Container Applications
Note
Please consult the detailed usage in the help of each command
(use -h or --help argument to display the manual).
Starting a session and connecting to its Jupyter Notebook
The following command first spawns a Python session named "mysession"
without running any code immediately, and then executes a local proxy which
connects to the "jupyter" service running inside the session via the local
TCP port 9900.
The start command shows application services provided by the created
compute session so that you can choose one in the subsequent app
command.
In the start command, you can specify detailed resource options using
-r and storage mounts using -m parameter.
backend.ai start -t mysession python
backend.ai app -b 9900 mysession jupyterOnce executed, the app command waits for the user to open the displayed
address using appropriate application.
For the jupyter service, use your favorite web browser just like the
way you use Jupyter Notebooks.
To stop the app command, press Ctrl+C or send the SIGINT signal.
Accessing sessions via a web terminal
All Backend.AI sessions expose an intrinsic application named "ttyd".
It is an web application that embeds xterm.js-based full-screen terminal
that runs on web browsers.
backend.ai start -t mysession ...
backend.ai app -b 9900 mysession ttydThen open http://localhost:9900 to access the shell in a fully
functional web terminal using browsers.
The default shell is /bin/bash for Ubuntu/CentOS-based images and
/bin/ash for Alpine-based images with a fallback to /bin/sh.
Note
This shell access does NOT grant your root access. All compute session processes are executed as the user privilege.
Accessing sessions via native SSH/SFTP
Backend.AI offers direct access to compute sessions (containers) via SSH
and SFTP, by auto-generating host identity and user keypairs for all
sessions.
All Baceknd.AI sessions expose an intrinsic application named "sshd"
like "ttyd".
To connect your sessions with SSH, first prepare your session and download
an auto-generated SSH keypair named id_container.
Then start the service port proxy ("app" command) to open a local TCP port
that proxies the SSH/SFTP traffic to the compute sessions:
$ backend.ai start -t mysess ...
$ backend.ai download mysess id_container
$ mv id_container ~/.ssh
$ backend.ai app mysess sshd -b 9922In another terminal on the same PC, run your ssh client like:
$ ssh -o StrictHostKeyChecking=no \
> -o UserKnownHostsFile=/dev/null \
> -i ~/.ssh/id_container \
> work@localhost -p 9922
Warning: Permanently added '[127.0.0.1]:9922' (RSA) to the list of known hosts.
f310e8dbce83:~$This SSH port is also compatible with SFTP to browse the container's filesystem and to upload/download large-sized files.
You could add the following to your ~/.ssh/config to avoid type
extra options every time.
Host localhost
User work
IdentityFile ~/.ssh/id_container
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
$ ssh localhost -p 9922Warning
Since the SSH keypair is auto-generated every time when your launch a new compute session, you need to download and keep it separately for each session.
To use your own SSH private key across all your sessions without
downloading the auto-generated one every time, create a vfolder named
.ssh and put the authorized_keys file that includes the public key.
The keypair and .ssh directory permissions will be automatically
updated by Backend.AI when the session launches.
$ ssh-keygen -t rsa -b 2048 -f id_container
$ cat id_container.pub > authorized_keys
$ backend.ai vfolder create .ssh
$ backend.ai vfolder upload .ssh authorized_keys