-
Notifications
You must be signed in to change notification settings - Fork 60
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into deprovisioning
- Loading branch information
Showing
23 changed files
with
333 additions
and
88 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,95 @@ | ||
name: pytest-integration | ||
on: | ||
workflow_dispatch: | ||
env: | ||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
SKYPLANE_USAGE_STATS_ENABLED: 0 | ||
jobs: | ||
pytest-integration: | ||
if: ${{ always() }} | ||
runs-on: ubuntu-latest | ||
strategy: | ||
max-parallel: 8 | ||
timeout-minutes: 40 | ||
env: | ||
STRATEGY_UUID: itest-${{ github.run_id }}-${{ github.run_attempt }}-${{ strategy.job-index }} | ||
steps: | ||
- uses: actions/checkout@v1 | ||
- name: Install poetry | ||
run: pipx install poetry | ||
- name: Set up Python 3.10 | ||
uses: actions/setup-python@v4 | ||
with: | ||
python-version: "3.10" | ||
cache: "poetry" | ||
- name: Set Poetry config | ||
run: | | ||
poetry config virtualenvs.in-project false | ||
poetry config virtualenvs.path ~/.virtualenvs | ||
- name: Install Dependencies | ||
run: | | ||
poetry install -E gateway -E solver -E aws -E azure -E gcp -E ibm | ||
poetry run pip install -r requirements-dev.txt | ||
if: steps.cache.outputs.cache-hit != 'true' | ||
- id: 'auth' | ||
uses: 'google-github-actions/auth@v1' | ||
with: | ||
credentials_json: '${{ secrets.GCP_CREDENTIALS_JSON }}' | ||
- name: Log into Azure | ||
uses: azure/login@v1 | ||
with: | ||
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}' | ||
- name: Skyplane init | ||
run: | | ||
poetry run skyplane config set gcp_service_account_name ${{ env.STRATEGY_UUID }} | ||
poetry run skyplane config set native_cmd_enabled false | ||
cat ~/.skyplane/config | ||
poetry run skyplane init -y --disable-config-cloudflare | ||
poetry run skyplane config set usage_stats false | ||
- name: Run integration tests | ||
run: poetry run pytest -s tests/integration/test_cp.py | ||
- name: Cleanup GCP service account | ||
if: always() | ||
run: gcloud iam service-accounts delete ${{ env.STRATEGY_UUID }}@${{ secrets.GCP_PROJECT_ID }}.iam.gserviceaccount.com | ||
deprovision: | ||
runs-on: ubuntu-latest | ||
if: ${{ always() }} | ||
needs: [pytest-integration] | ||
env: | ||
STRATEGY_UUID: itest-d-${{ github.run_id }}-${{ github.run_attempt }} | ||
steps: | ||
- uses: actions/checkout@v1 | ||
- name: Install poetry | ||
run: pipx install poetry | ||
- name: Set up Python 3.10 | ||
uses: actions/setup-python@v4 | ||
with: | ||
python-version: "3.10" | ||
cache: "poetry" | ||
- name: Set Poetry config | ||
run: | | ||
poetry config virtualenvs.in-project false | ||
poetry config virtualenvs.path ~/.virtualenvs | ||
- name: Install dependencies | ||
run: poetry install -E aws -E azure -E gcp | ||
if: steps.cache.outputs.cache-hit != 'true' | ||
- id: 'auth' | ||
uses: 'google-github-actions/auth@v1' | ||
with: | ||
credentials_json: '${{ secrets.GCP_CREDENTIALS_JSON }}' | ||
- name: Skyplane init | ||
run: | | ||
poetry run skyplane config set gcp_service_account_name ${{ env.STRATEGY_UUID }} | ||
poetry run skyplane init -y --disable-config-azure --disable-config-cloudflare | ||
poetry run skyplane config set usage_stats false | ||
- name: Deprovision | ||
run: poetry run skyplane deprovision --all | ||
- name: Delete matching S3 buckets | ||
run: | | ||
for pattern in "test-skyplane-" "skyplane-integration-" "integrationus-east-1-"; do | ||
aws s3api list-buckets --query "Buckets[?starts_with(Name, \`${pattern}\`) == \`true\`].Name" --output text | tr '\t' '\n' | while read bucket; do aws s3 rb "s3://$bucket" --force; done | ||
done | ||
- name: Cleanup GCP service account | ||
if: always() | ||
run: gcloud iam service-accounts delete --quiet ${{ env.STRATEGY_UUID }}@${{ secrets.GCP_PROJECT_ID }}.iam.gserviceaccount.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
# Required Permissions | ||
Skyplane runs in your own cloud accounts and does interact with an external service to run transfers. However the cloud account you are running Skyplane in must have permissions to interact with object storage and create VMs to execute transfers | ||
|
||
## AWS | ||
Your AWS account must have the following permissions: | ||
* `Storage` | ||
* `Multipart` | ||
* `VM` | ||
|
||
|
||
## GCP | ||
Your GCP account must have the following permissions: | ||
* `CreateServiceAccount` | ||
* `ObjectStore` | ||
* `VM` | ||
|
||
For GCP, Skyplane create a service account which has permissions to read and write from GCP object stores. | ||
|
||
TODO: check to see if removing obj store permissions from GCP service account still lets service credentials read. | ||
|
||
## Azure | ||
Your Azure account must have the following roles: | ||
* `Storage Blob Data Contributor` | ||
* `Storage Account Contributor` | ||
|
||
NOTE: Within Azure, it is not sufficient to have just the `Owner` role to be able to access and write to containers in storage. The VMs that Skyplane provisions are assigned the sufficient storage permissions, but to be able to interact with Azure storage locally, check to make sure your personal Azure account has the roles listed above. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
# Customizing the Overlay Network | ||
Skyplane can be modified to support customizeable overlay networks. | ||
|
||
## Gateway Program | ||
The gateway program defines how data is processed by a single gateway (cloud VM). The gateway program defines what object stores to read and write from and what other gateways to send and recieve data between. | ||
|
||
Currently, gateway programs can compose the following operators: | ||
|
||
For example, we can write a gateway program for a single VM that reads from bucket `src_bucket` and writes data to both `dst_bucket_1` and `dst_bucket_2` with the following code: | ||
|
||
``` | ||
program = GatewayProgram() | ||
# read from object store | ||
read_op = program.add_operator(ObjectStoreRead(bucket="src_bucket")) | ||
# send read data to both child operators (write1_op, write2_op) | ||
and_op = program.add_operator(MuxAnd(parent=read_op)) | ||
# write to object stores | ||
write1_op = program.add_operator(ObjectStoreWrite(bucket="dst_bucket_1"), parent=and_op) | ||
write2_op = program.add_operator(ObjectStoreRead(bucket="dst_bucket_2"), parent=and_op) | ||
print(program.to_json()) # JSON representation of program | ||
``` | ||
|
||
## Planners | ||
Skyplane's planner determines the structure of the overlay network and how data should be transferred through the overlay network. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.