diff --git a/config/clusters/2i2c/cluster.yaml b/config/clusters/2i2c/cluster.yaml
index 4151b30592..c450f972dc 100644
--- a/config/clusters/2i2c/cluster.yaml
+++ b/config/clusters/2i2c/cluster.yaml
@@ -128,3 +128,11 @@ hubs:
- basehub-common.values.yaml
- mtu.values.yaml
- enc-mtu.secret.values.yaml
+ - name: jackeddy
+ display_name: "Jack Eddy Symposium"
+ domain: jackeddy.2i2c.cloud
+ helm_chart: daskhub
+ helm_chart_values_files:
+ - daskhub-common.values.yaml
+ - jackeddy.values.yaml
+ - enc-jackeddy.secret.values.yaml
diff --git a/config/clusters/2i2c/jackeddy.values.yaml b/config/clusters/2i2c/jackeddy.values.yaml
new file mode 100644
index 0000000000..94c376529d
--- /dev/null
+++ b/config/clusters/2i2c/jackeddy.values.yaml
@@ -0,0 +1,178 @@
+basehub:
+ userServiceAccount:
+ annotations:
+ iam.gke.io/gcp-service-account: pilot-hubs-jackeddy@two-eye-two-see.iam.gserviceaccount.com
+ jupyterhub:
+ ingress:
+ hosts:
+ - jackeddy.2i2c.cloud
+ tls:
+ - secretName: https-auto-tls
+ hosts:
+ - jackeddy.2i2c.cloud
+ custom:
+ 2i2c:
+ add_staff_user_ids_to_admin_users: true
+ add_staff_user_ids_of_type: "github"
+ homepage:
+ templateVars:
+ org:
+ name: Jack Eddy Symposium
+ url: https://cpaess.ucar.edu/meetings/4th-eddy-cross-disciplinary-symposium
+ logo_url: https://cpaess.ucar.edu/sites/default/files/styles/extra_large/public/2023-08/EddySymposium-900x400.jpg?itok=8qG7Dqi3
+ designed_by:
+ name: 2i2c
+ url: https://2i2c.org
+ operated_by:
+ name: 2i2c
+ url: https://2i2c.org
+ funded_by:
+ name: ""
+ url: ""
+ custom_html: NASA's Living with a Star program and UCAR/CPAESS
+ singleuser:
+ extraFiles:
+ # FIXME: document this feature
+ # Currently only documented in the context of culling https://infrastructure.2i2c.org/sre-guide/manage-k8s/culling/#kernel-culling-configuration
+ jupyter_notebook_config.json:
+ data:
+ # Allow jupyterlab option to show hidden files in browser
+ ContentsManager:
+ allow_hidden: true
+ # https://infrastructure.2i2c.org/howto/features/dedicated-nodepool/
+ nodeSelector:
+ # Applied to all profile options
+ 2i2c.org/community: jackeddy
+ extraTolerations:
+ - key: "2i2c.org/community"
+ operator: "Equal"
+ value: "jackeddy"
+ effect: "NoSchedule"
+ defaultUrl: /lab
+ extraEnv:
+ # https://infrastructure.2i2c.org/howto/features/buckets/
+ SCRATCH_BUCKET: gcs://pilot-hubs-jackeddy-scratch/$(JUPYTERHUB_USER)
+ PANGEO_SCRATCH: gcs://pilot-hubs-jackeddy-scratch/$(JUPYTERHUB_USER)
+ # https://infrastructure.2i2c.org/howto/features/github
+ GH_SCOPED_CREDS_CLIENT_ID: "Iv1.37646d01f3f58a80"
+ GH_SCOPED_CREDS_APP_URL: https://github.com/apps/jack-eddy-jupyterhub-push-access
+ profileList:
+ - display_name: "Image and resource allocation"
+ description: "Choose the user image and what resources to be allocated for the server"
+ slug: only-choice
+ profile_options:
+ requests:
+ # Configuration setup based on https://github.com/2i2c-org/infrastructure/issues/2121.
+ # Allocate resources from a n2-highmem-16 node, instead of a
+ # n2-highmem-4 node to help reduce startup times.
+ # Based on past usages of this hub, it is highly possible it will use notable
+ # amounts of RAM.
+ # The choice of this node, will avoid putting only two users requesting ~16 GB on
+ # a ~32 GB node (if we went with a n2-highmem-4) and will instead allow for
+ # at least eight users to fit per node on a n2-highmem-16 machine.
+ # ref: https://github.com/2i2c-org/infrastructure/issues/3166#issuecomment-1755630637
+ display_name: Resource Allocation
+ choices:
+ mem_1_9:
+ display_name: 1.9 GB RAM, upto 3.75 CPUs
+ description: Fastest spinup time
+ kubespawner_override:
+ mem_guarantee: 1992701952
+ mem_limit: 1992701952
+ cpu_guarantee: 0.234375
+ cpu_limit: 3.75
+ node_selector:
+ node.kubernetes.io/instance-type: n2-highmem-16
+ default: true
+ mem_3_7:
+ display_name: 3.7 GB RAM, upto 3.75 CPUs
+ kubespawner_override:
+ mem_guarantee: 3985403904
+ mem_limit: 3985403904
+ cpu_guarantee: 0.46875
+ cpu_limit: 3.75
+ node_selector:
+ node.kubernetes.io/instance-type: n2-highmem-16
+ mem_7_4:
+ display_name: 7.4 GB RAM, upto 3.75 CPUs
+ kubespawner_override:
+ mem_guarantee: 7970807808
+ mem_limit: 7970807808
+ cpu_guarantee: 0.9375
+ cpu_limit: 3.75
+ node_selector:
+ node.kubernetes.io/instance-type: n2-highmem-16
+ mem_14_8:
+ display_name: 14.8 GB RAM, upto 3.75 CPUs
+ kubespawner_override:
+ mem_guarantee: 15941615616
+ mem_limit: 15941615616
+ cpu_guarantee: 1.875
+ cpu_limit: 3.75
+ node_selector:
+ node.kubernetes.io/instance-type: n2-highmem-16
+ mem_29_7:
+ display_name: 29.7 GB RAM, upto 3.75 CPUs
+ kubespawner_override:
+ mem_guarantee: 31883231232
+ mem_limit: 31883231232
+ cpu_guarantee: 3.75
+ cpu_limit: 3.75
+ node_selector:
+ node.kubernetes.io/instance-type: n2-highmem-16
+ mem_60_6:
+ display_name: 60.6 GB RAM, upto 15.72 CPUs
+ kubespawner_override:
+ mem_guarantee: 65105797120
+ mem_limit: 65105797120
+ cpu_guarantee: 7.86
+ cpu_limit: 15.72
+ node_selector:
+ node.kubernetes.io/instance-type: n2-highmem-16
+ mem_121_3:
+ display_name: 121.3 GB RAM, upto 15.72 CPUs
+ kubespawner_override:
+ mem_guarantee: 130211594240
+ mem_limit: 130211594240
+ cpu_guarantee: 15.72
+ cpu_limit: 15.72
+ node_selector:
+ node.kubernetes.io/instance-type: n2-highmem-16
+ image:
+ display_name: Image
+ # https://infrastructure.2i2c.org/howto/features/allow-unlisted-profile-choice/
+ unlisted_choice:
+ enabled: True
+ display_name: "Custom image"
+ validation_regex: "^.+:.+$"
+ validation_message: "Must be a publicly available docker image, of form :"
+ kubespawner_override:
+ image: "{value}"
+ choices:
+ pangeo:
+ display_name: Base Pangeo Notebook
+ default: true
+ slug: "pangeo"
+ kubespawner_override:
+ image: "pangeo/pangeo-notebook:2023.10.03"
+ hub:
+ allowNamedServers: true
+ config:
+ JupyterHub:
+ authenticator_class: github
+ GitHubOAuthenticator:
+ oauth_callback_url: https://jackeddy.2i2c.cloud/hub/oauth_callback
+ allowed_organizations:
+ - jack-eddy-symposium
+ scope:
+ - read:org
+ Authenticator:
+ admin_users:
+ - dan800 # Dan Marsh
+ - rmcgranaghan # Ryan McGranaghan
+dask-gateway:
+ gateway:
+ extraConfig:
+ idle: |
+ # timeout after 30 minutes of inactivity
+ c.KubeClusterConfig.idle_timeout = 1800
diff --git a/config/clusters/openscapes/prod.values.yaml b/config/clusters/openscapes/prod.values.yaml
index 7e1c6f3b82..b1c55743aa 100644
--- a/config/clusters/openscapes/prod.values.yaml
+++ b/config/clusters/openscapes/prod.values.yaml
@@ -57,7 +57,7 @@ basehub:
cpu_guarantee: 1.875
cpu_limit: 3.75
node_selector:
- node.kubernetes.io/instance-type: r5.xlarge
+ node.kubernetes.io/instance-type: r5.4xlarge
mem_29_7:
display_name: 29.7 GB RAM, upto 3.75 CPUs
kubespawner_override:
@@ -66,7 +66,7 @@ basehub:
cpu_guarantee: 3.75
cpu_limit: 3.75
node_selector:
- node.kubernetes.io/instance-type: r5.xlarge
+ node.kubernetes.io/instance-type: r5.4xlarge
mem_60_6:
display_name: 60.6 GB RAM, upto 15.72 CPUs
kubespawner_override:
diff --git a/helm-charts/basehub/values.yaml b/helm-charts/basehub/values.yaml
index e37753cd5c..0a11cdb63d 100644
--- a/helm-charts/basehub/values.yaml
+++ b/helm-charts/basehub/values.yaml
@@ -764,8 +764,15 @@ jupyterhub:
allowed_profiles.append(profile)
continue
- access_token = auth_state["token_response"]["access_token"]
- token_type = auth_state["token_response"]["token_type"]
+ if "token_response" in auth_state:
+ access_token = auth_state["token_response"]["access_token"]
+ token_type = auth_state["token_response"]["token_type"]
+ else:
+ # token_response was introduced to auth_state in
+ # oauthenticator 16, so this is adjusting to an auth_state
+ # set by oauthenticator 15
+ access_token = auth_state["access_token"]
+ token_type = "token"
for allowed_org in allowed_orgs:
user_in_allowed_org = await spawner.authenticator._check_membership_allowed_organizations(
allowed_org, spawner.user.name, access_token, token_type
diff --git a/noxfile.py b/noxfile.py
index 0c659213b2..d8c5d41a0c 100644
--- a/noxfile.py
+++ b/noxfile.py
@@ -1,3 +1,14 @@
+"""
+noxfile.py is a configuration file for the command-line tool nox that automates
+tasks in multiple Python environments. We use it to setup an environment to
+build our documentation.
+
+Config reference: https://nox.thea.codes/en/stable/config.html#noxfile
+
+Common tasks:
+- Install nox: pip install nox
+- Start a live reloading docs server: nox -- live
+"""
import nox
nox.options.reuse_existing_virtualenvs = True
diff --git a/terraform/gcp/projects/pilot-hubs.tfvars b/terraform/gcp/projects/pilot-hubs.tfvars
index 572da56d4a..b4db6d3376 100644
--- a/terraform/gcp/projects/pilot-hubs.tfvars
+++ b/terraform/gcp/projects/pilot-hubs.tfvars
@@ -79,6 +79,23 @@ notebook_nodes = {
"community" : "temple"
},
}
+ # Nodepool for jackeddy symposium. https://github.com/2i2c-org/infrastructure/issues/3166
+ "jackeddy" : {
+ min : 0,
+ max : 100,
+ machine_type : "n2-highmem-16",
+ labels : {
+ "2i2c.org/community" : "jackeddy"
+ },
+ taints : [{
+ key : "2i2c.org/community",
+ value : "jackeddy",
+ effect : "NO_SCHEDULE"
+ }],
+ resource_labels : {
+ "community" : "jackeddy"
+ }
+ }
}
# Setup a single node pool for dask workers.
@@ -94,7 +111,11 @@ dask_nodes = {
},
}
-user_buckets = {}
+user_buckets = {
+ "jackeddy-scratch" : {
+ "delete_after" : 7
+ }
+}
hub_cloud_permissions = {
@@ -114,6 +135,11 @@ hub_cloud_permissions = {
bucket_admin_access : [],
hub_namespace : "catalyst-cooperative"
},
+ "jackeddy" : {
+ requestor_pays : true,
+ bucket_admin_access : ["jackeddy-scratch"],
+ hub_namespace : "jackeddy"
+ },
}
container_repos = [