-
Notifications
You must be signed in to change notification settings - Fork 66
Feature: on node user creation #303
Changes from 12 commits
9c7af6d
6e0885b
8cd247b
38ada54
dc12ed7
569d917
e3a2806
7119193
2f5cc87
527c17f
2a03e0b
06f85c2
9186827
b1a0b07
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,6 +10,7 @@ | |
from aztk.spark.helpers import job_submission as job_submit_helper | ||
from aztk.spark.helpers import get_log as get_log_helper | ||
from aztk.spark.utils import upload_node_scripts, util | ||
import yaml | ||
|
||
|
||
class Client(BaseClient): | ||
|
@@ -21,10 +22,18 @@ def __init__(self, secrets_config): | |
''' | ||
def create_cluster(self, cluster_conf: models.ClusterConfiguration, wait: bool = False): | ||
try: | ||
if cluster_conf.user_configuration: | ||
user_conf = yaml.dump({'username': cluster_conf.user_configuration.username, | ||
'password': cluster_conf.user_configuration.password, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We may want to omit password until we support encryption. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If we disable password here that means that we would no longer support adding a user with password at cluster creation time. That's a potentially breaking change, so maybe this should PR should wait for or include the encryption feature. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. If the goal is just to not have the password in cleartext in user.yaml, we could also hash it, and create the user using the hash. That would break ssh'ing outside of AZTK, though. |
||
'ssh-key': cluster_conf.user_configuration.ssh_key, | ||
'cluster_id': cluster_conf.cluster_id}) | ||
else: | ||
user_conf = None | ||
zip_resource_files = upload_node_scripts.zip_scripts(self.blob_client, | ||
cluster_conf.cluster_id, | ||
cluster_conf.custom_scripts, | ||
cluster_conf.spark_configuration) | ||
cluster_conf.spark_configuration, | ||
user_conf) | ||
|
||
start_task = create_cluster_helper.generate_cluster_start_task(self, | ||
zip_resource_files, | ||
|
@@ -137,7 +146,7 @@ def get_application_status(self, cluster_id: str, app_name: str): | |
return task.state._value_ | ||
except batch_error.BatchErrorException as e: | ||
raise error.AztkError(helpers.format_batch_exception(e)) | ||
|
||
''' | ||
job submission | ||
''' | ||
|
@@ -180,7 +189,7 @@ def submit_job(self, job_configuration): | |
else: | ||
raise error.AztkError("Jobs do not support both dedicated and low priority nodes." \ | ||
" JobConfiguration fields max_dedicated_nodes and max_low_pri_nodes are mutually exclusive values.") | ||
|
||
job = self.__submit_job( | ||
job_configuration=job_configuration, | ||
start_task=start_task, | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -101,7 +101,7 @@ def __add_str_to_zip(zipf, payload, zipf_file_path=None): | |
zipf.writestr(zipf_file_path, payload) | ||
return zipf | ||
|
||
def zip_scripts(blob_client, container_id, custom_scripts, spark_configuration): | ||
def zip_scripts(blob_client, container_id, custom_scripts, spark_configuration, user_conf=None): | ||
zipf = __create_zip() | ||
if custom_scripts: | ||
zipf = __add_custom_scripts(zipf, custom_scripts) | ||
|
@@ -117,8 +117,12 @@ def zip_scripts(blob_client, container_id, custom_scripts, spark_configuration): | |
for jar in spark_configuration.jars: | ||
zipf = __add_file_to_zip(zipf, jar, 'jars', binary=True) | ||
|
||
if user_conf: | ||
zipf = __add_str_to_zip(zipf, user_conf, 'user.yaml') | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why _add_str_to_zip? Isn't this a file? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The user_conf is a byte string that is written to a file in node_scripts called __add_str_to_zip() is probably not the best name for what this method does, though. |
||
|
||
# add helper file to node_scripts/submit/ | ||
zip_file_to_dir(file=os.path.join(constants.ROOT_PATH, 'aztk', 'utils', 'command_builder.py'), directory='', zipf=zipf, binary=False) | ||
|
||
zipf.close() | ||
|
||
return __upload(blob_client, container_id) |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
import os | ||
import yaml | ||
import azure.batch.models as batch_models | ||
import azure.batch.models.batch_error as batch_error | ||
from datetime import datetime, timezone, timedelta | ||
''' | ||
Creates a user if the user configuration file at $DOCKER_WORKING_DIR/user.yaml exists | ||
''' | ||
|
||
def create_user(batch_client): | ||
path = os.path.join(os.environ['DOCKER_WORKING_DIR'], "user.yaml") | ||
|
||
if not os.path.isfile(path): | ||
print("No user to create.") | ||
return | ||
|
||
with open(path) as file: | ||
user_conf = yaml.load(file.read()) | ||
|
||
try: | ||
batch_client.compute_node.add_user( | ||
pool_id=os.environ['AZ_BATCH_POOL_ID'], | ||
node_id=os.environ['AZ_BATCH_NODE_ID'], | ||
user=batch_models.ComputeNodeUser( | ||
name=user_conf['username'], | ||
is_admin=True, | ||
password=user_conf['password'], | ||
ssh_public_key=str(user_conf['ssh-key']), | ||
expiry_time=datetime.now(timezone.utc) + timedelta(days=365) | ||
) | ||
) | ||
except batch_error.BatchErrorException as e: | ||
print(e) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will this get auto-populated from the users' secrets.yaml?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On the CLI, yeah -- that happens here:
https://github.com/jafreck/aztk/blob/06f85c2538db98e168fed8c38fe9b88524f95e5f/cli/spark/endpoints/cluster/cluster_create.py#L87
For the SDK, no the secrets.yaml file is not used at all.