-
Notifications
You must be signed in to change notification settings - Fork 8
/
infrequent-env
181 lines (139 loc) · 6.75 KB
/
infrequent-env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
#! /bin/bash -eu
export PATH=`pwd`/tools:`pwd`/fuse/bin:`pwd`/fs-support/efs-quota/bin:${PATH}
# By default, do not export frozen/chilly requirements from image. If already set, use that value.
export FREEZE_CHILL=${FREEZE_CHILL:-0}
# ----------------- vvvv less frequently changed inputs vvvv -------------------------------
#
export JH_HOSTNAME="${DEPLOYMENT_NAME}.science.stsci.edu"
if [[ "$ENVIRONMENT" != "prod" && "$DEPLOYMENT_NAME" != "jwebbinar" ]]; then
export JH_HOSTNAME="${ENVIRONMENT}.${JH_HOSTNAME}"
fi
export JH_HOSTNAME=`echo ${JH_HOSTNAME} | sed -e's/tike/timeseries/g'`
# Select "conda" tool used to install conda package and environments: conda or mamba
# mamba is largely a drop-in replacement for mamba with improved dependency resolution,
# parallel downloads, and C++ implementation.
#export CONDA_VER=mamba
export CONDA_VER=conda
# Additional parameters for image-exec Docker run command, e.g. add mounts here
export IMAGE_RUN_PARS="--rm -e JUPYTER_ENABLE_LAB=yes"
# Image scanning, report Ubuntu status for this version of Ubuntu
export IMAGE_UBUNTU_NAME="focal"
# Image scanning, report CVE's at this severity level and higher
export IMAGE_VULNERABILITY_LEVEL="medium"
# -------------------------------------------------------------------
# Docker Buildkit has two killer features:
# 1. It can set up caches for package download directories which
# persist between builds if they're not cleared.
# 2. It can set up multiple builders enabling parallel builds of
# different missions and build parameters. See image-build-all.
#
# Docker requires DOCKER_BUILDKT=1 to enable buildkit for older Docker
# distributions. This enables buildkit in general.
export DOCKER_BUILDKIT=1
# Stop/improve buildkit log truncation.
export BUILDKIT_STEP_LOG_MAX_SIZE=10000000 # bytes
export BUILDKIT_STEP_LOG_MAX_SPEED=10000000
# Set USE_BUILDKIT_CACHING=1 to avoid repeat package downloads, particularly
# useful during iterative dependency debug builds where pip environments are
# being rebuilt repeatedly.
export USE_BUILDKIT_CACHING=0
# ----------------------------------------------------------------------------
# Set CLEAR_PKG_CACHES to 0 to turn off *our* package cache clearing code
# during image builds so that they persist in Docker caches outside the image
# to avoid repeat downloads. (apt, conda, pip, npm)
# Note that jupyter/docker-stacks doesn't honor CLEAR_PKG_CACHES so cache
# persistence is generally negated for that and prior images.
# Set CLEAR_PKG_CACHES=0 when USE_BUILDKIT_CACHING=1 or when the package caches
# may be needed for debug with e.g. pipdeptree or conda-tree dependency tools.
# Set CLEAR_PKG_CACHES=1 to prevent growth in image size due to package
# downloads. This is classic behavior.
export CLEAR_PKG_CACHES=1
if [[ "${USE_BUILDKIT_CACHING}" == 1 && "${CLEAR_PKG_CACHES}" == 1 ]]; then
echo "WARNING: Effective buildkit caching requires turning off package clearing."
fi
# ----------------------------------------------------------------------------
# PIP_SWITCHES are passed through to pip by Docker and the pip install scripts
# env-update and env-compile/sync.
export PIP_SWITCHES="--no-color --default-timeout 100"
if [[ "${CLEAR_PKG_CACHES}" == "1" ]]; then
export PIP_SWITCHES="${PIP_SWITCHES} --no-cache-dir"
fi
# ----------------- vvvvvv derived inputs, nominally don't change vvvvvv --------------
# automatically sourced into setup-env
# Octarine AWS JupyterHub setup
export JUPYTERHUB_DIR=`pwd`
export IMAGE_DIR=`pwd`/deployments/${DEPLOYMENT_NAME}/image
export CONFIG_DIR=`pwd`/deployments/${DEPLOYMENT_NAME}/config
export COMMON_IMAGE_DIR=`pwd`/deployments/common/image
export COMMON_CONFIG_DIR=`pwd`/deployments/common/config
export ADMIN_ARN=arn:aws:iam::${ACCOUNT_ID}:role/${ADMIN_ROLENAME}
export WORKER_ROLE=${DEPLOYMENT_NAME}-worker
export WORKER_ARN=$(echo ${ADMIN_ARN} | sed -e 's/${ADMIN_ROLE}/${WORKER_ROLE}/g')
export ECR_REGISTRY=${ECR_ACCOUNT_ID}.dkr.ecr.us-east-1.amazonaws.com
export IMAGE_REPO=${DEPLOYMENT_NAME}
export COMMON_REPO=${IMAGE_REPO}
export COMMON_ID=${ECR_REGISTRY}/${COMMON_REPO}:${COMMON_TAG}
export IMAGE_ID=${ECR_REGISTRY}/${IMAGE_REPO}:${IMAGE_TAG}
# -------------------- FUSE S3 settings -----------------------------------------------
export FUSE_S3_BUCKETS="stpubdata" # space separated (for example: "stpubdata nishapur")
export FUSE_REPO=${IMAGE_REPO}
export FUSE_ID=${ECR_REGISTRY}/${FUSE_REPO}:${FUSE_TAG}
# -------------------- EFSQUOTA settings -----------------------------------------------
export EFSQUOTA_REPO=${IMAGE_REPO}
export EFSQUOTA_ID=${ECR_REGISTRY}/${EFSQUOTA_REPO}:${EFSQUOTA_TAG}
# --------------- vvvvv misc env settings vvvvv ---------------------------------
export TMOUT=7200
export TF_LOG=TRACE
export TF_LOG_PATH=terraform.log
function where () {
info="${DEPLOYMENT_NAME}-${ENVIRONMENT}"
if [[ "${USE_FROZEN}" == "0" ]]; then
info="${info}-floating"
elif [[ "${USE_FROZEN}" == "1" ]]; then
info="${info}-frozen"
elif [[ "${USE_FROZEN}" == "2" ]]; then
info="${info}-chilly"
else
info="${info}-ERROR"
fi
if [[ "${USE_BUILDKIT_CACHING}" == "1" ]]; then
info="${info}-bkcache"
else
info="${info}-nocache"
fi
if [[ "${CLEAR_PKG_CACHES}" == "1" ]]; then
info="${info}-clearpkgs"
else
info="${info}-keeppkgs"
fi
echo $info
}
# e.g. kpods hub default -- prints first pod name for pods matching hub in default namespace
function kpods {
pod_pat=${1}
namespace=${2:-default}
echo $(kubectl get pods --namespace $namespace | grep $pod_pat | head -1 | cut -d ' ' -f 1)
}
# e.g. klogs hub -- dumps pod logs for hub pod
# e.g. klogs monitor efs-quota -- dumps pod logs for first monitor pod in efs-quota namespace
function klogs {
pod_pat=${1}
namespace=${2:-default}
kpods $pod_pat $namespace | xargs kubectl logs --namespace $namespace
}
# e.g. kexec hub -- open a bash shell in hub pod
# e.g. kexec hub default "some cmd of several words" -- exec multiword command on hub pod
function kexec {
pod_pat=${1}
namespace=${2:-default}
cmd=${3:-/bin/bash}
kubectl exec -it --namespace $namespace $(kpods $pod_pat $namespace) -- $(echo $cmd)
}
alias awsu="awsudo -d 3600 $ADMIN_ARN"
alias terraform-init="awsu terraform init -backend-config=./backend.conf -backend-config=./backend.conf"
alias terraform-apply="awsu terraform apply --var-file=${DEPLOYMENT_NAME}.tfvars"
alias terraform-destroy="awsu terraform destroy -var-file=${DEPLOYMENT_NAME}.tfvars"
alias helm-destroy="awsu helm uninstall ${DEPLOYMENT_NAME}-${ENVIRONMENT}"
alias update-kubeconfig="awsu aws eks update-kubeconfig --name $DEPLOYMENT_NAME"
alias pods="kubectl get pods -A"
# where, failing for GitHub Actions even with bash shell