Managing applications
Managing the applications in Azure AKS cluster
In the current development stage there are no specific applications that we support for Azure explicitly. There are custom applications that can be deployed but these applications are available on all k8s clusters. Although there are few custom applications that are required for you to enable all features of the platform.
Argo Workflows (required: jobs)
Argo workflows is a component that you can install to empower jobs in kubernetes cluster. Using argo workflows it becomes seamless to initial job deployments for ML workloads. You can install this application from the manage applications settings. Argo Workflows is an important component and must be present in the cluster. To install
- Go to Integrations tab from the left panel and select your cluster.
- Go to Manage Applications from the three dots in the bottom-right for your cluster card.
- Click on + Install for Argo Workflows.
- Click on Create Workspace which will create a namespace
argo-workflows - You can set some limits to this workspace and it is better to leave it empty as no other deployments will take place in this workspace .
- Click on Create to continue.
- Once the workspace is created page will show a card for Argo Workflows deployment.
- Click on Submit to submit the application. We might have to wait for sometime for application to install completely.
Using the same technique we can install the below applications as well. Each time a new workspace is required for any application, it will prompt for you the same and ask for a deployment request in the same workspace.
Prometheus (required: monitoring)
Prometheus is used in the cluster for scraping metrics from different components of the cluster. There are lot of applications for which metrics becomes important. To empower this functionality in the UI prometheus applications is very important. You can proceed with above steps for installation of Prometheus. Default values will work fine for Prometheus application.
Prometheus Installation Fails
Due to syncing issues in argoCD for prometheus it is possible that prometheus installation might show Error when installed. This happens because argoCD is not able to sync applications properly. You can go to Helm section under the Deployments tab from the left panel and re-submit Prometheus by tweaking any small value.
This will trigger a re-sync for the prometheus application in ArgoCD and prometheus will succeed in the deployment.
Loki (required: logging)
Loki is log aggregation system which is similar to prometheus but for logs. We use Loki to empower our logging mechanism by storing and aggregating timestamp logging for pods. You can install this application from the same page as we have done for above applications. Default values will work fine for Loki application.
Post installation of Loki and Prometheus, we can enable monitoring for the workload cluster
Istio-base and Istio-discovery (required: service-mesh)
To enable service-mesh we have to install istio-base and istio-discovery applications in the given order. Installation is straightforward and doesn't require any changes in the default values file. You can go ahead and install these applications from the Manage Applications tab.
Cert-manager (required: SSL/Certificates)
Cert-manager is useful for creating certificates and is helpful for terminating SSL certificates. Though it is not necessary to use cert-manager for SSL certificates inside the cluster but there are few applications (like kserve) which use cert-manager CRDs in the background.
cert-manager can be installed from the Manage Applications tab with default values.
Tfy Istio ingress (required: ingress)
When the services will be deployed using the platform it would become apparent to expose them to the external world. For this an ingress-controller is required to support routing and load balancing. For this we use tfy-istio-ingress application to create gateways for Istio and let Istio handle the routing for us.
Go ahead in the Manage Applications tab to install tfy-istio-ingress. Here we have to change few things in the default values section
tfyGateway:
name: tfy-wildcard
spec:
selector:
istio: tfy-istio-ingress
servers:
- hosts:
- <to_be_provided>
port:
name: http-tfy-wildcard
number: 80
protocol: HTTP
tls:
httpsRedirect: true
- hosts:
- <to_be_provided>
port:
name: https-tfy-wildcard
number: 443
protocol: HTTP
In the <to_be_provided> section you can represent the domain name at which your applications will be exposed. This has to be done for both port 80 and port 443 . For example
servers:
- hosts:
- "something.example.com"
- "*.example.com"
port:
name: http-tfy-wildcard
number: 80
protocol: HTTP
tls:
httpsRedirect: true
- hosts:
- "something.example.com"
- "*.example.com"
port:
name: https-tfy-wildcard
number: 443
protocol: HTTP
In this example two hosts are used
- something.example.com
- *.example.com
To set up TLS for your ingress traffic you need to have a secret which contains the private key and the certificate. Check SSL and DNS setup in Azure AKS to understand more.
Opencost
opencost is used to get real time cost usage of cloud resources especially in kubernetes. opencost can be installed from the Manage Applications tab with default values.
Kserve (required: Model deployment)
kserve is used to empower model deployment in kubernetes. kserve can be installed from the Manage Applications tab with default values.
Notebook Controller (required: ML building)
Notebook controller empowers notebook related features in the platform and is deployed in kubernetes. tfy-notebook-controller can be installed from the Manage Applications tab with default values.
keda
Keda powers intelligent event-driven auto-scaling for cluster workloads.keda can be installed from the Manage Applications tab with default values.
Updated 15 days ago