diff --git a/.github/workflows/deploy-hubs.yaml b/.github/workflows/deploy-hubs.yaml index 5cc275fbb8..ef5a5a52fb 100644 --- a/.github/workflows/deploy-hubs.yaml +++ b/.github/workflows/deploy-hubs.yaml @@ -45,6 +45,8 @@ jobs: provider: gcp - cluster_name: pangeo-hubs provider: gcp + - cluster_name: leap + provider: gcp - cluster_name: utoronto provider: kubeconfig - cluster_name: azure.carbonplan diff --git a/config/clusters/leap/cluster.yaml b/config/clusters/leap/cluster.yaml new file mode 100644 index 0000000000..15cab590a3 --- /dev/null +++ b/config/clusters/leap/cluster.yaml @@ -0,0 +1,31 @@ +name: leap +provider: gcp +gcp: + key: enc-deployer-credentials.secret.json + project: leap-pangeo + cluster: leap-cluster + zone: us-central1-b +support: + helm_chart_values_files: + - support.values.yaml +hubs: + - name: staging + display_name: "LEAP Staging" + domain: staging.leap.2i2c.cloud + helm_chart: daskhub + auth0: + enabled: false + helm_chart_values_files: + - common.values.yaml + - staging.values.yaml + - enc-staging.secret.values.yaml + - name: prod + display_name: "LEAP Prod" + domain: leap.2i2c.cloud + helm_chart: daskhub + auth0: + enabled: false + helm_chart_values_files: + - common.values.yaml + - prod.values.yaml + - enc-prod.secret.values.yaml diff --git a/config/clusters/leap/common.values.yaml b/config/clusters/leap/common.values.yaml new file mode 100644 index 0000000000..395cc00da3 --- /dev/null +++ b/config/clusters/leap/common.values.yaml @@ -0,0 +1,125 @@ +basehub: + nfs: + enabled: true + pv: + mountOptions: + - soft + - noatime + # Google FileStore IP + serverIP: 10.236.154.106 + # Name of Google Filestore share + baseShareName: /homes/ + jupyterhub: + proxy: + https: + enabled: false + custom: + 2i2c: + add_staff_user_ids_to_admin_users: true + add_staff_user_ids_of_type: "github" + cloudResources: + provider: gcp + gcp: + projectId: leap-pangeo + scratchBucket: + enabled: false + homepage: + templateVars: + org: + name: LEAP + url: https://leap-stc.github.io + logo_url: https://leap-stc.github.io/_static/LEAP_logo.png + designed_by: + name: 2i2c + url: https://2i2c.org + operated_by: + name: 2i2c + url: https://2i2c.org + funded_by: + name: LEAP + url: https://leap-stc.github.io + hub: + allowNamedServers: true + config: + Authenticator: + # This hub uses GitHub Teams auth and so we don't set + # allowed_users in order to not deny access to valid members of + # the listed teams. These people should have admin access though. + admin_users: + - rabernat + JupyterHub: + authenticator_class: github + GitHubOAuthenticator: + allowed_organizations: + - leap-stc:leap-pangeo-users + - 2i2c-org:tech-team + scope: + - read:org + singleuser: + image: + name: pangeo/pangeo-notebook + tag: 2022.02.04 + extraEnv: + # This bucket is created by terraform + SCRATCH_BUCKET: "gs://leap-pangeo-scratch/$(JUPYTERHUB_USER)" + PANGEO_SCRATCH: "gs://leap-pangeo-scratch/$(JUPYTERHUB_USER)" + profileList: + # The mem-guarantees are here so k8s doesn't schedule other pods + # on these nodes. They need to be just under total allocatable + # RAM on a node, not total node capacity. Values calculated using + # https://learnk8s.io/kubernetes-instance-calculator + - display_name: "Small" + description: 5GB RAM, 2 CPUs + default: true + kubespawner_override: + mem_limit: 7G + mem_guarantee: 4.5G + node_selector: + node.kubernetes.io/instance-type: n1-standard-2 + - display_name: Medium + description: 11GB RAM, 4 CPUs + kubespawner_override: + mem_limit: 15G + mem_guarantee: 11G + node_selector: + node.kubernetes.io/instance-type: n1-standard-4 + - display_name: Large + description: 24GB RAM, 8 CPUs + kubespawner_override: + mem_limit: 30G + mem_guarantee: 24G + node_selector: + node.kubernetes.io/instance-type: n1-standard-8 + - display_name: Huge + description: 52GB RAM, 16 CPUs + kubespawner_override: + mem_limit: 60G + mem_guarantee: 52G + node_selector: + node.kubernetes.io/instance-type: n1-standard-16 + initContainers: + # Need to explicitly fix ownership here, since EFS doesn't do anonuid + - name: volume-mount-ownership-fix + image: busybox + command: + [ + "sh", + "-c", + "id && chown 1000:1000 /home/jovyan && ls -lhd /home/jovyan", + ] + securityContext: + runAsUser: 0 + volumeMounts: + - name: home + mountPath: /home/jovyan + subPath: "{username}" +dask-gateway: + gateway: + backend: + scheduler: + cores: + request: 0.8 + limit: 1 + memory: + request: 1G + limit: 2G diff --git a/config/clusters/leap/enc-deployer-credentials.secret.json b/config/clusters/leap/enc-deployer-credentials.secret.json new file mode 100644 index 0000000000..41d0ac714d --- /dev/null +++ b/config/clusters/leap/enc-deployer-credentials.secret.json @@ -0,0 +1,30 @@ +{ + "type": "ENC[AES256_GCM,data:bXgwRCCuUFr4lQ2E2SNY,iv:s2f8CNR1otvSWHZjBoPU0g0edG9Z1oxp4DR19P3nFcM=,tag:8uaIHlomCatJ3nO94vm+Xg==,type:str]", + "project_id": "ENC[AES256_GCM,data:XD/SgAyoYBTSryM=,iv:V8+bdV7rBHqQwOweAD7NpTuFlx59MXFfXyIKZfmy0C0=,tag:YuEn+Nx9FoyU5Mz/othl4g==,type:str]", + "private_key_id": "ENC[AES256_GCM,data:RyEVnVqgxNZ1oxHlKAea36r6dSlaqehJJQCNpg4k675vfD8s3oxAYA==,iv:UidkTYHW7UYhVIeLCemr6TfqQlFXstg677iSXkfO6vo=,tag:Yv2f+19B6sKkMZmNuMBm4A==,type:str]", + "private_key": "ENC[AES256_GCM,data:W4ZRkRTfkiaAkXjXOPrrmJlnucwrOvCd6yf3KIr7dTQO3vyQSt/sIcLQWx7T7g3G7F337WUC9M9pXB+ubCxvkBnhetcfLldMhCZMeJaHfDnGx6Ym9sN6BfvkevsCIR+bDnS+ErLEXiMz6YL7KmGijY7OHoV8N0nRzpSDLq9biIjaPt2374lw2NYe+620R32+PNVE1gqkctgWwwIr8ASOhFbMVa643JH7H+Mstc1Nb1pdhXMi4ny0gTeceNV02Tp5YSGQRXLzyc122Z8K/4ziehjTGvwrFr/eUzUlyq4jX9d03T8rxKsXTyXG/PxWWj+WUpF8+dkU8M56pXSAJ19ZcrOwrkeIl5pit/nAJOJuyHh8bB+CrW/bCwQPWcGg6W3INl89S9MdEALPieDPpHXqA+/8ZQc99sAxGhzJ2v55PkX6FY5fN8qqgjj2lFze3Ng3IjqL+2t/qMF+h2GddWXp0axTvArjONhhzeWcUqZxCa7TlqWf960ZtLkRTKm3NCYbq1pqFcLQl8BdpNTeliIXypKSENB9wWRwCybX5U1jryuIolhBBQXHa+Qm92z4kpAIUX3Y9aL5vuS1MRkQnIg30lwyR4Dd48QUElWBLAc0aKbXcbJDchAnufq1yRfPnA1z6Zi0g2AqV1YFQfQ0dVqDm6xUegE4PUkFQPHXoGvmK12YZpTDyNr/h3LXGU/KUJA89LNhdbW1KyPepKqcMYwa5lIsSwAJ4il+FDAtyRPG29sRWbNljKA8qCtMLpQsfFoDE+W4KlzWcSpCvU+8s1fbYxiZ8Wf0nxat8CSC2ZTnoMtHJjHvfYit9QBUIKKCNMGTk6SMincBzqL7BlVqJcRS2QQLcCLdkwS/TOZ/yR/12kSZyNr412QC9yKfS/T0OYS7G6MS0BOwDDHKdGHckkFijoXUV4A/tYOH1F6rkauORZSTsVhNz1aVRG5J253e5TxD3M9O8qhCSyadiWJW2vIyP48Sj+sI5Ppp7ydZYRNfCjQp9VqlRidrQm1LXvbDfimEz0YCYKDba3j60/twUTLSnP2aZ0raetFYj4rUKGmlHo2gwpX/zg57Atfc0GUpkj9x/OIA8g9hSz1b5vDT+XweOoLRu72a0XJoL61XGFcp1lrDiz9tSTYi2s4oqLdOQCl2AJmwwUTg0OEeu1vlU7HupakbMRiyzt011o/roFtZj9AESS61r3LVKDXnIBCnRAOlD98sNaHQp/Lg/v0+DwDTlIK3FiqOPDFiOTxvnWdgs5iwY0600fOzpDa5yuBGrbJ2LIHA7KnPyompkXBk7R0WhvIPZE50x+fCuO+Rn96NCnICmBuYucmrNvNIccRz2nfxKCgeyaDGJkFnD0Qwuq4yhVuRe0PAadXrXCdauAuDEhDFJr4j/VkVD3t88ijkSf8he+XC962qi9FanjbSnqZUK1osh30m+cMb2UeVFKIORMoNeXW6vd4sCFOoNCPSlIXckms8b6R14sOrfMZd+g5w/L0I6mhJ04G1FNN6wvD5F6PTa1g/8NgQwxx4ymRtcHq1EoIUZWDauKDEJzMgGXGwzjHOJ5yuoPTzPqunSrYZowAjX+XsHq0YwuAZuza2NyEB1PNPOYHEem2iJRGVIbfnnKWUuGCg378azKnbojwQ6s1dUtUlnSaBkbipgRd+mAuc418vfjljDqEjOvSf6kfV3pKXjTWQlOJJn5YOXYonjsKe9jG5H7HW+QnZpteCT5KtrTpeBjs26R+9frm/+WMUGZJMsDtB1NvgC14MXoS8gh+6DtVXyRG0e8cGK0ICCWzbNB7s09sG8/AZ9EaecUW7ou4SLQg58fqKGXx80VUl7N8Ud0j+WyhlCSbqmm78PL86g64NW4K4ltG9+wxkihiShfxZ+/mJvnwObu3y0nBhzz2ebhQ+gAN6A+sljTXaSQ7RkHWIy1RMVRKW0j37cqlhUUbMykUqo5O5O3QZCzDN7zTQIKugRbeOCx4IPyzSObsmXxG8ebhqWCwqPZgJHJa9dJWli1YEYn7/6Z0Ll/MAAC/oPZkFz0b6/wI1UkuhwhXpOqBvnhYSh5n1kUZ2RdNds02UUkU5rbAviW4519zITFMQ0TpfeZK18VsXha5myG4exzwlP5IIHUqGx/5JD/RfNQ8cRJ2tZKZcWq6QgVsJERtP7iMHIUndofwTbNT5VPC9Y5qHbwnlQziyRtFAqKU+kvoDVi2L9607lFUlrRD3Mt+dUTL9zPSi3qrGgQHw9HQMeI+k2ZdZoQm3fata5VPL0419eb8xivSq,iv:EgD4FRnPUx3eF7lO7mrfjYmmx1QxfGYi5PYbbFh0E/A=,tag:aTr3QIHfxhtdovqFj2R23g==,type:str]", + "client_email": "ENC[AES256_GCM,data:1pYHCwTtM2blwTR0PYzRdZxEAcigHYc+dFI0o6H3NfV4Gdp2BI9tSxGsoPxFhg==,iv:XQ9uTRrFoN7DSa1X7lYv89k2uY2o+dOh9MYC6VRkCrc=,tag:nTi4NKlTJn1X8OW55m5rxA==,type:str]", + "client_id": "ENC[AES256_GCM,data:U6WS704VI9XtGpPqfm9lxWR3Q7Mi,iv:/xvGuEGfsJcWxqTW2Z9JJSamJ5vrKIJhpkonB+IRDrI=,tag:yBgTt0CgdCmcIvtgiSs5yg==,type:str]", + "auth_uri": "ENC[AES256_GCM,data:0qByuvHwcpGgzitfrLq1BF+fYbvPaw0GSLgV9ap6UeVW2Obi30SAyEg=,iv:Su94WLXfURaDcYS6kfq3pNScwcmvVOIHEQmr4nL0m+U=,tag:36JEZaLat0pIabEE9+7HUw==,type:str]", + "token_uri": "ENC[AES256_GCM,data:VopsA3EwGJMYx9e9aGln1JQpYbpNw13z1yT7e92VsjdLYfw=,iv:LmpzRcY2tZVspy7CYMMnORybq9zwcgNRCeCuFyKGV5E=,tag:d2VfyqSA+FpQgCF68lp3Hw==,type:str]", + "auth_provider_x509_cert_url": "ENC[AES256_GCM,data:XctyK5UvsjLXpDf2nuvHrrPb6Xeof80vd4voZTT4lHj1PqScsFxCQx0h,iv:kwvSoStJdIUbMJasX6r0i0Ahh5vWdbKQdfgNNAfApso=,tag:+mWUAoiF/K8sS/bWRxQBpg==,type:str]", + "client_x509_cert_url": "ENC[AES256_GCM,data:8X40APDF+qU0QxB/fAl9d3QEK+xV+nadmiEGXWeDVUwWhfHDvKGfmxhQpuq9Jlezh78ZJqk582gji9zbk76jj96MKsDpCTLxVk0afc2kAHhfdWyZr3rWCsApZx1bsJx6Jzs=,iv:86Y1ykaCpyF+GASy9V+wxfmagZgIjFcUqO+f+IV7wuw=,tag:gSHMz9BeGIpMrufCeLoKvA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": [ + { + "resource_id": "projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs", + "created_at": "2022-03-09T10:01:06Z", + "enc": "CiQA4OM7eL+21cxRUstcvIlnsMZrFbLDsiQpXe8XPMnIpbe033ISSADm5XgWSJUtlvvXtnkfqnnyCGz/4hSG6Sm1Mb2C713GGAJrg8oILKXAhrQn7Grp9Ayi48nhjXLltdNRBdEJWkLVv6WvLWcktA==" + } + ], + "azure_kv": null, + "hc_vault": null, + "age": null, + "lastmodified": "2022-03-09T10:01:07Z", + "mac": "ENC[AES256_GCM,data:R82w7fgEsBoeU/EN4eHS/0IFijn0ts3SjE46/LGpQbb+NtvFf4ynmvp7GOpbV03J9GgWpY1vaoREkkrtbNg+CUNLpbHx4Bg2LFz1QFCYuG6NN/7DbunvEQwHZrd1QmA4MX0CsnQzWzrrXSvZw2W8AX1HNeo9bClvdHOBzGlZctQ=,iv:1Vjso4F+eO+gV1gsx+4OMzxh9WEsC5COZaI+LLmC4kU=,tag:b215foOX/93CciksTJCUDA==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.7.1" + } +} \ No newline at end of file diff --git a/config/clusters/leap/enc-grafana-token.secret.yaml b/config/clusters/leap/enc-grafana-token.secret.yaml new file mode 100644 index 0000000000..9c659805f2 --- /dev/null +++ b/config/clusters/leap/enc-grafana-token.secret.yaml @@ -0,0 +1,15 @@ +grafana_token: ENC[AES256_GCM,data:PBK+VcnU3cq2cVa7nZwJyVdWWwkcsxslGKiH1nhxBpgFEKC8iylsxhEZb5c89Hy15tFxZ4qNfCOZ4ztwrIVsCQ==,iv:Y+KqfLhpJvgYBw/6IP9Rg3w+qbnS1amvBf2QgFvPx/U=,tag:owkBbmy0W6bUbqtIJepOqg==,type:str] +sops: + kms: [] + gcp_kms: + - resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs + created_at: "2022-02-24T17:56:52Z" + enc: CiQA4OM7eA1jS3a2zwDnUXuczQfvJW5u9Zp3QHRgCZjXk1ha/P4SSQDm5XgWif8sOYLkjo9k+hTKISv4PddEGATlvRChHeNZREfg2nreeDYujK6tOdiXplp8Yzv+uWxnxxUvlYPbhvReCDgmuEKLGI0= + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-03-09T09:29:33Z" + mac: ENC[AES256_GCM,data:ymz/1FyIv7KwvB46+NBBEsDLncBSh1b5NNxRrAxgIq7leOWBjHWkrh7kwWBGc5i2dIHsZ39VhG/AHZLZtXlp0ef9+JZyHUcejCLl2aOSbNB+6CqPLLh1ps63bUQYiKB7D7hec//hRMAu+CyT9UHYJkhj4jHT+hMtRgou800LcWA=,iv:6qzJEV9ktMy7jLoHDeAKFjh2CkGgMq7Go6P7+/3NFOo=,tag:s/xCYa0ttNl4yOJDGTy53g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/config/clusters/leap/enc-prod.secret.values.yaml b/config/clusters/leap/enc-prod.secret.values.yaml new file mode 100644 index 0000000000..acda46f9a4 --- /dev/null +++ b/config/clusters/leap/enc-prod.secret.values.yaml @@ -0,0 +1,21 @@ +basehub: + jupyterhub: + hub: + config: + GitHubOAuthenticator: + client_id: ENC[AES256_GCM,data:auopWrLSGIBDtQ4PrZZMYe5XFWM=,iv:+tzBIkE6R3PfJm7oYyJOq84yyD6tB3GXeQ++sYPU7S8=,tag:vQrhczBhRRaFoqqwRWeGHg==,type:str] + client_secret: ENC[AES256_GCM,data:xLL5GJTKSnucssmIQjVhCUwwXyZaYl54/+QzXPFx0dJpX63kaeJufw==,iv:2cyHZvDaoNQtlKiPKf2ACoNuvlww6WE7vcGG6jVXISI=,tag:IRcogW5ZDZWA6Pv8DyVcPg==,type:str] +sops: + kms: [] + gcp_kms: + - resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs + created_at: "2022-02-24T18:31:21Z" + enc: CiQA4OM7eNU4/NC1GSyOypie5mku2r/szfsjQHdxf5CkEib8PWISSQDm5XgWPd3+MJEgP6vyMdkr+5xZCc0MbF1aoNtwLVU/Z9PKOZsw2UgcoYIAHxpoMCm9aC2mS+qZJyq7N5GnR0xxIc3cGMNybVo= + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-03-15T03:52:07Z" + mac: ENC[AES256_GCM,data:b96WljyWsCUnPKIGqHI4He+umqvDXKksyRF6VEmDfkjBMdrNm0YqTSPJiHAaNGVr1mjnllhGtDsatEDZCB2v05/M9FCJeoS961DcBKHJ7HTNnvHhjzEgH0TZKop87CF2nCgTtu939YHhlXJMIOAfgnH7k0/Q/8YgWwhy723UVtc=,iv:wyRXPl8iZ7qKjnlK0zRM+WCact0Vl3U7vE6dW1qk74M=,tag:j7CTLd2TSnqcXmzbFKXNLg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/config/clusters/leap/enc-staging.secret.values.yaml b/config/clusters/leap/enc-staging.secret.values.yaml new file mode 100644 index 0000000000..afd4da8341 --- /dev/null +++ b/config/clusters/leap/enc-staging.secret.values.yaml @@ -0,0 +1,21 @@ +basehub: + jupyterhub: + hub: + config: + GitHubOAuthenticator: + client_id: ENC[AES256_GCM,data:+AMr1i/FBcFuMHVbLXf7dqfvsWc=,iv:6SyzEQjAgag1ReUANQpKpqzbkZQzXXgztqYY+keuC14=,tag:IfcPSe5+GaSDkFM7lqIemg==,type:str] + client_secret: ENC[AES256_GCM,data:wn3bphxQWosKZC596MSVHiNt0d1BuRmR19YX/FK9mcdmvO1IswQVpQ==,iv:cm2FGIjpXnjOHMUnuGeB1WYAjozErtuYSx99737vtVw=,tag:ZBNPrQCPqGiz+ttCNIE/Ag==,type:str] +sops: + kms: [] + gcp_kms: + - resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs + created_at: "2022-02-24T18:04:17Z" + enc: CiQA4OM7eP6diuWK5cq1WJfLBHrUaMLetApVQYdQJjlOFUKSsHASSQDm5XgW8L7w2ZN+LPLHBMIcfpO6YIBeajtpkKFnTdpRgbhgR7+fb9p4HHT8z3H1U7nwKuOaQPtsXj2e8ZPjWr/2tqy6ramzlhU= + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-03-15T03:52:01Z" + mac: ENC[AES256_GCM,data:H2VetTwomSuEk84ut0G5XKLmXTh2Mp1R8Mvwj7X0mOiPTVhpw8FnqLCy+DfrcPGD5Yv3f2gyROWCaDv29L1mJkwBk+vxF63AjcljaR48/sOn+oo2c0xOIigrqluU/FFBvqJL7Lcrrt8X1TNbM1e4bu8ckJILfbqQO2c+WfNrSBM=,iv:wbIOKcrVddBAHDLY/snwG+Oc0pC3YQGgKRAMDzoQlY4=,tag:ZHNFCNamz1CZLGU4j0LXCw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/config/clusters/leap/prod.values.yaml b/config/clusters/leap/prod.values.yaml new file mode 100644 index 0000000000..44dffa4a27 --- /dev/null +++ b/config/clusters/leap/prod.values.yaml @@ -0,0 +1,6 @@ +basehub: + jupyterhub: + hub: + config: + GitHubOAuthenticator: + oauth_callback_url: https://leap.2i2c.cloud/hub/oauth_callback diff --git a/config/clusters/leap/staging.values.yaml b/config/clusters/leap/staging.values.yaml new file mode 100644 index 0000000000..db4dd0acfd --- /dev/null +++ b/config/clusters/leap/staging.values.yaml @@ -0,0 +1,6 @@ +basehub: + jupyterhub: + hub: + config: + GitHubOAuthenticator: + oauth_callback_url: https://staging.leap.2i2c.cloud/hub/oauth_callback diff --git a/config/clusters/leap/support.values.yaml b/config/clusters/leap/support.values.yaml new file mode 100644 index 0000000000..ae10e7bab0 --- /dev/null +++ b/config/clusters/leap/support.values.yaml @@ -0,0 +1,14 @@ +grafana: + ingress: + hosts: + - grafana.leap.2i2c.cloud + tls: + - secretName: grafana-tls + hosts: + - grafana.leap.2i2c.cloud +prometheus: + server: + resources: + limits: + cpu: 2 + memory: 12Gi diff --git a/terraform/gcp/projects/leap.tfvars b/terraform/gcp/projects/leap.tfvars new file mode 100644 index 0000000000..59043ffb2a --- /dev/null +++ b/terraform/gcp/projects/leap.tfvars @@ -0,0 +1,76 @@ +prefix = "leap" +project_id = "leap-pangeo" +core_node_machine_type = "n1-highmem-4" + +# No need for this to be a private cluster, public ones are cheaper +enable_private_cluster = false + +# Multi-tenant cluster, network policy is required to enforce separation between hubs +enable_network_policy = true + +# FIXME: config_connector doesn't actually work, so right now access to cloud +# buckets dosn't properly work. Should be fixed by https://github.com/2i2c-org/infrastructure/pull/1130 +config_connector_enabled = false + +# Setup a filestore for in-cluster NFS +enable_filestore = true +filestore_capacity_gb = 1024 + +user_buckets = [ + "pangeo-scratch" +] + +# Setup notebook node pools +notebook_nodes = { + "small" : { + min : 0, + max : 100, + machine_type : "n1-standard-2", + labels: {} + }, + "medium" : { + min : 0, + max : 100, + machine_type : "n1-standard-4", + labels: {} + }, + "large" : { + min : 0, + max : 100, + machine_type : "n1-standard-8", + labels: {} + }, + "huge" : { + min : 0, + max : 100, + machine_type : "n1-standard-16", + labels: {} + }, +} + +dask_nodes = { + "small" : { + min : 0, + max : 100, + machine_type : "n1-standard-2", + labels: {} + }, + "medium" : { + min : 0, + max : 100, + machine_type : "n1-standard-4", + labels: {} + }, + "large" : { + min : 0, + max : 100, + machine_type : "n1-standard-8", + labels: {} + }, + "huge" : { + min : 0, + max : 100, + machine_type : "n1-standard-16", + labels: {} + }, +} diff --git a/terraform/gcp/storage.tf b/terraform/gcp/storage.tf index 0d6b5b895a..29ada0a8ea 100644 --- a/terraform/gcp/storage.tf +++ b/terraform/gcp/storage.tf @@ -1,8 +1,8 @@ resource "google_filestore_instance" "homedirs" { - name = "${var.prefix}-homedirs" - zone = var.zone - tier = var.filestore_tier + name = "${var.prefix}-homedirs" + zone = var.zone + tier = var.filestore_tier project = var.project_id count = var.enable_filestore ? 1 : 0 @@ -19,7 +19,7 @@ resource "google_filestore_instance" "homedirs" { } networks { - network = var.enable_private_cluster ? data.google_compute_network.default_network.name : null + network = var.enable_private_cluster ? data.google_compute_network.default_network.name : "default" modes = ["MODE_IPV4"] } -} \ No newline at end of file +}