How to install Charmed Kubeflow

charm
,
#1

This guide lists the steps necessary to install Kubeflow on any conformant Kubernetes, including AKS, EKS, GKE, Openshift and any kubeadm-deployed cluster, provided that you have access to it via kubectl. We recommend microk8s for local deployments.

Kubernetes support:

Kubeflow 1.6 supports Kubernetes version 1.22, which you can install with the command

snap install microk8s --classic --channel=1.22/stable

The previous release Kubeflow 1.4 requires 1.21 version of Kubernetes.

Note that at minimum the following addons should be enabled:

microk8s enable dns storage ingress metallb:10.64.140.43-10.64.140.49

Screenshot from 2021-03-01 17-03-07
Screenshot from 2021-03-01 17-03-071875×996 266 KB

Contents:

  1. Install the Juju client
  2. Connect Juju to your Kubernetes cluster
  3. Create a controller
  4. Create a model
  5. Deploy Kubeflow
  6. Set URL in authentication methods
  7. Access the dashboard

Install the Juju client

On Linux, install juju via snap with the following command: 
snap install juju --classic

Alternatively, brew install juju on macOS or download the Windows installer.

Connect Juju to your Kubernetes cluster

In order to operate workloads in your Kubernetes cluster with Juju, you have to add your cluster to the list of clouds in juju via the add-k8s command.

If your Kubernetes config file is in the standard location (~/.kube/config on Linux), and you only have one cluster, you can simply run:

juju add-k8s myk8s

If your kubectl config file contains multiple clusters, you can specify the appropriate one by name:

juju add-k8s myk8s --cluster-name=foo

Finally, to use a different config file, you can set the KUBECONFIG environment variable to point to the relevant file. For example:

KUBECONFIG=path/to/file juju add-k8s myk8s

For more details, see the Juju documentation.

Create a controller

To operate workloads on your Kubernetes cluster, Juju uses controllers. You can create a controller with the bootstrap command:

juju bootstrap myk8s my-controller

This command will create a couple of pods under the my-controller namespace. You can see your controllers with the juju controllers command.

You can read more about controllers in the Juju documentation.

Create a model

A model in Juju is a blank canvas where your operators will be deployed, and it holds a 1:1 relationship with a Kubernetes namespace.

You need to create a model and give it the name kubeflow, with the add-model command:

juju add-model kubeflow

You can list your models with the juju models command.

Deploy Kubeflow

Requirements:

The minimum resources required to deploy kubeflow are: 50Gb disk space, 16Gb RAM and 2 CPUs available to your Linux machine or VM. If you have fewer resources, please deploy kubeflow-lite.

Once you have a model, you can simply juju deploy any of the provided Kubeflow bundles into your cluster. For example, for the Kubeflow lite bundle, run:

juju deploy kubeflow --trust  --channel=1.6/stable

Congratulations, Kubeflow is now installing !

You can observe your Kubeflow deployment getting spun-up with the command:

watch -c juju status --color
Patch role:

In the previous 1.4 release of Kubeflow, in order to set up Istio correctly when RBAC is enabled, you need to provide the istio-ingressgateway operator access to Kubernetes resources. The following command will create the appropriate role:

microk8s kubectl patch role -n kubeflow istio-ingressgateway-operator -p '{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"Role","metadata":{"name":"istio-ingressgateway-operator"},"rules":[{"apiGroups":["*"],"resources":["*"],"verbs":["*"]}]}'

Set URL in authentication methods

A final step to enable your Kubeflow dashboard access is to provide the istio-ingressgateway public URL to dex-auth and oidc-gatekeeper via the following commands: 
juju config dex-auth public-url=http://<URL>
juju config oidc-gatekeeper public-url=http://<URL>

Where <URL> is the hostname that the Kubeflow dashboard responds to. For example, in a typical MicroK8s installation with MetalLB addon enabled, this URL is http://10.64.140.43.nip.io. Note that when you have set up DNS, you should use the resolvable address used by istio-ingressgateway.

Access the dashboard

Finally, the dashboard can be accessed following this guide. Have fun!

Alternatively, follow the video guide

Having issues?

If you face any difficulties following these instructions, please create an issue here.
Charmed Kubeflow Documentation
Setup OpenLDAP for Charmed Kubeflow
How-to Guides
How to manage Charmed Kubeflow
Charmed Kubeflow test
#2

Surely just one page will suffice, since Kubeflow would install the same on any K8s cluster, with an extra paragraph for the fact that it’s built in to MicroK8s?

1 Like
#4
#5

I think steps 6 and 7 are reversed. When installing on Charmed Kubernetes, the istio-ingressgateway operator doesn’t create an external IP address until the role it’s patched.

1 Like
#6

Thanks for pointing this out, for some k8s that could be an issue so I will swap it around

#7

Point 4 needs a small update: it says ‘You can create a model and give it a name, e.g. kubeflow’ while it has to be named exactly kubeflow, otherwise the deployment leads to one of the apps getting blocked with message ‘kubeflow-dashboard must be deployed to model named kubeflow: https://git.io/J6d35’.

1 Like
#8

Has this been tested on 22.04? Jesus! what an ordeal. #NotaQuickStart

#9

Hey @rohanrehman,

I do use Charmed Kubeflow with 22.04 and don’t know of anything that blocks it. Do you have any details you could share to look into?

Thanks!

#10

thanks for getting back. Adding juju bootstrap microk8s --agent-version="2.9.22" was the only solution that worked mind you
 2 clean installs (22.04 and 20.04), 32gig of ram (500GB SSD) on-prem bare metal.

full kubeflow was problematic

Any documentation on what features are missing in the kubeflow-lite?

From a kubeflow-lite deploy to kubeflow, will this destroy all containers and “start from scratch”.

Thanks