Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tier 1 Experience Provisioning Virtualized Worker Nodes on Demand Ian Collier, Andrew Lahiff UK Tier 1 Centre, RAL ISGC 2014.

Published byGloria Whitehead Modified over 8 years ago

Similar presentations

Presentation on theme: "Tier 1 Experience Provisioning Virtualized Worker Nodes on Demand Ian Collier, Andrew Lahiff UK Tier 1 Centre, RAL ISGC 2014."— Presentation transcript:

1 Tier 1 Experience Provisioning Virtualized Worker Nodes on Demand Ian Collier, Andrew Lahiff UK Tier 1 Centre, RAL ISGC 2014

2 2 Outline STFC Scientific Computing Department cloud What we did –The problem –The RAL batch system –Provisioning worker nodes –VM lifetime –Images –Fairshares Testing Monitoring

3 3 SCD cloud Prototype cloud –Gain practical experience –Test potential use cases of a private cloud Using StratusLab –Based on OpenNebula –Easy to setup – Quattor configuration provided Using iSCSi & LVM based persistent disk storage –Caches images –Instantiation very fast, ~20-30 secs or less Hardware –Cloud front end on a VM (hosted on Hyper-V) –Persistent disk store on a 18TB retired disk server –Hypervisors: ~ 100 retired worker nodes (8 cores, 16 GB RAM)

4 4 SCD cloud Usage –Available to all SCD staff on a self-service basis –Very useful for testing & development –Around 30 active users However –The cloud resources are largely idle –Our batch system has the opposite problem Many idle jobs, not enough resources Can we easily make use of the idle cloud resources in our batch system?

5 Initial situation: partitioned resources –Worker nodes (batch system) –Hypervisors (cloud) Likely to be a common situation at sites providing both grid & cloud resources Ideal situation: completely dynamic –If batch system busy but cloud not busy Expand batch system into the cloud –If cloud busy but batch system not busy Expand size of cloud, reduce amount of batch system resources 5 The problem cloudbatch cloudbatch

6 6 The problem First step –Still with partitioned resources Hypervisors Physical worker nodes –Allow the batch system to expand into the cloud Using virtual worker nodes Main aspects to consider –Provisioning virtual machines as they are required –Adding new virtual worker nodes to the batch system –Removing virtual worker nodes

7 Last year RAL migrated from Torque + Maui to HTCondor HTCondor has a somewhat different design to other batch systems –Jobs states their requirements & preferences –Machines (WNs) state their requirements & preferences –Represented as ClassAds List of AttributeName = Value or AttributeName = Expression Stored by the collector –Negotiator matches jobs to machines HTCondor therefore works very well with dynamic resources –This is what it was originally designed for –Adding & removing worker nodes is trivial New worker nodes advertise to the collector Provided they have appropriate privileges to join the HTCondor pool, can run jobs –No complicated procedures that other batch systems may require No hard-wired list of WNs No pre-configuration of potential WNs No restarting of any services 7 RAL batch system

8 8 Provisioning worker nodes We have chosen to –Avoid running additional third-party and/or complex services –Use existing functionality in the batch system as much as possible HTCondor’s existing power management features –Entering a low power state HIBERNATE expression can define when a slot is ready to enter a low power state When true for all slots, machine will go into the specified low power state –Machines in the low power state are “offline” The collector can keep offline ClassAds –Returning from a low power state condor_rooster daemon responsible for waking up hibernating machines By default will send UDP Wake On LAN –But this can be replaced by a user-defined script –When there are idle jobs Negotiator can match jobs to offline ClassAds condor_rooster daemon notices this match & wakes up the machine

9 Advertise appropriate offline ClassAd(s) to the collector –Hostname used is a random string –In our use case these represents types of VMs, rather than specific machines E.g. for VO-specific VMs, have an offline ClassAd for each type of VM condor_rooster –Enable this daemon –Configure to run appropriate command to instantiate a VM Contextualisation using CloudInit HTCondor pool password inserted into the VM Volatile disks created on hypervisor’s local disk for: –/tmp –job scratch area –CVMFS cache When there are idle jobs –Negotiator can match jobs to the offline ClassAd Configured so that online machines are preferred to offline –condor_rooster daemon notices this match Instantiates a VM 9 Provisioning worker nodes

10 Batch system 10 Provisioning worker nodes condor_collectorcondor_negotiator Worker nodes condor_startd ARC/CREAM CEs condor_schedd Central manager

11 Batch system & cloud resources 11 Provisioning worker nodes condor_collectorcondor_negotiator Worker nodes condor_startd StratusLab ARC/CREAM CEs condor_schedd Central manager

12 Using cloud resources 12 Provisioning worker nodes condor_collectorcondor_negotiator Worker nodes condor_startd condor_rooster Virtual worker nodes condor_startd StratusLab ARC/CREAM CEs condor_schedd Central manager

13 13 VM lifetime Using short-lived VMs –Only accept jobs for a limited time period before shutting down HTCondor on the worker node controls everything –START expression New jobs allowed to start only for a limited time period since the VM was instantiated New jobs allowed to start only if the VM is healthy –HIBERNATE expression VM is shutdown after machine has been idle for too long Very simple –Don’t need external systems trying to determine if VMs are idle or not

14 14 VM lifetime Benefits of short-lived VMs –Rolling updates easy, e.g. kernel errata Problems –Inefficiencies due to constantly draining worker nodes –Could be resolved by Using single core VMs rather than multicore Run short jobs if possible while long running jobs are finishing Alternatively, could use long-running VMs –Giving back resources to other cloud users takes longer

15 15 Health-check Worker nodes are being created dynamically –Need to ensure we’re not just creating black holes Using same health-check script as on our physical HTCondor worker nodes –Runs as a HTCondor startd cron Puts information into ClassAds as a result of executing a custom script –Current checks: CVMFS Read-only file system Space left on job scratch area partition Swap usage –Prevents jobs from starting if there’s a problem E.g. if atlas.cern.ch CVMFS broken, only prevents new ATLAS jobs from starting Broken virtual WNs will remain idle & eventually die

16 16 Images EMI-2 SL6 worker node, same as our physical production worker nodes –Only images created by RAL Tier-1 sys admins are used Therefore are trusted –Experiments/users can’t provide images In the future this could change Privileges compared to physical worker nodes –Generally the same E.g. read/write permissions for storage system (CASTOR) –Except HTCondor pool password not built in to images –inserted during instantiation

17 17 Fairshares Opportunistic use of the cloud –Almost always have idle jobs in the batch system Would just completely take over the cloud –Can specify a fixed quota, but this isn’t really enough –Unfortunately clouds don’t support fairshares Currently using a simple method –Choose cores & memory per VM for cloud worker nodes such that there will always be some resources left per hypervisor E.g. with 8 core 16 GB hypervisors, use 4 core 12 GB VMs –Simple starting point, but not ideal E.g. what if other users want VMs with large numbers of CPUs or memory?

18 Testing in production –Initial test with production HTCondor pool –Ran around 11,000 real jobs, including jobs from all LHC VOs –Started with 4-core 12GB VMs, then changed to 3-core 9GB VMs 18 Testing Hypervisors enabled condor_rooster disabled Starting using 3-core VMs

19 Load on persistent disk storage –Only /tmp, job scratch area, CVMFS cache on disk local to the hypervisor. Everything else on p-disk server. –Expected this to be the main source of scaling problems In small-scale testing there wasn’t much load 19 Testing

20 Physical worker node monitoring at the RAL Tier-1 –Pakiti Monitors status of nodes with respect to patches –Logging Log files (e.g. /var/log/messages) sent to central loggers –Nagios 28 checks, including –CVMFS repositories –Space left on different partitions –Swap –Load –Dmesg –Linux NTP drift –Temperature –… 20 Monitoring

21 Issues with dynamic resources –Nagios designed for static resources Can’t handle machines coming & going Probably don’t need Nagios at all for virtual worker nodes –Provided jobs won’t start if WN is broken and broken WNs eventually shutdown –Maintaining a history of VMs What happens if a VM is created, causes lots of jobs to fail before finally shutting down? What happens if there is a security incident involving a short-lived virtual WN? –Effect on infrastructure What if the batch system encountered scaling problems overnight when lots of new worker nodes were added? 21 Monitoring

22 Developed a method for including dynamically-provisioned worker nodes into the RAL Tier-1 batch system –Very simple –Relies entirely on leveraging existing HTCondor functionality –Successfully tested Next steps –StratusLab cloud will be decommissioned –Setting up production OpenNebula cloud 900 vCPUs, 3.5 TB RAM, ~1 PB storage (Ceph) –Move dynamically-provisioned worker nodes into production –Development/testing required Improvements in handling fairshare between batch system & cloud resources Making the boundary between batch system & cloud completely elastic 22 Summary

23 Questions? Comments? 23

Download ppt "Tier 1 Experience Provisioning Virtualized Worker Nodes on Demand Ian Collier, Andrew Lahiff UK Tier 1 Centre, RAL ISGC 2014."

Similar presentations

Cloud Computing at the RAL Tier 1 Ian Collier STFC RAL Tier 1 GridPP 30, Glasgow, 26th March 2013.

Cloud Computing at the RAL Tier 1 Ian Collier STFC RAL Tier 1 GridPP 30, Glasgow, 26th March 2013.
Current methods for negotiating firewalls for the Condor ® system Bruce Beckles (University of Cambridge Computing Service) Se-Chang Son (University of.

Current methods for negotiating firewalls for the Condor ® system Bruce Beckles (University of Cambridge Computing Service) Se-Chang Son (University of.
Building a secure Condor ® pool in an open academic environment Bruce Beckles University of Cambridge Computing Service.

Building a secure Condor ® pool in an open academic environment Bruce Beckles University of Cambridge Computing Service.
Tier-1 Evolution and Futures GridPP 29, Oxford Ian Collier September 27 th 2012.

Tier-1 Evolution and Futures GridPP 29, Oxford Ian Collier September 27 th 2012.
HTCondor and the European Grid Andrew Lahiff STFC Rutherford Appleton Laboratory European HTCondor Site Admins Meeting 2014.

HTCondor and the European Grid Andrew Lahiff STFC Rutherford Appleton Laboratory European HTCondor Site Admins Meeting 2014.
Cloud & Virtualisation Update at the RAL Tier 1 Ian Collier Andrew Lahiff STFC RAL Tier 1 HEPiX, Lincoln, NEBRASKA, 17 th October 2014.

Cloud & Virtualisation Update at the RAL Tier 1 Ian Collier Andrew Lahiff STFC RAL Tier 1 HEPiX, Lincoln, NEBRASKA, 17 th October 2014.
HTCondor at the RAL Tier-1

HTCondor at the RAL Tier-1
Ceph vs Local Storage for Virtual Machine 26 th March 2015 HEPiX Spring 2015, Oxford Alexander Dibbo George Ryall, Ian Collier, Andrew Lahiff, Frazer Barnsley.

Ceph vs Local Storage for Virtual Machine 26 th March 2015 HEPiX Spring 2015, Oxford Alexander Dibbo George Ryall, Ian Collier, Andrew Lahiff, Frazer Barnsley.
HTCondor within the European Grid & in the Cloud

HTCondor within the European Grid & in the Cloud
WLCG Cloud Traceability Working Group progress Ian Collier Pre-GDB Amsterdam 10th March 2015.

WLCG Cloud Traceability Working Group progress Ian Collier Pre-GDB Amsterdam 10th March 2015.
CMS Diverse use of clouds David Colling

CMS Diverse use of clouds David Colling
CS-3013 & CS-502, Summer 2006 Memory Management1 CS-3013 & CS-502 Summer 2006.

CS-3013 & CS-502, Summer 2006 Memory Management1 CS-3013 & CS-502 Summer 2006.
1 Bridging Clouds with CernVM: ATLAS/PanDA example Wenjing Wu 2010-8-27.

1 Bridging Clouds with CernVM: ATLAS/PanDA example Wenjing Wu
CVMFS: Software Access Anywhere Dan Bradley Any data, Any time, Anywhere Project.

CVMFS: Software Access Anywhere Dan Bradley Any data, Any time, Anywhere Project.
Tier-1 experience with provisioning virtualised worker nodes on demand Andrew Lahiff, Ian Collier STFC Rutherford Appleton Laboratory, Harwell Oxford,

Tier-1 experience with provisioning virtualised worker nodes on demand Andrew Lahiff, Ian Collier STFC Rutherford Appleton Laboratory, Harwell Oxford,
Jaeyoung Yoon Computer Sciences Department University of Wisconsin-Madison Virtual Machines in Condor.

Jaeyoung Yoon Computer Sciences Department University of Wisconsin-Madison Virtual Machines in Condor.
The SAM-Grid Fabric Services Gabriele Garzoglio (for the SAM-Grid team) Computing Division Fermilab.

The SAM-Grid Fabric Services Gabriele Garzoglio (for the SAM-Grid team) Computing Division Fermilab.
Pilots 2.0: DIRAC pilots for all the skies Federico Stagni, A.McNab, C.Luzzi, A.Tsaregorodtsev On behalf of the DIRAC consortium and the LHCb collaboration.

Pilots 2.0: DIRAC pilots for all the skies Federico Stagni, A.McNab, C.Luzzi, A.Tsaregorodtsev On behalf of the DIRAC consortium and the LHCb collaboration.
Two Years of HTCondor at the RAL Tier-1

Two Years of HTCondor at the RAL Tier-1
 Cloud computing  Workflow  Workflow lifecycle  Workflow design  Workflow tools : xcp, eucalyptus, open nebula.

 Cloud computing  Workflow  Workflow lifecycle  Workflow design  Workflow tools : xcp, eucalyptus, open nebula.

Similar presentations

Ads by Google