From 021cd1bd43299f55fb65f6ac11df8bc2e64ac2dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:01:30 +0100 Subject: [PATCH 01/20] use debian11 container for bootstrap --- .../workflows/build-and-publish-bootstrap-container.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-and-publish-bootstrap-container.yml b/.github/workflows/build-and-publish-bootstrap-container.yml index ea5a2272..ba7ef495 100644 --- a/.github/workflows/build-and-publish-bootstrap-container.yml +++ b/.github/workflows/build-and-publish-bootstrap-container.yml @@ -4,14 +4,14 @@ on: branches: - main paths: - - Dockerfile.bootstrap-prefix-centos8 + - Dockerfile.bootstrap-prefix-debian11 - bootstrap-prefix.sh pull_request: branches: - main paths: - - Dockerfile.bootstrap-prefix-centos8 + - Dockerfile.bootstrap-prefix-debian11 - bootstrap-prefix.sh # Declare default permissions as read only. @@ -48,7 +48,7 @@ jobs: - name: Build and push to GitHub Packages uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 #v3.2.0 with: - tags: ghcr.io/${{ env.REPOSITORY_OWNER }}/bootstrap-prefix:centos8 - file: Dockerfile.bootstrap-prefix-centos8 + tags: ghcr.io/${{ env.REPOSITORY_OWNER }}/bootstrap-prefix:debian11 + file: Dockerfile.bootstrap-prefix-debian11 platforms: linux/amd64, linux/arm64, linux/ppc64le push: ${{ github.event_name != 'pull_request' }} From ef63412a03620175cd9be4f9f989a91934ac7f52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:02:12 +0100 Subject: [PATCH 02/20] use debian11 instead of centos8 for the bootstrap --- Dockerfile.bootstrap-prefix-centos8 | 11 ----------- Dockerfile.bootstrap-prefix-debian11 | 17 +++++++++++++++++ 2 files changed, 17 insertions(+), 11 deletions(-) delete mode 100644 Dockerfile.bootstrap-prefix-centos8 create mode 100644 Dockerfile.bootstrap-prefix-debian11 diff --git a/Dockerfile.bootstrap-prefix-centos8 b/Dockerfile.bootstrap-prefix-centos8 deleted file mode 100644 index 0b69df62..00000000 --- a/Dockerfile.bootstrap-prefix-centos8 +++ /dev/null @@ -1,11 +0,0 @@ -FROM centos:8 - -COPY bootstrap-prefix.sh /usr/local/bin/bootstrap-prefix.sh - -RUN dnf install -y gcc gcc-c++ make diffutils gmp-devel perl -RUN chmod 755 /usr/local/bin/bootstrap-prefix.sh - -ENV LC_ALL=C -ENV PATH=/usr/local/bin:$PATH - -ENTRYPOINT ["/usr/local/bin/bootstrap-prefix.sh"] diff --git a/Dockerfile.bootstrap-prefix-debian11 b/Dockerfile.bootstrap-prefix-debian11 new file mode 100644 index 00000000..6c564328 --- /dev/null +++ b/Dockerfile.bootstrap-prefix-debian11 @@ -0,0 +1,17 @@ +FROM debian:11-slim + +COPY bootstrap-prefix.sh /usr/local/bin/bootstrap-prefix.sh + +RUN apt-get update +RUN apt-get install -y gcc g++ make diffutils libgmp-dev perl wget +RUN apt-get install -y git python3-pip python3-cryptography +RUN pip3 install --upgrade pip +RUN pip3 install ansible +RUN chmod 755 /usr/local/bin/bootstrap-prefix.sh + +ENV LC_ALL=C.UTF-8 +ENV PATH=/usr/local/bin:$PATH + +RUN groupadd -g 1000 portage && useradd -ms /bin/bash -u 1000 -g portage portage + +ENTRYPOINT ["/usr/local/bin/bootstrap-prefix.sh"] From 60c89f181938f433c4afa0da9fe7b167e68f0307 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:02:49 +0100 Subject: [PATCH 03/20] run on localhost --- ansible/playbooks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/playbooks/install.yml b/ansible/playbooks/install.yml index 75c1b123..ea9b5c96 100644 --- a/ansible/playbooks/install.yml +++ b/ansible/playbooks/install.yml @@ -1,7 +1,7 @@ # Playbook for installing the EESSI compatibility layer. --- - name: Install compatibility layer - hosts: cvmfsstratum0servers + hosts: localhost environment: PATH: "{{ gentoo_prefix_path }}/usr/sbin\ From 9ff7d51c367db30b1e6342685517912a329c60f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:03:03 +0100 Subject: [PATCH 04/20] dont run as root --- ansible/playbooks/install.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/ansible/playbooks/install.yml b/ansible/playbooks/install.yml index ea9b5c96..82b23af2 100644 --- a/ansible/playbooks/install.yml +++ b/ansible/playbooks/install.yml @@ -14,4 +14,3 @@ LC_ALL: C roles: - compatibility_layer - become: true From 0b1b4aaf8c1891186df26b152076cc22d5053be0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:03:53 +0100 Subject: [PATCH 05/20] remove singularity command variables --- ansible/playbooks/roles/compatibility_layer/defaults/main.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/defaults/main.yml b/ansible/playbooks/roles/compatibility_layer/defaults/main.yml index d9e657a6..caf79115 100644 --- a/ansible/playbooks/roles/compatibility_layer/defaults/main.yml +++ b/ansible/playbooks/roles/compatibility_layer/defaults/main.yml @@ -41,12 +41,8 @@ prefix_use_builtin_bootstrap: false prefix_custom_bootstrap_script: local: "{{ playbook_dir }}/../../bootstrap-prefix.sh" remote: /tmp/bootstrap-prefix.sh -prefix_singularity_command: "singularity exec -B {{ gentoo_prefix_path }}:{{ gentoo_prefix_path }}" -prefix_source: "docker://ghcr.io/eessi/bootstrap-prefix:centos8" prefix_source_options: "{{ gentoo_prefix_path }} noninteractive" prefix_install: >- - SINGULARITYENV_USE_CPU_CORES={{ ansible_processor_vcpus }} - {{ prefix_singularity_command }} {{ prefix_source }} {{ prefix_use_builtin_bootstrap | ternary('/usr/local/bin/bootstrap-prefix.sh', prefix_custom_bootstrap_script.remote) }} {{ prefix_source_options }} From 1d9763a083c8bfc44a6540f8d922372d357350e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:04:26 +0100 Subject: [PATCH 06/20] dont add portage user/group --- .../compatibility_layer/tasks/add_overlay.yml | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/add_overlay.yml b/ansible/playbooks/roles/compatibility_layer/tasks/add_overlay.yml index 23fc8ea5..894d8392 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/add_overlay.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/add_overlay.yml @@ -1,19 +1,5 @@ # Add a custom overlay to the Gentoo Prefix installation. --- -- name: Add portage user if missing - become: true - ansible.builtin.lineinfile: - path: /etc/passwd - regexp: portage - line: portage:x:250:250:portage:/var/tmp/portage:/bin/false - -- name: Add portage group if missing - become: true - ansible.builtin.lineinfile: - path: /etc/group - regexp: portage - line: portage::250:portage - - name: Install equery command (dependency for the portage module) ansible.builtin.command: cmd: emerge gentoolkit From 40fc2dfebec812cc069105d0261c4f926455c777 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:05:46 +0100 Subject: [PATCH 07/20] remove become directive --- .../roles/compatibility_layer/tasks/install_packages.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml b/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml index 0875c385..a633f25f 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml @@ -5,7 +5,6 @@ package: "@{{ item }}" state: present with_items: "{{ package_sets }}" - become: false tags: - set @@ -14,12 +13,10 @@ package: "{{ item }}" state: present with_items: "{{ prefix_packages }}" - become: false - name: "Get the username running the deployment (not root)" ansible.builtin.command: whoami changed_when: false - become: false register: username_on_host - name: "Fix permissions after installing as portage/root" @@ -28,4 +25,3 @@ group: "{{ username_on_host.stdout }}" path: "{{ gentoo_prefix_path }}" recurse: true - become: false From 08891587dae4ef37cd25e8849360c977149d6cdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:06:26 +0100 Subject: [PATCH 08/20] remove tasks for getting the username and fixing permissions --- .../compatibility_layer/tasks/install_packages.yml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml b/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml index a633f25f..4d0cb40e 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/install_packages.yml @@ -13,15 +13,3 @@ package: "{{ item }}" state: present with_items: "{{ prefix_packages }}" - -- name: "Get the username running the deployment (not root)" - ansible.builtin.command: whoami - changed_when: false - register: username_on_host - -- name: "Fix permissions after installing as portage/root" - ansible.builtin.file: - owner: "{{ username_on_host.stdout }}" - group: "{{ username_on_host.stdout }}" - path: "{{ gentoo_prefix_path }}" - recurse: true From 4fc5be5a75e44a2cd52259676413c705ed5ff783 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:07:09 +0100 Subject: [PATCH 09/20] remove tasks for checking/interacting with host os --- .../tasks/install_prefix.yml | 25 ------------------- 1 file changed, 25 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml b/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml index afeb1934..55fdb501 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml @@ -1,31 +1,6 @@ # Install Gentoo Prefix. --- -- name: Fail if host OS is not supported - ansible.builtin.fail: - msg: | - Error: the operating system of the installation host is {{ ansible_os_family }} {{ ansible_distribution_version }}. - The task for installing Gentoo Prefix currently only supports Linux distributions based on RHEL 8. - when: not (ansible_os_family == "RedHat" and ansible_distribution_major_version is version("8", "==")) - -- name: "Install EPEL" - ansible.builtin.yum: - name: - - https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm - disable_gpg_check: true - state: present - tags: - - build_prefix - -- name: "Install other requirements (Singularity and git)" - ansible.builtin.yum: - name: - - singularity - - git - state: present - tags: - - build_prefix - - name: "Get the username running the deployment (not root)" ansible.builtin.shell: set -o pipefail && who | grep -v root | awk '{print $1}' | uniq become: false From ab508faab1662cb02efe784a695661f5f3385b1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:07:24 +0100 Subject: [PATCH 10/20] dont check the username --- .../roles/compatibility_layer/tasks/install_prefix.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml b/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml index 55fdb501..ff6db4e0 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml @@ -1,14 +1,6 @@ # Install Gentoo Prefix. --- -- name: "Get the username running the deployment (not root)" - ansible.builtin.shell: set -o pipefail && who | grep -v root | awk '{print $1}' | uniq - become: false - register: username_on_host - changed_when: true - tags: - - build_prefix - - name: "Create Gentoo prefix path and log directory" ansible.builtin.file: path: "{{ item }}" From 263b55aaff2153946bd807078ec74eb91e381e7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:08:26 +0100 Subject: [PATCH 11/20] remove permission fix task --- .../compatibility_layer/tasks/install_prefix.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml b/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml index ff6db4e0..861a8b8c 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/install_prefix.yml @@ -6,8 +6,6 @@ path: "{{ item }}" state: directory recurse: true - owner: "{{ username_on_host.stdout }}" - group: "{{ username_on_host.stdout }}" mode: "0755" with_items: - "{{ gentoo_prefix_path }}" @@ -147,15 +145,6 @@ tags: - build_prefix -- name: "Give build user recursive user and group ownership of {{ gentoo_prefix_path }}" - ansible.builtin.file: - dest: "{{ gentoo_prefix_path }}" - owner: "{{ username_on_host.stdout }}" - group: "{{ username_on_host.stdout }}" - recurse: true - tags: - - build_prefix - - name: "Run Gentoo Prefix bootstrap stages 1-3 via {{ prefix_install }}" ansible.builtin.shell: set -o pipefail && ( {{ prefix_install }} | tee -a {{ prefix_build_log }} | grep -E '^(>>> Installing|\\* )' ) become: false From 3a7c690f50fad6543fe3ec32f8a990b9315e3e34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:10:59 +0100 Subject: [PATCH 12/20] remove cvmfs transaction functionality --- .../roles/compatibility_layer/tasks/main.yml | 51 +++++-------------- 1 file changed, 14 insertions(+), 37 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/main.yml b/ansible/playbooks/roles/compatibility_layer/tasks/main.yml index 2504c77c..4d185fd1 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/main.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/main.yml @@ -1,6 +1,5 @@ # Main task which: # - checks the given path for a Prefix installation, and installs it if necessary; -# - starts (and publishes at the end) a CVMFS transaction, if requested; # - calls the tasks for adding the overlay and installation of sets and packages; # - does some fixes and other modifications in the Prefix installation (e.g. setting the locale). --- @@ -21,44 +20,22 @@ ansible.builtin.include_tasks: install_prefix.yml when: not startprefix.stat.exists -- name: Start transaction - ansible.builtin.command: "cvmfs_server transaction {{ cvmfs_repository }}" - when: cvmfs_start_transaction +- name: Configure the Prefix + ansible.builtin.include_tasks: prefix_configuration.yml -- name: Make customizations to our Prefix installation - block: - - name: Configure the Prefix - ansible.builtin.include_tasks: prefix_configuration.yml +- name: Add EESSI overlay + ansible.builtin.include_tasks: add_overlay.yml - - name: Add EESSI overlay - ansible.builtin.include_tasks: add_overlay.yml - args: - apply: - become: false +- name: Set the glibc trusted dirs + ansible.builtin.include_tasks: set_glibc_trusted_dirs.yml - - name: Set the glibc trusted dirs - ansible.builtin.include_tasks: set_glibc_trusted_dirs.yml +- name: Install additional packages + ansible.builtin.include_tasks: install_packages.yml - - name: Install additional packages - ansible.builtin.include_tasks: install_packages.yml +- name: Create symlinks to host files + ansible.builtin.include_tasks: create_host_symlinks.yml - - name: Create symlinks to host files - ansible.builtin.include_tasks: create_host_symlinks.yml - - - name: Test the Prefix installation - ansible.builtin.include_tasks: test.yml - tags: - - test - - - name: Publish transaction - ansible.builtin.command: "cvmfs_server publish {{ cvmfs_repository }}" - when: cvmfs_start_transaction and cvmfs_publish_transaction - - rescue: - - name: Abort transaction - ansible.builtin.command: "cvmfs_server abort {{ cvmfs_repository }}" - when: cvmfs_start_transaction and cvmfs_abort_transaction_on_failures - - - name: Exit because of failure - ansible.builtin.fail: - msg: "Task {{ ansible_failed_task }} failed, with result {{ ansible_failed_result }}." +- name: Test the Prefix installation + ansible.builtin.include_tasks: test.yml + tags: + - test From 8bdc81ecb0f9b509f2358d981d37c7f40969a3e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:11:30 +0100 Subject: [PATCH 13/20] remove cvmfs transaction variables --- ansible/playbooks/roles/compatibility_layer/defaults/main.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/ansible/playbooks/roles/compatibility_layer/defaults/main.yml b/ansible/playbooks/roles/compatibility_layer/defaults/main.yml index caf79115..5e9a43ea 100644 --- a/ansible/playbooks/roles/compatibility_layer/defaults/main.yml +++ b/ansible/playbooks/roles/compatibility_layer/defaults/main.yml @@ -8,9 +8,6 @@ custom_overlays: url: https://github.com/EESSI/gentoo-overlay.git eclass-overrides: true -cvmfs_start_transaction: false -cvmfs_publish_transaction: false -cvmfs_abort_transaction_on_failures: false cvmfs_repository: pilot.eessi-hpc.org gentoo_prefix_path: /cvmfs/{{ cvmfs_repository }}/versions/{{ eessi_version }}/compat/{{ eessi_host_os }}/{{ eessi_host_arch }} From 14e983dc3c493015279dc5c66e8abb086e1017c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:11:52 +0100 Subject: [PATCH 14/20] remove become directive --- .../roles/compatibility_layer/tasks/set_glibc_trusted_dirs.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/ansible/playbooks/roles/compatibility_layer/tasks/set_glibc_trusted_dirs.yml b/ansible/playbooks/roles/compatibility_layer/tasks/set_glibc_trusted_dirs.yml index 997a2c79..80a5076f 100644 --- a/ansible/playbooks/roles/compatibility_layer/tasks/set_glibc_trusted_dirs.yml +++ b/ansible/playbooks/roles/compatibility_layer/tasks/set_glibc_trusted_dirs.yml @@ -12,7 +12,6 @@ package: sys-libs/glibc noreplace: false oneshot: true - become: false environment: EXTRA_EMAKE: "user-defined-trusted-dirs={{ prefix_user_defined_trusted_dirs | join(':') }}" when: From 0a79fd00c7c146f40c58401125cbb1e738b12dd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:13:09 +0100 Subject: [PATCH 15/20] script for doing the full installation of the compat layer in a container --- install_compatibility_layer.sh | 120 +++++++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+) create mode 100644 install_compatibility_layer.sh diff --git a/install_compatibility_layer.sh b/install_compatibility_layer.sh new file mode 100644 index 00000000..d01e2e18 --- /dev/null +++ b/install_compatibility_layer.sh @@ -0,0 +1,120 @@ +#!/bin/bash +# +# Launch the compatibility layer installation using Ansible inside an Apptainer container. +# This can be run on any machine which has Apptainer installed, no special privileges are required. +# + +ARCH= +CONTAINER=docker://ghcr.io/eessi/bootstrap-prefix:debian11 +REPOSITORY="pilot.eessi-hpc.org" +STORAGE= +VERSION= + +display_help() { + echo "usage: $0 [OPTIONS]" + echo " OPTIONS:" + echo " -a | --arch ARCH - architecture to build a compatibility layer for" + echo " [default/required: current host's architecture]" + echo " -c | --container IMG - image file or URL defining the container to use" + echo " [default: ${CONTAINER}" + echo " -g | --storage DIR - directory space on host machine (used for" + echo " temporary data) [default: 1. TMPDIR, 2. /tmp]" + echo " -h | --help - display this usage information" + echo " -r | --repository REPO - CVMFS repository name [default: ${REPOSITORY}]" + echo " -v | --version VERSION - override the EESSI stack version set in Ansible's" + echo " defaults/main.yml file [default: None]" + echo +} + +POSITIONAL_ARGS=() + +while [[ $# -gt 0 ]]; do + case $1 in + -a|--arch) + ARCH="$2" + shift 2 + ;; + -c|--container) + CONTAINER="$2" + shift 2 + ;; + -g|--storage) + STORAGE="$2" + shift 2 + ;; + -h|--help) + display_help + exit 0 + ;; + -r|--repository) + REPOSITORY="$2" + shift 2 + ;; + -v|--version) + VERSION="$2" + shift 2 + ;; + -*|--*) + fatal_error "Unknown option: $1" "${CMDLINE_ARG_UNKNOWN_EXITCODE}" + ;; + *) # No more options + POSITIONAL_ARGS+=("$1") # save positional arg + shift + ;; + esac +done + +set -- "${POSITIONAL_ARGS[@]}" + +# We assume that this script is located in a directory containing a full checkout of the git repo, +# we verify this by checking for the existance oif the Ansible playbook. +SCRIPT_DIR=$(dirname $(realpath $0)) +if [ ! -f "${SCRIPT_DIR}/ansible/playbooks/install.yml" ]; then + echo "Ansible playbook install.yml cannot be found!" + echo "Make sure to run this script from a directory containing a the compatibility-layer git repository." + exit 1 +fi + +# Check if the target architecture is set to the architecture of the current host, +# as that's the only thing that's currently supported by this script +HOST_ARCH=$(uname -m) +if [[ ! -z ${ARCH} ]] && [[ "${ARCH}" != "${HOST_ARCH}" ]]; then + echo "ERROR: this build host has architecture ${HOST_ARCH}, while a build for ${ARCH} was requested!" + exit 1 +fi +if [[ -z ${ARCH} ]]; then + ARCH=${HOST_ARCH} +fi +echo "A compatibility layer for architecture ${ARCH} will be built." + +# Make a temporary directory on the host for storing the installation and some temporary files +TMPDIR=${STORAGE:-${TMPDIR:-/tmp}} +mkdir -p ${TMPDIR} +EESSI_TMPDIR=$(mktemp -d --tmpdir eessi.XXXXXXXXXX) +echo "Using $EESSI_TMPDIR as temporary storage..." + +# Create temporary directories +mkdir -p ${EESSI_TMPDIR}/cvmfs +mkdir -p ${EESSI_TMPDIR}/home + +# Set up paths and mount points for Apptainer +export APPTAINER_CACHEDIR=${EESSI_TMPDIR}/apptainer_cache +export APPTAINER_BIND="${EESSI_TMPDIR}/cvmfs:/cvmfs,${SCRIPT_DIR}:/compatibility-layer" +export APPTAINER_HOME="${EESSI_TMPDIR}/home:/home/${USER}" + +# Construct the Ansible playbook command +ANSIBLE_OPTIONS="-e eessi_host_os=linux -e eessi_host_arch=$(uname -m)" +if [[ ! -z ${VERSION} ]]; then + ANSIBLE_OPTIONS="${ANSIBLE_OPTIONS} -e eessi_version=${VERSION}" +fi +if [[ ! -z ${REPOSITORY} ]]; then + ANSIBLE_OPTIONS="${ANSIBLE_OPTIONS} -e cvmfs_repository=${REPOSITORY}" +fi +ANSIBLE_COMMAND="ansible-playbook ${ANSIBLE_OPTIONS} /compatibility-layer/ansible/playbooks/install.yml" +# Finally, run Ansible inside the container to do the actual installation +echo "Executing ${ANSIBLE_COMMAND} in ${CONTAINER}, this will take a while..." +apptainer shell ${CONTAINER} < Date: Tue, 7 Mar 2023 15:24:27 +0100 Subject: [PATCH 16/20] remove note about host OS --- ansible/playbooks/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/ansible/playbooks/README.md b/ansible/playbooks/README.md index daadfd81..b54f751a 100644 --- a/ansible/playbooks/README.md +++ b/ansible/playbooks/README.md @@ -14,7 +14,6 @@ all functionality for installing the EESSI compatibility layer. It performs the - install a given list of additional packages. The playbook `install.yml` will execute this role on a given server. -Note that if you want the role to install Gentoo Prefix, this particular task currently only supports Linux distributions based on RHEL 8 on the installation host. ## Configuration From 907978e4f3c2c2ecb791cc35f38eb320de201c4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:24:53 +0100 Subject: [PATCH 17/20] remove cvmfs transaction vars --- ansible/playbooks/README.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/ansible/playbooks/README.md b/ansible/playbooks/README.md index b54f751a..2b13ba48 100644 --- a/ansible/playbooks/README.md +++ b/ansible/playbooks/README.md @@ -28,9 +28,6 @@ Before running the playbook, make sure the following settings are correct, and o ### CVMFS settings | Variable | Description | | --- | --- | -| cvmfs_start_transaction | Whether a CVMFS transaction should be start at the start | -| cvmfs_publish_transaction | Whether a CVMFS transaction should be published at the end | -| cvmfs_abort_transaction_on_failures | Whether a CVMFS transaction should be aborted on failures | | cvmfs_repository | Name of your CVMFS repository (used for the transaction) | ### Prefix and packages From 01be223714e157b4f3d01e915d7115cb80e47f54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:25:11 +0100 Subject: [PATCH 18/20] remove singularity vars --- ansible/playbooks/README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/ansible/playbooks/README.md b/ansible/playbooks/README.md index 2b13ba48..dc09e3a7 100644 --- a/ansible/playbooks/README.md +++ b/ansible/playbooks/README.md @@ -44,8 +44,6 @@ Before running the playbook, make sure the following settings are correct, and o | prefix_bootstrap_use_flags | Contents of [package.use file](https://wiki.gentoo.org/wiki//etc/portage/package.use) to put in place after bootstrap stage 3 | | prefix_use_builtin_bootstrap | Use the container's built-in bootstrap script? | | prefix_custom_bootstrap_script | Dictionary with the `local` source and `remote` destination of the bootstrap script | -| prefix_singularity_command | Singularity command for launching the container with the bootstrap script | -| prefix_source | Singularity container path used for the Prefix installtion | | prefix_source_options | Arguments to be passed to the Prefix bootstrap script | | prefix_install | Prefix installation command | | prefix_locales | List of locales to be generated | From 6baab37deaa6cd630cdcd99a8cd20b1ebd7a7c0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:45:21 +0100 Subject: [PATCH 19/20] make script executable --- install_compatibility_layer.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 install_compatibility_layer.sh diff --git a/install_compatibility_layer.sh b/install_compatibility_layer.sh old mode 100644 new mode 100755 From 4d98e333727fee66f1071968fbba54f9d80febe6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bob=20Dr=C3=B6ge?= Date: Tue, 7 Mar 2023 15:58:48 +0100 Subject: [PATCH 20/20] update README --- README.md | 127 ++++-------------------------------------------------- 1 file changed, 9 insertions(+), 118 deletions(-) diff --git a/README.md b/README.md index 747c96fc..d657fbdf 100644 --- a/README.md +++ b/README.md @@ -8,124 +8,15 @@ An alternative would be the [NixOS](https://nixos.org/). ## Installation and Configuration -### Prerequisites - -The bootstrap process will need a clean environment with C and C++ compilers (the system version of gcc and g++ will do) as well as the `make` command. It also is very sensitive to -the environment, so setup a user with unset `CFFLAGS`, `CFLAGS`, `LDFLAGS`, `PKG_CONFIG_PATH` and the always harmful `LD_LIBRARY_PATH` variables. - -EESSI provides a Docker container for this, which can be run via Singularity. - -### Bootstrapping Gentoo Prefix -Gentoo Prefix provides a bootstrap script to build the prefix, see [Gentoo Prefix Bootstrap](https://wiki.gentoo.org/wiki/Project:Prefix/Bootstrap). -We forked [this version](https://gitweb.gentoo.org/repo/proj/prefix.git/tree/scripts/bootstrap-prefix.sh?id=e77fd01734f21ec2e9c985c28ba4eb30c1b2bc9d) -and made some modifications. See issue [#8](https://github.com/EESSI/compatibility-layer/issues/8) for more details. - -You can run our version of the bootstrap script (see `bootstrap-prefix.sh`) inside the Singularity container by executing: -``` -singularity run docker://ghcr.io/eessi/bootstrap-prefix:centos8 -``` - -If you want to run your own version of the bootstrap script, use: -``` -singularity exec docker://ghcr.io/eessi/bootstrap-prefix:centos8 ./bootstrap-prefix.sh -``` -Our version of the script allows you to pick a custom snapshot for the Portage tree. This can be done by setting `CUSTOM_SNAPSHOT_URL` to -a URL that points to a directory, and setting `CUSTOM_SNAPSHOT_URL` to the name of a snapshot file (must be a bzip2 archive). For instance: -``` -env CUSTOM_SNAPSHOT_URL="http://cvmfs-s0.eessi-hpc.org/snapshots" CUSTOM_SNAPSHOT_VERSION="20201209" singularity run docker://ghcr.io/eessi/bootstrap-prefix:centos8 -``` -If you want to limit the supported/installed Python version(s), you can set the environment variable `PYTHON_TARGETS` before starting the bootstrap script. By only including a Python 3 version, you can prevent Python 2 from being installed, e.g.: -``` -env PYTHON_TARGETS="python3_8" CUSTOM_SNAPSHOT_URL="http://cvmfs-s0.eessi-hpc.org/snapshots" CUSTOM_SNAPSHOT_VERSION="20201126" singularity run docker://ghcr.io/eessi/bootstrap-prefix:centos8 -``` - -After starting the bootstrap have a long coffee... - -Once the bootstrap is completed, run the script to replace some paths with symlinks into the host OS: - -``` -scripts/prefix-symlink-host-paths.sh -``` - -In order to generate the right locales for your installation, see [this item](https://wiki.gentoo.org/wiki/Project:Prefix/FAQ#Add_an_en_US.UTF-8_locale) -of the Gentoo Prefix FAQ. - -### Adding the EESSI overlay and packages -Additional packages are added in the EESSI overlay, which is based on ComputeCanada. -You can add them manually or in an automated way by using Ansible, being Ansible the preferred way. Below you can find the two options explained. - -#### Ansible playbook (Option 1) -The installation of the EESSI-specific parts can be automatically executed by running the Ansible playbook `install.yml` inside the folder `ansible/playbooks`. -This playbook will install the [EESSI Gentoo overlay](https://github.com/EESSI/gentoo-overlay) and a set of packages, including `Lmod` and `archspec`. See the `README` in the `ansible/playbooks` folder for more details. - -#### Manually (Option 2) -First, set `EPREFIX` to the path containing your Gentoo Prefix installation, and start the prefix: -``` -export EPREFIX=/path/to/your/prefix -${EPREFIX}/startprefix -``` -Ensure that the configuration directory for repositories exists: -``` -mkdir -p ${EPREFIX}/etc/portage/repos.conf -``` -If you used `${PYTHON_TARGETS}` during the bootstrap, be sure to set it to the same value now, e.g.: -``` -export PYTHON_TARGETS="python3_7" -``` - -Next, configure and sync the overlay: -``` -emerge eselect-repository -eselect repository add eessi git https://github.com/EESSI/gentoo-overlay.git -emerge --sync eessi -``` - -After synchronizing the overlay, add the EESSI package set(s) that you would like to install, e.g. for set `2020.08`: -``` -mkdir ${EPREFIX}/etc/portage/sets/ -ln -s ${EPREFIX}/var/db/repos/eessi/etc/portage/sets/2020.08 ${EPREFIX}/etc/portage/sets/ -``` - -Finally, install the package set(s) defined at `${EPREFIX}/etc/portage/sets/`, e.g.: -``` -emerge @2020.08 -``` - -### Updating the Prefix -#### Packages -Updating packages can be as easy as -``` -emerge --sync -emerge -``` -If you run into problems, usually a newer ebuild is not suited to build in a prefix environment. -Try to mask latest versions: - -Create a mask file if not existing and mask newer versions from thin provisioning tools greater or equal to 0.7.6: -``` -echo ">=sys-block/thin-provisioning-tools-0.7.6" >> ${EPREFIX}/etc/portage/package.mask -``` - -#### Portage -Updating Portage requires the kernel source which corresponds to your running kernel on the host. Emerge will detect it in `/usr/src/linux`. - -Check your running kernel version with: -``` -cat /proc/version -Linux version 4.20.0-1.el7.elrepo.x86_64 (mockbuild@Build64R7) -``` - -On a Centos 7 host kernel sources are installed in `/usr/src/kernels`. Link `/usr/src/linux` to the appropiate kernel source after installation. Example for an `elrepo` kernel: -``` -rpm -ivh kernel-ml-devel-4.20.0-1.el7.elrepo.x86_64.rpm -cd /usr/src ; ln -s kernels/4.20.0-1.el7.elrepo.x86_64 linux -``` - - When ready update Portage from the Prefix environment: -``` -startprefix -emerge --oneshot sys-apps/portage -``` +The installation of the compatibility layer is implemented with an Ansible playbook and Ansible role, +which you can find in the `ansible` subdirectory. It will do the Gentoo Prefix bootstrap (which usually takes several hours to complete!), +add a lot of EESSI configurations and customizations, install a bunch of packages that we require for EESSI, and finally it will +run a ReFrame test suite to check the installation. + +To make the installation even easier, we provide a script `install_compatibility_layer.sh` that can be used on basically any host that has Apptainer installed, +without requiring special privileges. +The script will execute the Ansible playbook inside an Apptainer build container, ensuring that all dependencies (including Ansible itself) are available. +In order to be able to write to `/cvmfs`, the container will bind mount a directory from the host as `/cvmfs` inside the container. # License