apiVersion: apps/v1 kind: Deployment metadata: name: jupyter-deployment spec: replicas: 1 strategy: type: "Recreate" selector: matchLabels: app: jupyter template: metadata: labels: app: jupyter pod.staroid.com/isolation: dedicated pod.staroid.com/spot: "false" pod.staroid.com/instance-type: gpu-1 spec: automountServiceAccountToken: true securityContext: runAsUser: 1000 # will be overrided by staroid runAsGroup: 100 # writable directories are accessible with GID 100. see https://github.com/jupyter/docker-stacks/blob/master/base-notebook/Dockerfile containers: - name: jupyter image: jupyter command: - "bash" - "-c" - >- mkdir -p ~/.ssh && chmod 700 ~/.ssh && echo -n "$(echo $MLFLOW_TRACKING_URI | sed 's/.*\(mlflow[^:]*\).*/\1/g') " >> ~/.ssh/known_hosts && echo $MLFLOW_ARTIFACT_STORE_RSA_PUB | base64 --decode >> ~/.ssh/known_hosts && echo $MLFLOW_ARTIFACT_STORE_RSA_PRI | base64 --decode >> ~/.ssh/id_rsa && chmod 600 ~/.ssh/* && jupyter-lab --ip='*' --NotebookApp.token='' --NotebookApp.password='' --NotebookApp.allow_origin='*' env: - name: JUPYTER_ENABLE_LAB value: "yes" envFrom: - configMapRef: name: mlflow-env volumeMounts: - name: work-volume mountPath: /home/jovyan/work volumes: - name: work-volume persistentVolumeClaim: claimName: work --- kind: Service apiVersion: v1 metadata: name: jupyter spec: ports: - name: http port: 8888 selector: app: jupyter --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: work annotations: storage.staroid.com/scope: Instance storage.staroid.com/file-manager: "1000:100" spec: storageClassName: nfs accessModes: - ReadWriteMany volumeMode: Filesystem resources: requests: storage: 1Gi