You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@datalab.apache.org by lf...@apache.org on 2022/11/02 08:47:04 UTC
[incubator-datalab] 03/09: [DATALAB-3073]: added keycloak client for jupyter-gpu on gcp
This is an automated email from the ASF dual-hosted git repository.
lfrolov pushed a commit to branch epm-v2.5.2.1
in repository https://gitbox.apache.org/repos/asf/incubator-datalab.git
commit d3652acef9022ebd59b04b69a87cf959690b8c6b
Author: leonidfrolov <fr...@gmail.com>
AuthorDate: Wed Oct 12 17:38:39 2022 +0300
[DATALAB-3073]: added keycloak client for jupyter-gpu on gcp
---
.../general/scripts/gcp/jupyter-gpu_configure.py | 40 ++++++++++++++++++++++
1 file changed, 40 insertions(+)
diff --git a/infrastructure-provisioning/src/general/scripts/gcp/jupyter-gpu_configure.py b/infrastructure-provisioning/src/general/scripts/gcp/jupyter-gpu_configure.py
index 2f1c6f1c0..7c13d08bb 100644
--- a/infrastructure-provisioning/src/general/scripts/gcp/jupyter-gpu_configure.py
+++ b/infrastructure-provisioning/src/general/scripts/gcp/jupyter-gpu_configure.py
@@ -31,6 +31,7 @@ import sys
import traceback
import subprocess
from fabric import *
+import uuid
if __name__ == "__main__":
try:
@@ -222,6 +223,45 @@ if __name__ == "__main__":
GCPActions.remove_instance(notebook_config['instance_name'], notebook_config['zone'])
sys.exit(1)
+ if os.environ['notebook_create_keycloak_client'] == 'True':
+ try:
+ logging.info('[SETUP KEYCLOAK CLIENT]')
+ notebook_config['keycloak_client_name'] = '{}-{}-{}-{}'\
+ .format(notebook_config['service_base_name'], notebook_config['project_name'],
+ notebook_config['endpoint_name'], notebook_config['exploratory_name'])
+ notebook_config['keycloak_client_secret'] = str(uuid.uuid4())
+ keycloak_params = "--service_base_name {} --keycloak_auth_server_url {} --keycloak_realm_name {} " \
+ "--keycloak_user {} --keycloak_user_password {} --keycloak_client_secret {} " \
+ "--project_name {} --endpoint_name {} --exploratory_name {}"\
+ .format(notebook_config['service_base_name'], os.environ['keycloak_auth_server_url'],
+ os.environ['keycloak_realm_name'], os.environ['keycloak_user'],
+ os.environ['keycloak_user_password'], notebook_config['keycloak_client_secret'],
+ notebook_config['project_name'], notebook_config['endpoint_name'],
+ notebook_config['exploratory_name'])
+ try:
+ subprocess.run("~/scripts/{}.py {}".format('configure_keycloak', keycloak_params), shell=True, check=True)
+ except:
+ datalab.fab.append_result("Failed setup keycloak client")
+ raise Exception
+
+ try:
+ conn = datalab.fab.init_datalab_connection(instance_hostname, notebook_config['datalab_ssh_user'],
+ notebook_config['ssh_key_path'], '', False)
+ content = json.loads(conn.sudo("cat /home/{}/.local/share/jupyter/kernels/py3spark_local/kernel.json"
+ .format(notebook_config['datalab_ssh_user'])).stdout)
+ content['env']['KEYCLOAK_CLIENT'] = notebook_config['keycloak_client_name']
+ content['env']['KEYCLOAK_SECRET'] = notebook_config['keycloak_client_secret']
+ conn.sudo("echo '{}' > /home/{}/.local/share/jupyter/kernels/py3spark_local/kernel.json"
+ .format(json.dumps(content), notebook_config['datalab_ssh_user']))
+ conn.sudo('systemctl restart jupyter-notebook')
+ except:
+ datalab.fab.append_result("Failed to write variables to .bashrc")
+ raise Exception
+
+ except Exception as err:
+ datalab.fab.append_result("Failed setup keycloak client ", str(err))
+ GCPActions.remove_instance(notebook_config['instance_name'], notebook_config['zone'])
+ sys.exit(1)
if notebook_config['image_enabled'] == 'true':
try:
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@datalab.apache.org
For additional commands, e-mail: commits-help@datalab.apache.org