Configure and deploy the
support chart is a helm chart maintained by the 2i2c Engineers that consists of common tools used to support JupyterHub deployments in the cloud.
These tools are
ingress-nginx, for controlling ingresses and load balancing;
cert-manager, for automatically provisioning TLS certificates from Let’s Encrypt; Prometheus, for scraping and storing metrics from the cluster and hub; and Grafana, for visualising the metrics retreived by Prometheus.
This section will walk you through how to deploy the support chart on a cluster.
support.values.yaml file in your chosen cluster folder#
infrastructure repo, the full filepath should be:
Add the following helm chart values to your
<grafana-domain> should follow the pattern
<prometheus-domain> should follow the pattern
prometheusIngressAuthSecret: enabled: true grafana: grafana.ini: server: root_url: https://<grafana-domain>/ auth.github: enabled: true allowed_organizations: 2i2c-org ingress: hosts: - <grafana-domain> tls: - secretName: grafana-tls hosts: - <grafana-domain> prometheus: server: ingress: enabled: true hosts: - <prometheus-domain> tls: - secretName: prometheus-tls hosts: - <prometheus-domain>
If you are deploying the support chart on an AWS cluster, you must enable the
cluster-autoscaler sub-chart, otherwise the node groups will not automatically scale.
Include the following in your
cluster-autoscaler: enabled: true autoDiscovery: clusterName: <cluster-name> awsRegion: <aws-region>
Add the following config as a top-level key to your
Note this filepath is relative to the location of your
support: helm_chart_values_files: - support.values.yaml
support chart via the
deployer tool to deploy the support chart to the cluster.
See Manually deploy a config change for details on how to setup the tool locally.
deployer deploy-support $CLUSTER_NAME
Setting DNS records#
support chart has been successfully deployed, retrieve the external IP address for the
ingress-nginx load balancer.
kubectl --namespace=support get service support-ingress-nginx-controller
Add DNS records for the
2i2c.cloud domain under “Advanced DNS” in
<cluster-name>.2i2c.cloud., used for the primary hub (if it exists).
*.<cluster-name>.2i2c.cloud., for all other hubs, grafana and prometheus instances.
A record when we point to an external IP addresse (GCP, Azure), and a
CNAME record when we point to another domain (AWS).
It may take a while for this configuration to propagate to all devices making DNS lookups. After that, cert-manager needs to do its job to acquire HTTPS certificates. And finally, the ingress-nginx server that makes use of the HTTPS certificates needs to reload to use the acquired certificates.