Persistent Storage for Machine Learning on Kubernetes via PostgreSQL

Question

Pulumi · Accepted Answer

To set up persistent storage for a machine learning application on Kubernetes, we'll need to deploy a PostgreSQL database, which is commonly used for durable storage needs. Pulumi provides resources for deploying and managing a PostgreSQL instance easily.

For Kubernetes, Pulumi's PostgreSQL provider can help you set up a PostgreSQL database on your Kubernetes cluster. However, the PostgreSQL provider itself doesn't create a Kubernetes deployment. Instead, you would typically use the PostgreSQL provider to create and manage the database and its schemas once you have your PostgreSQL database running inside Kubernetes.

For the Kubernetes deployment, you could use a pre-built PostgreSQL Docker image and deploy it using Pulumi's Kubernetes provider. To achieve persistent storage, we'll use a PersistentVolumeClaim (PVC) that ensures the data stored in the database remains available even if the pods that make up the deployment are destroyed or recreated.

Below is a Pulumi program that will set up a PostgreSQL deployment on Kubernetes with a PersistentVolumeClaim for storage. This program will:

1. Create a PVC for persistent storage across pod re-scheduling.
2. Deploy a PostgreSQL database using a standard Docker image.
3. Expose the PostgreSQL service within the Kubernetes cluster for your applications to connect to.

```python
import pulumi
from pulumi_kubernetes.core.v1 import Service
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import PersistentVolumeClaim

# Define the PVC for persistent data storage
postgres_storage = PersistentVolumeClaim(
    "postgres-storage",
    spec={
        "accessModes": ["ReadWriteOnce"],
        "resources": {
            "requests": {
                "storage": "10Gi"
            }
        }
    }
)

# Define the Deployment for PostgreSQL
postgres_deployment = Deployment(
    "postgres-deployment",
    spec={
        "selector": {
            "matchLabels": {
                "app": "postgres"
            }
        },
        "replicas": 1,
        "template": {
            "metadata": {
                "labels": {
                    "app": "postgres"
                }
            },
            "spec": {
                "containers": [{
                    "name": "postgres",
                    "image": "postgres:latest", # Or a specific version like "postgres:13"
                    "ports": [{
                        "containerPort": 5432, # Default PostgreSQL port
                    }],
                    "env": [
                        {
                            "name": "POSTGRES_PASSWORD",
                            "value": "secretpassword" # Replace with your desired password
                        }
                    ],
                    "volumeMounts": [{
                        "mountPath": "/var/lib/postgresql/data",
                        "name": "postgres-storage"
                    }]
                }],
                "volumes": [{
                    "name": "postgres-storage",
                    "persistentVolumeClaim": {
                        "claimName": postgres_storage.metadata["name"]
                    }
                }]
            }
        }
    }
)

# Expose PostgreSQL through a Service
postgres_service = Service(
    "postgres-service",
    spec={
        "type": "ClusterIP",
        "ports": [{
            "port": 5432, # PostgreSQL port
            "targetPort": 5432
        }],
        "selector": {
            "app": "postgres"
        }
    }
)

# Export the Service name and internal cluster IP address of PostgreSQL
pulumi.export('postgres_service_name', postgres_service.metadata['name'])
pulumi.export('postgres_service_internal_ip', postgres_service.spec['cluster_ip'])
```

**Explanation:**
- The `PersistentVolumeClaim` requests a storage volume of 10 GiB with a `ReadWriteOnce` access mode, meaning it can be mounted as read-write by a single node.
- The `Deployment` object for PostgreSQL specifies a single replica with the PostgreSQL Docker image. It exposes port 5432 and mounts the volume onto the path PostgreSQL uses for data storage, making sure that data will persist beyond the pod's lifecycle.
- The `Service` object defines how the PostgreSQL deployment is exposed inside the cluster. In this case, it's set up as a `ClusterIP`, which gives it an internal IP address only reachable from within the cluster.

After you require this persistent storage for deploying machine learning models, this will allow the models to interact with the PostgreSQL database for durable storage operations. Make sure to replace `"secretpassword"` with an actual strong password or inject it via secure configuration.

Feel free to add more environment variables or configurations that suit your security practices, like setting up user roles, databases, and others as needed.

To deploy this, simply run `pulumi up` after saving the code in a Python file. Pulumi will create the resources in the order specified and manage the lifecycle as you update your infrastructure code.