diff --git a/docs/openondemand.md b/docs/openondemand.md index cd33cd54a..91e31c76e 100644 --- a/docs/openondemand.md +++ b/docs/openondemand.md @@ -63,6 +63,10 @@ The appliance automatically configures Open OnDemand to proxy Grafana and adds a [^1]: Note that if `openondemand_auth` is `basic_pam` and anonymous Grafana login is enabled, the appliance will (by default) configure Open OnDemand's Apache server to remove the Authorisation header from proxying of all `node/` addresses. This is done as otherwise Grafana tries to use this header to authenticate, which fails with the default configuration where only the admin Grafana user `grafana` is created. Note that the removal of this header in this configuration means it cannot be used to authenticate proxied interactive applications - however the appliance-deployed remote desktop and Jupyter Notebook server applications use other authentication methods. An alternative if using `basic_pam` is not to enable anonymous Grafana login and to create Grafana users matching the local users (e.g. in `environments//hooks/post.yml`). +## Image Build + +For local site image builds, the preferred method of installing ood apps in the image is by toggling the `openondemand__partition` variables in `environments/common/inventory/group_vars/all/builder/defaults.yml`. In this case the variables are not strings and are instead simply truthy i.e. they do not describe cluster partition groups but just whether those apps will be installed in the image or not. + ## Access By default the appliance authenticates against OOD with basic auth through PAM. When creating a new environment, a new user with username `demo_user` will be created. diff --git a/environments/common/inventory/group_vars/all/openondemand.yml b/environments/common/inventory/group_vars/all/openondemand.yml index 84a6c2055..b5af263e7 100644 --- a/environments/common/inventory/group_vars/all/openondemand.yml +++ b/environments/common/inventory/group_vars/all/openondemand.yml @@ -12,11 +12,12 @@ openondemand_servername: "{{ hostvars[groups['openondemand'].0].ansible_host if openondemand_auth: basic_pam -openondemand_jupyter_partition: "{{ openhpc_partitions[0]['name'] }}" -openondemand_desktop_partition: "{{ openhpc_partitions[0]['name'] }}" -openondemand_rstudio_partition: "{{ openhpc_partitions[0]['name'] }}" +# Manages case where openhpc_partitions are not defined e.g. for site image builds +openondemand_jupyter_partition: "{{ openhpc_partitions[0].name if (openhpc_partitions | default([])) else '' }}" +openondemand_desktop_partition: "{{ openhpc_partitions[0].name if (openhpc_partitions | default([])) else '' }}" +openondemand_rstudio_partition: "{{ openhpc_partitions[0].name if (openhpc_partitions | default([])) else '' }}" openondemand_matlab_partition: '' # Requires target site to already have MATLAB so set to empty -openondemand_codeserver_partition: "{{ openhpc_partitions[0]['name'] }}" +openondemand_codeserver_partition: "{{ openhpc_partitions[0].name if (openhpc_partitions | default([])) else '' }}" # Regex defining hosts which openondemand can proxy; the default regex is compute nodes (for apps) and grafana host, # e.g. if the group `compute` has hosts `compute-{0,1,2,..}` this will be '(compute-\d+)|(control)'. diff --git a/environments/common/inventory/group_vars/builder/defaults.yml b/environments/common/inventory/group_vars/builder/defaults.yml index dc28e44f5..617a8de4f 100644 --- a/environments/common/inventory/group_vars/builder/defaults.yml +++ b/environments/common/inventory/group_vars/builder/defaults.yml @@ -27,3 +27,9 @@ sssd_enabled: false slurm_exporter_state: stopped appliances_mode: build proxy_remove: true +# for image build ood partition var is just truthy as no cluster_groups defined +openondemand_jupyter_partition: true +openondemand_desktop_partition: true +openondemand_rstudio_partition: false +openondemand_matlab_partition: false +openondemand_codeserver_partition: false \ No newline at end of file