From 7dfa4d94e8110d393b0316a690a62c99ee99b821 Mon Sep 17 00:00:00 2001 From: YuviPanda Date: Fri, 10 Dec 2021 12:37:19 +0530 Subject: [PATCH 1/2] Enable NFS home directory for UToronto Co-authored-by: GeorgianaElena --- config/hubs/utoronto.cluster.yaml | 37 +++++++++++++++++------- terraform/azure/projects/utoronto.tfvars | 5 +++- 2 files changed, 31 insertions(+), 11 deletions(-) diff --git a/config/hubs/utoronto.cluster.yaml b/config/hubs/utoronto.cluster.yaml index 84072459c3..7b5ea3ff54 100644 --- a/config/hubs/utoronto.cluster.yaml +++ b/config/hubs/utoronto.cluster.yaml @@ -29,11 +29,18 @@ hubs: enabled: false config: &utorontoHubConfig azureFile: - enabled: true - nfs: enabled: false - shareCreator: - enabled: false + nfs: + enabled: true + pv: + # Recommended options from the Azure Portal UI for mounting the share + mountOptions: + - vers=4 + - minorversion=1 + - sec=sys + serverIP: 2i2cutorontohubstorage.file.core.windows.net + # Trailing slash is important! + baseShareName: /2i2cutorontohubstorage/homes/ jupyterhub: custom: homepage: @@ -52,15 +59,25 @@ hubs: name: University of Toronto url: https://www.utoronto.ca/ singleuser: + initContainers: + # Need to explicitly fix ownership here, since Azure File doesn't do anonuid + - name: volume-mount-ownership-fix + image: busybox + command: + [ + "sh", + "-c", + "id && chown 1000:1000 /home/jovyan && ls -lhd /home/jovyan", + ] + securityContext: + runAsUser: 0 + volumeMounts: + - name: home + mountPath: /home/jovyan + subPath: "{username}" image: name: quay.io/2i2c/utoronto-image tag: 83a724f5b829 - storage: - type: none - extraVolumes: - - name: home - persistentVolumeClaim: - claimName: home-azurefile scheduling: userPlaceholder: enabled: false diff --git a/terraform/azure/projects/utoronto.tfvars b/terraform/azure/projects/utoronto.tfvars index 6a38f3b50b..2170050eda 100644 --- a/terraform/azure/projects/utoronto.tfvars +++ b/terraform/azure/projects/utoronto.tfvars @@ -1,10 +1,13 @@ +tenant_id = "78aac226-2f03-4b4d-9037-b46d56c55210" subscription_id = "ead3521a-d994-4a44-a68d-b16e35642d5b" resourcegroup_name = "2i2c-utoronto-cluster" +storage_protocol = "NFS" + ssh_pub_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQJ4h39UYNi1wybxAH+jCFkNK2aqRcuhDkQSMx0Hak5xkbt3KnT3cOwAgUP1Vt/SjhltSTuxpOHxiAKCRnjwRk60SxKhUNzPHih2nkfYTmBBjmLfdepDPSke/E0VWvTDIEXz/L8vW8aI0QGPXnXyqzEDO9+U1buheBlxB0diFAD3vEp2SqBOw+z7UgrGxXPdP+2b3AV+X6sOtd6uSzpV8Qvdh+QAkd4r7h9JrkFvkrUzNFAGMjlTb0Lz7qAlo4ynjEwzVN2I1i7cVDKgsGz9ZG/8yZfXXx+INr9jYtYogNZ63ajKR/dfjNPovydhuz5zQvQyxpokJNsTqt1CiWEUNj georgiana@georgiana" global_container_registry_name = "2i2cutorontohubregistry" -global_storage_account_name = "2i2cutorontohubstorage" +global_storage_account_name = "2i2cutorontohubstorage" location = "canadacentral" From 042041e01e4b1cb5b0d355399e69121fa6a0bfda Mon Sep 17 00:00:00 2001 From: YuviPanda Date: Fri, 10 Dec 2021 13:11:11 +0530 Subject: [PATCH 2/2] Remove 'dynamic subpath' This was a replacement for nfs-share-creator for Azure File when we were using it with SMB / CIFS. However, we are now using NFS directly, and this was just causing problems where the actual notebook container was mounting a different path than the volume-mount initcontainer that was setting uid! --- config/hubs/utoronto.cluster.yaml | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/config/hubs/utoronto.cluster.yaml b/config/hubs/utoronto.cluster.yaml index 7b5ea3ff54..e9459fd24a 100644 --- a/config/hubs/utoronto.cluster.yaml +++ b/config/hubs/utoronto.cluster.yaml @@ -127,16 +127,4 @@ hubs: username_claim: oid login_service: "University of Toronto ID" oauth_callback_url: https://staging.utoronto.2i2c.cloud/hub/oauth_callback - tenant_id: 78aac226-2f03-4b4d-9037-b46d56c55210 - extraConfig: - 10-dynamic-subpath: | - import os - pod_namespace = os.environ['POD_NAMESPACE'] - # FIXME: This isn't setting up _shared dirs properly - c.KubeSpawner.volume_mounts = [ - { - "mountPath": "/home/jovyan", - "name": "home", - "subPath": f"{pod_namespace}/{{username}}" - }, - ] + tenant_id: 78aac226-2f03-4b4d-9037-b46d56c55210 \ No newline at end of file