{ "cells": [ { "cell_type": "markdown", "metadata": {}, "source": [ "\"Oasis\n", "


\n", "\n", "# Exercise 1: Overview of Oasis Enterprise Platform \n", "The Oasis Enterprise Platform is an open source [kubernetes](https://kubernetes.io/docs/concepts/overview/) based, cloud computing cluster, which is deployable in [microsoft azure](https://azure.microsoft.com/en-gb/resources/cloud-computing-dictionary/what-is-azure/) via [Helm charts](https://helm.sh/docs/topics/charts/) and [Bicep scripts](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/deployment-script-bicep) to setup the Azure cloud services. \n", "\n", "\n", "## Deploying the Enterprise Platform\n", "Each workshop participant has their own cluster pre-installed in the oasis's azure account and separated by [resource-groups](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/overview#resource-groups). This is to save the install time of 30-45min, each installation is in a 'blank state'. For instructions on installing the Platform see [OasisAzureDeployment/README.md](https://github.com/OasisLMF/OasisAzureDeployment/blob/master/README.md)\n", "\n", "\n", "## Access the cluster\n", "Each installed workshop cluster is named `oasis-workshop-{n}`; where **n** is a value between **[1..20]**, this matches a user account with full ownership over that workshop cluster. So the account **workshop4@oasislmfenterprise.onmicrosoft.com** has full command line and azure portal access to manage **oasis-workshop-4**\n", "\n", "\n", "```\n", "Username: workshop{n}@oasislmfenterprise.onmicrosoft.com\n", "Password: \n", "```\n", "\n", "> **Warning:** The ingress (main external access links) are not locked per account, any workshop user can access https://oasis-workshop-8.northcentralus.cloudapp.azure.com/api/ where `8` maps to the resource-group **oasis-workshop-8**, so please ensure you're running analysis / UI insrances from the same cluster you're assgined (based on azure account id) \n", "\n", "\n", "## Feature List ([Full breakdown](https://github.com/OasisLMF/OasisPlatform/blob/platform-2.0-develop/kubernetes/RELEASES.md))\n", "* Helm charts for Kubernetes \n", "* Monitoring tools Prometheus, Grafana, Alert-manager\n", "* Worker Autoscaler\n", "* Job chunking \n", "* Execution priority\n", "* Keycloak integration and group based user access to `Models`, `Portfolios` and `Analyses`\n", "* Improved worker resilience\n", "* Improved platform security \n", "\n", "\n", "## Exercise 1 goals\n", "* Introduction for the Oasis Enterprise Platform and link to documentation\n", "* Test the cluster URLs, Azure account access, and software needed for this workshop\n", "* Any setup questions? please ask! " ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "## Enterprise Platform Architecture\n", "\"Oasis
" ] }, { "cell_type": "markdown", "metadata": { "tags": [] }, "source": [ "## 1.1 - Test your access to the deployed cluster " ] }, { "cell_type": "markdown", "metadata": { "tags": [] }, "source": [ "### 1.1.1 Main Platform access\n", "\n", "> **Warning:** There is a [known bug](https://github.com/OasisLMF/OasisPlatform/issues/652) in rshiny which causes firefox and and safari browser sessions to timeout quickly when using the OasisUI. To avoid idle disconnections (around every 1-2 mins) use a chrome, or chromium based browser. " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, "outputs": [], "source": [ "# Edit this value to match your workshop ID, if your username is `workshop6@oasislmfenterprise.onmicrosoft.com` set 'WORKSHOP_ID=6'\n", "WORKSHOP_ID=\n", "\n", "## Ingress URLS \n", "from IPython.display import display, Markdown\n", "display(Markdown('## Main Platform URLS'))\n", "display(Markdown(f'* OasisUI - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/'))\n", "display(Markdown(f'* OasisServer - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/api/'))\n", "display(Markdown(f'* Keycloak - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/auth/'))\n", "\n", "display(Markdown('## Platform monitoring tools'))\n", "display(Markdown(f'* Prometheus - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/prometheus/'))\n", "display(Markdown(f'* Grafana - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/grafana/'))\n", "display(Markdown(f'* Alert-manager - https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/alert-manager/'))" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### 1.1.2 Swagger access \n", "The API URL will open a [swagger](https://swagger.io/docs/specification/2-0/what-is-swagger/) UI for interacting with the OasisServer. To login hit the `Authorize` button on the right and enter **swagger** in the `client_id`, that will redirect to keycloak where you can enter the default API admin password\n", "\n", "\"Azure
\n", "\n", "#### Default account for API & OasisUI\n", "```\n", "username: admin\n", "password: password\n", "```\n", "\n", "### 1.1.3 Keycloak Access \n", "\n", "Opening the link `https:///auth/` will prompt for keycloak admin, use:\n", "```\n", "username: keycloak\n", "password: password\n", "```" ] }, { "cell_type": "markdown", "metadata": { "tags": [] }, "source": [ "## 1.2 - Login to the Azure portal and cloud shell " ] }, { "cell_type": "markdown", "metadata": { "tags": [] }, "source": [ "### 1.2.1 Login to the Azure Portal\n", "* https://portal.azure.com/\n", "\n", "\n", "\n", "\"Azure
\n", "\n", "\"Azure
\n", "\n" ] }, { "cell_type": "markdown", "metadata": {}, "source": [ "### 1.2.2 Start an Azure cloud shell session \n", "* https://shell.azure.com/\n", "\n", "Setup the [kubectl](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands) by running the following command inside the clould shell terminal.\n", "\n", "> \"Azure `az aks get-credentials --resource-group oasis-workshop-$(echo $USER | tr -dc '0-9') --name oasis-enterprise --overwrite-existing --only-show-errors`\n", "\n", "> \"Azure `kubectl config view`\n", "\n", "\"Cloud
\n", "\n", "Check that **kubectl** works by running \n", "\n", "> \"Azure `kubectl get pods`\n", "\n", "\"Azure
\n", "\n", "\n" ] }, { "cell_type": "markdown", "metadata": { "tags": [] }, "source": [ "## 1.3 - Install the **oasis-workshop** package\n", "This workshop uses a python client for interacting with the Oasis REST API, its the same code from the oasislmf package, only its been separated out of the main package to provide a cross-platform way of running this workshop. " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, "outputs": [], "source": [ "# Install of workshop package \n", "!pip install oasis-workshop==1.0.0\n", "\n", "# Clear cell output\n", "from IPython.display import clear_output\n", "clear_output(wait=False) " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, "outputs": [], "source": [ "import json \n", "from IPython.display import display, Markdown, clear_output\n", "from oasis_workshop.client import APIClient\n", "\n", "oasis_server = APIClient(\n", " api_url=f'https://oasis-workshop-{WORKSHOP_ID}.northcentralus.cloudapp.azure.com/api/',\n", " username='admin', \n", " password='password'\n", ")\n", "\n", "check_connection = oasis_server.healthcheck()\n", "if check_connection.ok:\n", " display(Markdown(f'### Connection to workshop cluster \"oasis-workshop-{WORKSHOP_ID}\" established'))\n", "else:\n", " display(Markdown(f'### Failed to connect to workshop cluster \"oasis-workshop-{WORKSHOP_ID}\"'))" ] }, { "cell_type": "markdown", "metadata": { "tags": [] }, "source": [ "## 1.4 - Check that the Platform is starting from a clean state " ] }, { "cell_type": "code", "execution_count": null, "metadata": {}, "outputs": [], "source": [ "list_models = oasis_server.models.get().json()\n", "list_portfolios = oasis_server.portfolios.get().json()\n", "list_analyses = oasis_server.analyses.get().json()\n", "\n", "if not any([list_models, list_portfolios, list_analyses]):\n", " display(Markdown(f'### You are good to go! - no objects found in cluster \"oasis-workshop-{WORKSHOP_ID}\"'))\n", "else: \n", " display(Markdown(f'### Cluster \"{WORKSHOP_ID}\" not in a clean state - request help '))\n", " print(f\"Models: {json.dumps(list_models, indent=4)}\")\n", " print(f\"Portfolios: {json.dumps(list_portfolios, indent=4)}\")\n", " print(f\"Analyses: {json.dumps(list_analyses, indent=4)}\")" ] } ], "metadata": { "file_extension": ".py", "kernelspec": { "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" }, "language_info": { "codemirror_mode": { "name": "ipython", "version": 3 }, "file_extension": ".py", "mimetype": "text/x-python", "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.10.4" }, "mimetype": "text/x-python", "name": "python", "npconvert_exporter": "python", "pygments_lexer": "ipython2", "toc-autonumbering": true, "toc-showcode": true, "toc-showmarkdowntxt": true, "version": 2 }, "nbformat": 4, "nbformat_minor": 4 }