vac.conf − Vac configuration file
vacd is a daemon which implements the Vacuum model on a factory (hypervisor) machine. vacd reads its configuration from /etc/vac.conf and this file is also read by the vac utility command to find default values.
vac.conf uses the Python ConfigParser syntax, which is similar to MS Windows INI files. The file is divided into sections, with each section name in square brackets. For example: [settings]. Each section contains a series of option=value pairs.
For ease of management, two more optional files are read
if they exist:
These files are named after important sections, but sections can be placed in any of the four files, or all placed in /etc/vac.conf
The [settings] section is required and has options which apply to all virtual machines.
vac_space is required and gives the name of this Vac space. A single space will be sufficient for many sites. The space name should be a fully qualified domain name, like vac.example.com and may be treated as space’s CE name in some monitoring and accounting systems.
cycle_seconds is how long to wait before re-evaluating state of VMs in the main loop again. Defaults to 60 seconds.
udp_timeout_seconds is how long to wait before giving up on more UDP replies. Defaults to 5.0 seconds.
domain_type gives the type of hypervisor used, and can be either kvm or xen. kvm is the default and is the preferred choice for production use.
delete_old_files can be set to False to disable the normal behaviour where old files associated with transient VMs which have finished are deleted. This can be useful for debugging but can easily allow disks to fill up.
cpu_per_machine sets the number of virtual CPUs to assign to each VM. Along with cpu_total, this is also used when calculating how many virtual machines can be created. Defaults to 1.
mb_per_machine sets the memory allocated to each VM in MiB (1024^2). Defaults to 2048.
hs06_per_cpu gives the HEPSPEC06 power of each CPU in a virtual machine. This is communicated to the VM in /etc/machinefeatures/hs06 . Defaults to 1.
version_logger can be used to disable the logging of the version in use. Normally Vac sends one UDP packet per day to vac-version-logger.gridpp.ac.uk on port 8884 containing the factory and space names, and the Vac version number. This will be used to target patches for security and bugs at the versions currently in use. Defaults to True.
total_machines gives the number of VMs to be defined by Vac. The VM names are formed by adding a hyphen and the VM number to the hostname component of its fully qualified domain name. For example, factory1.example.com would have factory1-00.example.com, factory1-01.example.com, ... as its VMs. MAC addresses are formed with the prefix 56:4D as the first two bytes, and the four bytes of the IP address as the remaining four bytes.
cpu_total is derived from /proc/cpuinfo by default and does not usually need to be set explicitly. If set, then it provides an additional limit on the number of virtual machines that will be created, calculated as cpu_total divided by cpu_per_machine, even if total_machines is higher. This allows you to reduce the number of running VMs on a factory machine without having to kill running VMs. Instead, they are allowed to finish one by one and are only recreated if cpu_total allows.
volume_group can be used to set the volume group to be searched for a logical volume which can be used by a particular VM. The logical volumes must have the VMs fully qualified domain names as their names. For example, /dev/vac_volume_group/facory1-00.example.com/ would used by the VM factory1-00.example.com. Defaults to vac_volume_group.
One [vmtype ...] section must exist for each vmtype in the system, with the name of the vmtype given in the section name, such as [vmtype example]. A vmtype name must only consist of lowercase letters, numbers, periods, underscores, and hyphens. Each of these sections contain option=value pairs that are specific to that vmtype.
backoff_seconds is the delay after a VM of this vmtype aborts. If a VM aborts, then no new VMs of this type will be created for this amount of time. This can be used to prevent the unnecessary creation of many VMs when no work is available, and avoid overloading the matcher or task queue of the VO.
fizzle_seconds is in three places within the
backoff algorithm. First, if a VM finishes without producing
a shutdown message code and has lasted less than
fizzle_seconds, then it is treated as aborted. Secondly,
after the backoff_seconds time has expired for a VM abort,
once at least one VM has been started in this Vac space,
then no more new VMs can be started for another
fizzle_seconds. Thirdly, these new VMs are identified
because they are still in the starting phase of creating
files, or because they have been running for less than
max_wallclock_seconds gives the maximum lifetime of a VM. Vac will destroy the VM if it is still running after this amount of time, and will create /etc/machinefeatures/shutdowntime using this value to communicate it to the VM. Default 86400.
shutdown_command is the path to a file inside the VM which the VM can use to shut itself down. This value is written to /etc/machinefeatures/shutdown_command. The script /var/lib/vac/bin/vac-shutdown-vm is suitable for this, and should normally be copied to the shared subdirectory of the vmtype’s directory in /var/lib/vac/vmtypes/ . it will then be visible inside the VM at the NFS-imported location /etc/vmtypefiles/vac-shutdown-vm .
Running the vac-shutdown-vm command from a non-root user can be accomplished by appending lines like this to /etc/sudoers, with USER as the user name:
root_device is the device name exposed to the VM that is associated with the root disk image. Default hda.
scratch_device is the device name exposed to the VM that is associated with the scratch logical volume. Default hdb.
log_machineoutputs can be set to True to enable recording of all the files in /etc/machineoutputs in the file /var/log/vacd-machineoutputs when the VM finishes or is killed. For this reason, only text files should be written to this directory. Default False.
accounting_fqan is used to specify a userFQAN to include in the blahp accounting entries in the /var/log/vacd-accounting/ log files.
For the remaining options, if the file name begins with ’/’, then it will be used as an absolute path; otherwise the path will be interpreted relative to the vmtype’s subdirectory of /var/lib/vac/vmtypes
rootpublickey is the file name of a public key supplied to the contextualization which will be allowed root ssh access. If the file begins with ’/’, then it will be used as an absolute path; otherwise the path will be interpreted relative to the vmtype’s subdirectory of /var/lib/vac/vmtypes
user_data is a contextualization file provided by the VO and perhaps modified by the site.
prolog and epilog are file names of optional prolog.sh and epilog.sh scripts as defined in the CernVM contextualization documentation.
The [targetshares] section contains a list of vmtype=share pairs giving the desired share of the total VMs available in this space for each vmtype. The shares do not need to add up to 1.0, and if a share is not given for a vmtype, then it is set to 0. Vac factories consult these shares when deciding which vmtype to start as VMs become available.
The [factories] section contains the single required option name which has a space separated list of the fully qualified domain names of all the factories in this Vac space, including this factory. The factories are queried using UDP when a factory needs to decide which vmtype to start. The Vac responder process on the factories replies to these queries with a summary of the VM and the outcome of recent attempts to run a VM of each vmtype.
Andrew McNab <Andrew.McNab@cern.ch>
vacd is part of Vac: http://www.gridpp.ac.uk/vac/