galaxyproject / cloudlaunch Goto Github PK
View Code? Open in Web Editor NEWEasily launch cloud applications.
Home Page: https://launch.usegalaxy.org/
Easily launch cloud applications.
Home Page: https://launch.usegalaxy.org/
This is relation to #49 as one possible avenue for implementing the new launcher. This branch is based on the following stack: Django, Django Rest Framework, MongoDB, Django Rest Framework Mongoengine. The following is a fluid list of current tasks:
POST
a nested field (e.g., an Application
with a Category
)Hello again,
I'm working under a corporate AWS account with an individual IAM user. I can't specify a default VPC and I have to run Galaxy in a particular VPC. Could VPC selection be implemented in Cloudman and/or Cloudlaunch? I see in the Cloudman Changelog that in August, support for VPC was added in some sense, but I'm not sure how to leverage this and/or specify it while using Cloudlaunch. Will this be part of the larger October Galaxy release?
This documents a discussion on how we plan to handle backend plugins moving forward:
Currently, backend plugins access some cloudlaunch models, and therefore need a running cloudlaunch instance to be developed, tested or run against. However, there is no real reason to have this dependency, and we should be able to full decouple the two, allowing backend plugins to be executed in a standalone fashion, as well as from within cloudlaunch.
The planned strategy is to send in required objects as dicts. These objects can thus be provided through a commandline runner, say as json docs, as well as CloudLaunch itself. This should make plugin development much easier, and also allow for re-use outside of cloudlaunch.
Further along the line, we will also need to provide a way to bundle a backend plugin, along with its frontend component, and provide it together as a versioned, installable object within CloudLaunch.
Django 1.11 is an LTS, which is what we want to stick with (and 1.9 is no longer supported: https://www.djangoproject.com/download/) so time to upgrade.
While sample commands are provided, little explanation is provided of what they do, and they don't quite work on this instance of ubuntu 13.04 (I know, the docs say to specifically use 12.04, but, I figured I would give raring a try).
I got right up to the point where I need to create a database, and it's giving this error:
(bcc)janderson@ip-10-223-0-144:/gvl/bcc/biocloudcentral$ createdb --username bcc --port 5432 biocloudcentral
createdb: could not connect to database postgres: FATAL: Peer authentication failed for user "bcc"
In the meantime, I'll start a 12.04 LTS instance and try there.
...which is a 404.
(e.g. instead of being redirected from http://my.ip.addr.here/ to http://my.ip.addr.here/launch, the user is redirected from http://my.ip.addr.here/ to http://my.ip.addr.here/None/launch )
I've tried setting "Redirect_Base" equal to "None", None (without quotes) and simply blank, but it doesn't seem to help. I've also restarted the service, and wiped/regenerated the static pages between each iteration, in case some cached value was tripping me up.
Should I instead set my redirect base to http://my.ip.addr.here/ ?
Add the ability to interface with the Google Cloud. This will require storing the cloud connection properties in the model and creating appropriate serializers.
Note that support for the Google Cloud in CloudBridge has not been completed but it is sufficient to make progress here. See the gce branch: https://github.com/gvlproject/cloudbridge/tree/gce
It would be good to have a upload field to upload a ???-userdata.txt
that you can download upon first creation of a cluster. The cloudlounch then should prefill all the values from the values in that file.
It would be nice to allow for users to add their own private clouds, and optionally publish/share them, after being approved.
This is mostly useful for OpenStack clouds, but could also be useful for EC2 compatible clouds, and in future, Azure Stack based clouds.
Tasks
Enabling EBS optimization on the master node helps with NFS performance.
It would be nice to remove entries from the displayed list, especially failed once or instances that are not running anymore.
Dear Brad Chapman,
Great tool you made! I've been playing with it a lot yesterday and today. I launches and relaunches a customized galaxy cloud instance in most cases.
There are however 2 issues:
13:16:56 - Retrieved file 'persistent_data.yaml' from bucket 'cm-e90ee86008a58c16f04d9ec29eebdb46' to 'pd.yaml'.
13:16:56 - Master starting
13:16:57 - Completed initial cluster configuration.
13:17:21 - PostgreSQL data directory '/mnt/galaxyData/pgsql/data' does not exist (yet?)
13:17:21 - Prerequisites OK; starting service 'SGE'
13:17:26 - Configuring SGE...
13:17:36 - Successfully setup SGE; configuring SGE
13:18:14 - Attaching volume 'vol-65c8be08' to instance 'i-7ea60e1c' as device '/dev/sdg3' failed. Exception: EC2ResponseError: 400 Bad Request InvalidVolume.ZoneMismatchThe volume 'vol-65c8be08' is not in the same availability zone as instance 'i-7ea60e1c'fd7371c2-acd6-43d1-9a16-8b5bd73f6df2
Keep up the great work, I hope I can contribute towards this.
Thomas
Hello again,
I took advice from #42, setting up a fresh instance on a linux workstation, RHEL6 with pyenv-virtualenv. I took your suggestion @afgane and decided to install according to the repository's instructions. I manage fine until I receive the following error while starting supervisor. I notice that the celeryd command line tool is available(see below), although this subcommand is not available to manage.py
From the supervisor log (/srv/cloudlaunch/cloudlaunch/supervisor.log):
14:01:51 system | web.1 started (pid=1543)
14:01:51 system | celery.1 started (pid=1544)
14:01:52 celery.1 | Unknown command: 'celeryd'
14:01:52 celery.1 | Type 'manage.py help' for usage.
14:01:52 system | celery.1 stopped (rc=1)
14:01:52 system | sending SIGTERM to web.1 (pid 1543)
14:01:52 web.1 | Traceback (most recent call last):
14:01:52 web.1 | File "../.cl/bin/gunicorn", line 11, in <module>
14:01:52 web.1 | sys.exit(run())
14:01:52 web.1 | File "/home/ralstonm/.pyenv/versions/cl/lib/python2.7/site-packages/gunicorn/app/wsgiapp.py", line 74, in run
14:01:52 web.1 | WSGIApplication("%(prog)s [OPTIONS] [APP_MODULE]").run()
14:01:52 web.1 | File "/home/ralstonm/.pyenv/versions/cl/lib/python2.7/site-packages/gunicorn/app/base.py", line 189, in run
14:01:52 web.1 | super(Application, self).run()
14:01:52 web.1 | File "/home/ralstonm/.pyenv/versions/cl/lib/python2.7/site-packages/gunicorn/app/base.py", line 72, in run
14:01:52 web.1 | Arbiter(self).run()
14:01:52 web.1 | File "/home/ralstonm/.pyenv/versions/cl/lib/python2.7/site-packages/gunicorn/arbiter.py", line 197, in run
14:01:52 web.1 | self.halt()
14:01:52 web.1 | File "/home/ralstonm/.pyenv/versions/cl/lib/python2.7/site-packages/gunicorn/arbiter.py", line 297, in halt
14:01:52 web.1 | self.stop()
14:01:52 web.1 |
14:01:52 system | web.1 stopped (rc=1)
/srv/cloudlaunch >cloudlaunch/biocloudcentral/manage.py --help
Usage: manage.py subcommand [options] [args]
Options:
-v VERBOSITY, --verbosity=VERBOSITY
Verbosity level; 0=minimal output, 1=normal output,
2=all output
--settings=SETTINGS The Python path to a settings module, e.g.
"myproject.settings.main". If this isn't provided, the
DJANGO_SETTINGS_MODULE environment variable will be
used.
--pythonpath=PYTHONPATH
A directory to add to the Python path, e.g.
"/home/djangoprojects/myproject".
--traceback Print traceback on exception
--version show program's version number and exit
-h, --help show this help message and exit
Type 'manage.py help <subcommand>' for help on a specific subcommand.
Available subcommands:
cleanup
compilemessages
createcachetable
dbshell
diffsettings
dumpdata
flush
inspectdb
loaddata
makemessages
reset
runfcgi
runserver
shell
sql
sqlall
sqlclear
sqlcustom
sqlflush
sqlindexes
sqlinitialdata
sqlreset
sqlsequencereset
startapp
startproject
syncdb
test
testserver
validate
/src/cloudlaunch >cd cloudlaunch
/srv/cloudlaunch/cloudlaunch >/bin/ls ../.cl/bin
activate bundle_image celeryd cwutil dynamodb_load fetch_file gunicorn_paster list_instances pidproxy python sdbadmin
activate.csh camqadm celeryd-multi django-admin.py easy_install get-pip.py honcho lss3 pip python2 supervisorctl
activate.fish celery celeryev django-admin.pyc easy_install-2.7 glacier instance_events mturk pip2 python2.7 supervisord
activate_this.py celerybeat cfadmin djcelerymon echo_supervisord_conf gunicorn kill_instance nosetests pip2.7 route53 taskadmin
asadmin celeryctl cq dynamodb_dump elbadmin gunicorn_django launch_instance nosetests-2.7 pyami_sendmail s3put wheel
Hello everyone. I have a fresh production install of cloudlaunch on RHEL6 configured with PostgreSQL and Nginx, following the README. When I access "my-server:portnum/admin" page, I receive a 500 error indicating that the login.html page could not be found.
Django error
Environment:
Request Method: GET
Request URL: http://localhost:8000/admin/
Django Version: 1.3
Python Version: 2.7.8
Installed Applications:
['django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.admin',
'django.contrib.admindocs',
'south',
'bootstrap_toolkit',
'biocloudcentral',
'djcelery',
'kombu.transport.django']
Installed Middleware:
('django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware')
Template Loader Error:
Django tried loading these templates, in this order:
Using loader django.template.loaders.filesystem.Loader:
/srv/cloudlaunch/cloudlaunch/templates/admin/login.html (File does not exist)
Using loader django.template.loaders.app_directories.Loader:
/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/bootstrap_toolkit/templates/admin/login.html (File does not exist)
Traceback:
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
111. response = callback(request, *callback_args, **callback_kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/contrib/admin/sites.py" in wrapper
214. return self.admin_view(view, cacheable)(*args, **kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/utils/decorators.py" in _wrapped_view
93. response = view_func(request, *args, **kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
79. response = view_func(request, *args, **kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/contrib/admin/sites.py" in inner
196. return self.login(request)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
79. response = view_func(request, *args, **kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/contrib/admin/sites.py" in login
331. return login(request, **defaults)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/utils/decorators.py" in _wrapped_view
93. response = view_func(request, *args, **kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
79. response = view_func(request, *args, **kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/contrib/auth/views.py" in login
69. context_instance=RequestContext(request, current_app=current_app))
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/shortcuts/__init__.py" in render_to_response
20. return HttpResponse(loader.render_to_string(*args, **kwargs), **httpresponse_kwargs)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/template/loader.py" in render_to_string
181. t = get_template(template_name)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/template/loader.py" in get_template
157. template, origin = find_template(template_name)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/django/template/loader.py" in find_template
138. raise TemplateDoesNotExist(name)
Exception Type: TemplateDoesNotExist at /admin/
Exception Value: admin/login.html
Contents of django bootstrap_toolkit (no admin directory):
>/bin/ls ~/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/bootstrap_toolkit/templates
bootstrap_toolkit
>/bin/ls ~/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/bootstrap_toolkit/templates/*
field_checkbox.html field_errors.html field.html field_search.html form.html nav.html pagination.html
field_choices.html field_help.html field_inline.html field_vertical.html formset.html non_field_error.html pills.html
field_default.html field_horizontal.html field_prepend_append.html field_visible.html messages.html non_field_errors.html tabs.html
>pip freeze
/srv/cloudlaunch/cloudlaunch >pip freeze
amqp==1.0.12
anyjson==0.3.3
billiard==2.7.3.31
bioblend==0.6.1
boto==2.38.0
celery==3.0.21
dj-database-url==0.2.1
Django==1.3
django-bootstrap-toolkit==2.12.0
django-celery==3.0.17
gunicorn==19.3.0
honcho==0.6.6
Jinja2==2.7
kombu==2.5.12
MarkupSafe==0.18
meld3==1.0.2
mock==1.0.1
nose==1.3.0
poster==0.8.1
psycopg2==2.4.2
python-dateutil==2.1
python-memcached==1.48
pytz==2013b0
PyYAML==3.10
requests==1.2.3
requests-toolbelt==0.4.0
simplejson==3.3.0
six==1.9.0
South==0.7.3
supervisor==3.1.3
wheel==0.24.0
We already have an Ansible playbook for deploying CloudLaunch: https://github.com/galaxyproject/ansible-cloudlaunch/
We should apply it towards a Docker container and see what needs to be done to make that happen.
As a first step, building a single image is fine but ideally we could build this as a Helm chart separating out the web server, the message queue, the application, and the database into dedicated services.
I am providing the share-an-instance cluster id on the corresponding filed on the biocloucentral page:
cm-04768f56d19d9ed91ac5e236b669f5ce/shared/2013-08-09--20-48
(this is a cluster I've shared previously through the cloudman interface)
However, when I click on the ip address of the started instance and get to the cloudman interface, it still asks me to choose option (Galaxy, share-an-instance, or data cluster).
Isn't it supposed to go ahead and start a cluster with volumes from my snapshots mounted based on the cm-04768f56d19d9ed91,,, id I've provided on the biocloudcentral site ?
Most viewsets in cloudlaunch simply call resource.list() to fetch objects.
e.g.
def list_objects(self):
provider = view_helpers.get_cloud_provider(self)
return provider.compute.instances.list()
Since the limit and marker parameters are not being passed to cloudbridge, this will always only return the first 50 records. This needs to be integrated with DRF paging to pass in the limit and marker so that client side paging will work correctly.
Currently, cloudlaunch asks for ec2 connection details as a list of individual values, as follows:
"ec2_region_name": "ap-southeast-2",
"ec2_region_endpoint": "ec2.ap-southeast-2.amazonaws.com",
"ec2_conn_path": "/",
"ec2_port": null,
"ec2_is_secure": true,
"s3_host": "s3-ap-southeast-2.amazonaws.com",
"s3_conn_path": "/",
"s3_port": null,
"s3_is_secure": true
However, after the boto3 upgrade, it's no longer required to provide these individually. Simply providing
ec2_endpoint_url
s3_endpoint_url
use_ssl
ssl_verify
and ec2_region_name is sufficient.
So we should be able to collapse ec2_region_endpoint, ec2_conn_path and ec2_is_secure to a single value. Dito for s3_host, s3_conn_path and s3_port.
This is relation to #49 for implementing the new launcher. This branch is based on the following stack: Django, Django Rest Framework, Django Social Auth, Celery. The app is intended to supply a REST API without an embedded UI (the UI will be a developed as a separate project to consume the API). The following is a fluid list of current tasks:
/applications
/deployments
/infrastructure
Hello, just wondering if this has been tested with OpenStack's Neutron networking? Specifically on OpenStack Kilo.
'My Appliances' page is currently a log of launched instances but should be more of a dashboard allowing live view of the deployments and more control.
For starters, enable the status of an appliance to be updated according to the state of the cloud resource. This will require access to the user's credentials across all providers used for deployments. To limit the number of requests and credentials required, perhaps it would be good to just update the status of deployments launched in the past week, or month, or? and then allow each individual deployment to be explicitly updated.
With Django Rest Framework Swagger, we should be able to generate an OpenAPI spec for the current API. We can then use that spec to generate client bindings for multiple languages.
Additional references:
https://apievangelist.com/2015/06/06/comparison-of-automatic-api-code-generation-tools-for-swagger/
Hi, I'm using the dockerized version from @afgane. I'd like to add the AWS cloud and some instance types, but I don't know where to find informtion about the "EC2 port", "S3" port, or others. Would someone let me know where I can find this information? Thanks for your time!
This error occurs after ICMP in the except block in the section concerning inter-instance communication. The POST request fails from the boto authorize statement stating that protocol is null, which is the first parameter is the classical method. However, my boto library seems to be up to date (2.38.0) I understand that this is mostly a boto failure, although this could provide the illusion to the user that a new security group was created or that an existing security group was updated when in reality, the inter-instance communication is not successfully authorized.
# Add rule that allows communication between instances in the same SG
g_rule_exists = False # A flag to indicate if group rule already exists
for rule in cmsg.rules:
for grant in rule.grants:
if grant.name == cmsg.name:
g_rule_exists = True
bioblend.log.debug("Group rule already exists in the SG.")
if g_rule_exists:
break
if not g_rule_exists:
try:
cmsg.authorize(src_group=cmsg)
except EC2ResponseError as e:
err_msg = "A problem with security group authorization: {0} " \
"(code {1}; status {2})" \
.format(e.message, e.error_code, e.status)
bioblend.log.exception(err_msg)
progress['err_msg'] = err_msg
bioblend.log.info("Done configuring '%s' security group" % cmsg.name)
[2015-10-23 15:08:19,451: DEBUG/MainProcess] Security group 'CloudMan' already exists; will add authorizations next.
[2015-10-23 15:08:19,451: DEBUG/MainProcess] Rule (20:21) already exists in the SG
[2015-10-23 15:08:19,451: DEBUG/MainProcess] Rule (22:22) already exists in the SG
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Rule (80:80) already exists in the SG
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Rule (443:443) already exists in the SG
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Rule (8800:8800) already exists in the SG
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Rule (9600:9700) already exists in the SG
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Rule (30000:30100) already exists in the SG
[2015-10-23 15:08:19,452: DEBUG/MainProcess] ICMP rule already exists in CloudMan SG.
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Method: POST
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Path: https://ec2.amazonaws.com/
[2015-10-23 15:08:19,452: DEBUG/MainProcess] Data:
[2015-10-23 15:08:19,453: DEBUG/MainProcess] Headers: {}
[2015-10-23 15:08:19,453: DEBUG/MainProcess] Host: ec2.amazonaws.com
[2015-10-23 15:08:19,453: DEBUG/MainProcess] Port: 443
...
[2015-10-23 15:08:19,572: DEBUG/MainProcess] <?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>InvalidParameterValue</Code><Message>Invalid value 'null' for protocol. VPC security group rules must specify protocols explicitly.</Message></Error></Errors><RequestID>f36e61be-64fe-40fc-bac5-09227f981253</RequestID></Response>
[2015-10-23 15:08:19,573: ERROR/MainProcess] 400 Bad Request
[2015-10-23 15:08:19,573: ERROR/MainProcess] <?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>InvalidParameterValue</Code><Message>Invalid value 'null' for protocol. VPC security group rules must specify protocols explicitly.</Message></Error></Errors><RequestID>f36e61be-64fe-40fc-bac5-09227f981253</RequestID></Response>
[2015-10-23 15:08:19,574: ERROR/MainProcess] A problem with security group authorization: Invalid value 'null' for protocol. VPC security group rules must specify protocols explicitly. (code InvalidParameterValue; status 400)
Traceback (most recent call last):
File "/home/ralstonm/Projects/bioblend/bioblend/cloudman/launch.py", line 301, in create_cm_security_group
cmsg.authorize(src_group=cmsg)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/boto/ec2/securitygroup.py", line 203, in authorize
dry_run=dry_run)
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/boto/ec2/connection.py", line 3191, in authorize_security_group
params, verb='POST')
File "/home/ralstonm/.pyenv/versions/cloudlaunch/lib/python2.7/site-packages/boto/connection.py", line 1227, in get_status
raise self.ResponseError(response.status, response.reason, body)
EC2ResponseError: EC2ResponseError: 400 Bad Request
<?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>InvalidParameterValue</Code><Message>Invalid value 'null' for protocol. VPC security group rules must specify protocols explicitly.</Message></Error></Errors><RequestID>f36e61be-64fe-40fc-bac5-09227f981253</RequestID></Response>
Pip freeze
amqp==1.0.12
anyjson==0.3.3
billiard==2.7.3.31
-e git+https://github.com/MatthewRalston/bioblend.git@126ea70c3ad90ac02406b21d032d1b1d12d3858d#egg=bioblend-master
boto==2.38.0
celery==3.0.21
dj-database-url==0.2.1
Django==1.3
django-bootstrap-toolkit==2.12.0
django-celery==3.0.17
gunicorn==19.3.0
honcho==0.6.6
Jinja2==2.7
kombu==2.5.12
MarkupSafe==0.18
mock==1.0.1
nose==1.3.0
poster==0.8.1
psycopg2==2.4.2
python-dateutil==2.1
python-memcached==1.48
pytz==2013b0
PyYAML==3.10
requests==2.8.1
requests-toolbelt==0.4.0
simplejson==3.3.0
six==1.9.0
South==0.7.3
wheel==0.24.0
At the moment, CloudLaunch assumes one Celery task per deployment, namely to launch the app. To allow other actions on for a deployment, let's allow multiple tasks to be associated with a deployment. This will allow other actions (e.g., update status, restart, shut down, etc.) to be performed more naturally. It will also provide provenance of actions.
Hi, I am launching an AMI I built on CentOS according to an adapted Galaxy-Cloudman playbook. I then built the Galaxy filesystem as well and saved the snapshot to an S3 bucket. I supplied this bucket (which contains galaxyFS-latest.tar.gz) and AMI to a Cloudlaunch instance setup using @afgane 's cloudlaunch-docker repo. When I submit this information, the "monitor" page hangs during the "Requesting" stage. Is there a log where I can monitor why this is hanging?
Private Cloud Launch instance, commit 8d537a8. CloudMan security group (sg-8b3b99f3
) exists (created earlier by https://launch.usegalaxy.org). Relevant entries from tasks.log
:
[2016-04-11 16:46:01,747: DEBUG/MainProcess] Launching cluster 'cm-test' on Amazon - Virginia cloud from image ami-b45e59de on instance type c4.large.
[2016-04-11 16:46:02,018: ERROR/MainProcess] 400 Bad Request
[2016-04-11 16:46:02,018: ERROR/MainProcess] <?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>InvalidPermission.Duplicate</Code><Message>the specified rule "peer: sg-8b3b99f3, TCP, from port: 0, to port: 65535, ALLOW" already exists</Message></Error></Errors><RequestID>0b0a4d57-00f7-46d1-9be2-4da85221a3db</RequestID></Response>
[2016-04-11 16:46:02,019: ERROR/MainProcess] A problem with security group authorization: the specified rule "peer: sg-8b3b99f3, TCP, from port: 0, to port: 65535, ALLOW" already exists (code InvalidPermission.Duplicate; status 400)
Traceback (most recent call last):
File "/srv/cloudlaunch/.cl/local/lib/python2.7/site-packages/bioblend/cloudman/launch.py", line 307, in create_cm_security_group
cmsg.authorize(src_group=cmsg, ip_protocol='tcp', from_port=0, to_port=65535)
File "/srv/cloudlaunch/.cl/local/lib/python2.7/site-packages/boto/ec2/securitygroup.py", line 203, in authorize
dry_run=dry_run)
File "/srv/cloudlaunch/.cl/local/lib/python2.7/site-packages/boto/ec2/connection.py", line 3191, in authorize_security_group
params, verb='POST')
File "/srv/cloudlaunch/.cl/local/lib/python2.7/site-packages/boto/connection.py", line 1227, in get_status
raise self.ResponseError(response.status, response.reason, body)
EC2ResponseError: EC2ResponseError: 400 Bad Request
<?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>InvalidPermission.Duplicate</Code><Message>the specified rule "peer: sg-8b3b99f3, TCP, from port: 0, to port: 65535, ALLOW" already exists</Message></Error></Errors><RequestID>0b0a4d57-00f7-46d1-9be2-4da85221a3db</RequestID></Response>
[2016-04-11 16:46:02,019: INFO/MainProcess] Done configuring 'CloudMan' security group
(this refers to, currently, the dev
branch)
The following endpoint http://127.0.0.1:8000/api/v1/infrastructure/clouds/
will list all clouds registered on the instance, even if a user does not have credentials associated with all the available clouds. Should this be so or should the list be filtered based on the creds a user has registered?
I'm curious as to how I use biocloudcentral to launch my own custom AMIs, and also how I launch those AMIs into a VPC.
Thanks for any help you can lend me.
Does one use the "admin" user created as part of the django install?
I've been through it several times, but cannot seem to successfully login to the admin interface.
I'm tasked with ensuring that the cloud-based Galaxy instance launched from launch.usegalaxy.org passes the same security scans a permanent server would. I'm using the Cluster with Galaxy option. I've dug around quite a lot, but haven't quite managed to figure out the special magic that would resolve the following issues. I hit most of these issues with the 15.x AMI/Galaxy version I think, but details below were uncovered on the 16.x AMI/Galaxy version.
start up in HTTPS mode from the get go (rather than logging into the admin user-interface over HTTP and then toggling ssl mode).
update the Ubuntu instance with the latest security patches. I run "sudo apt-get updates; sudo unattended-upgrades", which seems to be the recommended recipe, and reboot the cluster (via the cloudman/admin link).
it is unfortunate that there is no hook for a script to run earlier than any Galaxy services run which might save the reboot.
Unfortunately, apache2 is upgraded and configured to start at reboot - its links must be removed from /etc/rc*.d to be consistent with the "before" state of the instance.
Unfortunately, nginx is upgraded too, and as best I can make out, the upgraded version of ubuntu nginx does not provide the nginx upload module which is used by Galaxy and this makes it fail at startup. The error is "nginx: [emerg] unknown directive "upload_store" in /etc/nginx/..." in /var/log/cloudman/cm_boot.log.
If I stop ProFTPd, this change gets written to the s3 configuration bucket, no problem. However, after the reboot, the Galaxy service is never started by the supervisor, since it is waiting for ProFTPd to be started (and it never is, because it was stopped).
Where/how can I manipulate the ports opened by the security group? What is on the other end of each of these ports - there seems like a lot? I'd like to shut down everything other than HTTPS and SSH (at least to the outside world).
ssh access is permitted with either the password /or/ the key-pair - can I turn off password only access and require the key-pair?
(Not strictly a security issue, but observed when rebooting...) a new galaxyIndices volume gets created with each reboot.
Thanks,
-- n
Commit afbae38 running at http://cloudman.aws.stemcellcommons.org/launch.
Enter access and secret keys, choose a saved cluster then fetch the key pairs.
The key pair drop down is disabled and filled with some Javascript code.
Browser console:
jquery-2.0.2.min.js:6 POST http://cloudman.aws.stemcellcommons.org/get-key-pairs 500 (INTERNAL SERVER ERROR)
/srv/cloudlaunch/cloudlaunch/access.log:
127.0.0.1 - - [30/Aug/2016:18:24:45 -0400] "POST /get-key-pairs HTTP/1.0" 500 365 "http://cloudman.aws.stemcellcommons.org/launch" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
However, there is nothing in /srv/cloudlaunch/cloudlaunch/error.log or in /var/log/nginx/error.log. Is there a way to see the actual server error (traceback)?
I have setup locally. When I try to use social login to sign up I get Internal server error.
Environment:
Request Method: GET
Request URL: http://localhost:4200/accounts/google/login/
Django Version: 1.11.5
Python Version: 3.5.1
Installed Applications:
['django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sites',
'nested_admin',
'smart_selects',
'corsheaders',
'rest_framework.authtoken',
'rest_auth',
'allauth',
'allauth.account',
'rest_auth.registration',
'allauth.socialaccount',
'allauth.socialaccount.providers.facebook',
'allauth.socialaccount.providers.github',
'allauth.socialaccount.providers.google',
'allauth.socialaccount.providers.twitter',
'baselaunch',
'rest_framework',
'kombu.transport.django',
'djcelery',
'django_countries']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware']
Traceback:
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/django/core/handlers/exception.py" in inner
41. response = get_response(request)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/django/core/handlers/base.py" in _legacy_get_response
249. response = self._get_response(request)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/django/core/handlers/base.py" in _get_response
187. response = self.process_exception_by_middleware(e, request)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/django/core/handlers/base.py" in _get_response
185. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/allauth/socialaccount/providers/oauth2/views.py" in view
73. return self.dispatch(request, *args, **kwargs)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/allauth/socialaccount/providers/oauth2/views.py" in dispatch
96. app = provider.get_app(self.request)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/allauth/socialaccount/providers/base.py" in get_app
52. return SocialApp.objects.get_current(self.id, request)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/allauth/socialaccount/models.py" in get_current
40. provider=provider)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/django/db/models/manager.py" in manager_method
85. return getattr(self.get_queryset(), name)(*args, **kwargs)
File "/Users/shakeel/Bioinformatics/biocentral/venv/lib/python3.5/site-packages/django/db/models/query.py" in get
380. self.model._meta.object_name
Exception Type: DoesNotExist at /accounts/google/login/
Exception Value: SocialApp matching query does not exist.
What's missing for me?
following the instructions for a dedicated server build, everything appears to have gone successfully, but I'm now at ten minutes of waiting for service bcc to start...
/var/log/bcc_server.log contains this:
2013-10-30 14:26:28 [23861] [INFO] Listening at: http://127.0.0.1:8000 (23861)
2013-10-30 14:26:28 [23861] [INFO] Using worker: sync
2013-10-30 14:26:28 [23871] [INFO] Booting worker with pid: 23871
2013-10-30 14:26:28 [23872] [INFO] Booting worker with pid: 23872
2013-10-30 14:26:28 [23873] [INFO] Booting worker with pid: 23873
would be great to have a text box for this.
With manipulating the HTML code and POST request, it works so far.
Hello, I've been working towards having this operate on my private Openstack cloud. I have Cloudlaunch running on my local machine, just wondering how I can configure it to spawn a Cloudman instance on my dev cluster instead of Amazon?
Follow up to #37
I get
Cloud connection problem:
A problem starting your instance. Check the Amazon cloud's console: Problem launching an instance: EC2ResponseError: 400 Bad Request Unsupported
The requested Availability Zone is currently constrained and we are no longer accepting new customer requests for t1/m1/c1/m2/m3 instance types. Please retry your request by not specifying an Availability Zone or choosing us-east-1c, us-east-1b, us-east-1a.899c81cf-cfdb-4b00-9cd8-a2e5bc06e545
Since the backend infrastructure is already available, it would be nice to see a frontend that can allow browsing through multiple cloud providers, and carrying out common tasks on them, such as launching instances, deleting them, rebooting etc.
The functionality would be similar to the AWS Console or OpenStack Dashboard, except that it would have multi-cloud support.
A sort of "Cloud Commander".
There are several parts to cloudlaunch that can be split into separate, installable Django modules. In addition, the current module organisation is not that great.
For example, the entire API for browsing and interacting with cloudbridge-based cloud resources, could possible be a separately installable module. That separate module alone would be useful to implement: #92
In addition, we could also have a separate module for the public appliances/map data component.
Finally, the rest of cloudlaunch could integrate these two modules and add the extra functionality for launching appliances.
Tasks
The following bioblend changeset by @nuwang added a validate_certs argument when connecting to EC2.
A problem is this was introduced with boto somewhere between versions 2.5 and 2.6. Since biocloudcentral explicitly targets boto 2.3 (in requirements.txt), biocloudcentral seems broken out of the box.
I guess biocloudcentral should target a newer version of boto. I can try to update this, but I thought I would give someone else the opportunity if there was some specific tests that should be run.
The above changeset is problematic though also, right? Those checks should happen in most cases. I understand that for some private clouds this is going to be problematic, but the deactivation of this should be optional. Additionally along those lines, perhaps bioblend should set a minimum required version of boto with its own dependency so problems like this are less likely to occur in downstream projects (this is possible right?).
Thanks all.
Clicking on the Cloud dropdown results in opening of https://github.com/galaxyproject/cloudman/blob/master/CHANGELOG.md in a new window and clicking on the Access key input box results in opening of https://aws-portal.amazon.com/gp/aws/developer/account/index.html?action=access-key in a new window.
All cloudbridge names need to be validated against the above, once the following issue is addressed:
CloudVE/cloudbridge#55
The process of launching Galaxy cloud instances has gone through several iterations over the past few years, starting with the manual process via the cloud’s web dashboard to the current CloudLaunch web app. This evolution was largely driven by the goal of making the launch process easier and quicker. Going forward, we have several improvements in mind that are summarized here in hope they get assessed and evaluated by a larger community with possibly new improvements suggested.
Anyone, please feel free to comment on this topic but explicitly pinging @bgruening @nuwang @dannon @wookoouk.
Attempting to fetch the available zone list (after filling out the required fields) results in error message "tuple index out of range".
after hitting "Process" in the very last step from within Galaxy pipelines, it simply returns in the main Galaxy and doesn't show any running jobs there. Running qstat after having logged in does not show anything either.
Where could I pull more data from to help you debug it ?
Running commit afbae38 in a private Cloud Launch instance. Starting a cluster with a c4.large master and EBS-optimized setting enabled under advanced options. However, ec2 describe-instances
reports "EbsOptimized": false
for that instance. There are no errors in the tasks.log
except for the one described in #56.
This is what I see as user data to my instance, I am not sure if this is a problem or not. Is the "!!python.." in front of each supposed to be there ?
access_key: !!python/unicode 'AKIAJLBRCY******'
bucket_default: !!python/unicode 'cm-04768f56d19d9ed91ac5e236b669f5ce/shared/2013-08-09--20-48'
cloud_name: !!python/unicode 'Amazon'
cluster_name: !!python/unicode 'papercluster6'
freenxpass: !!python/unicode 'ubuntu'
password: !!python/unicode 'ubuntu'
secret_key: !!python/unicode 'i2By73KBXjot2eJP******'
share_string: !!python/unicode 'cm-04768f56d19d9ed91ac5e236b669f5ce/shared/2013-08-09--20-48'
cloud_type: !!python/unicode 'ec2'
ec2_conn_path: !!python/unicode '/'
ec2_port: null
is_secure: true
region_endpoint: !!python/unicode 'ec2.amazonaws.com'
region_name: !!python/unicode 'us-east-1'
s3_conn_path: !!python/unicode '/'
s3_host: !!python/unicode 's3.amazonaws.com'
s3_port: null
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.