Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Try to make eWatercycle environment + nbgrader run in kubernetes #1

Draft
wants to merge 8 commits into
base: main
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions apptainer.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: v1
kind: Pod
metadata:
name: apptainer
spec:
securityContext:
runAsUser: 1000
runAsNonRoot: true
restartPolicy: Never
containers:
- name: apptainercontainer
image: ghcr.io/ewatercycle/teaching:latest
# command:
# - apptainer
# - run
# - docker://alpine:latest cat /etc/os-release
securityContext:
allowPrivilegeEscalation: true
privileged: true
resources:
limits:
cpu: "1"
memory: "4Gi"
67 changes: 67 additions & 0 deletions rclone.yaml.example
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: data-rclone-example
labels:
name: data-rclone-example
spec:
accessModes:
- ReadOnlyMany
storageClassName: rclone
capacity:
storage: 10Gi
csi:
driver: csi-rclone
volumeHandle: data-id
volumeAttributes:
remote: "my-dcache"
remotePath: "/"
# TODO pass --read-only and --cache-dir
configData: |
[my-dcache]
type = webdav
url = https://webdav.grid.surfsara.nl:2880
vendor = other
user =
pass =
bearer_token = ....
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data-rclone-example
spec:
accessModes:
- ReadOnlyMany
resources:
requests:
storage: 10Gi
storageClassName: rclone
selector:
matchLabels:
name: data-rclone-example

# From ewc infra
# # /usr/bin/rclone mount \
# --config=/etc/rclone.conf \
# --allow-other \
# --read-only \
# --cache-dir {{ rclone_cache_dir }} \
# --vfs-cache-max-size {{ rclone_max_gsize }}G\
# --vfs-cache-mode full \
# {{ dcache_rclone_name }}:{{ dcache_root }} {{ data_root }}

# From jupyter server log
# rclone mount
# my-dcache:/
# /var/snap/microk8s/common/var/lib/kubelet/pods/81d7b6af-b58d-4eef-87f3-e97a0afec474/volumes/kubernetes.io~csi/data-rclone-example/mount
# --daemon
# --config /tmp/rclone.conf3139822866
# --dir-cache-time=5s --vfs-cache-mode=writes
# --allow-non-empty=true --allow-other=true
# --cache-info-age=72h --cache-chunk-clean-interval=15m

# Warning FailedMount 21s kubelet
# MountVolume.SetUp failed for volume "data-rclone-example" : rpc error: code = Internal desc = mounting failed: exit status 1 cmd:
# 'rclone' remote: 'my-dcache:/' targetpath: /var/snap/microk8s/common/var/lib/kubelet/pods/ae09680d-d77b-462a-8146-61d817ac3451/volumes/kubernetes.io~csi/data-rclone-example/mount
# output: "2024/02/06 14:36:37 Fatal error: mount not ready\n"
3 changes: 3 additions & 0 deletions vagrant/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
config.yaml
.vagrant/
rclone.yaml
44 changes: 44 additions & 0 deletions vagrant/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# docker build -t ghcr.io/ewatercycle/teaching:latest .
# docker run -ti --rm --privileged ghcr.io/ewatercycle/teaching:latest bash

# Folowing does not work
# docker run -ti --rm --cap-add SYS_ADMIN --cap-add MKNOD --cap-add SYS_CHROOT --cap-add SETFCAP ghcr.io/ewatercycle/teaching:latest bash
# apptainer run docker://ghcr.io/ewatercycle/leakybucket-grpc4bmi:v0.0.1
# FATAL: container creation failed: mount hook function failure: mount /proc/self/fd/3->/var/lib/apptainer/mnt/session/rootfs error: while mounting image /proc/self/fd/3: squashfuse_ll exited with status 1: fuse: device not found, try 'modprobe fuse' first

# apptainer pull docker://ghcr.io/ewatercycle/leakybucket-grpc4bmi:v0.0.1
# ipython
# from grpc4bmi.bmi_client_apptainer import BmiClientApptainer
# model = BmiClientApptainer('docker://ghcr.io/ewatercycle/leakybucket-grpc4bmi:v0.0.1', work_dir='/tmp')
# model.get_component_name()
# del model

# echo $CR_PAT | docker login ghcr.io -u sverhoeven --password-stdin
# docker push ghcr.io/ewatercycle/teaching:latest

FROM jupyter/minimal-notebook:latest

LABEL org.opencontainers.image.source=https://github.com/eWaterCycle/teaching
LABEL org.opencontainers.image.description="eWatercycle teaching"
LABEL org.opencontainers.image.licenses=Apache-2.0

USER root

# install apptainer or podman
# RUN apt update && apt install -y podman && ln -s /usr/bin/podman /usr/bin/docker
RUN apt update && apt install -y libfuse2 uidmap squashfs-tools squashfuse fuse2fs fuse-overlayfs fakeroot
RUN wget https://github.com/apptainer/apptainer/releases/download/v1.2.5/apptainer_1.2.5_amd64.deb && \
dpkg -i apptainer_1.2.5_amd64.deb && rm apptainer_1.2.5_amd64.deb

# install ngshare stuff
COPY nbgrader_config.py /etc/jupyter/nbgrader_config.py
# need fork of ngshare to work with latest jupyter
RUN mamba install -y nbgrader && pip install git+https://github.com/lauri3k/ngshare_exchange.git#master

# install ewatercycle + its deps
RUN mamba install -y esmvaltool-python && pip install ewatercycle-leakybucket
# TODO other models and utils

# TODO install extra jupyter extensions like lsp

USER 1000
Loading