{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"\n",
"
\n",
"\n",
"# Exercise 1: Overview of Oasis Enterprise Platform \n",
"The Oasis Enterprise Platform is an open source [kubernetes](https://kubernetes.io/docs/concepts/overview/) based, cloud computing cluster, which is deployable in [microsoft azure](https://azure.microsoft.com/en-gb/resources/cloud-computing-dictionary/what-is-azure/) via [Helm charts](https://helm.sh/docs/topics/charts/) and [Bicep scripts](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/deployment-script-bicep) to setup the Azure cloud services. \n",
"\n",
"\n",
"## Deploying the Enterprise Platform\n",
"Each workshop participant has their own cluster pre-installed in the oasis's azure account and separated by [resource-groups](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/overview#resource-groups). This is to save the install time of 30-45min, each installation is in a 'blank state'. For instructions on installing the Platform see [OasisAzureDeployment/README.md](https://github.com/OasisLMF/OasisAzureDeployment/blob/master/README.md)\n",
"\n",
"\n",
"## Access the cluster\n",
"Each installed workshop cluster is named `oasis-workshop-{n}`; where **n** is a value between **[1..20]**, this matches a user account with full ownership over that workshop cluster. So the account **workshop4@oasislmfenterprise.onmicrosoft.com** has full command line and azure portal access to manage **oasis-workshop-4**\n",
"\n",
"\n",
"```\n",
"Username: workshop{n}@oasislmfenterprise.onmicrosoft.com\n",
"Password: \n",
"```\n",
"\n",
"> **Warning:** The ingress (main external access links) are not locked per account, any workshop user can access https://oasis-workshop-8.northcentralus.cloudapp.azure.com/api/ where `8` maps to the resource-group **oasis-workshop-8**, so please ensure you're running analysis / UI insrances from the same cluster you're assgined (based on azure account id) \n",
"\n",
"\n",
"## Feature List ([Full breakdown](https://github.com/OasisLMF/OasisPlatform/blob/platform-2.0-develop/kubernetes/RELEASES.md))\n",
"* Helm charts for Kubernetes \n",
"* Monitoring tools Prometheus, Grafana, Alert-manager\n",
"* Worker Autoscaler\n",
"* Job chunking \n",
"* Execution priority\n",
"* Keycloak integration and group based user access to `Models`, `Portfolios` and `Analyses`\n",
"* Improved worker resilience\n",
"* Improved platform security \n",
"\n",
"\n",
"## Exercise 1 goals\n",
"* Introduction for the Oasis Enterprise Platform and link to documentation\n",
"* Test the cluster URLs, Azure account access, and software needed for this workshop\n",
"* Any setup questions? please ask! "
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"## Enterprise Platform Architecture\n",
"
"
]
},
{
"cell_type": "markdown",
"metadata": {
"tags": []
},
"source": [
"## 1.1 - Test your access to the deployed cluster "
]
},
{
"cell_type": "markdown",
"metadata": {
"tags": []
},
"source": [
"### 1.1.1 Main Platform access\n",
"\n",
"> **Warning:** There is a [known bug](https://github.com/OasisLMF/OasisPlatform/issues/652) in rshiny which causes firefox and and safari browser sessions to timeout quickly when using the OasisUI. To avoid idle disconnections (around every 1-2 mins) use a chrome, or chromium based browser. "
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"# Edit this value to match your workshop ID, if your username is `workshop6@oasislmfenterprise.onmicrosoft.com` set 'WORKSHOP_ID=6'\n",
"WORKSHOP_ID=\n",
"\n",
"## Ingress URLS \n",
"from IPython.display import display, Markdown\n",
"display(Markdown('## Main Platform URLS'))\n",
"display(Markdown(f'* OasisUI - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/'))\n",
"display(Markdown(f'* OasisServer - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/api/'))\n",
"display(Markdown(f'* Keycloak - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/auth/'))\n",
"\n",
"display(Markdown('## Platform monitoring tools'))\n",
"display(Markdown(f'* Prometheus - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/prometheus/'))\n",
"display(Markdown(f'* Grafana - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/grafana/'))\n",
"display(Markdown(f'* Alert-manager - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/alert-manager/'))"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### 1.1.2 Swagger access \n",
"The API URL will open a [swagger](https://swagger.io/docs/specification/2-0/what-is-swagger/) UI for interacting with the OasisServer. To login hit the `Authorize` button on the right and enter **swagger** in the `client_id`, that will redirect to keycloak where you can enter the default API admin password\n",
"\n",
"
\n",
"\n",
"#### Default account for API & OasisUI\n",
"```\n",
"username: admin\n",
"password: password\n",
"```\n",
"\n",
"### 1.1.3 Keycloak Access \n",
"\n",
"Opening the link `https:///auth/` will prompt for keycloak admin, use:\n",
"```\n",
"username: keycloak\n",
"password: password\n",
"```"
]
},
{
"cell_type": "markdown",
"metadata": {
"tags": []
},
"source": [
"## 1.2 - Login to the Azure portal and cloud shell "
]
},
{
"cell_type": "markdown",
"metadata": {
"tags": []
},
"source": [
"### 1.2.1 Login to the Azure Portal\n",
"* https://portal.azure.com/\n",
"\n",
"\n",
"\n",
"
\n",
"\n",
"
\n",
"\n"
]
},
{
"cell_type": "markdown",
"metadata": {},
"source": [
"### 1.2.2 Start an Azure cloud shell session \n",
"* https://shell.azure.com/\n",
"\n",
"Setup the [kubectl](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands) by running the following command inside the clould shell terminal.\n",
"\n",
"> `az aks get-credentials --resource-group oasis-workshop-$(echo $USER | tr -dc '0-9') --name oasis-enterprise --overwrite-existing --only-show-errors`\n",
"\n",
"> `kubectl config view`\n",
"\n",
"
\n",
"\n",
"Check that **kubectl** works by running \n",
"\n",
"> `kubectl get pods`\n",
"\n",
"
\n",
"\n",
"\n"
]
},
{
"cell_type": "markdown",
"metadata": {
"tags": []
},
"source": [
"## 1.3 - Install the **oasis-workshop** package\n",
"This workshop uses a python client for interacting with the Oasis REST API, its the same code from the oasislmf package, only its been separated out of the main package to provide a cross-platform way of running this workshop. "
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"# Install of workshop package \n",
"!pip install oasis-workshop==1.0.0\n",
"\n",
"# Clear cell output\n",
"from IPython.display import clear_output\n",
"clear_output(wait=False) "
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"import json \n",
"from IPython.display import display, Markdown, clear_output\n",
"from oasis_workshop.client import APIClient\n",
"\n",
"oasis_server = APIClient(\n",
" api_url=f'https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/api/',\n",
" username='admin', \n",
" password='password'\n",
")\n",
"\n",
"check_connection = oasis_server.healthcheck()\n",
"if check_connection.ok:\n",
" display(Markdown(f'### ✔ Connection to workshop cluster \"oasis-workshop-{WORKSHOP_ID}\" established'))\n",
"else:\n",
" display(Markdown(f'### ✘ Failed to connect to workshop cluster \"oasis-workshop-{WORKSHOP_ID}\"'))"
]
},
{
"cell_type": "markdown",
"metadata": {
"tags": []
},
"source": [
"## 1.4 - Check that the Platform is starting from a clean state "
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"list_models = oasis_server.models.get().json()\n",
"list_portfolios = oasis_server.portfolios.get().json()\n",
"list_analyses = oasis_server.analyses.get().json()\n",
"\n",
"if not any([list_models, list_portfolios, list_analyses]):\n",
" display(Markdown(f'### ✔ You are good to go! - no objects found in cluster \"oasis-workshop-{WORKSHOP_ID}\"'))\n",
"else: \n",
" display(Markdown(f'### ✘ Cluster \"{WORKSHOP_ID}\" not in a clean state - request help '))\n",
" print(f\"Models: {json.dumps(list_models, indent=4)}\")\n",
" print(f\"Portfolios: {json.dumps(list_portfolios, indent=4)}\")\n",
" print(f\"Analyses: {json.dumps(list_analyses, indent=4)}\")"
]
}
],
"metadata": {
"file_extension": ".py",
"kernelspec": {
"display_name": "Python 3 (ipykernel)",
"language": "python",
"name": "python3"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.10.4"
},
"mimetype": "text/x-python",
"name": "python",
"npconvert_exporter": "python",
"pygments_lexer": "ipython2",
"toc-autonumbering": true,
"toc-showcode": true,
"toc-showmarkdowntxt": true,
"version": 2
},
"nbformat": 4,
"nbformat_minor": 4
}