⌨️Tutorial
An example GitOps recipe
This repository contains a PySpark example job (how did you guess it was word count?) that we are going to operationalize using Helm and databricks-kube-operator. You can follow along with a local minikube cluster, or use in an environment with ArgoCD or Fleet.
Create a Helm umbrella chart
Begin by creating a Helm umbrella chart. The Helm starter chart has unneeded example resources and values that we remove:
helm create example-job
rm example-job/templates/NOTES.txt
rm -rf example-job/templates/*.yaml
rm -rf example-job/templates/tests
echo > example-job/values.yaml
Your directory structure should look like this:
example-job
├── Chart.yaml
├── charts
├── templates
│ ├── NOTES.txt
│ └── _helpers.tpl
└── values.yaml
In Chart.yaml
, add a dependency to the operator chart:
dependencies:
- name: databricks-kube-operator
repository: https://mach-kernel.github.io/databricks-kube-operator
version: 0.5.0
Populating Databricks resources
We are now going to create our resources in the templates/
directory.
1. Operator configmap and Databricks access token
Begin by creating a Databricks service principal, and use the according API call to create an access token. If your new service principal is unable to issue a token, enable token permissions for it by following the instructions from this KB.
Create a secret containing your Databricks API URL and a valid access token. The snippet below is for your convenience, to run against the cluster for this example. Do not create a template and check in your token.
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: databricks-api-secret
data:
access_token: $(echo -n 'shhhh' | base64)
databricks_url: $(echo -n 'https://my-tenant.cloud.databricks.com/api' | base64)
EOF
Create the file below. The operator configmap expects a secret name from which to pull its REST configuration.
apiVersion: v1
kind: ConfigMap
metadata:
name: databricks-kube-operator
namespace: {{ .Release.Namespace }}
data:
api_secret_name: databricks-api-secret
2. Git Credentials
Public repositories do not require Git credentials. The tutorial deploys the job from this public repository. You can skip this step, unless you are following along with your own job and a private repo.
Here is another "quick snippet" for making the required secret if deploying your own job from a private repo. As previously mentioned, do not check this in as a template.
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: my-git-credential-secret
data:
personal_access_token: $(echo -n 'shhhh' | base64)
EOF
Create the file below. According to the API documentation, the following VCS providers are available:
The available Git providers are awsCodeCommit, azureDevOpsServices, bitbucketCloud, bitbucketServer, gitHub, gitHubEnterprise, gitLab, and gitLabEnterpriseEdition.
apiVersion: com.dstancu.databricks/v1
kind: GitCredential
metadata:
annotations:
databricks-operator/owner: operator
name: example-credential
namespace: {{ .Release.Namespace }}
spec:
secret_name: my-git-credential-secret
credential:
git_username: my-user-name
git_provider: gitHub
3. DatabricksJob
Create the file below to create a job. There are two possible strategies for running jobs via Git sources. For more possible configuration, see the API SDK docs.
Using the Git provider
If your credentials are configured, Databricks job definitions now support directly referencing a Git source. Whenever the job is triggered, it will use the latest version from source control without needing to poll the repo for updates.
apiVersion: com.dstancu.databricks/v1
kind: DatabricksJob
metadata:
name: my-word-count
namespace: {{ .Release.Namespace }}
spec:
job:
settings:
email_notifications:
no_alert_for_skipped_runs: false
format: MULTI_TASK
job_clusters:
- job_cluster_key: word-count-cluster
new_cluster:
aws_attributes:
availability: SPOT_WITH_FALLBACK
ebs_volume_count: 1
ebs_volume_size: 32
ebs_volume_type: GENERAL_PURPOSE_SSD
first_on_demand: 1
spot_bid_price_percent: 100
zone_id: us-east-1e
custom_tags:
ResourceClass: SingleNode
driver_node_type_id: m4.large
enable_elastic_disk: false
node_type_id: m4.large
num_workers: 0
spark_conf:
spark.databricks.cluster.profile: singleNode
spark.master: local[*, 4]
spark_env_vars:
PYSPARK_PYTHON: /databricks/python3/bin/python3
spark_version: 10.4.x-scala2.12
max_concurrent_runs: 1
name: my-word-count
git_source:
git_branch: master
git_provider: gitHub
git_url: https://github.com/mach-kernel/databricks-kube-operator
tasks:
- email_notifications: {}
job_cluster_key: word-count-cluster
notebook_task:
# NOTE: Do not provide the file extension, your job will fail
notebook_path: examples/job
source: GIT
task_key: my-word-count
timeout_seconds: 0
timeout_seconds: 0
Using the repos / workspace integration
Follow the optional Git Repo instructions before proceeding.
This is for use with the Repo
API, which clones a repository to your workspace. Tasks are then launched from WORKSPACE
paths. You can reuse the CRD from above removing git_source
and changing the task definition to match the example below:
apiVersion: com.dstancu.databricks/v1
kind: DatabricksJob
metadata:
name: my-word-count
namespace: {{ .Release.Namespace }}
spec:
job:
settings:
tasks:
- email_notifications: {}
job_cluster_key: word-count-cluster
notebook_task:
notebook_path: /Repos/Test/databricks-kube-operator/examples/job
source: WORKSPACE
task_key: my-word-count
timeout_seconds: 0
4. All together now
Awesome! We have templates for our shiny new job. Let's make sure the chart works as expected. Inspect the resulting templates for errors:
helm template example-job
If everything looks good, it's time to install. Unfortunately this requires discussion of the dreaded "install CRDs first" problem. Here are suggestions for different readers:
Local/minikube: Comment out the dependency key and continue with installation
ArgoCD: Use sync waves
Fleet/others: Use one chart for your operator deployment, and another for the Databricks resources. On first deploy, the operator chart will sync successfully and
example-job
will do so on retry.
helm install word-count example-job
If successful, you should see the following Helm deployments, as well as your job in Databricks:
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
databricks-kube-operator default 1 2022-11-06 09:54:53.057226 -0500 EST deployed databricks-kube-operator-0.5.0 1.16.0
word-count default 1 2022-11-06 10:11:42.774865 -0500 EST deployed example-job-0.1.0 1.16.0
Bump the chart version for your Databricks definitions as they change, and let databricks-kube-operator reconcile them when they are merged to your main branch.
Optional: Git Repo
We recommend using the Git source for your job definitions, as databricks-kube-operator does not poll Databricks to update the workspace repository clone. PRs are accepted.
Create the file below to create a repo. Ensure that the /Test
directory exists within Repos (docs) on your Databricks instance, or else the create request will 400:
apiVersion: com.dstancu.databricks/v1
kind: Repo
metadata:
annotations:
databricks-operator/owner: operator
name: databricks-kube-operator
namespace: {{ .Release.Namespace }}
spec:
repository:
path: /Repos/Test/databricks-kube-operator
provider: gitHub
url: https://github.com/mach-kernel/databricks-kube-operator.git
Last updated