Helm-Based Function Creation
Helm-Based Function Creation
Cloud FunctionsHelm-Based Function Creation
Cloud functions support helm-based functions for orchestration across multiple containers.
Ensure that your helm charts version does not contain - For example v1 is ok but v1-test will cause issues.
helmChartServiceName during the function definition. This allows Cloud Functions to communicate and make inference requests to the “mini-service” endpoint.The servicePort defined within the helm chart should be used as the inferencePort supplied during function creation. Otherwise, Cloud Functions will not be able to reach the “mini-service”.
All Pod specs in your helm chart will be updated with pull secrets at runtime, so any images are authorized to pull automatically. No other configuration is needed.
Ensure your helm chart is uploaded to your registry and adheres to the helm-prereq listed above.
Create the function:
Include the following additional parameters in the function definition:
helmCharthelmChartServiceNameThe helmChart property should be set to the OCI URL of the helm chart that will deploy the “mini-service”. The helm chart URL should follow the format: oci://${REGISTRY}/${REPOSITORY}/charts/$NAME-X.Y.Z.tgz. The chart name should not contain - in the version string.
The helmChartServiceName is used for checking if the “mini-service” is ready for inference and is also scraped for function metrics. At this time, templatized service names are not supported. This must match the service name of your “mini-service” with the exposed entry point port.
Important: The Helm chart name should not contain underscores or other special symbols, as that may cause issues during deployment.
Example Creation via API
Please see our sample helm chart used in this example for reference.
Below is an example function creation API call creating a helm-based function:
For gRPC-based functions, set "inferenceURL" : "/gRPC". This signals to Cloud Functions that the function is using gRPC protocol and is not expected to have a /gRPC endpoint exposed for inferencing requests.
Multi-node helm deployment
To create a multi-node helm deployment, you need to use the following format for the instanceType:
<CSP>.GPU.<GPU_NAME>_<number of gpus per node>x[.x<number of nodes>]. For example, DGXC.GPU.L40S_1x is a single L40S instance while ON-PREM.GPU.B200_8x.x2 is two full nodes of 8-way B200.
A sample helm chart for a multi-node deployment can be found in the multi-node helm example.
When using Helm Charts to deploy a function, the following limitations need to be taken into consideration.
Progress/partial response reporting is not supported, including any additional artifacts generated during inferencing. Consider opting for HTTP streaming or gRPC bidirectional support.
Helm charts must conform to certain security standards to be deployable as a function. This means that certain helm and Kubernetes features are restricted in NVCF backends. NVCF will process your helm chart on function creation, then later on deployment with your Helm values and other deployment metadata, to ensure standards are enforced.
NVCF may automatically modify certain objects in your chart so they conform to these standards; it will only do so if modification will not break your chart when it is installed in the targeted backend. Possible areas amenable to modification will be noted in the restrictions section below. Any standard that cannot be enforced by modification will result in error(s) during function creation.
Restrictions
Supported k8s artifacts under Helm Chart Namespace are listed below; others will be rejected:
type: ClusterIP or none)A rendered Helm chart may contain a maximum of 300 of the aforementioned objects.
The only allowed Pod or Pod template volume types are:
configMapsecretprojected.sources.* of any of the abovepersistentVolumeClaimemptyDirNo chart hooks are allowed; if specified in the chart, they will not be executed.
CustomResourceDefinitions in helm charts will be skipped on installation. There is no need to modify your chart to remove them from helm template output for NVCF.
Helm charts should conform to these additional security standards. While not enforced now, they will be at a later date.
cpu and memory (and nvidia.com/gpu, ephemeral-storage if required for certain containers).securityContext’s conform to these parameters:
automountServiceAccountToken must be unset or set to falserunAsNonRoot must be explicitly set to truehostIPC, hostPID, and hostNetwork must be unset or set to falseTo override keys in your helm chart values.yml, you can provide the configuration parameter and supply corresponding key-value pairs in JSON format which you would like to be overridden when the function is deployed.