Comments (4)
Hi @harrylepotter-win, thanks for the question -- and a good one at that.
You've probably noticed that Brigade 2 abstracts Kubernetes and relegates it to an implementation detail, so there isn't really direct support for these sort of k8s-isms in Brigade 2.
With that being said, there are a couple places already where we left "escape hatches" so that people who really know what they are doing with Kubernetes (and have direct access to the underlying cluster) can "drop down" to k8s to implement some more advanced use cases.
If you can help me understand your use case, I can either help you find an idiomatic Brigade 2 approach or I can start thinking about a way we could build support for your use case without undermining the abstraction.
from brigade.
Hey @krancour, thanks for the response.
We were using brigade 1.x as part of a pipeline that would publish customer builds and store those in a common shared volume, which would then be accessible by a web server to host them.
I've been hacking around with the API server, in particular v2/apiserver/internal/api/kubernetes/substrate.go::createJobPod()
and have attempted to hack-in the volume mounts there. Unfortunately this comes at the cost of me deviating from the mainline branch. The other disadvantage i found between 1.x and 2.x is that each project creates its own namespace, as opposed to 1.x where every job ran in the same namespace - we used to put the pvc/web service pod in this namespace). We're using an efs volume.. Seems like a possible workaround to the latter would be to create a separate PVC in the project namespace to the same PV, although we havent had much luck with this yet...
Ideal config would be something that could be configured at a worker spec level - eg:
....
workerTemplate:
kubernetes:
createProjectNamespace: false
volumeClaims:
- name: someClaim
claimName: 'example-builds'
is there a better way of achieving this using what's provided right now?
from brigade.
In v2, Kubernetes is an implementation detail. Brigade is hosted on it and uses it to orchestrate work, but it's purposefully abstracted away from the end-user. The major consideration behind that pivot was a desire to make Brigade useful for developers who either don't know k8s and/or lack direct access to the underlying cluster.
The project-per-namespace pattern you have pointed out was both a frequently requested feature by v1 users and an unavoidable consequence of making Brigade usable by developers who lack direct access to the underlying cluster. If two projects could occupy the same Kubernetes namespace, a developer could abuse their access to one project to access resources belonging to the other project. (This is also why Brigade assigns a namespace to each project and doesn't let you choose. Imagine anyone being able to just choose to run stuff in any existing namespace they wanted.)
In short, it's perhaps best to forget about k8s when using v2. That was the goal -- to get k8s out of the way. Ask yourself how you'd approach this same problem if you were, for instance, using some CI/CDaaS, such as Circle or Travis.
We were using brigade 1.x as part of a pipeline that would publish customer builds and store those in a common shared volume, which would then be accessible by a web server to host them.
In a general sense, that's still a workable approach -- and I actually do this sort of thing all the time with v2. The only thing that changes is that you can no longer mount the volume directly to the job's pod, but that shouldn't stop you from writing your artifacts to that same volume through other means. You mentioned a web server that already mounts that volume. Could you, for instance, consider the possibility of POSTing the artifacts from your job to that web server? Or if HTTP doesn't suit you, could you run an SSH server alongside your web server and SCP the artifacts?
from brigade.
Given that I haven't heard anything further from @harrylepotter-win and also given that the requested functionality undermines a deliberate design decision, I'm closing this issue for now, but if @harrylepotter-win or anyone else wishes to re-open it, I would be happy to have more discussion about approaches that work within the confines of Brigade 2's k8s abstraction.
from brigade.
Related Issues (20)
- Add instrumentation to give insight into API request volume
- CI/CD: Wait for Docker port to be open HOT 6
- bug: InvalidImageName not handled correctly
- Update homebrew formula for v2.4.0 HOT 3
- bug: wrong error creating event for project that doesn't exist HOT 3
- bug: if worker uses shared workspace, it's mounted read only, but shouldn't be
- Need support for adding security context HOT 7
- brig update -c fails if project doesn't exist and not logged in as root HOT 9
- bug: new git-initializer cannot check out specific commits that aren't in the default branch HOT 1
- git-initializer component does not work with repos hosted on Azure DevOps HOT 2
- docs home page needs updating HOT 2
- bug: if -c flag is set on `brig project update`, we're not checking for create permission HOT 2
- token auth filter should not be picky about case of word "Bearer" in auth header
- implement a strategy for testing against a live database
- check for whether new user should be an admin should be case insensitive HOT 1
- Readnext documentation page bad links
- Fix [Brigade Developers Guide] Link on topics/index docs page
- Brigade is now a CNCF Archived project: update website, etc HOT 4
- Netlify: select a new build image HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from brigade.