Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add new cluster DANDI #3866

Merged
merged 10 commits into from
Mar 28, 2024
Merged

Add new cluster DANDI #3866

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
ba9b2c6
Generate cluster files for dandi dedicated cluster on AWS
GeorgianaElena Mar 27, 2024
3efbef4
Add GPU nodegroup
GeorgianaElena Mar 27, 2024
17931f3
Export account credentials
GeorgianaElena Mar 27, 2024
34a80fa
Add minimal cluster.yaml file
GeorgianaElena Mar 27, 2024
8b06a96
Add link to aws console
GeorgianaElena Mar 28, 2024
9499851
Set paid_by_us
GeorgianaElena Mar 28, 2024
392979c
Also support g4dn.2xlarge machines
GeorgianaElena Mar 28, 2024
df53d09
Generate grafana token for workflow deploy
GeorgianaElena Mar 28, 2024
d2bd2b8
Add the cluster name to the deploy workflow list
GeorgianaElena Mar 28, 2024
c305aaa
Enable github authentication
GeorgianaElena Mar 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/workflows/deploy-grafana-dashboards.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ jobs:
- cluster_name: catalystproject-africa
- cluster_name: catalystproject-latam
- cluster_name: cloudbank
- cluster_name: dandi
- cluster_name: gridsst
- cluster_name: hhmi
- cluster_name: jupyter-meets-the-earth
Expand Down
10 changes: 10 additions & 0 deletions config/clusters/dandi/cluster.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
name: dandi
provider: aws # https://2i2c.awsapps.com/start#/
aws:
key: enc-deployer-credentials.secret.json
clusterType: eks
clusterName: dandi
region: us-east-2
billing:
paid_by_us: true
hubs: []
25 changes: 25 additions & 0 deletions config/clusters/dandi/enc-deployer-credentials.secret.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
{
"AccessKey": {
"AccessKeyId": "ENC[AES256_GCM,data:MZvndzWpiNALn0MUbtuWFqvfMrs=,iv:RXY+LBR2QSjWEpm22qgQ624xHCqwUBONdniSrq9iG7w=,tag:v2Gtwist8G54LynyS4vR2Q==,type:str]",
"SecretAccessKey": "ENC[AES256_GCM,data:f+n68ir3cVWqnDvuR6o9x9fxgV4/enwE2Bo78j9hIt+G8/AG134lLw==,iv:/FMMU9SNiLEUQ1LlT7ZKHCJG95U/P4D4XiuAKoGjMj8=,tag:3Pt1VO6rmtuN6eDrYPUaqg==,type:str]",
"UserName": "ENC[AES256_GCM,data:3qGAxEFz8uzcxg3qNIixCstNFwveYpU=,iv:qBBr1YPyfRvV7uEgnthyLIAn1xjiOpn7bmhjbkdNyLI=,tag:tXWg2ECmaEoDQu0KW6GCEA==,type:str]"
},
"sops": {
"kms": null,
"gcp_kms": [
{
"resource_id": "projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs",
"created_at": "2024-03-27T12:12:30Z",
"enc": "CiUA4OM7ePHBf6EWDiBZPv7fJqNwqMUaZZKrKM7SuoWALRxOcunIEkkAXoW3Jvx/Ofy9uDAtL9Vp1C5PY/Y3/NT0Qjm76bzBdBK8UC2egKTz3KYRA2U14G9X39SfqWXwSMz1czyFW2ojno2FxZMD7Rsh"
}
],
"azure_kv": null,
"hc_vault": null,
"age": null,
"lastmodified": "2024-03-27T12:12:31Z",
"mac": "ENC[AES256_GCM,data:QiHU3LnbaXx1ttSutGf+S+GPTSm6ujp7bM0NHZMw5AVy44bMlKl4p6D0yQXFdKmgg6tqA20cZUwk9KvCyuPZrtpwLurFAgpy5N1hToOXQTH9j+j2zslx62d6aj6ETwg5wfM416a2h+tuvws5WoX5RkCvFrUzdFeSv6rTh2CYo4c=,iv:AG1qDkpc5IgM2bB4hrHb13OSdspBUulNaWdRFaYrooc=,tag:2SR4yWgtgP9M6HBkxYmBkw==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.7.3"
}
}
15 changes: 15 additions & 0 deletions config/clusters/dandi/enc-grafana-token.secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
grafana_token: ENC[AES256_GCM,data:lIAqF3jj8MkwegfcSWQXYHgoCEEdaN8R5/UFSkBPdCBmwSb0wK0jtOQaNol1Xg==,iv:ephtL8S+djDG4vnRMZpjOo4uncEynzqCxUtic9MGA8A=,tag:HFA/Dvm7rLPuf7Fpt3dTgQ==,type:str]
sops:
kms: []
gcp_kms:
- resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
created_at: "2024-03-28T11:08:02Z"
enc: CiUA4OM7eAt8g6jUz4eBmZDJnmBNBb46ry/gg48r3NGKbusMuMMJEkkAXoW3JrCEy5GKfXt3TKEDyUgUn7Ki48h7umK/oH7YH0p8sapZ6a9BjzcVTKEs+Qy2PUXb7cZ3gI4bycCRJGHEHUA03oOai4fA
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-03-28T11:08:03Z"
mac: ENC[AES256_GCM,data:0iv4bIKDkKN7eVaNrPvf9BrJ43daWZXrcy51i2GET3r8EUaPDAVfszAWvWF6FjZTfSMrVKKzfx78yJNY6R54cKrNW4vQRkAlVteiumO5kPAP1Z87t+NviDQkRTyjlslNzJaKuXeQCmp6HMZ7knmM9Hg4j2IQaSIip9tt6Rov7Ag=,iv:fU5xMf9z9NyMyJUefxymNFD88f92XovIizmZqud1nqM=,tag:o/gre7sph7io6QM2oWzKHA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3
22 changes: 22 additions & 0 deletions config/clusters/dandi/enc-support.secret.values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
prometheusIngressAuthSecret:
username: ENC[AES256_GCM,data:+JXHY1wulN6IygEkDNMlxcK50ockQE9sH0ToiQN75TVgnBJeF7WZ585eYAO0qE/hHikflTjzUSJSKqCjykLfBA==,iv:sfpnv8SpC8DscRUsDYC8pN4jQTuCGQui2FsS8U1uaJc=,tag:85daJ/ohklPZHqmr0UFG7w==,type:str]
password: ENC[AES256_GCM,data:vBtTP+jI9YvlZUoTuyBJAr5Qy8rSYiQ3hGxbAz2EaYCNqXXw3Z8ViLC7IkU+gnOVA3/hCOdhXVRzYMmQmL0EOg==,iv:Sq6tqsDrHPfVwkk6FaRdHDErHPuLazC1anP7d7tSzDs=,tag:baITohZhJ2O5ev2Lw+B6UQ==,type:str]
grafana:
grafana.ini:
auth.github:
client_id: ENC[AES256_GCM,data:n1xll1x3xnVNHhHPgenSIZFzM1g=,iv:OYVY4Yl9Nq2rIPY8RPOJyo/89EaMe6Rk6CTwOEmtRQA=,tag:RYM2V6OeB9GUr6oilzEaBQ==,type:str]
client_secret: ENC[AES256_GCM,data:M+pDBdHdPMz7S/xDnu1L9rpCtDTlJUBp+Ezyj+3azLWOt/znFtZefg==,iv:68/OFYD1W17/FXlrXHIKD0uvAMXJGc7C8ZE4DLwF4t8=,tag:60rY88mcFLf1P8hNAxjlRw==,type:str]
sops:
kms: []
gcp_kms:
- resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
created_at: "2024-03-27T11:21:55Z"
enc: CiUA4OM7eAaMgnYa97RaqhQWDaQUF8GczZ9LF6inoy62e6rx8zL9EkkAXoW3JmDBwrmRIvDJV7JPY4Bl9h/twDG1USzByU2/9ZpmqhFAB9rKs7z3joeGH7cgoYXfUEhAFup3k0e+muBRVbgtITBJU2gw
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-03-28T11:26:56Z"
mac: ENC[AES256_GCM,data:M8W8ocrlctr44Ad3j0vBVtEBCN29YXAk8R97JuyeyHAwXRCzsEYOfP8aHM41R881+KXzqtO20/fHjL+P9McQM6KplQSiuiDBACjypXUioHz8Jnv+BghiMvvv4FRNt0gEaLK8TyXl0DUyewwxd2q/E0Bch4vr58WSQFJQA86+D+4=,iv:8/WxPGBJN4iSKjzp/+lTAPwgr+0wA8Rnwu3YpU7bQrY=,tag:yYgTC7xN7r6aoXS29lhH4g==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3
32 changes: 32 additions & 0 deletions config/clusters/dandi/support.values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
prometheusIngressAuthSecret:
enabled: true

prometheus:
server:
ingress:
enabled: true
hosts:
- prometheus.dandi.2i2c.cloud
tls:
- secretName: prometheus-tls
hosts:
- prometheus.dandi.2i2c.cloud

grafana:
grafana.ini:
server:
root_url: https://grafana.dandi.2i2c.cloud/
auth.github:
enabled: true
# allowed_organizations should be a space separated list
allowed_organizations: 2i2c-org
auth.github:
enabled: true
allowed_organizations: 2i2c-org
ingress:
hosts:
- grafana.dandi.2i2c.cloud
tls:
- secretName: grafana-tls
hosts:
- grafana.dandi.2i2c.cloud
158 changes: 158 additions & 0 deletions eksctl/dandi.jsonnet
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,158 @@
/*
This file is a jsonnet template of a eksctl's cluster configuration file,
that is used with the eksctl CLI to both update and initialize an AWS EKS
based cluster.

This file has in turn been generated from eksctl/template.jsonnet which is
relevant to compare with for changes over time.

To use jsonnet to generate an eksctl configuration file from this, do:

jsonnet dandi.jsonnet > dandi.eksctl.yaml

References:
- https://eksctl.io/usage/schema/
*/
local ng = import "./libsonnet/nodegroup.jsonnet";

// place all cluster nodes here
local clusterRegion = "us-east-2";
local masterAzs = ["us-east-2a", "us-east-2b", "us-east-2c"];
local nodeAz = "us-east-2a";

// Node definitions for notebook nodes. Config here is merged
// with our notebook node definition.
// A `node.kubernetes.io/instance-type label is added, so pods
// can request a particular kind of node with a nodeSelector
local notebookNodes = [
{ instanceType: "r5.xlarge" },
{ instanceType: "r5.4xlarge" },
{ instanceType: "r5.16xlarge" },
{
instanceType: "g4dn.xlarge",
tags+: {
"k8s.io/cluster-autoscaler/node-template/resources/nvidia.com/gpu": "1"
},
// Allow provisioning GPUs across all AZs, to prevent situation where all
// GPUs in a single AZ are in use and no new nodes can be spawned
availabilityZones: masterAzs,
},
{
instanceType: "g4dn.2xlarge",
tags+: {
"k8s.io/cluster-autoscaler/node-template/resources/nvidia.com/gpu": "1"
},
// Allow provisioning GPUs across all AZs, to prevent situation where all
// GPUs in a single AZ are in use and no new nodes can be spawned
availabilityZones: masterAzs,
}
];
local daskNodes = [
// Node definitions for dask worker nodes. Config here is merged
// with our dask worker node definition, which uses spot instances.
// A `node.kubernetes.io/instance-type label is set to the name of the
// *first* item in instanceDistribution.instanceTypes, to match
// what we do with notebook nodes. Pods can request a particular
// kind of node with a nodeSelector
//
// A not yet fully established policy is being developed about using a single
// node pool, see https://github.com/2i2c-org/infrastructure/issues/2687.
//
{ instancesDistribution+: { instanceTypes: ["r5.4xlarge"] }},
];


{
apiVersion: 'eksctl.io/v1alpha5',
kind: 'ClusterConfig',
metadata+: {
name: "dandi",
region: clusterRegion,
version: "1.29",
},
availabilityZones: masterAzs,
iam: {
withOIDC: true,
},
// If you add an addon to this config, run the create addon command.
//
// eksctl create addon --config-file=dandi.eksctl.yaml
//
addons: [
{
// aws-ebs-csi-driver ensures that our PVCs are bound to PVs that
// couple to AWS EBS based storage, without it expect to see pods
// mounting a PVC failing to schedule and PVC resources that are
// unbound.
//
// Related docs: https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html
//
name: 'aws-ebs-csi-driver',
version: "latest",
wellKnownPolicies: {
ebsCSIController: true,
},
},
],
nodeGroups: [
ng + {
namePrefix: 'core',
nameSuffix: 'a',
nameIncludeInstanceType: false,
availabilityZones: [nodeAz],
ssh: {
publicKeyPath: 'ssh-keys/dandi.key.pub'
},
instanceType: "r5.xlarge",
minSize: 1,
maxSize: 6,
labels+: {
"hub.jupyter.org/node-purpose": "core",
"k8s.dask.org/node-purpose": "core"
},
},
] + [
ng + {
namePrefix: 'nb',
availabilityZones: [nodeAz],
minSize: 0,
maxSize: 500,
instanceType: n.instanceType,
ssh: {
publicKeyPath: 'ssh-keys/dandi.key.pub'
},
labels+: {
"hub.jupyter.org/node-purpose": "user",
"k8s.dask.org/node-purpose": "scheduler"
},
taints+: {
"hub.jupyter.org_dedicated": "user:NoSchedule",
"hub.jupyter.org/dedicated": "user:NoSchedule"
},
} + n for n in notebookNodes
] + ( if daskNodes != null then
[
ng + {
namePrefix: 'dask',
availabilityZones: [nodeAz],
minSize: 0,
maxSize: 500,
ssh: {
publicKeyPath: 'ssh-keys/dandi.key.pub'
},
labels+: {
"k8s.dask.org/node-purpose": "worker"
},
taints+: {
"k8s.dask.org_dedicated" : "worker:NoSchedule",
"k8s.dask.org/dedicated" : "worker:NoSchedule"
},
instancesDistribution+: {
onDemandBaseCapacity: 0,
onDemandPercentageAboveBaseCapacity: 0,
spotAllocationStrategy: "capacity-optimized",
},
} + n for n in daskNodes
] else []
)
}
1 change: 1 addition & 0 deletions eksctl/ssh-keys/dandi.key.pub
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGZlowSxxPZdz3HReqNh5jyzQU6eyswrD1RX/whPemNPedTc9JBsEFFMRJ25Wook3qlzwRJTPcnbdkRi869GMrimHmNn1qA/TFLWvNe0k2PwPLvLoMEYzxsqYT/xamvoc7FcG6F9LNXTl3IxsnXMn9nz1dKKXJr9Fxv0TirwYrpUVtdwosFzhEIbj51jT7A/2Ftt6OgkCoqmKz1ZSFyI5sk4jbjU/ZNfKHCI2iCLiOZtKZMrYZPUmLrPx+aeRvhjfHj7EwzU6Azcsbw836/swjjre8GbKTtpmAzsMUgcpsZp5q4a36kc/Di484iOYZI4oakuUYUMG9VqdKSEh53eFwAo6KrWN8IvzlS6LIgOJSZ6J8Yli4te57zJcBg221l9Wv23rHHDoRJ7c5RCLudUNqIoHzN4x3qp8c4nOyDBO1KH87OeUuQpgUJYPUPtZRnXp7BMO9VrnA6JuRg7uPBxyqOvy4kj5YwFBKsa88bd/NGMuL/IL7PfPSrpiG9k21DY0= [email protected]
21 changes: 21 additions & 0 deletions eksctl/ssh-keys/secret/dandi.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{
"data": "ENC[AES256_GCM,data:djJvABFOD5g06XD7WNkX/EGRSzHE0knBgHKUrtJGullMNVye6gJsNsCOVmel3PIewQDFRM6uxMgQo8B2MBjlEWrn8+THavrRbaUhDSDM2nHKpBCtQjoFmKFKCD7c4XfTAoV+wvapiWBEs5/E4+ld8xTRaKwDTqmNV8LD7/egUzmLDqNEwG7CrpIVilKI8pWbTeoRQ3SPL1z/Y3ozoeI9lMheMCk8+Dr4vV/wbE8eSyOiCpypDruqtEuxkcavUu1O6CvO+X5Q1AiHKiTg1SbXOJ0iYCz6bj2ze7Bu7KI6nLTt933WfJ/XjWjwxhsjHYO6LGW6w440C1A6FWH7dcrRHNSXlV4slBviBHgPBkaXtfEpjS2gZLp88OrwiykDQNtAbK8IRcSlRsh7lQgXbYqO0sBBvnnjHdFcel6CBVaA9jAYQE/oRBV0/2pYhdAu9vf2bjBlNrVz3LoF8W0WkjkT2PTM+zbDyfriB5mMht/6+iHcmjJtC9W1rR9bx2b9v84ulYB04UVwqvrLxvuhswCkjNHI60aLuM8txfEM+K/qj0U01fZrUcdKPWJwpGbCuxt2pCDwdT0mTwEhJYc/heU/UT6LWhtcNz403e4g2dpJN3Hr5Djjhzu2T9mBX5u316lIuz+dCpgGFXCkisSoYbznYaN8btrrsQW0VVqqlmIs3CJCfs1MfvjcHWGtsUIF0b6uK5HtU/rrf0zyaWsWP1pM4Rocxn5CtXfEX2UF41XfJN+tWs04cI8gILCd0Ktr1d81fIIQQt2WArSI3yuOWv1kpjLWhanV3buTkZg+drhYxmQ0Iz+BfTavdXZledw17ye/1+zbNsBb0mG/DE3RWfs3KXxXbzn9bNFdECm5/431AmmRzQzhynpdcfI3pg1O2fR1w6gd7n4wioEWLemSoo+MNMzJnxw72rvbRdOOqPEnf43zVjxzKWSHHP2ClGOrNL5+00d4JRoa+IeWorUSWjMGsnspKlNkI/aXeODbYUKIdyRW4DPyDLtxt2y2VyJ/GPGSS76R/L0WgdamVMLFXFlBhqyLEkzWkfC3pyJr7lbBCS/P9uiWezjOS0ZKcTJ887AH9iIUJFEuXErIylVo35toTNDEYryD7T6ovI2TRE06HA5djvxqr1XROoFSNIoxX6uNEK+GVRmgroGP/aesnnPx9sdNvO//QXmGwr6r450ky1G6RvYcrcj7SxVHvgnlfzwM2htl0prkRFPmcJQ31eRAfWT6RZEJtSxGNklP/l/0BqiXLtNP8zEhu8khrGKKdfiNC6kGjvy8xO44mBGLQk0iuG3LAYJk1Nwv01QieqJIJs2bZMUXeAnCU8g9yyjuLBXmocBKnk9py//qvhzerxD6+xKsy/krBAak70c2cahbf0ZFiJA7TLuqs5c8FYxDlZwRJnFUEX0qMQFll++dz4VA65RVTEWy6UsrtXIN4WpA0bTLUNbSc0Ll7Mpe/dKMU7iF2JEnL8/WkkiYmuCjdACEFjUJGB+gezgU7m57FfB9kcO9ognYgHARXw9ikurL3uy0gsFgCbtMO07AhbkUZBqJRcZlpAME0LJQXgrhtPogyUgKyKT+20VgHwMq/HuuFaOhHYKc13b8A14l/Wo06AIBVwjrGbvUXxx339VwjLklcOc7+bhWsqnlU8ynuZYaygyeAEs/4xFrfuVOeSK951lwjjNqEWJhjAiBA7prCjzRwKVcsmpYM88BYB5d65MhnJhYX71W6WsWrfvA1YvieBrXoZAwOGUdCmKtAaWBborwzjv49hrqZnJiwxHFrRfDw9/sx6jrMwE28HdJLdjbYsLfO5RbX8D27n4NohfU8YBEh+DopEzw7bYyNcTRw+hzC7WGm9XrLEuCVPNzkBf+TR3gpsz4YGeiaSGYQws6IrS5TqGKFwlRu+1PrwZAW7jwLF366m4JeOSI2egnXQf0mOWlOpWEvpL1SRVcJAsJJeMy+SvPfW1mPgX5972lQdzVINOXYxpSfQhe1MRNKQDWM6/0kqus8erbbSUNTO/18nYwoZm0qgSnl285FGvc6e378ershTlD6EnZRQhZuUogK8H4VgSPDQTLKxRw/HinaQnxkCMDqZZVT7dxLKrOwbg45anSLFGqRlXVdT+cdB8D5UjYouRBi5qlwhS4TkDGSdCI2FV/A5AHQt1VYRlZp0amPsulmlOEZkDy8d9fxneAxztnX8EPvhOHkS/ElNuzJU/qSi0VBVdGF16Gwu39ErQ9wpe1LrhOL6wYvmZ2UwGQG/t6ufAFCXT1xJnN5Jpx5sKnzmbL9hhQvq9rtJv+3KTj9i42ESbN1EOIqm/X0CHniAQs/81Mye5LtB21fPrjlj8E1FbWWzNuknUA+isaMqq5u0mLE2QnPmOsV/44Ju7mfyG0ITj3gQU5SMHkHWVWDGYQvvz0sinKB4ODyaR31K344SdB4UV/3WePzKWDzHCdPk3tzuGRzycGESS0it1XgDaPYk7IccFaW2VlJ0IRrQfqH4hw/oSCt1msIX3sfcRFg2bHuyUnNfXSStZ6UaQwvYuQC+NqZxA2mgmkbCKgNr3gjyv+/b/nRfMhm1QNx0GOg4fwbj/BYWBJvB/08BIRPqhjNr3pYFReWIvj2ybYXC6FPIpXFFM9PljhQzdx9gVbd3e3e0kcpuPtm9L5Amilr/1PfTlteKKpkhhEm8I5MSXXIEuIlh6LxsIBQGShS13W82Nljdx8zYZkQx5wi0sGYSkSEENc1KED8B9F1fRe0wUo524IWz/yEjJQ0cPeOEA1lR8ngXxh33ISNA7AxATA686whs9FARDSReDzbmNIQ3TZa3s264V1TubR3Mc3okmBa0Y2WUuaoVnVALEtwDlNnW7zfvq3VWrrtHVq+j0KBARhN8gIptECbAycfKDNmvkqZEgjcAFL/0NYua4PT7OlLREWNobXc2AK64ao7TArdRlNBCyW5NCJyxC6g/WkLs6kFxEgFh1QtBGSafP6ys+3ude4rhVa0NBA76KV7ksYDZqshpl69wGwlHfztwI+06abqyi30Mg1Gt/ECRpPTsJI6ukvIB5S1C/053TbkJimGpSNsxvkLazAVsv95u+2/fLirYDxDqrAejt2wWyNwJFzIBrxLHBNkv4CBQp0fJCcr5/QHwrvq5MFGaf91IuL2vOqVc6VAOTUoywMS7bHXJqbeGakfmhwnUaGheUqStoW+580Mx6VQ6mWmU3s2I4lIc/PhVzm7N2jIYRnkIeqyt52AHSqblCqHi99wUZS+C1Wg/s/Bwm7IDRISuMynSYHMLbINr/a6P+ogj5t5smksT9fvgQt3a6/dMpbfuttnjPqdlcXYC84FWUvdnGffyk8jy77FVu7oQpahYnTRLdWh3hQoxQbQEphP6DKUi8XGPaz7EiOqgRrcA3X33KxbabuBeOsMcbKmL0rQinTJjtFuMj3dI6xkVp+evUm17+GAG7tBpp7N5LscwXP2a1nYmmYf/dQRL9CBSHG,iv:Vl9ffOkvOis3jj1VD/V20N9+AANdQlhWpGHSQ8kOdiQ=,tag:GAZnXhGY/lT1TFNxOK4loQ==,type:str]",
"sops": {
"kms": null,
"gcp_kms": [
{
"resource_id": "projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs",
"created_at": "2024-03-27T11:21:55Z",
"enc": "CiUA4OM7eJAfCKW3LwPtVN6wuDBjgkRyoRqsV2qIxK/NvPy6FJztEkkAXoW3JibG4733q8SwyjMN+3eq8iRrDLguuGbIIe24XVQNn1hCYzKTV6OpWb9ADOJYkxa1jlCa/Oju+ijnKKoJ7fvs7fCrXWhx"
}
],
"azure_kv": null,
"hc_vault": null,
"age": null,
"lastmodified": "2024-03-27T11:21:55Z",
"mac": "ENC[AES256_GCM,data:hSkD4dbecoRyxTwy32akK99EflQkDcCZxwSzDLKZntiuR9aUimDo/R9Kq0bqRH8LnTQLBKCjrPhOHx7FuzciHVAnBBln90wjw73uKFv0OcLP+LBVMiebF0AcFS6/O3fccj6ArQLf8mKhuWMpNdTXeW39h6Njfl5uHDYZ5iMuDm8=,iv:mcIVuWdxCGMpzFxqDkz1xEnHMbtaZSAEvpylqEtYCs8=,tag:BV7vx0C1rTSZwqEwDMOakg==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.7.3"
}
}
26 changes: 26 additions & 0 deletions terraform/aws/projects/dandi.tfvars
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
region = "us-east-2"

cluster_name = "dandi"

cluster_nodes_location = "us-east-2a"

user_buckets = {
"scratch-staging" : {
"delete_after" : 7
},
"scratch" : {
"delete_after" : 7
},
}


hub_cloud_permissions = {
"staging" : {
bucket_admin_access : ["scratch-staging"],
extra_iam_policy : ""
},
"prod" : {
bucket_admin_access : ["scratch"],
extra_iam_policy : ""
},
}