apiVersion: apps/v1
kind: Deployment
metadata:
  name: mlflow
  namespace: geocrop
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mlflow
  template:
    metadata:
      labels:
        app: mlflow
    spec:
      containers:
      - name: mlflow
        image: ghcr.io/mlflow/mlflow:v2.10.2
        command:
          - mlflow
          - server
          - --host=0.0.0.0
          - --port=5000
          - --backend-store-uri=postgresql://postgres:$(DB_PASSWORD)@geocrop-db:5433/geocrop_gis
          - --default-artifact-root=s3://geocrop-models/mlflow-artifacts
        env:
        - name: DB_PASSWORD
          valueFrom:
            secretKeyRef:
              name: geocrop-db-secret
              key: password
        - name: AWS_ACCESS_KEY_ID
          valueFrom:
            secretKeyRef:
              name: geocrop-secrets
              key: minio-access-key
        - name: AWS_SECRET_ACCESS_KEY
          valueFrom:
            secretKeyRef:
              name: geocrop-secrets
              key: minio-secret-key
        - name: MLFLOW_S3_ENDPOINT_URL
          value: http://minio.geocrop.svc.cluster.local:9000
        ports:
        - containerPort: 5000
        # No resource limits defined to allow maximum utilization during heavy training syncs
---
apiVersion: v1
kind: Service
metadata:
  name: mlflow
  namespace: geocrop
spec:
  ports:
  - port: 5000
    targetPort: 5000
  selector:
    app: mlflow
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: mlflow-ingress
  namespace: geocrop
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - ml.techarvest.co.zw
    secretName: mlflow-tls
  rules:
  - host: ml.techarvest.co.zw
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: mlflow
            port:
              number: 5000