Commit 05c81fc7 authored by Ryan Jones's avatar Ryan Jones
Browse files

updated files

parent 5c5745b2
---
v2:
metadata:
title: "{{ cluster_name }}"
login:
host: "{{ cluster_name }}"
job:
adapter: "slurm"
bin: "/bin"
batch_connect:
basic:
script_wrapper: |
module reset
%s
set_host: "host=$(hostname -s)"
vnc:
script_wrapper: |
module reset
export PATH="/opt/TurboVNC/bin:$PATH"
export WEBSOCKIFY_CMD="/bin/websockify"
%s
set_host: "host=$(hostname -s)"
---
name: RStudio Server
category: Interactive Apps
subcategory: Servers
role: batch_connect
description: |
This app will launch [RStudio Server] an IDE for [R].
[RStudio Server]: https://www.rstudio.com/products/rstudio-server/
[R]: https://www.r-project.org/
---
batch_connect:
template: "basic"
script:
native:
- "-N 1"
- "-n <%= bc_num_slots.blank? ? 1 : bc_num_slots.to_i %>"
- "--mem-per-cpu=<%= bc_num_mems.blank? ? 4 : bc_num_mems.to_i %>G"
- "--partition=<%= bc_partition %>"
- "--time=<%= bc_num_hours.blank? ? 1 : bc_num_hours.to_i %>:00:00"
- "--job-name=ood-r-<%= version.split("/")[-1] %>"
<%- if bc_partition == "pascalnodes" -%>
- "--gres=gpu:1"
<%- end -%>
---
- name: Clone template repo from upstream
git:
repo: 'https://github.com/rtripath89/bc_osc_rstudio_server.git'
dest: '/var/www/ood/apps/sys/bc_rstudio_server'
force: yes
version: 0.6.0
- name: Replace form.yml
template:
src: form.yml
dest: /var/www/ood/apps/sys/bc_rstudio_server/form.yml
- name: Replace form submission template
copy:
src: submit.yml
dest: /var/www/ood/apps/sys/bc_rstudio_server/submit.yml.erb
- name: Replace manifest file
copy:
src: manifest.yml
dest: /var/www/ood/apps/sys/bc_rstudio_server/manifest.yml
---
cluster: "{{ cluster_name }}"
attributes:
bc_num_hours:
value: 1
bc_num_slots:
label: Number of CPU
value: 1
min: 1
max: 24
step: 1
bc_num_mems:
widget: "number_field"
label: Memory per CPU (GB)
value: 4
min: 1
max: 128
step: 1
bc_partition:
widget: select
label: Partition
options:
- [ "low", "low" ]
version:
widget: select
label: "R version"
help: "This defines the version of R you want to load."
options:
# Define functioning R version overloads using a colon after the module load statement
{% for ver in r_versions %}
- [ "{{ ver.full }}", "rstudio_singularity/{{ ver.full }}"]
{% endfor %}
form:
- version
- bc_num_hours
- bc_partition
- bc_num_slots
- bc_num_mems
- bc_email_on_started
---
- name: Enable http service
systemd:
state: started
name: httpd24-httpd
enabled: yes
- name: Open port http/s
firewalld:
service: http
permanent: true
state: enabled
- firewalld:
service: https
permanent: true
state: enabled
- name: Disable SELinux Enforcement (permissive)
selinux:
policy: targeted
state: permissive
- name: Set SELinux to permissive mode without reboot
command: setenforce 0
# Job submission configuration file
#
---
# This config comes from below URL
# https://github.com/OSC/bc_example_jupyter/blob/custom_environment/submit.yml.erb
# The -C option in the config provided for slurm has been removed because it does
# not apply to implementation at UAB. We do not use constraint list to be used with -C.
batch_connect:
template: "basic"
script:
native:
- "-N 1"
- "-n <%= bc_num_slots.blank? ? 1 : bc_num_slots.to_i %>"
- "--mem-per-cpu=<%= bc_num_mems.blank? ? 4 : bc_num_mems.to_i %>G"
- "--partition=<%= bc_partition %>"
- "--time=<%= bc_num_hours.blank? ? 1 : bc_num_hours.to_i %>:00:00"
- "--job-name=ood-jupyter"
<%- if bc_partition == "pascalnodes" -%>
- "--gres=gpu:1"
<%- end -%>
---
- name: Remove existing jupyter app install
file:
path: /var/www/ood/apps/sys/jupyter/
state: absent
- name: Creates directory to clone the jupyter app
file:
path: /var/www/ood/apps/sys/jupyter/
state: directory
- name: Clone the default jupyter app from OOD
git:
repo: https://github.com/OSC/bc_example_jupyter.git
version: custom_environment
dest: /var/www/ood/apps/sys/jupyter
- name: Use custom form.yml from templates for jupyter app
template:
src: custom-jupyter-form.yml
dest: /var/www/ood/apps/sys/jupyter/form.yml
- name: Use submit.yml.erb file tailored for slurm usage at UAB
copy:
src: jupyter-submit.yml.erb
dest: /var/www/ood/apps/sys/jupyter/submit.yml.erb
- name: Use custom script.sh.erb provided to avoid Jupyter Crash with user id!=1000
template:
src: jupyter-script.sh.erb
dest: /var/www/ood/apps/sys/jupyter/template/script.sh.erb
# Batch Connect app configuration file
#
# @note Used to define the submitted cluster, title, description, and
# hard-coded/user-defined attributes that make up this Batch Connect app.
---
# **MUST** set cluster id here that matches cluster configuration file located
# under /etc/ood/config/clusters.d/*.yml
# @example Use the Owens cluster at Ohio Supercomputer Center
# cluster: "owens"
cluster: {{ cluster_name }}
# Title of the app displayed in the Dashboard
title: "Jupyter Notebook"
# Description of the app displayed in the Dashboard (can use multi-line string
# and Markdown syntax)
description: |
This app will launch a Jupyter Notebook server on one or more cores.
# Define attribute values that aren't meant to be modified by the user within
# the Dashboard form
attributes:
# Set the corresponding modules that need to be loaded for Jupyter to run
#
# @note It is called within the batch job as `module load <modules>` if
# defined
# @example Do not load any modules
# modules: ""
# @example Using default python module
# modules: "python"
# @example Using specific python module
# modules: "python/3.5"
# @example Using combination of modules
# modules: "python/3.5 cuda/8.0.44"
custom_environment:
widget: text_area
label: Environment Setup
value: |
# The latest version of Anaconda3 with jupyter is loaded by default.
# If you would like to load other modules
# or use specific version of Anaconda please list below
#
# format:
# module load example_module/VERSION example_module2
# Whether Conda extensions will be available within the Jupyter notebook
# server
#
# @note Allows the user to use conda environment-based kernels from their
# Jupyter notebook dashboard
# @example Do NOT allow Conda extensions to be used
# conda_extensions: "0"
# @example Do allow Conda extensions to be used
# conda_extensions: "1"
# @see https://docs.continuum.io/anaconda/user-guide/tasks/use-jupyter-notebook-extensions
conda_extensions: "1"
# Any extra command line arguments to feed to the `jupyter notebook ...`
# command that launches the Jupyter notebook within the batch job
extra_jupyter_args:
widget: text_field
label: Extra jupyter arguments
bc_num_hours:
value: 1
bc_num_slots:
label: Number of CPU
value: 1
min: 1
max: 24
step: 1
bc_num_mems:
widget: "number_field"
label: Memory per CPU (GB)
value: 4
min: 1
max: 128
step: 1
bc_partition:
widget: select
label: Partition
options:
- [ "low", "low" ]
# All of the attributes that make up the Dashboard form (in respective order),
# and made available to the submit configuration file and the template ERB
# files
#
# @note You typically do not need to modify this unless you want to add a new
# configurable value
# @note If an attribute listed below is hard-coded above in the `attributes`
# option, then it will not appear in the form page that the user sees in the
# Dashboard
form:
- custom_environment
- conda_extensions
- extra_jupyter_args
- bc_num_hours
- bc_partition
- bc_num_slots
- bc_num_mems
- bc_email_on_started
#!/bin/bash -l
# Set working directory to home directory
cd "${HOME}"
module reset
#
# Start Jupyter Notebook Server
#
module load Anaconda3
<%= context.custom_environment %>
unset XDG_RUNTIME_DIR
# Launch the Jupyter Notebook Server
jupyter notebook --config="${CONFIG_FILE}" <%= context.extra_jupyter_args %>
#!/usr/bin/env bash
# Clean the environment
module purge
# Set working directory to home directory
cd "${HOME}"
#
# Launch Xfce Window Manager and Panel
#
(
export SEND_256_COLORS_TO_REMOTE=1
export XDG_CONFIG_HOME="<%= session.staged_root.join("config") %>"
export XDG_DATA_HOME="<%= session.staged_root.join("share") %>"
export XDG_CACHE_HOME="$(mktemp -d)"
module restore
set -x
xfwm4 --compositor=off --daemon --sm-client-disable
xsetroot -solid "#D3D3D3"
xfsettingsd --sm-client-disable
xfce4-panel --sm-client-disable
) &
#
# Start MATLAB
#
# Load the required environment
module load matlab/r2018a
# Launch MATLAB
module list
set -x
matlab -desktop
---
batch_connect:
template: "vnc"
script:
native:
- "-N 1"
- "-n <%= bc_num_slots.blank? ? 1 : bc_num_slots.to_i %>"
- "--mem-per-cpu=<%= bc_num_mems.blank? ? 4 : bc_num_mems.to_i %>G"
- "--partition=<%= bc_partition %>"
- "--time=<%= bc_num_hours.blank? ? 1 : bc_num_hours.to_i %>:00:00"
- "--job-name=ood-matlab"
- name: Remove existing matlab app install
file:
path: /var/www/ood/apps/sys/matlab/
state: absent
- name: matlab directory
file:
path: /var/www/ood/apps/sys/matlab
state: directory
- git:
repo: 'https://github.com/OSC/bc_osc_matlab.git'
dest: /var/www/ood/apps/sys/matlab/
clone: yes
- name: Replace form.yml
template:
src: form.yml
dest: /var/www/ood/apps/sys/matlab/form.yml
- name: Remove form.js
file:
path: /var/www/ood/apps/sys/matlab/form.js
state: absent
- name: Replace form submission template
copy:
src: submit.yml
dest: /var/www/ood/apps/sys/matlab/submit.yml.erb
- name: Replace form script template
copy:
src: script.sh.erb
dest: /var/www/ood/apps/sys/matlab/template/script.sh.erb
---
cluster: "{{ cluster_name }}"
attributes:
bc_num_hours:
value: 1
bc_num_slots:
label: Number of CPU
value: 1
min: 1
max: 24
step: 1
bc_num_mems:
widget: "number_field"
label: Memory per CPU (GB)
value: 4
min: 1
max: 128
step: 1
bc_partition:
widget: select
label: Partition
options:
- [ "low", "low" ]
version:
widget: select
label: "MATLAB version"
help: "This defines the version of MATLAB you want to load."
options:
- [ "R2018a", "matlab/R2018a" ]
form:
- version
- bc_num_hours
- bc_partition
- bc_num_slots
- bc_num_mems
- bc_email_on_started
- name: Remove existing SAS app install
file:
path: /var/www/ood/apps/sys/sas/
state: absent
- name: Create SAS app directory
file:
path: /var/www/ood/apps/sys/sas
state: directory
- git:
repo: 'https://github.com/uabrc/ood_sas.git'
dest: /var/www/ood/apps/sys/sas/
clone: yes
- name: Replace form.yml
template:
src: form.yml
dest: /var/www/ood/apps/sys/sas/form.yml
- name: Remove form.js
file:
path: /var/www/ood/apps/sys/sas/form.js
state: absent
---
cluster: "{{ cluster_name }}"
attributes:
bc_num_hours:
value: 1
bc_num_slots:
label: Number of CPU
value: 1
min: 1
max: 24
step: 1
bc_num_mems:
widget: "number_field"
label: Memory per CPU (GB)
value: 4
min: 1
max: 128
step: 1
bc_partition:
widget: select
label: Partition
options:
- [ "low", "low" ]
version:
widget: select
label: "SAS version"
help: "This defines the version of SAS you want to load."
options:
- [ "v9.4", "sas/v9.4" ]
form:
- version
- bc_num_hours
- bc_partition
- bc_num_slots
- bc_num_mems
- bc_email_on_started
The Shibboleth role requires additional post-install setup
## Overview
The SAML-based single-sign-on (SSO) requires an identity provider (IdP)
to issue user identities to the ood web application (SP). This
role is pre-configured to use the samltest.id IdP for testing.
All authentication handshaking is handled by the web browser used to
access the ood web application. In a normal deployment, your
ood node will have a host name registered in DNS. You can access
this host name and get Shibboleth metadata for our SP from it's custom
metadata url, e.g. https://ood.example.org/Shibbolth.SSO/Metadata. This
metadata can be saved and uploaded to https://samltest.id/upload.php. After
uploading, you should be able to log in to the ood app using the test
accounts from samltest.id.
Notes:
* samltest.id should only be used during development since it
is not a production IdP.
* you likely want to use a different name than the above to avoid
conflicting with other users of samltest.id.
## Isolated Development Environments
If you are working in an isolated development environment, for example your ood
is running on a local Vagrant VM or in some other environment where
it doesn't make any sense to use DNS, then you should create a host to IP
mapping on the client from which you are testing (i.e. your laptop's
`/etc/hosts` file). This will maps a host nameto your dev ood and let you use
that instead of an the IP address at which your dev ood instance is running.
Once that's in place you can follow the steps above to register your dev
instance's SP metadata with samltest.id.
For example, if your ood dev box is accessible at port 8080 on your local laptop
ip 127.0.0.1, then you can add an entry like this to /etc/hosts
```
127.0.0.1 localhost ood-dev.example.org
```
After that, you can access the dev instance metadata url
http://ood-dev.example.org:8080/Shibboleth.SSO/Metadata, save the Metadata
file, and upload that file to https://samltest.id/upload.php. Finally, you can
test access your ood dev instance at http://ood-dev.example.org:8080
## Common Shibboleth Errors
If you attempt to log into your dev ood instance and see an "Unable to Respond"
error like the following:
> Web Login Service - Unable to Respond
> The login service was unable to identify a compatible way to respond to the requested application. This is generally due to a misconfiguration on the part of the application and should be reported to the application's support team or owner.
Then you aren't using a host name for your dev instance for which samltest.id
has metadata. Register the metadata associated with the host name you are using
to access your dev instance or make sure you are using the correct host name to
access our dev instance.
If you see a message about "opensaml::FatalProfileException" with the message:
> A valid authentication statement was not found in the incoming message.
then you need to correctly update samltest.id with the current metadata for your
dev instance. Simply get the current copy of the metadata at the metadata URL
and upload it to samltest.id again. The new metadata will overwrite the old.
"msmith@samltest.id" vagrant
"rsanchez@samltest.id" vagrant
"scooper@samltest.id" vagrant
<SPConfig xmlns="urn:mace:shibboleth:3.0:native:sp:config"
xmlns:conf="urn:mace:shibboleth:3.0:native:sp:config"
clockSkew="180">
<OutOfProcess tranLogFormat="%u|%s|%IDP|%i|%ac|%t|%attr|%n|%b|%E|%S|%SS|%L|%UA|%a" />
<!--
By default, in-memory StorageService, ReplayCache, ArtifactMap, and SessionCache
are used. See example-shibboleth2.xml for samples of explicitly configuring them.
-->
<!-- The ApplicationDefaults element is where most of Shibboleth's SAML bits are defined. -->
<ApplicationDefaults entityID="https://testshib.dev.rc.uab.edu:8080/shibboleth"