Glossary for variables
This README contains all the variables used by Terraform for installing Juypterhub on the GKE cluster.
Table of Contents
- namespace
- create_namespace
- add_auth
- project_id
- location
- service_name
- enable_iap_service
- brand
- support_email
- url_domain_addr
- url_domain_name
namespace
The namespace that JupyterHub and rest of the other resources will be installed/allocated in. If using JupyterHub with the Ray module (ai-on-gke/ray-on-gke/
), it is recommanded to have this namespace the same as the one with Ray.
create_service_account
Create k8s and GCP service accounts for JupyterHub workloads & configures workload identity.
add_auth
Flag that will enable IAP on JupyterHub. Resources that will be created along with enable IAP: 1. Global IP Address (If none is provided) 2. Backend Config. Deployment that triggers enabling IAP. 3. Managed Certificate. Deployment that creates a Google Managed object for SSL certificates 4. Ingress. Deployment that creates an Ingress object that will connect to the JupyterHub Proxy
project_id
Name of the project where the cluster lives. Used to retrieve the project number as well as used in numerous resources.
location
Location of the GKE cluster. Used by the terraform provider.
service_name
Name of the Backend Service that gets created when enabling IAP.
enable_iap_service
Flag that will enable the IAP Service API for the user on the project. If it is already enabled, leave it as false.
brand
Name of the brand used for creating IAP OAuth clients. Currently only one is allowed per project. If there is already a brand, leave it empty. Uses support_email
support_email
Support email assocated with the brand. Used as a point of contact for consent for the "OAuth Consent" in Cloud Console. It will not be used if brand is empty.
url_domain_addr
Provided by the user if they want to bring their own URL/Domain. Used by the IAP resources if filled in. Filling this in will disable automatic global IP reservation. Must also fill in url_domain_name.
url_domain_name
This variable will only be used if url_domain_addr is provided. It is the name associated with the domain provided by the user. Since we are using Ingress, it will require the kubernetes.io/ingress.global-static-ip-name
annotation along with the name associated.
client_id
Client ID of an OAuth client created by the user for enabling IAP. When this variable is not empty, the template will not create an OAuth client for you. You must also input the client_secret.
client_secret
Client Secret associated with the client ID. This variable will only be used when the client id is filled out.