Merge pull request #8 from oindrillac/master

MichaelClifford · web-flow · commit aab26f0fc39b · 2021-06-25T09:46:00.000-04:00
modified s2i build nb steps to account for private repos and env vars
diff --git a/notebooks/notebook2image/ODSC19-Demo-OpenShift-Machine-Learning-Setup.ipynb b/notebooks/notebook2image/ODSC19-Demo-OpenShift-Machine-Learning-Setup.ipynb
@@ -11,6 +11,7 @@
     "* Access to OpenShift\n",
     "* Install oc client\n",
     "* Git clone a repo\n",
+    "* Set env Variables\n",
     "* Deploy new app\n",
     "* Expose it as a service\n",
     "* Interact with the service"
@@ -107,6 +108,17 @@
     "Once the user has made the appropriate changes to their notebook they can push it back to github for the s2i builder. "
    ]
   },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "## Set Environment Variables as Secrets\n",
+    "\n",
+    "Any environment variables needed for the notebook to execute such as s3 bucket credentials can be configured as [Secrets](https://docs.openshift.com/container-platform/3.11/dev_guide/secrets.html) in OpenShift. Using the web console, by navigating to Resources and Secrets, we can create \"Generic\" Secret types for the environment variable, set a \"Secret Name\", specify the name of the key referenced in the notebook as \"Key\" and the value of the environment variable as \"Value\".\n",
+    "\n",
+    "After launching the service, we can add these Secrets to the Build Environment Variables and selecting \"Add Value from Config Map or Secret\". We can let the initial build fail and upon triggering a \"Rebuild\", the secrets will be used."
+   ]
+  },
   {
    "cell_type": "markdown",
    "metadata": {},
@@ -128,6 +140,31 @@
     "~https://github.com/MichaelClifford/example-model-s2i-notebook"
    ]
   },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "When building from a private Git repo, we need to follow some additional steps. We can use deploy keys to authenticate the private Git repository.\n",
+    "By following the steps outlined [here](https://www.openshift.com/blog/private-git-repositories-part-2a-repository-ssh-keys), we can generate an ssh key to be used with the repository. We need to add the Public key (the .pub file) that we generated to the Github Repo by going to the repo settings under \"Add deploy key\".  \n",
+    "\n",
+    "The private key can be added as a Source Secret on OpenShift the same way we added environment variables. For adding the private ssh key, we can create a new Source Secret and select authentication type as \"SSH Key\", specify a secret name and paste the private key that we generated in the Private SSH Key section.\n",
+    "\n",
+    "Once we have set up the Secret, we can run the `new-app` command with the ssh url of the repo and specify the --source-secret parameter."
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "%%bash\n",
+    "oc new-app --name model \\\n",
+    "quay.io/willbenton/simple-model-s2i:demo\\\n",
+    "~git@github.com:MichaelClifford/example-model-s2i-notebook.git \\\n",
+    "--source-secret secretname"
+   ]
+  },
   {
    "cell_type": "markdown",
    "metadata": {},
@@ -197,7 +234,7 @@
    "name": "python",
    "nbconvert_exporter": "python",
    "pygments_lexer": "ipython3",
-   "version": "3.6.3"
+   "version": "3.8.3"
   },
   "varInspector": {
    "cols": {
@@ -230,5 +267,5 @@
   }
  },
  "nbformat": 4,
- "nbformat_minor": 2
+ "nbformat_minor": 4
 }
