The workspace value of the Helm chart provides the ability to add configuration for all jobs that are spun up by the agent, across all repositories. To add secrets or mounted volumes to all Kubernetes Pods, you can specify your desired configuration under this value.
Additionally, the imagePullSecrets value allows you to specify a list of secrets that should be included when pulling the images for your containers.
When adding a code location to Dagster+ with a Kubernetes agent, you can use the container_context key on the location configuration to add additional Kubernetes-specific configuration. If you're using the Dagster+ Github action, the container_context key can also be set for each location in your dagster_cloud.yaml file, using the same format.
The following example dagster_cloud.yaml file illustrates the available fields:
# dagster_cloud.yamllocations:-location_name: cloud-examples
image: dagster/dagster-cloud-examples:latest
code_source:package_name: dagster_cloud_examples
container_context:k8s:env_config_maps:- my_config_map
env_secrets:- my_secret
env_vars:- FOO_ENV_VAR=foo_value
- BAR_ENV_VAR
image_pull_policy: Always
image_pull_secrets:-name: my_image_pull_secret
labels:my_label_key: my_label_value
namespace: my_k8s_namespace
service_account_name: my_service_account_name
volume_mounts:-mount_path: /opt/dagster/test_mount_path/volume_mounted_file.yaml
name: test-volume
sub_path: volume_mounted_file.yaml
volumes:-name: test-volume
config_map:name: test-volume-configmap
server_k8s_config:# Raw kubernetes config for code servers launched by the agentpod_spec_config:# Config for the code server pod specnode_selector:disktype: standard
pod_template_spec_metadata:# Metadata for the code server podannotations:mykey: myvalue
deployment_metadata:# Metadata for the code server deploymentannotations:mykey: myvalue
service_metadata:# Metadata for the code server serviceannotations:mykey: myvalue
container_config:# Config for the main dagster container in the code server podresources:limits:cpu: 100m
memory: 128Mi
run_k8s_config:# Raw kubernetes config for runs launched by the agentpod_spec_config:# Config for the run's PodSpecnode_selector:disktype: ssd
container_config:# Config for the main dagster container in the run podresources:limits:cpu: 500m
memory: 1024Mi
pod_template_spec_metadata:# Metadata for the run podannotations:mykey: myvalue
job_spec_config:# Config for the Kubernetes job for the runttl_seconds_after_finished:7200job_metadata:# Metadata for the Kubernetes job for the runannotations:mykey: myvalue
Using the container_context.k8s.env_vars and container_context.k8s.env_secrets properties, you can specify environment variables and secrets for a specific code location. For example:
A list of environment variable names to inject into the job, formatted as KEY or KEY=VALUE. If only KEY is specified, the value will be pulled from the current process.
env_secrets
A list of secret names, from which environment variables for a job are drawn using envFrom. Refer to the Kubernetes documentation for more info.
Refer to the following guides for more info about environment variables:
To add configuration to specific Dagster jobs, ops, or assets, use the dagster-k8s/config tag. For example, to specify that a job should have certain resource limits when it runs. Refer to Customizing your Kubernetes deployment for Dagster Open Source for more info.
Starting in 0.14.0, the provided docker.io/dagster/dagster-cloud-agent image offers a non-root user with id 1001. To run the agent with this user, you can specify the dagsterCloudAgent value in the Helm chart to be: