|
| 1 | +# Managed Datalab Service Example |
| 2 | + |
| 3 | +This directory shows how you can run your own service for automatically |
| 4 | +allocating and managing Datalab instances. |
| 5 | + |
| 6 | +This is done by defining a VM manager that creates and deletes the instances, |
| 7 | +and pairing that with an [inverting proxy](https://github.com/google/inverting-proxy) |
| 8 | +that is used to connect to those instances. |
| 9 | + |
| 10 | +The resulting service allows users under a particular domain (e.g. |
| 11 | +`[email protected]`) to automatically get a Datalab instance that |
| 12 | +is assigned to them and runs in your GCP project. |
| 13 | + |
| 14 | +Each Datalab instance runs with its own service account which can be found |
| 15 | +by clicking on the user icon in the Datalab UI. |
| 16 | + |
| 17 | +## DISCLAIMER |
| 18 | + |
| 19 | +This is experimental and unsupported. |
| 20 | + |
| 21 | +Note, also, that this is not cheap. The pool of VMs, the VM manager, and |
| 22 | +the static file server are all running continuously. If you run this with |
| 23 | +the default settings then you should expect it to cost you at least several |
| 24 | +hundred dollars per month. If you increase the machine type then it will |
| 25 | +cost even more. |
| 26 | + |
| 27 | +## Setup |
| 28 | + |
| 29 | +To deploy this, first create a GCP project to run the service and enable |
| 30 | +the Compute Engine API in that project. |
| 31 | + |
| 32 | +Then, set the `PROJECT_ID` environment variable to the ID of your project, |
| 33 | +and run the following commands to deploy the inverting proxy to your project: |
| 34 | + |
| 35 | +```sh |
| 36 | +pushd ./ |
| 37 | +cd /tmp |
| 38 | +git clone https://github.com/google/inverting-proxy |
| 39 | +cd inverting-proxy |
| 40 | +make deploy |
| 41 | +popd |
| 42 | +``` |
| 43 | + |
| 44 | +Next, deploy the `datalabstatic` App Engine service to your project. |
| 45 | + |
| 46 | +This serves static content for Datalab instances directly from a single, |
| 47 | +read-only instance of Datalab, and makes the UI much more responsive by |
| 48 | +avoiding the need to proxy static resources: |
| 49 | + |
| 50 | +Run the following commands to deploy it. The `app deploy` step can sometimes |
| 51 | +fail saying that the backend did not report as healthy in time. If that happens, |
| 52 | +just retry it: |
| 53 | + |
| 54 | +```sh |
| 55 | +gcloud --project ${PROJECT_ID} app deploy staticfiles/*.yaml |
| 56 | +``` |
| 57 | + |
| 58 | +Now, you can deploy the VM manager, which also runs in an App Engine Flex app. |
| 59 | + |
| 60 | +Before you do, set the value of the `MY_DOMAIN` environment variable to the |
| 61 | +domain portion of your user's email addresses. For example, if you are allowing |
| 62 | +users with `@example.com` email addresses, then you would run |
| 63 | +`export MY_DOMAIN=example.com`: |
| 64 | + |
| 65 | +```sh |
| 66 | +sed -i -e "s/MY_DOMAIN/${MY_DOMAIN}/" vmmanager/vmmanager.yaml |
| 67 | +gcloud --project ${PROJECT_ID} app deploy vmmanager/vmmanager.yaml |
| 68 | +git checkout -- vmmanager/vmmanager.yaml |
| 69 | +``` |
| 70 | + |
| 71 | +Finally, configure the VM manager as the default backend for your proxy: |
| 72 | + |
| 73 | +```sh |
| 74 | +curl -H "Authorization: Bearer $(gcloud auth print-access-token)" \ |
| 75 | + -d "{\"id\": \"vm-manager\", \"endUser\": \"allUsers\", \"pathPrefixes\": [\"\"], \"backendUser\": \"${PROJECT_ID}@appspot.gserviceaccount.com\"}" \ |
| 76 | + https://api-dot-${PROJECT_ID}.appspot.com/api/backends |
| 77 | +``` |
0 commit comments