diff --git a/applications/nublado/Chart.yaml b/applications/nublado/Chart.yaml index 321000b3dd..65c1c64b07 100644 --- a/applications/nublado/Chart.yaml +++ b/applications/nublado/Chart.yaml @@ -5,7 +5,7 @@ description: JupyterHub and custom spawner for the Rubin Science Platform sources: - https://github.com/lsst-sqre/nublado home: https://nublado.lsst.io/ -appVersion: 8.3.0 +appVersion: 8.4.0 dependencies: - name: jupyterhub diff --git a/applications/nublado/README.md b/applications/nublado/README.md index 1bf658ad5f..8e1b6e6f74 100644 --- a/applications/nublado/README.md +++ b/applications/nublado/README.md @@ -74,6 +74,11 @@ JupyterHub and custom spawner for the Rubin Science Platform | controller.config.lab.volumeMounts | list | `[]` | Volumes that should be mounted in lab pods. | | controller.config.lab.volumes | list | `[]` | Volumes that will be in lab pods or init containers. This supports NFS, HostPath, and PVC volume types (differentiated in source.type). | | controller.config.logLevel | string | `"INFO"` | Level of Python logging | +| controller.config.metrics.application | string | `"nublado"` | Name under which to log metrics. Generally there is no reason to change this. | +| controller.config.metrics.enabled | bool | `false` | Whether to enable sending metrics | +| controller.config.metrics.events.topicPrefix | string | `"lsst.square.metrics.events"` | Topic prefix for events. It may sometimes be useful to change this in development environments. | +| controller.config.metrics.schemaManager.registryUrl | string | Sasquatch in the local cluster | URL of the Confluent-compatible schema registry server | +| controller.config.metrics.schemaManager.suffix | string | `""` | Suffix to add to all registered subjects. This is sometimes useful for experimentation during development. | | controller.config.pathPrefix | string | `"/nublado"` | Path prefix that will be routed to the controller | | controller.googleServiceAccount | string | None, must be set when using Google Artifact Registry | If Google Artifact Registry is used as the image source, the Google service account that has an IAM binding to the `nublado-controller` Kubernetes service account and has the Artifact Registry reader role | | controller.image.pullPolicy | string | `"IfNotPresent"` | Pull policy for the controller image | diff --git a/applications/nublado/templates/controller-deployment.yaml b/applications/nublado/templates/controller-deployment.yaml index e232218bac..adffdbe027 100644 --- a/applications/nublado/templates/controller-deployment.yaml +++ b/applications/nublado/templates/controller-deployment.yaml @@ -38,6 +38,24 @@ spec: env: - name: EXTERNAL_INSTANCE_URL value: {{ .Values.global.baseUrl | quote }} + {{- if .Values.controller.config.metrics.enabled }} + - name: "KAFKA_BOOTSTRAP_SERVERS" + valueFrom: + secretKeyRef: + name: "mobu-kafka" + key: "bootstrapServers" + - name: "KAFKA_SECURITY_PROTOCOL" + valueFrom: + secretKeyRef: + name: "mobu-kafka" + key: "securityProtocol" + - name: "KAFKA_CLIENT_CERT_PATH" + value: "/etc/mobu-kafka/user.crt" + - name: "KAFKA_CLIENT_KEY_PATH" + value: "/etc/mobu-kafka/user.key" + - name: "KAFKA_CLUSTER_CA_PATH" + value: "/etc/mobu-kafka/ca.crt" + {{- end }} {{- if .Values.controller.slackAlerts }} - name: "NUBLADO_SLACK_WEBHOOK" valueFrom: @@ -66,6 +84,20 @@ spec: mountPath: "/etc/secrets" readOnly: true {{- end }} + {{- if .Values.controller.config.metrics.enabled }} + - name: "kafka" + mountPath: "/etc/mobu-kafka/ca.crt" + readOnly: true + subPath: "ssl.truststore.crt" + - name: "kafka" + mountPath: "/etc/mobu-kafka/user.crt" + readOnly: true + subPath: "ssl.keystore.crt" + - name: "kafka" + mountPath: "/etc/mobu-kafka/user.key" + readOnly: true + subPath: "ssl.keystore.key" + {{- end }} - name: "podinfo" mountPath: "/etc/podinfo" {{- with .Values.controller.nodeSelector }} @@ -82,14 +114,19 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} volumes: + - name: "config" + configMap: + name: "nublado-controller-config" {{- if eq "docker" .Values.controller.config.images.source.type }} - name: "docker-creds" secret: secretName: "pull-secret" {{- end }} - - name: "config" - configMap: - name: "nublado-controller-config" + {{- if .Values.config.metrics.enabled }} + - name: "kafka" + secret: + secretName: "nublado-kafka" + {{- end }} - name: "podinfo" downwardAPI: items: diff --git a/applications/nublado/templates/kafka-access.yaml b/applications/nublado/templates/kafka-access.yaml new file mode 100644 index 0000000000..f8e9edef30 --- /dev/null +++ b/applications/nublado/templates/kafka-access.yaml @@ -0,0 +1,16 @@ +{{- if .Values.controller.config.metrics.enabled -}} +apiVersion: access.strimzi.io/v1alpha1 +kind: KafkaAccess +metadata: + name: "nublado-kafka" +spec: + kafka: + name: "sasquatch" + namespace: "sasquatch" + listener: "tls" + user: + kind: "KafkaUser" + apiGroup: "kafka.strimzi.io" + name: "app-metrics-nublado" + namespace: "sasquatch" +{{- end }} diff --git a/applications/nublado/values-idfdev.yaml b/applications/nublado/values-idfdev.yaml index dbb5dd4a6d..666e30ad73 100644 --- a/applications/nublado/values-idfdev.yaml +++ b/applications/nublado/values-idfdev.yaml @@ -77,6 +77,8 @@ controller: volumeName: "project" - containerPath: "/scratch" volumeName: "scratch" + metrics: + enabled: true jupyterhub: hub: db: diff --git a/applications/nublado/values.yaml b/applications/nublado/values.yaml index 66b6551d0d..c34f22346a 100644 --- a/applications/nublado/values.yaml +++ b/applications/nublado/values.yaml @@ -371,6 +371,28 @@ controller: # readOnly: true # volumeName: "project" + metrics: + # -- Whether to enable sending metrics + enabled: false + + # -- Name under which to log metrics. Generally there is no reason to + # change this. + application: "nublado" + + events: + # -- Topic prefix for events. It may sometimes be useful to change this + # in development environments. + topicPrefix: "lsst.square.metrics.events" + + schemaManager: + # -- URL of the Confluent-compatible schema registry server + # @default -- Sasquatch in the local cluster + registryUrl: "http://sasquatch-schema-registry.sasquatch.svc.cluster.local:8081" + + # -- Suffix to add to all registered subjects. This is sometimes useful + # for experimentation during development. + suffix: "" + # JupyterHub configuration handled directly by this chart rather than by Zero # to JupyterHub. hub: diff --git a/applications/sasquatch/charts/app-metrics/values.yaml b/applications/sasquatch/charts/app-metrics/values.yaml index a25f46bf14..dc1b0b4321 100644 --- a/applications/sasquatch/charts/app-metrics/values.yaml +++ b/applications/sasquatch/charts/app-metrics/values.yaml @@ -20,6 +20,9 @@ globalAppConfig: - "username" - "notebook" - "repo" + nublado: + influxTags: + - "username" wobbly: influxTags: - "service" diff --git a/applications/sasquatch/values-idfdev.yaml b/applications/sasquatch/values-idfdev.yaml index 360d5744f1..e447c4a607 100644 --- a/applications/sasquatch/values-idfdev.yaml +++ b/applications/sasquatch/values-idfdev.yaml @@ -159,6 +159,7 @@ app-metrics: apps: - gafaelfawr - mobu + - nublado - wobbly backup: