-
Notifications
You must be signed in to change notification settings - Fork 53
252 lines (225 loc) · 10.5 KB
/
z_create_config_callable.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
name : Create Config Callable Workflow
on:
workflow_call:
inputs:
resource_group:
description: 'Name of the resource group to deploy in - In case of an existing resource group the environment will be updated'
required: true
default: 'AUTO_GENERATED'
type: string
location:
description: 'Azure location where to deploy to - default to westeurope'
required: true
default: 'westeurope'
type: string
scheduler:
description: 'Job Scheduler to be installed : openpbs/slurm'
required: true
default: 'slurm' # use it with ${{ inputs.scheduler }}
type: string
images:
description: 'Images to be used (marketplace/shared) or built (private): marketplace/shared/private'
required: false
default: 'marketplace' # use it with ${{ inputs.images }}
type: string
lustre:
description: 'Deploy a Lustre cluster (true/false) - Default to false'
required: false
default: 'false' # use it with ${{ inputs.lustre }}
type: string
home_type:
description: 'Home directory type anf/azurefiles- Default to anf'
required: false
default: 'anf' # use it with ${{ inputs.home_type }}
type: string
user_auth:
description: 'User Authentication: local/ad - Default to ad'
required: false
default: 'ad' # use it with ${{ inputs.user_auth }}
type: string
monitoring:
description: 'Monitoring agent - ama, grafana, none - Default to grafana'
required: false
default: 'grafana' # use it with ${{ inputs.monitoring }}
type: string
infra_os:
description: 'Operating System for the infrastructure: centos/almalinux/ubuntu - Default to almalinux'
required: false
default: 'almalinux' # use it with ${{ inputs.infra_os }}
type: string
cycle_slurm_version:
description: 'Version of the cyclecloud slurm project 2.7 or 3.0 - default to 2.7'
required: false
default: '3.0' # use it with ${{ inputs.cycle_slurm_version }}
type: string
outputs:
resource_group:
description: 'Resource group name'
value: ${{ jobs.build_config.outputs.resource_group }}
secrets:
ARM_SUBSCRIPTION_ID:
required: true
ARM_TENANT_ID:
required: true
REGISTRY_USERNAME:
required: true
REGISTRY_PASSWORD:
required: true
env:
AZHOP_CONFIGURATION: '.github/workflows/configs/base.yml'
AZHOP_CONFIGURATION_DIR: '.github/workflows/configs'
AZHOP_LUSTRE_CONFIGURATION: '.github/workflows/configs/lustre.yml'
AZHOP_IMAGES_CONFIGURATION: '.github/workflows/configs/images.yml'
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
AZHOP_STATE_CONTAINER: environments
AZHOP_STATE_ACCOUNT: azhopstates
SHARED_SIG: /subscriptions/${{ secrets.ARM_SUBSCRIPTION_ID }}/resourceGroups/azhop_build_images/providers/Microsoft.Compute/galleries/azhop_4ehhye3z
defaults:
run:
shell: bash
jobs:
build_config:
name: Build configuration file
runs-on: self-hosted
permissions:
contents: read
timeout-minutes: 60
container:
image: azhop.azurecr.io/hpcrover:latest
credentials:
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
options: --user 0
outputs:
resource_group: ${{ steps.build_config.outputs.resource_group }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Login azure
run: |
source /miniconda/bin/activate
az login --identity
az account set -s ${{ env.ARM_SUBSCRIPTION_ID }}
echo "local user: $(whoami)"
- name: Build config file
id: build_config
run: |
set -e
source /miniconda/bin/activate
# If resource group is not specified, generate a random one
RESOURCE_GROUP=${{ inputs.resource_group }}
echo "Resource group name is $RESOURCE_GROUP"
if [ "$RESOURCE_GROUP" = "AUTO_GENERATED" ]; then
UUID="$(cat /proc/sys/kernel/random/uuid | tr -d '\n-' | tr '[:upper:]' '[:lower:]' | cut -c 1-6)"
RESOURCE_GROUP="azhop_$UUID"
fi
# If the resource group exists, download the latest state, if not build a new configuration file
rg_exists=$(az group exists -n $RESOURCE_GROUP)
if [ "$rg_exists" = "true" ]; then
./azhop_state.sh download ${{ env.AZHOP_STATE_ACCOUNT }} ${{ env.AZHOP_STATE_CONTAINER }} $RESOURCE_GROUP
else
# Update the default configuration with the resource group name and dual protocol options
sed "s/__RESOURCE_GROUP__/$RESOURCE_GROUP/g" $AZHOP_CONFIGURATION > config.yml
# Add Infra VM OS configuration
INFRA_OS=${{ inputs.infra_os }}
cat $AZHOP_CONFIGURATION_DIR/$INFRA_OS.yml >> config.yml
# Add scheduler configuration
SCHEDULER=${{ inputs.scheduler }}
CYCLE_SLURM_VERSION=${{ inputs.cycle_slurm_version }}
case $SCHEDULER in
slurm)
cat $AZHOP_CONFIGURATION_DIR/${SCHEDULER}_${CYCLE_SLURM_VERSION}.yml >> config.yml
;;
openpbs)
cat $AZHOP_CONFIGURATION_DIR/$SCHEDULER.yml >> config.yml
;;
esac
sed -i "s/__SCHEDULER__/$SCHEDULER/g" config.yml
# Add local configuration
LOCATION=${{ inputs.location }}
sed -i "s/__LOCATION__/$LOCATION/g" config.yml
# Add home directory configuration
HOME_TYPE=${{ inputs.home_type }}
sed -i "s/__HOME_TYPE__/$HOME_TYPE/g" config.yml
cat $AZHOP_CONFIGURATION_DIR/$HOME_TYPE.yml >> config.yml
# Add lustre configuration if lustre is true
DEPLOY_LUSTRE=${{ inputs.lustre }}
if [ "$DEPLOY_LUSTRE" == "true" ]; then
cat $AZHOP_LUSTRE_CONFIGURATION >> config.yml
fi
# Add user authentication configuration
USER_AUTH=${{ inputs.user_auth }}
if [ "$USER_AUTH" == "local" ]; then
cat $AZHOP_CONFIGURATION_DIR/auth_$USER_AUTH.yml >> config.yml
else
cat $AZHOP_CONFIGURATION_DIR/auth_$USER_AUTH.yml >> config.yml
fi
# Add application configuration
cat $AZHOP_CONFIGURATION_DIR/app_mini.yml >> config.yml
# Add monitoring configuration
MONITORING=${{ inputs.monitoring }}
cat $AZHOP_CONFIGURATION_DIR/monitor_$MONITORING.yml >> config.yml
# Configure images
IMAGES=${{ inputs.images }}
case $IMAGES in
marketplace)
echo "Using marketplace images"
sed -i 's|__ALMA8_PLAN__||g' config.yml
;;
shared)
echo "Using shared images"
sed -i "s|azhpc:azhop-compute:centos-7_9:latest|$SHARED_SIG/azhop-compute-centos-7_9/latest|g" config.yml
sed -i "s|azhpc:azhop-desktop:centos-7_9:latest|$SHARED_SIG/azhop-desktop-centos-7_9/latest|g" config.yml
sed -i "s|azhpc:azhop-compute:almalinux-8_7:latest|$SHARED_SIG/azhop-compute-almalinux-8_7/latest|g" config.yml
sed -i "s|azhpc:azhop-desktop:almalinux-8_7:latest|$SHARED_SIG/azhop-desktop-almalinux-8_7/latest|g" config.yml
sed -i "s|azhpc:azhop-compute:ubuntu-20_04:latest|$SHARED_SIG/azhop-compute-ubuntu-2004/latest|g" config.yml
sed -i "s|__ALMA8_PLAN__|plan: almalinux:almalinux-hpc:8_7-hpc-gen2|g" config.yml
;;
private)
echo "Using private images"
cat $AZHOP_IMAGES_CONFIGURATION >> config.yml
SIG="/subscriptions/{{subscription_id}}/resourceGroups/{{resource_group}}/providers/Microsoft.Compute/galleries/{{sig_name}}/images"
sed -i "s|azhpc:azhop-compute:centos-7_9:latest|$SIG/azhop-compute-centos-7_9/latest|g" config.yml
sed -i "s|azhpc:azhop-desktop:centos-7_9:latest|$SIG/azhop-desktop-centos-7_9/latest|g" config.yml
sed -i "s|azhpc:azhop-compute:almalinux-8_7:latest|$SIG/azhop-compute-almalinux-8_7/latest|g" config.yml
sed -i "s|azhpc:azhop-desktop:almalinux-8_7:latest|$SIG/azhop-desktop-almalinux-8_7/latest|g" config.yml
sed -i "s|azhpc:azhop-compute:ubuntu-20_04:latest|$SIG/azhop-compute-ubuntu-2004/latest|g" config.yml
sed -i "s|__ALMA8_PLAN__|plan: almalinux:almalinux-hpc:8_7-hpc-gen2|g" config.yml
;;
esac
# If peering, then find out which IP range can be used
peered_vnet=$(yq eval ".network.peering[0].vnet_name" config.yml)
if [ "$peered_vnet" != "null" ]; then
peered_vnet_rg=$(yq eval ".network.peering[0].vnet_resource_group" config.yml)
# fill up range mapping
declare -A range_mapping
for i in $(seq 0 1 255); do
range_mapping[$i]=0
done
# Get all peered IP ranges
remoteAddressSpace=$(az network vnet peering list --resource-group $peered_vnet_rg --vnet-name $peered_vnet --query '[].remoteAddressSpace.addressPrefixes' -o tsv)
for address in $remoteAddressSpace; do
echo "Peered IP range: $address"
# Get the second octet of the IP range
octet=$(echo $address | cut -d. -f2)
range_mapping[$octet]=1
done
echo ${range_mapping[@]}
second_octet=$(( ( RANDOM % 254 ) + 1 ))
while [ ${range_mapping[$second_octet]} == 1 ]; do
second_octet=$(( ( RANDOM % 254 ) + 1 ))
done
echo "Second octet: $second_octet"
sed_exp="s/10.128/10.$second_octet/g"
sed -i $sed_exp config.yml
fi
fi
# write the name of the resource group in the output of the job so it can be reused in others
echo "RESOURCE_GROUP=$RESOURCE_GROUP" >> $GITHUB_OUTPUT
ls -al
cat config.yml
./azhop_state.sh upload ${{ env.AZHOP_STATE_ACCOUNT }} ${{ env.AZHOP_STATE_CONTAINER }}
# write the configuration in the output of the job so it can be reused in others
#echo "config=$(yq config.yml -o json | jq '.' -c)" >> $GITHUB_OUTPUT