Packages, Requirements, Planning, and Preparation

Install Methodology

Enterprise Nucleus Server ships as a series of docker-compose stack and configuration files. A user is expected to configure the underlying infrastructure, adjust configuration as required, and deploy one or more compose stacks in accordance with her needs.

Compose files will pick up various containers for Nucleus components from a docker container registry, access to which is required in addition to obtaining the compose files.

Please contact your NVIDIA representative to obtain access to the above artifacts.

Stack Details

Within your package, you will find a number of setups - combinations of compose files, settings (.env) files, and miscellanea.

Each compose setup has at least two parts to it - .yml (which is the actual compose file) and .env (which contains most common settings for the compose file).

Trying to keep our documentation as close to the code as possible, the bulk of information necessary to successfully deploy a stack is contained in the included README and .env files. Please make sure to review these files, and make sure you understand them completely. That’s where the bulk of actual Nucleus setup documentation lives. Not doing so is going to ensure that you will arrive at a broken deployment.

Some advanced features may require modifying the compose (.yml) files - with details inside them as well.

Note: these compose files are designed for docker-compose setups, and will not run on Swarms, though they can be easily adopted to run there.

Just a quick reminder on starting and managing docker-compose setups:

  • docker-compose --env-file <.env file path> -f <.yml file path> pull downloads images

  • docker-compose --env-file <.env file path> -f <.yml file path> up starts the stack in the foreground, with logs streamed to your terminal

  • docker-compose --env-file <.env file path> -f <.yml file path> up -d starts the stack in the background, ‘daemonizing’ it

  • docker-compose --env-file <.env file path> -f <.yml file path> down stop the stack or cleans up, which is a useful thing to do before starting it back up

System and Infrastructure Requirements

Hardware

Nucleus stack does not require any special hardware - it’s a simple CPU/RAM/IO workload. From an operational and resource utilization standpoint, it can be thought of as a sophisticated file server.

We recommend:

  • 12+ cores (3.0 GHz or better)

  • 32 gigabytes of RAM - and the more RAM the better due to OS filesystem level caching

  • Network and storage based on desired IO performance and capacity

Above configuration will work well for up to 500 total users and 10 concurrent downloads. If more concurrent downloads are expected, we recommend adding one LFT instance per 10 concurrent downloads. Each one of those will require an additional core and an additional one gigabyte of RAM.

One instance of Nucleus can support up to 25 simultaneous live editing sessions. If more are desired, multiple instances of Nucleus should be deployed.

In reality, of course, resource usage will highly depend on load.

Ultimately, we recommend monitoring the installation, and adding resources and scaling services as required.

Note: the above are recommended amounts of resources to be allocated for a production instance. For evaluation and playing around, a few cores and 4-6 gigabytes of RAM should be sufficient.

Network

Aside from basic considerations of making sure network matches and balances out other IO bottlenecks, for production instances, prudence may dictate isolating Nucleus Servers in a separate, controlled, subnet, and following other security and network architecture best practices. With SSL/TLS, latter becomes a necessity (having Nucleus on an open network will negate all benefits of SSL/TLS because Nucleus keeps it’s service ports open regardless of SSL/TLS).

Topic of SSL/TLS configuration is covered in it’s own section.

Having a DNS server is desirable as well - and with SSL/TLS, becomes a necessity.

Miscellanea

In addition to basics, an installation of Nucleus requires some keys and may require SSL/TLS certificates, depending on the desired goals.

In production environments, questions of proper generation and house-keeping of those should be answered, if security is a consideration.

In general, requirements for key generation and handling can be summarized as:

  • Ability to generate and manage symmetric keys of varying lengths

  • Ability to generate and manage RSA keypairs

Preparation

Host

Host operating system can be any Linux - keeping in mind that you will need to install a recent Docker onto it. We run Ubuntu 18.04, Docker CE 18.x and 19.x on our production instances, and find that generally Ubuntu is the most user friendly and catered to. Other most popular options include CentOS and Debian.

We currently do not support Docker on Windows.

Docker and Compose

We run Docker 18.x and Docker 19.x in our installations. Newer versions of Docker should work as well, though we have not tested them.

Do not use your distribution’s default packages, or any other packages coming from a package manager (i.e., snap). They are usually outdated or packaged incorrectly. In other words, don’t apt install docker and just expect it to work - it most likely won’t. Instead,

Firewalls

We do not run firewalls on our Docker hosts. We have observed in-the-field situations where enabled firewalls (ie, ufw) caused problems (services not being accessible, crashloops of some services, etc).