Configure and deploy the support
chart#
The support
chart is a helm chart maintained by the 2i2c Engineers that consists of common tools used to support JupyterHub deployments in the cloud.
These tools are ingress-nginx
, for controlling ingresses and load balancing; cert-manager
, for automatically provisioning TLS certificates from Let’s Encrypt; Prometheus, for scraping and storing metrics from the cluster and hub; and Grafana, for visualising the metrics retreived by Prometheus.
This section will walk you through how to deploy the support chart on a cluster.
Create a support.values.yaml
file in your chosen cluster folder#
In the infrastructure
repo, the full filepath should be: config/clusters/<cluster_name>/support.values.yaml
.
Add the following helm chart values to your support.values.yaml
file.
<grafana-domain>
should follow the pattern grafana.<cluster_name>.2i2c.cloud
,
and <prometheus-domain>
should follow the pattern prometheus.<cluster_name>.2i2c.cloud
.
prometheusIngressAuthSecret:
enabled: true
grafana:
grafana.ini:
server:
root_url: https://<grafana-domain>/
auth.github:
enabled: true
allowed_organizations: 2i2c-org
ingress:
hosts:
- <grafana-domain>
tls:
- secretName: grafana-tls
hosts:
- <grafana-domain>
prometheus:
server:
ingress:
enabled: true
hosts:
- <prometheus-domain>
tls:
- secretName: prometheus-tls
hosts:
- <prometheus-domain>
Warning
If you are deploying the support chart on an AWS cluster, you must enable the cluster-autoscaler
sub-chart, otherwise the node groups will not automatically scale.
Include the following in your support.values.yaml
file:
cluster-autoscaler:
enabled: true
autoDiscovery:
clusterName: <cluster-name>
awsRegion: <aws-region>
Edit your cluster.yaml
file#
Add the following config as a top-level key to your cluster.yaml
file.
Note this filepath is relative to the location of your cluster.yaml
file.
support:
helm_chart_values_files:
- support.values.yaml
Deploy the support
chart via the deployer
#
Use the deployer
tool to deploy the support chart to the cluster.
See Manually deploy a config change for details on how to setup the tool locally.
deployer deploy-support $CLUSTER_NAME
Setting DNS records#
Once the support
chart has been successfully deployed, retrieve the external IP address for the ingress-nginx
load balancer.
kubectl --namespace=support get service support-ingress-nginx-controller
Add DNS records for the 2i2c.cloud
domain under “Advanced DNS” in
Namecheap.com:
<cluster-name>.2i2c.cloud.
, used for the primary hub (if it exists).*.<cluster-name>.2i2c.cloud.
, for all other hubs, grafana and prometheus instances.
Use an A
record when we point to an external IP addresse (GCP, Azure), and a
CNAME
record when we point to another domain (AWS).
Note
It may take a while for this configuration to propagate to all devices making DNS lookups. After that, cert-manager needs to do its job to acquire HTTPS certificates. And finally, the ingress-nginx server that makes use of the HTTPS certificates needs to reload to use the acquired certificates.