Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Spring Config

Deprecated Environment Variable

Example Values

Description

modelop.runtime.log-level

MODELOP_LOG_LEVEL

debug, info (default), warning, error

Log level of the engine

modelop.gateway-url

MODELOP_GATEWAY_LOCATION

http://gateway:8090 gateway:8090

The host:port of the MOC gateway

spring.application.name

MODELOP_ENGINE_NAME

engine-3

The name of the runtime that will be used to identify it in the registry

spring.cloud.config.uri

http://sccs:1234

The uri of the spring cloud config server from whence to acquire configuration (MUST BE SET LOCALLY)

spring.profiles.active

profile1,profile2,profile3

The spring profiles that contain the desired configuration (MUST BE SET LOCALLY)

modelop.runtime.group

MODELOP_RUNTIME_GROUP

modelop

The group name that owns the runtime.

modelop.runtime.initial-tags

MODELOP_RUNTIME_INITIAL_TAGS

“tag1, tag2”

A comma separated list of runtime tags that MOC should apply to the engine when it is first discovered.

server.port

MODELOP_API_PORT

8003 (default)

The port that the runtime will listen on

modelop.runtime.roundtrip-default-timeout

MODELOP_ROUNDTRIP_DEFAULT_TIMEOUT

5000 (default)

The default timeout (in milliseconds) for roundtrip REST calls

modelop.runtime.retain-assets:

“true”, “false”

(boolean) Setting to keep the input files to a given Job in the temporary directory on the engine pod.

eureka.instance.ip-address

MODELOP_ENGINE_IP

0.0.0.0

The IP address the engine should use to identify itself to the registry

eureka.instance.hostname

MODELOP_ENGINE_HOSTNAME

engine-3

The hostname the engine should use to identify itself to the registry

eureka.instance.instanceId

The instance id to register with eureka (NOT TYPICALLY SET)

eureka.instance.health-check-url

{hostname:port}/1/health

Health check url (NOT TYPICALLY SET)

eureka.instance.home-page-url

{hostname:port}/

Root api url (NOT TYPICALLY SET)

eureka.instance.status-page-url

{hostname:port}/1/platforms

Status check url (NOT TYPICALLY SET)

server.ssl.enabled

MODELOP_ENGINE_USE_HTTPS

true, false (default)

Indicates whether the engine uses SSL

eureka.client.service-url.defaultZone

MODELOP_EUREKA_HOSTNAME and MODELOP_EUREKA_PORT

http://registry:8761/eureka

url indicating the registry’s hostname and port, as well as a trailing ‘/eureka’.

MODELOP_EUREKA_HOSTNAME

registry

The hostname of the registry

MODELOP_EUREKA_PORT

8761 (default)

The port on which the registry is listening

modelop.runtime.log-location

MODELOP_RUNTIME_LOG_LOCATION

/tmp/logs

The directory where engine logs are stored

modelop.runtime.log-file-max-size

MODELOP_RUNTIME_LOG_FILE_MAX_SIZE

2097152

Max engine log file size

logstash.location

MODELOP_LOGSTASH_LOCATION

logstash:8093

The host:port where logstash messages should be sent. NOTE: the port is a UDP port, not a TCP port.

modelop.runtime.config-file

MODELOP_RUNTIME_CONFIG_FILE

/config/application.json (default)

The location of the application.json config file

reporting-service.websocket.url

MODELOP_REPORTING_SERVICE_MESSAGES_PATH

http://gateway:8090/reporting-service/messages

The url where internal messages should be sent

MODELOP_REPORTING_SERVICE_MESSAGES_PATH

/reporting-service/messages (default)

The path on the configured gateway to send internal messages

modelop.provider.token-uri

MODELOP_OAUTH_SERVER_URL

https://host.of.oauth.server/as/token.oauth2

The URI of the oauth server (if present)

modelop.runtime.client-id

MODELOP_OAUTH_CLIENT_ID

moc-runtime

The OAuth client id (populates the ‘client_id’ header)

modelop.runtime.client-secret

MODELOP_OAUTH_CLIENT_SECRET

The OAuth client secret (populates the ‘client_secret’) header)

modelop.runtime.scope

MODELOP_OAUTH_SCOPE

The OAuth client scope (populates the ‘scope’ header)

modelop.runtime.default-listener-idle-timeout

MODELOP_ENGINE_DEFAULT_LISTENER_IDLE_TIMEOUT

60000 (default), infinity

Number of milliseconds (or ‘infinity’) to wait before timing out incoming REST calls on the default control port (the one specified by MODELOP_API_PORT)

modelop.runtime.roundtrip-listener-idle-timeout

MODELOP_ENGINE_ROUNDTRIP_LISTENER_IDLE_TIMEOUT

60000 (default), infinity

Just like MODELOP_ENGINE_DEFAULT_LISTENER_IDLE_TIMEOUT, but for the roundtrip REST listener

modelop.runtime.allow-dynamic-library-installation

true (default)

Whether or not to attempt to install libraries identified by assets with a role of REQUIRED_LIBRARIES

modelop.runtime.max-input-file-size-bytes

MODELOP_RUNTIME_MAX_INPUT_FILE_SIZE_BYTES

1048576000

The max size of a file being used as an input to a batch job

modelop.runtime.log-input-to-stomp

false (default)

Whether or not to log input records to the STOMP queue

modelop.runtime.log-output-to-stomp

false (default)

Whether or not to log output records to the STOMP queue

modelop.runtime.odbc-enable-bulk-inserts

MODELOP_ODBC_ENABLE_BULK_INSERTS

true (default)

Whether or not to convert individual insert commands into bulk insert commands

modelop.runtime.s3-credentials.stored-credentials

Code Block
    - path: ""
      authenticationType: "BASIC"
      accessKeyId: "my_key"
      secretAccessKey: "my_secret"

A list of credentials

modelop.runtime.s3-credentials.eks-service-account-credentials

Code Block
    - path: "s3.us-east-2.amazonaws.com"
      roleArnEnvVariable: "TEST_ROLE_ARN"
      webIdentityTokenFileEnvVariable: "TEST_TOKEN_FILE"
      sessionPrefix: "testprefixABC"

A list of credentials

modelop.runtime.kafka-credentials (as of 3.1.1)

Code Block
    - bootstrap: my.kafka.server
      client-type: producer
      topic: my-topic
      security_protocol: ssl
      ssl_ca_location: /ssl-stuff/ca-cert
      ssl_keystore_location: /ssl-stuff/kafka.client.keystore.pkcs12
      ssl_keystore_password: "password

‘bootstrap’ must match one of the bootstrap servers in order to activate this credentials block. Furthermore, ‘client-type’ and ‘topic’ can (they are optional) be used to further restrict when this credentials block is activated. Remaining config options are passed to the underlying kafka client and are outlined here: https://github.com/silviucpp/erlkaf/blob/master/CONFIGURATION.md under ‘Client global configs’.

modelop.runtime.kafka-config (as of 3.1.1)

Code Block
    - bootstrap: my.kafka.server
      client-type: consumer
      topic: my-topic
      batch_size: 100

‘bootstrap’, ‘client-type’, and ‘topic’ behave as they do for modelop.runtime.kafka-credentials. The batch_size option sets the batch size when activating the config block for a consumer. Remaining config options are passed to the underlying kafka client and are outlined here: https://github.com/silviucpp/erlkaf/blob/master/CONFIGURATION.md#topic-configuration-properties under ‘Topic configuration properties’.

modelop.runtime.s3-https-proxy

MODELOP_S3_HTTPS_PROXY

proxy_host:port

The https proxy to use when talking to s3

modelop.runtime.s3-http-proxy

MODELOP_S3_HTTP_PROXY

proxy_host:port

The http proxy to use when talking to s3

modelop.runtime.sts-https-proxy

MODELOP_AWS_STS_HTTPS_PROXY

proxy_host:port

The https proxy to use when talking to sts

modelop.runtime.sts-http-proxy

MODELOP_AWS_STS_HTTP_PROXY

proxy_host:port

The http proxy to use when talking to sts

modelop.runtime.sql-credentials

Code Block
  - host: "host1"
    username: "username1"
    password: "password1"

A list of credentials

modelop.runtime.monitoring-package

false (default)

Set to ‘true’ to enable the monitoring package

MODELOP_RUNTIME_PIP3_FREEZE

Set to ‘true’ to run pip freeze before and after installing python requirements attached to a model

MODELOP_RUNTIME_PIP3_UPGRADE

Set to ‘true’ to attempt to upgrade pip before installing python requirements attached to a model

modelop.runtime.in-production

false (default)

Informs the initial value of the Engine inProduction field

modelop.runtime.environment-name

Informs the initial value of the Engine environmentName field

modelop.runtime.pre-3.0-startup

false (default)

Set to ‘true’ to use the older/deprecated mechanism for retrieving a deployed model upon runtime startup. Newer runtimes, by default, use an API on Model Manage that doesn’t exist on pre 3.0 versions.

modelop.runtime.odbc-timeout

5000

Timeout for ODBC calls

modelop.runtime.s3.server-side-encryption.encryption

aws:kms

Set to aws:kms when writing to encrypted s3 buckets configured with the DenyIncorrectEncryptionHeader policy.

...

2. Repeat for the Output Endpoint, as required.

Adding files to a runtime container for purposes of Kerberos or mTLS authentication

Files can be added to a k8s secret or configmap, and then the secret or configmap can be mounted to a specific location in the runtime container’s file system.

  1. Create a secret or configmap that contains the necessary files.

    1. This can be done using kubectl: kubectl create configmap [configmap_name] --from-file [path/to/directory]

    2. This can be done via helm

      1. Place the files you want in your configmap inside a subdirectory of the helm chart: moc/my-files/some.file

      2. In the helm values/override file:

        Code Block
        languagejson
        moc:
          configMaps:
            my-configmap: my-files/*
  2. Mount the secret or configmap on a runtime:

    Code Block
    languagejson
    moc:
      runtimes:
        "my-runtime":
          configMaps:
            my-configmap: /path/to/files/in/container

This will create a configmap called my-configmap that contains a file called some.file and will mount that file into "my-runtime" such that inside the runtime’s container there will exist a file at /path/to/files/in/container/some.file.

Adding Tags to a ModelOp Runtime

...