Add jackeddy hub #3255
Add jackeddy hub #3255
Conversation
|
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# google_container_node_pool.notebook["jackeddy"] will be created
+ resource "google_container_node_pool" "notebook" {
+ cluster = "pilot-hubs-cluster"
+ id = (known after apply)
+ initial_node_count = 0
+ instance_group_urls = (known after apply)
+ location = "us-central1-b"
+ managed_instance_group_urls = (known after apply)
+ max_pods_per_node = (known after apply)
+ name = "nb-jackeddy"
+ name_prefix = (known after apply)
+ node_count = (known after apply)
+ node_locations = (known after apply)
+ operation = (known after apply)
+ project = "two-eye-two-see"
+ version = "1.26.4-gke.1400"
+ autoscaling {
+ location_policy = (known after apply)
+ max_node_count = 100
+ min_node_count = 0
}
+ management {
+ auto_repair = true
+ auto_upgrade = false
}
+ node_config {
+ disk_size_gb = (known after apply)
+ disk_type = "pd-balanced"
+ guest_accelerator = (known after apply)
+ image_type = (known after apply)
+ labels = {
+ "2i2c.org/community" = "jackeddy"
+ "hub.jupyter.org/node-purpose" = "user"
+ "k8s.dask.org/node-purpose" = "scheduler"
}
+ local_ssd_count = (known after apply)
+ logging_variant = "DEFAULT"
+ machine_type = "n2-highmem-16"
+ metadata = (known after apply)
+ min_cpu_platform = (known after apply)
+ oauth_scopes = [
+ "https://www.googleapis.com/auth/cloud-platform",
]
+ preemptible = false
+ resource_labels = {
+ "community" = "jackeddy"
}
+ service_account = "pilot-hubs-cluster-sa@two-eye-two-see.iam.gserviceaccount.com"
+ spot = false
+ tags = []
+ taint = [
+ {
+ effect = "NO_SCHEDULE"
+ key = "hub.jupyter.org_dedicated"
+ value = "user"
},
+ {
+ effect = "NO_SCHEDULE"
+ key = "2i2c.org/community"
+ value = "jackeddy"
},
]
+ workload_metadata_config {
+ mode = "GKE_METADATA"
}
}
}
# google_project_iam_member.requestor_pays_binding["jackeddy"] will be created
+ resource "google_project_iam_member" "requestor_pays_binding" {
+ etag = (known after apply)
+ id = (known after apply)
+ member = (known after apply)
+ project = "two-eye-two-see"
+ role = "projects/two-eye-two-see/roles/pilot_hubs_requestor_pays"
}
# google_service_account.workload_sa["jackeddy"] will be created
+ resource "google_service_account" "workload_sa" {
+ account_id = "pilot-hubs-jackeddy"
+ disabled = false
+ display_name = "Service account for user pods in hub jackeddy in pilot-hubs"
+ email = (known after apply)
+ id = (known after apply)
+ member = (known after apply)
+ name = (known after apply)
+ project = "two-eye-two-see"
+ unique_id = (known after apply)
}
# google_service_account_iam_binding.workload_identity_binding["jackeddy"] will be created
+ resource "google_service_account_iam_binding" "workload_identity_binding" {
+ etag = (known after apply)
+ id = (known after apply)
+ members = [
+ "serviceAccount:two-eye-two-see.svc.id.goog[jackeddy/user-sa]",
]
+ role = "roles/iam.workloadIdentityUser"
+ service_account_id = (known after apply)
}
# google_storage_bucket.user_buckets["jackeddy-scratch"] will be created
+ resource "google_storage_bucket" "user_buckets" {
+ force_destroy = false
+ id = (known after apply)
+ labels = (known after apply)
+ location = "US-CENTRAL1"
+ name = "pilot-hubs-jackeddy-scratch"
+ project = "two-eye-two-see"
+ public_access_prevention = (known after apply)
+ self_link = (known after apply)
+ storage_class = "STANDARD"
+ uniform_bucket_level_access = (known after apply)
+ url = (known after apply)
+ lifecycle_rule {
+ action {
+ type = "Delete"
}
+ condition {
+ age = 7
+ matches_prefix = []
+ matches_storage_class = []
+ matches_suffix = []
+ with_state = (known after apply)
}
}
}
# google_storage_bucket_iam_member.member["jackeddy.jackeddy-scratch"] will be created
+ resource "google_storage_bucket_iam_member" "member" {
+ bucket = "pilot-hubs-jackeddy-scratch"
+ etag = (known after apply)
+ id = (known after apply)
+ member = (known after apply)
+ role = "roles/storage.admin"
}
Plan: 6 to add, 0 to change, 0 to destroy.
Changes to Outputs:
~ buckets = {
+ jackeddy-scratch = "pilot-hubs-jackeddy-scratch"
}
~ kubernetes_sa_annotations = {
+ jackeddy = (known after apply)
# (3 unchanged attributes hidden)
} |
|
Merging this PR will trigger the following deployment actions. Support and Staging deployments
Production deployments
|
| name: quay.io/2i2c/unlisted-choice-experiment | ||
| tag: "0.0.1-0.dev.git.7130.h0bdc2d30" |
There was a problem hiding this comment.
Wondering if we should use the quay.io/2i2c/dynamic-image-building-experiment image instead to get the new UI 🤔
@yuvipanda, what do you think?
There was a problem hiding this comment.
Currenlty the dynamic-image-building-experiment are the same as the default image, because both have modern 6.1.0 version of kubespawner with all relevant features. Or wait - is this for unlisted_choice? That is the feature I figure we need at least.
There was a problem hiding this comment.
Ah, yes, you're right and we have unlisted choice with latest z2jh chart <3.
The extra in dynamic-image-building-experiment is the fancy profile I believe:
There was a problem hiding this comment.
@consideRatio, so you would say no to enabling the fancy spawner profile options for this hub?
There was a problem hiding this comment.
I didn't mean to opine about the use of fancy profiles - I've not caught up on that developments and the feature implications - if you think it should be enabled go for it!
I was only thinking that we should support unlisted_choice, which previously required a specific hub image, but it doesn't any more.
There was a problem hiding this comment.
Just to catch up, unfortunately I don't think fancy profiles should be enabled anywhere quite yet @GeorgianaElena. Hopefully later this quarter.
…ge as the hub image used
Co-authored-by: Erik Sundell <erik.i.sundell@gmail.com>
Co-authored-by: Erik Sundell <erik.i.sundell@gmail.com>
GeorgianaElena
force-pushed
the
jackeddy-hub
branch
from
c264595
to
9dcb831
Compare
|
Thanks @consideRatio! I've terraform applied succesfully and going for a merge now. |
|
🎉🎉🎉🎉 Monitor the deployment of the hubs here 👉 https://github.com/2i2c-org/infrastructure/actions/runs/6494605290 |
|
Thank you for working this @GeorgianaElena!!! |
For #3166
It enables the same features the previous hub from #1466 had +
unlisted_choiceand node sharing.Note, that out of curiosity, I tried to link each "not-standard" config I found there to the engineering docs that explain them. This is why, there are some fixme comments and links to infra docs.
The documented features this hub has:
Identified as not documented on the infra docs
custom_htmlfeature from Allow for multiple separate links via custom_html default-hub-homepage#25Re-use
enc-jackeddy.secret.values.yaml