From 9a3c6a7d5ed1a7b212ddfe79945a23ac14a68467 Mon Sep 17 00:00:00 2001 From: Chris Scott Date: Fri, 26 Apr 2024 12:05:59 +1200 Subject: [PATCH] rearrange vars file --- deployment-checklist.md | 4 +- terraform/terraform.tfvars | 5 +- vars/ondemand-config.yml.example | 151 +++++++++++++++++++------------ 3 files changed, 100 insertions(+), 60 deletions(-) diff --git a/deployment-checklist.md b/deployment-checklist.md index 6629548..a6d536d 100644 --- a/deployment-checklist.md +++ b/deployment-checklist.md @@ -6,8 +6,8 @@ In *vars/ondemand-config.yml.example*: - adjust `ood_apps` - check `version` and `k8s_container` - enable required apps - - set which images to pre-pull -- set `enable_pod_prepull` if desired (should default to on probably) + - set which images to pre-pull (don't choose too many, we have limited space currently on the worker nodes and pre-pulling will fail if you exhaust it) +- set `enable_pod_prepull` if desired (should default to on probably, sometimes we have experience really slow pulls, this helps with that) - set `control_plane_flavor`, usually to `balanced1.4cpu8ram` for production - set `cluster_worker_count` and `worker_flavor` to have enough capacity for the number of users diff --git a/terraform/terraform.tfvars b/terraform/terraform.tfvars index 27e700c..addbd5d 100644 --- a/terraform/terraform.tfvars +++ b/terraform/terraform.tfvars @@ -1,6 +1,7 @@ # flavours: -# - 4cpu8ram: e07cfee1-43af-4bf6-baac-3bdf7c1b88f8 -# - 8cpu16ram: 2d02e6a4-3937-4ed3-951a-8e27867ff53e +# - 4cpu8ram: e07cfee1-43af-4bf6-baac-3bdf7c1b88f8 (usually used for testing) +# - 8cpu16ram: 2d02e6a4-3937-4ed3-951a-8e27867ff53e (usually used for +# production, should be good for up to around 40-50 users) # - 16cpu32ram: 674fa81a-69c7-4bf7-b3a9-59989fb63618 services_flavor_id = "e07cfee1-43af-4bf6-baac-3bdf7c1b88f8" diff --git a/vars/ondemand-config.yml.example b/vars/ondemand-config.yml.example index 192908f..26e45a9 100644 --- a/vars/ondemand-config.yml.example +++ b/vars/ondemand-config.yml.example @@ -1,4 +1,99 @@ --- +# paramaters you are most likely to want to change are in this top section + +# number of training users +num_users_create: 6 +# number of trainer users +num_trainers_create: 3 + +# control plane flavour, usually set to +# - "balanced1.2cpu4ram" for testing +# - "balanced1.4cpu8ram" for production +control_plane_flavor: balanced1.2cpu4ram + +# You must have enough worker resources to accommodate the number of users. +# Currently all apps are limited to 2cpu4ram (although this may change). +# You cannot allocate the full ram on a worker node, for example we could fit +# 15x 2cpu4ram sessions on a balanced1.32cpu64ram node. It is recommended to +# use a small number of large worker nodes to avoid repeated wasting of the +# overhead, e.g. +# - 2x balanced1.32cpu64ram for up to 30 2cpu4ram sessions +# - 3x balanced1.32cpu64ram for up to 45 2cpu4ram sessions +cluster_worker_count: 1 +worker_flavour: balanced1.8cpu16ram + +# apps config +# - `k8s_container` should be the container that will be used by the app, usually +# defined in setup.yml in the git repo +# - `repo` is the git repo for the app, use the HTTPS address not the SSH one +# - `version` is the git tag (or commit hash) for the git `repo` +# - `enabled` apps will show up in open ondemand +# - `pre_pull` will pull (and cache) the `k8s_container` image on all worker +# nodes, so starting those apps will be much faster (`enable_pod_pre_pull` +# must also be true) +# +# NOTE: at this time the k8s nodes only have 30GB disk space, do not set all +# images to pre_pull otherwise the pre-puller will fail, just pick the +# one you are actually going to use +# +# NOTE2: it is recommended to leave the containers app disabled unless you are +# using it, since it only works properly in privileged mode (which is +# recommended to be turned off unless using the containers app) +ood_apps: + jupyter_ml101: + k8s_container: ghcr.io/nesi/training-environment-jupyter-ml101-app:v0.2.2 + repo: https://github.com/nesi/training-environment-jupyter-ml101-app.git + version: 'v0.2.2' + enabled: true + pre_pull: false + + jupyter_ml102: + k8s_container: ghcr.io/nesi/training-environment-jupyter-ml102-app:v0.2.0 + repo: https://github.com/nesi/training-environment-jupyter-ml102-app.git + version: 'v0.2.0' + enabled: true + pre_pull: false + + rstudio_rnaseq: + k8s_container: ghcr.io/nesi/training-environment-rstudio-rnaseq-app:v0.2.2 + repo: https://github.com/nesi/training-environment-rstudio-rnaseq-app.git + version: 'v0.2.2' + enabled: true + pre_pull: false + + rstudio: + k8s_container: ghcr.io/nesi/training-environment-rstudio-app:v0.3.0 + repo: https://github.com/nesi/training-environment-rstudio-app.git + version: 'v0.3.0' + enabled: true + pre_pull: false + + shell4b: + k8s_container: ghcr.io/nesi/training-environment-jupyter-intermediate-shell-app:v0.3.3 + repo: https://github.com/nesi/training-environment-jupyter-intermediate-shell-app.git + version: 'v0.3.3' + enabled: true + pre_pull: false + + containers: + k8s_container: ghcr.io/nesi/training-environment-jupyter-containers-app:v0.1.0 + repo: https://github.com/nesi/training-environment-jupyter-containers-app.git + version: 'v0.1.0' + enabled: false + pre_pull: false + +# this is currently required for containers app to run properly (fakeroot) +# Note: you should probably set to false unless you are running a containers workshop +enable_privileged_pods: false + +# pull the images defined in ood_apps onto all k8s worker nodes +# Note: make sure the worker nodes have enough disk space (especially if many apps are enabled) +enable_pod_pre_pull: false + +############################################################################### +# variables below this line should not usually need to be changed +############################################################################### + keycloak_admin_password: "CHANGEME_KEYCLOAK_ADMIN_PASSWORD" ldap_admin_password: "CHANGEME_LDAP_ADMIN_PASSWORD" @@ -10,10 +105,6 @@ clouds_yaml_local_location: ~/.config/openstack/clouds.yaml cluster_rdc_project: NeSI-Training-Test -# number of users -num_users_create: 6 -num_trainers_create: 3 - # authentication settings oidc_uri: "/oidc" oidc_settings_samefile: true @@ -77,58 +168,6 @@ clusters: strict_host_checking: false tmux_bin: /usr/bin/tmux -# apps config -ood_apps: - jupyter_ml101: - k8s_container: ghcr.io/nesi/training-environment-jupyter-ml101-app:v0.2.2 - repo: https://github.com/nesi/training-environment-jupyter-ml101-app.git - version: 'v0.2.2' - enabled: true - pre_pull: false - - jupyter_ml102: - k8s_container: ghcr.io/nesi/training-environment-jupyter-ml102-app:v0.2.0 - repo: https://github.com/nesi/training-environment-jupyter-ml102-app.git - version: 'v0.2.0' - enabled: true - pre_pull: false - - rstudio_rnaseq: - k8s_container: ghcr.io/nesi/training-environment-rstudio-rnaseq-app:v0.2.2 - repo: https://github.com/nesi/training-environment-rstudio-rnaseq-app.git - version: 'v0.2.2' - enabled: true - pre_pull: false - - rstudio: - k8s_container: ghcr.io/nesi/training-environment-rstudio-app:v0.3.0 - repo: https://github.com/nesi/training-environment-rstudio-app.git - version: 'v0.3.0' - enabled: true - pre_pull: false - - shell4b: - k8s_container: ghcr.io/nesi/training-environment-jupyter-intermediate-shell-app:v0.3.3 - repo: https://github.com/nesi/training-environment-jupyter-intermediate-shell-app.git - version: 'v0.3.3' - enabled: true - pre_pull: false - - containers: - k8s_container: ghcr.io/nesi/training-environment-jupyter-containers-app:v0.1.0 - repo: https://github.com/nesi/training-environment-jupyter-containers-app.git - version: 'v0.1.0' - enabled: false - pre_pull: false - -# this is currently required for containers app to run properly (fakeroot) -# Note: you should probably set to false unless you are running a containers workshop -enable_privileged_pods: false - -# pull the images defined in ood_apps onto all k8s worker nodes -# Note: make sure the worker nodes have enough disk space (especially if many apps are enabled) -enable_pod_pre_pull: false - # HTTPS LetsEncrypt Settings acme_directory: https://acme-v02.api.letsencrypt.org/directory