Home

Awesome

Workbench API server rewritten in Python

This project utilizes a Swagger spec compatible with Workbench V1.

Prerequisites

Usage

This project offers a fairly standard Docker image that can be built and run using common patterns. With Docker, there is no need to clone the source in order to run the full application.

To run the pre-built Docker image:

$ docker run -itd -e KEYCLOAK_HOST="https://gateway.docker.internal/auth" \
                  -e MONGO_URI="mongodb://gateway.docker.internal:27017/ndslabs?authSource=admin" \
                  -v $(pwd)/backend.json:/app/env/backend.json \
                  -p 5000:5000 \
                  ndslabs/apiserver:develop

Configuration

These options can be changed by adjusting either env/backend.json or using environment variables.

If no environment variables are provided, then the values in backend.json will be used. If environment variables are provided, then those will be used directly.

Below are the configuration options offered by the application:

EnvVarJSON PathDescriptionDefault
BACKEND_CFG_PATH--Set the location of backend.json./env/backend.json
FRONTEND_CFG_PATH--Set the location of frontend.json./env/frontend.json
DEBUGdebugIf true, enable Debug mode (verbose output + live reload)false
DOMAINdomainDomain suffix to use for creating ingress ruleskubernetes.docker.internal
KUBE_WORKBENCH_SINGLEPODsinglepodIf true, run each workbench app as a single podfalse
KUBE_PVC_STORAGECLASSstorage_classStorageClass for created userapp volumesndslabs
KUBE_WORKBENCH_NAMESPACEnamespaceThe namespace to use for created resources (if empty, create per-user namespaces)default
KUBE_RESOURCE_PREFIXresource_prefixIf given, prepend this prefix to all resource names created by the server""
SWAGGER_URLswagger_urlPath to the Swagger spec to use to run the applicationopenapi/swagger-v1.yml
INSECURE_SSL_VERIFYinsecure_ssl_verifyIf false, skip verification of insecure SSL requeststrue
KEYCLOAK_HOSTkeycloak.hostnameHostname of the Keycloak instance to usehttps://kubernetes.docker.internal/auth
KEYCLOAK_REALMkeycloak.realmNameRealm name to use for OIDC discoveryworkbench-dev
KEYCLOAK_CLIENT_IDkeycloak.clientIdClient ID (name) of the Client in keycloakworkbench-local
KEYCLOAK_CLIENT_SECRETkeycloak.clientSecretClient Secret for the client above (not needed for "public" clients)""
MONGO_URImongo.uriURI of the MongoDB cluster to usemongodb://gateway.docker.internal:27017/ndslabs?authSource=admin
MONGO_DBmongo.dbDatabase name to usendslabs
OAUTH_USERINFO_URLoauth.userinfoUrlURL to the auth userinfo endpointopenapi/swagger-v1.yml

Experimental

TODOs and/or proposed or currently unused config items.

EnvVarJSON PathDescriptionDefault
--timeoutDefault startup timeout for userapps30
--inactivity_timeoutDefault inactivity timeout for userapps30
--storage.home.claim_suffixSuffix to append to the names of user "home" PVCs-home
--storage.home.storage_classRemoved: Replaced by storage_classnfs
--storage.shared.enabledIf true, mount shared storage to each user podfalse
--storage.shared.read_onlyIf true, mount shared storage as ReadOnlytrue
--storage.shared.storage_classStorageClass to use when creating shared storage volumenfs
--storage.shared.volume_pathPath within each container to mount the shared storage volume/tmp/shared
--userapps.ingress.annotationsAdd additional annotations to add to the created ingress rules (e.g. auth){}

Development

Clone this repo:

$ git clone https://github.com/nds-org/workbench-apiserver-python

With Docker

To rebuild the Docker image from source:

$ docker build -t ndslabs/apiserver:develop .

Without Docker

Install Python dependencies:

$ pip install -r requirements.txt

Run the application locally (for testing):

$ python server.py

Generating CRDs

Side note: the Swagger spec provided in this project generates experimental CRDs for use in Kubernetes. These CRDs are not currently utilized by the application itself, and offered for experimentation only. CAUTION: These CRDs and the patterns surrounding them may change in the near future as we work to support them within the Python application.

See https://github.com/bodom0015/swagger-k8s-crd-codegen for details

Importing Specs

In the jobs/ folder is a small script/image that can be used to populate the database using a folder of spec JSONs.

To see a full list of available applications, see https://github.com/nds-org/ndslabs-specs

If you modify the script locally, you can rebuild the image:

$ docker build -t YOUR_USERNAME/specloader .

NOTE: You must push the image to a public location to use it within your cluster

$ docker push YOUR_USERNAME/specloader