Logging in to HPCI using Docker (Windows 10)

0. Change Log

0.1 Major changes

2023.07.31

  • The wording and structure of some items have been arranged.

  • The text version of this document has been discontinued.

2023.06.16

  • Fixed “2. Installing Docker Desktop for Windows” based on the behavior of the Docker Desktop 4.17.0 installer.

  • Updated Docker image to gsi-openssh-20230322.tar.xz.

2023.04.28

  • Corrected the URL of the referenced document.

2022.07.15

  • Created an English version of the document.

  • Fixed “2. Installing Docker Desktop for Windows” based on the behavior of the Docker Desktop 4.10.1 installer.

  • Updated Docker image to gsi-openssh-20220325.tar.xz.

2022.01.06

  • Updated headline of referenced HPCI login manual in line with version 22.

2021.07.15

  • Updated descriptions of operating environment and installation procedure on the assumption that the WSL 2 backend will be used.

  • Added “5. How to use run an X11 client.”

  • Updated Docker image to gsi-openssh-20210607.tar.xz.

2021.01.22

  • Revised installation procedure to accompany changes in Docker Desktop installer operations.

  • Added notice regarding problems with docker load occurring with the latest Docker Desktop at the time of document publication.

  • Updated Docker image to gsi-openssh-20201215.tar.bz2.

2020.07.13

  • Revised procedure for getting Docker Desktop installer (because signing in with Docker ID is no longer needed).

  • Added “4. Updating Docker images”.

  • Added “5. Notes on container environments”.

  • Updated Docker image to gsi-openssh-20200713.tar.xz.

2019.10.24

  • Initial release

1. Overview

This document is for those using Windows 10 and explains how to log in to the HPCI environment using Docker.

In Windows 10, use Docker Desktop for Windows.

Attention

  • In the HPCI verification environment, operation on Windows 11 has not been verified.

1.1 Terminology

Image

The foundation for a container.

Container

An entity that executes an image.

Repository

A collection of Docker images.

Tag

An identifying label that is used to distinguish images in a repository.

1.2 Operating environment

Attention

Docker Desktop for Windows utilizes Hyper-V or WSL2 as a backend. This document is written with the assumption that it will be used with the WSL2 backend.

To install Docker Desktop for Windows, your Windows machines must satisfy the following requirements.

WSL2 backend

  • WSL version 1.1.3.0 or above.

  • Windows 10 64bit

    • Home or Pro 21H2 (build 19044) or higher

    • Enterprise or Education 21H2 (build 19044).

  • Enable the WSL 2 feature on Windows.

  • Hardware prerequisites for running WSL 2 correctly:

    • SLAT (second-level address translation) -compatible 64-bit processor.

    • 4 GB system RAM.

    • BIOS-level hardware virtualization support.

      • Must be enabled in the BIOS settings. For more information, see the Docker Desktop documentation Virtualization .

1.3 Installing WSL

Install WSL on a Windows machine, and install Ubuntu as the Linux distribution.

  • For more information on the installation procedure, see Microsoft’s documentation Install Linux on Windows with WSL .

  • You do not need to perform this step on environments where you are already using Docker Desktop for Windows with the WSL 2 backend.

Installation procedure

  1. Launch PowerShell as administrator.

  • Display the [Quicklink] menu.

    • Right-click the [ Start ] button, or press the Windows logo key + X .

  • Select [Windows PowerShell (Admin)].

  • When asked to confirm, “Do you want to allow this app to make canges to your device?” click [ Yes ].

  1. Execute the WSL command with the –install option.

  • Type the following into PowerShell.

wsl --install

  • This will install WSL and the default Ubuntu distribution of Linux.

PS C:\WINDOWS\system32> wsl --install
Installing: Virtual Machine Platform
Virtual Machine Platform has been installed.
Installing: Windows Subsystem for Linux
Windows Subsystem for Linux has been installed.
Downloading: WSL Kernel
Installing: WSL Kernel
WSL Kernel has been installed.
Downloading: Ubuntu
The requested operation is successful. Changes will not be effective until the system is rebooted.
PS C:\WINDOWS\system32>

  1. Follow the messages. Once WSL installation is complete, restart the system.

  2. Set up a default Unix user account.

Directly after logging in to Windows, you will need to create a default Unix user account for running Ubuntu.

For more information on default UNIX user accounts, see Microsoft’s documentation Set up your Linux username and password .

Ubuntu will automatically start after restarting Windows. If Ubuntu does not start, try the following to start it:

  • Click the [ Start ] button and choose [ Ubuntu ] from the list of application

This completes the process of installing WSL and Ubuntu.

Updating and upgrading packages

We recommend that you use the package manager to periodically update and upgrade packages. Do this by typing in the following command.

$ sudo apt update && sudo apt upgrade

2. Installing Docker Desktop for Window

2.1 Download the installer

Download Docker Desktop Installer.exe

Attention

As of Apr 8, 2020, you do not need to sign in with a Docker ID in order to download the Docker Desktop installer.

  1. Visit https://www.docker.com in your web browser.

  2. Click the [ Get Started ] button.

  • There may be more than one, but they all lead to the same place.

2.2 Installation procedure

These instructions for installing Docker Desktop for Windows assume you will be using the WSL 2 backend.

See also the description Install Docker Desktop on Windows on the Docker official site.

Run installer

Attention

Before installation, follow the procedure in 1.3 Installing WSL to enable WSL2 functionality.

  1. Log in as a user with administrator privileges and double-click on the installer Docker Desktop Installer.exe.

  2. When asked to confirm, “Do you want to allow this app to make canges to your device?” click [ Yes ].

  3. The package’s download status will be displayed on the screen.

  4. A window with a “Configuration” header will be displayed. The following two checkboxes will be displayed. Confirm that they are checked and click the [ OK ] button.

  • Use WSL2 instead of Hyper-V (recommended)

  • Add shortcut to desktop

  1. The installation progress will be displayed on the screen.

  2. When the process is complete, the message “Installation succeeded” will be displayed. Click the [ Close ] button. This will complete the process.

Add user to the docker-users group

Installing Docker Desktop adds the docker-users group. User accounts that use Docker must belong to the docker-users group.

If you performed the installation with an administrator account, that account will be added to the docker-users group. Other user accounts must be manually added individually to the docker-users group.

Administrator privileges

docker-users group

Installing user

Yes

Added

No

Not added

Other users

Not added

To add a user account to the docker-users group as an administrator, follow these steps:

  1. Open the “ Computer Management ” window.

  • Right-click the [ Start ] button and choose [ Computer Management ] .

  • The “ Computer Management ” window will be displayed.

  1. Display the list of groups.

  • Using the menu on the left-hand sidebar, select [ Computer Management (local) ] ‣ [ System Tools ] ‣ [ Local Users & Groups ] ‣ [ Groups ] .

  • A list of groups will be displayed in the center of the window.

  1. Edit docker-users properties .

  • Double-click on docker-users in the list to open the docker-users Properties window.

  • Click the [ Add… ] button.

  • Add a user on the Select Users screen.

Launch Docker Desktop

  1. Docker Desktop will not be launched automatically immediately after installation, so it is necessary to do one of the following:

  • If there is a Docker Desktop shortcut on the desktop, double-click it.

  • Click the [ Start ] button and choose [ Docker Desktop ] from the applications list.

  1. When executing for the first time, the Docker Subscription Service Agreement window is displayed. Check the contents and perform the following operations to accept.

  • Click the [ Accept ] button.

  1. The Docker Dashboard will be displayed. When executing for the first time, perform the following operations.

  • “Tell us about the work you do”

    • Click the [ Skip ] button.

  • “Get started with Docker in a few easy steps!”

    • Click the [ Skip ] button.

  • When the “Container” tab is displayed, the operation is complete.

  1. Launch is complete when the whale icon in the taskbar has stopped moving.

  • If the whale icon does not appear in the taskbar, click the up-arrow in the taskbar to display notifications.

To autostart Docker Desktop.

To automatically start Docker Desktop at logon, set:

  1. Launch Docker Desktop.

  2. Choose [Settings] from the menu.

  • “Settings” is the gear icon in the Docker dashboard.

  • Right-clicking the whale icon in the taskbar lets you select [Settings] from the menu there.

  1. Set the following items displayed in [General] tab.

  • Enable [Start Docker Desktop when you log in ].

  • Disable [Open Docker Dashboard at startup ].

  • Click [Apply & Restart ] for the changes to take effect.

Setting up the Docker-WSL integrated environment

Set up the shell in the Linux distribution (Ubuntu) for using docker.

  1. Launch Docker Desktop.

  2. Choose [Settings] from the menu.

  • “Settings” is the gear icon in the Docker dashboard.

  • Right-clicking the whale icon in the taskbar lets you select [Settings] from the menu there.

  1. In the “ [General] ” section of the “Settings” window, check the [Use WSL2 based engine ] checkbox.

  • This will be checked by default if the system supports WSL 2.

  • After changing from unchecked to checked, click [Apply & Restart ].

  1. Select [Resources] ‣ [WSL Integration] from the Settings window’s menu.

  2. Add the Linux distribution to the integrated environments.

  • Check the [Enable integration with my default WSL distro ] checkbox.

  • The installed Linux distributions will be listed Under “ [Enable integration with additional distros: ] ”. Switch on the distributions you want to add to the integrated environment (the switch will turn blue when it is on).

  • Click [Apply & Restart ] .

This completes the process of installing Docker Desktop for Windows.

2.3 Uninstallation procedure

See also the description Uninstall Docker Desktop on the Docker official site.

When no longer needed, follow the procedure below to uninstall Docker Desktop for Windows.

Attention

If you want to leave the Docker image and Docker volume in local storage, perform a backup before uninstalling.

  1. Click the [Start] button ‣ [Settings] (Gear icon) ‣ [Apps] to open [Apps and Features ] .

  2. Select “Docker Desktop” from the list of applications displayed.

  3. Click the [Uninstall ] button.

Delete the docker-users group

  1. Follow the procedure in Add user to the docker-users group to display the list of groups.

  2. Click on docker-users in the list of groups and delete.

3. Log in to the HPCI environment

This section describes the procedure for logging in to the HPCI environment using Docker Desktop for Windows.

The operation flow is as follows.

  1. Launch Docker Desktop

  2. Launch the terminal

  3. Load the Docker image (only when installing)

  4. Launch the Docker container

  5. Run bash

  6. Log in to the login server

  7. Shut down the Docker container

3.1 Launching Docker Desktop

However, if it was set so as not to start automatically when logging in, you will need to perform the following:

  1. Launch Docker Desktop by doing either of the following:

  • If there is a Docker Desktop shortcut on the desktop, double-click it.

  • Click the [ Start ] button and choose [ Docker Desktop ] from the applications list.

  1. Launch is complete when the whale icon in the taskbar has stopped moving.

  • If the whale icon does not appear in the taskbar, click the up-arrow in the taskbar to display notifications.

  • An animated white whale icon indicates that Docker is launching.

  • Once Docker is finished launching, the white whale icon will stop moving, indicating that it is ready to receive docker commands.

  • A red whale icon indicates that an error has occurred.

3.2 Launching the terminal

Launch the Linux distribution (Ubuntu) that was installed using Install the Linux distribution .

  • Click the [ Start ] button and choose [ Ubuntu ] from the list of application

3.3 Loading the Docker image (only when installing)

You will need to store the Docker image in the local-storage domain on the Docker host.

Download

  1. Download the latest Docker image from this URL:

    https://www.hpci.nii.ac.jp/gt6/docker/

The docker image will have the file name gsi-openssh-20230322.tar.xz – substitute the name of the downloaded file.

Load the Docker image

  1. Execute the docker load command to load the Docker image.

username@WINDOWSPC:~$ docker load -i gsi-openssh-20230322.tar.xz
174f56854903: Loading layer [==================================================>]  211.7MB/211.7MB
5025a1479038: Loading layer [==================================================>]  218.5MB/218.5MB
b8772c6e07fc: Loading layer [==================================================>]  31.23kB/31.23kB
f206843fdbc8: Loading layer [==================================================>]  4.096kB/4.096kB
f9ed5f1c7b31: Loading layer [==================================================>]  736.8kB/736.8kB
5f70bf18a086: Loading layer [==================================================>]  1.024kB/1.024kB
Loaded image: hpci/gsi-openssh:20230322
username@WINDOWSPC:~$

  1. To confirm that it is stored in local storage, execute the docker images command. Check that the REPOSITORY is hpci/gsi-openssh, and that the value for TAG matches the date in the docker image file name.

username@WINDOWSPC:~$ docker images hpci/gsi-openssh
REPOSITORY         TAG        IMAGE ID       CREATED        SIZE
hpci/gsi-openssh   20230322   ad9a3118feda   2 months ago   414MB
hpciuser@ATDWIN2:~/Docker/FY2021R2$

3.4 Launching the Docker container

  1. Execute the docker run command to run the Docker image you loaded in Step 3.3.

username@WINDOWSPC:~$ docker run -d --rm --name gsi-openssh -v ~/work:/home/hpciuser/work hpci/gsi-openssh:20230322
1ff0ce65550f60f4b4d5f915463d5edc6e38b86f9680884f0210e60286f792ea
username@WINDOWSPC:~$

The long string is the container ID (UUID). When running or stopping this container, you will use this ID (or its short form).

The options used in this command are:

-d

Run the container in the background

--rm

Automatically delete the container after shutdown.

--name NAME

Sets the name of the container. In the above example, it is named gsi-openssh. To identify this container when running it in the future, you can use the container name gsi-openssh instead of the container ID.

-v LIST

Mounts the host OS directory HOST-DIR in the container directory CONTAINER-DIR. Here, LIST is expressed as HOST-DIR:CONTAINER-DIR. In the above example, the work directory under the username account registered in Ubuntu (/home/username/work) is paired with the container directory /home/hpciuser/work.

Without the -d option, Docker will not return you to the Ubuntu prompt. If this happens, you will need to open Ubuntu again and execute the command docker stop gsi-openssh, which will shut down the container and return you to the Ubuntu prompt from which docker run was executed. From that point, you can execute docker run again.

—The name set using the –name option must not conflict with any existing containers. If there is already a container with the same name, either use a different name or delete the existing container (if it is no longer needed).

If you fail to give a name when using the –name option, the container’s name will be set to a random string of characters. You can check the name using the docker ps command, explained later.

You need to use the -v option to set a directory that the container user can access from CONTAINER-DIR. The Docker image gsi-openssh-20230322.tar.xz has the container user fixed to “hpciuser,” so specify a directory under /home/hpciuser.

  1. To confirm that Docker is running correctly, execute the docker ps command. Check that the parameters below are correct.

CONTAINER ID

The container ID (first 12 characters) displayed when executing docker run

IMAGE

The Docker repository name:tag name specified in the option

NAMES

The name specified by the –name option.

username@WINDOWSPC:~$ docker ps
CONTAINER ID   IMAGE                       COMMAND                  CREATED         STATUS         PORTS     NAMES
1ff0ce65550f   hpci/gsi-openssh:20230322   "sudo /usr/sbin/cron…"   2 minutes ago   Up 2 minutes             gsi-openssh
username@WINDOWSPC:~$

If the output from docker ps does not look like the above, the container may have failed to launch.

The types of information displayed and their order can be changed using the –format option. To show only NAMES, CONTAINER ID, and IMAGE, you will need to execute the following command.

username@WINDOWSPC:~$ docker ps --format "{{.Names}} {{.ID}} {{.Image}}"
gsi-openssh 1ff0ce65550f hpci/gsi-openssh:20230322
username@WINDOWSPC:~$

3.5 Running bash

Bash environment

The bash environment’s settings are as follows. These are all fixed values in the gsi-openssh-20230322.tar.xz Docker image.

  • Username (user ID)

    hpciuser (2000)

  • Group name (group ID)

    hpciuser (2000)

  • Home directory

    /home/hpciuser

  • Time zone (“TZ” environment variable setting)

    JST-9

Run bash

  1. Use the docker exec command to run /bin/bash in the container launched in Step 3.4. Here, this is gsi-openssh.

username@WINDOWSPC:~$ docker exec -i -t gsi-openssh /bin/bash
[hpciuser@XXXXXXXXXXXX ~]$

The options -i and -t are needed to run bash interactively; you can combine these as “-it”.

-i

Keep standard input (STDIN) open.

-t

Allocate a pseudo-terminal (pseudo TTY) to the container process.

After the bash process starts, you will see the following.

  • The prompt will not be a PowerShell prompt but a bash prompt.

  • The “XXXXXXXXXXXX” part is the short form of the container ID.

3.6 Logging into the login server

This section provides an overview of the login procedure. See User’s Guide, HPCI Login Manual for details.

Issue a proxy certificate

First, a proxy certificate must be issued using HPCI Certificate Issuing System and stored in the proxy certificate repository.

Attention

  • Proxy certificates are valid for up to 168 hours.

  • It should be issued (stored) each time it expires.

Download a proxy certificate

Download the proxy certificate to the Docker container.

  1. Download the proxy certificate using the myproxy-logon command.

[hpciuser@XXXXXXXXXXXX ~]$ myproxy-logon -s portal.hpci.nii.ac.jp -l [HPCI-ID]
Enter MyProxy pass phrase: ********
A credential has been received for user <HPCI-ID> in /tmp/x509up_up2000.
[hpciuser@XXXXXXXXXXXX ~]$

  1. Verify the information in the resulting proxy certificate using the grid-proxy-info command.

[hpciuser@XXXXXXXXXXXX ~]$ grid-proxy-info
subject  : /C=JP/O=NII/OU=HPCI/CN=user/CN=proxy/CN=proxy/CN=proxy/CN=proxy
issuer   : /C=JP/O=NII/OU=HPCI/CN=user/CN=proxy/CN=proxy/CN=proxy
identity : /C=JP/O=NII/OU=HPCI/CN=user
type     : RFC 3820 compliant impersonation proxy
strength : 2048 bits
path     : /tmp/x509up_u2000
timeleft : 12:01:15
[hpciuser@XXXXXXXXXXXX ~]$

Log in to the login server

  1. Log in to the login server. In the following example, we are logging in to the login server at the Tokyo Institute of Technology, login.t3.gsic.titech.ac.jp.

[hpciuser@XXXXXXXXXXXX ~]$ gsissh -p 2222 login.t3.gsic.titech.ac.jp
Last login: Tue Jan 24 11:09:13 2023 from xxx.xxx.xxx.xxx
--------------------------------------------------------------------
Last modified: 2023-04-06 17:00:00 JST

 ** Do not run heavy programs like ISVs on login nodes login[01]. **

    (The current TSUBAME 3.0 operational status)
    https://www.t3.gsic.titech.ac.jp/      Twitter:@Titech_TSUBAME
--------------------------------------------------------------------
<HPCI-ID>@login1:~>

  1. When you exit the login server, you will return to the container’s bash shell.

<HPCI-ID>@login1:~> exit
logout
Connection to login.t3.gsic.titech.ac.jp closed.
[hpciuser@XXXXXXXXXXXX ~]$

3.7 Exiting bash

  1. To return to Ubuntu from the container, execute exit in bash.

[hpciuser@XXXXXXXXXXXX ~]$ exit
exit
username@WINDOWSPC:~$ exit

The exit command shuts down the bash process, but the container has not stopped. You can run bash as in Step 3.5 to use the gsissh command again. If you do this while the proxy certificate is valid, you will not need to re-download the proxy certificate.

3.8 Shutting down the Docker container

  1. To shut down the container, execute the docker stop command. The container you shut down will be the one you launched in Step 3.4, in this case, gsi-openssh

username@WINDOWSPC:~$ docker stop gsi-openssh
gsi-openssh
username@WINDOWSPC:~$

Attention

When you shut down a container, it is deleted. Any files created and saved in that container will also be deleted. Before shutting down, you should transfer any important files to the directory /home/hpciuser/work (the directory mounted with the -v option to docker run).

3.9 About saving files to the volume

Attention

If using the WSL 2 backend, performance will be better if you bind-mount to a Linux distribution directory (/home/username) rather than a Windows folder (/mnt/c/Users/username). In this example, we are running Docker on top of Ubuntu.

If you bind-mount to an Ubuntu directory using the -v LISToption to the docker run command, you will be able to share files between the container and Ubuntu.

The container directory that is bind-mounted to the Ubuntu directory will have the following file owner, group, and permissions.

Owner:

hpciuser (2000)

Group:

hpciuser (2000)

Permissions (directory)

0644

Permissions (directory):

0755

The Ubuntu directory will also have these parameters. Note that in the Ubuntu environment, if there is no user named “hpciuser,” the ls command will show the UID and GID as numbers.

4. Updating Docker images

This section will explain how to update an old version of a Docker image to a new version.

We will be using the following Docker image names in these instructions. Substitute the version you are using as appropriate.

Docker image names

New version

hpci/gsi-openssh:20230322

Old version

hpci/gsi-openssh:20220325

4.1 About storing different versions of Docker images

You can use tag identifiers to differentiate multiple versions of Docker images, making it possible to store multiple versions of hpci/gsi-openssh in local storage. To save both versions, load the new version (hpci/gsi-openssh:20230322) into an environment where the old version (hpci/gsi-openssh:20220325) is already loaded.

username@WINDOWSPC:~$ docker image ls
REPOSITORY         TAG        IMAGE ID       CREATED         SIZE
hpci/gsi-openssh   20230322   ad9a3118feda   2 months ago    414MB
hpci/gsi-openssh   20220325   f1854f0761dc   14 months ago   411MB
username@WINDOWSPC:~$

In other words, even loading the new version does not automatically erase the previously loaded old version. If the old version of the image is no longer needed, you will need to explicitly erase it.

4.2 Installing the new version of the Docker image

To install the new version of the Docker image, follow the same instructions you used for the initial deployment in 3.3 Loading the Docker image (only when installing)

4.3 Deleting an old version of a Docker image

If the old version of the Docker image is no longer needed, follow these instructions to delete it from local storage.

Shut down the Docker container

If the Docker image you want to delete is running as a container, you will need to first shut down that container.

  1. Check what Docker container is running using the docker ps command.

username@WINDOWSPC:~$ docker ps -a
CONTAINER ID   IMAGE                       COMMAND                  CREATED         STATUS         PORTS     NAMES
a0eff46d9429   hpci/gsi-openssh:20220325   "sudo /usr/sbin/cron…"   2 minutes ago   Up 2 minutes             gsi-openssh
username@WINDOWSPC:~$

You can see that the container gsi-openssh generated by the old version of the Docker image (hpci/gsi-openssh:20220325) is running.

  1. Shut down the running container using the docker stop command.

    To shut down the container named gsi-openssh, execute the following command.

username@WINDOWSPC:~$ docker stop gsi-openssh
gsi-openssh
username@WINDOWSPC:~$

If you used the –rm option when you executed the docker run command, the container will be deleted when it is shut down.

Delete the Docker container

If you did not use the –rm option when you executed the docker run command, the container will not be deleted when it is just shut down. Perform the following steps to delete the container.

  1. Check all the containers, including stopped ones, using the docker ps -a command.

username@WINDOWSPC:~$ docker ps -a
CONTAINER ID   IMAGE                       COMMAND                  CREATED         STATUS                     PORTS     NAMES
a0eff46d9429   hpci/gsi-openssh:20220325   "sudo /usr/sbin/cron…"   4 minutes ago   Exited (0) 2 minutes ago             gsi-openssh
username@WINDOWSPC:~$

You can see that the container gsi-openssh generated by the old version of the Docker image (hpci/gsi-openssh:20220325) exists and is in an “Exited” state.

  1. To delete the Docker container, use the docker rm command.

    Here, we are deleting the container named gsi-openssh.

username@WINDOWSPC:~$ docker rm gsi-openssh
gsi-openssh
username@WINDOWSPC:~$

Delete the Docker image

  1. To delete the Docker image, execute the docker rmi command.

    Here, we are deleting the image named hpci/gsi-openssh:20220325.

username@WINDOWSPC:~$ docker rmi hpci/gsi-openssh:20220325
Untagged: hpci/gsi-openssh:20220325
Deleted: sha256:f1854f0761dcd1bdc5a8e962b46859c5ee8977070d2fb0ca27add8fa2cff0c76
Deleted: sha256:fc167c148cd97943f88a6a1d5cf9e4340c0db3e01611883a24c7672b5eff9667
Deleted: sha256:99001f468867fe469c22432367824930d635f6e6ba01e1a639cfbc0d48868964
Deleted: sha256:b89aee2f5fd7cc5ee1cf5018b4d53f8cbf552b682baaba767048cdd5fac77858
Deleted: sha256:47d9edad927c33068b60c0da09954396758448b7db460509fd57dbdd7eced3be
username@WINDOWSPC:~$

Attention

If you attempt to delete a container generated from an image while it still exists, you will get the following error message:

username@WINDOWSPC:~$ docker rmi hpci/gsi-openssh:20220325
Error response from daemon: conflict: unable to remove repository reference "hpci/gsi-openssh:20220325" (must force) - container a0eff46d9429 is using its referenced image f1854f0761dc
username@WINDOWSPC:~$

5. How to run an X11 client

This explains the procedure for running an X11 client on a remote host for local display on Windows when connected by gsissh.

For the X server running on Windows 10, we will use VcXsrv.

5.1 Installing VcXsrv

5.1.1 Download

Download the VcXsrv installer from the VcXsrv website.

5.1.2 Install

  1. Run the downloaded VcXsrv installer.

  2. The consent prompt titled “User Account Control” is displayed.

  • Do you want to allow this app from an unknown publisher to make changes to your device ?

  • Click the [ Yes ] button to continue.

  1. On the VcXsrv Setup: Installation Options screen,

  • Change settings as needed. The defaults are usually OK.

  • Click the [ Next> ] button.

  1. On the VcXsrv Setup: Installation Folder screen,

  • Change settings as needed. The defaults are usually OK.

  • Click the [ Install ] button.

  1. VcXsrv Setup: Installing

  • Displays progress.

  • When complete, the title bar will change to “VcXsrv Setup: Completed.”

  • Click the [ Close ] button to finish.

5.2 Run the X client

This explains how to run the X client xeyes on the remote host connected by gsissh in the Docker container.

In this example, you will be logging into das.r-ccs.riken.jp, the login server for the large-memory/GPGPU-equipped client environment at the RIKEN Center for Computational Science (R-CCS).

With VcXsrv running, follow the below procedure in the terminal.

  1. Run the Docker image with the docker run command.

$ docker run -d --rm --name gsi-openssh -v ~/work:/home/hpciuser/work -e DISPLAY=host.docker.internal:0 hpci/gsi-openssh:20230322

Be sure to add the -e DISPLAY=host.docker.internal:0 option to the command.

-e LIST

Sets environment variables that are available for the process that will be launched inside of the container. In the above example, we have set the DISPLAY environment variable to the value host.docker.internal:0.

  1. Connect to the container with the docker exec command.

$ docker exec -it gsi-openssh /bin/bash

  1. Download the proxy certificate using the myproxy-logon command.

[hpciuser@XXXXXXXXXXXX ~]$ myproxy-logon -s portal.hpci.nii.ac.jp -l [HPCI-ID]
Enter MyProxy pass phrase: ********
A credential has been received for user <HPCI-ID> in /tmp/x509up_up2000.
[hpciuser@XXXXXXXXXXXX ~]$

  1. Log in to the login server. In the below example, you will be logging into das.r-ccs.riken.jp, the login server for the large-memory/GPGPU-equipped client environment at the RIKEN Center for Computational Science (R-CCS).

[hpciuser@XXXXXXXXXXXX ~]$ gsissh -Y -p 2222 das.r-ccs.riken.jp
Warning: No xauth data; using fake authentication data for X11 forwarding.
*****************************************************************
Gfarm clients with large memory and GPGPU is ready.

  R-CCS provides 4 compute nodes equipped with large-capacity memory (1,024 GB) and GPGPU (NVIDIA Tesla P100) as  HPCI shared storage clients.
  You can use exclusively one of these 4 compute nodes by using pbs pro job scheduler on the login server(das.r-ccs.riken.jp).
  The followings can be used on each compute node.

   Singularity, Container execution environment
   ParaView, Visualization environment
   HPCI shared storage from Singularity container
   Intel compiler and PGI compiler

    For details, please visit : https://www.hpci-office.jp/info/pages/viewpage.action?pageId=133667887
*****************************************************************
Last login: Wed Jun 30 15:31:18 2021 from 202.221.181.100
[username@das ~]$

To enable “X Forwarding”, add the -Y option.

-Y

This results in more dependable X11 transfers.

  1. Run xeyes

[username@das ~]$ xeyes

6. Notes on container environments

6.1 sudo

sudo(8) can be run as NOPASSWD. For details, refer to the following file.

  • /etc/sudoers.d/hpciuser