edge-ai-suites/metro-ai-suite/image-based-video-search/chart/templates/dlstreamer-pipeline-server/deployment.yaml at 84c7b3c57d304fe60a37e2c7369da88080f5ffb8 · open-edge-platform/edge-ai-suites · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    katenary.v3/compose-hash: 4dd006301f669d044c60fd579bb24fb08133f26f
    katenary.v3/version: release-3.0.0-rc2
  labels:
    {{- include "image_based_video_search.labels" . | nindent 4 }}
    katenary.v3/component: dlstreamer-pipeline-server
  name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server'
spec:
  replicas: {{ .Values.dlstreamerpipelineserver.replicas }}
  selector:
    matchLabels:
      {{- include "image_based_video_search.selectorLabels" . | nindent 6 }}
      katenary.v3/component: dlstreamer-pipeline-server
  strategy: {}
  template:
    metadata:
      labels:
        {{- include "image_based_video_search.selectorLabels" . | nindent 8 }}
        katenary.v3/component: dlstreamer-pipeline-server
    spec:
      securityContext:
        supplementalGroups: [109, 110, 992]
      initContainers:
      - name: openvino-container
        image: openvino/ubuntu22_dev:2024.6.0
        env:
          {{- if .Values.httpProxy }}
          - name: http_proxy
            value: "{{ .Values.httpProxy }}"
          - name: HTTP_PROXY
            value: "{{ .Values.httpProxy }}"
          {{- end }}
          {{- if .Values.httpsProxy }}
          - name: https_proxy
            value: "{{ .Values.httpsProxy }}"
          - name: HTTPS_PROXY
            value: "{{ .Values.httpsProxy }}"
          {{- end }}
          {{- if .Values.noProxy }}
          - name: no_proxy
            value: "{{ .Values.noProxy }}"
          - name: NO_PROXY
            value: "{{ .Values.noProxy }}"
          {{- end }}
        command: ["/bin/bash", "-c"]
        args:
          - |
            test -d /output/resnet-50-pytorch || (
              rm -fr /output/resnet-50-pytorch &&
              omz_downloader --name resnet-50-pytorch --output_dir models &&
              omz_converter --name resnet-50-pytorch --download_dir models --output_dir models &&
              cp -r ./models/public/resnet-50-pytorch /output
            ) &&
            test -d /output/person-vehicle-bike-detection-2004 || (
              rm -fr /output/person-vehicle-bike-detection-2004 &&
              omz_downloader --name person-vehicle-bike-detection-2004 --output_dir models &&
              omz_converter --name person-vehicle-bike-detection-2004 --download_dir models --output_dir models &&
              cp -r ./models/intel/person-vehicle-bike-detection-2004 /output
            )
        volumeMounts:
        - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-models'
          mountPath: /output
      containers:
      - envFrom:
        - configMapRef:
            name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-env'
        env:
        - name: ZE_ENABLE_ALT_DRIVERS
          value: "libze_intel_npu.so"
        image: '{{ tpl .Values.dlstreamerpipelineserver.repository.image $ }}:{{ tpl .Values.dlstreamerpipelineserver.repository.tag $ | default "latest" }}'
        {{- if or (eq .Values.dlstreamerpipelineserver.pipeline "config.gpu.json") (eq .Values.dlstreamerpipelineserver.pipeline "config.npu.json") }}
        securityContext:
          privileged: true
          readOnlyRootFilesystem: true
          allowPrivilegeEscalation: true
          capabilities:
            drop:
              - ALL
        {{- else}}
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1999
          capabilities:
            drop:
              - ALL
        {{- end }}
        imagePullPolicy: {{ .Values.dlstreamerpipelineserver.imagePullPolicy }}
        name: dlstreamer-pipeline-server
        command: ["/bin/bash", "-c"]
        args:
            - |
              ./run.sh
        ports:
        - containerPort: 8080
          name: port-8080
        volumeMounts:
        - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-pipeline'
          mountPath: /home/pipeline-server/config.json
          subPath: {{ .Values.dlstreamerpipelineserver.pipeline }}
        - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-pipeline'
          mountPath: /home/pipeline-server/person-vehicle-bike-detection-2004.json
          subPath: person-vehicle-bike-detection-2004.json
        - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-pipeline-root'
          mountPath: /var/cache/pipeline_root
        - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-models'
          mountPath: /models
        - name: dev-gpu
          mountPath: /dev/dri
          readOnly: true # Reduce risk while preserving access to GPU/NPU devices
        - name: dev-npu
          mountPath: /dev/accel
          readOnly: true # Reduce risk while preserving access to GPU/NPU devices
        {{- if .Values.dlstreamerpipelineserver.resources }}
        resources:
          {{ .Values.dlstreamerpipelineserver.resources | toYaml | nindent 10 }}
        {{- end }}
      volumes:
      - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-pipeline'
        configMap:
          name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-pipeline'
      - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-pipeline-root'
        emptyDir:
          sizeLimit: 1Gi
          medium: Memory
      - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-tmp'
        emptyDir:
          sizeLimit: 1Gi
          medium: Memory
      - name: '{{ include "image_based_video_search.fullname" . }}-dlstreamer-pipeline-server-models'
        emptyDir:
          sizeLimit: 10Gi
      - name: dev-gpu
        hostPath:
          path: /dev/dri
      - name: dev-npu
        hostPath:
          path: /dev/accel
      {{- if .Values.pullSecrets }}
      imagePullSecrets:
      {{- .Values.pullSecrets | toYaml | nindent 6 }}
      {{- end }}
      {{- if .Values.dlstreamerpipelineserver.nodeSelector }}
      nodeSelector:
        {{- .Values.dlstreamerpipelineserver.nodeSelector | toYaml | nindent 8 }}
      {{- end }}
      {{- if ne .Values.dlstreamerpipelineserver.serviceAccount "" }}
      serviceAccountName: {{ .Values.dlstreamerpipelineserver.serviceAccount | quote }}
      {{- end }}