Skip to content

Add examples directory to Mlflow chart #57

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add examples directory to Mlflow chart #57

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 0 additions & 3 deletions applications/mlflow/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,6 @@ RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | b
&& curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
&& chmod +x kubectl \
&& mv kubectl /usr/local/bin/ \
# Install Kind
&& curl -Lo /usr/local/bin/kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64 \
&& chmod +x /usr/local/bin/kind \
# Install yq
&& wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/local/bin/yq \
&& chmod +x /usr/local/bin/yq \
Expand Down
64 changes: 64 additions & 0 deletions applications/mlflow/charts/mlflow/examples/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
# MLflow Helm Chart Examples

This directory contains various example values files for deploying MLflow with different configurations, organized by category.

## Directory Structure

```
examples/
├── database/ # Database configuration examples
│ ├── embedded/ # Embedded PostgreSQL examples
│ └── external/ # External PostgreSQL examples
├── network/ # Network configuration examples
│ ├── ingress/ # Ingress configuration examples
│ └── loadbalancer/ # LoadBalancer configuration examples
└── object-storage/ # Object storage configuration examples
├── embedded/ # Embedded MinIO examples
└── external/ # External S3 storage examples
```

## Available Examples

### Database Configurations
- **Database Examples**: [database/README.md](./database/README.md)
- **Embedded PostgreSQL**: [database/embedded/values.yaml](./database/embedded/values.yaml)
- **External PostgreSQL (Direct Credentials)**: [database/external/direct-credentials.yaml](./database/external/direct-credentials.yaml)
- **External PostgreSQL (Existing Secret)**: [database/external/existing-secret.yaml](./database/external/existing-secret.yaml)

### Network Configurations
- **Network Examples**: [network/README.md](./network/README.md)
- **Ingress**: [network/ingress/values.yaml](./network/ingress/values.yaml)
- **LoadBalancer**: [network/loadbalancer/values.yaml](./network/loadbalancer/values.yaml)

### Object Storage Configurations
- **Object Storage Examples**: [object-storage/README.md](./object-storage/README.md)
- **Embedded MinIO**: [object-storage/embedded/values.yaml](./object-storage/embedded/values.yaml)
- **External S3 (Direct Credentials)**: [object-storage/external/direct-credentials.yaml](./object-storage/external/direct-credentials.yaml)
- **External S3 (Existing Secret)**: [object-storage/external/existing-secret.yaml](./object-storage/external/existing-secret.yaml)

## Usage

You can use these example values files as a starting point for your own deployment:

```bash
helm install mlflow ./charts/mlflow -f ./charts/mlflow/examples/database/embedded/values.yaml
```

Or combine multiple example files:

```bash
helm install mlflow ./charts/mlflow \
-f ./charts/mlflow/examples/database/embedded/values.yaml \
-f ./charts/mlflow/examples/network/ingress/values.yaml
```

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@diamonwiggins I know we discussed on Slack the idea of adding comments about sensitive values to the main values.yaml, and I agree it's not the best place for it.

But since we're informing folks how to do this by example here, what do you think about taking the opportunity to ensure they follow our example securely? What do you think about something like this?

Suggested change
Be sure that files containing unencrypted sensitive values are never committed to Git. To address this, you can use tools like Sealed Secrets or SOPS to encrypt the values in the file. Or avoid adding these to values files altogether by using `--set` on the command line, which can be combined with the above techniques:
```bash
helm install mlflow ./charts/mlflow \
-f examples/database/external/direct-credentials.yaml \
--set postgres.auth.username=foo \
--set postgres.auth.password=bar

## Customization

These examples provide basic configurations. For production deployments, make sure to:

1. Set secure passwords
2. Configure proper TLS certificates
3. Adjust resource requests and limits
4. Review other settings in the main `values.yaml` file

Refer to the main [README.md](../README.md) for complete configuration options.
16 changes: 16 additions & 0 deletions applications/mlflow/charts/mlflow/examples/database/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Database Configuration Examples

This directory contains examples for configuring the MLflow database backends.

## Embedded

The `embedded` directory contains examples for using the built-in PostgreSQL database provided by the CloudNativePG operator.

- [values.yaml](./embedded/values.yaml): Configuration for embedded PostgreSQL

## External

The `external` directory contains examples for connecting to an external PostgreSQL database:

- [direct-credentials.yaml](./external/direct-credentials.yaml): Configure access using credentials specified in the values file
- [existing-secret.yaml](./external/existing-secret.yaml): Configure access using credentials stored in a Kubernetes secret
26 changes: 26 additions & 0 deletions applications/mlflow/charts/mlflow/examples/database/embedded/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# MLFlow with embedded PostgreSQL configuration

# PostgreSQL configuration
postgres:
auth:
username: mlflow
password: mlflow

embedded:
enabled: true
type: postgresql
instances: 3
initdb:
database: mlflow
owner: mlflow
storage:
size: 10Gi
logLevel: "info"

# External PostgreSQL is disabled
external:
enabled: false

mlflow:
backendStore:
databaseUpgrade: true
23 changes: 23 additions & 0 deletions applications/mlflow/charts/mlflow/examples/database/external/direct-credentials.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# MLFlow with external PostgreSQL configuration using direct credentials

# PostgreSQL configuration
postgres:
auth:
username: mlflow
password: mlflow

# Embedded PostgreSQL is disabled
embedded:
enabled: false

# External PostgreSQL is enabled
external:
enabled: true
host: "your-postgres-host"
port: 5432
database: mlflow

mlflow:
backendStore:
# Database schema will be upgraded during deployment
databaseUpgrade: true
19 changes: 19 additions & 0 deletions applications/mlflow/charts/mlflow/examples/database/external/existing-secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# MLFlow with external PostgreSQL configuration using existing secret

# PostgreSQL configuration
postgres:
# Embedded PostgreSQL is disabled
embedded:
enabled: false

# External PostgreSQL is enabled
external:
enabled: true
host: "your-postgres-host"
port: 5432
database: mlflow

mlflow:
backendStore:
# Use an existing secret containing the database connection string
existingSecret: "mlflow-postgres-secret"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needs newline at EOF

Suggested change
existingSecret: "mlflow-postgres-secret"
existingSecret: "mlflow-postgres-secret"

15 changes: 15 additions & 0 deletions applications/mlflow/charts/mlflow/examples/network/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# Network Configuration Examples

This directory contains examples for configuring the networking aspects of MLflow.

## Ingress

The `ingress` directory contains examples for exposing MLflow using Kubernetes Ingress:

- [values.yaml](./ingress/values.yaml): Configuration for exposing MLflow via an Ingress controller

## LoadBalancer

The `loadbalancer` directory contains examples for exposing MLflow using a LoadBalancer service:

- [values.yaml](./loadbalancer/values.yaml): Configuration for exposing MLflow via a LoadBalancer service
16 changes: 16 additions & 0 deletions applications/mlflow/charts/mlflow/examples/network/ingress/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# MLFlow with Ingress configuration

mlflow:
# Configure Ingress
ingress:
enabled: true
className: "nginx"
pathType: ImplementationSpecific
hostname: "mlflow.example.com"
path: /
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
tls:
enabled: true
genSelfSignedCert: true =
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo fix

Suggested change
genSelfSignedCert: true =
genSelfSignedCert: true

12 changes: 12 additions & 0 deletions applications/mlflow/charts/mlflow/examples/network/loadbalancer/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# MLFlow with LoadBalancer service configuration

mlflow:
# Configure LoadBalancer service
service:
type: LoadBalancer
port: 5000
# Optionally specify nodePort for specific port assignment
# nodePort: 32000
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: nlb
# Add additional annotations as needed for your specific cloud provider
16 changes: 16 additions & 0 deletions applications/mlflow/charts/mlflow/examples/object-storage/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Object Storage Configuration Examples

This directory contains examples for configuring the artifact object storage for MLflow.

## Embedded

The `embedded` directory contains examples for using the built-in MinIO object storage:

- [values.yaml](./embedded/values.yaml): Configuration for embedded MinIO as artifact storage

## External

The `external` directory contains examples for connecting to external S3-compatible storage:

- [direct-credentials.yaml](./external/direct-credentials.yaml): Configure access using credentials specified in the values file
- [existing-secret.yaml](./external/existing-secret.yaml): Configure access using credentials stored in a Kubernetes secret
33 changes: 33 additions & 0 deletions applications/mlflow/charts/mlflow/examples/object-storage/embedded/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# MLFlow with embedded artifact store (MinIO) configuration

# Enable MinIO for artifact storage
minio:
enabled: true
secrets:
name: myminio-env-configuration
accessKey: minio
secretKey: minio1234
tenant:
name: minio
pools:
pool0:
servers: 3
volumesPerServer: 4
size: 10Gi
buckets:
- name: mlflow

# Configure MLflow to use MinIO as artifact store
mlflow:
trackingServer:
mode: serve-artifacts
artifactsDestination: "s3://mlflow"

artifactStore:
s3:
enabled: true
accessKeyId: "minio"
secretAccessKey: "minio1234"
ignoreTls: true
external:
enabled: false
25 changes: 25 additions & 0 deletions applications/mlflow/charts/mlflow/examples/object-storage/external/direct-credentials.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# MLFlow with external artifact store (AWS S3) using direct credentials

# Disable embedded MinIO since we'll use external S3
minio:
enabled: false

# Configure MLflow to use external S3 as artifact store
mlflow:
trackingServer:
mode: serve-artifacts
artifactsDestination: "s3://your-s3-bucket/mlflow"

artifactStore:
s3:
enabled: true
# Specify credentials directly (not recommended for production)
accessKeyId: "your-aws-access-key-id"
secretAccessKey: "your-aws-secret-access-key"
ignoreTls: false
external:
enabled: true
protocol: https
host: "s3.amazonaws.com"
port: 443
ignoreTls: false
24 changes: 24 additions & 0 deletions applications/mlflow/charts/mlflow/examples/object-storage/external/existing-secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# MLFlow with external artifact store (AWS S3) using existing secret

# Disable embedded MinIO since we'll use external S3
minio:
enabled: false

# Configure MLflow to use external S3 as artifact store
mlflow:
trackingServer:
mode: serve-artifacts
artifactsDestination: "s3://your-s3-bucket/mlflow"

artifactStore:
s3:
enabled: true
# Secret containing AWS credentials
existingSecret: "mlflow-s3-credentials"
ignoreTls: false
external:
enabled: true
protocol: https
host: "s3.amazonaws.com"
port: 443
ignoreTls: false
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needs newline at EOF

Suggested change
ignoreTls: false
ignoreTls: false

Loading