Jon Keam jkeam

OpenShift AI Ingress

Introduction

Wonderful Diagram of how KServe works from the docs

  +----------------------+        +-----------------------+      +--------------------------+
  |Istio Virtual Service |        |Istio Virtual Service  |      | K8S Service              |
  |                      |        |                       |      |                          |

Create Read Only Servicemesh User

Create user named ossm-viewer using htpasswd
Either make the user a cluster-reader

oc adm policy add-cluster-role-to-user cluster-reader ossm-viewer

Or apply the following yaml

Service Registry Script

API Designer

Link

Designer

Based off of this

Running Local Llama

Installation

I'm using a Mac, sooooooooooo these instructions are Apple-esque.

brew install ollama

Rosa Installation Readme

First, I wanted to say our docs are great, so any of my notes here will just at best be as good -- but most likely worse than the real docs.

Docs

Awesome Official Docs
ROSA Workshop - Although a bit dated, still has lots of gotchas that are still applicable

	from urllib.request import urlopen
	from re import sub

	def read(version:str) -> None:
	with urlopen(f"https://mirror.openshift.com/pub/openshift-v4/clients/ocp/{version}/release.txt") as f:
	contents = f.read().decode('utf-8').split('\n')
	for content in contents:
	if 'quay.io' in content:
	line = sub(r"^\s[\w-]+\s", "", content)
	print(f" - name: {line}")

	#!/bin/bash

	# This script tries to gracefully shutdown a 3-node / "compact" OCP cluster
	# There seems to be some coordination required when shutting down
	# when ODF, Logging, and Virtualization are deployed.

	CLUSTER_NAME="your-cluster-name-here"
	OC_BIN=/usr/local/bin/oc
	KUBECONFIG=~/.kube/config
	OC_CMD="$OC_BIN --kubeconfig=$KUBECONFIG"

	[Unit]
	Description=Pi-Hole Podman Container
	After=firewalld.service

	[Service]
	ExecStart=/usr/bin/podman run --name pihole -p 7053:53/tcp -p 7053:53/udp -p 7067:67/udp -p 7080:80/tcp -v /home/jkeam/dev/projects/pi-hole/podman/dnsmasq:/etc/pihole -v /home/jkeam/dev/projects/pi-hole/podman/pihole:/etc/dnsmasq.d -e TZ="America/New_York" -e WEBPASSWORD="awesomepassword" -e FTLCONF_LOCAL_IPV4="192.168.1.201" -e DHCP_ACTIVE=true -e DHCP_START="192.168.1.202" -e DHCP_END="192.168.1.254" -e DHCP_ROUTER="192.168.1.1" -e DHCP_rapid_commit=true --hostname pi -e VIRTUAL_HOST="pi" -e PROXY_LOCATION="pi" -e INTERFACE="tap0" --security-opt label=disable --cap-add=NET_ADMIN --cap-add=NET_RAW --cap-add=CAP_AUDIT_WRITE --net=slirp4netns:port_handler=slirp4netns --dns=127.0.0.1 --dns=1.1.1.1 --restart=always docker.io/pihole/pihole:latest
	ExecStop=/usr/bin/podman stop -t 2 pihole
	ExecStopPost=/usr/bin/podman rm pihole

	[Install]

	FROM registry.access.redhat.com/ubi9/python-311:1-52.1712567218

	# Build args mainly for asset compilation
	ARG DJANGO_SECRET_KEY
	ARG REDIS_URL
	ARG DJANGO_ADMIN_URL
	ARG SPARKPOST_API_KEY
	ARG CARE_OFFICE_PASSWORD
	ARG DJANGO_AWS_ACCESS_KEY_ID
	ARG DJANGO_AWS_SECRET_ACCESS_KEY

	python manage.py shell
	from django.core.management.utils import get_random_secret_key
	print(get_random_secret_key())