From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id SL4vOK9vEF9tdwAA0tVLHw (envelope-from ) for ; Thu, 16 Jul 2020 15:18:07 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id +CAXNK9vEF+LfQAAbx9fmQ (envelope-from ) for ; Thu, 16 Jul 2020 15:18:07 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 39B6F940418 for ; Thu, 16 Jul 2020 15:18:06 +0000 (UTC) Received: from localhost ([::1]:57792 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jw5e7-0008Ra-TX for larch@yhetil.org; Thu, 16 Jul 2020 11:18:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59864) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jw5e4-0008R5-Be for gwl-devel@gnu.org; Thu, 16 Jul 2020 11:18:01 -0400 Received: from sender4-of-o51.zoho.com ([136.143.188.51]:21158) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1jw5e1-00015K-Pp for gwl-devel@gnu.org; Thu, 16 Jul 2020 11:18:00 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1594912672; cv=none; d=zohomail.com; s=zohoarc; b=CoRYKT/8qmsbksCtZhxPqRu/+h9cm2Fa/1ieTBVABgwmc5wKjQ8jwM7YjT2TIfz/0jmUaNgeDMbLfqg6h5TmjUxwj3ZWq7hsG0AqpVxKH3+/nSiPD4tEANQuJTtc9y+n8MmPmrOhSJ8PhN08FiGRxzSKGkhOWwD4Tz28xFsmWME= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594912672; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=7IStp4BqZUhQQbNdHa3JqKPu+3J4PA5/rdWq8Yzr9O0=; b=ayD0b0W+/2opwohO9/4VxuSIG4q2kApda4yFs4oqlPI+TYgMZmGE9HQyOS4hXHyJXjA65tvX1+KUXfe4HbGGcDa6q+EjgWDK0KVg34OzdvWKNympiNZ7fCU97YAoPTBkTvtW590qGYfu6F7ewKHZcE+AztqWaTN1rWX6FQxh+C0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=elephly.net; spf=pass smtp.mailfrom=rekado@elephly.net; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1594912672; s=zoho; d=elephly.net; i=rekado@elephly.net; h=References:From:To:Cc:Subject:In-reply-to:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding; bh=7IStp4BqZUhQQbNdHa3JqKPu+3J4PA5/rdWq8Yzr9O0=; b=TDr8GqJoNbdNdDH0CUpc/Y4tnn7+0y196G+1LRjluHa+JYY4roK1VZMRQH6Fp47S FSmJFEiXeYac/6urbhyiOsrzDct2ZLZTZRGUJV/02AfzH/1HhWaEBQMJYfjabPUKLiv Xq6VqGj4sbepvxHEpvNOHw6+o7qZfEBd5O/s59Co= Received: from localhost (p54ad4ed3.dip0.t-ipconnect.de [84.173.78.211]) by mx.zohomail.com with SMTPS id 1594912666959388.4537234386902; Thu, 16 Jul 2020 08:17:46 -0700 (PDT) References: <87a70dkm2j.fsf@elephly.net> <86y2nkz5h3.fsf@gmail.com> User-agent: mu4e 1.4.10; emacs 26.3 From: Ricardo Wurmus To: zimoun Subject: Re: fastest way to run a GWL workflow on AWS In-reply-to: <86y2nkz5h3.fsf@gmail.com> X-URL: https://elephly.net X-PGP-Key: https://elephly.net/rekado.pubkey X-PGP-Fingerprint: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC Date: Thu, 16 Jul 2020 17:17:43 +0200 Message-ID: <87tuy7fq08.fsf@elephly.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Received-SPF: pass client-ip=136.143.188.51; envelope-from=rekado@elephly.net; helo=sender4-of-o51.zoho.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/16 11:17:54 X-ACL-Warn: Detected OS = Linux 3.11 and newer [fuzzy] X-Spam_score_int: -30 X-Spam_score: -3.1 X-Spam_bar: --- X-Spam_report: (-3.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: gwl-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: gwl-devel@gnu.org Errors-To: gwl-devel-bounces+larch=yhetil.org@gnu.org Sender: "gwl-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=elephly.net header.s=zoho header.b=TDr8GqJo; dmarc=none; spf=pass (aspmx1.migadu.com: domain of gwl-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=gwl-devel-bounces@gnu.org X-Spam-Score: -2.21 X-TUID: yC1x8354d+x3 zimoun writes: >> * create an EFS file system. Why EFS? Unlike EBS (block storage) and >> S3, one EFS can be accessed simultaneously by different virtual >> machines (EC2 instances). > > Who creates the EFS file system? And you are referring to [1], right? > > 1: https://aws.amazon.com/efs/ Guile AWS would create it on demand (unless a user provides the name of an existing EFS that already contains a few Guix things). The idea is to copy parts of a store to a remote file system =E2=80=94 just without the database and Guix itself doing anything on the remote. This is very much like the setup of Guix on HPC clusters where all nodes mount the shared file system that is controlled by one node. In the case of EFS the =E2=80=9Ccontroller node=E2=80=9D is the user=E2=80=99s machine running= GWL. >> * sync the closure of the complete workflow (all steps) to EFS. (How? >> We could either mount EFS locally or use an EC2 instance as a simple >> =E2=80=9Ccloud=E2=80=9D file server.) This differs from how other work= flow languages >> handle things. Other workflow systems have one or more Docker >> image(s) per step (sometimes one Docker image per application), which >> means that there is some duplication and setup time as Docker images >> are downloaded from a registry (where they have previously been >> uploaded). Since Guix knows the closure of all programs in the >> workflow we can simply upload all of it. > > I think one of the points about using one Docker image per step to ease > the composition, well to be able to recompose another workflow with some > of the steps and other steps requiring other tools with other versions. > > In Guix parlance, workflow1 uses tool1 for step1 and tool2 for step2 > both from commit C1. If workflow2 uses tool1 from commit C1 for step1' > and tool3 from commit C2 for step2', then it is easy if each tool (step) > are containered and not in only one big image. > > But it is an issue for the Guix side, not the GWL side. :-) For > example, is it possible to compose 2 profiles owning one package at the > very same version but grafted differently? I think it *is* a GWL issue to solve. The GWL could support inferiors so that users could reference specific tool variants for parts of the workflow. Currently, the GWL will use whatever tools the extended version of Guix provides. >> * create as many EC2 instances as requested (respecting optional >> grouping information to keep any set of processes on the same node) >> and mount the EFS over NFS. The OS on the EC2 instances doesn=E2=80= =99t >> matter. > > By =E2=80=9CThe OS on the EC2 instances doesn=E2=80=99t matter.=E2=80=9C,= do you mean that it is > possible to run Guix System or Guix as package package on the top of say > Debian? Running Guix System on AWS is tricky. AWS doesn=E2=80=99t like our disk im= ages because /etc/fstab doesn=E2=80=99t exist (that was the last error before I stopped playing with it). My point is that Guix System isn=E2=80=99t necessary. Pick whatever virtual machine image they offer on AWS and mount the EFS containing all the Guix goodies. >> I also want to add optional reporting for each step. There could be a >> service that listens to events and each step would trigger events to >> indicate start and stop of each step. This could trivially be >> visualized, so that users can keep track of the state of the workflow >> and its processes, e.g. with a pretty web interface. > > By =E2=80=9Cservice=E2=80=9D, do you mean as Guix services? No, much more vague. When you submit a GWL workflow to a cluster today the GWL prepares things and then hands off the work to the cluster scheduler. The GWL has no way to tell you anything about the progress of the workflow. Its work is done once it has compiled a higher-order description of the workflow down to scripts that the cluster can run. It doesn=E2=80=99t have to be this way. Why let the cluster scheduler have= all the fun? (And more importantly: what do we do if we don=E2=80=99t *have* a scheduler?) The GWL could have a sub-command or switch to watch submitted jobs, a little daemon that listens to events being sent by the individual steps of the workflow; events like =E2=80=9Cstarted=E2=80=9D, = =E2=80=9Cerror=E2=80=9D, =E2=80=9Cdone=E2=80=9D; even fancier ones such as machine load or disk util= ization at this point in time. When enabled the jobs themselves would be instrumented and sending information to the GWL monitor, which in turn would be able to visualize this information. >> One of the open issues is to figure out how to sync the /gnu/store items >> to EFS efficiently. I don=E2=80=99t really want to shell out to rsync, = nor do I >> want to use =E2=80=9Cguix copy=E2=80=9D, which would require a remote in= stallation of >> Guix. Perhaps rsync would be the easiest route for a rough first >> draft. It would also be nice if we could deduplicate our slice of the >> store to cut down on unnecessary traffic to AWS. > > Naively, why does the =E2=80=9Cguix pack -f docker=E2=80=9D or =E2=80=9Cg= uix docker-image=E2=80=9D > approach fail? Docker images would have to be uploaded to a container registry (either DockerHub or Amazon=E2=80=99s ECR). AWS can use Docker only by downloading= an image from a registry when you instantiate a virtual machine. One of the advantages of using Guix is that we don=E2=80=99t need to use a big Doc= ker blob at all; we can instead upload individual store items (and accumulate them) and use them directly without the need for any copying from a container registry. --=20 Ricardo