- Existing PDAC notebook ticket
IHS-1164Getting issue details...
should be closed out.
- Instead, notebooks are to be set up on PDAC k8s cluster on the old SUIT proxy node
| ||Kubernetes Commons transition|| |
- All of PDAC will transfer into Kubernetes Commons, anticipated in October
- Gated on NCSA resource availability for setting up namespace, moving hardware, etc.
- Plans for transition from PDAC to Kubernetes Commons to be discussed by Michelle Butler and Fritz Mueller at LSST2018; will be documented in Confluence page
- Also should document current and near-future PDAC state/design
- In the longer term, a separate controlled, certified Kubernetes environment will be exposed to the Internet for demos.
- Should consider whether this can be combined with PDAC, as it serves many of the same purposes.
- /scratch open to root for next two weeks to support Firefly for review demo
- Snapshots turned on during that time to avoid data loss
|Firefly non-root user|
- Firefly containers need to be run as non-root after two weeks
- Might be configured in Dockerfile; might also be configured in Kubernetes
- IPAC will investigate
|Container Standards Guide|
- Standards guide for container development and Kubernetes would be useful, especially regarding settings related to security
- Container build file and itself should be vetted by NCSA security