GPU Kubernetes集群部署Fedora开发开发环境

GPU Kubernetes架构 构建完成后,采用 kind部署 fedora-dev-tini (tini替代systmed) 相同的镜像 Fedora镜像(采用tini替代systemd) 部署一个包含GPU硬件的运行容器,以便进一步实践 Machine Learning Atlas

为了能够实现完整机器学习工作环境(GPU),采用 GPU Kubernetes架构 ,在 为containerd安装NVIDIA Container Toolkit ( 容器运行时(Container Runtimes) 支持GPU )之后,就可以通过 NVIDIA GPU Operator 在Kuternetes Kubernetes集群(z-k8s) 集群上运行支持GPU的容器。

我采用 Fedora镜像(采用tini替代systemd) 来运行一个 Fedora 容器,部署在Kubernetes中(不是必须,但是这样比较符合企业模式)

准备工作

备注

本文实践由于时间紧迫,所以采用 nerdctl加载镜像到Kubernetes (还没来得及完成 Kubernetes部署registry仓库 )

构建 fedora-dev 镜像

备注

我以 Fedora镜像(采用tini替代systemd) 的开发镜像运行容器,让后在容器中 安装Anaconda ,并最终制作出 fedora-dev 镜像推送到 Kubernetes集群(z-k8s)

构建包含开发环境的Dockerfile
# USE DOCKER BUILD
# docker build --rm -t fedora-dev-tini .
# USE DOCKER RUN
# docker run -itd --privileged=true -p 1122:22 --hostname fedora-dev-tini --name fedora-dev-tini fedora-dev-tini

# USE nerdctl (containerd) BUILD
# nerdctl build -t fedora-dev-tini .

# INTERACT RUN
# nerdctl run -it --privileged=true -p 1122:22 --hostname fedora-dev-tini --name fedora-dev-tini fedora-dev-tini:latest

# BACKGROUND RUN
# nerdctl run -d --privileged=true -p 1122:22 --hostname fedora-dev-tini --name fedora-dev-tini fedora-dev-tini:latest

FROM fedora:latest
MAINTAINER vincent huatai <vincent@huatai.me>

ENV container docker

# set china repo: mirros.163.com
RUN cp -R /etc/yum.repos.d /root/yum.repos.d
RUN rm /etc/yum.repos.d/fedora-cisco-openh264.repo
RUN sed -i 's/metalink=/#metalink=/g' /etc/yum.repos.d/*
RUN sed -i 's/#baseurl=/baseurl=/g' /etc/yum.repos.d/*
RUN sed -i 's/download.example\/pub\/fedora\/linux/mirrors.163.com\/fedora/g' /etc/yum.repos.d/*
RUN cp /root/yum.repos.d/fedora-cisco-openh264.repo /etc/yum.repos.d/

RUN dnf clean all
RUN dnf -y update

# Add Tini
ENV TINI_VERSION v0.19.0
# 标准方法是采用ADD方式向镜像添加tini,但是GFW阻碍,改为下载后本地复制
#ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
COPY tini /tini
RUN chmod +x /tini
ENTRYPOINT ["/tini", "--"]

# Copy tini entrypoint script
COPY entrypoint_ssh_cron_bash /entrypoint.sh
RUN chmod +x /entrypoint.sh

# not need systemd(initscripts)
RUN dnf -y install which sudo passwd openssh-clients openssh-server \
    vim iproute net-tools bind-utils bzip2 tmux sysstat nfs-utils lsof \
    procps tree file mlocate rsync cronie cronie-anacron \
    git gdb openssl-devel \
    nodejs 

# add account "admin" and give sudo privilege
RUN groupadd -g 505 admin
RUN useradd -g 505 -u 505 -d /home/admin -m admin
RUN usermod -aG wheel admin
RUN echo "%wheel        ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers

# set TIMEZONE to Shanghai
RUN unlink /etc/localtime && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

# Add ssh public key for login
RUN mkdir -p /home/admin/.ssh
COPY authorized_keys /home/admin/.ssh/authorized_keys
RUN chown -R admin:admin /home/admin/.ssh
RUN chmod 600 /home/admin/.ssh/authorized_keys
RUN chmod 700 /home/admin/.ssh

RUN ssh-keygen -A

# run service when container started - sshd
EXPOSE 22:1122

# Run your program under Tini
# CMD ["/your/program", "-and", "-its", "arguments"]
CMD ["/entrypoint.sh"]
entrypoint_ssh_cron_bash 用于构建镜像中的 /entrypoint.sh
#!/usr/bin/env bash

sshd() {
    /usr/sbin/sshd
}

crond() {
    /usr/sbin/crond
}

main() {
    sshd
    crond
    # 在k8s不能直接bash执行结束,否则判断为pod Crash,需要改写成持续执行循环脚本
    #/bin/bash
    /bin/bash -c "while true; do (echo 'Hello from tini'; date; sleep 120); done"
}

main

下载 Docker tini进程管理器 对应于主机架构(x86或 ARM Atlas )版本,存放为 tini ;将 ssh密钥 公钥文件 authorized_keys 也存放在当前目录

  • 执行镜像构建:

构建 fedora-dev-tini 镜像
docker build --rm -t fedora-dev-tini .

  • 运行容器:

运行 fedora-dev-tini 容器
docker run -itd -p 1122:22 \
        --hostname fedora-dev-tini --name fedora-dev-tini fedora-dev-tini
下载和运行Anaconda Installe
curl --output anaconda.sh https://repo.anaconda.com/archive/Anaconda3-2023.09-Linux-x86_64.sh

#curl --output anaconda.sh https://repo.anaconda.com/archive/Anaconda3-2023.09-0-Linux-aarch64.sh

chmod +x anaconda.sh
bash anaconda.sh