ESGF WPS is a software stack providing compute resource through a Web Processing Service interface.
git clone https://github.com/esgf-compute/charts
helm install compute charts/computeThis chart deploys the esgf-compute-wps software stack which provides a service to reduce data transfer through primitive geo-spatial and temporal reduction functions. The service provides these capabilities through a Web Processing Service (WPS) interface backed by Xarray and Dask.
- Kubernetes
- Helm
To install the chart with the release name compute
git clone https://github.com/esgf-compute/charts
helm install compute charts/computehelm delete computeRequires not authentication for submitting WPS requests.
| Parameter | Value | Description |
|---|---|---|
wps.auth.type |
"noauth" |
Disables authentication |
backend.auth.enabled |
False |
Disables backend authentication |
Configure keycloak with a confidential client supporting Standard Flow and Service Accounts. The redirect url should be set to http://.../wps/auth/oauth_callback. To enable dynamic client registration using PKCE set wps.auth.regAcessToken with an Initial Access Token for the Keycloak realm and create a second public client supporting Standard Flow. The redirect set to http://127.0.0.1:* and set Proof Key for Code Exchange Code Challange Method to S256.
| Parameter | Value | Description |
|---|---|---|
wps.auth.type |
"keycloak" |
Enables keycloak |
wps.auth.url |
nil |
Keycloak base url |
wps.auth.realm |
nil |
Keycloak realm containing the client |
wps.auth.clientID |
nil |
Client ID |
wps.auth.clientSecret |
nil |
Client secret |
wps.auth.regAccessToken |
nil |
Keycloak Client Registration Initial Access Token |
backend.auth.enabled |
True |
Backend will used authentication when communicating with RESTFul API |
backend.auth.clientID |
nil |
Client ID for backend |
backend.auth.clientSecret |
nil |
Client secret for backend |
backend.auth.tokenUrl |
nil |
Url to Keycloak token service |
Download helmsman
helmsman -f extras/development.yaml --apply