Create a Jupyter account for GCP and transfer the gke.mybinder.org project there #427
Comments
|
Update from meeting with Karan: The main thing we need to do is more the binderhub project outside of Karan's org (which is a Google org account) and into some other org. I don't think it matters what org this is, because the billing account (attached to Fernando) should stay the same regardless. A few options:
Also just another note, we have about $60,000 in credits remaining, and we have until December 22nd to spend them. |
|
My vote is to create a jupyter.org Google Cloud Org, and move it there. However, maybe you need a google workspace account to 'create' an org? Also the current binderhub project is not under any organization:
So I'm not sure what Karan means? |
|
On Sun, Aug 8, 2021 at 11:51 PM Yuvi Panda ***@***.***> wrote:
My vote is to create a jupyter.org Google Cloud Org, and move it there.
Orgs are free, so we should 'just do it'.
Yup, that sounds like a good plan! Even if for now it's mostly a
single-task account for binder, it could come in handy in the future to
manage other Jupyter services hosted on GCP. We're gradually organizing
working groups around various areas better in Jupyter itself (see e.g. the
security stuff recently led by Rollin, Rick and Tiffany). This goes in that
same direction, so +1 from me.
|
|
for creating a jupyter.org GCP org, what is the pathway to doing this? Does it need to be done by a specific person (e.g. who has access to the Jupyter Google Workspaces account or something)? @fperez perhaps this is something to discuss with the governance team? |
|
Could somebody please point me in a direction here? We are getting close to the end-date of the current credits, and it's not going to look good if we still haven't satisfied Karan's request by then. I need guidance on: how can I create a I've also updated the top comment with (I think) the next steps that need to happen |
|
@choldgraf to create a GCP organization, this is a starting point I think.
PS: GCP organization names can have a display name and an id that must be unique. I like the idea of using the id |
|
I'd love to learn about the project migration process so I'd be very happy to take part of this in any way. |
Proposal (any objections?)I'd like to propose the following actions, I welcome guidance from others to let me know if we should instead open up a JEP about this:
|
choldgraf
changed the title
|
Do we need more 👍 on #427 (comment)? To me it looks like enough people have said yes and we have people who want to implement it. That means the next step is to work on it. Is that how everyone else sees it as well or is there something else we need to take care of first? |
|
Thanks for nudging this onwards @betatim! @choldgraf should we try get some work done with regards to this today? We may require control of the jupyter.org domain to do this, but I'm not sure. What domain registration service is used to manage jupyter.org currently? I think we may need access to it in order to set a TXT entry or similar to proove ownership to GCP as part of this. |
|
@consideRatio DNS recoreds for jupyter.org are managed via cloudflare. Although I don't use lastpass, it was what was used to share the password with me. I've added your email to lastpass so you should have access to this as well. |
|
Thanks @yuvipanda, I've verified access and I'm all set! |
|
@betatim i do have the same impression. @consideRatio I'd love to have a quick session today to understand whether it will be complicated or not. |
|
OK @consideRatio and I just spent several hours trying to figure this out (thank you so much @consideRatio) and we made some progress but hit some roadblocks. Here's an update: What we did
We think that the problem is that the Billing Account powering the GCP project is linked to the So I've sent an email to Karan giving him an update about the same steps above, and asking if he can help us figure out the next step. I think out optimal outcome here would be:
That way, we can have a GCP organizational account that is tied to "The Jupyter Project's DNS record", instead of to UC Berkeley. Tasks to follow-up
|
Do you have more information on this? I don't see any link between the project and berkeley with the access I have. Berkeley also doesn't have any requirements around projects being funded by them required to be in the berkeley.edu org (the data8x hub is funded with a chart string and isn't in their org, and that isn't a requirement). |
Update: conversation with Karan and the GCP team@consideRatio and I spent another hour talking to some GCP folks this morning, and we confirmed a few things and also have some more next steps. Where the Where is the billing account for the Why can't we just move the A few optionsHere are a few options that we could follow:
There is an extra consideration they brought up about where to move the project. Apparently running our own Google Cloud organization will make us lose some benefits that the academic organizations get - this would primarily by (1) lower egress fees, (2) a 20% discount, and (3) more dedicated support. However, speaking with @consideRatio, it seems like none of these would be deal-breakers, and the benefits of using a jupyter-specific organization probably outweigh the costs. Tasks to follow upI think that these are the next steps
The rationale here is that it'd be nice if we can get Berkeley to let us move accounts, but it will be catastrophic if Binder runs out of credits on GCP. So we should focus on that, and only put time into transferring our pre-existing credits if we know it will be worth it. I'll update #463 with more information about next steps there. 🙏 THANK YOU @consideRatio for joining these conversations! |
|
This is now completed! Close by #470 |
|
Heroic! Thanks for persevering. |
|
Nice! The one thing that I've lost track of is: has the project moved or not? The "closed by #470" made me think "aha that issue will explain it to me" but from a quick look the issue is about updating contact info but I couldn't work out what that meant in terms of "did we move or not?" |
|
The GCP org is created, the binderhub GCP project moved, and the associated billing account is moved! We are entirely based on in the GCP organization called |
|
Whoop! Can you add [email protected] to the |
|
Done! See gitter for a link of relevance! |
|
Naive question: what is the difference between being a member of a GCP org vs a project? I believe the permissions of the binderhub project haven't changed at all, but we should make sure that all team members have access to the things they had before! Are there other folks we need to add to the org? |
|
Confirming that my old link to the project still works and I can still see the clusters and I don't believe I have been added to the new org |
|
I don't think much happens at the org level other than enforcing policies and quotas that we probably won't use. I think the main thing is that a project must have an owner that's either a person or an org, just like a GitHub repo. I think the main thing we'll do at the org level is probably create new projects, and potentially billing accounts, depending on funding situations. ~everything else happens at the project level. |
Background
Google is supplying us credits to power mybinder.org, these are currently run off of the Google Research Team's project, which is powering gke.mybinder.org. Recently Karan reached out and said it would be better if this project were under @fperez's account rather than theirs, so that we have more control over it.
I'm meeting with Karan on Friday to make this transfer. Will post the meeting time below in case anybody else would like to join (if so, let me know here or in a DM!)
Implementation details
I think the best path forward would be to create a
Project JupyterGoogle Cloud org, and then move this project underneath that organization. We could give ownership access to any member of the JupyterHub team that wanted it.Tasks
The text was updated successfully, but these errors were encountered: