[ZEPPELIN-6144] Add Helm chart for deploying Zeppelin on Kubernetes #4896
Conversation
Signed-off-by: Yi Chen <[email protected]>
ChenYi015
force-pushed
the
feature/helm-chart
branch
from
70e0979 to
dc4a8e8
Compare
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
Signed-off-by: Yi Chen <[email protected]>
| envFrom: | ||
| - configMapRef: | ||
| name: {{ include "zeppelin.envConfigMapName" . }} | ||
| volumeMounts: |
There was a problem hiding this comment.
Zeppelin also has a configuration directory where it stores the system state. When you restart pod, these files will be reset and return to their original state. It is necessary to provide the ability to use pvc to store configs
There was a problem hiding this comment.
@Armadik Yes, you can configure the helm chart to mount a PVC to the server pod in order to persist config files like shiro.ini and interpreter.json.
There was a problem hiding this comment.
In my opinion, the shiro.ini should be mounted via ConfigMap just like the logging configuration.
Only credentials.json, interpreter.json and notebook-authorization.json should be outsourced. This can be done with ZEPPELIN_CONFIG_FS_DIR.
Other environment variables which should link to a pvc are ZEPPELIN_NOTEBOOK_DIR and ZEPPELIN_SEARCH_INDEX_PATH.
I currently use the following environment variables. The PVC is mounted under /data.
ZEPPELIN_CONFIG_FS_DIR=/data/zeppelin-config
ZEPPELIN_NOTEBOOK_DIR=/data/zeppelin-notebook
ZEPPELIN_SEARCH_INDEX_PATH=/data/lucene-index
Signed-off-by: Yi Chen <[email protected]>
|
@Reamer Please take a look again when you have time, thank you! We have already used this Helm chart in the production environment to do interactive analysis with Spark. |
| export ZEPPELIN_K8S_SERVICE_NAME={{ include "zeppelin.server.serviceName" . }} | ||
| export ZEPPELIN_K8S_SPARK_CONTAINER_IMAGE={{ include "zeppelin.interpreter.spark.image" . }} | ||
|
|
||
| zeppelin-site.xml: | |
There was a problem hiding this comment.
Please carry out a configuration on environment variables. This configuration is easier to understand and does not require an additional xsl file.
There was a problem hiding this comment.
I think it would be better to provide both methods. One can choose to configure the Zeppelin conf with server.conf or configure the environment variables with server.env / server.envFrom value, and let users to choose whatever they like.
| # limitations under the License. | ||
| # | ||
| # | ||
| # [name] [maven artifact] [description] |
There was a problem hiding this comment.
For which functionality is this file required?
| limitations under the License. | ||
| */ -}} | ||
|
|
||
| apiVersion: rbac.authorization.k8s.io/v1 |
There was a problem hiding this comment.
Please note that Role, ServiceAccount and Role binding are only required for the Spark interpreter. How is this implemented?
There was a problem hiding this comment.
This logic is implemented in interpreter-spec.yaml file, we will not mount the service account token except for the interpreter group name is spark, see : https://github.com/ChenYi015/zeppelin/blob/beea9837983b16e50e1be9ca56c49d828148ffeb/charts/zeppelin/templates/interpreter/configmap.yaml#L165-L170.
| {{ $key }} {{ $value }} | ||
| {{- end }} | ||
|
|
||
| driver-pod-template.yaml: | |
There was a problem hiding this comment.
The driver pod is created directly by Zeppelin. I think this file has no effect on an already existing pod. Zeppelin starts the Driver Pod in client mode.
There was a problem hiding this comment.
You are right, the driver pod template will not take effect actually.
| {{- toYaml . | nindent 8 }} | ||
| {{- end }} | ||
|
|
||
| executor-pod-template.yaml: | |
There was a problem hiding this comment.
This configuration could be used in the Spark driver. I have not yet tried such a template. I currently configure the executors and drivers via the Spark-Config.
There was a problem hiding this comment.
Create the executor pod template file for that some fields of the executor pods (e.g. affinity, tolerations) cannot be configured using Spark configuration. Additionally, I believe it is more straightforward to configure the executor pods using a pod template rather than through Spark conf.
| # -- Security context for Zeppelin interpreter containers. | ||
| securityContext: | ||
| runAsNonRoot: true | ||
| runAsUser: 1000 |
There was a problem hiding this comment.
Please do not enter a fixed UID. Openshift, for example, uses a random UID by default.
There was a problem hiding this comment.
I have not tried whether it can work with a random UID. The uid 1000 comes from the zeppelin server Dockerfile, ref:
zeppelin/scripts/docker/zeppelin-server/Dockerfile
Lines 79 to 85 in b6e40d4
What is this PR for?
A few sentences describing the overall goals of the pull request's commits.
First time? Check out the contributing guide - https://zeppelin.apache.org/contribution/contributions.html
What type of PR is it?
Feature
What is the Jira issue?
https://issues.apache.org/jira/browse/ZEPPELIN-6144
How should this be tested?
Screenshots (if appropriate)
Questions: