Arvados Docs
  1. Overview
    1. Installation options
  2. Docker quick start
    1. Arvados-in-a-box
  3. Arvados Installer
    1. Single host Arvados
    2. Multi-Host Arvados
  4. Manual installation
    1. Planning and prerequisites
    2. Arvados package repositories
  5. Configuration
    1. Configuration files
    2. InternalURLs and ExternalURL
    3. Configuration reference
  6. Maintenance and upgrading
    1. Arvados upgrade notes
    2. Maintenance and upgrading
  7. Core
    1. Install API server and Controller
    2. Cluster diagnostics tool
  8. Keep
    1. Install Keepstore servers
    2. Configure filesystem storage
    3. Configure S3 object storage
    4. Configure Azure Blob storage
    5. Install Keepproxy server
    6. Install Keep-web server
    7. Install Keep-balance
  9. User interface
    1. Set up web based login
    2. Install the websocket server
    3. Install Workbench 2
    4. Customizing Workbench
  10. Additional services
    1. Set up a shell node
    2. Configure webshell
    3. Install the Git server
  11. Containers API (cloud)
    1. Build a cloud compute node image
    2. Install the cloud dispatcher
  12. Compute nodes (Slurm or LSF)
    1. Set up a compute node with Docker
    2. Set up a compute node with Singularity
  13. Containers API (Slurm)
    1. Install the Slurm dispatcher
    2. Configure Slurm
    3. Test Slurm dispatch
  14. Containers API (LSF)
    1. Install the LSF dispatcher
  15. Additional configuration
    1. Configure container shell access
  16. External dependencies
    1. Install PostgreSQL 9.4+
    2. Install Ruby and Bundler
    3. Install Nginx
    4. Set up Docker

Install the LSF dispatcher

Note:

arvados-dispatch-lsf is only relevant for on premises clusters that will spool jobs to LSF. Skip this section if you use Slurm or if you are installing a cloud cluster.

Overview

Containers can be dispatched to an LSF cluster. The dispatcher sends work to the cluster using LSF’s bsub command, so it works in a variety of LSF configurations.

In order to run containers, you must choose a user that has permission to set up FUSE mounts and run Singularity/Docker containers on each compute node. This install guide refers to this user as the crunch user. We recommend you create this user on each compute node with the same UID and GID, and add it to the fuse and docker system groups to grant it the necessary permissions. However, you can run the dispatcher under any account with sufficient permissions across the cluster.

Set up all of your compute nodes with Docker or Singularity.

Current limitations:

  • Arvados container priority is not propagated to LSF job priority. This can cause inefficient use of compute resources, and even deadlock if there are fewer compute nodes than concurrent Arvados workflows.
  • Combining LSF with docker may not work, depending on LSF configuration and user/group IDs (if LSF only sets up the configured user’s primary group ID when executing the crunch-run process on a compute node, it may not have permission to connect to the docker daemon).

Update config.yml

Arvados-dispatch-lsf reads the common configuration file at /etc/arvados/config.yml.

Add a DispatchLSF entry to the Services section, using the hostname where arvados-dispatch-lsf will run, and an available port:

    Services:
      DispatchLSF:
        InternalURLs:
          "http://hostname.zzzzz.arvadosapi.com:9007": {}

Review the following configuration parameters and adjust as needed.

API.MaxGatewayTunnels

Each Arvados container that runs on your HPC cluster will bring up a long-lived connection to the Arvados controller and keep it open for the entire duration of the container. This connection is used to access real-time container logs from Workbench, and to enable the container shell feature.

Set the MaxGatewayTunnels config entry high enough to accommodate the maximum number of containers you expect to run concurrently on your HPC cluster, plus incoming container shell sessions.

    API:
      MaxGatewayTunnels: 2000

Also, configure Nginx (and any other HTTP proxies or load balancers running between the HPC and Arvados controller) to allow the expected number of connections, i.e., MaxConcurrentRequests + MaxQueuedRequests + MaxGatewayTunnels.

Containers.LSF.BsubSudoUser

arvados-dispatch-lsf uses sudo to execute bsub, for example sudo -E -u crunch bsub [...]. This means the crunch account must exist on the hosts where LSF jobs run (“execution hosts”), as well as on the host where you are installing the Arvados LSF dispatcher (the “submission host”). To use a user account other than crunch, configure BsubSudoUser:

    Containers:
      LSF:
        BsubSudoUser: lsfuser

Alternatively, you can arrange for the arvados-dispatch-lsf process to run as an unprivileged user that has a corresponding account on all compute nodes, and disable the use of sudo by specifying an empty string:

    Containers:
      LSF:
        # Don't use sudo
        BsubSudoUser: ""

Containers.LSF.BsubArgumentsList

When arvados-dispatch-lsf invokes bsub, you can add arguments to the command by specifying BsubArgumentsList. You can use this to send the jobs to specific cluster partitions or add resource requests. Set BsubArgumentsList to an array of strings.

Template variables starting with % will be substituted as follows:

%U uuid
%C number of VCPUs
%M memory in MB
%T tmp in MB
%G number of GPU devices (runtime_constraints.cuda.device_count)
%W maximum job run time in minutes, suitable for use with -W or -We flags (see MaxRunTimeOverhead MaxRunTimeDefault below)

Use %% to express a literal %. The %%J in the default will be changed to %J, which is interpreted by bsub itself.

For example:

    Containers:
      LSF:
        BsubArgumentsList: ["-o", "/tmp/crunch-run.%%J.out", "-e", "/tmp/crunch-run.%%J.err", "-J", "%U", "-n", "%C", "-D", "%MMB", "-R", "rusage[mem=%MMB:tmp=%TMB] span[hosts=1]", "-R", "select[mem>=%MMB]", "-R", "select[tmp>=%TMB]", "-R", "select[ncpus>=%C]", "-We", "%W"]

Note that the default value for BsubArgumentsList uses the -o and -e arguments to write stdout/stderr data to files in /tmp on the compute nodes, which is helpful for troubleshooting installation/configuration problems. Ensure you have something in place to delete old files from /tmp, or adjust these arguments accordingly.

Containers.LSF.BsubCUDAArguments

If the container requests access to GPUs (runtime_constraints.cuda.device_count of the container request is greater than zero), the command line arguments in BsubCUDAArguments will be added to the command line after BsubArgumentsList. This should consist of the additional bsub flags your site requires to schedule the job on a node with GPU support. Set BsubCUDAArguments to an array of strings. For example:

    Containers:
      LSF:
        BsubCUDAArguments: ["-gpu", "num=%G"]

Containers.LSF.MaxRunTimeOverhead

Extra time to add to each container’s scheduling_parameters.max_run_time value when substituting for %W in BsubArgumentsList, to account for time spent setting up the container image, copying output files, etc.

Containers.LSF.MaxRunTimeDefault

Default max_run_time value to use for containers that do not specify one in scheduling_parameters.max_run_time. If this is zero, and BsubArgumentsList contains "-W", "%W" or "-We", "%W", those arguments will be dropped when submitting containers that do not specify scheduling_parameters.max_run_time.

Containers.PollInterval

arvados-dispatch-lsf polls the API server periodically for new containers to run. The PollInterval option controls how often this poll happens. Set this to a string of numbers suffixed with one of the time units s, m, or h. For example:

    Containers:
      PollInterval: 10s

Containers.ReserveExtraRAM: Extra RAM for jobs

Extra RAM to reserve (in bytes) on each LSF job submitted by Arvados, which is added to the amount specified in the container’s runtime_constraints. If not provided, the default value is zero.

Supports suffixes KB, KiB, MB, MiB, GB, GiB, TB, TiB, PB, PiB, EB, EiB (where KB is 103, KiB is 210, MB is 106, MiB is 220 and so forth).

    Containers:
      ReserveExtraRAM: 256MiB

Containers.CrunchRunArgumentList: Using host networking for containers

Older Linux kernels (prior to 3.18) have bugs in network namespace handling which can lead to compute node lockups. This by is indicated by blocked kernel tasks in “Workqueue: netns cleanup_net”. If you are experiencing this problem, as a workaround you can disable use of network namespaces by Docker across the cluster. Be aware this reduces container isolation, which may be a security risk.

    Containers:
      CrunchRunArgumentsList:
        - "-container-enable-networking=always"
        - "-container-network-mode=host"

InstanceTypes: Avoid submitting jobs with unsatisfiable resource constraints

LSF does not provide feedback when a submitted job’s RAM, CPU, or disk space constraints cannot be satisfied by any node: the job will wait in the queue indefinitely with “pending” status, reported by Arvados as “queued”.

As a workaround, you can configure InstanceTypes with your LSF cluster’s compute node sizes. Arvados will use these sizes to determine when a container is impossible to run, and cancel it instead of submitting an LSF job.

Apart from detecting non-runnable containers, the configured instance types will not have any effect on scheduling.

    InstanceTypes:
      most-ram:
        VCPUs: 8
        RAM: 640GiB
        IncludedScratch: 640GB
      most-cpus:
        VCPUs: 32
        RAM: 256GiB
        IncludedScratch: 640GB
      gpu:
        VCPUs: 8
        RAM: 256GiB
        IncludedScratch: 640GB
        CUDA:
          DriverVersion: "11.4"
          HardwareCapability: "7.5"
          DeviceCount: 1

Install arvados-dispatch-lsf

Alma/CentOS/Red Hat/Rocky

# dnf install arvados-dispatch-lsf

Debian and Ubuntu

# apt-get install arvados-dispatch-lsf

Start the service

# systemctl enable --now arvados-dispatch-lsf
# systemctl status arvados-dispatch-lsf
[...]

If systemctl status indicates it is not running, use journalctl to check logs for errors:

# journalctl -n12 --unit arvados-dispatch-lsf

Restart the API server and controller

Make sure the cluster config file is up to date on the API server host then restart the API server and controller processes to ensure the configuration changes are visible to the whole cluster.

# systemctl restart nginx arvados-controller
# arvados-server check

Confirm working installation

On the dispatch node, start monitoring the arvados-dispatch-lsf logs:

# journalctl -o cat -fu arvados-dispatch-lsf.service

In another terminal window, use the diagnostics tool to run a simple container.

# arvados-client sudo diagnostics
INFO       5: running health check (same as `arvados-server check`)
INFO      10: getting discovery document from https://zzzzz.arvadosapi.com/discovery/v1/apis/arvados/v1/rest
...
INFO     160: running a container
INFO      ... container request submitted, waiting up to 10m for container to run

After performing a number of other quick tests, this will submit a new container request and wait for it to finish.

While the diagnostics tool is waiting, the arvados-dispatch-lsf logs will show details about submitting an LSF job to run the container.

Previous: Test Slurm dispatch Next: Configure container shell access

The content of this documentation is licensed under the Creative Commons Attribution-Share Alike 3.0 United States licence.
Code samples in this documentation are licensed under the Apache License, Version 2.0.