Skip to content

thai-chicken/tbd-2023z-phase1

BranchesTags
 
 

Repository files navigation

TBD-2023-phase1

Phase1 goals

  1. Learn how to provision computing resources for running Big Data analyses using the Infrastructure as Code (IaC) approach.
  2. Learn how to set up opinionated CI/CD pipelines to deploy cloud infrastructure.
  3. Learn how to utilize linters for detecting security vulnerabilities in cloud infrastructure.
  4. Learn how to run Apache Spark code in a distributed way on Hadoop cluster using Vertex AI notebooks and Dataproc services on GCP.
  5. Learn how to use Workload Identity Federation for a secure authentication from GitHub Actions to Google Cloud. img.png

Prerequisites

Software

GCP

  • Redeem a GCP coupon to create a billing account
  • Authenticate to GCP to obtain the default credentials used for running the code
# first remove the stored credentials if exist
gcloud auth application-default revoke
# login and get the new application credentials
gcloud auth application-default login

Project setup

  1. Export shared environment variables
export TF_VAR_tbd_semester=2023Z
# format: 20xx for teachers, student ID number for students 
export TF_VAR_user_id=9900
# use your own billing account id
export TF_VAR_billing_account=01D435-06DD59-9A00B5
  1. Enter bootstrap folder then init project and Terraform state bucket
cd bootstrap
terraform init
terraform apply
cd ..
  1. CI/CD (Github Actions setup using Workload Identity Federation)
  • Edit env/backend.tfvars file and set bucket variable with the Terraform state bucket
  • Edit env/project.tfvars file and set project_name, iac_service_account variables using the output from the bootstrap phase, e.g.: img.png
  • Edit cicd_bootstrap/conf/github_actions.tfvars to set github_org and github_repo, e.g.:
  github_org  = "mwiewior"
  github_repo = "tbd-2023z-phase1"
  • Init state file and set env variables
cd cicd_bootstrap
terraform init -backend-config=../env/backend.tfvars
  • Apply
# authenticate Docker backend with GCP
gcloud auth configure-docker
# create CI/CD integration using Workload Identity
terraform apply -var-file ../env/project.tfvars -var-file conf/github_actions.tfvars -compact-warnings
cd ..
  1. Use output variables for configuring Github Actions workflow: .github/workflows/pull-request.yml,e.g. : img.png Please do not edit and hardcode these values in a YAML but set the Github Actions secrets instead while preserving the secret names, i.e. GCP_WORKLOAD_IDENTITY_PROVIDER_NAME and GCP_WORKLOAD_IDENTITY_SA_EMAIL. img.png
  2. Install and configure pre-commit (optional)
pre-commit install
  1. Commit changes, push to a branch and open a PR to YOUR repository main/master branch. If you see a warning like this -- please enable the workflows: img.png ...and repush your changes!

Once all Pull Requests checks have passed please merge your PR and wait until your release job finishes.

  1. Navigate to the Vertex AI Workbench menu item, find your notebook on the list, press CONNECT and follow the instructions img.png

  2. Check if pyspark kernel exists - if not then in your Jupyterlab enviroment add Python3.8 kernel:

python3.8 -m ipykernel install --user --name pyspark

  1. Run a Hello-world PySpark application in a YARN-client mode: img.png

  2. IMPORTANT ❗ ❗ ❗ Please remember to destroy all the resources after the work:

terraform init -backend-config=env/backend.tfvars
terraform destroy -no-color -var-file env/project.tfvars

Requirements

Name Version
terraform ~> 1.5.0
docker 3.0.2
google ~> 4.84.0
kubernetes 2.24.0

Providers

Name Version
google 4.84.0
kubernetes 2.24.0

Modules

Name Source Version
composer github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/composer
data-pipelines github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/data-pipeline
dataproc github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/dataproc
dbt_docker_image github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/dbt_docker_image
gcr github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/gcr
jupyter_docker_image github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/jupyter_docker_image
vertex_ai_workbench github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/vertex-ai-workbench
vpc github.com/bdg-tbd/tbd-workshop-1.git v1.0.36/modules/vpc

Resources

Name Type
google_compute_firewall.allow-all-internal resource
kubernetes_service.dbt-task-service resource
google_client_config.provider data source
google_container_cluster.composer-gke-cluster data source

Inputs

Name Description Type Default Required
ai_notebook_instance_owner Vertex AI workbench owner string n/a yes
project_name Project name string n/a yes
region GCP region string "europe-west1" no

Outputs

No outputs.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 17

v1.0.16 Latest
Jan 11, 2024
+ 16 releases

Packages

No packages published

Languages

  • Jupyter Notebook 79.7%
  • HCL 10.7%
  • Shell 6.5%
  • Dockerfile 1.8%
  • Other 1.3%