Skip to content

Commit

Permalink
update marketplace UI and add cluster creation flow
Browse files Browse the repository at this point in the history
  • Loading branch information
@umeshkumhar
umeshkumhar committed Mar 8, 2024
1 parent 775407b commit b31207f
Show file tree
Hide file tree
Showing 16 changed files with 678 additions and 129 deletions.
48 changes: 39 additions & 9 deletions applications/jupyter/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,20 +25,47 @@ data "google_project" "project" {
project_id = var.project_id
}

module "infra" {
source = "../../infrastructure"
count = var.create_cluster ? 1 : 0

project_id = var.project_id
cluster_name = var.cluster_name
cluster_location = var.cluster_location
autopilot_cluster = var.autopilot_cluster
private_cluster = var.private_cluster
create_network = false
network_name = "default"
subnetwork_name = "default"
cpu_pools = var.cpu_pools
enable_gpu = false
}

data "google_container_cluster" "default" {
count = var.create_cluster ? 0 : 1
name = var.cluster_name
location = var.cluster_location
}

locals {
private_cluster = data.google_container_cluster.default.private_cluster_config.0.enable_private_endpoint
endpoint = var.create_cluster ? "https://${module.infra[0].endpoint}" : "https://${data.google_container_cluster.default[0].endpoint}"
ca_certificate = var.create_cluster ? base64decode(module.infra[0].ca_certificate) : base64decode(data.google_container_cluster.default[0].master_auth[0].cluster_ca_certificate)
private_cluster = var.create_cluster ? var.private_cluster : data.google_container_cluster.default[0].private_cluster_config.0.enable_private_endpoint
cluster_membership_id = var.cluster_membership_id == "" ? var.cluster_name : var.cluster_membership_id
enable_autopilot = var.create_cluster ? var.autopilot_cluster : data.google_container_cluster.default[0].enable_autopilot
enable_tpu = var.create_cluster ? true : data.google_container_cluster.default[0].enable_tpu
host = local.private_cluster ? "https://connectgateway.googleapis.com/v1/projects/${data.google_project.project.number}/locations/${var.cluster_location}/gkeMemberships/${local.cluster_membership_id}" : local.endpoint
}

locals {
workload_identity_service_account = var.goog_cm_deployment_name != "" ? "${var.goog_cm_deployment_name}-${var.workload_identity_service_account}" : var.workload_identity_service_account
}

provider "kubernetes" {
host = local.private_cluster ? "https://connectgateway.googleapis.com/v1/projects/${data.google_project.project.number}/locations/${var.cluster_location}/gkeMemberships/${local.cluster_membership_id}" : "https://${data.google_container_cluster.default.endpoint}"
alias = "jupyter"
host = local.host
token = data.google_client_config.default.access_token
cluster_ca_certificate = local.private_cluster ? "" : base64decode(data.google_container_cluster.default.master_auth[0].cluster_ca_certificate)
cluster_ca_certificate = local.private_cluster ? "" : local.ca_certificate
dynamic "exec" {
for_each = local.private_cluster ? [1] : []
content {
Expand All @@ -49,10 +76,11 @@ provider "kubernetes" {
}

provider "helm" {
alias = "jupyter"
kubernetes {
host = local.private_cluster ? "https://connectgateway.googleapis.com/v1/projects/${data.google_project.project.number}/locations/${var.cluster_location}/gkeMemberships/${local.cluster_membership_id}" : "https://${data.google_container_cluster.default.endpoint}"
host = local.host
token = data.google_client_config.default.access_token
cluster_ca_certificate = local.private_cluster ? "" : base64decode(data.google_container_cluster.default.master_auth[0].cluster_ca_certificate)
cluster_ca_certificate = local.private_cluster ? "" : local.ca_certificate
dynamic "exec" {
for_each = local.private_cluster ? [1] : []
content {
Expand All @@ -73,7 +101,8 @@ module "gcs" {
# create namespace
module "namespace" {
source = "../../modules/kubernetes-namespace"
namespace = var.namespace
providers = { helm = helm.jupyter }
namespace = var.kubernetes_namespace
create_namespace = true
}

Expand All @@ -90,11 +119,12 @@ resource "google_project_service" "project_service" {
# Creates jupyterhub
module "jupyterhub" {
source = "../../modules/jupyter"
providers = { helm = helm.jupyter, kubernetes = kubernetes.jupyter }
project_id = var.project_id
namespace = var.namespace
workload_identity_service_account = var.workload_identity_service_account
namespace = var.kubernetes_namespace
workload_identity_service_account = local.workload_identity_service_account
gcs_bucket = var.gcs_bucket
autopilot_cluster = data.google_container_cluster.default.enable_autopilot
autopilot_cluster = local.enable_autopilot

# IAP Auth parameters
add_auth = var.add_auth
Expand Down
119 changes: 76 additions & 43 deletions applications/jupyter/metadata.display.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,45 +30,72 @@ spec:
ui:
input:
variables:
cluster_name:
name: cluster_name
title: Cluster Name
autopilot_cluster:
name: autopilot_cluster
title: GKE Cluster Type
section: cluster_details
xGoogleProperty:
type: ET_GKE_CLUSTER
gkeCluster:
clusterCreationVariable: create_cluster
locationVariable: cluster_location
enumValueLabels:
- label: Autopilot Cluster
value: "true"
- label: Standard Cluster
value: "false"
cluster_location:
name: cluster_location
title: Cluster Location
section: cluster_details
xGoogleProperty:
type: ET_GCE_REGION
type: ET_GCE_LOCATION
cluster_membership_id:
name: cluster_membership_id
title: Cluster Membership Id
section: cluster_details
invisible: true
default_backend_service:
name: default_backend_service
title: Default Backend Service
section: jupyterhub
section: cluster_details
cluster_name:
name: cluster_name
title: Cluster Name
section: cluster_details
xGoogleProperty:
type: ET_GKE_CLUSTER
gkeCluster:
locationVariable: cluster_location
clusterCreationVariable: create_cluster
create_cluster:
name: create_cluster
title: Create GKE Cluster
section: cluster_details
xGoogleProperty:
type: ET_CREATE_RESOURCE
create_gcs_bucket:
name: create_gcs_bucket
title: Create Gcs Bucket
invisible: true
workload_identity_service_account:
name: workload_identity_service_account
title: GCP Workload Identity Service Account
section: jupyterhub
gcs_bucket:
name: gcs_bucket
title: GCS Bucket
section: jupyterhub
section: jupyterhub
xGoogleProperty:
type: ET_GCS_BUCKET
namespace:
name: namespace
type: ET_GCS_BUCKET
goog_cm_deployment_name:
name: goog_cm_deployment_name
title: Goog Cm Deployment Name
kubernetes_namespace:
name: kubernetes_namespace
title: Kubernetes Namespace
section: cluster_details
private_cluster:
name: private_cluster
title: Private Cluster
invisible: true
section: cluster_details
project_id:
name: project_id
title: Project Id
invisible: true
workload_identity_service_account:
name: workload_identity_service_account
title: GCP Workload Identity Service Account
section: jupyterhub
invisible: true
add_auth:
name: add_auth
title: Enable IAP Authentication
Expand All @@ -90,12 +117,24 @@ spec:
level: 1
client_secret:
name: client_secret
title: Client Secret
section: iap_auth
level: 1
service_name:
name: service_name
title: Service Name
title: Client Secret
section: iap_auth
level: 1
k8s_backend_config_name:
name: k8s_backend_config_name
title: K8s Backend Config Name
section: iap_auth
invisible: true
level: 1
k8s_backend_service_name:
name: k8s_backend_service_name
title: K8s Backend Service Name
section: iap_auth
invisible: true
level: 1
k8s_ingress_name:
name: k8s_ingress_name
title: K8s Ingress Name
section: iap_auth
invisible: true
level: 1
Expand All @@ -114,10 +153,6 @@ spec:
title: Members Allowlist
section: iap_auth
level: 1
project_id:
name: project_id
title: Project Id
invisible: true
sections:
- name: cluster_details
title: Cluster Details
Expand All @@ -126,16 +161,14 @@ spec:
title: JupyterHub Application
- name: iap_auth
title: JupyterHub IAP Authentication
#subtext: Provide IAP details
runtime:
outputMessage: Deployment can take several minutes to complete.
suggestedActions:
outputMessage: Deployment can take several minutes to complete.
suggestedActions:
- heading: No external IP configured
description: "The application has been configured with no external IP or domain."
outputs:
jupyterhub_uri:
open_in_new_tab: true
show_in_notification: true
label: "Go to Jupyter Application"
jupyterhub_password: {}

description: The application has been configured with no external IP or domain.
outputs:
jupyterhub_password: {}
jupyterhub_uri:
openInNewTab: true
showInNotification: true
label: Go to Jupyter Application
71 changes: 50 additions & 21 deletions applications/jupyter/metadata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ spec:
dir: /applications/jupyter
actuationTool:
flavor: Terraform
version: ">= 1.5"
description: {}
content: {}
interfaces:
Expand All @@ -38,10 +37,13 @@ spec:
description: Enable iap authentication on jupyterhub
varType: bool
defaultValue: false
- name: autopilot_cluster
varType: string
defaultValue: "false"
- name: brand
description: name of the brand if there isn't already on the project. If there is already a brand for your project, please leave it blank and empty
varType: string
defaultValue: "projects/<prj-number>/brands/<prj-number>"
defaultValue: ""
- name: client_id
description: Client ID used for enabling IAP
varType: string
Expand All @@ -60,37 +62,61 @@ spec:
- name: cluster_name
varType: string
required: true
- name: default_backend_service
varType: string
defaultValue: proxy-public
- name: workload_identity_service_account
description: Workload Identity Service Account
varType: string
required: true
defaultValue: "jupyter-service-account"
- name: create_cluster
varType: bool
defaultValue: false
- name: create_gcs_bucket
description: Enable flag to create gcs_bucket
varType: bool
defaultValue: false
- name: gcs_bucket
description: GCS bucket to mount on the notebook via GCSFuse and CSI
varType: string
required: true
- name: members_allowlist
- name: goog_cm_deployment_name
varType: string
defaultValue: ""
- name: k8s_backend_config_name
description: Name of the Backend Config on GCP
varType: string
defaultValue: jupyter-iap-config
- name: k8s_backend_service_name
description: Name of the Backend Config on GCP, this is defined by Jupyter hub
varType: string
defaultValue: "allAuthenticatedUsers"
- name: namespace
defaultValue: proxy-public
- name: k8s_backend_service_port
description: Name of the Backend Service on GCP
varType: number
defaultValue: 80
- name: k8s_iap_secret_name
varType: string
defaultValue: jupyter-secret
- name: k8s_ingress_name
varType: string
defaultValue: jupyter-ingress
- name: k8s_managed_cert_name
description: Name for frontend managed certificate
varType: string
defaultValue: jupyter-managed-cert
- name: kubernetes_namespace
description: Kubernetes namespace where resources are deployed
varType: string
required: true
defaultValue: "ai-on-gke"
defaultValue: ai-on-gke
- name: members_allowlist
varType: list(string)
defaultValue: []
- name: private_cluster
varType: bool
defaultValue: false
- name: project_id
description: GCP project id
varType: string
required: true
- name: service_name
description: Name of the BackendConfig Service on GCP
varType: string
defaultValue: iap-config-default
- name: support_email
description: Email for users to contact with questions about their consent
varType: string
defaultValue: ""
- name: url_domain_addr
description: Domain provided by the user. If it's empty, we will create one for you.
varType: string
Expand All @@ -99,8 +125,11 @@ spec:
description: Name of the domain provided by the user. This var will only be used if url_domain_addr is not empty
varType: string
defaultValue: ""
- name: workload_identity_service_account
description: workload identity service account
varType: string
required: true
defaultValue: jupyter-service-account
outputs:
- name: jupyterhub_uri
description: Domain name to access deployment.
- name: jupyterhub_password
description: Sensitive login password for application
- name: jupyterhub_uri
Loading

0 comments on commit b31207f

Please sign in to comment.