Google Git
Sign in
apache / incubator-datalab / 8176f1f8c868e4bde355bc3e56c82120c8760430 / . / infrastructure-provisioning / src / general / scripts / gcp / odahu_suspend.py
blob: 54aff9e413b3973aa4d7584c08c17d8ee4bfc40d [file] [log] [blame]
#!/usr/bin/python
# *****************************************************************************
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
# ******************************************************************************
import logging
import json
import sys
from dlab.fab import *
from dlab.meta_lib import *
from dlab.actions_lib import *
import os
import base64
if __name__ == "__main__":
local_log_filename = "{}_{}_{}.log".format(os.environ['conf_resource'], os.environ['project_name'],
os.environ['request_id'])
local_log_filepath = "/logs/project/" + local_log_filename
logging.basicConfig(format='%(levelname)-8s [%(asctime)s] %(message)s',
level=logging.DEBUG,
filename=local_log_filepath)
print('Generating infrastructure names and tags')
odahu_conf = dict()
odahu_conf['allowed_cidr'] = os.environ['odahu_allowed_cidr'].split(',')
odahu_conf['project_id'] = (os.environ['gcp_project_id'])
odahu_conf['region'] = (os.environ['gcp_region'])
odahu_conf['zone'] = (os.environ['gcp_zone'])
odahu_conf['edge_user_name'] = os.environ['edge_user_name']
odahu_conf['node_locations'] = GCPMeta().get_available_zones()
odahu_conf['dns_zone_name'] = os.environ['odahu_dns_zone_name']
odahu_conf['docker_repo'] = os.environ['odahu_docker_repo']
odahu_conf['cidr'] = os.environ['odahu_cidr']
odahu_conf['service_base_name'] = (os.environ['conf_service_base_name']).lower().replace('_', '-')
odahu_conf['project_name'] = (os.environ['project_name']).lower().replace('_', '-')
odahu_conf['cluster_name'] = "{}-{}".format((os.environ['conf_service_base_name']).lower().replace('_', '-'),
(os.environ['odahu_cluster_name']).lower().replace('_', '-'))
odahu_conf['bucket_name'] = "{}-tfstate".format(odahu_conf['cluster_name'])
odahu_conf['static_address_name'] = "{}-nat-gw".format(odahu_conf['cluster_name'])
try:
if os.environ['gcp_vpc_name'] == '':
raise KeyError
else:
odahu_conf['vpc_name'] = os.environ['gcp_vpc_name']
except KeyError:
odahu_conf['vpc_name'] = odahu_conf['service_base_name'] + '-ssn-vpc'
odahu_conf['vpc_cidr'] = os.environ['conf_vpc_cidr']
odahu_conf['private_subnet_name'] = '{0}-{1}-subnet'.format(odahu_conf['service_base_name'],
odahu_conf['project_name'])
odahu_conf['grafana_admin'] = os.environ['grafana_admin']
odahu_conf['grafana_pass'] = os.environ['grafana_pass']
odahu_conf['docker_password'] = base64.b64decode(os.environ['odahu_docker_password'] + "==")
odahu_conf['initial_node_count'] = os.environ['odahu_initial_node_count']
odahu_conf['istio_helm_repo'] = os.environ['odahu_istio_helm_repo']
odahu_conf['helm_repo'] = os.environ['odahu_helm_repo']
odahu_conf['k8s_version'] = os.environ['odahu_k8s_version']
odahu_conf['oauth_oidc_issuer_url'] = "{}/realms/{}".format(os.environ['keycloak_auth_server_url'],
os.environ['keycloak_realm_name'])
odahu_conf['oauth_oidc_host'] = os.environ['keycloak_auth_server_url'].replace('https://', '').replace('/auth', '')
odahu_conf['oauth_client_id'] = os.environ['keycloak_client_name']
odahu_conf['oauth_client_secret'] = os.environ['keycloak_client_secret']
odahu_conf['oauth_cookie_secret'] = os.environ['oauth_cookie_secret']
odahu_conf['oauth_local_jwks'] = os.environ['odahu_oauth_local_jwks']
odahu_conf['infra_version'] = os.environ['odahu_infra_version']
odahu_conf['odahuflow_version'] = os.environ['odahu_odahuflow_version']
odahu_conf['mlflow_toolchain_version'] = os.environ['odahu_mlflow_toolchain_version']
odahu_conf['jupyterlab_version'] = os.environ['odahu_jupyterlab_version']
odahu_conf['packager_version'] = os.environ['odahu_packager_version']
odahu_conf['node_version'] = os.environ['odahu_node_version']
odahu_conf['pods_cidr'] = os.environ['odahu_pods_cidr']
odahu_conf['root_domain'] = os.environ['odahu_root_domain']
odahu_conf['service_cidr'] = os.environ['odahu_service_cidr']
odahu_conf['tls_crt'] = base64.b64decode(os.environ['odahu_tls_crt'] + "==")
odahu_conf['tls_key'] = base64.b64decode(os.environ['odahu_tls_key'] + "==")
odahu_conf['ssh_key'] = os.environ['ssh_key']
odahu_conf['dns_project_id'] = os.environ['odahu_dns_project_id']
odahu_conf['decrypt_token'] = os.environ['odahuflow_connection_decrypt_token']
odahu_conf['infra_vpc_peering'] = os.environ['odahu_infra_vpc_peering']
odahu_conf['automation_version'] = os.environ['odahu_automation_version']
odahu_conf['ui_version'] = os.environ['odahu_ui_version']
odahu_conf['examples_version'] = os.environ['odahu_examples_version']
odahu_conf['jupyterhub_enabled'] = os.environ['odahu_jupyterhub_enabled']
odahu_conf['oauth_mesh_enabled'] = os.environ['odahu_oauth_mesh_enabled']
odahu_conf['keysecret'] = os.environ['odahu_keysecret']
odahu_conf['airflow_secret'] = os.environ['odahu_airflow_secret']
odahu_conf['operator_secret'] = os.environ['odahu_operator_secret']
odahu_conf['resource-uploader_secret'] = os.environ['odahu_resource_uploader_secret']
odahu_conf['tester_secret'] = os.environ['odahu_tester_secret']
odahu_conf['tester-data-scientist_secret'] = os.environ['odahu_tester_data_scientist_secret']
print('Preparing parameters file')
try:
local("cp /root/templates/profile.json /tmp/")
with open("/tmp/profile.json", 'w') as profile:
prof = {
"allowed_ips": odahu_conf['allowed_cidr'],
"authorization_enabled": "true",
"authz_dry_run": "false",
"cloud": {
"gcp": {
"node_locations": odahu_conf['node_locations'],
"project_id": "{}".format(odahu_conf['project_id']),
"region": "{}".format(odahu_conf['region']),
"zone": "{}".format(odahu_conf['zone']),
},
"type": "gcp"
},
"cluster_name": "{}".format(odahu_conf['cluster_name']),
"cluster_type": "gcp/gke",
"data_bucket": "{}-data-bucket".format(odahu_conf['cluster_name']),
"dns": {
"domain": "odahu.{}.{}".format(odahu_conf['cluster_name'], odahu_conf['root_domain']),
"gcp_project_id": "{}".format(odahu_conf['project_id']),
"provider": "gcp",
"zone_name": "{}".format(odahu_conf['dns_zone_name']),
},
"docker_password": "{}".format(odahu_conf['docker_password']),
"docker_repo": "{}".format(odahu_conf['docker_repo']),
"docker_username": "_json_key",
"gcp_cidr": "{}".format(odahu_conf['cidr']),
"examples_version": "{}".format(odahu_conf['examples_version']),
"grafana_pass": "{}".format(odahu_conf['grafana_pass']),
"helm_repo": "{}".format(odahu_conf['helm_repo']),
"jupyterhub_enabled": odahu_conf['jupyterhub_enabled'],
"jupyterlab_version": "{}".format(odahu_conf['jupyterlab_version']),
"k8s_version": "{}".format(odahu_conf['k8s_version']),
"mlflow_toolchain_version": "{}".format(odahu_conf['mlflow_toolchain_version']),
"node_pools": {
"main": {
"disk_size_gb": 64,
"init_node_count": 3,
"max_node_count": 5,
"min_node_count": 1
},
"model_deployment": {
"labels": {
"mode": "odahu-flow-deployment"
},
"max_node_count": 3,
"taints": [
{
"effect": "NO_SCHEDULE",
"key": "dedicated",
"value": "deployment"
}
]
},
"packaging": {
"disk_size_gb": 64,
"disk_type": "pd-ssd",
"labels": {
"mode": "odahu-flow-packaging"
},
"machine_type": "n1-standard-4",
"max_node_count": 3,
"taints": [
{
"effect": "NO_SCHEDULE",
"key": "dedicated",
"value": "packaging"
}
]
},
"training": {
"disk_size_gb": 100,
"labels": {
"mode": "odahu-flow-training"
},
"machine_type": "n1-highcpu-8",
"taints": [
{
"effect": "NO_SCHEDULE",
"key": "dedicated",
"value": "training"
}
]
},
"training_gpu": {
"disk_size_gb": 100,
"gpu": [
{
"count": 2,
"type": "nvidia-tesla-p100"
}
],
"labels": {
"mode": "odahu-flow-training-gpu"
},
"machine_type": "n1-standard-8",
"taints": [
{
"effect": "NO_SCHEDULE",
"key": "dedicated",
"value": "training-gpu"
}
]
}
},
"oauth_client_id": "{}".format(odahu_conf['oauth_client_id']),
"oauth_client_secret": "{}".format(odahu_conf['oauth_client_secret']),
"oauth_cookie_secret": "{}".format(odahu_conf['oauth_cookie_secret']),
"oauth_local_jwks": "{}".format(odahu_conf['oauth_local_jwks']),
"oauth_mesh_enabled": odahu_conf['oauth_mesh_enabled'],
"oauth_oidc_audience": "legion",
"oauth_oidc_host": "{}".format(odahu_conf['oauth_oidc_host']),
"oauth_oidc_issuer_url": "{}".format(odahu_conf['oauth_oidc_issuer_url']),
"oauth_oidc_jwks_url": "{}/protocol/openid-connect/certs".format(odahu_conf['oauth_oidc_issuer_url']),
"oauth_oidc_port": 443,
"oauth_oidc_scope": "openid profile email offline_access groups",
"oauth_oidc_token_endpoint": "{}/protocol/openid-connect/token".format(
odahu_conf['oauth_oidc_issuer_url']),
"odahu_automation_version": "{}".format(odahu_conf['automation_version']),
"odahu_infra_version": "{}".format(odahu_conf['infra_version']),
"odahu_ui_version": "{}".format(odahu_conf['ui_version']),
"odahuflow_connection_decrypt_token": "{}".format(odahu_conf['decrypt_token']),
"odahuflow_connections": [
{
"id": "odahu-flow-examples",
"spec": {
"description": "Git repository with the Odahu-Flow examples",
"keySecret": "{}".format(odahu_conf['keysecret']),
"reference": "{}".format(odahu_conf['examples_version']),
"type": "git",
"uri": "git@github.com:odahu/odahu-examples.git",
"webUILink": "https://github.com/odahu/odahu-examples"
}
}
],
"odahuflow_version": "{}".format(odahu_conf['odahuflow_version']),
"opa_policies": {},
"packager_version": "{}".format(odahu_conf['packager_version']),
"pods_cidr": "{}".format(odahu_conf['pods_cidr']),
"service_accounts": {
"airflow": {
"client_id": "sa-airflow",
"client_secret": "{}".format(odahu_conf['airflow_secret'])
},
"operator": {
"client_id": "sa-operator",
"client_secret": "{}".format(odahu_conf['operator_secret'])
},
"resource_uploader": {
"client_id": "sa-resource-uploader",
"client_secret": "{}".format(odahu_conf['resource-uploader_secret'])
},
"test": {
"client_id": "sa-tester",
"client_secret": "{}".format(odahu_conf['tester_secret'])
},
"test_data_scientist": {
"client_id": "sa-tester-data-scientist",
"client_secret": "{}".format(odahu_conf['tester-data-scientist_secret'])
}
},
"service_cidr": "{}".format(odahu_conf['service_cidr']),
"ssh_key": "{}".format(odahu_conf['ssh_key'].replace('\n', '')),
"subnet_name": "{}".format(odahu_conf['private_subnet_name']),
"tfstate_bucket": "{}-tfstate".format(odahu_conf['cluster_name']),
"tls_crt": "{}".format(odahu_conf['tls_crt']),
"tls_key": "{}".format(odahu_conf['tls_key']),
"vpc_name": "{}".format(odahu_conf['vpc_name']),
"vault": {
"enabled": "true"
}
}
profile.write(json.dumps(prof))
local('cat /tmp/profile.json')
local('cp /tmp/profile.json /')
except Exception as err:
traceback.print_exc()
append_result("Failed to configure parameter file.", str(err))
sys.exit(1)
try:
local('tf_runner suspend -v')
except Exception as err:
traceback.print_exc()
append_result("Failed to suspend Odahu cluster.", str(err))
sys.exit(1)