Closed elibixby closed 2 years ago
Hi @elibixby - thank you for your interest. Yes, I would imagine there's lots of room here for improvement.
What I'd like us to keep in mind is that we do not go down a road dedicated to a particular use-case (like hub-based applications) or Kernel-as-a-service apps and I suspect this is where parameterization will be key (if we can ever get that off the ground).
If you're able to tolerate the roughness of this repo, then, by all means, add what you need and, based on that, we'll look at massaging things into a workable framework as best we can.
Hey, don't think this is a particularly use-case specific capability. Maybe I wasn't clear, just proposing allowing for ~/.kube/config
to provide the auth, rather than a cluster service account.
Provided changes that I think should work in #5 I'll be testing it out in the next week sometime.
Closed as implemented via #5.
Hey thanks for the great package.
It would be nice if there were more flexible options for authenticating to the k8s master for the
KubernetesProvisioner
.For example, in my deployment I have developers login to Jupyterhub with OAuth, and then I use
KubeSpawner.auth_state_hook
to propegate their access token to their jupyterhub server where I use it authenticate to the GKE master (since GKE lets you manage RBAC with Google IAM).You could borrow from a bunch of other tools (like
dask_kubernetes
and use~/.kube/config
profiles to authenticate (an env var naming the profile.)I may work on this if I get some time, and you're interested.