Beyond the Golden Image: Managing Cluster Images Using Ansible and Git

By Adam Dorsey

March 5, 2021

With cluster management systems like xCAT, Bright Cluster Manager, HPCM, and others, it’s all too easy to fall into the trap of having a “golden image” – one root image directory maintained over months or years of maintenance downtimes and image changes, where one small misstep could result in breaking the image and taking the entire cluster offline. Without a well-defined policy for managing image changes and builds, incremental changes to an image directory build over time, eventually forming a snarl of individual hacks, tweaks and fixes, where no one knows who did what or why.

Luckily, there are tools available that can help mitigate this process and assist in enforcing a reliable and reproducible image build process. Red Hat’s Ansible configuration management tool integrates nicely with existing cluster management tools, with a bit of scripting, and provides an established tool for modifying host configuration, even in a cluster image. And by using Git, image configurations can be versioned and maintained effectively, even in an environment with multiple contributors.

Bright Cluster Manager: Modifying images directly using Ansible

Bright Cluster Manager provides a set of tools that can be used to create images from running hosts[1], but this method requires booting and customizing a host every time an image change is made or an updated image is created. Instead of this tedious and time consuming process, create a base image once using the Bright Cluster Manager toolkit, then clone and modify that image as needed using Ansible.

Cluster node images created in Bright Cluster Manager take the form of a chroot environment – a directory containing all of the files necessary for a node to run, as if that directory were the nodes / (root) directory. Ansible includes a chroot connection plugin[2] that allows a playbook to target a chroot or image directory directly as if it were a running host. This will allow the creation of an Ansible playbook using the hundreds of existing Ansible modules available, saving time and effort. To create a customized image, all that must be done is clone the base image using Bright, then apply the custom configuration using Ansible.

xCAT: Extending the postinstall script for automatic Ansible configuration

One of the attributes of an xCAT image is the location of a postinstall script[3] – a script that runs every time an image is built that can be extended to provide system-specific customization. The most straightforward way to customize an xCAT image is to modify this postinstall script, but this method can lead to a bloated mess full of different hacks, all interdependent – make one change to fix an issue, and the entire system comes crashing down.

This is where Ansible comes into play. With Ansible, a playbook can be created for each image, and Ansible can then run those playbooks directly from the postinstall script using the chroot connection plugin. Since an xCAT image directory is also basically a chroot environment, the Ansible chroot connection plugin can be used to apply an image playbook to existing images.

In addition, a little bit of smart scripting can handle multiple images with one set of Ansible playbooks and roles. For example, a site may have two different image types, one for login nodes named centos7-login, and one for compute nodes named centos7-compute. To handle both cases, two different Ansible playbooks would be created, centos7-login.yml and centos7-compute.yml, with each playbook containing its own set of variables and roles. Using simple command line tools like find, grep, cut, etc., the postinstall script can find playbooks in an established directory, allowing the postinstall script to select the desired playbook automatically.

Maintaining playbooks and scripts using Git

Of course, without effective change management of the Ansible playbooks, the mess just moves from the image itself out into the playbooks and scripts used to build it. This is where Git comes into play. By managing the Ansible playbooks created for image management in Git, images can be versioned and rolled back without having to maintain multiple multi-gigabyte image directories on a cluster management node.

In addition, merge control and branch management features present in Git hosting platforms like GitLab or GitHub further enhance manageability of Ansible playbooks. Proper Git workflow also enforces good image change control and maintainability. Locking down the master branch ensures that all changes to the production image must go through a testing and approval process. Every change thus has a discussion and ownership chain associated with it, making long term planning and maintenance of image changes easier. And if there are security concerns about pushing configuration details to a public platform, a self-hosted GitLab instance[4] can be set up to manage playbook repositories.

Results

With a coherent image modification process using Ansible and Git, you no longer have to fear losing the “golden image” that your cluster relies on. Every image customization is easily viewable and reviewable in the Git frontend of your choice, including history, comments, and justification for every change. In a worst-case scenario, you can start from scratch with a new image (or a new cluster) using the existing Ansible playbooks, provided and managed via Git.

In addition, these tools also help your cluster management team work together. Git’s source control features allow contributors from around the world to collaborate on a single project. While your cluster management team may not be so widely spread, Git will still allow for easier collaboration between multiple users, administrators, and even multiple cluster sites. Easier upgrades, easier cluster migrations, easier disaster recovery, and more – leveraging Git and Ansible for cluster management makes your life easier overall.

[1] https://www.brightcomputing.com/Blog/bid/166702/How-to-save-the-running-state-of-a-node-to-a-new-software-image

[2] https://docs.ansible.com/ansible/2.9/plugins/connection/chroot.html

[3] https://xcat-docs.readthedocs.io/en/stable/guides/admin-guides/manage_clusters/common/deployment/prepostscripts/postinstall_script.html

[4] https://docs.gitlab.com/ee/install/

About the Author

Adam Dorsey is an HPC systems administrator and site lead for RedLine Performance Solutions.

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

Supercomputer-Powered Climate Model Makes Startling Sea Level Rise Prediction

April 19, 2021

The climate science community is tasked with striking a difficult balance: inspiring precisely the amount of alarm commensurate to the climate crisis. Make estimates that are too conservative, and the public might not re Read more…

San Diego Supercomputer Center Opens ‘Expanse’ to Industry Users

April 15, 2021

When San Diego Supercomputer Center (SDSC) at the University of California San Diego was getting ready to deploy its flagship Expanse supercomputer for the large research community it supports, it also sought to optimize Read more…

GTC21: Dell Building Cloud Native Supercomputers at U Cambridge and Durham

April 14, 2021

In conjunction with GTC21, Dell Technologies today announced new supercomputers at universities across DiRAC (Distributed Research utilizing Advanced Computing) in the UK with plans to explore use of Nvidia BlueField DPU technology. The University of Cambridge will expand... Read more…

The Role and Potential of CPUs in Deep Learning

April 14, 2021

Deep learning (DL) applications have unique architectural characteristics and efficiency requirements. Hence, the choice of computing system has a profound impact on how large a piece of the DL pie a user can finally enj Read more…

GTC21: Nvidia Launches cuQuantum; Dips a Toe in Quantum Computing

April 13, 2021

Yesterday Nvidia officially dipped a toe into quantum computing with the launch of cuQuantum SDK, a development platform for simulating quantum circuits on GPU-accelerated systems. As Nvidia CEO Jensen Huang emphasized in his keynote, Nvidia doesn’t plan to build... Read more…

AWS Solution Channel

Research computing with RONIN on AWS

To allow more visibility into and management of Amazon Web Services (AWS) resources and expenses and minimize the cloud skills training required to operate these resources, AWS Partner RONIN created the RONIN research computing platform. Read more…

Nvidia Aims Clara Healthcare at Drug Discovery, Imaging via DGX

April 12, 2021

Nvidia Corp. continues to expand its Clara healthcare platform with the addition of computational drug discovery and medical imaging tools based on its DGX A100 platform, related InfiniBand networking and its AGX developer kit. The Clara partnerships announced during... Read more…

San Diego Supercomputer Center Opens ‘Expanse’ to Industry Users

April 15, 2021

When San Diego Supercomputer Center (SDSC) at the University of California San Diego was getting ready to deploy its flagship Expanse supercomputer for the larg Read more…

GTC21: Dell Building Cloud Native Supercomputers at U Cambridge and Durham

April 14, 2021

In conjunction with GTC21, Dell Technologies today announced new supercomputers at universities across DiRAC (Distributed Research utilizing Advanced Computing) in the UK with plans to explore use of Nvidia BlueField DPU technology. The University of Cambridge will expand... Read more…

The Role and Potential of CPUs in Deep Learning

April 14, 2021

Deep learning (DL) applications have unique architectural characteristics and efficiency requirements. Hence, the choice of computing system has a profound impa Read more…

GTC21: Nvidia Launches cuQuantum; Dips a Toe in Quantum Computing

April 13, 2021

Yesterday Nvidia officially dipped a toe into quantum computing with the launch of cuQuantum SDK, a development platform for simulating quantum circuits on GPU-accelerated systems. As Nvidia CEO Jensen Huang emphasized in his keynote, Nvidia doesn’t plan to build... Read more…

Nvidia Aims Clara Healthcare at Drug Discovery, Imaging via DGX

April 12, 2021

Nvidia Corp. continues to expand its Clara healthcare platform with the addition of computational drug discovery and medical imaging tools based on its DGX A100 platform, related InfiniBand networking and its AGX developer kit. The Clara partnerships announced during... Read more…

Nvidia Serves Up Its First Arm Datacenter CPU ‘Grace’ During Kitchen Keynote

April 12, 2021

Today at Nvidia’s annual spring GPU Technology Conference (GTC), held virtually once more due to the pandemic, the company unveiled its first ever Arm-based CPU, called Grace in honor of the famous American programmer Grace Hopper. The announcement of the new... Read more…

Nvidia Debuts BlueField-3 – Its Next DPU with Big Plans for an Expanded Role

April 12, 2021

Nvidia today announced its next generation data processing unit (DPU) – BlueField-3 – adding more substance to its evolving concept of the DPU as a full-fledged partner to CPUs and GPUs in delivering advanced computing. Nvidia is pitching the DPU as an active engine... Read more…

Nvidia’s Newly DPU-Enabled SuperPod Is a Multi-Tenant, Cloud-Native Supercomputer

April 12, 2021

At GTC 2021, Nvidia has announced an upgraded iteration of its DGX SuperPods, calling the new offering “the first cloud-native, multi-tenant supercomputer.” Read more…

Julia Update: Adoption Keeps Climbing; Is It a Python Challenger?

January 13, 2021

The rapid adoption of Julia, the open source, high level programing language with roots at MIT, shows no sign of slowing according to data from Julialang.org. I Read more…

Intel Launches 10nm ‘Ice Lake’ Datacenter CPU with Up to 40 Cores

April 6, 2021

The wait is over. Today Intel officially launched its 10nm datacenter CPU, the third-generation Intel Xeon Scalable processor, codenamed Ice Lake. With up to 40 Read more…

CERN Is Betting Big on Exascale

April 1, 2021

The European Organization for Nuclear Research (CERN) involves 23 countries, 15,000 researchers, billions of dollars a year, and the biggest machine in the worl Read more…

Programming the Soon-to-Be World’s Fastest Supercomputer, Frontier

January 5, 2021

What’s it like designing an app for the world’s fastest supercomputer, set to come online in the United States in 2021? The University of Delaware’s Sunita Chandrasekaran is leading an elite international team in just that task. Chandrasekaran, assistant professor of computer and information sciences, recently was named... Read more…

HPE Launches Storage Line Loaded with IBM’s Spectrum Scale File System

April 6, 2021

HPE today launched a new family of storage solutions bundled with IBM’s Spectrum Scale Erasure Code Edition parallel file system (description below) and featu Read more…

10nm, 7nm, 5nm…. Should the Chip Nanometer Metric Be Replaced?

June 1, 2020

The biggest cool factor in server chips is the nanometer. AMD beating Intel to a CPU built on a 7nm process node* – with 5nm and 3nm on the way – has been i Read more…

Saudi Aramco Unveils Dammam 7, Its New Top Ten Supercomputer

January 21, 2021

By revenue, oil and gas giant Saudi Aramco is one of the largest companies in the world, and it has historically employed commensurate amounts of supercomputing Read more…

Quantum Computer Start-up IonQ Plans IPO via SPAC

March 8, 2021

IonQ, a Maryland-based quantum computing start-up working with ion trap technology, plans to go public via a Special Purpose Acquisition Company (SPAC) merger a Read more…

Leading Solution Providers

Contributors

Can Deep Learning Replace Numerical Weather Prediction?

March 3, 2021

Numerical weather prediction (NWP) is a mainstay of supercomputing. Some of the first applications of the first supercomputers dealt with climate modeling, and Read more…

Livermore’s El Capitan Supercomputer to Debut HPE ‘Rabbit’ Near Node Local Storage

February 18, 2021

A near node local storage innovation called Rabbit factored heavily into Lawrence Livermore National Laboratory’s decision to select Cray’s proposal for its CORAL-2 machine, the lab’s first exascale-class supercomputer, El Capitan. Details of this new storage technology were revealed... Read more…

New Deep Learning Algorithm Solves Rubik’s Cube

July 25, 2018

Solving (and attempting to solve) Rubik’s Cube has delighted millions of puzzle lovers since 1974 when the cube was invented by Hungarian sculptor and archite Read more…

African Supercomputing Center Inaugurates ‘Toubkal,’ Most Powerful Supercomputer on the Continent

February 25, 2021

Historically, Africa hasn’t exactly been synonymous with supercomputing. There are only a handful of supercomputers on the continent, with few ranking on the Read more…

AMD Launches Epyc ‘Milan’ with 19 SKUs for HPC, Enterprise and Hyperscale

March 15, 2021

At a virtual launch event held today (Monday), AMD revealed its third-generation Epyc “Milan” CPU lineup: a set of 19 SKUs -- including the flagship 64-core, 280-watt 7763 part --  aimed at HPC, enterprise and cloud workloads. Notably, the third-gen Epyc Milan chips achieve 19 percent... Read more…

The History of Supercomputing vs. COVID-19

March 9, 2021

The COVID-19 pandemic poses a greater challenge to the high-performance computing community than any before. HPCwire's coverage of the supercomputing response t Read more…

HPE Names Justin Hotard New HPC Chief as Pete Ungaro Departs

March 2, 2021

HPE CEO Antonio Neri announced today (March 2, 2021) the appointment of Justin Hotard as general manager of HPC, mission critical solutions and labs, effective Read more…

Microsoft, HPE Bringing AI, Edge, Cloud to Earth Orbit in Preparation for Mars Missions

February 12, 2021

The International Space Station will soon get a delivery of powerful AI, edge and cloud computing tools from HPE and Microsoft Azure to expand technology experi Read more…

  • arrow
  • Click Here for More Headlines
  • arrow
HPCwire