OrthoDex/folding-at-home-ds.yml

## folding-at-home-ds.yml
# """
# Kubernetes Daemonset configuration to run Folding@Home docker containers on
# GPU enabled nodes. The work here is provided as a best effort.
#
# NOTE: Please dry run this and consider the additional options of the client
# with /usr/bin/FAHClient --help before deploying this on your clusters.
#
# IMPORTANT: Please edit the cpu, gpu and memory requests and limits based on your desired usage.
#
# Author: Ishaan Malhi @ 2020
# """

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: folding-at-home-worker
  labels:
    app: folding-at-home-worker
spec:
  selector:
      matchLabels:
        app: folding-at-home-worker
  template:
    metadata:
      labels:
        app: folding-at-home-worker
    spec:
      tolerations:
      # # This toleration is to have the daemonset runnable on master nodes
      # # uncomment this section if your masters can run pods
      - key: node-role.kubernetes.io/master
        effect: NoSchedule
      containers:
        - name: folding-at-home-gpu
          image: "foldingathome/fah-gpu:latest"
          # --run-as UID should match runAsUser value in containers securityContext
          command:
            - "/usr/bin/FAHClient"
            - "--config-rotate=false"
            - "--run-as"
            - "1000"
            - "--gpu=true"
          resources:
            limits:
              cpu: 6000m # How much CPU you wish to donate per node
              memory: 45G
              nvidia.com/gpu: "1"
            requests:
              cpu: 5000m
              memory: 40G
              nvidia.com/gpu: "1"
          # Make the container harder to break out of or exploit
          securityContext:
            runAsNonRoot: true
            runAsUser: 1000
            readOnlyRootFilesystem: true
            allowPrivilegeEscalation: false
          livenessProbe:
            exec:
              command:
              - /usr/bin/FAHClient
              - "--info"
            initialDelaySeconds: 60
            periodSeconds: 6000
          volumeMounts:
            - mountPath: /fah
              name: fahclient
          lifecycle:
            ## prevent losing work
            preStop:
              exec:
                # shutdown may take hours
                command: ["FAHClient", "--send-command", "finish"]
                # Uncomment below if you want immediate stop and potentially lose work units
                # command: ["FAHClient", "--send-command", "shutdown"]

      initContainers:
        - name: copy-config
          imagePullPolicy: Always
          image: "foldingathome/fah-gpu:latest"
          command:
            # Use following lines if using ConfigMap config.xml
            - "cp"
            - "/etc/fahclient-config/config.xml"
            - "/fah/config.xml"
          securityContext:
            runAsNonRoot: true
            runAsUser: 1000
            readOnlyRootFilesystem: false
          volumeMounts:
            - mountPath: /fah
              name: fahclient
            # Uncomment if using ConfigMap config.xml
            - name: fah-gpu-config
              mountPath: /etc/fahclient-config
      # We make an emptyDir to mount on the work directory /var/lib/fahclient
      # so we can make the rest of the container's root filesystem read-only
      volumes:
        # Uncomment if using ConfigMap config.xml
        - name: fah-gpu-config
          configMap:
            name: fah-gpu-config
        - name: fahclient
          emptyDir: {}
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: fah-gpu-config
data:
  config.xml: |
    <config>
      <!--
        To set your user name, team and passkey just edit the text
        in quotes below.
      -->
      <!-- User Information -->
      <user value=""/> <!-- Enter your user name here -->
      <team value=""/>         <!-- Your team number -->
      <passkey value=""/>       <!-- 32 hexadecimal characters if provided -->
      <power value="full"/>     <!-- Throttling this at K8s level -->
      <gpu value="true"/>      <!-- If true, attempt to autoconfigure GPUs -->
      <web-enable v='false'/>
      <disable-viz v='true'/>
      <gui-enabled v='false'/>

      <fold-anon value="true"/>
      <exit-when-done v='false'/>
      <!-- Folding Slots
        No folding slot configuration is necessary.  The client will
        automaticlaly choose a good configuration for you.  However, here
        are some examples:

          <slot id="0" type="CPU"/>
        or

          <slot id="0" type="CPU"/>
          <slot id="1" type="GPU"/>
        All slots in a configuration MUST have unique ids.
      -->
    </config>
---
	# """
	# Kubernetes Daemonset configuration to run Folding@Home docker containers on
	# GPU enabled nodes. The work here is provided as a best effort.
	#
	# NOTE: Please dry run this and consider the additional options of the client
	# with /usr/bin/FAHClient --help before deploying this on your clusters.
	#
	# IMPORTANT: Please edit the cpu, gpu and memory requests and limits based on your desired usage.
	#
	# Author: Ishaan Malhi @ 2020
	# """

	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	name: folding-at-home-worker
	labels:
	app: folding-at-home-worker
	spec:
	selector:
	matchLabels:
	app: folding-at-home-worker
	template:
	metadata:
	labels:
	app: folding-at-home-worker
	spec:
	tolerations:
	# # This toleration is to have the daemonset runnable on master nodes
	# # uncomment this section if your masters can run pods
	- key: node-role.kubernetes.io/master
	effect: NoSchedule
	containers:
	- name: folding-at-home-gpu
	image: "foldingathome/fah-gpu:latest"
	# --run-as UID should match runAsUser value in containers securityContext
	command:
	- "/usr/bin/FAHClient"
	- "--config-rotate=false"
	- "--run-as"
	- "1000"
	- "--gpu=true"
	resources:
	limits:
	cpu: 6000m # How much CPU you wish to donate per node
	memory: 45G
	nvidia.com/gpu: "1"
	requests:
	cpu: 5000m
	memory: 40G
	nvidia.com/gpu: "1"
	# Make the container harder to break out of or exploit
	securityContext:
	runAsNonRoot: true
	runAsUser: 1000
	readOnlyRootFilesystem: true
	allowPrivilegeEscalation: false
	livenessProbe:
	exec:
	command:
	- /usr/bin/FAHClient
	- "--info"
	initialDelaySeconds: 60
	periodSeconds: 6000
	volumeMounts:
	- mountPath: /fah
	name: fahclient
	lifecycle:
	## prevent losing work
	preStop:
	exec:
	# shutdown may take hours
	command: ["FAHClient", "--send-command", "finish"]
	# Uncomment below if you want immediate stop and potentially lose work units
	# command: ["FAHClient", "--send-command", "shutdown"]

	initContainers:
	- name: copy-config
	imagePullPolicy: Always
	image: "foldingathome/fah-gpu:latest"
	command:
	# Use following lines if using ConfigMap config.xml
	- "cp"
	- "/etc/fahclient-config/config.xml"
	- "/fah/config.xml"
	securityContext:
	runAsNonRoot: true
	runAsUser: 1000
	readOnlyRootFilesystem: false
	volumeMounts:
	- mountPath: /fah
	name: fahclient
	# Uncomment if using ConfigMap config.xml
	- name: fah-gpu-config
	mountPath: /etc/fahclient-config
	# We make an emptyDir to mount on the work directory /var/lib/fahclient
	# so we can make the rest of the container's root filesystem read-only
	volumes:
	# Uncomment if using ConfigMap config.xml
	- name: fah-gpu-config
	configMap:
	name: fah-gpu-config
	- name: fahclient
	emptyDir: {}
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: fah-gpu-config
	data:
	config.xml: \|
	<config>
	<!--
	To set your user name, team and passkey just edit the text
	in quotes below.
	-->
	<!-- User Information -->
	<user value=""/> <!-- Enter your user name here -->
	<team value=""/> <!-- Your team number -->
	<passkey value=""/> <!-- 32 hexadecimal characters if provided -->
	<power value="full"/> <!-- Throttling this at K8s level -->
	<gpu value="true"/> <!-- If true, attempt to autoconfigure GPUs -->
	<web-enable v='false'/>
	<disable-viz v='true'/>
	<gui-enabled v='false'/>

	<fold-anon value="true"/>
	<exit-when-done v='false'/>
	<!-- Folding Slots
	No folding slot configuration is necessary. The client will
	automaticlaly choose a good configuration for you. However, here
	are some examples:

	<slot id="0" type="CPU"/>
	or

	<slot id="0" type="CPU"/>
	<slot id="1" type="GPU"/>
	All slots in a configuration MUST have unique ids.
	-->
	</config>
	---