CRDs
Last updated
Last updated
In PrimeHub data model, it mentions when a/an instance type, image, and volume is created via Admin UI, under the hood, there are a CRD object created in Kubernetes and a Realm Role created in Keycloak. This document describes what CRDs are created for and the context of them.
CRD, CustomResourceDefinition, PrimeHub uses the custom resource mechanism to manage structured data (custom objects) stored in Kubernetes. There are three of them, Instance Type, Image and Volume.
For more detail of CRD, please refer to .
An Instance Type object contains these following settings/configurations.
You can use the following commands to view the stored data.
The structured data (including Node Selector and Tolerations if any) of an instance type object displays in yaml format as below.
Spec:
displayName Display Name
description Description
limits.cpu CPU Limit
limits.memory Memory Limit
limits.nvidia.com/gpu GPU Limit
requests.cpu CPU Request
requests.memory Memory Request
On Admin UI, toleration which specifies a tolerable taint(key-value pair) with an effect to take.
We add toleration to tolerate a specific taint with an effect to take, the data is stored as below.
Toleration settings:
effect: NoSchedule, NoExecute, PreferNoSchedule and None.
key: The key of a taint.
operator: tolerations[].operator, Exists and Equal.
value: The value of a taint is required when Operator is Equal.
Pods can be constrained to only be able to/prefer to run on particular nodes that are labeled matching key-value pairs. We add a nodeSelector with memory/low via Admin UI, the data is stored as below.
Node Selector settings:
key: The key of a label.
value: The value of a label.
An Image object contains these following settings/configurations.
You can use the following commands to view the stored data.
The structured data (including Pull Secret if any) of an image object displays in yaml format as below.
Spec:
displayName: The display name of a image on UI.
description: Description.
url: The registry url where an image is located.
pullSecret: The name of a Secret, this is a Secret we add via Admin UI. If required, the secret is used to pull the image.
A Volume object contains these following setting/configuration.
You can use the following commands to view the stored data.
The structured data (including launchGroupOnly if true) of a type pv volume object displays in yaml format as below.
Currently, there are types pv, git, nfs, hostPath and env of volumes. All of types has following data fields in common, also, each type has its own data fields. In following sections, they are described respectively.
Annotations:
dataset.primehub.io/mountRoot: A path of mount root.
dataset.primehub.io/launchGroupOnly: It can only be selected in a launch Group if true.
dataset.primehub.io/homeSymlink(hidden from UI): A flag of making a symlink in home directory of users if true.
Spec:
displayName: The display name on UI.
description: The description.
type: pv, git, nfs, hostPath and env.
PV, persistent volume, volume has a data field,volumeName. The container mount point of the volume is varied with the combination of volumeName, and both annotations of mountRoot and homeSymlink. PV is auto provisioning by default. There is an option so that the administrators can set the underlying settings manually.
Container Mount Point /datasets/test
Container Mount Point /datasets/test
Container Mount Point /datasets/test
Symlinks ln -s /dataset/test ~/test
Container Mount Point /foo/bar/test
Container Mount Point /foo/bar/test
Symlinks ln -s /foo/bar/test ~/test
Git data volume has a data field, Url, which points to a git repo and a data field, Secret, which is added via Admin UI if a secret is required to pull the data volume from repo.
The container mount point of the data volume is varied with the combination of both annotations of mountRoot and homeSymlink.
Annotations:
dataset.primehub.io/primehub-gitsync: true by default.
dataset.primehub.io/gitSyncHostRoot: (Hidden from UI) The host path to put the gitsync result. /home/dataset by default.
dataset.primehub.io/gitSyncRoot: (Hidden from UI) The path to mount the gitsync data volume. /gitsync by default.
Spec:
url: The url of a repo.
Spec:
gitsync.secret: A secret is used for pulling a data volume from repo.
Container Mount Point /gitsync/myrepo.
Symlinks ln -s /gitsync/myrepo/myrepo /dataset/myrepo.
Container Mount Point /gitsync/myrepo.
Symlinks
ln -s /gitsync/myrepo/myrepo /dataset/myrepo.
ln -s /dataset/myrepo ~/myrepo.
Container Mount Point /gitsync/myrepo.
Symlinks ln -s /gitsync/myrepo/myrepo /foo/bar/myrepo.
Container Mount Point /gitsync/myrepo.
Symlinks
ln -s /gitsync/myrepo/myrepo /foo/bar/myrepo.
ln -s /foo/bar/myrepo ~/myrepo.
Nfs data volume has additional data fields server and path which set the nfs ip/domain and the nfs path. The mount point logic is the same as pv data volume.
HostPath data volume has an additional data field path which set the path in host. The mount point logic is the same as pv data volume.
Taking environment variables as data volumes.
Spec:
variables: variables in key/value pair.
When a node is marked with a Taint, it cannot accept any pods which don't tolerate the taints. Toleration are applied to pods so that pods are allowed to schedule onto nodes with matching taints. Please refers to for more detail.