Deployment#
In this section we describe how to deploy netUnicorn instance. We provide two deployment options: simplified deployment for testing purposes and production deployment.
Support#
You can join netUnicorn Slack workspace for support and discussions.
AWS Deployment#
If you want to deploy test instance of netUnicorn on AWS, you can use “netunicorn-v0.4” AMI.
Deployment steps:
Create AWS EC2 instance:
Choose “netunicorn-v0.4” community AMI.
Choose “Allow HTTP traffic” in the security group.
[Optional] Allow TCP ports 5000 (docker registry), 5432 (PostgreSQL database), 9000 (netUnicorn UI), 26512 (netUnicorn gateway) for access to corresponding services
Use the next credentials to access the netUnicorn instance:
Username:
testPassword:
testURL:
http://<public IP or DNS name of the instance>
You also can access the instance PostgreSQL database over the port 5432 (if allowed in security group) with the next credentials:
Username:
developmentPassword:
developmentDatabase:
development
[Optional] You can login into the machine and change the information in ~/netunicorn/docker-compose.yml.
[Optional] Change IP of the NETUNICORN_MEDIATOR_ENDPOINT environment variable in netunicorn-ui service to your VM IP address to enable netunicorn-ui at the http:/<your_ip>:9000 (use the same credentials as for netUnicorn API instance)
Simplified deployment#
This section describes the simplified deployment of netUnicorn instance for testing purposes. It could be done on your laptop or any virtual machine.
Important: this deployment operates with default credentials for the netUnicorn instance and the database. It is not secure and should not be used in production. Database credentials are stored in the docker-compose.yml file. Instance will have test user with test password, defined in the development/users.sql file.
Prerequisites#
Linux-based OS (as Docker containers are Linux-based)
Installed
wgetInstalled Docker and Docker Compose plugin. Please, refer to Docker installation guide and Docker Compose installation guide.
If you use rootless installation of Docker, please modify
/var/run/docker.socklinks on the left side of volume sections in docker-compose.yml file as needed (usually, to/run/user/1000/docker.sockif your user id is 1000)
Installation#
Create a separate folder for local netunicorn configuration files and
cdinto this folder.Download and run installation script:
wget https://raw.githubusercontent.com/netunicorn/netunicorn/main/netunicorn-director/scripts/install.sh chmod +x install.sh ./install.sh
This script will create needed directories and put configuration files into them.
Optional: We encourage you to explore the file content before running to verify the harmless nature of the script.
Run docker compose:
docker compose up
This command will download and run all needed containers.
Optional: You can explore the
docker-compose.ymlfile content before running and make changes as needed (e.g., change database login and password, ports, etc.)
Now you should have running instance of netunicorn platform on your machine.
You can verify installation using the next methods:
PostgreSQL database is available on
localhost:5432with credentials from thedocker-compose.ymlfile.Monitoring webpage is available on
localhost:26611/adminwith credentials fromdevelopment/user.sqlfile (by default:test/test)netUnicorn API endpoint is available on
localhost:26611with credentials fromdevelopment/user.sqlfile (by default:test/test) and can be used in experiments (e.g., see example experiments in/examplesfolder of the repository)docker-compose logscommand can be used to see logs of all running containers. All containers should be running stable. Some container could have errors in the log (connection errors to the database in the beginning when the database was not ready) but they should be resolved in a few seconds.
Production deployment#
This section describes the production deployment of netUnicorn instance.
Services of netUnicorn platform#
netUnicorn platform consists of several services communicating with each other. There are “General Services”, that are external to the platform and could be used by other applications, and “netUnicorn Director Services”, that are developed by netUnicorn team.
General Services#
PostgreSQL database: stores all data of the platform. Should be accessible by all director services. Could be used by other applications. Some administration could be done only via direct database access.
Docker Registry. Should be accessible by the
compilationservice for write access and all nodes for read access. Could be used by other applications.
netUnicorn Director Services#
authentication: provides authentication for the platform. Should be accessible by the mediator.compilation: compiles Docker images for the platform. Should have mapping of/var/run/docker.sockto the host machine for using Docker engine for compilation, and local Docker engine should have write access to the Docker Registry.gateway: provides API for nodes. Should be accessible by the nodes (exposed port should be accessible by the nodes).processor: monitors current experiments and nodes locks.infrastructure: provides connectivity to the infrastructure (e.g., Kubernetes cluster). Separate configuration file should be provided during the startup. Should have access to the provided infrastructure (e.g., Kubernetes cluster, AWS, SaltStack API, etc.)mediator: API endpoint for end users. Depends on all other services. Exposed port should be available to netUnicorn users. Should have network access toinfrastructureandauthenticationservices.
Deployment#
Here we describe the deployment of the netUnicorn on the example of the docker compose deployment. In case of other deployment options (e.g., manual service deployment on different machines) the deployment process should be adjusted accordingly (expose ports from containers and verify network access between services).
Services in Docker containers#
All services are implement as Docker images. If you want to deploy services outside of the containers, use preparation and entrypoint commands from the corresponding Dockerfiles for services startup.
Deployment steps#
Download the
docker-compose-stable.ymlfrom thenetunicorn/netunicorn-directorfolder.Create required files and modify variables (see “Deployment Modifications” below) in the
docker-compose-stable.ymlfile according to your deployment scenario.Run
docker-compose -f docker-compose-stable.yml up -dcommand to start all services.You can use
docker-compose -f docker-compose-stable.yml logscommand to see logs of all services.
Deployment Modifications#
Most of the variables and parameters in the docker compose file are self-explanatory. We describe some of parameters, modification details, and files here in more details.
environment variable
NETUNICORN_DATABASE_ENDPOINTcontains the URL of the database.registryservice should expose registry port (by default: 5000)scripts for database initialization are available at
netunicorn-director/scripts/dbdeploy.sql. If deploying the database from the docker compose file, they should be mapped to the/docker-entrypoint-initdb.dfolder of thedatabaseservice.compilationservice should have/var/run/docker.sockmapped to the host machine for using Docker engine for compilation (usually/var/run/docker.sock:/var/run/docker.sock, but could be different (e.g., in case of using rootless Docker installation).mediatorservice should haveNETUNICORN_INFRASTRUCTURE_ENDPOINTandNETUNICORN_AUTH_ENDPOINTvariables pointing at the corresponding services, and alsoNETUNICORN_DOCKER_REGISTRY_URLwith publicly available URL of the Docker Registry (e.g.,<public IP>:5000).infrastructureservice should be provided a configuration YAML file during the startup. This file describes what connectors should be imported and initialized and provides configuration for each connector. Example configuration file is available atnetunicorn-director/scripts/infrastructure-example-config.yaml.Each of the connectors will have an example of their configuration for infrastructure config file. All settings should be combined into a single file to pass to the service.