--
ColinLeavettBrown - 2013-08-28
NEP52 Shared Software Repository
Overview
If you just want to use Shared Software Repository Service skip to the Shared Software Repository Test Drive section below.
VMs running on clouds often need access to relatively large static software applications (typically Gigabytes). This is especially true with large scientific and technical packages. Often only a tiny fraction of the binary files in a large software package are actually accessed, however all those files must be present in order for the application to be useful. When running a large number of VM this software is copied, transported over a network, and unpacked many times. In addition, a small change in a software package necessitates the creation of a new version of a multi-gigabyte VM image. This type of problem is usually solved via some type of network file system, typically NFS. NFS and most other network file systems assume that the machine mounting the file system can be trusted, and also do not work efficiently over long latency network connections. Most network file systems are also not designed to work at Web Scale. In order to address this problem the CERN Virtual Machine File System (CVMFS) was created by CERN.
CVMFS presents a remote HTTP directory as a local file system, in which the client has read access to all available files. On its first access request, a file is downloaded and cached locally. All downloaded pieces are verified with SHA-1. This RPI Software Repository service makes this file system available as a service bootable on the DAIR cloud. The figure below shows the relationship between the components.
Shared Software Repository Test Drive
You can use the software provided in this RPI project to easily distribute software on demand to virtual machines. The following examples will allow you to test drive this functionality quickly. In summary:
- "Running the sample application" will have you launch an instance of the CVMFS server image (NEP52-cvmfs-server) and an instance of an interactive client (NEP52-interactive-cvmfs-client). You will then log into the client VM, point it at your CVMFS instance and run the sample application. * To retrieve your EC2_ACCESS_KEY and EC2_SECRET_KEY from the Openstack dashboard.
- " Customizing the software repository" will have you create and publish a second sample application within the software repository. Subsequently, you will execute the new application from the interactive client.
In order to try the Shared Software Repository Test Drive, you will need the following:
- A DAIR login ID with a large enough quota to run the two concurrent demonstration instances. If you do not have a DAIR login ID, you may request an account by sending email to dair.admin@canarie.ca
- To create your own keypair and save the pem file locally (see the Openstack dashboard/documentation).
Preparation
The NEP52 Shared Software Repository service and the related NEP52 Batch Services service make use of the network and require specific ports to be open. These ports must be added to your OpenStack default security group by logging into the OpenStack dashboard, selecting the "Access & Security" tab and clicking "Edit Rules" beside the default security group. Use the "Add Rule" dialog at the bottom of the form and ensure that all the ports shown in the figure below are included before proceeding with the test drive:
Running the sample application
Step 1: Log into DAIR and boot a Shared Software Repository instance
Login into the DAIR OpenStack Dashboard:
https://nova-ab.dair-atir.canarie.ca
. Select the
alberta region. Refer to the
OpenStack docs
for all the details of booting and managing VMs via the dashboard.
Go to the 'Images and Snapshot' tab on the left of the page then click the button that says 'Launch' next to the
NEP52-cvmfs-server image.
Fill in the form to look the same as the screen shot below substituting your
username wherever you see the string
"hepnet".
Next, you need to select your SSH key to associate with the instance so that you can login to the image. Click the access and security tab, pick your key, click "launch" (see screen shot below) and wait for the instance to become active.
Now associate a floating IP to the machine. Click on the instances tab on the left. From the "Actions" beside your newly started CVMFS server instance, choose "Associate Floating IP", complete the dialog and click "Associate" (we will use the IP address "208.75.74.18" for the CVMFS server).
Step 2: Launch an interactive client
Using the same procedure as for the CVMFS server image, launch an instance of
NEP52-interactive-cvmfs-client. You may set the instance name to anything you like, but you must assign your
keypair and associate a
floating IP to the instance (we will use the IP address "208.75.74.84" for the interactive client).
Step 3: Log into the interactive client and run the sample application
Log into the interactive client and point it to the CVMFS server (again, substitute your
username wherever you see the string
"hepnet". ):
%STARTCONSOLE%
ssh -i ~/.ssh/MyKey.pem
root@208.75.74.84
PointToCVMFS hepnet
%ENDCONSOLE%
Now switch to the guest account, list and run the application:
%STARTCONSOLE%
su - guest
ls -l /cvmfs/dair.cvmfs.server/*
/cvmfs/dair.cvmfs.server/Hello
%ENDCONSOLE%
N.B. The /cvmfs directory will be empty until you force CVMFS to populate it with either the "list" or the "Hello" commands as given above.
Adding an application to the CVMFS server
In this section we will show you how to modify the CVMFS server to distribute your own software.
Step 1: Log into the CVMFS server and create a second demonstration application
Log into the CVMS server, switch to the distributed software directory, and copy the "Hello" bash script to the file "Goodbye". Then edit the "Goodbye" script to echo a different message.
%STARTCONSOLE%
ssh -i ~/.ssh/MyKey.pem
root@208.75.74.18
cd /cvmfs/dair.cvmfs.server
cp Hello Goodbye
vi Goodbye
%ENDCONSOLE%
When you have saved your changes to the Goodbye script, publish your newly changed script to the world via CVMFS:
%STARTCONSOLE%
chown -R cvmfs.cvmfs /cvmfs/dair.cvmfs.server
cvmfs-sync
cvmfs_server publish
%ENDCONSOLE%
Step 2: Use the interactive client to run the new application
If you are still logged into the interactive client as "guest", use the "PointToCVMFS" command to restart then CVMFS client and then list and run the new application (again, make sure you substitute your
username wherever you see the string
"hepnet". ):
%STARTCONSOLE%
sudo /usr/local/bin/PointToCVMFS hepnet
ls -l /cvmfs/dair.cvmfs.server/*
/cvmfs/dair.cvmfs.server/Goodbye
%ENDCONSOLE%
Otherwise, if you are not still logged into the interactive client, log in, restart the CVMFS client, switch to the guest account, and run the newly created application:
%STARTCONSOLE%
ssh -i ~/.ssh/MyKey.pem
root@208.75.74.84
PointToCVMFS hepnet
su - guest
ls -l /cvmfs/dair.cvmfs.server/*
/cvmfs/dair.cvmfs.server/Goodbye
%ENDCONSOLE%
Take snapshots of your customized images
If you followed all the steps above you have customized versions of the CVMFS server and the Interactve CVMFS client running. You can now use the OpenStack dashboard to snapshot these servers to save yourself the work of customizing them again.
Using the Software Repository, server and client, on private clouds
If you would like to use the Software Repository virtual machines on your own private cloud, you may retrieve the VM images from the DAIR repository for installation in your cloud's repository. DAIR is an OpenStack cloud with the Glance image repository. Assuming your private cloud is also an OpenStack cloud with a Glance repository, the process for copying the image from DAIR to your own repository would be:
- On a convenient workstation:
- Install the glance client (eg. yum install python-glanceclient, apt-get install python-glanceclient, etc.).
- Log into the DAIR cloud and download the RC file (ie. Settings->!OpenStack API->Download RC File).
- Source the DAIR RC file (eg. source openrc-alberta.sh).
- Download the image to your workstation, eg:
- glance image-list
- glance image-download --file {image-name-on-workstation} {image-ID-from-list-on-DAIR}
- Log into your private cloud and download the RC file (ie. Settings->!OpenStack API->Download RC File).
- Source your cloud's RC file (eg. source openrc-yourcloud.sh).
- Upload the image to your private cloud, eg:
- glance image-create --file {image-name-on-workstation} --name {image-name-on-your-cloud} --disk-format qcow2 --container-format bare