Flyte Scheduler Configuration#

Section: admin#

endpoint (config.URL)#

For admin types, specify where the uri of the service is located.

Default Value:

""

insecure (bool)#

Use insecure connection.

Default Value:

"false"

insecureSkipVerify (bool)#

InsecureSkipVerify controls whether a client verifies the server’s certificate chain and host name. Caution : shouldn’t be use for production usecases’

Default Value:

"false"

caCertFilePath (string)#

Use specified certificate file to verify the admin server peer.

Default Value:

""

maxBackoffDelay (config.Duration)#

Max delay for grpc backoff

Default Value:

8s

perRetryTimeout (config.Duration)#

gRPC per retry timeout

Default Value:

15s

maxRetries (int)#

Max number of gRPC retries

Default Value:

"4"

authType (uint8)#

Type of OAuth2 flow used for communicating with admin.ClientSecret,Pkce,ExternalCommand are valid values

Default Value:

ClientSecret

tokenRefreshWindow (config.Duration)#

Max duration between token refresh attempt and token expiry.

Default Value:

0s

useAuth (bool)#

Deprecated: Auth will be enabled/disabled based on admin’s dynamically discovered information.

Default Value:

"false"

clientId (string)#

Client ID

Default Value:

flytepropeller

clientSecretLocation (string)#

File containing the client secret

Default Value:

/etc/secrets/client_secret

scopes ([]string)#

List of scopes to request

Default Value:

[]

authorizationServerUrl (string)#

This is the URL to your IdP’s authorization server. It’ll default to Endpoint

Default Value:

""

tokenUrl (string)#

OPTIONAL: Your IdP’s token endpoint. It’ll be discovered from flyte admin’s OAuth Metadata endpoint if not provided.

Default Value:

""

authorizationHeader (string)#

Custom metadata header to pass JWT

Default Value:

""

pkceConfig (pkce.Config)#

Config for Pkce authentication flow.

Default Value:

refreshTime: 5m0s
timeout: 15s

command ([]string)#

Command for external authentication token generation

Default Value:

[]

defaultServiceConfig (string)#

Default Value:

""

config.Duration#

Duration (int64)#

Default Value:

8s

config.URL#

URL (url.URL)#

Default Value:

ForceQuery: false
Fragment: ""
Host: ""
Opaque: ""
Path: ""
RawFragment: ""
RawPath: ""
RawQuery: ""
Scheme: ""
User: null

url.URL#

Scheme (string)#

Default Value:

""
Opaque (string)#

Default Value:

""
User (url.Userinfo)#

Default Value:

null
Host (string)#

Default Value:

""
Path (string)#

Default Value:

""
RawPath (string)#

Default Value:

""
ForceQuery (bool)#

Default Value:

"false"
RawQuery (string)#

Default Value:

""
Fragment (string)#

Default Value:

""
RawFragment (string)#

Default Value:

""

pkce.Config#

timeout (config.Duration)#

Default Value:

15s
refreshTime (config.Duration)#

Default Value:

5m0s

Section: auth#

httpAuthorizationHeader (string)#

Default Value:

flyte-authorization

grpcAuthorizationHeader (string)#

Default Value:

flyte-authorization

disableForHttp (bool)#

Disables auth enforcement on HTTP Endpoints.

Default Value:

"false"

disableForGrpc (bool)#

Disables auth enforcement on Grpc Endpoints.

Default Value:

"false"

authorizedUris ([]config.URL)#

Default Value:

null

userAuth (config.UserAuthConfig)#

Defines Auth options for users.

Default Value:

cookieBlockKeySecretName: cookie_block_key
cookieHashKeySecretName: cookie_hash_key
cookieSetting:
  domain: ""
  sameSitePolicy: DefaultMode
openId:
  baseUrl: ""
  clientId: ""
  clientSecretFile: ""
  clientSecretName: oidc_client_secret
  scopes:
  - openid
  - profile
redirectUrl: /console

appAuth (config.OAuth2Options)#

Defines Auth options for apps. UserAuth must be enabled for AppAuth to work.

Default Value:

authServerType: Self
externalAuthServer:
  allowedAudience: []
  baseUrl: ""
  metadataUrl: ""
selfAuthServer:
  accessTokenLifespan: 30m0s
  authorizationCodeLifespan: 5m0s
  claimSymmetricEncryptionKeySecretName: claim_symmetric_key
  issuer: ""
  oldTokenSigningRSAKeySecretName: token_rsa_key_old.pem
  refreshTokenLifespan: 1h0m0s
  staticClients:
    flyte-cli:
      audience: null
      grant_types:
      - refresh_token
      - authorization_code
      id: flyte-cli
      public: true
      redirect_uris:
      - http://localhost:53593/callback
      - http://localhost:12345/callback
      response_types:
      - code
      - token
      scopes:
      - all
      - offline
      - access_token
    flytectl:
      audience: null
      grant_types:
      - refresh_token
      - authorization_code
      id: flytectl
      public: true
      redirect_uris:
      - http://localhost:53593/callback
      - http://localhost:12345/callback
      response_types:
      - code
      - token
      scopes:
      - all
      - offline
      - access_token
    flytepropeller:
      audience: null
      client_secret: JDJhJDA2JHB4czFBa0c4MUt2cmhwbWwxUWlMU09RYVRrOWVlUHJVLzdZYWI5eTA3aDN4MFRnbGJhb1Q2
      grant_types:
      - refresh_token
      - client_credentials
      id: flytepropeller
      public: false
      redirect_uris:
      - http://localhost:3846/callback
      response_types:
      - token
      scopes:
      - all
      - offline
      - access_token
  tokenSigningRSAKeySecretName: token_rsa_key.pem
thirdPartyConfig:
  flyteClient:
    clientId: flytectl
    redirectUri: http://localhost:53593/callback
    scopes:
    - all
    - offline

config.OAuth2Options#

authServerType (int)#

Default Value:

Self
selfAuthServer (config.AuthorizationServer)#

Authorization Server config to run as a service. Use this when using an IdP that does not offer a custom OAuth2 Authorization Server.

Default Value:

accessTokenLifespan: 30m0s
authorizationCodeLifespan: 5m0s
claimSymmetricEncryptionKeySecretName: claim_symmetric_key
issuer: ""
oldTokenSigningRSAKeySecretName: token_rsa_key_old.pem
refreshTokenLifespan: 1h0m0s
staticClients:
  flyte-cli:
    audience: null
    grant_types:
    - refresh_token
    - authorization_code
    id: flyte-cli
    public: true
    redirect_uris:
    - http://localhost:53593/callback
    - http://localhost:12345/callback
    response_types:
    - code
    - token
    scopes:
    - all
    - offline
    - access_token
  flytectl:
    audience: null
    grant_types:
    - refresh_token
    - authorization_code
    id: flytectl
    public: true
    redirect_uris:
    - http://localhost:53593/callback
    - http://localhost:12345/callback
    response_types:
    - code
    - token
    scopes:
    - all
    - offline
    - access_token
  flytepropeller:
    audience: null
    client_secret: JDJhJDA2JHB4czFBa0c4MUt2cmhwbWwxUWlMU09RYVRrOWVlUHJVLzdZYWI5eTA3aDN4MFRnbGJhb1Q2
    grant_types:
    - refresh_token
    - client_credentials
    id: flytepropeller
    public: false
    redirect_uris:
    - http://localhost:3846/callback
    response_types:
    - token
    scopes:
    - all
    - offline
    - access_token
tokenSigningRSAKeySecretName: token_rsa_key.pem
externalAuthServer (config.ExternalAuthorizationServer)#

External Authorization Server config.

Default Value:

allowedAudience: []
baseUrl: ""
metadataUrl: ""
thirdPartyConfig (config.ThirdPartyConfigOptions)#

Defines settings to instruct flyte cli tools (and optionally others) on what config to use to setup their client.

Default Value:

flyteClient:
  clientId: flytectl
  redirectUri: http://localhost:53593/callback
  scopes:
  - all
  - offline

config.AuthorizationServer#

issuer (string)#

Defines the issuer to use when issuing and validating tokens. The default value is https://<requestUri.HostAndPort>/

Default Value:

""
accessTokenLifespan (config.Duration)#

Defines the lifespan of issued access tokens.

Default Value:

30m0s
refreshTokenLifespan (config.Duration)#

Defines the lifespan of issued access tokens.

Default Value:

1h0m0s
authorizationCodeLifespan (config.Duration)#

Defines the lifespan of issued access tokens.

Default Value:

5m0s
claimSymmetricEncryptionKeySecretName (string)#

OPTIONAL: Secret name to use to encrypt claims in authcode token.

Default Value:

claim_symmetric_key
tokenSigningRSAKeySecretName (string)#

OPTIONAL: Secret name to use to retrieve RSA Signing Key.

Default Value:

token_rsa_key.pem
oldTokenSigningRSAKeySecretName (string)#

OPTIONAL: Secret name to use to retrieve Old RSA Signing Key. This can be useful during key rotation to continue to accept older tokens.

Default Value:

token_rsa_key_old.pem
staticClients (map[string]*fosite.DefaultClient)#

Default Value:

flyte-cli:
  audience: null
  grant_types:
  - refresh_token
  - authorization_code
  id: flyte-cli
  public: true
  redirect_uris:
  - http://localhost:53593/callback
  - http://localhost:12345/callback
  response_types:
  - code
  - token
  scopes:
  - all
  - offline
  - access_token
flytectl:
  audience: null
  grant_types:
  - refresh_token
  - authorization_code
  id: flytectl
  public: true
  redirect_uris:
  - http://localhost:53593/callback
  - http://localhost:12345/callback
  response_types:
  - code
  - token
  scopes:
  - all
  - offline
  - access_token
flytepropeller:
  audience: null
  client_secret: JDJhJDA2JHB4czFBa0c4MUt2cmhwbWwxUWlMU09RYVRrOWVlUHJVLzdZYWI5eTA3aDN4MFRnbGJhb1Q2
  grant_types:
  - refresh_token
  - client_credentials
  id: flytepropeller
  public: false
  redirect_uris:
  - http://localhost:3846/callback
  response_types:
  - token
  scopes:
  - all
  - offline
  - access_token

config.ExternalAuthorizationServer#

baseUrl (config.URL)#

This should be the base url of the authorization server that you are trying to hit. With Okta for instance, it will look something like https://company.okta.com/oauth2/abcdef123456789/

Default Value:

""
allowedAudience ([]string)#

Optional: A list of allowed audiences. If not provided, the audience is expected to be the public Uri of the service.

Default Value:

[]
metadataUrl (config.URL)#

Optional: If the server doesn’t support /.well-known/oauth-authorization-server, you can set a custom metadata url here.’

Default Value:

""

config.ThirdPartyConfigOptions#

flyteClient (config.FlyteClientConfig)#

Default Value:

clientId: flytectl
redirectUri: http://localhost:53593/callback
scopes:
- all
- offline

config.FlyteClientConfig#

clientId (string)#

public identifier for the app which handles authorization for a Flyte deployment

Default Value:

flytectl
redirectUri (string)#

This is the callback uri registered with the app which handles authorization for a Flyte deployment

Default Value:

http://localhost:53593/callback
scopes ([]string)#

Recommended scopes for the client to request.

Default Value:

- all
- offline

config.UserAuthConfig#

redirectUrl (config.URL)#

Default Value:

/console
openId (config.OpenIDOptions)#

OpenID Configuration for User Auth

Default Value:

baseUrl: ""
clientId: ""
clientSecretFile: ""
clientSecretName: oidc_client_secret
scopes:
- openid
- profile
cookieHashKeySecretName (string)#

OPTIONAL: Secret name to use for cookie hash key.

Default Value:

cookie_hash_key
cookieBlockKeySecretName (string)#

OPTIONAL: Secret name to use for cookie block key.

Default Value:

cookie_block_key
cookieSetting (config.CookieSettings)#

settings used by cookies created for user auth

Default Value:

domain: ""
sameSitePolicy: DefaultMode

config.CookieSettings#

sameSitePolicy (int)#

OPTIONAL: Allows you to declare if your cookie should be restricted to a first-party or same-site context.Wrapper around http.SameSite.

Default Value:

DefaultMode
domain (string)#

OPTIONAL: Allows you to set the domain attribute on the auth cookies.

Default Value:

""

config.OpenIDOptions#

clientId (string)#

Default Value:

""
clientSecretName (string)#

Default Value:

oidc_client_secret
clientSecretFile (string)#

Default Value:

""
baseUrl (config.URL)#

Default Value:

""
scopes ([]string)#

Default Value:

- openid
- profile

Section: cloudevents#

enable (bool)#

Default Value:

"false"

type (string)#

Default Value:

local

aws (interfaces.AWSConfig)#

Default Value:

region: ""

gcp (interfaces.GCPConfig)#

Default Value:

projectId: ""

kafka (interfaces.KafkaConfig)#

Default Value:

Version: {}
brokers: null

eventsPublisher (interfaces.EventsPublisherConfig)#

Default Value:

eventTypes: null
topicName: ""

reconnectAttempts (int)#

Default Value:

"0"

reconnectDelaySeconds (int)#

Default Value:

"0"

interfaces.AWSConfig#

region (string)#

Default Value:

""

interfaces.EventsPublisherConfig#

topicName (string)#

Default Value:

""
eventTypes ([]string)#

Default Value:

null

interfaces.GCPConfig#

projectId (string)#

Default Value:

""

interfaces.KafkaConfig#

Version (sarama.KafkaVersion)#

Default Value:

{}
brokers ([]string)#

Default Value:

null

sarama.KafkaVersion#

version (array)#

Default Value:

'[0 0 0 0]'

Section: cluster_resources#

templatePath (string)#

Default Value:

""

templateData (map[string]interfaces.DataSource)#

Default Value:

{}

refreshInterval (config.Duration)#

Default Value:

1m0s

customData (map[string]map[string]interfaces.DataSource)#

Default Value:

{}

standaloneDeployment (bool)#

Whether the cluster resource sync is running in a standalone deployment and should call flyteadmin service endpoints

Default Value:

"false"

Section: clusters#

clusterConfigs ([]interfaces.ClusterConfig)#

Default Value:

null

labelClusterMap (map[string][]interfaces.ClusterEntity)#

Default Value:

null

Section: database#

host (string)#

Default Value:

""

port (int)#

Default Value:

"0"

dbname (string)#

Default Value:

""

username (string)#

Default Value:

""

password (string)#

Default Value:

""

passwordPath (string)#

Default Value:

""

options (string)#

Default Value:

""

debug (bool)#

Default Value:

"false"

enableForeignKeyConstraintWhenMigrating (bool)#

Whether to enable gorm foreign keys when migrating the db

Default Value:

"false"

maxIdleConnections (int)#

maxIdleConnections sets the maximum number of connections in the idle connection pool.

Default Value:

"10"

maxOpenConnections (int)#

maxOpenConnections sets the maximum number of open connections to the database.

Default Value:

"100"

connMaxLifeTime (config.Duration)#

sets the maximum amount of time a connection may be reused

Default Value:

1h0m0s

postgres (database.PostgresConfig)#

Default Value:

dbname: postgres
debug: false
host: postgres
options: sslmode=disable
password: ""
passwordPath: ""
port: 5432
username: postgres

sqlite (database.SQLiteConfig)#

Default Value:

file: ""

database.PostgresConfig#

host (string)#

The host name of the database server

Default Value:

postgres
port (int)#

The port name of the database server

Default Value:

"5432"
dbname (string)#

The database name

Default Value:

postgres
username (string)#

The database user who is connecting to the server.

Default Value:

postgres
password (string)#

The database password.

Default Value:

""
passwordPath (string)#

Points to the file containing the database password.

Default Value:

""
options (string)#

See http://gorm.io/docs/connecting_to_the_database.html for available options passed, in addition to the above.

Default Value:

sslmode=disable
debug (bool)#

Whether or not to start the database connection with debug mode enabled.

Default Value:

"false"

database.SQLiteConfig#

file (string)#

The path to the file (existing or new) where the DB should be created / stored. If existing, then this will be re-used, else a new will be created

Default Value:

""

Section: domains#

id (string)#

Default Value:

development

name (string)#

Default Value:

development

Section: externalevents#

enable (bool)#

Default Value:

"false"

type (string)#

Default Value:

local

aws (interfaces.AWSConfig)#

Default Value:

region: ""

gcp (interfaces.GCPConfig)#

Default Value:

projectId: ""

eventsPublisher (interfaces.EventsPublisherConfig)#

Default Value:

eventTypes: null
topicName: ""

reconnectAttempts (int)#

Default Value:

"0"

reconnectDelaySeconds (int)#

Default Value:

"0"

Section: flyteadmin#

roleNameKey (string)#

Default Value:

""

metricsScope (string)#

Default Value:

'flyte:'

metricsKeys ([]string)#

Default Value:

- project
- domain
- wf
- task
- phase
- tasktype
- runtime_type
- runtime_version
- app_name

profilerPort (int)#

Default Value:

"10254"

metadataStoragePrefix ([]string)#

Default Value:

- metadata
- admin

eventVersion (int)#

Default Value:

"2"

asyncEventsBufferSize (int)#

Default Value:

"100"

maxParallelism (int32)#

Default Value:

"25"

labels (map[string]string)#

Default Value:

null

annotations (map[string]string)#

Default Value:

null

interruptible (bool)#

Default Value:

"false"

assumableIamRole (string)#

Default Value:

""

k8sServiceAccount (string)#

Default Value:

""

outputLocationPrefix (string)#

Default Value:

""

Section: logger#

show-source (bool)#

Includes source code location in logs.

Default Value:

"false"

mute (bool)#

Mutes all logs regardless of severity. Intended for benchmarks/tests only.

Default Value:

"false"

level (int)#

Sets the minimum logging level.

Default Value:

"3"

formatter (logger.FormatterConfig)#

Sets logging format.

Default Value:

type: json

logger.FormatterConfig#

type (string)#

Sets logging format type.

Default Value:

json

Section: namespace_mapping#

mapping (string)#

Default Value:

""

template (string)#

Default Value:

'{{ project }}-{{ domain }}'

templateData (map[string]interfaces.DataSource)#

Default Value:

null

Section: notifications#

type (string)#

Default Value:

local

region (string)#

Default Value:

""

aws (interfaces.AWSConfig)#

Default Value:

region: ""

gcp (interfaces.GCPConfig)#

Default Value:

projectId: ""

publisher (interfaces.NotificationsPublisherConfig)#

Default Value:

topicName: ""

processor (interfaces.NotificationsProcessorConfig)#

Default Value:

accountId: ""
queueName: ""

emailer (interfaces.NotificationsEmailerConfig)#

Default Value:

body: ""
emailServerConfig:
  apiKeyEnvVar: ""
  apiKeyFilePath: ""
  serviceName: ""
sender: ""
subject: ""

reconnectAttempts (int)#

Default Value:

"0"

reconnectDelaySeconds (int)#

Default Value:

"0"

interfaces.NotificationsEmailerConfig#

emailServerConfig (interfaces.EmailServerConfig)#

Default Value:

apiKeyEnvVar: ""
apiKeyFilePath: ""
serviceName: ""
subject (string)#

Default Value:

""
sender (string)#

Default Value:

""
body (string)#

Default Value:

""

interfaces.EmailServerConfig#

serviceName (string)#

Default Value:

""
apiKeyEnvVar (string)#

Default Value:

""
apiKeyFilePath (string)#

Default Value:

""

interfaces.NotificationsProcessorConfig#

queueName (string)#

Default Value:

""
accountId (string)#

Default Value:

""

interfaces.NotificationsPublisherConfig#

topicName (string)#

Default Value:

""

Section: plugins#

catalogcache (catalog.Config)#

Default Value:

reader:
  maxItems: 1000
  maxRetries: 3
  workers: 10
writer:
  maxItems: 1000
  maxRetries: 3
  workers: 10

k8s (config.K8sPluginConfig)#

Default Value:

co-pilot:
  cpu: 500m
  default-input-path: /var/flyte/inputs
  default-output-path: /var/flyte/outputs
  image: cr.flyte.org/flyteorg/flytecopilot:v0.0.15
  input-vol-name: flyte-inputs
  memory: 128Mi
  name: flyte-copilot-
  output-vol-name: flyte-outputs
  start-timeout: 1m40s
  storage: ""
create-container-error-grace-period: 3m0s
default-annotations:
  cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
default-cpus: "1"
default-env-vars: null
default-env-vars-from-env: null
default-labels: null
default-memory: 1Gi
default-node-selector: null
default-pod-dns-config: null
default-pod-security-context: null
default-pod-template-name: ""
default-pod-template-resync: 30s
default-security-context: null
default-tolerations: null
delete-resource-on-finalize: false
enable-host-networking-pod: null
gpu-resource-name: nvidia.com/gpu
inject-finalizer: false
interruptible-node-selector: null
interruptible-node-selector-requirement: null
interruptible-tolerations: null
non-interruptible-node-selector-requirement: null
resource-tolerations: null
scheduler-name: ""

catalog.Config#

reader (workqueue.Config)#

Catalog reader workqueue config. Make sure the index cache must be big enough to accommodate the biggest array task allowed to run on the system.

Default Value:

maxItems: 1000
maxRetries: 3
workers: 10
writer (workqueue.Config)#

Catalog writer workqueue config. Make sure the index cache must be big enough to accommodate the biggest array task allowed to run on the system.

Default Value:

maxItems: 1000
maxRetries: 3
workers: 10

workqueue.Config#

workers (int)#

Number of concurrent workers to start processing the queue.

Default Value:

"10"
maxRetries (int)#

Maximum number of retries per item.

Default Value:

"3"
maxItems (int)#

Maximum number of entries to keep in the index.

Default Value:

"1000"

config.K8sPluginConfig#

inject-finalizer (bool)#

Instructs the plugin to inject a finalizer on startTask and remove it on task termination.

Default Value:

"false"
default-annotations (map[string]string)#

Default Value:

cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
default-labels (map[string]string)#

Default Value:

null
default-env-vars (map[string]string)#

Default Value:

null
default-env-vars-from-env (map[string]string)#

Default Value:

null
default-cpus (resource.Quantity)#

Defines a default value for cpu for containers if not specified.

Default Value:

"1"
default-memory (resource.Quantity)#

Defines a default value for memory for containers if not specified.

Default Value:

1Gi
default-tolerations ([]v1.Toleration)#

Default Value:

null
default-node-selector (map[string]string)#

Default Value:

null
default-affinity (v1.Affinity)#

Default Value:

null
scheduler-name (string)#

Defines scheduler name.

Default Value:

""
interruptible-tolerations ([]v1.Toleration)#

Default Value:

null
interruptible-node-selector (map[string]string)#

Default Value:

null
interruptible-node-selector-requirement (v1.NodeSelectorRequirement)#

Default Value:

null
non-interruptible-node-selector-requirement (v1.NodeSelectorRequirement)#

Default Value:

null
resource-tolerations (map[v1.ResourceName][]v1.Toleration)#

Default Value:

null
co-pilot (config.FlyteCoPilotConfig)#

Co-Pilot Configuration

Default Value:

cpu: 500m
default-input-path: /var/flyte/inputs
default-output-path: /var/flyte/outputs
image: cr.flyte.org/flyteorg/flytecopilot:v0.0.15
input-vol-name: flyte-inputs
memory: 128Mi
name: flyte-copilot-
output-vol-name: flyte-outputs
start-timeout: 1m40s
storage: ""
delete-resource-on-finalize (bool)#

Instructs the system to delete the resource on finalize. This ensures that no resources are kept around (potentially consuming cluster resources). This, however, will cause k8s log links to expire as soon as the resource is finalized.

Default Value:

"false"
create-container-error-grace-period (config.Duration)#

Default Value:

3m0s
gpu-resource-name (string)#

Default Value:

nvidia.com/gpu
default-pod-security-context (v1.PodSecurityContext)#

Default Value:

null
default-security-context (v1.SecurityContext)#

Default Value:

null
enable-host-networking-pod (bool)#

Default Value:

<invalid reflect.Value>
default-pod-dns-config (v1.PodDNSConfig)#

Default Value:

null
default-pod-template-name (string)#

Name of the PodTemplate to use as the base for all k8s pods created by FlytePropeller.

Default Value:

""
default-pod-template-resync (config.Duration)#

Frequency of resyncing default pod templates

Default Value:

30s

config.FlyteCoPilotConfig#

name (string)#

Flyte co-pilot sidecar container name prefix. (additional bits will be added after this)

Default Value:

flyte-copilot-
image (string)#

Flyte co-pilot Docker Image FQN

Default Value:

cr.flyte.org/flyteorg/flytecopilot:v0.0.15
default-input-path (string)#

Default path where the volume should be mounted

Default Value:

/var/flyte/inputs
default-output-path (string)#

Default path where the volume should be mounted

Default Value:

/var/flyte/outputs
input-vol-name (string)#

Name of the data volume that is created for storing inputs

Default Value:

flyte-inputs
output-vol-name (string)#

Name of the data volume that is created for storing outputs

Default Value:

flyte-outputs
start-timeout (config.Duration)#

Default Value:

1m40s
cpu (string)#

Used to set cpu for co-pilot containers

Default Value:

500m
memory (string)#

Used to set memory for co-pilot containers

Default Value:

128Mi
storage (string)#

Default storage limit for individual inputs / outputs

Default Value:

""

resource.Quantity#

i (resource.int64Amount)#

Default Value:

{}
d (resource.infDecAmount)#

Default Value:

<nil>
s (string)#

Default Value:

"1"
Format (string)#

Default Value:

DecimalSI

resource.infDecAmount#

Dec (inf.Dec)#

Default Value:

null

resource.int64Amount#

value (int64)#

Default Value:

"1"
scale (int32)#

Default Value:

"0"

Section: propeller#

kube-config (string)#

Path to kubernetes client config file.

Default Value:

""

master (string)#

Default Value:

""

workers (int)#

Number of threads to process workflows

Default Value:

"20"

workflow-reeval-duration (config.Duration)#

Frequency of re-evaluating workflows

Default Value:

10s

downstream-eval-duration (config.Duration)#

Frequency of re-evaluating downstream tasks

Default Value:

30s

limit-namespace (string)#

Namespaces to watch for this propeller

Default Value:

all

prof-port (config.Port)#

Profiler port

Default Value:

10254

metadata-prefix (string)#

MetadataPrefix should be used if all the metadata for Flyte executions should be stored under a specific prefix in CloudStorage. If not specified, the data will be stored in the base container directly.

Default Value:

metadata/propeller

rawoutput-prefix (string)#

a fully qualified storage path of the form s3://flyte/abc/…, where all data sandboxes should be stored.

Default Value:

""

queue (config.CompositeQueueConfig)#

Workflow workqueue configuration, affects the way the work is consumed from the queue.

Default Value:

batch-size: -1
batching-interval: 1s
queue:
  base-delay: 5s
  capacity: 1000
  max-delay: 1m0s
  rate: 100
  type: maxof
sub-queue:
  base-delay: 0s
  capacity: 1000
  max-delay: 0s
  rate: 100
  type: bucket
type: batch

metrics-prefix (string)#

An optional prefix for all published metrics.

Default Value:

flyte

metrics-keys ([]string)#

Metrics labels applied to prometheus metrics emitted by the service.

Default Value:

- project
- domain
- wf
- task

enable-admin-launcher (bool)#

Enable remote Workflow launcher to Admin

Default Value:

"true"

max-workflow-retries (int)#

Maximum number of retries per workflow

Default Value:

"10"

max-ttl-hours (int)#

Maximum number of hours a completed workflow should be retained. Number between 1-23 hours

Default Value:

"23"

gc-interval (config.Duration)#

Run periodic GC every 30 minutes

Default Value:

30m0s

leader-election (config.LeaderElectionConfig)#

Config for leader election.

Default Value:

enabled: false
lease-duration: 15s
lock-config-map:
  Name: ""
  Namespace: ""
renew-deadline: 10s
retry-period: 2s

publish-k8s-events (bool)#

Enable events publishing to K8s events API.

Default Value:

"false"

max-output-size-bytes (int64)#

Maximum size of outputs per task

Default Value:

"10485760"

kube-client-config (config.KubeClientConfig)#

Configuration to control the Kubernetes client

Default Value:

burst: 25
qps: 100
timeout: 30s

node-config (config.NodeConfig)#

config for a workflow node

Default Value:

default-deadlines:
  node-active-deadline: 48h0m0s
  node-execution-deadline: 48h0m0s
  workflow-active-deadline: 72h0m0s
interruptible-failure-threshold: 1
max-node-retries-system-failures: 3

max-streak-length (int)#

Maximum number of consecutive rounds that one propeller worker can use for one workflow - >1 => turbo-mode is enabled.

Default Value:

"8"

event-config (config.EventConfig)#

Configures execution event behavior.

Default Value:

fallback-to-output-reference: false
raw-output-policy: reference

include-shard-key-label ([]string)#

Include the specified shard key label in the k8s FlyteWorkflow CRD label selector

Default Value:

[]

exclude-shard-key-label ([]string)#

Exclude the specified shard key label from the k8s FlyteWorkflow CRD label selector

Default Value:

[]

include-project-label ([]string)#

Include the specified project label in the k8s FlyteWorkflow CRD label selector

Default Value:

[]

exclude-project-label ([]string)#

Exclude the specified project label from the k8s FlyteWorkflow CRD label selector

Default Value:

[]

include-domain-label ([]string)#

Include the specified domain label in the k8s FlyteWorkflow CRD label selector

Default Value:

[]

exclude-domain-label ([]string)#

Exclude the specified domain label from the k8s FlyteWorkflow CRD label selector

Default Value:

[]

cluster-id (string)#

Unique cluster id running this flytepropeller instance with which to annotate execution events

Default Value:

propeller

create-flyteworkflow-crd (bool)#

Enable creation of the FlyteWorkflow CRD on startup

Default Value:

"false"

config.CompositeQueueConfig#

type (string)#

Type of composite queue to use for the WorkQueue

Default Value:

batch
queue (config.WorkqueueConfig)#

Workflow workqueue configuration, affects the way the work is consumed from the queue.

Default Value:

base-delay: 5s
capacity: 1000
max-delay: 1m0s
rate: 100
type: maxof
sub-queue (config.WorkqueueConfig)#

SubQueue configuration, affects the way the nodes cause the top-level Work to be re-evaluated.

Default Value:

base-delay: 0s
capacity: 1000
max-delay: 0s
rate: 100
type: bucket
batching-interval (config.Duration)#

Duration for which downstream updates are buffered

Default Value:

1s
batch-size (int)#

Default Value:

"-1"

config.WorkqueueConfig#

type (string)#

Type of RateLimiter to use for the WorkQueue

Default Value:

maxof
base-delay (config.Duration)#

base backoff delay for failure

Default Value:

5s
max-delay (config.Duration)#

Max backoff delay for failure

Default Value:

1m0s
rate (int64)#

Bucket Refill rate per second

Default Value:

"100"
capacity (int)#

Bucket capacity as number of items

Default Value:

"1000"

config.EventConfig#

raw-output-policy (string)#

How output data should be passed along in execution events.

Default Value:

reference
fallback-to-output-reference (bool)#

Whether output data should be sent by reference when it is too large to be sent inline in execution events.

Default Value:

"false"

config.KubeClientConfig#

qps (float32)#

Default Value:

"100"
burst (int)#

Max burst rate for throttle. 0 defaults to 10

Default Value:

"25"
timeout (config.Duration)#

Max duration allowed for every request to KubeAPI before giving up. 0 implies no timeout.

Default Value:

30s

config.LeaderElectionConfig#

enabled (bool)#

Enables/Disables leader election.

Default Value:

"false"
lock-config-map (types.NamespacedName)#

ConfigMap namespace/name to use for resource lock.

Default Value:

Name: ""
Namespace: ""
lease-duration (config.Duration)#

Duration that non-leader candidates will wait to force acquire leadership. This is measured against time of last observed ack.

Default Value:

15s
renew-deadline (config.Duration)#

Duration that the acting master will retry refreshing leadership before giving up.

Default Value:

10s
retry-period (config.Duration)#

Duration the LeaderElector clients should wait between tries of actions.

Default Value:

2s

types.NamespacedName#

Namespace (string)#

Default Value:

""
Name (string)#

Default Value:

""

config.NodeConfig#

default-deadlines (config.DefaultDeadlines)#

Default value for timeouts

Default Value:

node-active-deadline: 48h0m0s
node-execution-deadline: 48h0m0s
workflow-active-deadline: 72h0m0s
max-node-retries-system-failures (int64)#

Maximum number of retries per node for node failure due to infra issues

Default Value:

"3"
interruptible-failure-threshold (int64)#

number of failures for a node to be still considered interruptible’

Default Value:

"1"

config.DefaultDeadlines#

node-execution-deadline (config.Duration)#

Default value of node execution timeout

Default Value:

48h0m0s
node-active-deadline (config.Duration)#

Default value of node timeout

Default Value:

48h0m0s
workflow-active-deadline (config.Duration)#

Default value of workflow timeout

Default Value:

72h0m0s

config.Port#

port (int)#

Default Value:

"10254"

Section: qualityofservice#

tierExecutionValues (map[string]interfaces.QualityOfServiceSpec)#

Default Value:

{}

defaultTiers (map[string]string)#

Default Value:

{}

Section: queues#

executionQueues (interfaces.ExecutionQueues)#

Default Value:

[]

workflowConfigs (interfaces.WorkflowConfigs)#

Default Value:

[]

Section: registration#

maxWorkflowNodes (int)#

Default Value:

"100"

maxLabelEntries (int)#

Default Value:

"0"

maxAnnotationEntries (int)#

Default Value:

"0"

workflowSizeLimit (string)#

Default Value:

""

Section: remotedata#

scheme (string)#

Default Value:

none

region (string)#

Default Value:

""

signedUrls (interfaces.SignedURL)#

Default Value:

durationMinutes: 0
enabled: false
signingPrincipal: ""

maxSizeInBytes (int64)#

Default Value:

"2097152"

inlineEventDataPolicy (int)#

Specifies how inline execution event data should be saved in the backend

Default Value:

Offload

interfaces.SignedURL#

enabled (bool)#

Whether signed urls should even be returned with GetExecutionData, GetNodeExecutionData and GetTaskExecutionData response objects.

Default Value:

"false"
durationMinutes (int)#

Default Value:

"0"
signingPrincipal (string)#

Default Value:

""

Section: scheduler#

profilerPort (config.Port)#

Default Value:

10254

eventScheduler (interfaces.EventSchedulerConfig)#

Default Value:

aws: null
local: {}
region: ""
scheduleNamePrefix: ""
scheduleRole: ""
scheme: local
targetName: ""

workflowExecutor (interfaces.WorkflowExecutorConfig)#

Default Value:

accountId: ""
aws: null
local:
  adminRateLimit:
    burst: 10
    tps: 100
region: ""
scheduleQueueName: ""
scheme: local

reconnectAttempts (int)#

Default Value:

"0"

reconnectDelaySeconds (int)#

Default Value:

"0"

interfaces.EventSchedulerConfig#

scheme (string)#

Default Value:

local
region (string)#

Default Value:

""
scheduleRole (string)#

Default Value:

""
targetName (string)#

Default Value:

""
scheduleNamePrefix (string)#

Default Value:

""
aws (interfaces.AWSSchedulerConfig)#

Default Value:

null
local (interfaces.FlyteSchedulerConfig)#

Default Value:

{}

interfaces.FlyteSchedulerConfig#

interfaces.WorkflowExecutorConfig#

scheme (string)#

Default Value:

local
region (string)#

Default Value:

""
scheduleQueueName (string)#

Default Value:

""
accountId (string)#

Default Value:

""
aws (interfaces.AWSWorkflowExecutorConfig)#

Default Value:

null
local (interfaces.FlyteWorkflowExecutorConfig)#

Default Value:

adminRateLimit:
  burst: 10
  tps: 100

interfaces.FlyteWorkflowExecutorConfig#

adminRateLimit (interfaces.AdminRateLimit)#

Default Value:

burst: 10
tps: 100

interfaces.AdminRateLimit#

tps (float64)#

Default Value:

"100"
burst (int)#

Default Value:

"10"

Section: secrets#

secrets-prefix (string)#

Prefix where to look for secrets file

Default Value:

/etc/secrets

env-prefix (string)#

Prefix for environment variables

Default Value:

FLYTE_SECRET_

Section: server#

httpPort (int)#

On which http port to serve admin

Default Value:

"8088"

grpcPort (int)#

deprecated

Default Value:

"0"

grpcServerReflection (bool)#

deprecated

Default Value:

"false"

kube-config (string)#

Path to kubernetes client config file, default is empty, useful for incluster config.

Default Value:

""

master (string)#

The address of the Kubernetes API server.

Default Value:

""

security (config.ServerSecurityOptions)#

Default Value:

allowCors: true
allowedHeaders:
- Content-Type
- flyte-authorization
allowedOrigins:
- '*'
auditAccess: false
secure: false
ssl:
  certificateFile: ""
  keyFile: ""
useAuth: false

grpc (config.GrpcConfig)#

Default Value:

maxMessageSizeBytes: 0
port: 8089
serverReflection: true

thirdPartyConfig (config.ThirdPartyConfigOptions)#

Deprecated please use auth.appAuth.thirdPartyConfig instead.

Default Value:

flyteClient:
  clientId: ""
  redirectUri: ""
  scopes: []

dataProxy (config.DataProxyConfig)#

Defines data proxy configuration.

Default Value:

download:
  maxExpiresIn: 1h0m0s
upload:
  defaultFileNameLength: 20
  maxExpiresIn: 1h0m0s
  maxSize: 6Mi
  storagePrefix: ""

config.DataProxyConfig#

upload (config.DataProxyUploadConfig)#

Defines data proxy upload configuration.

Default Value:

defaultFileNameLength: 20
maxExpiresIn: 1h0m0s
maxSize: 6Mi
storagePrefix: ""
download (config.DataProxyDownloadConfig)#

Defines data proxy download configuration.

Default Value:

maxExpiresIn: 1h0m0s

config.DataProxyDownloadConfig#

maxExpiresIn (config.Duration)#

Maximum allowed expiration duration.

Default Value:

1h0m0s

config.DataProxyUploadConfig#

maxSize (resource.Quantity)#

Maximum allowed upload size.

Default Value:

6Mi
maxExpiresIn (config.Duration)#

Maximum allowed expiration duration.

Default Value:

1h0m0s
defaultFileNameLength (int)#

Default length for the generated file name if not provided in the request.

Default Value:

"20"
storagePrefix (string)#

Storage prefix to use for all upload requests.

Default Value:

""

config.GrpcConfig#

port (int)#

On which grpc port to serve admin

Default Value:

"8089"
serverReflection (bool)#

Enable GRPC Server Reflection

Default Value:

"true"
maxMessageSizeBytes (int)#

The max size in bytes for incoming gRPC messages

Default Value:

"0"

config.ServerSecurityOptions#

secure (bool)#

Default Value:

"false"
ssl (config.SslOptions)#

Default Value:

certificateFile: ""
keyFile: ""
useAuth (bool)#

Default Value:

"false"
auditAccess (bool)#

Default Value:

"false"
allowCors (bool)#

Default Value:

"true"
allowedOrigins ([]string)#

Default Value:

- '*'
allowedHeaders ([]string)#

Default Value:

- Content-Type
- flyte-authorization

config.SslOptions#

certificateFile (string)#

Default Value:

""
keyFile (string)#

Default Value:

""

Section: storage#

type (string)#

Sets the type of storage to configure [s3/minio/local/mem/stow].

Default Value:

s3

connection (storage.ConnectionConfig)#

Default Value:

access-key: ""
auth-type: iam
disable-ssl: false
endpoint: ""
region: us-east-1
secret-key: ""

stow (storage.StowConfig)#

Storage config for stow backend.

Default Value:

{}

container (string)#

Initial container (in s3 a bucket) to create -if it doesn’t exist-.’

Default Value:

""

enable-multicontainer (bool)#

If this is true, then the container argument is overlooked and redundant. This config will automatically open new connections to new containers/buckets as they are encountered

Default Value:

"false"

cache (storage.CachingConfig)#

Default Value:

max_size_mbs: 0
target_gc_percent: 0

limits (storage.LimitsConfig)#

Sets limits for stores.

Default Value:

maxDownloadMBs: 2

defaultHttpClient (storage.HTTPClientConfig)#

Sets the default http client config.

Default Value:

headers: null
timeout: 0s

signedUrl (storage.SignedURLConfig)#

Sets config for SignedURL.

Default Value:

{}

storage.CachingConfig#

max_size_mbs (int)#

Maximum size of the cache where the Blob store data is cached in-memory. If not specified or set to 0, cache is not used

Default Value:

"0"
target_gc_percent (int)#

Sets the garbage collection target percentage.

Default Value:

"0"

storage.ConnectionConfig#

endpoint (config.URL)#

URL for storage client to connect to.

Default Value:

""
auth-type (string)#

Auth Type to use [iam,accesskey].

Default Value:

iam
access-key (string)#

Access key to use. Only required when authtype is set to accesskey.

Default Value:

""
secret-key (string)#

Secret to use when accesskey is set.

Default Value:

""
region (string)#

Region to connect to.

Default Value:

us-east-1
disable-ssl (bool)#

Disables SSL connection. Should only be used for development.

Default Value:

"false"

storage.HTTPClientConfig#

headers (map[string][]string)#

Default Value:

null
timeout (config.Duration)#

Sets time out on the http client.

Default Value:

0s

storage.LimitsConfig#

maxDownloadMBs (int64)#

Maximum allowed download size (in MBs) per call.

Default Value:

"2"

storage.SignedURLConfig#

stowConfigOverride (map[string]string)#

Default Value:

null

storage.StowConfig#

kind (string)#

Kind of Stow backend to use. Refer to github/flyteorg/stow

Default Value:

""
config (map[string]string)#

Configuration for stow backend. Refer to github/flyteorg/stow

Default Value:

{}

Section: task_resources#

defaults (interfaces.TaskResourceSet)#

Default Value:

cpu: "2"
ephemeralStorage: "0"
gpu: "0"
memory: 200Mi
storage: "0"

limits (interfaces.TaskResourceSet)#

Default Value:

cpu: "2"
ephemeralStorage: "0"
gpu: "1"
memory: 1Gi
storage: "0"

interfaces.TaskResourceSet#

cpu (resource.Quantity)#

Default Value:

"2"
gpu (resource.Quantity)#

Default Value:

"0"
memory (resource.Quantity)#

Default Value:

200Mi
storage (resource.Quantity)#

Default Value:

"0"
ephemeralStorage (resource.Quantity)#

Default Value:

"0"