Skip to content

Commit

Permalink
Merge pull request 2i2c-org#4716 from sgibson91/veda-staging/dynamic-…
Browse files Browse the repository at this point in the history
…image-building

Enable dynamic image building on VEDA staging hub
  • Loading branch information
sgibson91 authored Aug 28, 2024
2 parents dbf3135 + 41b5bc6 commit fa3b607
Show file tree
Hide file tree
Showing 2 changed files with 183 additions and 19 deletions.
49 changes: 30 additions & 19 deletions config/clusters/nasa-veda/enc-staging.secret.values.yaml
Original file line number Diff line number Diff line change
@@ -1,21 +1,32 @@
basehub:
jupyterhub:
hub:
config:
GitHubOAuthenticator:
client_id: ENC[AES256_GCM,data:1nlulJ+UtAzwlcL8KNUcUVMcIeM=,iv:rf3nUgkIz8q3nAd4n7XjWmuQeRdPRmpMeYx1SMEc1ss=,tag:PMHa6aACsbY51LKVKFeHEg==,type:str]
client_secret: ENC[AES256_GCM,data:z0lmTJmPoEIe1K4JrOcMYAu8GzvdT8vCxZehrQjDTispUI/lsWn5Kg==,iv:UyP1kGlc5qZaC+cxLkD8Q4g6qmNo37weh5AlxsaCZB0=,tag:i54y+7FNoFevU0Xp507ftA==,type:str]
jupyterhub:
hub:
config:
GitHubOAuthenticator:
client_id: ENC[AES256_GCM,data:S/8/O6R3cj5Mx8NUMZ7ZPuIRFgw=,iv:1d6eKQo92FJBXhCcbY5tZrnOqi7Y0068Zrv4Dl5dGHs=,tag:GCppQlAybfP9CITlfHfsZA==,type:str]
client_secret: ENC[AES256_GCM,data:l1ipRcU3hQFZe9Yp/wEgxCQX7naFbIxKNfgblDiYk9QPUchfTFfaEQ==,iv:yVXobI5q+ba01p1QNzyv4+R3RR3YaGwcoWdYFZQege0=,tag:YgSDMybLDCQpHYbaBoOg4A==,type:str]
imagePullSecret:
create: ENC[AES256_GCM,data:YgIGxw==,iv:mnZXJnlr2j6kq/dgFLheiQJ3gBYaQk3ByxLCxOJ3L/g=,tag:xxFGT6tpMSU0l6X83iYwOA==,type:bool]
registry: ENC[AES256_GCM,data:+SK/oiVdkQ==,iv:Q08lW4/naATRFZSUEF+sxDtqRGUonjK0E9g+6ZxfUnc=,tag:dcRo1q4MGnQpHxZAvZZYIA==,type:str]
username: ENC[AES256_GCM,data:EcR+ti7Fe1hlvXR2lKUczLMIxUNApT8cXQ==,iv:0JDwbTbeBDtZ87mpPlVBIAQnXpzEZ036DxIHC9YkOZA=,tag:lRbtaqT+TcJ//oOpM0uwZg==,type:str]
password: ENC[AES256_GCM,data:E6pjzrAiscnqfQQK0vXrNpQihKimzsVT1NCMiQxvKHVVL5g1RYPFnjHx7iWwAC70W7f0niTNAJd288gDaSOUTw==,iv:HBWsfn83K+ViVTfqGX3w1yhzh6fdi+impBnudgyUPz8=,tag:AAF42gy3I+bfeovI2Mb7Xw==,type:str]
binderhub-service:
buildPodsRegistryCredentials:
password: ENC[AES256_GCM,data:OE/G5Ut++b+hv49yPgICVtaQTviPp09F+03ySfnYtplH0YuutC7AyWJgAGL0AU9Dem6iZl5wou0XXxVohxmlXA==,iv:iPpz/ZxhBmWEXcBz1eXGoCX1VJlMICUI9A/cp0i5LGE=,tag:bjYO6jp+CLYNsQ4bNlRizg==,type:str]
config:
DockerRegistry:
password: ENC[AES256_GCM,data:KhQtxnJSpyDK5Tks9hw5zEQAhqMzdiItc0lIZzecz5EOaON8nk8F6jFv/kNHpwECfoPdvYrEroGqO7G5QY1Owg==,iv:p82H2QyQ5IxlojbB4dE+q1Dpd6YBs+iP8e5XxlQWrC4=,tag:WNUzfI/fHOtdE+5rOa+Lfw==,type:str]
sops:
kms: []
gcp_kms:
- resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
created_at: "2023-01-26T14:43:46Z"
enc: CiUA4OM7ePslGWEcv3OaYu9G873apD8kt5RYUre++rAAg9zHLbkxEkkA+0T9hVsary0kh5dFB0qxlQ94qktVHBQoePzx+0n+Y7teWci0FpelZF92wmIt8qzSDnQVNsv+6/GGhV50+aS8yjS20UF8yqpO
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-01-26T14:47:00Z"
mac: ENC[AES256_GCM,data:szV8nh5uNIuBllgFfeHYewVmFeE+Rm1Bs7H4t/z/t5x5CH9hV17biYguVzo2/og4owI4jY4/BuI/WEks76306pQ+0epFYwj0MdGX0k1EpCAFp9sCeMvePexHYw3wceKu660l1fdm2YOheLr1vaSGv5DBq7Ad47OoFFQ9WyuialU=,iv:sq9J70I682tGIf87OZqir60Lt8ehOwHUX5I7Bic76pQ=,tag:f2j/wVLDhvvBe3+USATzdg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3
kms: []
gcp_kms:
- resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
created_at: "2024-08-28T17:11:51Z"
enc: CiUA4OM7eE42MAnJnSRbSgcixhYQanLcxwpkon6oodvg2vfsHlPuEkkA5dG1Q+XBCcm6hV3EDD8c3e85Wdjkcv5CgftsEAzTcvFNGuijE6dUcPxi8yRhjELV8cHYPOwXuFUkdlq3L6LekDrzZoda9fjH
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-08-28T17:11:51Z"
mac: ENC[AES256_GCM,data:SumOiaSFKZKA+tp/ZzdBh5iU6shMbMUSEJ+QigaMgJN0kUQsSUJxK2QtB3NzUn6jiacFFd7y5gV05Px8t4mHY8elFRkNKfnN/2Fyg7hmOv1yGGoAJU94NK3XQF62y/VnpBdZUdfJDlukf8w630TV99RHGJOW0ApPjWKzuhtVLkE=,iv:5TiR0GiaddQBTG2Ed0+BbFsSCXl40mRBRNE6vZXd2gM=,tag:XPZR7miIhe/7fWC8IkmMqw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0
153 changes: 153 additions & 0 deletions config/clusters/nasa-veda/staging.values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,141 @@ basehub:
- name: home
mountPath: /home/jovyan/shared-public
subPath: _shared-public
profileList:
- display_name: Choose your environment and resources
default: true
profile_options:
image:
display_name: Environment
dynamic_image_building:
enabled: True
unlisted_choice:
enabled: True
display_name: "Custom image"
validation_regex: "^.+:.+$"
validation_message: "Must be a publicly available docker image, of form <image-name>:<tag>"
kubespawner_override:
image: "{value}"
choices:
01-modify-pangeo:
display_name: Modified Pangeo Notebook
description: Pangeo based notebook with a Python environment
kubespawner_override:
image: public.ecr.aws/nasa-veda/pangeo-notebook-veda-image:6fcf6cfa3192
init_containers:
# Need to explicitly fix ownership here, as otherwise these directories will be owned
# by root on most NFS filesystems - neither EFS nor Google Filestore support anonuid
- *volume_ownership_fix_initcontainer
# this container uses nbgitpuller to mount https://github.com/NASA-IMPACT/veda-docs/ for user pods
# image source: https://github.com/NASA-IMPACT/jupyterhub-gitpuller-init
- name: jupyterhub-gitpuller-init
image: public.ecr.aws/nasa-veda/jupyterhub-gitpuller-init:97eb45f9d23b128aff810e45911857d5cffd05c2
env:
- name: TARGET_PATH
value: veda-docs
- name: SOURCE_REPO
value: "https://github.com/NASA-IMPACT/veda-docs"
volumeMounts:
- name: home
mountPath: /home/jovyan
subPath: "{username}"
securityContext:
runAsUser: 1000
runAsGroup: 1000
02-rocker:
display_name: Rocker Geospatial with RStudio
description: R environment with many geospatial libraries pre-installed
kubespawner_override:
image: rocker/binder:4.3
image_pull_policy: Always
# Launch RStudio after the user logs in
default_url: /rstudio
# Ensures container working dir is homedir
# https://github.com/2i2c-org/infrastructure/issues/2559
working_dir: /home/rstudio
03-qgis:
display_name: QGIS on Linux Desktop
description: Linux desktop in the browser, with qgis installed
kubespawner_override:
# Launch people directly into the Linux desktop when they start
default_url: /desktop
# Built from https://github.com/2i2c-org/nasa-qgis-image
image: quay.io/2i2c/nasa-qgis-image:d76118ea0c15
resource_allocation:
display_name: Resource Allocation
choices:
mem_1_9:
display_name: 1.9 GB RAM, upto 3.7 CPUs
kubespawner_override:
mem_guarantee: 1991244775
mem_limit: 1991244775
cpu_guarantee: 0.2328125
cpu_limit: 3.725
node_selector:
node.kubernetes.io/instance-type: r5.xlarge
default: true
mem_3_7:
display_name: 3.7 GB RAM, upto 3.7 CPUs
kubespawner_override:
mem_guarantee: 3982489550
mem_limit: 3982489550
cpu_guarantee: 0.465625
cpu_limit: 3.725
node_selector:
node.kubernetes.io/instance-type: r5.xlarge
mem_7_4:
display_name: 7.4 GB RAM, upto 3.7 CPUs
kubespawner_override:
mem_guarantee: 7964979101
mem_limit: 7964979101
cpu_guarantee: 0.93125
cpu_limit: 3.725
node_selector:
node.kubernetes.io/instance-type: r5.xlarge
mem_14_8:
display_name: 14.8 GB RAM, upto 3.7 CPUs
kubespawner_override:
mem_guarantee: 15929958203
mem_limit: 15929958203
cpu_guarantee: 1.8625
cpu_limit: 3.725
node_selector:
node.kubernetes.io/instance-type: r5.xlarge
mem_29_7:
display_name: 29.7 GB RAM, upto 3.7 CPUs
kubespawner_override:
mem_guarantee: 31859916406
mem_limit: 31859916406
cpu_guarantee: 3.725
cpu_limit: 3.725
node_selector:
node.kubernetes.io/instance-type: r5.xlarge
mem_60_6:
display_name: 60.6 GB RAM, upto 15.6 CPUs
kubespawner_override:
mem_guarantee: 65094448840
mem_limit: 65094448840
cpu_guarantee: 7.8475
cpu_limit: 15.695
node_selector:
node.kubernetes.io/instance-type: r5.4xlarge
mem_121_2:
display_name: 121.2 GB RAM, upto 15.6 CPUs
kubespawner_override:
mem_guarantee: 130188897681
mem_limit: 130188897681
cpu_guarantee: 15.695
cpu_limit: 15.695
node_selector:
node.kubernetes.io/instance-type: r5.4xlarge

hub:
config:
GitHubOAuthenticator:
oauth_callback_url: https://staging.hub.openveda.cloud/hub/oauth_callback
image:
name: quay.io/2i2c/dynamic-image-building-experiment
tag: 0.0.1-0.dev.git.10263.hc87b65cf
ingress:
hosts: [staging.hub.openveda.cloud]
tls:
Expand All @@ -53,3 +184,25 @@ basehub:
extraPodConfig:
node_selector:
2i2c/hub-name: staging
imagePullSecrets: [{ name: image-pull-secret }]

binderhub-service:
enabled: true
dockerApi:
nodeSelector:
2i2c/hub-name: staging
config:
KubernetesBuildExecutor:
node_selector:
node.kubernetes.io/instance-type: r5.xlarge
2i2c/hub-name: staging
BinderHub:
# something like <region>-docker.pkg.dev/<project-name>/<repository-name> for grc.io
# or quay.io/org/repo/cluster-hub/ for quay.io
image_prefix: quay.io/veda-binder/staging-
DockerRegistry:
url: &url https://quay.io
username: &username veda-binder+image_builder
buildPodsRegistryCredentials:
server: *url
username: *username

0 comments on commit fa3b607

Please sign in to comment.