Login

NextGenTrigger Task 1.7 Meeting

Europe/Zurich
40/R-D10 (CERN)

40/R-D10

CERN

20
Show room on map
NGT Task 1.7
Zoom Meeting ID
65606242618
Host
Axel Naumann
Alternative hosts
Andrea Bocci, Attila Krasznahorkay
Useful links
Join via phone
Zoom URL
    • 09:30 09:35
      Project updates 5m
      Speakers: Dr Andrea Bocci (CERN), Attila Krasznahorkay (University of Massachusetts (US)), Axel Naumann (CERN)
    • 09:40 10:20
      Reports and updates 40m
      Speaker: All

      Kubernetes Setup (Alice O2)

      The following two things differ for each user and thus cannot be part of the container:

      • ssh keys
      • git config

      The kubernetes naative solution for these are secrets and config maps. They are created by the following terminal commands.

      • kubectl create secret generic ssh-secret --type=kubernetes.io/ssh-auth --from-file=ssh-privatekey=$HOME/.ssh/id_ecdsa
      • kubectl create configmap gitconfig --from-file=.gitconfig=/path/to/gitconfig

      where "/path/to/gitconfig" is a file containing the git config. Then we can "kubectl apply" the following yaml file:

      apiVersion: v1
      kind: Pod
      metadata:
        name: o2-standalone
      spec:
        containers:
        - name: o2-standalone
          image: oliverrietmann/o2-standalone:latest
          command: ["sh", "-c", "cp /root/secret/ssh-privatekey /root/.ssh/id_ecdsa && sleep infinity"]
          resources:
            limits:
              nvidia.com/gpu: 1
          securityContext:
            runAsUser: 0
            runAsGroup: 0
          volumeMounts:
          - name: ssh-volume
            mountPath: /root/secret
          - name: gitconfig
            mountPath: /root/.gitconfig
            subPath: .gitconfig
          - name: o2-alice-volume
            mountPath: /root/alice
          - name: o2-standalone-volume
            mountPath: /root/standalone
        volumes:
        - name: ssh-volume
          secret:
            secretName: ssh-secret
            defaultMode: 0600
        - name: gitconfig
          configMap:
            name: gitconfig
        - name: o2-alice-volume
          persistentVolumeClaim:
            claimName: o2-alice-pvc
        - name: o2-standalone-volume
          persistentVolumeClaim:
            claimName: o2-standalone-pvc
        nodeSelector:
          nvidia.com/gpu.product: NVIDIA-H100-NVL

      ---
      apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: o2-alice-pvc
      spec:
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 50Gi
        storageClassName: shared

      ---
      apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: o2-standalone-pvc
      spec:
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 10Gi
        storageClassName: shared

       

    • 10:25 10:30
      AOB 5m
Powered by Indico v3.3.7-pre