-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathcoprocessor-tfhe-worker-deployment.yaml
More file actions
126 lines (126 loc) · 5.5 KB
/
coprocessor-tfhe-worker-deployment.yaml
File metadata and controls
126 lines (126 loc) · 5.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
{{- if .Values.tfheWorker.enabled -}}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: coprocessor-tfhe-worker
app.kubernetes.io/name: {{ include "tfheWorkerName" . }}
name: {{ include "tfheWorkerName" . }}
spec:
replicas: {{ .Values.tfheWorker.replicas }}
selector:
matchLabels:
app: coprocessor-tfhe-worker
{{- if .Values.tfheWorker.updateStrategy }}
strategy:
{{- toYaml .Values.tfheWorker.updateStrategy | nindent 4 }}
{{- end }}
template:
metadata:
labels:
app: coprocessor-tfhe-worker
app.kubernetes.io/name: {{ include "tfheWorkerName" . }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
imagePullSecrets:
- name: registry-credentials
restartPolicy: Always
{{- with .Values.tfheWorker.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tfheWorker.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tfheWorker.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.tfheWorker.serviceAccountName }}
serviceAccountName: {{ .Values.tfheWorker.serviceAccountName }}
{{- end }}
containers:
- name: coprocessor-tfhe-worker
image: {{ .Values.tfheWorker.image.name }}:{{ .Values.tfheWorker.image.tag }}
command: ["tfhe_worker"]
args:
- --database-url=$(DATABASE_URL)
- --metrics-addr=0.0.0.0:{{ .Values.tfheWorker.ports.metrics }}
- --log-level={{ .Values.tfheWorker.args.logLevel }}
- --service-name={{ .Values.tfheWorker.args.serviceName }}
- --run-bg-worker={{ .Values.tfheWorker.args.runBgWorker }}
- --worker-polling-interval-ms={{ .Values.tfheWorker.args.workerPollingIntervalMs }}
- --work-items-batch-size={{ .Values.tfheWorker.args.workItemsBatchSize }}
- --dependence-chains-per-batch={{ .Values.tfheWorker.args.dependenceChainsPerBatch }}
- --key-cache-size={{ .Values.tfheWorker.args.keyCacheSize }}
- --coprocessor-fhe-threads={{ .Values.tfheWorker.args.coprocessorFheThreads }}
- --tokio-threads={{ .Values.tfheWorker.args.tokioThreads }}
- --pg-pool-max-connections={{ .Values.tfheWorker.args.pgPoolMaxConnections }}
- --generate-fhe-keys={{ .Values.tfheWorker.args.generateFheKeys }}
- --dcid-ttl-sec={{ .Values.tfheWorker.args.dcidTtlSec }}
- --disable-dcid-locking={{ .Values.tfheWorker.args.disableDcidLocking }}
- --dcid-timeslice-sec={{ .Values.tfheWorker.args.dcidTimesliceSec }}
- --processed-dcid-ttl-sec={{ .Values.tfheWorker.args.processedDcidTtlSec }}
- --dcid-cleanup-interval-sec={{ .Values.tfheWorker.args.dcidCleanupIntervalSec }}
- --dcid-max-no-progress-cycles={{ .Values.tfheWorker.args.dcidMaxNoProgressCycles }}
{{- with .Values.tfheWorker.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
{{- include "coprocessorDatabaseEnv" . | nindent 12 }}
- name: ACL_CONTRACT_ADDRESS
value: {{ .Values.commonConfig.aclContractAddress | quote }}
{{- if default .Values.commonConfig.tracing.enabled .Values.tfheWorker.tracing.enabled }}
- name: OTEL_EXPORTER_OTLP_ENDPOINT
value: {{ .Values.commonConfig.tracing.endpoint | quote }}
- name: OTEL_SERVICE_NAME
value: {{ .Values.tfheWorker.tracing.service | quote }}
{{- end }}
{{- with .Values.commonConfig.env }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.tfheWorker.env }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
{{- range $portName, $portValue := .Values.tfheWorker.ports }}
- name: {{ $portName }}
containerPort: {{ $portValue }}
protocol: TCP
{{- end }}
resources:
requests:
cpu: {{ .Values.tfheWorker.resources.requests.cpu | default "100m" }}
memory: {{ .Values.tfheWorker.resources.requests.memory | default "256Mi" }}
limits:
cpu: {{ .Values.tfheWorker.resources.limits.cpu | default "500m" }}
memory: {{ .Values.tfheWorker.resources.limits.memory | default "512Mi" }}
{{- if and .Values.tfheWorker.probes .Values.tfheWorker.probes.liveness.enabled }}
livenessProbe:
{{- toYaml (omit .Values.tfheWorker.probes.liveness "enabled") | nindent 12 }}
{{- end }}
{{- if and .Values.tfheWorker.probes .Values.tfheWorker.probes.readiness.enabled }}
readinessProbe:
{{- toYaml (omit .Values.tfheWorker.probes.readiness "enabled") | nindent 12 }}
{{- end }}
{{- if .Values.config.enabled }}
volumeMounts:
- name: coprocessor-account
mountPath: /accounts
volumes:
- name: coprocessor-account
secret:
secretName: {{ .Values.config.coprocessorKey.secret.name }}
defaultMode: 0644
items:
- key: {{ .Values.config.coprocessorKey.secret.key }}
path: {{ .Values.config.coprocessorKey.secret.key }}
{{- end }}
{{- end -}}