Subnet reservation: Difference between revisions

From Grid5000
Jump to navigation Jump to search
 
(57 intermediate revisions by 10 users not shown)
Line 2: Line 2:
{{Maintainer|Ghislain Charrier}}
{{Maintainer|Ghislain Charrier}}
{{Status|Draft}}
{{Status|Draft}}
 
{{Portal|User}}


__TOC__
__TOC__
Line 9: Line 9:
= Problem statement =
= Problem statement =


Users deploying VMs on Grid'5000 need to attribute IP addresses to them. Usually, what is done is that users take IPs from "free to use" IPs as described in [https://www.grid5000.fr/mediawiki/index.php/Virtual_network_interlink Virtual Network Interlink]. When several users use this technique, they may both provide the same IPs to their machines, thus creating a conflict.
Users deploying VMs on Grid'5000 need to attribute IP addresses to them. Usually, what is done is that users take IPs from "free to use" IPs as described in [[Grid5000:Network]]. When several users use this technique, they may both provide the same IPs to their machines, thus creating a conflict.


To overcome this issue, OAR can reserve subnets, enabling scheduling and sharing among users.
To overcome this issue, OAR can reserve subnets, enabling scheduling and sharing among users.


= Available subnets =
{{Warning|text=Using the subnet reservation in OAR, you will '''NOT''' get subnet isolation. For this purpose, you must use [[KaVLAN]]. The subnets obtained here just correspond to an IP range you can use.<br/>Gateways, broadcast and netmask are the same for all subnets and correspond to the /14 of each site. Therefore, the netmask will always be 255.252.0.0, and the broadcast and gateway will always correspond to the values given [[Grid5000:Network | here]]
}}
 
= Available IP ranges =


Each site of Grid'5000 is allocated a /14 ip block giving thus a total of 262142 different IPs. Therefore, the maximum range of IPs has to be in this /14 subnet.
Each site of Grid'5000 is allocated a /14 ip block giving thus a total of 262142 different IPs. Therefore, the maximum range of IPs has to be in this /14 subnet.


The /14 address block available on each site is divided in four /16 blocks as described [https://www.grid5000.fr/mediawiki/index.php/Virtual_network_interlink here]. The last two /16 blocks are used for IP reservation through OAR. Because they are contiguous, we can see them as a single /15 block where the last 2 IPs are reserved for Grid'5000 infrastructure. Therefore, the reservable range of IPs is composed of a total of 131070 - 2 = 131068 IPs.
The /14 address block available on each site is divided in four /16 blocks as described [[Grid5000:Network|here]]. The first three /16 are used for IP reservation through OAR.


Concerning the smallest subnet size, it is a /22, which is equivalent to 1022 hosts per subnet. We do not allow smaller subnets to avoid a scheduling overhead in OAR.
Concerning the smallest subnet size, it is a /22, which is equivalent to 1022 hosts per subnet. We do not allow smaller subnets to avoid a scheduling overhead in OAR.
The /15 block contains 128 reservable /22 subnets.
Therefore, there are 192 reservable /22 subnets.


= Requesting subnets =
= Requesting subnets =
== Using the Grid'5000 API ==
For an understandable use of the Grid'5000 API, see the [[API]] page and the [[API#Tutorials_.2F_Practicals|practicals]]
=== Authentication ===
This example using the Grid'5000 API uses the  [http://github.com/crohr/restfully Restfully], a wrapper of REST requests.
If you operate from outside Grid'5000, you need to use your login and password to be able to connect to the API.
<pre class="brush: bash; auto-links: false">
  echo "grid5000:
    username: your-grid5000-login
    password: your-grid5000-password" >> ~/.restclient && chmod 600 ~/.restclient
</pre>
If you operate from within Grid'5000, the authentication is currently automatically handled for you (since you already had to connect to the frontend via SSH).
=== Code example ===
The following code will reserve one /22 subnet and one node.
<pre class="brush: ruby; auto-links: false">
#!/usr/bin/env ruby
require 'rubygems'
require 'restfully' # gem install restfully
require 'yaml'
config = YAML.load_file(File.expand_path("~/.restclient"))['grid5000']
config[:base_uri] = "https://api.grid5000.fr/sid/sites/rennes/jobs.json"
Restfully::Session.new(config) do |jobs, session|
  jobs.submit({:resources => "slash_22=1+nodes=1,walltime=00:30:00", :command => "sleep 500"})
end
</pre>
== From the frontend of a site ==


Subnet reservation through OAR is similar to normal resource reservation.
Subnet reservation through OAR is similar to normal resource reservation.


To reserve 4 /21 subnets and 2 nodes, just type:
To reserve 4 /22 subnets and 2 nodes, just type:
{{Term|location=frontend|cmd=<code class="command">oarsub</code> -l {"type='subnet'"}/slash_21=4+/nodes=2 -I}}
{{Term|location=frontend|cmd=<code class="command">oarsub -l slash_22=4+nodes=2 -I</code>}}
 
You can of-course have more complex request. To obtain 4 /22 on different /19 subnets, you can type:
{{Term|location=frontend|cmd=<code class="command">oarsub -l slash_19=4/slash_22=1+nodes=2/core=1 -I</code>}}
 
= Working with your subnets =
 
Once you have subnets reserved, you can work with them using the g5k-subnet gem.
 
== Using the Grid'5000 API ==
=== Authentication ===
 
See [[Subnet_reservation#Authentication | Authentication]]
 
=== Getting the g5k-subnet gem ===
 
The gemfile is located on a server in Grid'5000 that is not accessible from outside. The simplest way to install the gem is described in the following.
 
Then, clone it on your local machine:
{{Term|location=localhost|cmd=<code class="command">git clone https://gitlab.inria.fr/grid5000/g5k-subnets</code>}}


You can of-course have more complex request. To obtain 4 /21 on different /20 subnets, you can type:
Finally, install it:
{{Term|location=frontend|cmd=<code class="command">oarsub</code> -l {"type='subnet'"}/slash_20=4/slash_21=1+/nodes=2/core=1 -I}}
{{Term|location=localhost|cmd=<code class="command">rake build</code>}}
{{Term|location=localhost|cmd=<code class="command">gem install g5k-subnets</code>}}


= Getting your networks =
=== Code example ===
See the [[API|API documentation]] to learn to use the API.
The following code will get the subnets of the job 123456789 of Rennes site. Using the Subnet class, we compress the subnets returned by the API (only /21 are returned in the API). You can see different printing options in the cfg definition.
 
<pre class="brush: ruby; auto-links: false">
#!/usr/bin/env ruby
 
require 'rubygems'
require 'restfully' # gem install restfully
require 'yaml'
require 'g5k-subnets'
 
config = YAML.load_file(File.expand_path("~/.restclient"))['grid5000']
config[:base_uri] = "https://api.grid5000.fr/sid/sites/rennes/jobs/123456789.json"
 
subnets = nil
Restfully::Session.new(config) do |job, session|
  subnets = job['resources_by_type']['subnets']
end
 
s = Grid5000::Subnets.new(subnets, {:broadcast => false, :netmask => false, :prefix => true, :ips => false, :summarize => true, :gateway => false})
s.print
</pre>
 
If the job requested 3 /21 subnets, running this sample code may print:
 
<pre class="brush: bash;">
#get_g5k_subnets_api.rb
10.8.0.0/20
10.8.32.0/21
</pre>


== From inside Grid'5000 ==
== From inside Grid'5000 ==


The simplest way to get the list of your allocated subnets is to use the <code class="command">get_subnets</code> script provided on the head node of the submission. OAR provides a property file ($OAR_RESOURCE_PROPERTIES_FILE) where the resources are described. By default, the script uses this file if no other is specified with the -f option.
The simplest way to get the list of your allocated subnets is to use the <code class="command">g5k-subnets</code> script provided on the head node of the submission. OAR provides a property file ($OAR_RESOURCE_PROPERTIES_FILE) where the resources are described. By default, the script uses this file if no other is specified with the <code>-f</code> option.


<pre class="brush: bash">
<pre class="brush: bash">
# get_subnets
# g5k-subnets
10.8.0.0
10.8.0.0
10.8.8.0
10.8.8.0
</pre>
</pre>


The "-p" options prints the CIDR format
The <code>-p</code> option prints the CIDR format


<pre class="brush: bash">
<pre class="brush: bash">
# get_subnets -p
# g5k-subnets -p
10.8.0.0/21
10.8.0.0/21
10.8.8.0/21
10.8.8.0/21
</pre>
</pre>


Different other printing options are available (-b to display broadcast address, -n to see the netmask, and -a is equivalent to -bnp):
Different other printing options are available (<code>-b</code> to display broadcast address, <code>-n</code> to see the netmask, and <code>-a</code> is equivalent to <code>-bnp</code>):
<pre class="brush: bash">
<pre class="brush: bash">
# get_subnets -a
# g5k-subnets -a
10.8.0.0/21 10.8.7.255 255.255.248.0
10.8.0.0/21 10.11.255.255 255.255.252.0 10.11.255.254
10.8.8.0/21 10.8.15.255 255.255.248.0
10.8.8.0/21 10.11.255.255 255.255.252.0 10.11.255.254
</pre>
</pre>


You can also compress the subnets into a larger one if they are contiguous:
You can also summarize the subnets into a larger one if they are contiguous:
<pre class="brush: bash">
<pre class="brush: bash">
# get_subnets -cp
# g5k-subnets -sp
10.8.0.0/22
10.8.0.0/20
</pre>
</pre>


However, when not contiguous, the networks are not merged.
However, when not contiguous, the networks are not merged.
<pre class="brush: bash">
<pre class="brush: bash">
# get_subnets -p
# g5k-subnets -p
10.8.0.0/21
10.8.0.0/21
10.8.16.0/21
10.8.16.0/21
# get_subnets -pc
# g5k-subnets -ps
10.8.0.0/21
10.8.0.0/21
10.8.16.0/21
10.8.16.0/21
</pre>
</pre>


Another option available is to get the subnets of any job (running or terminated) using the -j option. This can only be used from a computer where <code class="command">oarstat</code> is usable. Because it uses <code class="command">oarstat</code> that will query the OAR database, it is slower than just reading a property file
Another option available is to get the subnets of any job (running or terminated) using the <code>-j</code> option. This can only be used from a computer where <code class="command">oarstat</code> is usable. Because it uses <code class="command">oarstat</code> that will query the OAR database, it is slower than just reading a property file


<pre class="brush: bash">
<pre class="brush: bash">
# get_subnets -j 123456 -p
# g5k-subnets -j 123456 -p
10.8.0.0/21
10.8.0.0/21
10.8.16.0/21
10.8.16.0/21
</pre>
</pre>


== Using the Grid'5000 API ==
= Subnets and properties =
 
{{Warning|text=If you need to use properties on nodes, you can '''not''' use the usual "-p" as demonstrated in the following example:
<pre class="brush: bash;">
$ oarsub -I -l slash_22=1+nodes=2  -p "cluster = 'parapluie'"
# Set default walltime to 3600.
There are not enough resources for your request
OAR_JOB_ID=-5
# Error: oarsub failed, please verify your request syntax.
</pre>
The "-p" property is expressed on '''all''' resources asked, and subnets don't have a "cluster" property set to "parapluie".
}}
 
To reach this objective, you must put the property just in from on the type of resource:
<pre class="brush: bash;">
$ oarsub -I -l slash_22=1+{"cluster='parapluie'"}nodes=2
# Set default walltime to 3600.
OAR_JOB_ID=377169
# Interactive mode: waiting...
# Starting...
</pre>
 
= Advanced usage =
 
== Using Grid'5000 gateways ==


This example using the Grid'5000 API uses the  [http://github.com/crohr/restfully Restfully], a wrapper of REST requests.
Gateways addresses of each site are given [[Grid5000:Network | here]].


If you operate from outside Grid'5000, you need to use your login and password to be able to connect to the API.
You can also get the gateways addresses using the subnet class:
<pre class="brush: ruby;">
require 'g5k-subnets'
s = Grid5000::Subnets.new(['10.8.0.0/21'], {:gateway => true})
puts s.gateway # will print 10.11.255.254
</pre>


<pre class="brush: bash; auto-links: false">
You can get the gateway with the command too:
  echo "grid5000:
<pre class="brush: bash">
    username: your-grid5000-login
# g5k-subnets  -gN
    password: your-grid5000-password" >> ~/.restclient && chmod 600 ~/.restclient
10.159.255.254
</pre>
</pre>


If you operate from within Grid'5000, the authentication is currently automatically handled for you (since you already had to connect to the frontend via SSH).


TODO: coder un exemple
== Obtaining a unique mac address ==
 
If you deploy VMs and have reserved subnets, you can obtain unique mac addresses corresponding to the IP.
 
{{Note|text=The DHCP servers respects the mac - ip association as given by g5k-subnets, and will allocate IPs in accordance with the mac addresses.}}
 
You can display a corresponding mac address with g5k-subnets:
<pre class="brush: bash">
# g5k-subnets -im
10.158.16.1    00:16:3E:9E:10:01
....
</pre>
 
g5k-subnet also provide 2 additional binaries : g5k-ip2mac and g5k-mac2ip:
<pre class="brush: bash">
# g5k-ip2mac 10.158.16.1
00:16:3E:9E:10:01
</pre>

Latest revision as of 15:32, 10 January 2022



Problem statement

Users deploying VMs on Grid'5000 need to attribute IP addresses to them. Usually, what is done is that users take IPs from "free to use" IPs as described in Grid5000:Network. When several users use this technique, they may both provide the same IPs to their machines, thus creating a conflict.

To overcome this issue, OAR can reserve subnets, enabling scheduling and sharing among users.

Warning.png Warning

Using the subnet reservation in OAR, you will NOT get subnet isolation. For this purpose, you must use KaVLAN. The subnets obtained here just correspond to an IP range you can use.
Gateways, broadcast and netmask are the same for all subnets and correspond to the /14 of each site. Therefore, the netmask will always be 255.252.0.0, and the broadcast and gateway will always correspond to the values given here

Available IP ranges

Each site of Grid'5000 is allocated a /14 ip block giving thus a total of 262142 different IPs. Therefore, the maximum range of IPs has to be in this /14 subnet.

The /14 address block available on each site is divided in four /16 blocks as described here. The first three /16 are used for IP reservation through OAR.

Concerning the smallest subnet size, it is a /22, which is equivalent to 1022 hosts per subnet. We do not allow smaller subnets to avoid a scheduling overhead in OAR. Therefore, there are 192 reservable /22 subnets.

Requesting subnets

Using the Grid'5000 API

For an understandable use of the Grid'5000 API, see the API page and the practicals

Authentication

This example using the Grid'5000 API uses the Restfully, a wrapper of REST requests.

If you operate from outside Grid'5000, you need to use your login and password to be able to connect to the API.

  echo "grid5000:
    username: your-grid5000-login
    password: your-grid5000-password" >> ~/.restclient && chmod 600 ~/.restclient

If you operate from within Grid'5000, the authentication is currently automatically handled for you (since you already had to connect to the frontend via SSH).

Code example

The following code will reserve one /22 subnet and one node.

#!/usr/bin/env ruby
require 'rubygems'
require 'restfully' # gem install restfully
require 'yaml'

config = YAML.load_file(File.expand_path("~/.restclient"))['grid5000']
config[:base_uri] = "https://api.grid5000.fr/sid/sites/rennes/jobs.json"

Restfully::Session.new(config) do |jobs, session|
  jobs.submit({:resources => "slash_22=1+nodes=1,walltime=00:30:00", :command => "sleep 500"})
end

From the frontend of a site

Subnet reservation through OAR is similar to normal resource reservation.

To reserve 4 /22 subnets and 2 nodes, just type:

Terminal.png frontend:
oarsub -l slash_22=4+nodes=2 -I

You can of-course have more complex request. To obtain 4 /22 on different /19 subnets, you can type:

Terminal.png frontend:
oarsub -l slash_19=4/slash_22=1+nodes=2/core=1 -I

Working with your subnets

Once you have subnets reserved, you can work with them using the g5k-subnet gem.

Using the Grid'5000 API

Authentication

See Authentication

Getting the g5k-subnet gem

The gemfile is located on a server in Grid'5000 that is not accessible from outside. The simplest way to install the gem is described in the following.

Then, clone it on your local machine:

Finally, install it:

Terminal.png localhost:
rake build
Terminal.png localhost:
gem install g5k-subnets

Code example

See the API documentation to learn to use the API. The following code will get the subnets of the job 123456789 of Rennes site. Using the Subnet class, we compress the subnets returned by the API (only /21 are returned in the API). You can see different printing options in the cfg definition.

#!/usr/bin/env ruby

require 'rubygems'
require 'restfully' # gem install restfully
require 'yaml'
require 'g5k-subnets'

config = YAML.load_file(File.expand_path("~/.restclient"))['grid5000']
config[:base_uri] = "https://api.grid5000.fr/sid/sites/rennes/jobs/123456789.json"

subnets = nil
Restfully::Session.new(config) do |job, session|
  subnets = job['resources_by_type']['subnets']
end

s = Grid5000::Subnets.new(subnets, {:broadcast => false, :netmask => false, :prefix => true, :ips => false, :summarize => true, :gateway => false})
s.print

If the job requested 3 /21 subnets, running this sample code may print:

#get_g5k_subnets_api.rb
10.8.0.0/20
10.8.32.0/21

From inside Grid'5000

The simplest way to get the list of your allocated subnets is to use the g5k-subnets script provided on the head node of the submission. OAR provides a property file ($OAR_RESOURCE_PROPERTIES_FILE) where the resources are described. By default, the script uses this file if no other is specified with the -f option.

# g5k-subnets
10.8.0.0
10.8.8.0

The -p option prints the CIDR format

# g5k-subnets -p
10.8.0.0/21
10.8.8.0/21

Different other printing options are available (-b to display broadcast address, -n to see the netmask, and -a is equivalent to -bnp):

# g5k-subnets -a
10.8.0.0/21	10.11.255.255	255.255.252.0	10.11.255.254
10.8.8.0/21	10.11.255.255	255.255.252.0	10.11.255.254

You can also summarize the subnets into a larger one if they are contiguous:

# g5k-subnets -sp
10.8.0.0/20

However, when not contiguous, the networks are not merged.

# g5k-subnets -p
10.8.0.0/21
10.8.16.0/21
# g5k-subnets -ps
10.8.0.0/21
10.8.16.0/21

Another option available is to get the subnets of any job (running or terminated) using the -j option. This can only be used from a computer where oarstat is usable. Because it uses oarstat that will query the OAR database, it is slower than just reading a property file

# g5k-subnets -j 123456 -p
10.8.0.0/21
10.8.16.0/21

Subnets and properties

Warning.png Warning

If you need to use properties on nodes, you can not use the usual "-p" as demonstrated in the following example:

$ oarsub -I -l slash_22=1+nodes=2  -p "cluster = 'parapluie'"
# Set default walltime to 3600.
There are not enough resources for your request
OAR_JOB_ID=-5
# Error: oarsub failed, please verify your request syntax.
The "-p" property is expressed on all resources asked, and subnets don't have a "cluster" property set to "parapluie".

To reach this objective, you must put the property just in from on the type of resource:

$ oarsub -I -l slash_22=1+{"cluster='parapluie'"}nodes=2 
# Set default walltime to 3600.
OAR_JOB_ID=377169
# Interactive mode: waiting...
# Starting...

Advanced usage

Using Grid'5000 gateways

Gateways addresses of each site are given here.

You can also get the gateways addresses using the subnet class:

require 'g5k-subnets'
s = Grid5000::Subnets.new(['10.8.0.0/21'], {:gateway => true})
puts s.gateway # will print 10.11.255.254

You can get the gateway with the command too:

# g5k-subnets  -gN
10.159.255.254


Obtaining a unique mac address

If you deploy VMs and have reserved subnets, you can obtain unique mac addresses corresponding to the IP.

Note.png Note

The DHCP servers respects the mac - ip association as given by g5k-subnets, and will allocate IPs in accordance with the mac addresses.

You can display a corresponding mac address with g5k-subnets:

# g5k-subnets -im
10.158.16.1     00:16:3E:9E:10:01
....

g5k-subnet also provide 2 additional binaries : g5k-ip2mac and g5k-mac2ip:

# g5k-ip2mac 10.158.16.1
00:16:3E:9E:10:01