We assume that your system is configured with a sudoable admin user named devops. Also, you should already have a running etcd cluster, PostgreSQL and Redis servers as guided in previous step guides.
- warning
Prepare the values of the following variables before working with this page and replace their occurrences with the values when you follow the guide.
| Name | Meaning |
|---|---|
{NS} |
The etcd namespace (just create a unique string like domain names) |
{ETCDADDR} |
The etcd cluster address ({ETCDHOST}:{ETCDPORT}, localhost:2379 for development setup) |
{REDISADDR} |
The Redis server address ({REDISHOST}:{REDISPORT}, localhost:6389 for development setup) |
{DBADDR} |
The PostgreSQL server address ({DBHOST}:{DBPORT}, localhost:5442 for development setup) |
{DBUSER} |
The database username (e.g., postgres for development setup) |
{DBPASS} |
The database password (e.g., develove for development setup) |
{ENDPOINT} |
The DNS hostname of the API server (depending on your environment, this may be either a publicly registered domain or a local private domain) |
| Name | Meaning |
|---|---|
{SSLCERT} |
The path to your SSL certificate (bundled with CA chain certificates) |
{SSLPKEY} |
The path to your SSL private key |
{S3AKEY} |
The access key for AWS S3 or compatible services1 |
{S3SKEY} |
The secret key for AWS S3 or compatible services |
{DDAPIKEY} |
The Datadog API key |
{DDAPPKEY} |
The Datadog application key |
{SENTRYURL} |
The private Sentry report URL |
$ sudo apt-get -y update
$ sudo apt-get -y dist-upgrade
$ sudo apt-get install -y ca-certificates git-core nginx supervisor libsnappy-devHere are some optional but useful packages:
$ sudo apt-get install -y vim tmux htop(TODO)
Check out Install Python via pyenv </install/install-python-via-pyenv> for instructions.:raw-html-m2r:<br> Create a virtualenv named "venv-manager".
$ pyenv shell venv-manager
$ git clone --branch=master "https://github.com/lablup/backend.ai-manager" "backend.ai-manager"
$ cd backend.ai-manager
$ pip install -U pip setuptools
$ pip install -U -r requirements.txt$ sudo vi /etc/nginx/sites-available/gatewaymap http_connection connection_upgrade {
default upgrade;
'' close;
}
server {
server_name {ENDPOINT};
charset utf-8;
client_max_body_size 32M;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location / {
proxy_pass http://127.0.0.1:8081;
proxy_pass_request_headers on;
proxy_set_header Host "{ENDPOINT}";
proxy_redirect off;
proxy_buffering off;
proxy_read_timeout 600s;
}
location ~ ^/v\d+/stream/ {
proxy_pass http://127.0.0.1:8081;
proxy_pass_request_headers on;
proxy_set_header Host "{ENDPOINT}";
proxy_redirect off;
proxy_buffering off;
proxy_read_timeout 60s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
map http_connection connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name {ENDPOINT};
charset utf-8;
client_max_body_size 32M;
ssl_certificate {SSLCERT};
ssl_certificate_key {SSLPKEY};
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location / {
proxy_pass http://127.0.0.1:8081;
proxy_pass_request_headers on;
proxy_set_header Host "{ENDPOINT}";
proxy_redirect off;
proxy_buffering off;
proxy_read_timeout 600s;
}
location ~ ^/v\d+/stream/ {
proxy_pass http://127.0.0.1:8081;
proxy_pass_request_headers on;
proxy_set_header Host "{ENDPOINT}";
proxy_redirect off;
proxy_buffering off;
proxy_read_timeout 60s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}Check out the [[Install Monitoring and Logging Tools]] guide.
supervisord eases the management of daemonization lifecycles of user-defined programs.
$ sudo vi /etc/supervisor/conf.d/apps.conf[program:backendai-manager]
user = devops
stopsignal = TERM
stopasgroup = true
command = /home/devops/run-manager.sh$ vi /home/devops/init-venv.sh#!/bin/bash
export PYENV_ROOT="$HOME/.pyenv"
export PATH="$PYENV_ROOT/bin:$PATH"
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
pyenv shell venv-manager$ vi /home/devops/run-manager.sh#!/bin/bash
source /home/devops/init-venv.sh
umask 0002
export AWS_ACCESS_KEY_ID="{S3AKEY}"
export AWS_SECRET_ACCESS_KEY="{S3SKEY}"
export DATADOG_API_KEY={DDAPIKEY}
export DATADOG_APP_KEY={DDAPPKEY}
export RAVEN_URI="{SENTRYURL}"
exec python -m ai.backend.gateway.server \
--db-addr={DBHOST}:{DBPORT} \
--db-user={DBUSER} \
--db-password='{DBPASS}' \
--db-name=backend \
--etcd-addr {ETCDHOST}:{ETCDPORT} \
--namespace NS \
--redis-addr {REDISHOST}:{REDISPORT} \
--events-port 5002 \
--service-ip 127.0.0.1 \
--service-port 8081See the Prepare Databases for Manager </install/prepare-database-for-manager> guide.
$ sudo cp /etc/nginx/sites-enabled/default ../nginx.site-enabled.default
$ sudo rm /etc/nginx/sites-enabled/default
$ ln -s ../sites-available/gateway /etc/nginx/sites-enabled/gateway
$ sudo systemctl restart nginx$ sudo supervisorctl reread
$ sudo supervisorctl start backendai-manager
$ sudo service nginx restartAWS S3 is used to store the output files generated by the user code in kernels'
/home/work/.outputdirectory. If not specified, Backend.AI will just skip uploading generated files.↩