Welcome to Integr8sCode! This is a platform where you can run Python scripts online with ease. Just paste your script, and the platform run it in an isolated environment within its own Kubernetes pod, complete with resource limits to keep things safe and efficient. You'll get the results back in no time.
[!NOTE] A deployed and working version of Integr8sCode is available at https://app.integr8scode.cc/ .
docker-compose up --build
https://127.0.0.1:5001/
https://127.0.0.1:443/
curl -k https://127.0.0.1/api/v1/k8s-limits
, should return JSON with current limitshttp://127.0.0.1:3000
(login - admin
, pw - admin123
)http://127.0.0.1:9090/targets
(integr8scode
must be 1/1 up
)You may also find out that k8s doesn't capture metrics (CPU
and Memory
params are null
), it may well be that metrics server
for k8s is turned off/not enabled. To enable, execute:
kubectl create -f https://raw.githubusercontent.com/pythianarora/total-practice/master/sample-kubernetes-code/metrics-server.yaml
and test output by writing kubectl top node
in console, should output sth like:
PS C:\Users\User\Desktop\Integr8sCode> kubectl top node
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
docker-desktop 267m 3% 4732Mi 29%
You can check correctness of start by running a sample test script:
https://127.0.0.1:5001/
, go to Editordef is_string(value: object) -> TypeGuard[str]: return isinstance(value, str)
def example_function(data: object): match data: # Match statement introduced in Python 3.10 case int() if data > 10: print("An integer greater than 10") case str() if is_string(data): print(f"A string: {data}") case _: print("Something else")
example_function(15) example_function("hello") example_function([1, 2, 3])
First, select `>= Python 3.10` and run script, will output:
Status: completed
Execution ID:
Then, select `< Python 3.10` and do the same:
Status: completed
Execution ID:
This shows that pods with specified python versions are creating and working as expected. Btw, the latter throws error
cause `match-case` was introduced first in `Python 3.10`.
</details>
## Architecture Overview
> [!WARNING]
> Version 2.0 is underway. Detailed, up-to-date architecture diagrams are in
> [this file](./ARCHITECTURE_IN_DETAILS.md).
[//]: # (<img src="./files_for_readme/system_diagram.png">)
The platform is built on three main pillars:
- **Frontend**: A sleek Svelte app that users interact with.
- **Backend**: Powered by FastAPI, Python, and MongoDB to handle all the heavy lifting.
- **Kubernetes Cluster**: Each script runs in its own pod, ensuring isolation and resource control.
## Kubernetes Integration
### Pod Setup
- **Docker Image**:Lightweight Python image with just what we need is used.
- **Isolation**: Every script gets its own pod for security and reliability.
- **Cleanup**: Once your script is done, the pod goes away to keep things tidy.
### Resource Management
> [!TIP]
> By limiting resources, we ensure fair usage and prevent any single script from hogging the system.
- **CPU & Memory Limits**: Each pod has caps to prevent overuse (128 Mi for RAM and 1000m for CPU).
- **Timeouts**: Scripts can't run forever—they'll stop after a set time (default: 5s).
- **Disk Space**: Limited to prevent excessive storage use.
> You can find actual limits in dropdown above execution output.
### Security Considerations
> [!CAUTION]
> Running user-provided code is risky. We take security seriously to protect both our system and other users.
- **Network Restrictions**: Pods can't make external network calls.
- **No Privileged Access**: Pods run without elevated permissions.
## User Authentication
- **Accounts**: Users need to sign up to execute and save scripts.
- **Security**: We use JWT tokens to secure API endpoints.
## Logging and Monitoring
- **Logs**: Centralized logging helps us track what's happening across pods.
- **Monitoring Tools**: Using OpenTelemetry and Grafana to keep an eye on system health.
- **Alerts**: Set up notifications for when things go wrong.
Link for accessing Prometheus is shown in `/editor` web page.