Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Singularity container for a Squid proxy #36

Open
wants to merge 15 commits into
base: main
Choose a base branch
from
Open

Singularity container for a Squid proxy #36

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
b73689d
example for using fuse-overlayfs in singularity
bedroge Aug 28, 2020
7e2bbc4
rename README
bedroge Aug 28, 2020
5c4199a
add more attempts
bedroge Aug 28, 2020
41b5c28
fixes
bedroge Aug 28, 2020
8efc316
config repo *must* be mounted at /cvmfs/cvmfs-config.eessi-hpc.org, b…
boegel Aug 29, 2020
71e1b14
Merge pull request #1 from boegel/singularity_cvmfs_overlay
bedroge Aug 31, 2020
7906eec
Ignore sif files
bedroge Sep 1, 2020
468f4a3
Add CVMFS config deb package
bedroge Sep 1, 2020
a2b5163
Modified instructions and def file, better method
bedroge Sep 1, 2020
e1d611d
CVMFS Squid proxy as Singularity container
bedroge Sep 10, 2020
ebc4090
Update README.md
bedroge Sep 10, 2020
b145662
Update README.md
bedroge Sep 10, 2020
d150755
Remove stuff that shouldn't be here...
bedroge Sep 10, 2020
bdbed99
Merge branch 'cvmfs_proxy_singularity' of github.com:bedroge/filesyst…
bedroge Sep 10, 2020
d23d031
Small fix in README
bedroge Sep 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions containers/EESSI-squid-proxy.def
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
BootStrap: docker
From: centos:7
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bedroge Wouldn't it make more sense to make this a Dockerfile, so we can build the Docker image and push it to Docker Hub (and then we can also run it via Singularity)?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea! I'll convert it to a Dockerfile.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One disadvantage is that you can't use singularity instance with a Docker image, since startscript is not defined in that case...


%post
yum update -y
yum install -y squid which

%environment
export LC_ALL=C

%runscript
if [[ ${1:0:1} = '-' ]]; then
EXTRA_ARGS="$@"
set --
elif [[ ${1} == squid || ${1} == $(which squid) ]]; then
EXTRA_ARGS="${@:2}"
set --
fi

if [[ -z ${1} ]]; then
if [[ ! -d /var/spool/squid/00 ]]; then
echo "Initializing cache..."
$(which squid) -N -f /etc/squid/squid.conf -z
fi
echo "Starting squid..."
exec $(which squid) -f /etc/squid/squid.conf -NYCd 1 ${EXTRA_ARGS}
else
exec "$@"
fi

%startscript
if [[ ${1:0:1} = '-' ]]; then
EXTRA_ARGS="$@"
set --
elif [[ ${1} == squid || ${1} == $(which squid) ]]; then
EXTRA_ARGS="${@:2}"
set --
fi

if [[ -z ${1} ]]; then
if [[ ! -d /var/spool/squid/00 ]]; then
echo "Initializing cache..."
$(which squid) -N -f /etc/squid/squid.conf -z
fi
echo "Starting squid..."
exec $(which squid) -f /etc/squid/squid.conf -NYCd 1 ${EXTRA_ARGS}
else
exec "$@"
fi
43 changes: 43 additions & 0 deletions containers/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# Containers
This directory contains several Dockerfiles and Singularity definition files for different components,
e.g. CVMFS clients and Squid proxies.

## EESSI-squid-proxy.def: Singularity definition file for Squid proxy

This definition file allows you to build a Singularity container that can be used for running a Squid proxy.

### Build
You can build the container using:
```
sudo singularity build EESSI-squid-proxy.sif EESSI-squid-proxy.def
```
### Configure
Make some directories on the host for storing the cache, logs, and PID file:
```
mkdir -p /tmp/$USER/{var-log-squid,var-run,var-spool-squid,home}
```

Prepare a Squid configuration file, for instance based on our [Ansible template file](https://github.com/EESSI/filesystem-layer/blob/master/templates/eessi_localproxy_squid.conf.j2). Make sure that the ACLs and port number are configured correctly.

Set the following environment variables to the correct local directories and configuration file:
```
export SINGULARITY_BIND="eessi_localproxy_squid.conf:/etc/squid/squid.conf,/tmp/$USER/var-run:/var/run,/tmp/$USER/var-log-squid:/var/log/squid,/tmp/$USER/var-spool-squid:/var/spool/squid"
export SINGULARITY_HOME="/tmp/$USER/home:/home/$USER"
```

### Run

Now start the container as a Singularity instance (which will run it like a service in the background):
```
singularity instance start EESSI-squid-proxy.sif cvmfs_proxy
```

The last argument defines the name for this instance, which can be used to connect a shell (`singularity shell instance://cvmfs_proxy`) or to stop the instance:
```
singularity instance stop cvmfs_proxy
```

If you want to interactively start the proxy, you can still do this using:
```
singularity run EESSI-squid-proxy.sif
```