-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Simplified integration with namespace local JupyterHub Helm charts #612
Simplified integration with namespace local JupyterHub Helm charts #612
Conversation
ef23bda
to
100259f
Compare
Relies on dask/dask-gateway#612 released in some version after 2022.6.1 so we don't have to set this explicitly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very cool @consideRatio!
One quick question: do you worry at all about upgrades to existing deployments? I suspect things will be just fine, since providing your own tokens continues to be an option.
Exactly, previously everyone has been forced to provide a token - so they should all be fine as this will only impact people not providing a token. Thank you for looking at this PR @TomAugspurger!!! |
Great, thanks. Feel free to merge whenever you're ready! |
Thanks! Going for it! |
…hub chart Relies on dask/dask-gateway#612 released in 2022.10.0 so we don't have to set this explicitly.
…hub chart Relies on dask/dask-gateway#612 released in 2022.10.0 so we don't have to set this explicitly.
…hub chart Relies on dask/dask-gateway#612 released in 2022.10.0 so we don't have to set this explicitly.
Summary
Closes #473. The idea is to enable users installing both the dask-gateway chart and jupyterhub chart to not provide any api-token credential for dask-gateway/juyterhub to trust each other, but instead rely on a generated api-token persisted in a k8s Secret.
The implementation plan in #473 was the following:
This PR follows that plan quite well, but provides a default for the k8s Secret name and Key config and relies on them by default unless the previously required
apiToken
is specified. This PR also updates the documentation under the topic of installing the dask-gateway helm chart and autenticating against a JupyterHub Helm chart installation.Added chart config in values.yaml
The schema file is also updated to reflect this new configuration.
Successfully tested
I've tested this on the hub.jupytearth.org deployment of a dask-gateway deployed next to a jupyterhub.
How dask/helm-chart's daskhub would adjust with this
Steps relating to generating and configuring an api token could be simplied. This would be an example of the configuration to have, without secret credentials involved.