This repository has been archived by the owner on May 26, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
228 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,139 @@ | ||
## Run Pirus | ||
|
||
You can run Pirus on a fresh install of Ubuntu Xenial either on bare metal or in a container (see below). | ||
The following commands starting with a `#` have to be run as root. | ||
|
||
Install Pirus dependencies: | ||
|
||
# apt update && apt upgrade | ||
# apt install git ca-certificates nginx rabbitmq-server mongodb lxd build-essential libssl-dev libffi-dev python3-dev virtualenv | ||
|
||
Setup lxd for Pirus containers (FIXME). `newgrp` permet d'ajouter un groupe à l'utilisateur courant (et non pas de créer un groupe). | ||
|
||
# newgrp lxd | ||
# lxd init | ||
|
||
You have to configure LXD with `lxd init`: | ||
* Name of the storage backend to use (dir or zfs): dir | ||
* Would you like LXD to be available over the network (yes/no): no | ||
* Do you want to configure the LXD bridge: yes | ||
* Would you like to setup a network bridge for LXD containers now? Yes | ||
* Bridge interface name: (keep default) | ||
* Would you like to setup an IPv4 subnet? Yes | ||
* IPv4 address: (keep default) | ||
* IPv4 CIDR mask: (keep default) | ||
* First DHCP address: (keep default) | ||
* Last DHCP address: (keep default) | ||
* Max number of DHCP clients: (keep default) | ||
* Do you want to NAT the IPv4 traffic? Yes | ||
* Do you want to setup an IPv6 subnet? No | ||
|
||
Add an user account for Pirus and allow it to use lxd: | ||
|
||
# useradd pirus --create-home | ||
# usermod -a -G lxd pirus | ||
|
||
Create Pirus directories: | ||
|
||
# mkdir -p /var/regovar/pirus/{cache,downloads,files,databases,pipelines,runs} | ||
# chown -R pirus:pirus /var/regovar/pirus | ||
|
||
Launch a LXD container to get an Ubuntu Xenial image. This will generate a client certificate and make the subsequent container creations faster. | ||
|
||
# su pirus | ||
$ lxc launch images:ubuntu/xenial firstContainerToInitLxd | ||
$ lxc delete firstContainerToInitLxd --force | ||
|
||
Get the Pirus source code and assets: | ||
|
||
$ git clone https://github.com/REGOVAR/Pirus.git ~/Pirus | ||
$ cd ~/Pirus | ||
|
||
Create a virtual environment to use Python 3.5 without conflicting with other setups: | ||
|
||
$ virtualenv -p /usr/bin/python3.5 venv | ||
|
||
Activate the virtual environment: | ||
|
||
$ source venv/bin/activate | ||
|
||
Install Pirus Python dependencies: | ||
|
||
$ pip install -r requirements.txt | ||
|
||
Launch Celery to keep track of jobs: | ||
|
||
$ cd pirus | ||
$ make cel &! | ||
|
||
Launch Pirus itself: | ||
|
||
$ make app &! | ||
|
||
Leave the pirus user session (Celery and the Pirus application are still running); this leaves the virtual environment at the same time: | ||
|
||
$ exit | ||
|
||
Configure nginx as a reverse proxy for the Pirus application and static assets: | ||
|
||
# echo 'upstream aiohttp_pirus | ||
{ | ||
server 127.0.0.1:8200 fail_timeout=0; | ||
} | ||
server | ||
{ | ||
listen 80; | ||
listen [::]:80; | ||
|
||
location / { | ||
# Need for websockets | ||
proxy_http_version 1.1; | ||
proxy_set_header Upgrade $http_upgrade; | ||
proxy_set_header Connection "upgrade"; | ||
|
||
proxy_set_header Host $http_host; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
proxy_redirect off; | ||
proxy_buffering off; | ||
proxy_pass http://aiohttp_pirus; | ||
} | ||
|
||
location /static { | ||
root /var/regovar/pirus; | ||
} | ||
}' > /etc/nginx/sites-available/pirus | ||
|
||
Disable the "Welcome to nginx!" page on port 80: | ||
|
||
# rm /etc/nginx/sites-enabled/default | ||
|
||
Enable the pirus site in nginx on port 80: | ||
|
||
# ln -s /etc/nginx/sites-available/pirus /etc/nginx/sites-enabled | ||
|
||
Restart nginx: | ||
|
||
# service nginx restart | ||
|
||
## Run Pirus in a container (optional and experimental) | ||
|
||
### Run containers inside containers | ||
You only to do this step once when you want to install Pirus for the first time. | ||
|
||
$ echo 'lxc.mount.auto = cgroup | ||
lxc.aa_profile = lxc-container-default-with-nesting' >> ~/.config/lxc/default.conf | ||
|
||
"The first will cause the cgroup manager socket to be bound into the container, so that lxc inside the container is able to administer cgroups for its nested containers. The second causes the container to run in a looser Apparmor policy which allows the container to do the mounting required for starting containers. Note that this policy, when used with a privileged container, is much less safe than the regular policy or an unprivileged container." See [LXC documentation on Ubuntu help](https://help.ubuntu.com/lts/serverguide/lxc.html). | ||
|
||
### Create a lxc container and start it | ||
You need to do these steps every time you want to install Pirus in a container. | ||
|
||
$ lxc-create -n regovar_pirus -t download -- -d ubuntu -r xenial -a amd64 | ||
$ lxc-start -n regovar_pirus | ||
$ lxc-attach -n regovar_pirus | ||
|
||
### Restart a stopped container | ||
If you have stopped a container either manually or by stopping the host computer, you can restart it. | ||
|
||
$ lxc-start -n regovar_pirus | ||
$ lxc-attach -n regovar_pirus |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
Optional, if you want to wrap Pirus into a lxc container: | ||
$ echo 'lxc.mount.auto = cgroup | ||
lxc.aa_profile = lxc-container-default-with-nesting' >> ~/.config/lxc/default.conf | ||
$ lxc-create -n regovar_pirus -t download -- -d ubuntu -r xenial -a amd64 | ||
$ lxc-start -n regovar_pirus | ||
$ lxc-attach -n regovar_pirus | ||
|
||
Installation script for Pirus on a fresh Ubuntu Xenial: | ||
# apt update && apt upgrade | ||
# apt install git ca-certificates nginx rabbitmq-server mongodb lxd build-essential libssl-dev libffi-dev python3-dev virtualenv | ||
# newgrp lxd | ||
# lxd init | ||
# useradd pirus --create-home | ||
# sudo usermod -a -G lxd pirus | ||
# mkdir -p /var/regovar/pirus/{cache,downloads,files,databases,pipelines,runs} | ||
# chown -R pirus:pirus /var/regovar/pirus | ||
# su pirus | ||
$ lxc launch images:ubuntu/xenial firstContainerToInitLxd | ||
$ lxc delete firstContainerToInitLxd --force | ||
$ git clone https://github.com/REGOVAR/Pirus.git ~/Pirus | ||
$ cd ~/Pirus | ||
$ virtualenv -p /usr/bin/python3.5 venv | ||
$ source venv/bin/activate | ||
$ pip install -r requirements.txt | ||
$ cd pirus | ||
$ make cel &! | ||
$ make app &! | ||
$ exit | ||
# echo 'upstream aiohttp_pirus | ||
{ | ||
server 127.0.0.1:8200 fail_timeout=0; | ||
} | ||
server | ||
{ | ||
listen 80; | ||
listen [::]:80; | ||
|
||
location / { | ||
# Need for websockets | ||
proxy_http_version 1.1; | ||
proxy_set_header Upgrade $http_upgrade; | ||
proxy_set_header Connection "upgrade"; | ||
|
||
proxy_set_header Host $http_host; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
proxy_redirect off; | ||
proxy_buffering off; | ||
proxy_pass http://aiohttp_pirus; | ||
} | ||
|
||
location /static { | ||
root /var/regovar/pirus; | ||
} | ||
}' > /etc/nginx/sites-available/pirus | ||
# rm /etc/nginx/sites-enabled/default | ||
# ln -s /etc/nginx/sites-available/pirus /etc/nginx/sites-enabled | ||
# /etc/init.d/nginx restart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters