Common Setup Procedures#
This section provides a high-level overview of frequently used setup steps that may be referenced throughout the document.
Please note: These instructions are general and may not cover all specific scenarios. For detailed, up-to-date information, always refer to the official documentation for each respective tool or process. Security-sensitive steps (like SSH key generation or sudo access configuration) may require additional precautions not covered here.
Creating SSH Key Pair#
Generate a secure SSH key pair using the following command:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
This creates a 4096-bit RSA key pair, with your_email@example.com as a label. You can also use other algorithms like Ed25519 for enhanced security. The command will also display the locations where the private and public keys have been saved.
For example:
Your identification has been saved in /home/user/.ssh/id_rsa
Your public key has been saved in /home/user/.ssh/id_rsa.pub
Setting Up Passwordless SSH Authentication between instances#
To enable passwordless SSH access between two Ubuntu 22.04 instances:
On the client machine, copy the public key to the server:
ssh-copy-id user@server_ip
Follow the on-screen instructions and test the connection:
ssh user@server_ip
You should now be able to log in without a password. Alternatively, you can manually copy the public key to the server’s ~/.ssh/authorized_keys file.
Configuring Passwordless Sudo Access#
To allow a user to run sudo commands without entering a password:
Open the sudoers file:
sudo visudo
Add the following line, replacing username with the actual username:
username ALL=(ALL) NOPASSWD:ALL
Save and exit the file.
You can test this by running sudo ls /root and this command shouldn’t prompt you for a password.
This configuration grants the specified user full sudo access without requiring a password. Use this feature cautiously, as it can pose security risks if misused. Alternatively, you can limit passwordless sudo access to specific commands for enhanced security.
Installing a custom helm chart#
This section talks about two different methods of configuring helm chart for Deployment scripts to install it correctly. Note that below options should be used in an exclusive fashion i.e. only one of these options should exists in config template file.
Helm Chart from NGC#
When you have a custom helm chart built and it is uploaded to NGC, we can follow the below style of configuration. Assuming your chart is uploaded here https://helm.ngc.nvidia.com/myorg/myteam/charts/my-chart-1.0.1.tgz, you will need to configure spec -> app -> configs -> app_settings -> helm_chart -> repo section with necessary values. For example, below configuration refers to the NGC path as helm repo and locally available override values file as helm override.
app:
configs:
app_settings:
helm_chart:
repo:
repo_url: 'https://helm.ngc.nvidia.com/myorg/myteam'
chart_name: 'my-chart'
chart_version: '1.0.1'
release_name: 'my-tokkio-app'
user_value_override_files:
- "/home/myuser/custom-charts/my-app-override-values-one.yaml"
- "/home/myuser/custom-charts/my-app-override-values-two.yaml"
Helm Chart from on local system#
In its simplest form you can install a locally built helm chart specifying correct values to the configuration section at spec -> app -> configs -> app_settings -> helm_chart -> local . For example, below configuration refers to a locally available directory which contains a helm chart and also a helm override values file.
Notice the enable: true switch to make use of the local helm chart.
app:
configs:
app_settings:
helm_chart:
local:
enable: true
path: /home/myuser/custom-charts/my-app-1.0.0
user_value_override_files:
- "/home/myuser/custom-charts/my-app-override-values-one.yaml"
- "/home/myuser/custom-charts/my-app-override-values-two.yaml"