wiki:windowsContainers

Version 8 (modified by Geoff Lawler, 9 years ago) (diff)

--

This is a page that explains how to use Chef to bring up Windows on DETER.


  • checkout (or pull) the containers source tree
  • switch to the configdb branch
  • swap in an experiment with physical nodes loaded with the PNODE-BASE image. (see Deter,two-pnode for a sample).
  • ssh to a pnode
  • cd [path to containers]/bin
  • edit the file /tmp/nodes.conf, which describes the nodes you want to spawn. The file format is below.
  • run ./chef_configure.sh
  • run ./spawn_windows.sh and wait a long time (like 5 minutes per container).

nodes.conf format and description:

nodes:
      - name: nodeOne
        image_name: deter/win7
        url: http://scratch/benito/deter_win7.box
        data_address: 10.1.1.100
        data_bridge: eth4

      - name: nodeTwo
        image_name: deter/win7
        url: http://scratch/benito/deter_win7.box
        data_address: 10.1.1.101
        data_bridge: eth4

...

nodes.conf description:

  • name: the hostname of the new node
  • image_name: the Vagrant name - this should be unique per image (*not* host, image)
  • url: the URL to the container image
  • data_address: the ip address of the container. Should really be in same subnet as host
  • data_bridge - the interface to bridge the data address to from the container to the host.
  • control_addr - [optional and experimental] the ip address for the container on the control network (172.16.x.x)
  • control_bridge - [optional and experimental] - the host interface to bridge to the container's control address.

If you add an address you must add a bridge.


The Windows image has cygwin installed and a "vagrant" account installed (password="vagrant"). Chef adds the node name and address to /etc/hosts on the pnode, so you can ssh vagrant@[nodename] and give password "vagrant" to connect. Assuming the node configuration worked, there will be DETER user accounts as well, password = "password", so ssh [your user id]@[node name] should work. You can also RDP to the nodes, starting at port 3389. Add one to the port for the next node in the list. i.e. nodeTwo above is listening on port 3390. To RDP to the node, tunnel through users, connecting to the pnode and forward the port, like so: ssh -L3390:cpc25:3390 users.deterlab.net then fire up your favorite RDP viewer. Use the vagrant account or your own to connect.

The Windows nodes will spawn and Chef will configure them. Currently Vagrant uses VirtualBox? shared folders to mount user directories from the pnode host. Chef creates the accounts on the machines correctly but they do not show up until the Windows containers are rebooted. If you need to reboot them sudo to root (sudo su -), cd to /space/vagrant and run vagrant reload. This will cleanly shutdown the machines and bring them up again. This takes forever. There is support for parallel operations in vagrant, but not for booting Virtualboxes though. Which is a pain. This reboot is currently done as part of the bootstrap though, so if everything works you should not need to reboot the containers. (The reboot hook lives in the bootstrap_containers recipe in cookbooks/win-node/recipe/bootstrap_containers.rb in the chef-repo.) If we solve the accounts-need-reboot problem, we can remove the reload from this recipe saving a good ten minutes of container-boot time.


There are millions of other little details and one of them will probably go pear-shaped when you attempt to run this. Email/talk/chat/IM/IRC/semaphore Geoff when you hit a snag. I"m at glawler@…, 917-470-8054 (cell), and am usually in #deter on irc.deterlab.net. Say "glawler" in channel to get my attention.