Skip to content

Using Kubernetes resources for runs

This page describes the Kubernetes-related options you can pass to function.run() (or to task specs). To better understand the Kubernetes configuration options, refer to the Kubernetes documentation.

Quick checklist

Resources

Declare hardware requests/limits using the resources map. Supported keys: cpu and mem. Each is an object with optional requests and limits strings.

The SDK validates resource strings with a simple pattern (digits or digits+unit). Examples:

resources = {
    "cpu": {"requests": "2", "limits": "4"},
    "mem": {"requests": "4Gi", "limits": "8Gi"}
}

For GPU selection you need to use a profile (see below) depending on your cluster setup.

Profile

Profiles are templates administrators provide to request specific hardware (for example GPUs). Ask your administrator for available profiles.

# Request 1 GPU A100
profile = "1xa100"

Volumes

Supported volume types: persistent_volume_claim, empty_dir, ephemeral. Each volume requires volume_type, name, mount_path and optionally a spec.

Persistent volume claims (PVC)

Mount a PVC into the container by declaring a persistent_volume_claim volume and an optional spec.size.

volumes = [{
    "volume_type": "persistent_volume_claim",
    "name": "my-pvc",
    "mount_path": "/data",
    "spec": {"size": "1Gi"}
}]

EmptyDir

Use empty_dir for ephemeral in-memory or node-local storage. Provide spec.size_limit (optional) and spec.medium where supported.

volumes = [{
    "volume_type": "empty_dir",
    "name": "my-empty-dir",
    "mount_path": "/data",
    "spec": {"size_limit": "1Gi"}
}]

Ephemeral volumes

The SDK also supports ephemeral volumes (model name: SpecEphemeral). Use this when the runtime exposes ephemeral volume handling; spec.size is optional.

volumes = [{
    "volume_type": "ephemeral",
    "name": "tmp-ephemeral",
    "mount_path": "/tmp",
    "spec": {"size": "500Mi"}
}]

Secrets and Envs

Inject secret names into the pod environment via secrets (list of strings). It uses existing digitalhub Secrets as reference. Set environment variables as a list of {name, value} objects.

secrets = ["my-secret"]
envs = [{"name": "ENV_NAME", "value": "value"}]

Service port and type

Expose services using service_ports (list of {port, target_port}) and service_type (ClusterIP, LoadBalancer, NodePort, ExternalName).

service_ports = [{"port": 80, "target_port": 80}]
service_type = "NodePort"

Security context

Set run_as_user and run_as_group (integers) to control the UID/GID the container runs as. Set fs_group (integer) to control the GID for the filesystem.

run_as_user = 1000
run_as_group = 1000
fs_group = 1000

Replicas

Specify the number of replicas for pod/deployment (integer). Some runtimes use this to create a deployment instead of a single pod.

replicas = 3

Node selector

Request a node selector for the pod launched by the task. The SDK accepts a list of objects with key/value.

node_selector = [{"key": "kubernetes.io/arch", "value": "amd64"}]

Affinity

Please see Kubernetes documentation on affinity and anti-affinity.

Tolerations

Please see Kubernetes documentation on taints and tolerations.

Runtime class and priority class

TODO.