Make sure you are subscribed to “Cloud Infrastructure” in CERN services: https://resources.web.cern.ch/resources/Manage/ListServices.aspx
Go to https://openstack.cern.ch/project/ → Instances → Launch Instance
Fill out data (use any sensible names instead of "my-something" given here). Important: use CC7 TEST
image as specified in screenshot, it contains some important fixes needed for this tutorial.
Import keypair or if you dont have one, you can generate it(see tutorial)
And then press "Launch Instance"
Once instance is launched you can connect to it from cern network:
ssh root@my-development-instance
Once ssh-ed, install Docker with following commands:
yum update
yum install -y yum-utils
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum install -y docker-ce
service docker start
docker ps # should output empty list of containers
mkdir ~/my-analysis-container
cd ~/my-analysis-container
touch Dockerfile
Add all specific software to your docker container(see tutorial):
FROM cern/cc7-base
RUN yum -y install root texlive xrootd-client wget bzip2 || true
# For python3.6 use this link: https://repo.continuum.io/miniconda/Miniconda3-latest-Linux-x86_64.sh
RUN echo 'export PATH=/opt/conda/bin:$PATH' > /etc/profile.d/conda.sh &&\
wget --quiet -O /tmp/conda.sh https://repo.continuum.io/miniconda/Miniconda2-latest-Linux-x86_64.sh &&\
/bin/bash /tmp/conda.sh -b -p /opt/conda
After that build docker image:
$ docker build .
.... things are happening here ....
Successfully built 6645809c7d11 # ID can vary
$ docker tag 6645809c7d11 my-analysis-image
Get data for your analysis:
mkdir my-analysis-data
cd my-analysis-data;
kinit <your_username>@CERN.CH
# if your data on eos
yum -y install xrootd-client
xrdcp -r root://eoslhcb.cern.ch//eos/path/to/analysis/data .
# or on AFS:
scp -r <your_username>@lxplus.cern.ch:/path/to/data .
If you need more space on machine, you can create a volume in CERN Openstack and then mount it(see tutorial).
You can use locmap tool to configure widely-used services:
$ yum -y install locmap
$ locmap --list
[Available Modules]
Module name : sudo[enabled]
Module name : sendmail[enabled]
Module name : cernbox[disabled]
Module name : ntp[enabled]
Module name : gpg[enabled]
Module name : cvmfs[disable]
Module name : ssh[enabled]
Module name : lpadmin[enabled]
Module name : nscd[disabled]
Module name : kerberos[enabled]
Module name : eosclient[enabled]
Module name : afs[enabled]
$ locmap --enable cvmfs
$ locmap --configure cvmfs
Go to https://gitlab.cern.ch/<username>/<project name>/runners
and do two things:
- Disable shared runners
- Using data provided on page[screenshot] configure gitlab ci runner:
docker run -d --name gitlab-runner --restart always \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /etc/gitlab-runner:/etc/gitlab-runner \
gitlab/gitlab-runner:v1.10.5
docker exec -it gitlab-runner gitlab-runner register
It should look something like that:
[root@my-development-instance ~]# docker exec -it gitlab-runner gitlab-runner register
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.cern.ch/ci
Please enter the gitlab-ci token for this runner:
[id from https://gitlab.cern.ch/<username>/<project name>/runners]
Please enter the gitlab-ci description for this runner:
[8178263763e7]: my-awesome-runner
Please enter the gitlab-ci tags for this runner (comma separated):
Registering runner... succeeded runner=gGxFcvut
Please enter the executor: parallels, shell, docker+machine, docker-ssh+machine, docker, docker-ssh, kubernetes, ssh, virtualbox:
docker
Please enter the default Docker image (e.g. ruby:2.1):
my-analysis-image
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
The last command will create configuration file in /etc/gitlab-runner/config.toml
. You can modify it to use your data-folder and image for analysis. Important: set pull_policy = "if-not-present"
so gitlab runner can use your local image.
concurrent = 1
check_interval = 0
[[runners]]
name = "my-awesome-runner"
url = "https://gitlab.cern.ch/ci"
token = "3995767a245d48d7f4a124ef4fd17e"
executor = "docker"
[runners.docker]
tls_verify = false
image = "my-analysis-image"
privileged = false
disable_cache = false
volumes = ["/cache", "/root/my-analysis-data:/data"]
pull_policy = "if-not-present"
[runners.cache]
All good. Runner is set up!
In order to make CI work with your repo just commit .gitlab-ci.yml
into your repo:
image: my-analysis-image
stages:
- build
prepare_data:
stage: build
script:
- bash -lc "ls -lah /data"
You should see CI badge on the project page:
And if you didn't map
/data
, thels /data
will fail. So how aboutls -lah /data || ls -lah /cache || true