Skip to content

Instantly share code, notes, and snippets.

@rok

rok/jh.yml

Last active October 23, 2019 14:08
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rok/909b6bb57b856ac1e5e8f1f123286e92 to your computer and use it in GitHub Desktop.
Save rok/909b6bb57b856ac1e5e8f1f123286e92 to your computer and use it in GitHub Desktop.
Download ZIP
Add water for Jupyterhub
Raw
jh.yml
# To run:
# aws cloudformation create-stack \
# --template-body file://jh.yml \
# --profile <YOUR_USER_PROFILE> \
# --stack-name jupyterhub \
# --parameters ParameterKey=KeyName,ParameterValue=<YOUR_KEYPAIR_NAME> \
# ParameterKey=InstanceType,ParameterValue=t2.micro
Parameters:
KeyName:
Type: "AWS::EC2::KeyPair::KeyName"
Description: Amazon EC2 Key Pair
InstanceType:
Type: String
Default: t2.micro
Description: Enter t2.micro, m1.small, or m1.large, etc.
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.1.0.0/16
Tags:
- Key: Application
Value: !Ref AWS::StackId
- Key: Network
Value: Public
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
MapPublicIpOnLaunch: true
CidrBlock: 10.1.0.0/16
Tags:
- Key: Application
Value: !Ref AWS::StackId
- Key: Network
Value: Public
DependsOn: VPC
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Enable SSH access via port 22 and HTTPS via 443
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Application
Value: !Ref AWS::StackId
- Key: Network
Value: Public
GatewayToInternet:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Application
Value: !Ref AWS::StackId
- Key: Network
Value: Public
PublicRoute:
Type: AWS::EC2::Route
DependsOn: GatewayToInternet
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet
RouteTableId: !Ref PublicRouteTable
EC2Instance:
Type: AWS::EC2::Instance
Metadata:
AWS::CloudFormation::Init:
configSets:
default:
- create-files
- run-commands
create-files:
files:
/etc/supervisor/conf.d/jupyterhub.conf:
content: |
# /etc/supervisor/conf.d/jupyterhub.conf
[program:jupyterhub]
command=bash launch.sh
directory=/srv/jupyterhub
autostart=true
autorestart=true
startretries=3
exitcode=0,2
stopsignal=TERM
redirect_stderr=true
stdout_logfile=/var/log/jupyterhub.log
stdout_logfile_maxbytes=1MB
stdout_logfile_backups=10
user=root
/srv/jupyterhub/launch.sh:
content: |
#!/usr/bin/env bashpen
# /srv/jupyterhub/launch.sh
source /srv/jupyterhub/env/jupyterhub/bin/activate
set -e
exec jupyterhub -f ./jupyterhub_config.py $@
/srv/jupyterhub/jupyterhub_config.py:
content: |
# /srv/jupyterhub/jupyterhub_config.py
import os
pjoin = os.path.join
c = get_config()
runtime_dir = os.path.join('/srv/jupyterhub')
ssl_dir = pjoin(runtime_dir, 'ssl')
c.JupyterHub.ip = '0.0.0.0'
c.JupyterHub.port = 443
c.JupyterHub.ssl_key = pjoin(ssl_dir, 'ssl.key')
c.JupyterHub.ssl_cert = pjoin(ssl_dir, 'ssl.cert')
c.JupyterHub.cookie_secret_file = pjoin(runtime_dir, 'jupyterhub_cookie_secret')
c.JupyterHub.db_url = pjoin(runtime_dir, 'jupyterhub.sqlite')
c.Authenticator.admin_users = {'ubuntu'}
c.LocalAuthenticator.create_system_users = True
c.JupyterHub.admin_access = True
run-commands:
commands:
'1':
command: echo $(hostname -I | cut -d\ -f1) $(hostname) | sudo tee -a /etc/hosts
'2':
command: |
sudo DEBIAN_FRONTEND=noninteractive apt -y \
-o Dpkg::Options::="--force-confdef" \
-o Dpkg::Options::="--force-confold" upgrade
'3':
command: sudo apt -y install supervisor npm nodejs-legacy python3-pip
'4':
command: mkdir /srv/jupyterhub/ssl
'5':
command: |
sudo openssl req -newkey rsa:2048 -nodes -x509 \
-keyout /srv/jupyterhub/ssl/ssl.key \
-out /srv/jupyterhub/ssl/ssl.cert \
-subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com"
'6':
command: sudo npm install -g configurable-http-proxy
'7':
command: sudo -H pip3 install --system notebook jupyterhub
'8':
command: sudo setcap 'cap_net_bind_service=+ep' $(readlink -f $(which node))
'9':
command: sudo supervisorctl start jupyterhub
Properties:
UserData:
Fn::Base64: !Sub |
#!bin/bash -xe
sudo apt-get update
sudo apt -y install python-setuptools
sudo easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz
sudo /usr/local/bin/cfn-init -v --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region}
sudo /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region}
ImageId: ami-785db401
InstanceType: !Ref InstanceType
KeyName: !Ref KeyName
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !Ref InstanceSecurityGroup
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: 200
Tags:
- Key: Name
Value: !Ref AWS::StackName
DependsOn:
- PublicSubnet
- InstanceSecurityGroup
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment