_db_name: <SECRET>
  mysql_username: <SECRET>
  mysql_password: <SECRET>
  mysql_endpoint: <SECRET>

和输油管系统。 looks:

apiVersion: kubeflow.org/v1alpha1
kind: PodDefault
metadata:
  name: pipeline-pod-defaults
  namespace: kubeflow
specs:
  desc: Configure pipeline secrets as environment variables
  env:
  - name: MYSQL_DB_NAME
    valueFrom:
      secretKeyRef:
        name: pepeline-secrets
        key: mysql_db_name
  - name: MYSQL_USER_NAME
    valueFrom:
      secretKeyRef:
        name: pepeline-secrets
        key: mysql_username
  - name: MYSQL_PASSWORD
    valueFrom:
      secretKeyRef:
        name: pepeline-secrets
        key: mysql_password
  - name: MYSQL_ENDPOINT
    valueFrom:
      secretKeyRef:
        name: pepeline-secrets
        key: mysql_endpoint

这正是我的管线如何看待:

import kfp
from kfp.dsl import ContainerOp
from kubernetes import client as k8s_client

@kfp.dsl.pipeline(
    name="Training pipeline",
    description=""
)
def train_pipeline():
    get_data = ContainerOp(
        name="Get data",
        image=BASE_IMAGE,
        file_outputs={
             data :  data.csv 
        }
    )
    
    kfp.dsl.get_pipeline_conf().set_image_pull_secrets([
        k8s_client.V1ObjectReference(name="regcred"),
        k8s_client.V1ObjectReference(name="pipeline-secrets"),
    ])
    kfp.dsl.ResourceOp(
        name="pipeline-pod-defaults",
        k8s_resource=k8s_client.V1ObjectReference(name="pipeline-pod-defaults"),
        action="apply"
    )

但最后,我发现这一错误:

This step is in Failed state with this message: error: error validating "/tmp/manifest.yaml": error validating data: [apiVersion not set, kind not set]; if you choose to ignore these errors, turn validation off with --validate=false

这种做法是否正确? 我怎么能够把我的秘密与其余管道分享? 如果出现新的比耶问题,Kubernetes和Kubeflow的Im

最佳回答

因此,最后,我写的是数据汇编。 创建我的构成部分并撰写以下职能:

def build_get_data():
    component = kfp.components.load_component_from_file(os.path.join(COMPONENTS_PATH,  get-data-component.yaml ))()
    component.add_volume(k8s_client.V1Volume(
        name="get-data-volume",
        secret=k8s_client.V1SecretVolumeSource(secret_name="pipeline-secrets"))
    )
    envs = [
        ("MYSQL_DB_NAME", "mysql_db_name"),
        ("MYSQL_USER_NAME", "mysql_username"), 
        ("MYSQL_PASSWORD", "mysql_password"), 
        ("MYSQL_ENDPOINT", "mysql_endpoint")
    ]
    for name, key in envs:
        component.add_env_variable(
            V1EnvVar(
                name=name,
                value_from=k8s_client.V1EnvVarSource(secret_key_ref=k8s_client.V1SecretKeySelector(
                    name="pipeline-secrets",
                    key=key
                    )
                )
            )
        )
    return component
时间:2021-03-04 17:13:20
问题回答

我不敢肯定什么是最佳办法,但我正在同一个名称空间制造一个秘密,在这一空间,管道将在分组内运行。 然后,在牛顿的文字中,我执行以下法典。

config.load_incluster_config()
v1 = client.CoreV1Api()
sec = v1.read_namespaced_secret(<name of the secret>, <namespace you pick the secret from>).data

YOUR_SECRET_1 = base64.b64decode(sec.get(<name of the env variable >)).decode( utf-8 )
YOUR_SECRET_2 = base64.b64decode(sec.get(<name of the env variable >)).decode( utf-8 )
时间:2021-03-02 12:06:13

当地支持现在使用库韦涅特:

https://kfp-kubernetes.readthedocs.io/en/kfp-kubernetes-1.0.0/

时间:2023-12-18 03:00:25


上一篇:
下一篇:


相关问题
Can Django models use MySQL functions?

Is there a way to force Django models to pass a field to a MySQL function every time the model data is read or loaded? To clarify what I mean in SQL, I want the Django model to produce something like ...

时间:2009-11-13 13:56:25 回答:6 展示:1
An enterprise scheduler for python (like quartz)

I am looking for an enterprise tasks scheduler for python, like quartz is for Java. Requirements: Persistent: if the process restarts or the machine restarts, then all the jobs must stay there and ...

时间:2009-11-13 04:31:57 回答:4 展示:1
How to remove unique, then duplicate dictionaries in a list?

Given the following list that contains some duplicate and some unique dictionaries, what is the best method to remove unique dictionaries first, then reduce the duplicate dictionaries to single ...

时间:2009-11-13 03:19:51 回答:7 展示:1
What is suggested seed value to use with random.seed()?

Simple enough question: I m using python random module to generate random integers. I want to know what is the suggested value to use with the random.seed() function? Currently I am letting this ...

时间:2009-11-09 18:56:16 回答:5 展示:1
How can I make the PyDev editor selectively ignore errors?

I m using PyDev under Eclipse to write some Jython code. I ve got numerous instances where I need to do something like this: import com.work.project.component.client.Interface.ISubInterface as ...

时间:2009-11-09 16:14:56 回答:4 展示:1
How do I profile `paster serve` s startup time?

Python s paster serve app.ini is taking longer than I would like to be ready for the first request. I know how to profile requests with middleware, but how do I profile the initialization time? I ...

时间:2009-11-09 16:11:39 回答:3 展示:1
Pragmatically adding give-aways/freebies to an online store

Our business currently has an online store and recently we ve been offering free specials to our customers. Right now, we simply display the special and give the buyer a notice stating we will add the ...

时间:2009-11-09 15:59:13 回答:2 展示:1
Converting Dictionary to List? [duplicate]

I m trying to convert a Python dictionary into a Python list, in order to perform some calculations. #My dictionary dict = {} dict[ Capital ]="London" dict[ Food ]="Fish&Chips" dict[ 2012 ]="...

时间:2009-11-05 09:34:18 回答:7 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全