forked from jupyterhub/zero-to-jupyterhub-k8s
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request jupyterhub#35 from data-8/helm
Add Helm
- Loading branch information
Showing
14 changed files
with
324 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v1 | ||
description: UC Berkeley data8's version of jupyterhub. | ||
name: data8-jhub | ||
version: 0.1.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v1 | ||
description: Culler for jupyterhub | ||
name: jhubcull | ||
version: 0.1.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
Thank you for installing {{.Chart.Name}}. This chart is a culler for jhub that kills idle notebooks. The chart contains a single deployment with a single pod that uses the jupyterhub api to cull idle notebooks. | ||
|
||
Your release is named {{ .Release.Name }}. | ||
|
||
To learn more about the release, try: | ||
|
||
$ helm status {{ .Release.Name }} | ||
$ helm get {{ .Release.Name }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
{{/* vim: set filetype=mustache: */}} | ||
{{/* | ||
Expand the name of the chart. | ||
*/}} | ||
{{- define "name" -}} | ||
{{- default .Chart.Name .Values.nameOverride | trunc 24 -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Create a default fully qualified app name. | ||
We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
*/}} | ||
{{- define "fullname" -}} | ||
{{- $name := default .Chart.Name .Values.nameOverride -}} | ||
{{- printf "%s-%s" .Release.Name $name | trunc 24 -}} | ||
{{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
kind: ConfigMap | ||
apiVersion: v1 | ||
metadata: | ||
name: cull-config | ||
data: | ||
auth.jhub-token.cull: {{.Values.secrets.jhubApiToken | quote}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
apiVersion: extensions/v1beta1 | ||
kind: Deployment | ||
metadata: | ||
name: cull-deployment | ||
labels: | ||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" | ||
spec: | ||
replicas: {{ .Values.replicaCount }} | ||
template: | ||
metadata: | ||
labels: | ||
name: cull-pod | ||
spec: | ||
containers: | ||
- name: cull-container | ||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" | ||
command: | ||
- /bin/sh | ||
- -c | ||
args: ['python /srv/cull/cull_idle_servers.py --timeout={{ .Values.cull_timeout }} --cull_every={{ .Values.cull_every }} --url=http://${HUB_SERVICE_HOST}:${HUB_SERVICE_PORT}/hub'] | ||
env: | ||
- name: JPY_API_TOKEN | ||
valueFrom: | ||
configMapKeyRef: | ||
name: hub-config | ||
key: auth.jhub-token.cull |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
# Default values for jhubcull. | ||
# This is a YAML-formatted file. | ||
# Declare variables to be passed into your templates. | ||
replicaCount: 1 | ||
cull_timeout: 3600 | ||
cull_every: 600 | ||
image: | ||
repository: data8/jupyterhub-k8s-cull | ||
tag: master |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
Thank you for installing {{.Chart.Name}}. Your release is named {{ .Release.Name }}. | ||
|
||
This chart is UC Berkeley data8's version of jupyterhub. | ||
|
||
To learn more about the release, try: | ||
|
||
$ helm status {{ .Release.Name }} | ||
$ helm get {{ .Release.Name }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
{{/* vim: set filetype=mustache: */}} | ||
{{/* | ||
Expand the name of the chart. | ||
*/}} | ||
{{- define "name" -}} | ||
{{- default .Chart.Name .Values.nameOverride | trunc 24 -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Create a default fully qualified app name. | ||
We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
*/}} | ||
{{- define "fullname" -}} | ||
{{- $name := default .Chart.Name .Values.nameOverride -}} | ||
{{- printf "%s-%s" .Release.Name $name | trunc 24 -}} | ||
{{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
kind: ConfigMap | ||
apiVersion: v1 | ||
metadata: | ||
name: hub-config | ||
data: | ||
auth.jhub-token.proxy: {{.Values.secrets.jhubTokenProxy | quote}} | ||
oauth.client-id.google: {{.Values.secrets.clientIdGoogle | quote}} | ||
oauth.client-secret.google: {{.Values.secrets.clientSecretGoogle | quote}} | ||
auth.jhub-token.cull: {{.Values.jhubcull.secrets.jhubApiToken | quote}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,151 @@ | ||
# | ||
# We are using a GCE disk as persistent storage for the Hub | ||
# and for each individual user node. | ||
# | ||
# A volume for the hub is automatically provisioned b/c its pvc | ||
# is using a storage class. There is no need to manually provision | ||
# any disks on the cluster. | ||
# | ||
# When a single user pod is spun up, a corresponding pvc is | ||
# dynamically provisioned by kubespawner. If a pvc for that user | ||
# already exists, the pod mounts to the existing pvc. | ||
# | ||
|
||
kind: StorageClass | ||
apiVersion: storage.k8s.io/v1beta1 | ||
metadata: | ||
name: gce-standard-storage | ||
provisioner: kubernetes.io/gce-pd | ||
parameters: | ||
type: pd-standard | ||
zone: us-central1-a | ||
--- | ||
kind: PersistentVolumeClaim | ||
apiVersion: v1 | ||
metadata: | ||
name: data8-workdir | ||
annotations: | ||
volume.beta.kubernetes.io/storage-class: gce-standard-storage | ||
spec: | ||
accessModes: | ||
- ReadWriteOnce | ||
resources: | ||
requests: | ||
storage: 10Gi | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: proxy-api | ||
spec: | ||
selector: | ||
name: proxy-pod | ||
ports: | ||
- protocol: TCP | ||
port: 8001 | ||
targetPort: 8001 | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: proxy-public | ||
spec: | ||
type: LoadBalancer | ||
selector: | ||
name: proxy-pod | ||
ports: | ||
- protocol: TCP | ||
port: 80 | ||
targetPort: 8000 | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: hub | ||
spec: | ||
selector: | ||
name: hub-pod | ||
ports: | ||
- protocol: TCP | ||
port: 8081 | ||
targetPort: 8081 | ||
--- | ||
apiVersion: extensions/v1beta1 | ||
kind: Deployment | ||
metadata: | ||
name: hub-deployment | ||
spec: | ||
replicas: 1 | ||
template: | ||
metadata: | ||
labels: | ||
name: hub-pod | ||
spec: | ||
volumes: | ||
- name: data8-workdir-volume | ||
persistentVolumeClaim: | ||
claimName: data8-workdir | ||
containers: | ||
- name: hub-container | ||
image: data8/jupyterhub-k8s-hub:master | ||
imagePullPolicy: Always | ||
volumeMounts: | ||
- mountPath: /srv/jupyterhub | ||
name: data8-workdir-volume | ||
env: | ||
- name: POD_NAMESPACE | ||
valueFrom: | ||
fieldRef: | ||
fieldPath: metadata.namespace | ||
- name: CULL_JHUB_TOKEN | ||
valueFrom: | ||
configMapKeyRef: | ||
name: hub-config | ||
key: auth.jhub-token.cull | ||
- name: CONFIGPROXY_AUTH_TOKEN | ||
valueFrom: | ||
configMapKeyRef: | ||
name: hub-config | ||
key: auth.jhub-token.proxy | ||
- name: GOOGLE_OAUTH_CLIENT_ID | ||
valueFrom: | ||
configMapKeyRef: | ||
name: hub-config | ||
key: oauth.client-id.google | ||
- name: GOOGLE_OAUTH_CLIENT_SECRET | ||
valueFrom: | ||
configMapKeyRef: | ||
name: hub-config | ||
key: oauth.client-secret.google | ||
- name: OAUTH_CALLBACK_URL | ||
value: "{{ .Values.oauthCallbackUrl }}" | ||
ports: | ||
- containerPort: 8081 | ||
name: hub | ||
--- | ||
apiVersion: extensions/v1beta1 | ||
kind: Deployment | ||
metadata: | ||
name: proxy-deployment | ||
spec: | ||
replicas: 1 | ||
template: | ||
metadata: | ||
labels: | ||
name: proxy-pod | ||
spec: | ||
containers: | ||
- name: proxy-container | ||
image: yuvipanda/nchp:v1 | ||
env: | ||
- name: CONFIGPROXY_AUTH_TOKEN | ||
valueFrom: | ||
configMapKeyRef: | ||
name: hub-config | ||
key: auth.jhub-token.proxy | ||
ports: | ||
- containerPort: 8000 | ||
name: proxy-public | ||
- containerPort: 8001 | ||
name: api | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
# Default values for jupyterhub-k8s. | ||
# This is a YAML-formatted file. | ||
# Declare variables to be passed into your templates. | ||
replicaCount: 1 | ||
oauthCallbackUrl: http://derrick-jhub.calblueprint.org/hub/oauth_callback | ||
image: | ||
repository: data8/jupyterhub-k8s-hub | ||
tag: master | ||
pullPolicy: IfNotPresent | ||
|
||
# TODO: Make this secure | ||
secrets: | ||
# Used to authenticate the hub to the proxy. This string was generated with `pwgen 64`. | ||
# Please generate a new one for your own deployment! | ||
jhubTokenProxy: "Kev4Shai9phai0Eez2aiyaefaepheutei3baehaiseipheef1Ah2cah4xeaquohr" | ||
|
||
# Add in oauth secrets! These are gonna get invalidated soon because we | ||
# already accidentally exposed them so yolo | ||
clientIdGoogle: "92948014362-c7jc8k20co1e4eqmg8095818htadijat.apps.googleusercontent.com" | ||
clientSecretGoogle: "BabUWSqHd4ZekBqiaur4S1cm" | ||
|
||
jhubcull: | ||
secrets: | ||
# Used to authenticate the culler to the hub. This string was generated with `openssl rand -hex 32`. | ||
jhubApiToken: "13fdff1305cd883e49223908186a63294922dadb59b5d1122473041f160c4b03" |