Advanced Configuration

To facilitate the configuration of the resources, and promote reproductibility of the experiments, We have implemented a module that schedule and execute ansible playbooks and bash scripts on the selected resources after the resource provisioning. Also, to improve the automatization we allow researchers to add their own customized cloud-init file for each resource.

Cloud-init

If you want to use your own cloud-init for the resource provisioning, simply copy it to the “Cloud Init” field. This will overwrite the default cloud init that we have implemented. In this scenario, you will no longer be able to run “Boot Scripts” on the resources.

Boot Scripts

To execute a boot script after the resource provisioning, a git reposity url is required. If your repository is not available publicly, the runner needs to be granted access. To do so, you will need to add this public key to your project and give it suffisant right to clone the repository.

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmMvPCoJOhCiHfP73a8k79XS6WUjMdrwwuOvXK3qBm2DDyYu/3W0bU+HkGfSWZeEzwkJkT3yvvgdnlpiKS5lmRLEfyocWSR11KCGB9RJ/72lZdfPd79a32UwKdFWAH+aUdsbDnF533YoNAzrlYoqD9/kb/RZEhQHKbt4ySdkrlLSxW4R3gZr1kd5TiV6ESQSjaG1OtTXC5noGnc+SLe2qaVx1JKCHrTL7+kH6ZASZ7siydw/621l6WFtbR89nhaPs3yKnIOvFW9s7IUfYEc3+PgB6kKU+jtPrNUcCM+d6rVRIsWuuo1LzaEbUyxA8WlFTNWNqRf0MovpINv/tYsa2f

Bash scripts

For bash script, the git repository needs to contain a file named run.sh

in the root directory.

The runner will clone the git repository on the target/remote hosts and execute the run.sh script. In this scenario, no data is stored in the controller.

Ansible playbooks

For ansible playbook, the git repository needs to contain a file named main.yaml in the root directory.

The runner will clone the git repository on the controller node (due to the “push” mechanism of ansible). The data will be removed from the controller after the execution of the playbook.

“main.yaml” should contain only a list of tasks and not a list of plays. This is to prevent users from reconfiguring the remote “hosts” in the plays.

Example of a main.yaml

---

# Example of Post Deployment Script
# This file should contain a list of tasks.
# This file is a not a play. And it should not contain "hosts" configuration.
# "hosts" configuration is managed by the Fitcloud Aggregate Manager

# In this example, it will install the latest version of Grafana on the newly provisioned VM

- name: install packages
  apt:
    state: present
    name:
      - htop

# To Include other tasks defined in other files
# Install grafana with a simple set of tasks
- include_tasks: install_grafana.yaml

# Include role from ansible-galaxy
# Install grafana using the cloudalchemy.grafana role
#- include_role: cloudalchemy.grafana

To prevent malicious scripts from running on the controller, Ansible is combined with unprivileged Docker containers to isolate the malicious codes. After the execution, the containers will be destroyed along with the execution code and data.