From 795bb6546078f7c00d0d9860a4282b29404f9c3e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= <valtri@civ.zcu.cz>
Date: Wed, 24 Jan 2024 16:55:47 +0000
Subject: [PATCH] Initial experiments with Enterprise Gateway in kubernetes

---
 cesnet-mcc/inventory/99-all.yaml  |  1 +
 cesnet-mcc/playbooks/gateway.yaml | 71 +++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+)
 create mode 100644 cesnet-mcc/playbooks/gateway.yaml

diff --git a/cesnet-mcc/inventory/99-all.yaml b/cesnet-mcc/inventory/99-all.yaml
index d39c6a7..509e2f4 100644
--- a/cesnet-mcc/inventory/99-all.yaml
+++ b/cesnet-mcc/inventory/99-all.yaml
@@ -13,4 +13,5 @@ all:
     site_name: cesnet-mcc
     vault_mount_point: eosc/dev
 
+    gateway_hostname: gateway-cesnet.eosc.zcu.cz
     grafana_hostname: grafana-cesnet.eosc.zcu.cz
diff --git a/cesnet-mcc/playbooks/gateway.yaml b/cesnet-mcc/playbooks/gateway.yaml
new file mode 100644
index 0000000..93a5bba
--- /dev/null
+++ b/cesnet-mcc/playbooks/gateway.yaml
@@ -0,0 +1,71 @@
+---
+- name: Enterprise Gateway Deployment
+  hosts: master
+  become: true
+  vars:
+    namespace: gateway
+    version: 3.2.2
+  tasks:
+    - name: Enterprise Gateway Configuration
+      copy:
+        dest: /tmp/gateway.yaml
+        mode: 0640
+        content: |
+          global:
+            rbac: true
+          deployment:
+            replicas: 1
+            # serviceAccountName: 'enterprise-gateway-sa'
+            terminationGracePeriodSeconds: 60
+          ingress:
+            enabled: true
+            annotations:
+              kubernetes.io/ingress.class: "nginx"
+              # kubernetes.io/tls-acme: "true"
+            hosts:
+            - "{{ gateway_hostname }}"
+            # tls:
+            # - hosts:
+            #   - "{{ gateway_hostname }}"
+            #   secretName: acme-tls-grafana
+          kip:
+            enabled: true
+            # serviceAccountName: 'kernel-image-puller-sa'
+            # podSecurityPolicy:
+            #   create: true
+          service:
+            type: "ClusterIP"
+            ports:
+              # Enterprise Gateway reqursts
+              - name: http
+                port: 8888
+                targetPort: 8888
+              # Kernel connection info responses
+              - name: http-reponse
+                port: 8887
+                targetPort: 8887
+    - name: Enterprise Gateway Download
+      get_url:
+        url: "https://github.com/jupyter-server/enterprise_gateway/releases/download/v{{ version }}/jupyter_enterprise_gateway_helm-{{ version }}.tar.gz"
+        dest: "/tmp/jupyter_enterprise_gateway_helm-{{ version }}.tar.gz"
+        mode: 0644
+    - name: Enterprise Gateway Helm
+      vars:
+        config: >-
+          --namespace {{ namespace }}
+          --kube-context kubernetes-admin@kubernetes
+          -f /tmp/gateway.yaml
+          enterprise-gateway
+          /tmp/jupyter_enterprise_gateway_helm-{{ version }}.tar.gz
+      shell: |-
+        helm status --namespace {{ namespace }} enterprise-gateway
+        if [ $? -ne 0 ]; then
+          kubectl create namespace {{ namespace }} || :
+          helm install {{ config }}
+        else
+          helm upgrade {{ config }}
+        fi
+      environment:
+        KUBECONFIG: /etc/kubernetes/admin.conf
+        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      when: true
-- 
GitLab