## Reserve and configure resources on FABRIC

Before you run this experiment, you will:

-   define the specific configuration of resources you need.
-   “instantiate” an experiment with your reserved resources.
-   wait for your resources to be configured.
-   log in to resources to carry out the experiment.

This exercise will guide you through those steps.

### Configure environment

In [None]:
from fabrictestbed_extensions.fablib.fablib import FablibManager as fablib_manager
fablib = fablib_manager() 
conf = fablib.show_config()

### Define configuration for this experiment (3 VMs)

For this specific experiment, we will need three virtual machines connected to a common network. Each of the virtual machines will be of the `m1.large` type, with 4 VCPUs, 8 GB memory, 40 GB disk space.

In [None]:
import os
slice_name = "k8s_" + os.getenv('NB_USER')

node_conf = [
 {'name': "node-0", 'cores': 4, 'ram': 8, 'disk': 40, 'image': 'default_ubuntu_22', 'packages': ["virtualenv"]}, 
 {'name': "node-1", 'cores': 4, 'ram': 8, 'disk': 40, 'image': 'default_ubuntu_22', 'packages': []}, 
 {'name': "node-2", 'cores': 4, 'ram': 8, 'disk': 40, 'image': 'default_ubuntu_22', 'packages': []} 
]
net_conf = [
 {"name": "net0", "subnet": "192.168.1.0/24", "nodes": [{"name": "node-0",   "addr": "192.168.1.10"}, {"name": "node-1", "addr": "192.168.1.11"}, {"name": "node-2", "addr": "192.168.1.12"}]},
]
route_conf = []

exp_conf = {'cores': sum([ n['cores'] for n in node_conf]), 'nic': sum([len(n['nodes']) for n in net_conf]) }


### Reserve resources

Now, we are ready to reserve resources!

First, make sure you don’t already have a slice with this name:

In [None]:
try:
    slice = fablib.get_slice(slice_name)
    print("You already have a slice by this name!")
    print("If you previously reserved resources, skip to the 'log in to resources' section.")
except:
    print("You don't have a slice named %s yet." % slice_name)
    print("Continue to the next step to make one.")
    slice = fablib.new_slice(name=slice_name)

We will select a site for our experiment that has an IPv4 management network - otherwise, setting up the cluster is more complicated:

In [None]:
import random
site_name = random.choice(["UCSD", "FIU", "SRI"])
fablib.show_site(site_name)

Then we will add hosts and network segments:

In [None]:
# this cell sets up the nodes
for n in node_conf:
    slice.add_node(name=n['name'], site=site_name, 
                   cores=n['cores'], 
                   ram=n['ram'], 
                   disk=n['disk'], 
                   image=n['image'])

In [None]:
# this cell sets up the network segments
for n in net_conf:
    ifaces = [slice.get_node(node["name"]).add_component(model="NIC_Basic", 
                                                 name=n["name"]).get_interfaces()[0] for node in n['nodes'] ]
    slice.add_l2network(name=n["name"], type='L2Bridge', interfaces=ifaces)

The following cell submits our request to the FABRIC site. The output of this cell will update automatically as the status of our request changes.

-   While it is being prepared, the “State” of the slice will appear as “Configuring”.
-   When it is ready, the “State” of the slice will change to “StableOK”.

You may prefer to walk away and come back in a few minutes (for simple slices) or a few tens of minutes (for more complicated slices with many resources).

In [None]:
slice.submit()

In [None]:
slice.get_state()
slice.wait_ssh(progress=True)

### Configure resources

Next, we will configure the resources so they are ready to use.

In [None]:
slice = fablib.get_slice(name=slice_name)

In [None]:
# install packages
# this will take a while and will run in background while you do other steps
for n in node_conf:
    if len(n['packages']):
        node = slice.get_node(n['name'])
        pkg = " ".join(n['packages'])
        node.execute_thread("sudo apt update; sudo DEBIAN_FRONTEND=noninteractive apt -y install %s" % pkg)

In [None]:
# bring interfaces up and either assign an address (if there is one) or flush address
from ipaddress import ip_address, IPv4Address, IPv4Network

for net in net_conf:
    for n in net['nodes']:
        if_name = n['name'] + '-' + net['name'] + '-p1'
        iface = slice.get_interface(if_name)
        iface.ip_link_up()
        if n['addr']:
            iface.ip_addr_add(addr=n['addr'], subnet=IPv4Network(net['subnet']))
        else:
            iface.get_node().execute("sudo ip addr flush dev %s"  % iface.get_device_name())

In [None]:
# prepare a "hosts" file that has names and addresses of every node
hosts_txt = [ "%s\t%s" % ( n['addr'], n['name'] ) for net in net_conf  for n in net['nodes'] if type(n) is dict and n['addr']]
for n in slice.get_nodes():
    for h in hosts_txt:
        n.execute("echo %s | sudo tee -a /etc/hosts" % h)

In [None]:
# enable IPv4 forwarding on all nodes
for n in slice.get_nodes():
    n.execute("sudo sysctl -w net.ipv4.ip_forward=1")

In [None]:
# set up static routes
for rt in route_conf:
    for n in rt['nodes']:
        slice.get_node(name=n).ip_route_add(subnet=IPv4Network(rt['addr']), gateway=rt['gw'])

### Draw the network topology

The following cell will draw the network topology, for your reference. The interface name and addresses of each experiment interface will be shown on the drawing.

In [None]:
l2_nets = [(n.get_name(), {'color': 'lavender'}) for n in slice.get_l2networks() ]
l3_nets = [(n.get_name(), {'color': 'pink'}) for n in slice.get_l3networks() ]
hosts   =   [(n.get_name(), {'color': 'lightblue'}) for n in slice.get_nodes()]
nodes = l2_nets + l3_nets + hosts
ifaces = [iface.toDict() for iface in slice.get_interfaces()]
edges = [(iface['network'], iface['node'], 
          {'label': iface['physical_dev'] + '\n' + iface['ip_addr'] + '\n' + iface['mac']}) for iface in ifaces]

In [None]:
import networkx as nx
import matplotlib.pyplot as plt
plt.figure(figsize=(len(nodes),len(nodes)))
G = nx.Graph()
G.add_nodes_from(nodes)
G.add_edges_from(edges)
pos = nx.spring_layout(G)
nx.draw(G, pos, node_shape='s',  
        node_color=[n[1]['color'] for n in nodes], 
        node_size=[len(n[0])*400 for n in nodes],  
        with_labels=True);
nx.draw_networkx_edge_labels(G,pos,
                             edge_labels=nx.get_edge_attributes(G,'label'),
                             font_color='gray',  font_size=8, rotate=False);

### Use Kubespray to prepare a Kubernetes cluster

Now that are resources are “up”, we will use Kubespray, a software utility for preparing and configuring a Kubernetes cluster, to set them up as a cluster.

In [None]:
# install Python libraries required for Kubespray
remote = slice.get_node(name="node-0")
remote.execute("virtualenv -p python3 myenv")
remote.execute("git clone --branch release-2.22 https://github.com/kubernetes-sigs/kubespray.git")
_ = remote.execute("source myenv/bin/activate; cd kubespray; pip3 install -r requirements.txt")

In [None]:
# copy config files to correct locations
remote.execute("mv kubespray/inventory/sample kubespray/inventory/mycluster")
remote.execute("git clone https://github.com/teaching-on-testbeds/k8s-ml.git")
remote.execute("cp k8s-ml/config/k8s-cluster.yml kubespray/inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml")
remote.execute("cp k8s-ml/config/inventory.py    kubespray/contrib/inventory_builder/inventory.py")
remote.execute("cp k8s-ml/config/addons.yml      kubespray/inventory/mycluster/group_vars/k8s_cluster/addons.yml")

In [None]:
# build inventory for this specific topology
physical_ips = [n['addr'] for n in net_conf[0]['nodes']]
physical_ips_str = " ".join(physical_ips)
_ = remote.execute(f"source myenv/bin/activate; declare -a IPS=({physical_ips_str});"+"cd kubespray; CONFIG_FILE=inventory/mycluster/hosts.yaml python3 contrib/inventory_builder/inventory.py ${IPS[@]}")


In [None]:
# make sure "controller" node can SSH into the others
remote.execute('ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa -q -N ""')
public_key, stderr = remote.execute('cat ~/.ssh/id_rsa.pub', quiet=True)

for n in node_conf:
    node = slice.get_node(n['name'])
    print("Now copying key to node " + n['name'])
    node.execute(f'echo {public_key.strip()} >> ~/.ssh/authorized_keys')

In [None]:
# build the cluster
_ = remote.execute("source myenv/bin/activate; cd kubespray; ansible-playbook -i inventory/mycluster/hosts.yaml  --become --become-user=root cluster.yml")

In [None]:
# allow kubectl access for non-root user
remote.execute("sudo cp -R /root/.kube /home/ubuntu/.kube; sudo chown -R ubuntu /home/ubuntu/.kube; sudo chgrp -R ubuntu /home/ubuntu/.kube")

In [None]:
# check installation
_ = remote.execute("kubectl get nodes")

### Set up Docker

Now that we have a Kubernetes cluster, we have a framework in place for container orchestration. But we still need to set up Docker, for building, sharing, and running those containers.

In [None]:
# add the user to the "docker" group on all hosts
for n in node_conf:
    node = slice.get_node(n['name'])
    node.execute("sudo groupadd -f docker; sudo usermod -aG docker $USER")

In [None]:
# set up a private distribution registry on the "controller" node for distributing containers
# note: need a brand-new SSH session in order to "get" new group membership
remote.execute("docker run -d -p 5000:5000 --restart always --name registry registry:2")

In [None]:
# set up docker configuration on all the hosts
for n in node_conf:
    node = slice.get_node(n['name'])
    node.execute("sudo wget https://raw.githubusercontent.com/teaching-on-testbeds/k8s-ml/main/config/daemon.json -O /etc/docker/daemon.json")
    node.execute("sudo service docker restart")


In [None]:
# check configuration
remote.execute("docker run hello-world")

### Get SSH login details

At this point, we should be able to log in to our “controller” node over SSH! Run the following cell, and observe the output - you will see an SSH command this node.

In [None]:
print(remote.get_ssh_command())

Now, you can open an SSH session as follows:

-   In Jupyter, from the menu bar, use File \> New \> Terminal to open a new terminal.
-   Copy the SSH command from the output above, and paste it into the terminal.

You will also need to know how to transfer a file to the remote host from your local terminal. Later in this exercise, you will want to transfer a file named `model.keras` to the directory `~/k8s-ml/app/` on this remote host.

The easiest way is to use a free file upload service, then download the file on the remote host. For example:

-   upload your `model.keras` file to https://www.file.io/
-   copy the download link that is provided, and paste it in the following cell
-   un-comment the second line in the cell
-   run the cell

In [None]:
download_url = "https://file.io/XXXXXXXXXXXX" # replace this URL
# _ = remote.execute("wget " + download_url + " -O ~/k8s-ml/app/model.keras")