cloudmesh-pi-burn 4.3.5

A command called burn and foo for the cloudmesh shell

Cloudmesh Pi Burner for SD Cards

WARNING: This program is designed for a Raspberry Pi and must not be executed on your laptop or desktop. An earlier version that could be run on Linux, macOS, and Windows 10 is no longer supported. If you want to help us porting them on any of these OSes, please contact laszewski@gmail.com

• Cloudmesh Pi Burner for SD Cards
  • cms burn
  • Nomenclature
  • Quickstart for Restricted WiFi Access
    • Requirements
    • Master Pi
    • Single Card Burning
    • Burning Multiple SD Cards with a Single Burner
    • Connecting Pis to the Internet via Bridge (OPTION 1)
  • Quickstart Guide for Mesh Networks
  • Set up of the SSH keys and SSH tunnel
  • Manual Pages
    • Manual Page for the burn command
    • Manual Page for the bridge command
    • Manual Page for the host command

cms burn

cms burn is a program to burn many SD cards for the preparation of building clusters with Raspberry Pi's. It allows users to create readily bootable SD cards that have the network configured, contain a public ssh key from your machine that you used to configure the cards. Thus not much additional setup is needed for a cluster. Another unique feature is that you can burn multiple cards in a row, each with their individual setup such as hostnames and ipadresses.

Nomenclature

• Commands proceeded with pi@red:$ are to be executed on the Rasperry Pi with the name red.

• Commands with (ENV3) pi@red:$ are to be executed in a virtula ENV using Python 3 on the Raspberry Pi with the name red

Quickstart for Restricted WiFi Access

To provide you with a glimpse on what you can do with cms burn, we have provided this quickstart guide that will create one master PI and several workers.

This setup is intended for those who have restricted access to their home network (ie. cannot access router controls). For example, those on campus WiFis or regulated apartment WiFis.

The Figure 1 describes our network configuration. We have 5 Raspberry Pi 4s: 1 master and 4 workers. We have WiFi access, but we do not necessarily have access to the router's controls.

We also have a network switch, where the master and workers can communicate locally, but we will also configure the master to provide internet access to devices on the network switch via a "network bridge".

Figure 1: Pi Cluster setup with bridge network

Requirements

For the quickstart we have the following requirements:

• SD Cards and Raspberry Pis

• Master Pi: You will need at least 1 Raspberry Pi SD Card burned using Raspberry Pi imager. You can use your normal operating system to burn such a card including Windows, macOS, or Linux. Setting up a Raspberry Pi in this manner should be relatively straightforward as it is nicely documented online (For example, how to setup SSH). All you will need for this guide is an internet connection for your Pi. It might also be of use to change the hostname of this Pi.

• You will need an SD card writer (USB tends to work best) to burn new cards We recommend that you invest in a USB3 SDCard writer as they are significantly faster and you can resuse them on PI'4s

Master Pi

Step 1. Installing Cloudmesh on the Master Pi

The simple curl command below will generate an ssh-key, update your system, and install cloudmesh.

pi@masterpi:~ $ curl -Ls http://cloudmesh.github.io/get/pi | sh

This will take a moment...

Step 2. Activate Python Virtual Environment

Activate Python Virtual Environment, if you have not already, enter the Python virtual environment provided by the installation script.

pi@masterpi:~ $ source ~/ENV3/bin/activate

Step 3. Download the latest Raspberry Pi Lite OS

The following command will download the latest images for Raspberry Lite OS.

(ENV3) pi@masterpi:~ $ cms burn image get latest

We can verify our image's downloaded with the following.

(ENV3) pi@masterpi:~ $ cms burn image ls

Step 4. Setup SD Card Writer

Run the following command to setup your SD Card Writer with cms burn. It will provide a sequence of instructions to follow.

(ENV3) pi@masterpi:~ $ cms burn detect

Make sure the USB Reader(s) is removed ...
Is the reader(s) removed? y/n
Now plug in the Reader(s) ...
Is the reader(s) plugged in? y/n

# ----------------------------------------------------------------------
# Detected Card Writers
# ----------------------------------------------------------------------

Bus 001 Device 003: ID 1908:0226 GEMBIRD

Now insert a FAT32 formatted SD cards into your writer to create worker SD cards.

Running the following command will provide us information on our SD card's location on the system.

(ENV3) pi@masterpi:~ $ cms burn info
...
# ----------------------------------------------------------------------
# SD Cards Found
# ----------------------------------------------------------------------

+----------+----------------------+----------+-----------+-------+------------------+---------+-----------+-----------+
| Path     | Info                 | Readable | Formatted | Empty | Size             | Aaccess | Removable | Writeable |
+----------+----------------------+----------+-----------+-------+------------------+---------+-----------+-----------+
| /dev/sda | Generic Mass-Storage | True     | True      | False | 64.1 GB/59.7 GiB | True    | True      |           |
+----------+----------------------+----------+-----------+-------+------------------+---------+-----------+-----------+

cms burn info has other useful information, but for the purposes of this guide we omit it.

We can see from the information displayed that our SD card's path is /dev/sda. Of course, this may vary. Let us record this path for cms burn access.

(ENV3) pi@masterpi:~ $ export DEV=/dev/sda

cms burn is now properly configured and ready to begin burning cards. See the following sections on burning that are in accordance with your setup.

Single Card Burning

Step 0. Ensure the SD card is inserted.

We can run cms burn info again as we did above to verify our SD card is connected.

Step 1. Burning the SD Card

Choose a hostname for your card. We will use red001.

(ENV3) pi@masterpi:~ $ cms burn create --hostname=red001

Wait for the card to burn. Once the process is complete, it is safe to remove the SD card.

Burning Multiple SD Cards with a Single Burner

Step 0. Ensure the first SD card is inserted into the burner.

We can run cms burn info again as we did above to verify our SD card is connected.

Step 2. Burning the Cards

cms burn supports logical incremenation of numbers/characters.

For example, red00[1-2] is interpreted by cms burn as [red001, red002]. Similarly, red[a-c] is interpreted by cms burn as [reda, redb, redc].

We can burn 2 SD cards as follows:

(ENV3) pi@masterpi:~ $ cms burn create --hostname=red00[1-2]

The user will be prompted to swap the SD cards after each card burn if there are still remaining cards to burn.

One if the important aspects is how to set up networking. We have three options

OPTION 1: The framework we use to set up default networking will use a DHCP server. This is configured at a later step with the command cms bridge that manages all ip addresses on the master. This is the easiest way to set up networking. There are two other options

OPTION 2: Setup static IPs via the bridge command. cms bridge allows users to assign static IPs to nodes in their cluster. See cms bridge documentation for more information.

OPTION 3: If the user wishes to strictly assign a static IP at the time of burning, they may use the --ipaddr=IP as noted in the cms burn manual. The behavior of this parameter is very similar to the hostnames parameter. For example, 10.1.1.[1-3] evaluates to [10.1.1.1, 10.1.1.2, 10.1.1.3]

Which option you use may depend on your persoanl preferences or your network requirements. If in doubt, start with OPTION 1.

Connecting Pis to the Internet via Bridge (OPTION 1)

Figure 1 depicts how the network is set up with the help of the bridge command.

Figure 1: Networking Bridge

Step 0. Recap and Setup

At this point we assume that you have used cms burn to create all SD cards for the Pi's.

We are also continuing to use masterpi (which is where we burn the worker SD cards).

We will now use cms bridge to connect the worker Pis to the internet. Let us again reference the diagram of our network setup. You should now begin connecting your Pis together via network switch. Ensure that masterpi is also connected into the network switch.

Step 1. Verify Local Connection to Workers

Ensure your workers are booted and that your network switch is turned on. Once the Pis are done booting up, we will verify our local connections to them on the network switch via SSH.

Note: To figure out when a Pi is done completing its initial bootup process, the green light on the Pi will flash periodically until the bootup/setup is complete. Once there is just a red light for a period, the Pi is ready.

Once your setup is configured in this manner, Pi Master should be able to ssh into each node via its hostname. For example, if one of our workers is red001, we may ssh to them as follows:

(ENV3) pi@masterpi:~ $ ssh pi@red001.local

If this is successful, you are ready to connect your workers to the internet.

Step 2. Configuring our Bridge

At this point, the master pi can talk to the workers via the network switch. However, these burned Pis do not have internet access. It can be very tedious to connect each Pi individually to our WiFi. So we provide a command to "bridge" internet access between the burner Pi and the burned Pis. This program should already be installed by the cloudmesh installation script.

We can easily create our bridge as follows.

(ENV3) pi@masterpi:~ $ cms bridge create --interface='wlan0'

This will take a moment while the dependencies are installed...

Note the --interface option indicates the interface used by the master pi to access the internet. In this case, since we are using WiFi, it is most likely wlan0. Other options such as eth0 and eth1 exist for ethernet connections.

Once the installations are complete, let us restart the bridge to reflect these changes.

(ENV3) pi@masterpi:~ $ cms bridge restart --background

Note the use of --background in this case is recommended as the process may potentially break a user's SSH pipeline (due to WiFi). If this is the case, the program will continue in the background without error and the user will be able to SSH shortly after.

Once the process is complete, we can use the following command to list our connected devices.

(ENV3) pi@masterpi:~ $ cms bridge info
bridge info

# ----------------------------------------------------------------------
#
# IP range: 10.1.1.2 - 10.1.1.122
# Manager IP: 10.1.1.1
#
# # LEASE HISTORY #
# 2021-01-21 06:04:08 dc:a6:32:e8:01:a3 10.1.1.84 red001 01:dc:a6:32:e8:01:a3
# 2021-01-21 06:04:08 dc:a6:32:e7:f0:fb 10.1.1.12 red003 01:dc:a6:32:e7:f0:fb
# 2021-01-21 06:04:08 dc:a6:32:e8:02:cd 10.1.1.22 red004 01:dc:a6:32:e8:02:cd
# 2021-01-21 06:04:08 dc:a6:32:e8:06:21 10.1.1.39 red002 01:dc:a6:32:e8:06:21
# ----------------------------------------------------------------------

At this point, our workers should have internet access. Let us SSH into one and ping google.com to verify.

(ENV3) pi@masterpi:~ $ ssh red001

pi@red001:~ $ ping google.com
PING google.com (142.250.64.238) 56(84) bytes of data.
64 bytes from mia07s57-in-f14.1e100.net (142.250.64.238): icmp_seq=1 ttl=106 time=48.2 ms
64 bytes from mia07s57-in-f14.1e100.net (142.250.64.238): icmp_seq=2 ttl=106 time=48.3 ms
64 bytes from mia07s57-in-f14.1e100.net (142.250.64.238): icmp_seq=3 ttl=106 time=47.9 ms
64 bytes from mia07s57-in-f14.1e100.net (142.250.64.238): icmp_seq=4 ttl=106 time=47.10 ms
64 bytes from mia07s57-in-f14.1e100.net (142.250.64.238): icmp_seq=5 ttl=106 time=48.5 ms
^C
--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 9ms
rtt min/avg/max/mdev = 47.924/48.169/48.511/0.291 ms

Note how we are able to omit the pi user and .local extension

The cluster is now complete.

Quickstart Guide for Mesh Networks

This section is still under development.

In case you have a Mesh Network, the setup can typically be even more simplifies as we can attach the unmanaged router directly to a Mesh node via a network cable. IN that case the node is directly connected to the internet and uses the DHCP feature from the Mesh router (see Figure 2).

Figure 2: Networking with Mesh network

You will not need the bridge command to setup the network.

Set up of the SSH keys and SSH tunnel

This section is still under development.

One important aspect of the cluster is to setup authentication with ssh, so we can easily login from the Laptop to each of the PI workers and the PI manager. Furthermore, we like to be able to login from the PI Master to each of the workers. In addition, we like to be able to login between the workers.

To simplify the setup of this we have developed a command cms host with the options. To generate on multiple machines on the network keys, to gather them and to redistribute or scatter them so that we can easily authenticate as discussed previously.

One important part of this is that the key on the Laptop must not be password less. This is also valid for any machine that is directly added to the network such as in the Mesh notwork.

To avoid password less keys we recommend you to use ssh-add or ssh-keychain.

More infor and a concrete example will be documented here shortly.

The manual page for cms host is provided in the Manual Page section.

Manual Pages

Manual Page for the burn command

Note to execute the command on the commandline you have to type in cms burn and not jsut burn.

  burn network list [--ip=IP] [--used]
  burn network
  burn info [DEVICE]
  burn detect
  burn image versions [--refresh]
  burn image ls
  burn image delete [IMAGE]
  burn image get [URL]
  burn create [--image=IMAGE]
                         [--device=DEVICE]
                         [--hostname=HOSTNAME]
                         [--ipaddr=IP]
                         [--sshkey=KEY]
                         [--blocksize=BLOCKSIZE]
                         [--dryrun]
                         [--passwd=PASSWD]
                         [--ssid=SSID]
                         [--wifipassword=PSK]
                         [--format]
  burn burn [IMAGE] [DEVICE] --[dryrun]
  burn mount [DEVICE] [MOUNTPOINT]
  burn set host [HOSTNAME] [MOUNTPOINT]
  burn set ip [IP] [MOUNTPOINT]
  burn set key [KEY] [MOUNTPOINT]
  burn enable ssh [MOUNTPOINT]
  burn unmount [DEVICE]
  burn wifi SSID [PASSWD] [-ni]

Options:
  -h --help              Show this screen.
  --version              Show version.
  --image=IMAGE          The image filename,
                         e.g. 2019-09-26-raspbian-buster.img
  --device=DEVICE        The device, e.g. /dev/mmcblk0
  --hostname=HOSTNAME    The hostname
  --ipaddr=IP            The IP address
  --key=KEY              The name of the SSH key file
  --blocksize=BLOCKSIZE  The blocksise to burn [default: 4M]

Files:
  This is not fully thought through and needs to be documented
  ~/.cloudmesh/images
    Location where the images will be stored for reuse

Description:
    cms burn create --passwd=PASSWD

         if the passwd flag is added the default password is
         queried from the commandline and added to all SDCards

         if the flag is ommitted login via the password is disabled
         and only login via the sshkey is allowed

  Network

    cms burn network list

        Lists the ip addresses that are on the same network

         +------------+---------------+----------+-----------+
         | Name       | IP            | Status   | Latency   |
         |------------+---------------+----------+-----------|
         | Router     | 192.168.1.1   | up       | 0.0092s   |
         | iPhone     | 192.168.1.4   | up       | 0.061s    |
         | red01      | 192.168.1.46  | up       | 0.0077s   |
         | laptop     | 192.168.1.78  | up       | 0.058s    |
         | unkown     | 192.168.1.126 | up       | 0.14s     |
         | red03      | 192.168.1.158 | up       | 0.0037s   |
         | red02      | 192.168.1.199 | up       | 0.0046s   |
         | red        | 192.168.1.249 | up       | 0.00021s  |
         +------------+----------------+----------+-----------+

    cms burn network list [--used]

        Lists the used ip addresses as a comma separated parameter
        list

           192.168.50.1,192.168.50.4,...

    cms burn network address

        Lists the own network address

         +---------+----------------+----------------+
         | Label   | Local          | Broadcast      |
         |---------+----------------+----------------|
         | wlan0   | 192.168.1.12   | 192.168.1.255  |
         +---------+----------------+----------------+

Examples: ( \ is not shown)

   > cms burn create --image=2019-09-26-raspbian-buster-lite
   >                 --device=/dev/mmcblk0
   >                 --hostname=red[5-7]
   >                 --ipaddr=192.168.1.[5-7]
   >                 --sshkey=id_rsa

   > cms burn image get latest

   > cms burn image get https://downloads.raspberrypi.org/
   >   raspbian_lite/images/
   >   raspbian_lite-2018-10-11/2018-10-09-raspbian-stretch-lite.zip

   > cms burn image delete 2019-09-26-raspbian-buster-lite

Manual Page for the bridge command

Note to execute the command on the commandline you have to type in cms bridge and not jsut bridge.

  bridge create [--interface=INTERFACE] [--ip=IPADDRESS] [--range=IPRANGE] [--purge]
  bridge set HOSTS ADDRESSES 
  bridge restart [--nohup] [--background]
  bridge status
  bridge test HOSTS [--rate=RATE]
  bridge list NAMES
  bridge check NAMES [--configuration] [--connection]
  bridge info

Arguments:
    HOSTS        Hostnames of connected devices. 
                 Ex. red002
                 Ex. red[002-003]

    ADDRESSES    IP addresses to assign to HOSTS. Addresses
                 should be in the network range configured.
                 Ex. 10.1.1.2
                 Ex. 10.1.1.[2-3]

    NAMES        A parameterized list of hosts. The first hostname 
                 in the list is the master through which the traffic 
                 is routed. Example:
                 blue,blue[002-003]

Options:
    --interface=INTERFACE  The interface name [default: eth1]
                           You can also specify wlan0 if you wnat
                           to bridge through WIFI on the master
                           eth0 requires a USB to WIFI adapter

    --ip=IPADDRESS         The ip address [default: 10.1.1.1] to
                           assign the master on the
                           interface. Ex. 10.1.1.1

    --range=IPRANGE        The inclusive range of IPs that can be
                           assigned to connecting devices. Value
                           should be a comma separated tuple of the
                           two range bounds. Should not include the
                           ip of the master Ex. 10.1.1.2-10.1.1.20
                           [default: 10.1.1.2-10.1.1.122]

    --workers=WORKERS      The parametrized hostnames of workers
                           attatched to the bridge.
                           Ex. red002
                           Ex. red[002-003]

    --purge                Include option if a full reinstallation of
                           dnsmasq is desired

    --background           Runs the restart command in the background.
                           stdout to bridge_restart.log

    --nohup                Restarts only the dnsmasq portion of the
                           bridge. This is done to surely prevent
                           SIGHUP if using ssh.

    --rate=RATE            The rate in seconds for repeating the test
                           If ommitted its done just once.

Description:

  Command used to set up a bride so that all nodes route the traffic
  trough the master PI.

  bridge create [--interface=INTERFACE] [--ip=IPADDRESS] [--range=IPRANGE]
      creates the bridge on the current device
      The create command does not restart the network.

  bridge set HOSTS ADDRESSES 
      the set command assigns the given static 
      ip addresses to the given hostnames.

  bridge status
      Returns the status of the bridge and its linked services.

  bridge restart [--nohup]
      restarts the bridge on the master without rebooting. 

  bridge test NAMES
      A test to see if the bridges are configured correctly and one
      hase internet access on teh specified hosts.

  bridge list NAMES
      Lists information about the bridges (may not be needed)

  bridge check NAMES [--config] [--connection]
      provides information about the network configuration
      and netwokrk access. Thisis not a comprehensive speedtest
      for which we use test.

  bridge info
      prints relevant information about the configured bridge


Design Changes:
  We still may need the master to be part of other commands in case
  for example the check is different for master and worker

Manual Page for the host command

Note to execute the command on the commandline you have to type in cms host and not jsut host.

    host scp NAMES SOURCE DESTINATION [--dryrun]
    host ssh NAMES COMMAND [--dryrun] [--output=FORMAT]
    host config NAMES [IPS] [--user=USER] [--key=PUBLIC]
    host check NAMES [--user=USER] [--key=PUBLIC]
    host key create NAMES [--user=USER] [--dryrun] [--output=FORMAT]
    host key list NAMES [--output=FORMAT]
    host key gather NAMES [--authorized_keys] [FILE]
    host key scatter NAMES FILE

This command does some useful things.

Arguments:
    FILE   a file name

Options:
    --dryrun   shows what would be done but does not execute
    --output=FORMAT  the format of the output

Description:

    host scp NAMES SOURCE DESTINATION

      TBD

    host ssh NAMES COMMAND

      runs the command on all specified hosts
      Example:
           ssh red[01-10] "uname -a"

    host key create NAMES
      create a ~/.ssh/id_rsa and id_rsa.pub on all hosts specified
      Example:
          ssh key create "red[01-10]"

    host key list NAMES

      list all id_rsa.pub keys from all hosts specifed
       Example:
           ssh key list red[01-10]

    host key gather HOSTS FILE

      gathers all keys from file FILE including the one from localhost.

          ssh key gather "red[01-10]" keys.txt

    host key scatter HOSTS FILE

      copies all keys from file FILE to authorized_keys on all hosts,
      but also makes sure that the users ~/.ssh/id_rsa.pub key is in
      the file.

      1) adds ~/.id_rsa.pub to the FILE only if its not already in it
      2) removes all duplicated keys

      Example:
          ssh key scatter "red[01-10]"

    host key scp NAMES FILE

      copies all keys from file FILE to authorized_keys on all hosts
      but also makes sure that the users ~/.ssh/id_rsa.pub key is in
      the file and removes duplicates, e.g. it calls fix before upload

      Example:
          ssh key list red[01-10] > pubkeys.txt
          ssh key scp red[01-10] pubkeys.txt

    host config NAMES IPS [--user=USER] [--key=PUBLIC]

      generates an ssh config file tempalte that can be added to your
      .ssh/config file

      Example:
          cms host config "red,red[01-03]" "198.168.1.[1-4]" --user=pi

    host check NAMES [--user=USER] [--key=PUBLIC]

      This command is used to test if you can login to the specified
      hosts. It executes the hostname command and compares it.
      It provides a table  with a sucess column

      cms host check "red,red[01-03]"

          +-------+---------+--------+
          | host  | success | stdout |
          +-------+---------+--------+
          | red   | True    | red    |
          | red01 | True    | red01  |
          | red02 | True    | red02  |
          | red03 | True    | red03  |
          +-------+---------+--------+