Provisioning ML Workspaces
This topic describes how to provision ML workspaces.
Log in to the CDP web interface.
On Public Cloud, log in to https://console.us-west-1.cdp.cloudera.com using your corporate credentials or any other credentials that you received from your CDP administrator.
- Click ML Workspaces.
- Click Provision Workspace.
Fill out the following fields.
- Workspace Name - Give the ML workspace a name. For example, user1_dev.
- Environment - From the dropdown, select the environment where the ML workspaces must be provisioned. If you do not have any environments available to you in the dropdown, contact your CDP administrator to gain access.
Switch the toggle to display Advanced Settings.
- CPU Settings - From the dropdown, select the CPU instance type (Small, Medium, or Large) and autoscale range to be assigned to the ML workspace.
GPU Settings- From the dropdown, select the GPU instance type (Small,
Medium, or Large) and autoscale range to be assigned to the ML workspace.
- Existing NFS - (Azure only) Enter the Mount path from the Environment creation procedure.
- Enable TLS - Select this checkbox if you want the workspace to use HTTPS for web communication.
- Enable public Internet access - When enabled, the CML workspace will be available on the public Internet. When disabled, it is assumed that connectivity is achieved through a corporate VPC.
- Enable Monitoring - Administrators (users with the MLAdmin role) can use a Grafana dashboard to monitor resource usage in the provisioned workspace.
- Enable Governance - Must be enabled to capture and view information about your ML projects, models, and builds from Apache Atlas for a given environment. If you do not select this option, then integration with Atlas won't work.
- Enable Model Metrics - When enabled, stores metrics in a scalable metrics store, enables you to track individual model predictions, and also track and analyze metrics using custom code.
Tags - Tags added to cloud infrastructure, compute, and storage resources
associated with this CML workspace.
Note that these tags are propagated to your cloud service provider account. See Related information for links to AWS and Azure tagging strategies.
Load Balancer Source Ranges - Enter a CIDR range of IP addresses allowed to
access the cluster.
- If the CML workspace is provisioned with public access, enter the allowed public IP address range.
- If the CML workspace is provisioned with private access, enter the allowed private IP address range.
Restrict access to Kubernetes API server to authorized IP ranges
You can specify a range of IP addresses in CIDR format that are allowed to access the Kubernetes API server. By default, the Kubernetes API services of CML workspaces are accessible to all public IP addresses (0.0.0.0/0) that have proper credentials.
To specify an address to authorize, enter an address in CIDR format (for example, 126.96.36.199/0) in API Server Authorized IP Ranges, and click the plus (+) icon.
If the feature is enabled and no IP authorized addresses are specified, then there will be no access to the Kubernetes API server from the public internet.
- Click Provision Service.
Note that the domain name for the provisioned workspace is randomly generated and cannot be changed.