Add a compute pool to an app with containers¶

The topic describes how to use compute pools in a Snowflake Native Apps with Snowpark Container Services.

About compute pools in apps with containers¶

A compute pool is a collection of one or more virtual machine (VM) nodes on which Snowflake runs your Snowpark Container Services. An app with containers uses a compute pool in the consumer account to manage the container images required by the app.

An app can create multiple compute pools and each compute pool is exclusive to the app. Compute pools used by the app cannot be used for other purposes.

Containers within an app can directly access each other, even if they are in different compute pools.

However, using different compute pools allows providers to separate types of services. For example, a provider can separate their frontend services from backend services.

Compute pools are account-level objects, meaning the name of each compute pool must be unique within the consumer account.

Create a compute pool for an app¶

There are two ways to create a compute pool for an app with containers:

  • The app creates the compute pools required during installation. This requires that the consumer grants the CREATE COMPUTE POOL privilege on the compute pool to the app. A provider can configure the app to request these privileges using Snowsight.

    See Configure an app to request the CREATE COMPUTE POOL privilege for more information.

  • The consumer manually creates the compute pools required by the app. The consumer must run the CREATE COMPUTE POOL to create the compute pool, then manually grant the CREATE COMPUTE POOL privilege on the compute pool to the app.

Configure an app to request the CREATE COMPUTE POOL privilege¶

Providers can configure an app to request the CREATE COMPUTE POOL privilege. They can also create the compute pool from the setup script when the app is installed or upgraded.

Note

An app can create a maximum of five compute pools in a consumer account. Contact Snowflake support if your app needs to create additional compute pools.

Request the CREATE COMPUTE POOL privilege¶

An app can request the CREATE COMPUTE POOL privileges from a consumer. This privilege allows the app to create a compute pool in the consumer account. See Request global privileges from consumers for general information about requesting global privileges from the consumer.

To request the CREATE COMPUTE POOL privilege from a consumer, add the CREATE COMPUTE POOL privilege to the manifest.yml file as shown in the following example:

...
privileges:
 - CREATE COMPUTE POOL
   description: "Enable application to create one to five compute pools"
 ...
Copy

See Create the manifest file for an app with containers for more information on creating the manifest.yml file for an app with containers.

Note

The behavior for the CREATE COMPUTE POOL privilege request within a container app is different than other privilege requests. When you add this privilege to the manifest.yml file, Snowsight displays an interface that allows a consumer to grant the required privileges.

Add the CREATE COMPUTE POOL command to the setup script¶

To create a compute pool in the consumer account add the CREATE COMPUTE POOL command to the setup script of the app.

The following example shows how to create a compute pool within a stored procedure in the setup script:

CREATE COMPUTE POOL IF NOT EXISTS app_compute_pool
  MIN_NODES = 1
  MAX_NODES = 1
  INSTANCE_FAMILY = standard_1
  AUTO_RESUME = true;
Copy

Note

When creating a compute pool within the app, providers should check that the provider has granted the CREATE COMPUTE POOL privilege before creating the compute pool.

Compute pools that an app creates are owned exclusively by that app. They cannot be used by other applications or by the consumer directly.

In general, users in the consumer account can only see compute pools created by the app in the following situations:

  • The user has been granted the MANAGE GRANTS privilege.

  • The app grants access to the compute pool using application roles.

However, users with the ACCOUNTADMIN role can suspend, stop, and resume a compute pool even if it is owned by an app.

Prefix the compute pool within the setup script¶

Because compute pools are account-level objects, compute pool names must be unique within the consumer account. The following example shows how to use the application name as a prefix of the compute pool name:

LET POOL_NAME := (select current_database()) || '_app_pool';
CREATE COMPUTE POOL IF NOT EXISTS identifier(:pool_name)
  MIN_NODES = 1
  MAX_NODES = 1
  INSTANCE_FAMILY = STANDARD_2;
Copy

Best practices for using compute pools in an app with containers¶

Providers should consider the following when creating compute pools in the consumer account:

  • Compute pools have cost implications. It is important to set values for the min_nodes, max_nodes, and instance_family properties to consume the correct amount of resources. Providers should also set the AUTO_SUSPEND_SECS property to automatically suspend computer pools when they are inactive.

    See CREATE COMPUTE POOL for more information.

  • Because compute pools are account-level objects, compute pool names must be unique within the consumer account. Consider using the application name as a prefix of the compute pool name.