Az-HOP in the Azure Marketplace
Introduction
Azure HPC On-Demand Platform, or Az-HOP, provides an end-to-end deployment mechanism for a base HPC infrastructure on Azure. The platform includes a Terraform and Bicep version for deploying the infrastructure and Ansible is used for configuration and setup. An Azure Marketplace deployment has been created to simplify the deployment process. This is based on the Bicep version and will deploy a virtual machine that will automatically run the Ansible deployment.
This document describes the steps for how to deploy Az-HOP from the Azure Marketplace. For more information on the features and capabilities of Az-HOP, please refer to this Blog post or the Az-HOP documentation.
Deployment
Navigate to the Azure portal. Click on Marketplace
and search for azhop
.
Click on Create
to open the deployment wizard. Az-HOP resources will all be deployed into a single resource group. However, the deployment is at the subscription scope as it will add subscription reader access to the Azure Cyclecloud managed identity and can peer to another network if that option is chosen. The subscription reader permission is required by Azure Cyclecloud to accept an image plan when deploying virtual machines. By deploying at the subscription scope will mean everything is deployed in a single step.
Az-HOP Wizard: Basics
The Basics
tab is where the subscription, region, resource group name. The admin user is local admin user on the virtual machines that are deployed.
The default option is to autogenerate ssh keypairs and passwords required. If this option is chosen they will be stored in the Azure Key Vault that is created in the Az-HOP resource group. Alternatively, this option can be unchecked and the ssh keypair and password can be provided.
They Azure Key Vault requires the access policies to include any users that will need to access the key vault. Add the Object ID of the in the Additional Keyvault Reader
input box. To get the currently signed in user with the Azure CLI use the following command:
The Branch Name
reflects the branch in the Az-HOP git repository. Leave this as main
or set to one of the release branches.
Az-HOP Wizard: Home Directory
Select the storage type, mount point and capacity of the file system for the home directories. Either Azure Files or Azure Netapp Files can be selected.
Az-HOP Wizard: Network
The default network option is to create a public IP address for the On-Demand portal and another for the deployer virtual machine. Choose the CIDR prefix for the network and the base IP address. The CIDR prefix will determine how large your compute can scale as half the IP range will be allocate for the compute virtual machine subnet.
If public IP addresses are not enabled there will be an option to peer to an existing network. This requires the addition information for resource group and virtual network name. This can be used where a virtual network is already available with access through either a VPN or ExpressRoute.
Az-HOP Wizard: Review + create
Review the options and click Create
to start the deployment.
Monitoring the Installation
The infrastructure should deploy in around 10 minutes and, while it will show Your deployment is complete
, it will take up to 40 minutes to run ansible to perform the installation and configuration of the virtual machines.
The progress of the installation can be monitored by loggin in to the deployer virtual machine. The deployer virtual machine uses port 8822 for ssh. The private key is either the one generated by the deployment or the one provided. The autogenerated one will be a secret in the Azure Keyvault that has been created (${ADMIN_USER}-privkey
). Copy the contents into a file and make sure to set the correct permissions before running ssh (chmod 600 $SSH_PRIVATE_KEY_FILE
). The $ADMIN_USER
is the admin user provided in the deployment wizard.
ssh -p 8822 -i $SSH_PRIVATE_KEY_FILE $ADMIN_USER@$DEPLOYER_VM_IP
The install script is run as a cloud-init script and the output is written to /var/log/cloud-init-output.log
. The log file can be tail
ed to monitor the progress:
tail -f /var/log/cloud-init-output.log
The ansible log will be in the output and, once the script has completed, cloud-init will report the script has completed:
...
Command succeeded!
Cloud-init v. 23.1.2-0ubuntu0~20.04.1 running 'modules:final' at Mon, 22 May 2023 14:17:14 +0000. Up 894.13 seconds.
Accessing the On-Demand portal
The marketplace image creates two Az-HOP users: a regular user called hpcuser
and an admin user called clusteradmin
. The password for these users will be store as a secret in the Azure KeyVault that has been created. First get the password and then navigate to the On-Demand portal. The URL for the On-Demand portal is the IP address or FQDN of the ondemand
virtual machine.
Updating the Configuration
The Az-HOP configuration is stored on the deployer virtual machine where the git repository and config is all located in /az-hop
. The configuration can be updated by logging in to the deployer virtual machine, editing /az-hop/config.yml
and re-running the install.sh
script. For more details refer to the Az-HOP documentation.
Reporting Issues
Az-HOP is an Open Source project hosted on GitHub and, while this is not an officially supported Microsoft product, the project is actively being maintained. If you experience any issues please open an issue on the Az-HOP GitHub repository.
Learn More
- Az-HOP GitHub
- Az-HOP Documentation
- Microsoft Tech Community HPC Blog Posts