From 7522a3eefedba690f44c96c2d50265cbe32049ba Mon Sep 17 00:00:00 2001 From: Uzmar Gomez Date: Fri, 15 Aug 2025 16:42:24 +0100 Subject: [PATCH 1/5] add env variable from secret mongodb connstring --- .../apiserver-asyncdelete-deployment.yaml | 11 +++++++++++ .../clearml/templates/apiserver-deployment.yaml | 11 +++++++++++ charts/clearml/values.yaml | 16 ++++++++++++++-- 3 files changed, 36 insertions(+), 2 deletions(-) diff --git a/charts/clearml/templates/apiserver-asyncdelete-deployment.yaml b/charts/clearml/templates/apiserver-asyncdelete-deployment.yaml index 0085e3a..377dfa8 100644 --- a/charts/clearml/templates/apiserver-asyncdelete-deployment.yaml +++ b/charts/clearml/templates/apiserver-asyncdelete-deployment.yaml @@ -92,6 +92,17 @@ spec: {{- if .Values.mongodb.enabled }} - name: CLEARML_MONGODB_SERVICE_CONNECTION_STRING value: {{ include "mongodb.connectionstring" . | quote }} + {{- else if and ( .Values.externalServices.mongodbConnectionStringAuthSecret.secretName ) ( .Values.externalServices.mongodbConnectionStringBackendSecret.secretName )}} + - name: CLEARML__HOSTS__MONGO__BACKEND__HOST + valueFrom: + secretKeyRef: + name: {{ .Values.externalServices.mongodbConnectionStringBackendSecret.secretName }} + key: {{ .Values.externalServices.mongodbConnectionStringBackendSecret.secretKey }} + - name: CLEARML__HOSTS__MONGO__AUTH__HOST + valueFrom: + secretKeyRef: + name: {{ .Values.externalServices.mongodbConnectionStringAuthSecret.secretName }} + key: {{ .Values.externalServices.mongodbConnectionStringAuthSecret.secretKey }} {{- else }} - name: CLEARML__HOSTS__MONGO__BACKEND__HOST value: {{ .Values.externalServices.mongodbConnectionStringBackend | quote }} diff --git a/charts/clearml/templates/apiserver-deployment.yaml b/charts/clearml/templates/apiserver-deployment.yaml index 29bc0ae..6bd9950 100644 --- a/charts/clearml/templates/apiserver-deployment.yaml +++ b/charts/clearml/templates/apiserver-deployment.yaml @@ -103,6 +103,17 @@ spec: {{- if .Values.mongodb.enabled }} - name: CLEARML_MONGODB_SERVICE_CONNECTION_STRING value: {{ include "mongodb.connectionstring" . | quote }} + {{- else if and ( .Values.externalServices.mongodbConnectionStringAuthSecret.secretName ) ( .Values.externalServices.mongodbConnectionStringBackendSecret.secretName )}} + - name: CLEARML__HOSTS__MONGO__BACKEND__HOST + valueFrom: + secretKeyRef: + name: {{ .Values.externalServices.mongodbConnectionStringBackendSecret.secretName }} + key: {{ .Values.externalServices.mongodbConnectionStringBackendSecret.secretKey }} + - name: CLEARML__HOSTS__MONGO__AUTH__HOST + valueFrom: + secretKeyRef: + name: {{ .Values.externalServices.mongodbConnectionStringAuthSecret.secretName }} + key: {{ .Values.externalServices.mongodbConnectionStringAuthSecret.secretKey }} {{- else }} - name: CLEARML__HOSTS__MONGO__BACKEND__HOST value: {{ .Values.externalServices.mongodbConnectionStringBackend | quote }} diff --git a/charts/clearml/values.yaml b/charts/clearml/values.yaml index 2e9ec34..77ac443 100644 --- a/charts/clearml/values.yaml +++ b/charts/clearml/values.yaml @@ -378,10 +378,22 @@ webserver: externalServices: # -- Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml) elasticsearchConnectionString: "[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]" - # -- Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml) + # -- Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml). Will be ignored if externalServices.mongodbConnectionStringAuthSecret is set. mongodbConnectionStringAuth: "mongodb://mongodb_hostname:27017/auth" - # -- Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml) + # -- Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml). Will be ignored if externalServices.mongodbConnectionStringBackendSecret is set. mongodbConnectionStringBackend: "mongodb://mongodb_hostnamehostname:27017/backend" + # -- Secret containing MongoDB connection string for AUTH to use if mongodb.enabled is false. + # The secret has to be set such that the string secret is wrapped with double quotes like "\"mongodb://clearml:XXXXXXX@yyyy.eeee.mongodb.net/auth?retryWrites=true&w=majority\"" + # due to the following https://github.com/clearml/clearml-server/issues/86 + mongodbConnectionStringAuthSecret: + secretName: "" + secretKey: "" + # -- Secret containing MongoDB connection string for BACKEND to use if mongodb.enabled is false. + # The secret has to be set such that the string secret is wrapped with double quotes like "\"mongodb://clearml:XXXXXXX@yyyy.eeee.mongodb.net/backend?retryWrites=true&w=majority\"" + # due to the following https://github.com/clearml/clearml-server/issues/86 + mongodbConnectionStringBackendSecret: + secretName: "" + secretKey: "" # -- Existing Redis Hostname to use if redis.enabled is false (example in values.yaml) redisHost: "redis_hostname" # -- Existing Redis Port to use if redis.enabled is false From 47570355b0a7e3d22051697be51a6959419970ef Mon Sep 17 00:00:00 2001 From: Uzmar Gomez Date: Mon, 18 Aug 2025 10:54:12 +0100 Subject: [PATCH 2/5] update chart and readme --- charts/clearml/Chart.yaml | 4 ++-- charts/clearml/README.md | 10 ++++++---- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/charts/clearml/Chart.yaml b/charts/clearml/Chart.yaml index 188053d..2e4f011 100644 --- a/charts/clearml/Chart.yaml +++ b/charts/clearml/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: clearml description: MLOps platform type: application -version: "7.14.6" +version: "7.14.7" appVersion: "2.0" kubeVersion: ">= 1.21.0-0" home: https://clear.ml @@ -33,4 +33,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: added - description: "extraEnvs to apiserver-asyncdelete deployment" + description: "mongodb conn strings from secrets" diff --git a/charts/clearml/README.md b/charts/clearml/README.md index 20ae64a..bc0d7aa 100644 --- a/charts/clearml/README.md +++ b/charts/clearml/README.md @@ -1,6 +1,6 @@ # ClearML Ecosystem for Kubernetes -![Version: 7.14.6](https://img.shields.io/badge/Version-7.14.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0](https://img.shields.io/badge/AppVersion-2.0-informational?style=flat-square) +![Version: 7.14.7](https://img.shields.io/badge/Version-7.14.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0](https://img.shields.io/badge/AppVersion-2.0-informational?style=flat-square) MLOps platform @@ -209,10 +209,12 @@ Kubernetes: `>= 1.21.0-0` | clearml.testUserKey | string | `"ENP39EQM4SLACGD5FXB7"` | Test Server basic auth key | | clearml.testUserSecret | string | `"lPcm0imbcBZ8mwgO7tpadutiS3gnJD05x9j7afwXPS35IKbpiQ"` | Test File Server basic auth secret | | elasticsearch | object | `{"clusterHealthCheckParams":"wait_for_status=yellow&timeout=1s","clusterName":"clearml-elastic","enabled":true,"esConfig":{"elasticsearch.yml":"xpack.security.enabled: false\n"},"esJavaOpts":"-Xmx2g -Xms2g","extraEnvs":[{"name":"bootstrap.memory_lock","value":"false"},{"name":"cluster.routing.allocation.node_initial_primaries_recoveries","value":"500"},{"name":"cluster.routing.allocation.disk.watermark.low","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.high","value":"500mb"},{"name":"cluster.routing.allocation.disk.watermark.flood_stage","value":"500mb"},{"name":"http.compression_level","value":"7"},{"name":"reindex.remote.whitelist","value":"*.*"},{"name":"xpack.monitoring.enabled","value":"false"},{"name":"xpack.security.enabled","value":"false"}],"httpPort":9200,"minimumMasterNodes":1,"persistence":{"enabled":true},"rbac":{"create":true},"replicas":1,"resources":{"limits":{"cpu":"2000m","memory":"4Gi"},"requests":{"cpu":"100m","memory":"2Gi"}},"roles":{"data":"true","ingest":"true","master":"true","remote_cluster_client":"true"},"volumeClaimTemplate":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"50Gi"}},"storageClassName":null}}` | Configuration from https://github.com/elastic/helm-charts/blob/7.16/elasticsearch/values.yaml | -| externalServices | object | `{"elasticsearchConnectionString":"[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]","mongodbConnectionStringAuth":"mongodb://mongodb_hostname:27017/auth","mongodbConnectionStringBackend":"mongodb://mongodb_hostnamehostname:27017/backend","redisHost":"redis_hostname","redisPort":6379}` | Definition of external services to use if not enabled as dependency charts here | +| externalServices | object | `{"elasticsearchConnectionString":"[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]","mongodbConnectionStringAuth":"mongodb://mongodb_hostname:27017/auth","mongodbConnectionStringAuthSecret":{"secretKey":"","secretName":""},"mongodbConnectionStringBackend":"mongodb://mongodb_hostnamehostname:27017/backend","mongodbConnectionStringBackendSecret":{"secretKey":"","secretName":""},"redisHost":"redis_hostname","redisPort":6379}` | Definition of external services to use if not enabled as dependency charts here | | externalServices.elasticsearchConnectionString | string | `"[{\"host\":\"es_hostname1\",\"port\":9200},{\"host\":\"es_hostname2\",\"port\":9200},{\"host\":\"es_hostname3\",\"port\":9200}]"` | Existing ElasticSearch connectionstring if elasticsearch.enabled is false (example in values.yaml) | -| externalServices.mongodbConnectionStringAuth | string | `"mongodb://mongodb_hostname:27017/auth"` | Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml) | -| externalServices.mongodbConnectionStringBackend | string | `"mongodb://mongodb_hostnamehostname:27017/backend"` | Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml) | +| externalServices.mongodbConnectionStringAuth | string | `"mongodb://mongodb_hostname:27017/auth"` | Existing MongoDB connection string for BACKEND to use if mongodb.enabled is false (example in values.yaml). Will be ignored if externalServices.mongodbConnectionStringAuthSecret is set. | +| externalServices.mongodbConnectionStringAuthSecret | object | `{"secretKey":"","secretName":""}` | Secret containing MongoDB connection string for AUTH to use if mongodb.enabled is false. The secret has to be set such that the string secret is wrapped with double quotes like "\"mongodb://clearml:XXXXXXX@yyyy.eeee.mongodb.net/auth?retryWrites=true&w=majority\"" due to the following https://github.com/clearml/clearml-server/issues/86 | +| externalServices.mongodbConnectionStringBackend | string | `"mongodb://mongodb_hostnamehostname:27017/backend"` | Existing MongoDB connection string for AUTH to use if mongodb.enabled is false (example in values.yaml). Will be ignored if externalServices.mongodbConnectionStringBackendSecret is set. | +| externalServices.mongodbConnectionStringBackendSecret | object | `{"secretKey":"","secretName":""}` | Secret containing MongoDB connection string for BACKEND to use if mongodb.enabled is false. The secret has to be set such that the string secret is wrapped with double quotes like "\"mongodb://clearml:XXXXXXX@yyyy.eeee.mongodb.net/backend?retryWrites=true&w=majority\"" due to the following https://github.com/clearml/clearml-server/issues/86 | | externalServices.redisHost | string | `"redis_hostname"` | Existing Redis Hostname to use if redis.enabled is false (example in values.yaml) | | externalServices.redisPort | int | `6379` | Existing Redis Port to use if redis.enabled is false | | fileserver | object | `{"additionalVolumeMounts":{},"additionalVolumes":{},"affinity":{},"containerSecurityContext":{},"deploymentAnnotations":{},"enabled":true,"extraEnvs":[],"image":{"pullPolicy":"IfNotPresent","registry":"","repository":"allegroai/clearml","tag":"2.0.0-613"},"ingress":{"annotations":{},"enabled":false,"hostName":"files.clearml.127-0-0-1.nip.io","ingressClassName":"","path":"/","tlsSecretName":""},"initContainers":{"resources":{"limits":{"cpu":"10m","memory":"64Mi"},"requests":{"cpu":"10m","memory":"64Mi"}}},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"replicaCount":1,"resources":{"limits":{"cpu":"2000m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"256Mi"}},"service":{"annotations":{},"nodePort":30081,"port":8081,"type":"NodePort"},"serviceAccountAnnotations":{},"serviceAccountName":"clearml","storage":{"data":{"accessMode":"ReadWriteOnce","class":"","existingPVC":"","size":"50Gi"},"enabled":true},"tolerations":[]}` | File Server configurations | From 56f58f2194b0970c80541ab2f96fb4085c59ae7c Mon Sep 17 00:00:00 2001 From: Uzmar Gomez Date: Mon, 18 Aug 2025 11:05:37 +0100 Subject: [PATCH 3/5] new line --- charts/clearml/Chart.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/clearml/Chart.yaml b/charts/clearml/Chart.yaml index 4a1dacb..4d405e3 100644 --- a/charts/clearml/Chart.yaml +++ b/charts/clearml/Chart.yaml @@ -33,4 +33,5 @@ dependencies: annotations: artifacthub.io/changes: | - kind: added - description: "mongodb conn strings from secrets" \ No newline at end of file + description: "mongodb conn strings from secrets" + \ No newline at end of file From 34e2bbe20db9fb28056a94993077b48457fbee22 Mon Sep 17 00:00:00 2001 From: Uzmar Gomez Date: Mon, 18 Aug 2025 11:09:27 +0100 Subject: [PATCH 4/5] test --- charts/clearml/Chart.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/charts/clearml/Chart.yaml b/charts/clearml/Chart.yaml index 4d405e3..4a1dacb 100644 --- a/charts/clearml/Chart.yaml +++ b/charts/clearml/Chart.yaml @@ -33,5 +33,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: added - description: "mongodb conn strings from secrets" - \ No newline at end of file + description: "mongodb conn strings from secrets" \ No newline at end of file From c6f82285be0f4744b94c657c859f14875092379f Mon Sep 17 00:00:00 2001 From: Uzmar Gomez Date: Mon, 18 Aug 2025 11:10:17 +0100 Subject: [PATCH 5/5] add new line --- charts/clearml/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/clearml/Chart.yaml b/charts/clearml/Chart.yaml index 4a1dacb..2e4f011 100644 --- a/charts/clearml/Chart.yaml +++ b/charts/clearml/Chart.yaml @@ -33,4 +33,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: added - description: "mongodb conn strings from secrets" \ No newline at end of file + description: "mongodb conn strings from secrets"