Add water for Jupyterhub
# To run: | |
# aws cloudformation create-stack \ | |
# --template-body file://jh.yml \ | |
# --profile <YOUR_USER_PROFILE> \ | |
# --stack-name jupyterhub \ | |
# --parameters ParameterKey=KeyName,ParameterValue=<YOUR_KEYPAIR_NAME> \ | |
# ParameterKey=InstanceType,ParameterValue=t2.micro | |
Parameters: | |
KeyName: | |
Type: "AWS::EC2::KeyPair::KeyName" | |
Description: Amazon EC2 Key Pair | |
InstanceType: | |
Type: String | |
Default: t2.micro | |
Description: Enter t2.micro, m1.small, or m1.large, etc. | |
Resources: | |
VPC: | |
Type: AWS::EC2::VPC | |
Properties: | |
CidrBlock: 10.1.0.0/16 | |
Tags: | |
- Key: Application | |
Value: !Ref AWS::StackId | |
- Key: Network | |
Value: Public | |
PublicSubnet: | |
Type: AWS::EC2::Subnet | |
Properties: | |
VpcId: !Ref VPC | |
MapPublicIpOnLaunch: true | |
CidrBlock: 10.1.0.0/16 | |
Tags: | |
- Key: Application | |
Value: !Ref AWS::StackId | |
- Key: Network | |
Value: Public | |
DependsOn: VPC | |
InstanceSecurityGroup: | |
Type: AWS::EC2::SecurityGroup | |
Properties: | |
GroupDescription: Enable SSH access via port 22 and HTTPS via 443 | |
VpcId: !Ref VPC | |
SecurityGroupIngress: | |
- IpProtocol: tcp | |
FromPort: 22 | |
ToPort: 22 | |
CidrIp: 0.0.0.0/0 | |
- IpProtocol: tcp | |
FromPort: 443 | |
ToPort: 443 | |
CidrIp: 0.0.0.0/0 | |
InternetGateway: | |
Type: AWS::EC2::InternetGateway | |
Properties: | |
Tags: | |
- Key: Application | |
Value: !Ref AWS::StackId | |
- Key: Network | |
Value: Public | |
GatewayToInternet: | |
Type: AWS::EC2::VPCGatewayAttachment | |
Properties: | |
VpcId: !Ref VPC | |
InternetGatewayId: !Ref InternetGateway | |
PublicRouteTable: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: !Ref VPC | |
Tags: | |
- Key: Application | |
Value: !Ref AWS::StackId | |
- Key: Network | |
Value: Public | |
PublicRoute: | |
Type: AWS::EC2::Route | |
DependsOn: GatewayToInternet | |
Properties: | |
RouteTableId: !Ref PublicRouteTable | |
DestinationCidrBlock: 0.0.0.0/0 | |
GatewayId: !Ref InternetGateway | |
PublicSubnetRouteTableAssociation: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref PublicSubnet | |
RouteTableId: !Ref PublicRouteTable | |
EC2Instance: | |
Type: AWS::EC2::Instance | |
Metadata: | |
AWS::CloudFormation::Init: | |
configSets: | |
default: | |
- create-files | |
- run-commands | |
create-files: | |
files: | |
/etc/supervisor/conf.d/jupyterhub.conf: | |
content: | | |
# /etc/supervisor/conf.d/jupyterhub.conf | |
[program:jupyterhub] | |
command=bash launch.sh | |
directory=/srv/jupyterhub | |
autostart=true | |
autorestart=true | |
startretries=3 | |
exitcode=0,2 | |
stopsignal=TERM | |
redirect_stderr=true | |
stdout_logfile=/var/log/jupyterhub.log | |
stdout_logfile_maxbytes=1MB | |
stdout_logfile_backups=10 | |
user=root | |
/srv/jupyterhub/launch.sh: | |
content: | | |
#!/usr/bin/env bashpen | |
# /srv/jupyterhub/launch.sh | |
source /srv/jupyterhub/env/jupyterhub/bin/activate | |
set -e | |
exec jupyterhub -f ./jupyterhub_config.py $@ | |
/srv/jupyterhub/jupyterhub_config.py: | |
content: | | |
# /srv/jupyterhub/jupyterhub_config.py | |
import os | |
pjoin = os.path.join | |
c = get_config() | |
runtime_dir = os.path.join('/srv/jupyterhub') | |
ssl_dir = pjoin(runtime_dir, 'ssl') | |
c.JupyterHub.ip = '0.0.0.0' | |
c.JupyterHub.port = 443 | |
c.JupyterHub.ssl_key = pjoin(ssl_dir, 'ssl.key') | |
c.JupyterHub.ssl_cert = pjoin(ssl_dir, 'ssl.cert') | |
c.JupyterHub.cookie_secret_file = pjoin(runtime_dir, 'jupyterhub_cookie_secret') | |
c.JupyterHub.db_url = pjoin(runtime_dir, 'jupyterhub.sqlite') | |
c.Authenticator.admin_users = {'ubuntu'} | |
c.LocalAuthenticator.create_system_users = True | |
c.JupyterHub.admin_access = True | |
run-commands: | |
commands: | |
'1': | |
command: echo $(hostname -I | cut -d\ -f1) $(hostname) | sudo tee -a /etc/hosts | |
'2': | |
command: | | |
sudo DEBIAN_FRONTEND=noninteractive apt -y \ | |
-o Dpkg::Options::="--force-confdef" \ | |
-o Dpkg::Options::="--force-confold" upgrade | |
'3': | |
command: sudo apt -y install supervisor npm nodejs-legacy python3-pip | |
'4': | |
command: mkdir /srv/jupyterhub/ssl | |
'5': | |
command: | | |
sudo openssl req -newkey rsa:2048 -nodes -x509 \ | |
-keyout /srv/jupyterhub/ssl/ssl.key \ | |
-out /srv/jupyterhub/ssl/ssl.cert \ | |
-subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" | |
'6': | |
command: sudo npm install -g configurable-http-proxy | |
'7': | |
command: sudo -H pip3 install --system notebook jupyterhub | |
'8': | |
command: sudo setcap 'cap_net_bind_service=+ep' $(readlink -f $(which node)) | |
'9': | |
command: sudo supervisorctl start jupyterhub | |
Properties: | |
UserData: | |
Fn::Base64: !Sub | | |
#!bin/bash -xe | |
sudo apt-get update | |
sudo apt -y install python-setuptools | |
sudo easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz | |
sudo /usr/local/bin/cfn-init -v --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region} | |
sudo /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource EC2Instance --region ${AWS::Region} | |
ImageId: ami-785db401 | |
InstanceType: !Ref InstanceType | |
KeyName: !Ref KeyName | |
SubnetId: !Ref PublicSubnet | |
SecurityGroupIds: | |
- !Ref InstanceSecurityGroup | |
BlockDeviceMappings: | |
- DeviceName: /dev/sda1 | |
Ebs: | |
VolumeSize: 200 | |
Tags: | |
- Key: Name | |
Value: !Ref AWS::StackName | |
DependsOn: | |
- PublicSubnet | |
- InstanceSecurityGroup |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment