What is Charmed Kubeflow?

Charmed Kubeflow is a production-ready, open-source, end-to-end MLOps platform powered by cloud native technologies.

Charmed Kubeflow transforms Machine Learning steps into complete workflows, allowing you to train, tune, and submit Machine Learning (ML) models. This allows you to automate workflows, improve model quality, and make it easier to deploy ML workloads to production in a reliable way.

Charmed Kubeflow addresses the need to build ML applications in a structured and consistent manner, promoting increased productivity and improved collaboration in Data Science teams.

For Data Scientists and Machine Learning Engineers, Charmed Kubeflow provides an advanced set of tools to organize and scale their work.

How to get started with Charmed Kubeflow?

Imagine your organization requires a full-fledged MLOps platform where data scientists, ML engineers, and MLOps engineers can collaborate to advance cutting-edge ML solutions. A popular platform that meets these requirements is Kubeflow. However, deploying and maintaining production-grade Kubeflow is a huge task that requires a lot of manual configuration. And deploying it in your own unique environment may introduce problems that no one has ever encountered before—problems that you will have to solve yourself.

The hero of our story has appeared: Charmed Kubeflow. Charmed Kubeflow is a set of charms that gives you a simple, ready-to-use way to deploy Kubeflow with a single command. It sets reasonable default settings, but still gives you the flexibility to customize the configuration as you see fit – the best of both worlds. It also gives your deployment all the superpowers Juju.

So let's get started. In the rest of this article, we're going to deploy Charmed Kubeflow for ourselves! Don't worry, using Juju we will complete this deployment with minimal effort.

Requirements:

This article assumes that you will deploy Kubeflow on a public cloud virtual machine (write in telegram zubikas.t.me We will provide the necessary resources for free to the first 10 users) with the following characteristics:

  • Runs Ubuntu 22.04 (jammy).

  • Has at least 4 cores, 32 GB of RAM and 50 GB of disk space.

  • Connected to the Internet to download the necessary bindings and charms.

  • Installed python3.

How to configure access to a virtual machine via SSH with port forwarding?

Below we show how to connect a laptop to a virtual machine using SSH and port forwarding.

To set up an SSH tunnel with a SOCKS proxy, follow these steps:

  1. For Charmed Kubeflow run this command:

ssh -L 31380:localhost:31380 -D 9999 ubuntu@kubeflow-3.mk8s.by
img1png

Note: For MLflow you will see an additional option -L 31380:localhost:31380. This forwards the localhost port 31380 to the remote machine, since we need it to access the MLflow panel.

  1. Configure your browser's network settings to use a SOCKS proxy

  • Open Настройки > Настройки сети > Настроить....

  • Set the network proxy to Ручная настройка прокси.

  • Set to host SOCKS meaning: 127.0.0.1 and port 9999.

imgpng

Note: After this, all network traffic will go through the SSH tunnel to the virtual machine. If the SSH tunnel is closed, you will lose the Internet.

To disable, first change your network settings by disabling the network proxy and then close the SSH tunnel.

The rest of this article, unless otherwise noted, assumes that you will perform all command line operations on the VM through an open SSH tunnel. It is also assumed that you will be using a web browser on your local machine to access the Kubeflow panel.

Installation and preparation of MicroK8s.

Let's begin our deployment. Each Kubeflow instance needs a K8s cluster to run. To keep things simple, we'll run our Kubeflow instance on MicroK8s, which is the easiest and fastest way to create a K8s cluster.

Install the package microk8s from the channel 1.29/stable.

sudo snap install microk8s --classic --channel=1.29

Great! Now microk8s installed and will automatically start working in the background. Now it's time to configure it so it's ready to work with Kubeflow.

Next, a small life hack. To not use sudo For each MicroK8s command, run the following commands:

sudo usermod -a -G microk8s 
newgrp microk8s

Note: You will need to re-run newgrp microk8s every time you open a new shell session.

Now although we will use juju as the main configuration tool to work with Kubeflow deployment, sometimes we will need to interact with MicroK8s directly through the command kubectl. For this to work, we need to grant ownership of all configuration files kubectl user performing kubectl. To do this, run this command:

sudo chown -f -R " class="formula inline">USER ~/.kube

Great! That's it for setting permissions. Next stop: extras!

MicroK8s is a fully functional Kubernetes that runs with minimal overhead. However, for our purposes, we will need Kubernetes with a few additional features. Many additional services are available in the form addons MicroK8s is a code that comes with the snap and can be turned on or off as needed. Let's enable some of these features to get a Kubernetes on which we can install Kubeflow. We will add a DNS service so that applications can find each other; storage; ingress controller so we can access Kubeflow components; and the MetalLB load balancer application.

Enable the following Microk8s add-ons to set up a Kubernetes cluster with the additional services required to run Charmed Kubeflow: dns, hostpath-storage, ingress And metallb for a range of IP addresses 10.64.140.43-10.64.140.49.

Enable MicroK8s addons

microk8s enable dns hostpath-storage ingress metallb:10.64.140.43-10.64.140.49 rbac
img2png
img3png

Great job! You have now installed and configured MicroK8s.

Now it may take 5 minutes or so before all the addons we have configured are ready to go.

Run the following command:

microk8s status --wait-ready

The output should show MicroK8s as running and all the addons we enabled earlier should be listed as enabled:: dns, storage, ingress And metallb. If it doesn't, wait a little longer and run the command again.

img4png

Great, you've now installed and configured MicroK8s and it's up and running! We now have a K8s cluster on which we can deploy our Kubeflow instance.

Juju installation

Juju is an operations lifecycle manager (OLM) for cloud, bare metal or Kubernetes. We'll use it to deploy and manage the components that make up Kubeflow.

To install Juju from snap, run the following command:

sudo snap install juju --channel=3.4
img5png

Some machines may not have the folder required for juju to work correctly. Due to this, please make sure you create this folder:

mkdir -p ~/.local/share

As a next step, we can configure microk8s to work correctly with juju by following these steps:

microk8s config | juju add-k8s my-k8s --client

Team microk8s config retrieves the client's kubernetes configuration, which is then registered with the juju kubernetes endpoints.

img6png

Now run the following command to deploy the Juju controller to Kubernetes, which we configured with MicroK8s:

juju bootstrap my-k8s uk8sx

Wait for the command to complete! Deploying the controller may take a minute or two.

The controller is a Juju agent running on Kubernetes that can be used to deploy and manage Kubeflow components.

img7png

Next we need to add the model for Kubeflow to the controller. Run the following command to add a model called kubeflow:

juju add-model kubeflow

The controller can work with various моделями, which map 1:1 to namespaces in Kubernetes. In this case, the model name should be kubeflowdue to an assumption made in the Kubeflow Dashboard code.

Great job: Juju is now installed and configured for Kubeflow!

img8png

Deploying Charmed Kubeflow

Before deployment, run these commands:

sudo sysctl fs.inotify.max_user_instances=2560
sudo sysctl fs.inotify.max_user_watches=1048576

We need to run the above commands because under the hood microk8s uses inotify to interact with the filesystem and kubeflow sometimes exceeds the standard inotify limits. Update /etc/sysctl.conf with the following lines if you want these commands to persist across machine reboots:

fs.inotify.max_user_instances=2560
fs.inotify.max_user_watches=655360
img9png

Finally, we are ready to deploy Charmed Kubeflow! Execute this code to deploy the Charmed Kubeflow package using Juju:

juju deploy kubeflow --trust --channel=1.8

Be patient. The deployment process may take 5-10 minutes.

In the meantime, what's going on here? Take a look at your output.

Here you can see the usage possibilities Juju for deployment kubeflow. From the output we can see that the package finds, deploys and configures all the necessary enchantments for us. Without juju we would have to deploy and configure all these enchantments ourselves.

img10png

When the deployment command completes, you will receive a message that reads:

Deploy of bundle completed.
img11png

This means that all components of the package have been put into operation. However, this does not mean that Kubeflow ready. Once deployed, the various components of the package take some time to initialize and communicate with each other. Be patient – it usually takes from 15 minutes to 1 hour.

How do you know when the whole package is ready? This can be done using the command juju status. First, let's run the basic status command and see what happens. Run the following command to display the status of all Juju components:

juju status
img12png

Review your results. You should see a summary, a list of applications and related information, and a list of departments and related information. Don't worry too much about what this all means just yet. The main thing that interests us at this stage is the statuses of all applications and modules in our package. We want all statuses to eventually become active, indicating that the package is ready. Run the following command to monitor components that are not yet active:

juju status --watch 5s

In this case, the command will be executed periodically juju status. When all components on the screen are able to activewe will know that our bundle is ready.

Don't be surprised if from time to time the statuses of some components change to blocked or error. This is expected behavior and these statuses should resolve themselves as the package is configured. However, if the components are still in the same error state, please refer to the troubleshooting steps below.

img13png

While you're waiting for the package Kubeflow Now that you're prepared, move on to the next section of this article, which will cover some post-installation configuration tasks.

Set up access to the dashboard.

Running Kubeflow is great, but how will we interact with it as a user? This is where the dashboard comes to the rescue. We'll get to that later, but for now let's configure some components to access the dashboard.

Firstly, run this command to check the load balancer IP address Istio ingress gatewaywhich is the entry point for our entire bunch:

microk8s kubectl -n kubeflow get svc istio-ingressgateway-workload -o jsonpath="{.status.loadBalancer.ingress[0].ip}"
img14png

You should see at the exit 10.64.140.43 – This is the IP address of this component in the default microk8s configuration. If you see something different, don't worry – just replace 10.64.140.43 to any IP address you see in the rest of the instructions in this guide.

To access kubeflow through his service dashboard, we need to configure the package a little so that it supports authentication and authorization. To do this, run the following commands:

juju config dex-auth public-url=http://10.64.140.43.nip.io
juju config oidc-gatekeeper public-url=http://10.64.140.43.nip.io
img15png

This tells the package's authentication and authorization components that users accessing the package will do so via a URL http://10.64.140.43.nip.io. In turn, this allows these components to create appropriate responses to incoming traffic.

To enable Basic Authentication and set a username and password for your Kubeflow deployment, run the following commands:

juju config dex-auth static-username=admin
juju config dex-auth static-password=admin
img16png

Feel free to use a different (stronger!) password if you wish.

Great! Now our bundle is configured to access the dashboard through a browser.

Checking Charmed Kubeflow Deployment

Great! We deployed and configured Kubeflow. But how do we know that we did everything right? You can try logging in. Go!

Open a browser and go to the following URL:

http://10.64.140.43.nip.io

You will then see the dex login screen. Enter your username (this includes your email address, but whatever you entered during setup will do) and password from the previous setup step.

img17png

You should now see the Kubeflow “Welcome” page:

img18png

Click the button Start setup. The next screen will ask you to create a namespace. It's simply a way to keep all the files and settings for one project in one, easily accessible place. Choose any name you like:

img19png

After you click the button Finishthe control panel will appear on the screen!

img20png

img20png

Congratulations, we have deployed Kubeflow!

More detailed information about working with kubeflow can be found in the following articles.

For any questions you can write in telegram https://t.me/microk8s_kubeflow

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *