The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "Federated Cloud Containers"
| Line 57: | Line 57: | ||
And once in, start using docker: | And once in, start using docker: | ||
ubuntu@fedcloud_vm:~$ sudo | ubuntu@fedcloud_vm:~$ sudo docker run busybox echo "hello" | ||
Unable to find image 'busybox:latest' locally | Unable to find image 'busybox:latest' locally | ||
latest: Pulling from library/busybox | latest: Pulling from library/busybox | ||
Revision as of 12:45, 3 March 2016
| Overview | For users | For resource providers | Infrastructure status | Site-specific configuration | Architecture |
EGI Federated Cloud clients docker image
EGI has produced a egifedcloud/fedcloud-inserinterface docker image with OCCI and VOMS clients configured to use them on the EGI FedCloud. If you have a working docker installation you can get it with the following command:
docker pull egifedcloud/fedcloud-userinterface
The image is based on ubuntu and has on top of it an installation of the latest versions of rOCCI-cli (as available in rOCCI-cli AppDB entry) and VOMS clients (as available in UMD). You can run the commands easily with docker:
docker run -it egifedcloud/fedcloud-userinterface occi [args]
or
docker run -it egifedcloud/fedcloud-userinterface voms-proxy-init [args]
To ease the usage of the docker client, you can get the git repository https://github.com/enolfc/fedcloud-userinterface where you can find one helper script: occi. This script will check if you have a valid proxy and create one for you if not found (expects to find certificates under ~/.globus, check installation of certificate files for more information on certificates) and then runs the occi command against a endpoint defined in environment variable OCCI_ENDPOINT with any options passed, e.g.:
OCCI_ENDPOINT=http://server4-epsh.unizar.es:8787 ./occi --action list --resource compute
will execute action list on resource compute for endpoint http://server4-epsh.unizar.es:8787.
Current directory will be mounted as a volume in /data will be mounted at the container when using this script. For example, to use a context.sh file as user_data:
./occi -a create -r compute -T user_data="file:///data/context.sh" [...]
Using Windows
In order to use the script on Windows follow this instructions (from the docker terminal):
- Follow the instructions below taking into account that in order to perform step 2 (copying the certificates to the machine) you can access your Windows home folder at
/c/Users/<user name>/. For example of you have yourYourCert.p12file at your Desktop, you can use the following command (user name here isenol):cp /c/Users/enol/Desktop/YourCert.p12 ., all the other steps remain the same. - Clone the git repository:
git clone https://github.com/enolfc/fedcloud-userinterface.git - cd into the git repo and start using the commands:
cd fedcloud-userinterface OCCI_ENDPOINT=http://server4-epsh.unizar.es:8787 sh ./occi --action list --resource compute
Running Docker Containers in the EGI Federated Cloud
Docker containers can be executed at any EGI Federated Cloud site by either:
- (recommended) using a pre-configured image with docker like the EGI Docker image
- installing docker on top of an existing VM (e.g. by following the installation instructions on docker page)
Using the EGI Docker image
The EGI Docker image is a VM image based on ubuntu 14.04 with docker installed and running. You can start that image as any other image available from AppDB.
- Go to the EGI Docker image entry in AppDB
- Check the IDs of the OCCI templates and endpoints to run the image for your VO at the selected site
- Use a ssh-key when creating the VM (check FAQ for more info)
- (Optional) Some sites may require the allocation of a public IP before you can log in
- Then you can either log in into the VM and use docker from there, or configure your docker client to connect to the remote VM
Using docker from inside the VM
You can log in with user ubuntu and your private ssh key:
ssh -i <private key> ubuntu@<your VM ip>
And once in, start using docker:
ubuntu@fedcloud_vm:~$ sudo docker run busybox echo "hello" Unable to find image 'busybox:latest' locally latest: Pulling from library/busybox c00ef186408b: Pull complete ac6a7980c6c2: Pull complete Digest: sha256:e4f93f6ed15a0cdd342f5aae387886fba0ab98af0a102da6276eaf24d6e6ade0 Status: Downloaded newer image for busybox:latest hello
Connect remotely to the VM
Alternatively, you can use docker-machine to easily configure your VM to run docker commands from your computer. Use the following command to do so:
docker-machine create --driver generic --generic-ip-address <ip of your VM> \
--generic-ssh-user ubuntu \
--generic-ssh-key <your public ssh key> \
<a name for the VM>
then configure your shell to connect to that VM:
eval "$(docker-machine env <name of the VM>)"
and start using docker:
$ docker run docker/whalesay cowsay boo
Unable to find image 'docker/whalesay:latest' locally
latest: Pulling from docker/whalesay
2880a3395ede: Pull complete
515565c29c94: Pull complete
98b15185dba7: Pull complete
2ce633e3e9c9: Pull complete
35217eff2e30: Pull complete
326bddfde6c0: Pull complete
3a2e7fe79da7: Pull complete
517de05c9075: Pull complete
8f17e9411cf6: Pull complete
ded5e192a685: Pull complete
Digest: sha256:178598e51a26abbc958b8a2e48825c90bc22e641de3d31e18aaf55f3258ba93b
Status: Downloaded newer image for docker/whalesay:latest
_____
< boo >
-----
\
\
\
## .
## ## ## ==
## ## ## ## ===
/""""""""""""""""___/ ===
~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~
\______ o __/
\ \ __/
\____\______/
Clusters
Tools for managing cluster of docker VMs can be used in FedCloud, although they have to be manually managed. Docker swarm, Google Kubernetes, Apache Mesos, and CoreOs Fleet are tested on FedCloud resources. Please contact EGI support for technical support.