Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

For reference: work towards adding JMTE hub (AWS, eksctl, cloudformation) #436

Closed
wants to merge 43 commits into from

Conversation

consideRatio
Copy link
Contributor

@consideRatio consideRatio commented May 31, 2021

For reference and transparency, this PR represents the state of my work to deploy hub.jupytearth.org using 2i2c configuration etc.

This is what remains to be done for this PR to be mergeable, as updated 2021-08-27.

@consideRatio consideRatio mentioned this pull request May 31, 2021
4 tasks
Copy link
Member

@yuvipanda yuvipanda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AMAZE!

config/hubs/jmte.cluster.yaml Outdated Show resolved Hide resolved
config/hubs/jmte.cluster.yaml Outdated Show resolved Hide resolved
# we use the node label "k8s.dask.org/node-purpose: worker"
# specifically for enforce workers to schedule on such nodes.
#
traefik:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great! Let's figure a way out to move these to the base!

deployer/hub.py Outdated Show resolved Hide resolved
eksctl/eksctl-cluster-config.yaml Outdated Show resolved Hide resolved
eksctl/eksctl-cluster-config.yaml Show resolved Hide resolved
hub-templates/basehub/Chart.yaml Outdated Show resolved Hide resolved
hub-templates/daskhub/values.yaml Outdated Show resolved Hide resolved
@yuvipanda
Copy link
Member

@consideRatio if you'd like, we (or I?) can extract the parts of this PR that aren't related to JMTE and merge them separately.

@consideRatio
Copy link
Contributor Author

❤️ THANKS For your energy injection as usual @yuvipanda :) 🎉

Abolutely feel free to go for it! I didnt feel i had the time to prioritize any upstream PRs so i just just tried to make various PRs be commit like chunks.

@yuvipanda
Copy link
Member

I've #439 which pulls out commits from here for v1.0-bea bump

@consideRatio consideRatio force-pushed the pr/add-jmte-and-more branch from 203747e to 9c5e6ee Compare June 1, 2021 23:16
@consideRatio
Copy link
Contributor Author

I rebased on master that now includes some of the previous commits. I have no way of creating a kubeconfig that would be functional for more than ~1 day though so this is not something we can start deploying automatically yet.

This is related to #381 but a more extreme situation where the ~30 day manual update of kubeconfig isn't possible.

@damianavila
Copy link
Contributor

This is awesome work, Erik! Thanks for sharing it!

@yuvipanda
Copy link
Member

@consideRatio I extracted another individual commit from this - #455

@consideRatio consideRatio force-pushed the pr/add-jmte-and-more branch from a45e1fb to 06566f6 Compare July 10, 2021 21:17
@consideRatio
Copy link
Contributor Author

Rebased

I rebased this on current master before doing a redeploy, everything still works. I'm still running in a fork due to AWS permissions etc and to feel freedom to quickly adjust things based on needs.

@consideRatio
Copy link
Contributor Author

consideRatio commented Jul 10, 2021

UPDATE: See #502 about this comment.

Extending JMTE to use jupyterhub-ssh

If this was a custom deployment I'd manage myself, I'd have a meta helm chart and add another Helm chart to its dependency. I can do this here as well, but it would influence other Helm charts etc. An idea of what can be done is to use a dependency that is disabled by default via a condition set via values.

@2i2c-org/tech-team what do you think about me adding a opt-in Helm chart dependency to jupyterhub-ssh in the daskhub helm chart? Btw, it would also make sense to make the basehub helm chart have a opt-in dependency on the dask-gateway helm chart and just have a single meta chart instead of multiple.

Reference

@choldgraf
Copy link
Member

@consideRatio I'm not quite sure what are the implications of your suggestion...it also feels related to #502 right? Should we discuss and converge there? Or perhaps bring this up in a team meeting to brainstorm?

@consideRatio
Copy link
Contributor Author

consideRatio commented Jul 11, 2021

@choldgraf I'm not fully confident about the implications either - how will this influence 2i2c deployment logic etc? I think #502 has a quite clear idea that can be concretely evaluated for its implications.

The implications are not meant for the end users, but the 2i2c admins and those wanting to add more charts beyond z2jh and dask-gateway to their deployed 2i2c hub.

Should we discuss and converge there? Or perhaps bring this up in a team meeting to brainstorm?

Yes to discuss and converge there and yes to bringing this up in a team meeting to brainstorm! :)

@choldgraf
Copy link
Member

For sure - this feels very relevant to ones is the points that we discussed in the Pangeo collaboration meeting as well around allowing binder functionality to be a feature flag of jupyterhub https://discourse.pangeo.io/t/notes-from-the-pangeo-2i2c-kick-off-meeting/1587

As well as that team compass conversation in jupyterhub about multi application deployments

@consideRatio consideRatio force-pushed the pr/add-jmte-and-more branch 2 times, most recently from bba00ce to 30ea29b Compare July 23, 2021 09:28
yuvipanda added a commit to yuvipanda/pilot-hubs that referenced this pull request Jul 27, 2021
- Use jsonnet to generate the eksctl config YAML file.
  This reduces duplication a lot, and matches what we
  do with kops. We can easily set defaults, generate
  nodegroup names, and set cloud tags equivalent to our
  node labels / taints automatically.
- Install the cluster autoscaler as part of the support
  charts, since eksctl doesn't build that by default.
  It is turned off by default.
- No changes were needed for the hub configuration, which
  is great!

Inspired by 2i2c-org#436
yuvipanda added a commit to yuvipanda/pilot-hubs that referenced this pull request Jul 27, 2021
- Use jsonnet to generate the eksctl config YAML file.
  This reduces duplication a lot, and matches what we
  do with kops. We can easily set defaults, generate
  nodegroup names, and set cloud tags equivalent to our
  node labels / taints automatically.
- Install the cluster autoscaler as part of the support
  charts, since eksctl doesn't build that by default.
  It is turned off by default.
- No changes were needed for the hub configuration, which
  is great!

Inspired by 2i2c-org#436
yuvipanda added a commit to yuvipanda/pilot-hubs that referenced this pull request Jul 27, 2021
- Use jsonnet to generate the eksctl config YAML file.
  This reduces duplication a lot, and matches what we
  do with kops. We can easily set defaults, generate
  nodegroup names, and set cloud tags equivalent to our
  node labels / taints automatically.
- Install the cluster autoscaler as part of the support
  charts, since eksctl doesn't build that by default.
  It is turned off by default.
- No changes were needed for the hub configuration, which
  is great!

Inspired by 2i2c-org#436
@consideRatio consideRatio force-pushed the pr/add-jmte-and-more branch from 30ea29b to 75563e9 Compare July 28, 2021 06:36
yuvipanda added a commit to yuvipanda/pilot-hubs that referenced this pull request Aug 19, 2021
eksctl
[supports](https://eksctl.io/usage/iamserviceaccounts/#usage-with-config-files)
creating kubernetes service acocunts bound with
[IRSA](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html).
We create one with S3 access, and bind it to our notebook and dask
pods. This should give them full s3 access.

Remove separate eksctl cluster jsonnet object, since it was
not doing anything useful.

Stolen from 2i2c-org#436

Fixes 2i2c-org#492
@consideRatio
Copy link
Contributor Author

Ping @choldgraf - description updated with the concrete needs for this PR to get merged!

@github-actions
Copy link

github-actions bot commented Dec 18, 2022

Merging this PR will trigger the following deployment actions.

Support and Staging deployments

Cloud Provider Cluster Name Upgrade Support? Reason for Support Redeploy Upgrade Staging? Reason for Staging Redeploy
aws uwhackweeks No Yes Core infrastructure has been modified
kubeconfig utoronto No Yes Core infrastructure has been modified
aws 2i2c-aws-us No Yes Core infrastructure has been modified
gcp awi-ciroh No Yes Core infrastructure has been modified
gcp cloudbank No Yes Core infrastructure has been modified
aws carbonplan No Yes Core infrastructure has been modified
gcp pangeo-hubs No Yes Core infrastructure has been modified
gcp linked-earth No Yes Core infrastructure has been modified
gcp 2i2c No Yes Core infrastructure has been modified
gcp 2i2c-uk No Yes Core infrastructure has been modified
gcp meom-ige No Yes Core infrastructure has been modified
aws ubc-eoas No Yes Core infrastructure has been modified
aws nasa-cryo No Yes Core infrastructure has been modified
aws openscapes No Yes Core infrastructure has been modified
aws victor No Yes Core infrastructure has been modified
gcp callysto No Yes Core infrastructure has been modified
none jmte No Yes Core infrastructure has been modified
gcp m2lines No Yes Core infrastructure has been modified
gcp leap No Yes Core infrastructure has been modified
aws gridsst No Yes Core infrastructure has been modified

Production deployments

Cloud Provider Cluster Name Hub Name Reason for Redeploy
kubeconfig utoronto prod Core infrastructure has been modified
kubeconfig utoronto r-prod Core infrastructure has been modified
aws 2i2c-aws-us researchdelight Core infrastructure has been modified
gcp awi-ciroh prod Core infrastructure has been modified
gcp cloudbank ccsf Core infrastructure has been modified
gcp cloudbank csm Core infrastructure has been modified
gcp cloudbank elcamino Core infrastructure has been modified
gcp cloudbank glendale Core infrastructure has been modified
gcp cloudbank howard Core infrastructure has been modified
gcp cloudbank miracosta Core infrastructure has been modified
gcp cloudbank skyline Core infrastructure has been modified
gcp cloudbank demo Core infrastructure has been modified
gcp cloudbank fresno Core infrastructure has been modified
gcp cloudbank lassen Core infrastructure has been modified
gcp cloudbank sbcc Core infrastructure has been modified
gcp cloudbank lacc Core infrastructure has been modified
gcp cloudbank mills Core infrastructure has been modified
gcp cloudbank palomar Core infrastructure has been modified
gcp cloudbank pasadena Core infrastructure has been modified
gcp cloudbank sjcc Core infrastructure has been modified
gcp cloudbank tuskegee Core infrastructure has been modified
gcp cloudbank avc Core infrastructure has been modified
gcp cloudbank csu Core infrastructure has been modified
aws carbonplan prod Core infrastructure has been modified
gcp pangeo-hubs prod Core infrastructure has been modified
gcp linked-earth prod Core infrastructure has been modified
gcp 2i2c demo Core infrastructure has been modified
gcp 2i2c ohw Core infrastructure has been modified
gcp 2i2c pfw Core infrastructure has been modified
gcp 2i2c peddie Core infrastructure has been modified
gcp 2i2c catalyst-cooperative Core infrastructure has been modified
gcp 2i2c earthlab Core infrastructure has been modified
gcp 2i2c paleohack2021 Core infrastructure has been modified
gcp 2i2c aup Core infrastructure has been modified
gcp 2i2c temple Core infrastructure has been modified
gcp 2i2c ucmerced Core infrastructure has been modified
gcp 2i2c-uk lis Core infrastructure has been modified
gcp meom-ige prod Core infrastructure has been modified
gcp meom-ige drakkar-demo Core infrastructure has been modified
aws ubc-eoas prod Core infrastructure has been modified
aws nasa-cryo prod Core infrastructure has been modified
aws openscapes prod Core infrastructure has been modified
aws victor prod Core infrastructure has been modified
gcp callysto prod Core infrastructure has been modified
none jmte prod Core infrastructure has been modified
gcp m2lines prod Core infrastructure has been modified
gcp leap prod Core infrastructure has been modified
aws gridsst prod Core infrastructure has been modified

@yuvipanda
Copy link
Member

This has been subsumed into our infrastructure now (#2201), except for the SFTP part (#2208). With gratitude to @consideRatio, I close this PR!

@yuvipanda yuvipanda closed this Apr 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
No open projects
Status: Done 🎉
Development

Successfully merging this pull request may close these issues.

5 participants