Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DinD documentation #838

Merged
merged 4 commits into from
Aug 8, 2019
Merged

DinD documentation #838

merged 4 commits into from
Aug 8, 2019

Conversation

jhamman
Copy link

@jhamman jhamman commented May 1, 2019

closes #832

@jhamman jhamman mentioned this pull request May 1, 2019
Closed
@consideRatio
Copy link
Member

Wow thanks @jhamman ! That made it a lot clearer to me. I deployed a BinderHub for neurips once and that is all my BinderHub deployment experience, but at that time I didn't understand this but now I grasp this thanks to your documentation!

❤️ 🎉 LGTM

@betatim
Copy link
Member

betatim commented May 2, 2019

Question for Yuvi and/or Min: are there also security benefits for running builds via docker-in-docker? In my mind one reason to run in DIND mode is that you have better control over what the docker build... command executed by repo2docker has access to in terms of files and resources. But it is a fuzzy concept in my head so I can't write a sentence to include in the docs :(

@consideRatio
Copy link
Member

@betatim I find this very challenging, and while working with gitlab's helm chart I've considered related security concerns about Docker overall to build and run things for users in CI pipelines.

Here are some of these concerns written down by GitLab's team:
https://docs.gitlab.com/runner/executors/kubernetes.html#using-docker-in-your-builds

@jhamman
Copy link
Author

jhamman commented May 10, 2019

Bumping this so we don't loose too much momentum. @betatim / @consideRatio - should we add some comments about DIND and security? I would need input from you on what to write.

@consideRatio
Copy link
Member

@jhamman I'm not knowledgeable enough about these aspects yet to suggest something =/

@jhamman jhamman changed the title [WIP] DinD documentation DinD documentation Aug 5, 2019
@jhamman jhamman mentioned this pull request Aug 5, 2019
Closed
betatim
betatim reviewed Aug 6, 2019
View reviewed changes
doc/setup-binderhub.rst Outdated
dind:
enabled: true
daemonset:
image:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this and the next two lines need to be indented. Though they are the same as the default so we probably don't need them at all?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've fixed the indentation. I think it is helpful to show the default the image specification here though as this is the sort of thing someone may want to customize.

betatim
betatim reviewed Aug 6, 2019
View reviewed changes
doc/setup-binderhub.rst Outdated
---------------------------

The Helm chart used to install your BinderHub deployemnt has a lot of options
for you to tweak. Below is a few pointers for how to configure some of the most
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
for you to tweak. Below is a few pointers for how to configure some of the most
for you to tweak. Below a few pointers for how to configure some of the most

@betatim
Copy link
Member

betatim commented Aug 6, 2019

When PRs go stale feel free to bump them by following up on the questions/discussion points by suggesting a resolution that seems to follow the consensus. I think a frequent reason for why things go stale is that there is no immediate actionable thing and no one is trying to get to one. I think it is best if the PR proposer tries to do the driving by suggesting a next actionable item.

For now I would skip the security question and maybe @jhamman can create a new PR addressing/adding thoughts on that. That way we can get this PR merged.

@jhamman
Copy link
Author

jhamman commented Aug 7, 2019

@betatim - thanks for the review. I've updated things a bit and this should be good to go in.

should we add some comments about DIND and security

I don't know. I'm not familiar with this issue so I'll leave this for the next contributor.

@betatim betatim merged commit 7c2f9da into jupyterhub:master Aug 8, 2019
yuvipanda pushed a commit to jupyterhub/helm-chart that referenced this pull request Aug 8, 2019
[binderhub] Automatic update for commit 409f200
a8a713e 
jupyterhub/binderhub#838
@henchbot henchbot mentioned this pull request Aug 8, 2019
Merged
@bitnik bitnik mentioned this pull request Aug 8, 2019
Closed
@snyk-bot snyk-bot mentioned this pull request Aug 17, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@betatim betatim betatim left review comments

Assignees
No one assigned
Labels
documentation enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Better document how builds are done and when dind should be used
4 participants
@jhamman @consideRatio @betatim @choldgraf