pytorch · yangw-dev · Apr 6, 2026 · Apr 6, 2026 · Apr 6, 2026
diff --git a/...bernetes/git-cache/central-configmap.yaml → ...tes/base/git-cache/central-configmap.yaml b/...bernetes/git-cache/central-configmap.yaml → ...tes/base/git-cache/central-configmap.yaml
diff --git a/...s/git-cache/central-headless-service.yaml → ...e/git-cache/central-headless-service.yaml b/...s/git-cache/central-headless-service.yaml → ...e/git-cache/central-headless-service.yaml
diff --git a/...es/git-cache/central-metrics-service.yaml → ...se/git-cache/central-metrics-service.yaml b/...es/git-cache/central-metrics-service.yaml → ...se/git-cache/central-metrics-service.yaml
diff --git a/...kubernetes/git-cache/central-pdb.yaml.tpl → ...netes/base/git-cache/central-pdb.yaml.tpl b/...kubernetes/git-cache/central-pdb.yaml.tpl → ...netes/base/git-cache/central-pdb.yaml.tpl
diff --git a/...kubernetes/git-cache/central-service.yaml → ...netes/base/git-cache/central-service.yaml b/...kubernetes/git-cache/central-service.yaml → ...netes/base/git-cache/central-service.yaml
diff --git a/...es/git-cache/central-statefulset.yaml.tpl → ...se/git-cache/central-statefulset.yaml.tpl b/...es/git-cache/central-statefulset.yaml.tpl → ...se/git-cache/central-statefulset.yaml.tpl
diff --git a/...rnetes/git-cache/daemonset-configmap.yaml → ...s/base/git-cache/daemonset-configmap.yaml b/...rnetes/git-cache/daemonset-configmap.yaml → ...s/base/git-cache/daemonset-configmap.yaml
diff --git a/.../base/kubernetes/git-cache/daemonset.yaml → .../kubernetes/base/git-cache/daemonset.yaml b/.../base/kubernetes/git-cache/daemonset.yaml → .../kubernetes/base/git-cache/daemonset.yaml
diff --git a/osdc/base/kubernetes/git-cache/deploy.sh → .../base/kubernetes/base/git-cache/deploy.sh b/osdc/base/kubernetes/git-cache/deploy.sh → .../base/kubernetes/base/git-cache/deploy.sh
diff --git a/...e/kubernetes/git-cache/kustomization.yaml → ...ernetes/base/git-cache/kustomization.yaml b/...e/kubernetes/git-cache/kustomization.yaml → ...ernetes/base/git-cache/kustomization.yaml
diff --git a/osdc/base/kubernetes/git-cache/rbac.yaml → .../base/kubernetes/base/git-cache/rbac.yaml b/osdc/base/kubernetes/git-cache/rbac.yaml → .../base/kubernetes/base/git-cache/rbac.yaml
diff --git a/...rnetes/git-cache/scripts/python/.coverage → ...s/base/git-cache/scripts/python/.coverage b/...rnetes/git-cache/scripts/python/.coverage → ...s/base/git-cache/scripts/python/.coverage
diff --git a/...s/git-cache/scripts/python/central_lib.py → ...e/git-cache/scripts/python/central_lib.py b/...s/git-cache/scripts/python/central_lib.py → ...e/git-cache/scripts/python/central_lib.py
diff --git a/...git-cache/scripts/python/daemonset_lib.py → ...git-cache/scripts/python/daemonset_lib.py b/...git-cache/scripts/python/daemonset_lib.py → ...git-cache/scripts/python/daemonset_lib.py
diff --git a/...-cache/scripts/python/test_central_lib.py → ...-cache/scripts/python/test_central_lib.py b/...-cache/scripts/python/test_central_lib.py → ...-cache/scripts/python/test_central_lib.py
diff --git a/...ache/scripts/python/test_daemonset_lib.py → ...ache/scripts/python/test_daemonset_lib.py b/...ache/scripts/python/test_daemonset_lib.py → ...ache/scripts/python/test_daemonset_lib.py
diff --git a/...ernetes/git-cache/tests/smoke/conftest.py → ...es/base/git-cache/tests/smoke/conftest.py b/...ernetes/git-cache/tests/smoke/conftest.py → ...es/base/git-cache/tests/smoke/conftest.py
diff --git a/...s/git-cache/tests/smoke/test_git_cache.py → ...e/git-cache/tests/smoke/test_git_cache.py b/...s/git-cache/tests/smoke/test_git_cache.py → ...e/git-cache/tests/smoke/test_git_cache.py
diff --git a/osdc/base/kubernetes/harbor-namespace.yaml → ...ase/kubernetes/base/harbor-namespace.yaml b/osdc/base/kubernetes/harbor-namespace.yaml → ...ase/kubernetes/base/harbor-namespace.yaml
diff --git a/osdc/base/kubernetes/base/kustomization.yaml b/osdc/base/kubernetes/base/kustomization.yaml
@@ -0,0 +1,10 @@
+# Base Kubernetes resources shared across ALL providers (EKS, GKE, etc.).
+# Provider-specific resources go in overlays/<provider>/.
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - harbor-namespace.yaml
+  - nvidia-device-plugin.yaml
+  - registry-mirror-config.yaml
+  - git-cache/
diff --git a/...base/kubernetes/nvidia-device-plugin.yaml → ...kubernetes/base/nvidia-device-plugin.yaml b/...base/kubernetes/nvidia-device-plugin.yaml → ...kubernetes/base/nvidia-device-plugin.yaml
diff --git a/...se/kubernetes/registry-mirror-config.yaml → ...bernetes/base/registry-mirror-config.yaml b/...se/kubernetes/registry-mirror-config.yaml → ...bernetes/base/registry-mirror-config.yaml
diff --git a/osdc/base/kubernetes/kustomization.yaml b/osdc/base/kubernetes/kustomization.yaml
@@ -1,16 +1,12 @@
 # Base Kubernetes resources applied to EVERY cluster.
-# These are cluster-agnostic and required regardless of which modules are enabled.
+# Shared (provider-agnostic) resources live in base/.
+# Provider-specific resources live in overlays/<provider>/.
 #
-# Module-specific resources belong in osdc/<module>/kubernetes/ instead.
+# This top-level kustomization points to the EKS overlay for backward
+# compatibility — deploy-base's `kubectl apply -k base/kubernetes/` works
+# unchanged. Future providers (GKE, AKS) use their own overlay directly.
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-  - storageclass-gp3.yaml
-  - node-performance-tuning.yaml
-  - nvidia-device-plugin.yaml
-  - harbor-namespace.yaml
-  - git-cache/
-  - registry-mirror-config.yaml
-  # NOTE: Namespaces for modules (arc-runners, arc-systems, buildkit, etc.)
-  # are created by the module's own kubernetes/ directory, not here.
+  - overlays/eks
diff --git a/osdc/base/kubernetes/overlays/eks/kustomization.yaml b/osdc/base/kubernetes/overlays/eks/kustomization.yaml
@@ -0,0 +1,8 @@
+# EKS overlay: shared base + EKS-specific resources.
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
+  - storageclass-gp3.yaml
+  - node-performance-tuning.yaml
diff --git a/...e/kubernetes/node-performance-tuning.yaml → ...overlays/eks/node-performance-tuning.yaml b/...e/kubernetes/node-performance-tuning.yaml → ...overlays/eks/node-performance-tuning.yaml
diff --git a/osdc/base/kubernetes/storageclass-gp3.yaml → ...rnetes/overlays/eks/storageclass-gp3.yaml b/osdc/base/kubernetes/storageclass-gp3.yaml → ...rnetes/overlays/eks/storageclass-gp3.yaml
diff --git a/osdc/base/kubernetes/overlays/gke/kustomization.yaml b/osdc/base/kubernetes/overlays/gke/kustomization.yaml
@@ -0,0 +1,8 @@
+# GKE overlay: shared base + GKE-specific resources.
+# Consumer adds GKE-specific resources (StorageClass, etc.) via patches or
+# by overriding this overlay in their own modules/ directory.
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
diff --git a/osdc/justfile b/osdc/justfile
@@ -83,7 +83,7 @@ kubeconfig cluster:
 # BOOTSTRAP
 # ============================================================================
 
-# Bootstrap S3 state bucket + DynamoDB lock table for a cluster
+# Bootstrap remote state storage for a cluster (S3/GCS, auto-detected)
 bootstrap cluster:
     @OSDC_ROOT="{{ROOT}}" OSDC_UPSTREAM="{{UPSTREAM}}" CLUSTERS_YAML="{{CLUSTERS_YAML}}" {{SCRIPTS}}/bootstrap-state.sh {{cluster}}
 

diff --git a/osdc/scripts/bootstrap-state-gcp.sh b/osdc/scripts/bootstrap-state-gcp.sh
@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+set -euo pipefail
+#
+# Bootstrap GCS state bucket for a GCP cluster.
+#
+# Creates:
+#   - GCS bucket for state storage (versioned, uniform IAM)
+#
+# GCS provides native state locking — no DynamoDB equivalent needed.
+#
+# Usage:
+#   ./scripts/bootstrap-state-gcp.sh <cluster-id>
+#
+# Idempotent: safe to run multiple times.
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+# shellcheck source=/dev/null
+source "$SCRIPT_DIR/mise-activate.sh"
+CONFIG_PY="$SCRIPT_DIR/cluster-config.py"
+
+CLUSTER="${1:?Usage: $0 <cluster-id>}"
+PROJECT=$(uv run "$CONFIG_PY" "$CLUSTER" gcp_project)
+BUCKET=$(uv run "$CONFIG_PY" "$CLUSTER" state_bucket)
+REGION=$(uv run "$CONFIG_PY" "$CLUSTER" region)
+
+echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+echo "Bootstrapping state for: $CLUSTER"
+echo "  Bucket: $BUCKET (region: $REGION)"
+echo "  Project: $PROJECT"
+echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+
+if gcloud storage buckets describe "gs://${BUCKET}" --project="${PROJECT}" >/dev/null 2>&1; then
+  echo "  Bucket '${BUCKET}' already exists, skipping create."
+else
+  echo "  Creating bucket '${BUCKET}'..."
+  gcloud storage buckets create "gs://${BUCKET}" \
+    --project="${PROJECT}" \
+    --location="${REGION}" \
+    --uniform-bucket-level-access
+fi
+
+echo "  Enabling versioning..."
+gcloud storage buckets update "gs://${BUCKET}" --versioning
+
+echo "  Done."
+echo ""
+echo "State bootstrapping complete."
diff --git a/osdc/scripts/bootstrap-state.sh b/osdc/scripts/bootstrap-state.sh
@@ -24,6 +24,15 @@ STATE_REGION="us-west-2"
 
 bootstrap_cluster() {
   local cluster_id="$1"
+  local cloud
+  cloud=$(uv run "$CONFIG_PY" "$cluster_id" cloud aws)
+
+  # Non-AWS providers have their own bootstrap script
+  if [[ "$cloud" != "aws" ]]; then
+    "$SCRIPT_DIR/bootstrap-state-${cloud}.sh" "$cluster_id"
+    return
+  fi
+
   local bucket
   bucket=$(uv run "$CONFIG_PY" "$cluster_id" state_bucket)