IBM-Cloud / hpc-cluster-lsf

IBM Spectrum LSF - IBM Cloud
https://cloud.ibm.com/docs/ibm-spectrum-lsf?topic=ibm-spectrum-lsf-getting-started-tutorial
Apache License 2.0
11 stars 9 forks source link

Requirements

Name Version
http 3.4.0
ibm 1.58.0

Providers

Name Version
http 3.4.0
ibm 1.58.0
null 3.2.2
template 2.2.0

Modules

Name Source Version
bastion_vsi ./resources/ibmcloud/compute/login_vsi n/a
check_cluster_status ./resources/ibmcloud/null/remote_exec n/a
check_node_status ./resources/ibmcloud/null/remote_exec n/a
cluster_file_share ./resources/ibmcloud/file_share/ n/a
compute_nodes_wait ./resources/scale_common/wait n/a
custom_file_share ./resources/ibmcloud/file_share/ n/a
custom_resolver ./resources/ibmcloud/network/dns_resolver n/a
dedicated_host ./resources/ibmcloud/dedicated_host n/a
dedicated_host_group ./resources/ibmcloud/dedicated_host_group n/a
dns_permitted_network ./resources/ibmcloud/network/dns_permitted_network n/a
dns_service ./resources/ibmcloud/network/dns_service n/a
dns_zone ./resources/ibmcloud/network/dns_zone n/a
inbound_sg_ingress_all_local_rule ./resources/ibmcloud/security/security_group_ingress_all_local n/a
inbound_sg_rule ./resources/ibmcloud/security/security_group_inbound_rule n/a
ingress_vpn ./resources/ibmcloud/security/vpn_ingress_security_rule n/a
invoke_compute_playbook ./resources/scale_common/ansible_compute_playbook n/a
invoke_remote_mount ./resources/scale_common/ansible_remote_mount_playbook n/a
invoke_storage_playbook ./resources/scale_common/ansible_storage_playbook n/a
ipvalidation_cluster_subnet ./resources/custom/subnet_cidr_check n/a
ipvalidation_login_subnet ./resources/custom/subnet_cidr_check n/a
kms ./resources/ibmcloud/network/kms n/a
ldap_vsi ./resources/ibmcloud/compute/ldap_vsi n/a
login_fip ./resources/ibmcloud/network/floating_ip n/a
login_inbound_security_rules ./resources/ibmcloud/security/login_sg_inbound_rule n/a
login_outbound_security_rule ./resources/ibmcloud/security/login_sg_outbound_rule n/a
login_outbound_vpc_rules ./resources/ibmcloud/security/security_group_outbound_rules n/a
login_sg ./resources/ibmcloud/security/login_sg n/a
login_ssh_key ./resources/scale_common/generate_keys n/a
login_subnet ./resources/ibmcloud/network/login_subnet n/a
login_vsi ./resources/ibmcloud/compute/management_node_vsi n/a
management_host ./resources/ibmcloud/compute/management_node_vsi n/a
management_host_candidate ./resources/ibmcloud/compute/management_host_candidates n/a
outbound_sg_rule ./resources/ibmcloud/security/security_group_outbound_rule n/a
permission_to_lsfadmin_for_mount_point ./resources/scale_common/add_permission n/a
prepare_spectrum_scale_ansible_repo ./resources/scale_common/git_utils n/a
public_gateway ./resources/ibmcloud/network/public_gateway n/a
remove_ssh_key ./resources/scale_common/remove_ssh n/a
schematics_sg_tcp_rule ./resources/ibmcloud/security n/a
sg ./resources/ibmcloud/security/security_group n/a
spectrum_scale_storage ./resources/ibmcloud/compute/scale_storage_vsi n/a
storage_nodes_wait ./resources/scale_common/wait n/a
subnet ./resources/ibmcloud/network/subnet n/a
vpc ./resources/ibmcloud/network/vpc n/a
vpc_address_prefix ./resources/ibmcloud/network/vpc_address_prefix n/a
vpc_flow_log ./resources/ibmcloud/network/vpc_flow_log n/a
vpn ./resources/ibmcloud/network/vpn n/a
vpn_connection ./resources/ibmcloud/network/vpn_connection n/a
worker_vsi ./resources/ibmcloud/compute/worker_vsi n/a

Resources

Name Type
null_resource.delete_schematics_ingress_security_rule resource
null_resource.entitlement_check resource
null_resource.validate_ldap_server_connection resource
http_http.fetch_myip data source
ibm_iam_auth_token.token data source
ibm_is_dedicated_host_profiles.worker data source
ibm_is_image.compute data source
ibm_is_image.image data source
ibm_is_image.ldap_vsi_image data source
ibm_is_image.scale_image data source
ibm_is_image.stock_image data source
ibm_is_instance_profile.login data source
ibm_is_instance_profile.management_host data source
ibm_is_instance_profile.spectrum_scale_storage data source
ibm_is_instance_profile.storage data source
ibm_is_instance_profile.worker data source
ibm_is_public_gateways.public_gateways data source
ibm_is_region.region data source
ibm_is_ssh_key.ssh_key data source
ibm_is_subnet.existing_login_subnet data source
ibm_is_subnet.existing_subnet data source
ibm_is_subnet.subnet_id data source
ibm_is_vpc.existing_vpc data source
ibm_is_vpc.vpc data source
ibm_is_vpc_address_prefixes.existing_vpc data source
ibm_is_zone.zone data source
ibm_resource_group.rg data source
template_file.bastion_user_data data source
template_file.ldap_user_data data source
template_file.login_user_data data source
template_file.management_host_user_data data source
template_file.metadata_startup_script data source
template_file.worker_user_data data source

Inputs

Name Description Type Default Required
TF_PARALLELISM Parallelism/ concurrent operations limit. Valid values are between 1 and 256, both inclusive. Learn more. string "250" no
TF_VERSION The version of the Terraform engine that's used in the Schematics workspace. string "1.5" no
TF_WAIT_DURATION wait duration time set for the storage and worker node to complete the entire setup string "180s" no
api_key This is the IBM Cloud API key for the IBM Cloud account where the IBM Spectrum LSF cluster needs to be deployed. For more information on how to create an API key, see Managing user API keys. string n/a yes
app_center_db_pwd Password for MariaDB. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one special character. string "" no
app_center_gui_pwd Password for Application Center GUI. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one special character. string "" no
cluster_id Unique ID of the cluster used by LSF for configuration of resources. This can be up to 39 alphanumeric characters including the underscore (_), the hyphen (-), and the period (.) characters. Other special characters and spaces are not allowed. Do not use the name of any host or user as the name of your cluster. You cannot change the cluster ID after deployment. string "HPCCluster" no
cluster_prefix Prefix that is used to name the IBM Spectrum LSF cluster and IBM Cloud resources that are provisioned to build the IBM Spectrum LSF cluster instance. You cannot create more than one instance of the lsf cluster with the same name. Make sure that the name is unique. string "hpcc-lsf" no
cluster_subnet_id Existing cluster subnet ID under the VPC, where the cluster will be provisioned. string "" no
compute_image_name Name of the custom image that you want to use to create virtual server instances in your IBM Cloud account to deploy the IBM Cloud HPC cluster dynamic compute nodes. By default, the solution uses a RHEL 8-6 OS image with additional software packages mentioned here. If you would like to include your application-specific binary files, follow the instructions in Planning for custom images to create your own custom image and use that to build the IBM Cloud HPC cluster through this offering. string "hpc-lsf10-rhel88-worker-v1" no
create_authorization_policy_vpc_to_cos Set it to true if authorization policy is required for VPC to access COS. This can be set to false if authorization policy already exists. For more information on how to create authorization policy manually, see creating authorization policies for VPC flow log. bool false no
custom_file_shares Mount points and sizes in GB and IOPS range of file shares that can be used to customize shared file storage layout. Provide the details for up to 5 shares. Each file share size in GB supports different range of IOPS. For more information, see file share IOPS value.
list(object({
mount_path = string,
size = number,
iops = number
}))
[
{
"iops": 2000,
"mount_path": "/mnt/binaries",
"size": 100
},
{
"iops": 6000,
"mount_path": "/mnt/data",
"size": 100
}
]
no
dedicated_host_enabled Set to true to use dedicated hosts for compute hosts (default: false). Note that lsf still dynamically provisions compute hosts at public VSIs and dedicated hosts are used only for static compute hosts provisioned at the time the cluster is created. The number of dedicated hosts and the profile names for dedicated hosts are calculated from worker_node_min_count and dedicated_host_type_name. bool false no
dedicated_host_placement Specify 'pack' or 'spread'. The 'pack' option will deploy VSIs on one dedicated host until full before moving on to the next dedicated host. The 'spread' option will deploy VSIs in round-robin fashion across all the dedicated hosts. The second option should result in mostly even distribution of VSIs on the hosts, while the first option could result in one dedicated host being mostly empty. string "spread" no
dns_custom_resolver_id IBM Cloud DNS custom resolver id. string "" no
dns_domain IBM Cloud DNS Services domain name to be used for the IBM Cloud LSF cluster. string "lsf.com" no
dns_instance_id IBM Cloud HPC DNS service resource id. string "" no
enable_app_center Set to true to install and enable use of the IBM Spectrum LSF Application Center GUI (default: false). System requirements for IBM Spectrum LSF Application Center Version 10.2 Fix Pack 14. bool false no
enable_customer_managed_encryption Setting this to true will enable customer managed encryption. Otherwise, encryption will be provider managed. bool true no
enable_ldap Set this option to true to enable LDAP for IBM Cloud HPC, with the default value set to false. bool false no
enable_vpc_flow_logs Flag to enable VPC flow logs. If true, a flow log collector will be created. bool false no
existing_cos_instance_guid GUID of the COS instance to create a flow log collector. string null no
existing_storage_bucket_name Name of the COS bucket to collect VPC flow logs. string null no
hyperthreading_enabled Setting this to true will enable hyper-threading in the worker nodes of the cluster (default). Otherwise, hyper-threading will be disabled. bool true no
ibm_customer_number Comma-separated list of the IBM Customer Number(s) (ICN) that is used for the Bring Your Own License (BYOL) entitlement check. For more information on how to find your ICN, see What is my IBM Customer Number (ICN)?. string "" no
image_name Name of the custom image that you want to use to create virtual server instances in your IBM Cloud account to deploy the IBM Spectrum LSF cluster. By default, the automation uses a base image with additional software packages documented here. If you would like to include your application-specific binary files, follow the instructions in Planning for custom images to create your own custom image and use that to build the IBM Spectrum LSF cluster through this offering. string "hpcc-lsf10-scale5201-rhel88-5-0" no
is_flow_log_collector_active Indicates whether the collector is active. If false, this collector is created in inactive mode. bool true no
kms_instance_id Unique identifier of the Key Protect instance associated with the Key Management Service. While providing an existing “kms_instance_id”, it's necessary to create the required authorization policy for encryption to be completed. To create the authorisation policy, go to Service authorizations. The ID can be found under the details of the KMS, see View key-protect ID. string "" no
kms_key_name Provide the existing KMS encryption key name that you want to use for the IBM Cloud LSF cluster. (for example kms_key_name: my-encryption-key). string "" no
ldap_admin_password The LDAP administrative password should be 8 to 20 characters long, with a mix of at least three alphabetic characters, including one uppercase and one lowercase letter. It must also include two numerical digits and at least one special character from (~@_+:) are required. It is important to avoid including the username in the password for enhanced security.[This value is ignored for an existing LDAP server]. string "" no
ldap_basedns The dns domain name is used for configuring the LDAP server. If an LDAP server is already in existence, ensure to provide the associated DNS domain name. string "hpcaas.com" no
ldap_server Provide the IP address for the existing LDAP server. If no address is given, a new LDAP server will be created. string "null" no
ldap_user_name Custom LDAP User for performing cluster operations. Note: Username should be between 4 to 32 characters, (any combination of lowercase and uppercase letters).[This value is ignored for an existing LDAP server] string "" no
ldap_user_password The LDAP user password should be 8 to 20 characters long, with a mix of at least three alphabetic characters, including one uppercase and one lowercase letter. It must also include two numerical digits and at least one special character from (~@_+:) are required.It is important to avoid including the username in the password for enhanced security.[This value is ignored for an existing LDAP server]. string "" no
ldap_vsi_osimage_name Image name to be used for provisioning the LDAP instances. string "ibm-ubuntu-22-04-4-minimal-amd64-3" no
ldap_vsi_profile Profile to be used for LDAP virtual server instance. string "cx2-2x4" no
login_node_instance_type Specify the VSI profile type name to be used to create the login node for Spectrum LSF cluster. Learn more. string "bx2-2x8" no
login_subnet_id Existing Login subnet ID under the VPC, where the bastion/login will be provisioned. string "" no
management_node_count Number of management nodes. This is the total number of management and management candidates. Enter a value in the range 1 - 3. number 2 no
management_node_instance_type Specify the virtual server instance profile type to be used to create the management nodes for the Spectrum LSF cluster. For choices on profile types, see Instance profiles. string "bx2-4x16" no
remote_allowed_ips Comma-separated list of IP addresses that can access the Spectrum LSF instance through an SSH or RDP interface. For security purposes, provide the public IP addresses assigned to the devices that are authorized to establish SSH or RDP connections (for example, ["169.45.117.34"]). To fetch the IP address of the device, use https://ipv4.icanhazip.com/. list(string) n/a yes
resource_group Resource group name from your IBM Cloud account where the VPC resources should be deployed. For additional information on resource groups, see Managing resource groups. string "Default" no
scale_compute_cluster_filesystem_mountpoint Compute cluster (accessingCluster) file system mount point. The accessingCluster is the cluster that accesses the owningCluster. For more information, see Mounting a remote GPFS file system. string "/gpfs/fs1" no
scale_compute_cluster_gui_password Password for Compute cluster GUI. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one unique character. Password should not contain username. string "" no
scale_compute_cluster_gui_username GUI user to perform system management and monitoring tasks on compute cluster. Note: Username should be at least 4 characters, any combination of lowercase and uppercase letters. string "" no
scale_filesystem_block_size File system block size. Spectrum Scale supported block sizes (in bytes) include: 256K, 512K, 1M, 2M, 4M, 8M, 16M. string "4M" no
scale_storage_cluster_filesystem_mountpoint Spectrum Scale Storage cluster (owningCluster) Filesystem mount point. The owningCluster is the cluster that owns and serves the file system to be mounted. Mounting a remote GPFS file system. string "/gpfs/fs1" no
scale_storage_cluster_gui_password Password for Spectrum Scale storage cluster GUI. Note: Password should be at least 8 characters, must have one number, one lowercase letter, one uppercase letter, and at least one unique character. Password should not contain username. string "" no
scale_storage_cluster_gui_username GUI user to perform system management and monitoring tasks on storage cluster. Note: Username should be at least 4 characters, any combination of lowercase and uppercase letters. string "" no
scale_storage_image_name Name of the custom image that you would like to use to create virtual machines in your IBM Cloud account to deploy the Spectrum Scale storage cluster. By default, the automation uses a base image plus the Spectrum Scale software and any other software packages that it requires. If you would like, you can follow the instructions for Planning for custom images to create your own custom image and use that to build the Spectrum Scale storage cluster through this offering. string "hpcc-scale5201-rhel88" no
scale_storage_node_count The number of Spectrum scale storage nodes that will be provisioned at the time the cluster is created. Enter a value in the range 2 - 18. It must to be divisible of 2. number 4 no
scale_storage_node_instance_type Specify the virtual server instance storage profile type name to be used to create the Spectrum Scale storage nodes for the Spectrum Storage cluster. For more information, see Instance profiles. string "cx2d-8x16" no
spectrum_scale_enabled Setting this to true will enables Spectrum Scale integration with the cluster. Otherwise, Spectrum Scale integration will be disabled (default). By entering 'true' for the property, you have also agreed to one of the two conditions: (1) You are using the software in production and confirm you have sufficient licenses to cover your use under the International Program License Agreement (IPLA). (2) You are evaluating the software and agree to abide by the International License Agreement for Evaluation of Programs (ILAE). Note: Failure to comply with licenses for production use of software is a violation of IBM International Program License Agreement. bool false no
ssh_key_name Comma-separated list of names of the SSH key configured in your IBM Cloud account that is used to establish a connection to the LSF management node. Ensure that the SSH key is present in the same resource group and region where the cluster is being provisioned. If you do not have an SSH key in your IBM Cloud account, create one by using the instructions given at SSH Keys. string n/a yes
storage_node_instance_type Specify the virtual server instance profile type to be used to create the storage nodes for the Spectrum LSF cluster. The storage nodes are the ones that are used to create an NFS instance to manage the data for HPC workloads. For choices on profile types, see Instance profiles. string "bx2-2x8" no
vpc_cidr_block Creates the address prefix for the new VPC, when the vpc_name variable is empty. Only a single address prefix is allowed. For more information, see Setting IP ranges. list(string)
[
"10.241.0.0/18"
]
no
vpc_cluster_login_private_subnets_cidr_blocks The CIDR block that's required for the creation of the login cluster private subnet. Modify the CIDR block if it has already been reserved or used for other applications within the VPC or conflicts with any on-premises CIDR blocks when using a hybrid environment. Provide only one CIDR block for the creation of the login subnet. Since login subnet is used only for the creation of login virtual server instance provide a CIDR range of /28. list(string)
[
"10.241.16.0/28"
]
no
vpc_cluster_private_subnets_cidr_blocks The CIDR block that's required for the creation of the compute and storage cluster private subnet. Modify the CIDR block if it has already been reserved or used for other applications within the VPC or conflicts with any on-premises CIDR blocks when using a hybrid environment. Provide only one CIDR block for the creation of the compute and storage subnet. Make sure to select a CIDR block size that will accommodate the maximum number of management, storage, and both static and dynamic worker nodes that you expect to have in your cluster. For more information on CIDR block size selection, see Choosing IP ranges for your VPC. list(string)
[
"10.241.0.0/20"
]
no
vpc_name Name of an existing VPC in which the cluster resources will be deployed. If no value is given, then a new VPC will be provisioned for the cluster. Learn more. string "" no
vpn_enabled Set to true to deploy a VPN gateway for VPC in the cluster. bool false no
vpn_peer_address The peer public IP address to which the VPN will be connected. string "" no
vpn_peer_cidrs Comma separated list of peer CIDRs (e.g., 192.168.0.0/24) to which the VPN will be connected. string "" no
vpn_preshared_key The pre-shared key for the VPN. string "" no
worker_node_instance_type Specify the virtual server instance profile type name to be used to create the worker nodes for the Spectrum LSF cluster. The worker nodes are the ones where the workload execution takes place and the choice should be made according to the characteristic of workloads. For choices on profile types, see Instance Profiles. Note: If dedicated_host_enabled == true, available instance prefix (e.g., bx2 and cx2) can be limited depending on your target region. Check ibmcloud target -r {region_name}; ibmcloud is dedicated-host-profiles. string "bx2-4x16" no
worker_node_max_count The maximum number of worker nodes that can be deployed in the Spectrum LSF cluster. In order to use the Resource Connector feature to dynamically create and delete worker nodes based on workload demand, the value selected for this parameter must be larger than worker_node_min_count. If you plan to deploy only static worker nodes in the LSF cluster, e.g., when using Spectrum Scale storage, the value for this parameter should be equal to worker_node_min_count. Enter a value in the range 1 - 500. number 10 no
worker_node_min_count The minimum number of worker nodes. This is the number of static worker nodes that will be provisioned at the time the cluster is created. If using NFS storage, enter a value in the range 0 - 500. If using Spectrum Scale storage, enter a value in the range 1 - 64. NOTE: Spectrum Scale requires a minimum of 3 compute nodes (combination of management-host, management-host-candidate, and worker nodes) to establish a quorum and maintain data consistency in the event of a node failure. Therefore, the minimum value of 1 may need to be larger if the value specified for management_node_count is less than 2. number 0 no
zone IBM Cloud zone name within the selected region where the Spectrum LSF cluster should be deployed. To get a full list of zones within a region, see Get zones by using the CLI. string n/a yes

Outputs

Name Description
application_center n/a
application_center_url n/a
image_map_entry_found n/a
region_name n/a
spectrum_scale_storage_ssh_command n/a
ssh_to_ldap_node n/a
ssh_to_login_node n/a
ssh_to_management_node n/a
vpc_name n/a
vpn_config_info n/a