Deploying a Production Gateway with Airavata

Similar documents
Quick-Start Tutorial. Airavata Reference Gateway

Quick Start Guide to Compute Canada Cloud Service

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

SUG Breakout Session: OSC OnDemand App Development

HySecure Quick Start Guide. HySecure 5.0

Ansible Tower Quick Setup Guide

All - In - One for Hyper- V

Installing Cisco MSE in a VMware Virtual Machine

Using the vrealize Orchestrator OpenStack Plug-In 2.0. Modified on 19 SEP 2017 vrealize Orchestrator 7.0

Simplified CICD with Jenkins and Git on the ZeroStack Platform

How to configure the LuxCloud WHMCS plugin (version 2+) Version: 2.2

Inception Cloud User s Guide

PowerExchange for Facebook: How to Configure Open Authentication using the OAuth Utility

LIVENX UPGRADE GUIDE (AIO)

Anvil: HCC's Cloud. June Workshop Series - June 26th

Deployment Guide for Nuage Networks VSP

Deployment Guide for Nuage Networks VSP

Booting a Galaxy Instance

Integration Guide. LoginTC

GMS. 1 Create and configure the virtual machine 2 Configure the virtual GMS server. Quick Start Guide. KVM Hypervisor.

getting started guide

ElasterStack 3.2 User Administration Guide - Advanced Zone

Andrew Pullin, Senior Software Designer, School of Computer Science / x4338 / HP5165 Last Updated: October 05, 2015

KeyNexus Hyper-V Deployment Guide

Table of Contents. CPS Supplier Portal 05 - Self-Service "Admin"

Quick Start Guide. Table of Contents

Eucalyptus User Console Guide

Two factor authentication for Citrix NetScaler

Verteego VDS Documentation

EDB Postgres Enterprise Manager EDB Ark Management Features Guide

Redhat OpenStack 5.0 and PLUMgrid OpenStack Networking Suite 2.0 Installation Hands-on lab guide

Andrew Pullin, Senior Software Designer, School of Computer Science / x4338 / HP5165 Last Updated: September 26, 2016

Eucalyptus User Console Guide

Azure Application Deployment and Management: Service Fabric Create and Manage a Local and Azure hosted Service Fabric Cluster and Application

Archiware Pure Quick Start Guide

Contents. Limitations. Prerequisites. Configuration

McAfee Boot Attestation Service 3.5.0

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Creating vservers 12c Release 1 ( )

EdgeConnect for Amazon Web Services (AWS)

vcloud Director Administrator's Guide

RCR Registry Signup Portal Steps for Signup Updated September 2015

User Workspace Management

Workshare Protect Server 3.9 on Microsoft Azure. Admin Guide

Martin Baker Secure Source-to-Pay How to Access and Log In

IBM Smart Cloud Entry Hosted Trial Guide 3.2

Load Balancing Web Servers with OWASP Top 10 WAF in Azure

Administration Guide

Table of Contents. I. How do I register for a new account? II. How do I log in? (I already have a MyJohnDeere.com account.)

KHEDS Account Creation and Maintenance URL:

EDB Postgres Enterprise Manager EDB Ark Management Features Guide

Azure for On-Premises Administrators Practice Exercises

StorSimple Appliance Quick Start Guide for Software Version 1.2.1

Deploying the Cisco ASA 1000V

Integrating with Prime Service Catalog

Quick Reference Guide: Working with CommVault Customer Support

SUREedge Migrator Installation Guide for Amazon AWS

Reset the Admin Password with the ExtraHop Rescue CD

University Information Technology Services Business Process Documentation

VMware Integrated OpenStack with Kubernetes Getting Started Guide. VMware Integrated OpenStack 4.0

Deployment of FireSIGHT Management Center on VMware ESXi

Amazon AppStream 2.0: SOLIDWORKS Deployment Guide

ZeroStack Quick Start Guide

USER MANUAL. SalesPort Salesforce Customer Portal for WordPress (Lightning Mode) TABLE OF CONTENTS. Version: 3.1.0

Pexip Infinity and Google Cloud Platform Deployment Guide

Deploying Cisco UCS Central

The Balabit s Privileged Session Management 5 F5 Azure Reference Guide

SOA Software API Gateway Appliance 6.3 Administration Guide

EnhancedEndpointTracker Documentation

OneLogin Integration User Guide

G Suite Basic or G Suite Business - Setup Instructions

VMware Integrated OpenStack User Guide. VMware Integrated OpenStack 4.1

Proofpoint Threat Response

USING NGC WITH AZURE. DU _v01 September Setup Guide

Single Sign-On for PCF. User's Guide

FAQ. General Information: Online Support:

VMware vcloud Air User's Guide

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

ISO Installation Guide. Version 1.2 December 2015

Red Hat CloudForms 4.5

VMware vfabric Data Director 2.5 EVALUATION GUIDE

vcloud Director Administrator's Guide vcloud Director 8.10

Remote & Collaborative Visualization. Texas Advanced Computing Center

Using PCF Ops Manager to Deploy Hyperledger Fabric

VMware Integrated OpenStack User Guide

eshop Installation and Data Setup Guide for Microsoft Dynamics 365 Business Central

Secure Web Appliance. Basic Usage Guide

Grandstream Networks, Inc. Captive Portal Authentication via Twitter

Web Cloud Solution. User Guide. Issue 01. Date

Administering vrealize Log Insight. 05-SEP-2017 vrealize Log Insight 4.3

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Enabling the Bullhorn and Calendar Integration with Google Apps

HCP Anywhere. By Storage & Cloud Services. Quick Start Guide Nov 2017 HCP ANYWHERE

Partner Integration Portal (PIP) Installation Guide

Secure Access Manager User Guide September 2017

Apache Airavata Open Source Framework

Load Balancing Nginx Web Servers with OWASP Top 10 WAF in Azure

FileCruiser. Administrator Portal Guide

Integrations. Help Documentation

Azure Archival Installation Guide

efolder BDR for Veeam VMware Continuity Cloud Guide

Transcription:

Deploying a Production Gateway with Airavata Table of Contents Pre-requisites... 1 Create a Gateway Request... 1 Gateway Deploy Steps... 2 Install Ansible & Python...2 Deploy the Gateway...3 Gateway Configuration... 5 Addendum I... 6 Requesting SGCI Hosting Services...6 Setting Up Account & VMs on Rodeo...6 Pre-requisites 1. Size small (recommended) CentOS 7 VM. Even a tiny VM is sufficient. (VM creation steps: Addendum 1) 2. An email account (recommended not to use personal email) for the gateway portal to use for portal user notifications. Create a Gateway Request 1. Create a user account in https://scigap.org/. 1

2. Verify your email, using the verification link sent to your email. 3. Login and create a gateway request by providing required information. 3. When creating the gateway request: a. Gateway Name: Name of your gateway, recommended to have a short string value. b. Gateway Contact Email: Your contact email, in case the Airavata team needs to contact you. c. Public Project Description: Describe your intentions. Are you planning to manage a production quality gateway in the future, nature of your research, etc. 4. When Airavata admins approve the request, you will be notified via email and can login to provide the rest of your information. a. Gateway URL: You will need one from a domain provider and point it to your VM instance IP address. b. Project Details: IMPORTANT - Provide your VM IP address and SSH user where you would be deploying the gateway. The Airavata team requires this in order to register your VM. 5. You would receive email notification when changes take place for your request. When the gateway request status changes to CREATED, you can deploy the gateway. 6. Login to https://scigap.org/ and use the information provided in Gateway Credential to deploy the gateway with Airavata production server. Gateway Deploy Steps Note: The steps below are done in your local machine (laptop/desktop). Install Ansible & Python 1. Install Ansible a. Note: the following assumes a Bash shell 2. Download and install the latest version of Python 3.6 a. See https://www.python.org/downloads/ or use your system s package manager 3. Create a virtual environment in this directory a. cd airavata/dev-tools/ansible b. python3.6 -m venv ENV 4. Source the environment (you ll need to do this each time before using Ansible commands) a. source ENV/bin/activate 5. Install Ansible and any other dependencies a. pip install -r requirements.txt 2

Deploy the Gateway 1. Clone Airavata from git a. git clone https://github.com/apache/airavata.git 2. Navigate to a. cd airavata/dev-tools/ansible/inventories/scigap 3. Copy directory SGCI-SSC and create a new directory and give a preferred name. E.g.: airavata-test 4. In your airavata-test directory open hosts. a. Under [pga] change the existing IP and login user with your Rodeo instance IP and SSH login user. 5. Login to https://scigap.org/ using your created account. In your listed gateway request make sure a. Gateway request status: CREATED. b. Click open View Credentials. c. This will open Gateway credentials window. 6. In your airavata-test directory go to group_vars/pga directory open vars.yml and provide: a. vhost_servername: (This is the Gateway URL in Gateway Credentials window.) b. admin_username: (When your gateway request is in CREATED this is the Admin Username in Gateway Credentials ) c. Image I Gateway Credentials d. admin_password:( This is admin_password under SciGaP Admin Comments ) 3

e. Image II SciGaP Admin Comments f. oauth_client_key:( This is the Oauth Client Key in Gateway Credentials ) g. oauth_client_secret:( This is the Oauth Client Secret in Gateway Credentials ) h. Auth_options: i. - name:(provide a preferred name for the gateway) i. gateway_id:(this is the Gateway Name in Gateway Credentials ) j. gateway_data_store_resource_id:( This is gateway_data_store_resource_id under SciGaP Admin Comments ) k. gateway_data_store_ssh_public_key: (Comment this line) l. admin_emails:(provide your gateway admin s email to receive notifications when users accounts are created. You can add many with comma separation.) m. portal_email_username:(this is for gateway to send emails to gateway users. When this account is created to make sure to turn off less secure app access) n. portal_email_password: (Password of the above portal email) o. portal_title: (Preferred title for the gateway portal) 7. Run the Ansible a. ansible-playbook --vault-password-file=vault-password.txt -i inventories/scigap/changeme pga.yml b. CHANGEME is the directory you created copying SGCI_SSC directory. 8. Once the installation is done login to the gateway using the admin username and the password. IMPORTANT: Change the password in your first login. 4

Gateway Configuration 1. Create a new gateway account and confirm the user receiving email notifications for account verification. 2. Provide the newly created user account with gateway admin role. 3. Login as the new user, navigate the Admin Dashboard Credential Store a. Click Generate a new token. b. This will create a token + public key pair to use in gateway SSH communications with compute resources as well as storage resources. c. Copy the Public Key and add it to your compute resource (XSEDE cluster, campus cluster, etc.) login account and your VM login account (Centos VM under login user pga). 4. Navigate to Admin dashboard Gateway Management a. Select the token just generated as the base Credential Store Token b. Click Set c. Click Add a Compute Resource Preference d. Select your XSEDE resource/cluster and enter details i. Login username:(this is the login username used for SSH login to the cluster) ii. Preferred Batch Queue:(Select the queue for job submission) iii. Scratch Location:(Parent directory for gateway job working directory creation) iv. Allocation Project Number:(This is applicable for XSEDE clusters) v. Click Set preferences vi. Click Add a Storage Resource Preference vii. Select your VM IP address and enter details 1. Login username:(this is the login username used for SSH login to the cluster) 2. File System Root Location: /var/www/portals/gateway-userdata/changeme (CHANGEME is the gateway name you have in Gateway Credentials ) 3. Click Set preferences 5. For more details on configuring a gateway: http://airavata.readthedocs.io/en/latest/admin-tutorials/ 6. Add an application: http://airavata.readthedocs.io/en/latest/admin- Tutorials/#GaussianJob 5

Addendum I Instructions for creating a VM in the Rodeo cluster at TACC Requesting SGCI Hosting Services Our hosting service provides a limited amount of space on the Rodeo system at the Texas Advanced Computing Center (TACC). It is available free of charge to US-based gateway projects for up to 6 months of time. Rodeo is a powerful cloud resource that allows for the full customization of computational environments and lets users create virtual machines, host data, and provide services of benefit to the science gateway community. Each project approved for hosting time via SGCI will be given a quota of 3 VMs with each VM consisting of 2 VCPUs, 20 GB of Disk, and 4 GB of RAM in addition to a single public, floating IP with your own private project network. Additional configurations are available upon request. A basic security group allowing traffic on the standard web ports (80 and 443) will be provided with additional configurations available upon request. Additional storage is available (either in the form of volumes or larger instances) upon request. The Rodeo environment is meant as a test/sandbox environment and does not have any backup capabilities. Please ensure you have backed up any code and services you deploy on the system. Also, the system may be unavailable at times due to maintenance periods. Interested? Apply using the form on the SGCI Web Site. Setting Up Account & VMs on Rodeo 1. In order to access Rodeo, you will need to create an account at: https://sgci.agaveapi.co/create_account IMPORTANT: Please remember your account credentials from this step and please keep your credentials secure. No administrator will ever ask you for your credentials. 2. Navigate to https://rodeo.tacc.utexas.edu enter your username and password that you used in Creating a SGCI Account. Enter SGCI for the Domain field. 6

3. Upon successful login, you will be presented with your project s dashboard. 4. This view provides a high-level overview of your allocation on Rodeo. 5. In order to create the instance, you will need to navigate to the Instance under the Compute menu. 7

6. From the Instances page, click the Launch Instance button. 7. You will be presented with the Launch Instance wizard which will require filling out few form fields. Give a name to the instance the name, e.g.: airavata-test-gateway 8. When launching an instance select m1.small from Flavor, Boot from image from Instance Boot Source, and Centos 7 from Image Name. 9. After populating the Details tab, click the Access & Security tab. 8

10. If you already have an SSH key pair, you can import them by clicking the plus (+) button next to the drop-down menu for Key Pair. 11. You can also receive instructions on how to generate a key pair if you do not have one already. 12. The wizard will walk you through how to generate a key pair if you need one. This allows you to access your instance. Password login to the admin account is disabled for security purposes. 13. Once you have configured your Key Pair, you will add your instance to the default security group by checking the box under Security Groups. 14. Once the Access & Security information has been collected move to the next tab labeled Networking to confirm the networking settings. 9

15. There should be only one Available Network. Your instance should be associated with the SGCI: Sample Hosting Project Network. 16. Once the network has been associated you can click the blue Launch button. Your instance will be created and available shortly for access. 17. Click on Instances and then in the Actions column select Associate Floating IP for your instance and select 129.114.6.253 (which was the only option). 18. Click on Access & Security and for the default Security Group select Manage Rules. a. Click the Add Rule button and select the HTTP rule from the Rules dropdown and then click Add. 10

b. Note: in general, we run the portal under HTTPS but it can be helpful to have HTTP access when initially installing the portal and before the SSL certificate is set up. 19. SSH into rodeo@129.114.6.253 and confirm access. 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback