This allows dsl.import to leverage Modelcar container images in an OCI
repository. This works by having an init container prepull the image and
then adding a sidecar container when the launcher container is running.
The Modelcar container adds a symlink to its /models directory in an
emptyDir volume that is accessible by the launcher container. Once the
launcher is done running the user code, it stops the Modelcar
containers.
This approach has the benefit of leveraging image pull secrets
configured on the Kubernetes cluster rather than require separate
credentials for importing the artifact. Additionally, no data is copied
to the emptyDir volume, so the storage cost is just pulling the Modelcar
container image on the Kubernetes worker node.
Note that once Kubernetes supports OCI images as volume mounts for
several releases, consider replacing the init container with that
approach.
This also adds a new environment variable of PIPELINE_RUN_AS_USER to
set the runAsUser on all Pods created by Argo Workflows.
Resolves:
https://github.com/kubeflow/pipelines/issues/11584
Signed-off-by: mprahl <mprahl@users.noreply.github.com>
This adds support for the following placeholders in the KFP backend:
- dsl.PIPELINE_JOB_NAME_PLACEHOLDER
- dsl.PIPELINE_JOB_RESOURCE_NAME_PLACEHOLDER
- dsl.PIPELINE_JOB_ID_PLACEHOLDER
- dsl.PIPELINE_TASK_NAME_PLACEHOLDER
- dsl.PIPELINE_TASK_ID_PLACEHOLDER
Resolves:
https://github.com/kubeflow/pipelines/issues/10453
Signed-off-by: mprahl <mprahl@users.noreply.github.com>
Matt Prahl
Alex
Helber Belmiro