[WIP]Add packer support for building AWS AMI

[shub-kris]

This PR aims to fix issue #433.

[philschmid]

Left some comments!

Do you know if we also can add a "print" when the instance is launched with some instructions, e.g. where to find examples, docs and how to run something. Like a welcome messages.

[philschmid]

This would be a big breaking change to the existing AMI. Where you can straight up use "python". Can we either activate it by default or not use a virtual env?

[shub-kris]

The base AMI let's us use the neuron package and other pre-installed packages only if we activate this environment. If we plan to not use a virtual env then we need to install everything just like the earlier repo.
Let me check if I can still access the neuron stuff atleast without activating the venv

[shub-kris]

And in that case we should use https://aws.amazon.com/releasenotes/aws-deep-learning-ami-base-neuron-ubuntu-20-04/ as mentioned in the documentation that

The Base AMI comes with a foundational platform of GPU drivers and acceleration libraries to deploy your own customized deep learning environment. 

[philschmid]

If those are only installed in venv then we should defaulty activate those on instance start and ssh connection.

[shub-kris]

okay, will add it in bashrc which should solve it in the final AMI

[shub-kris]

Left some comments!

Do you know if we also can add a "print" when the instance is launched with some instructions, e.g. where to find examples, docs and how to run something. Like a welcome messages.

Hi @philschmid regarding this, I tried making a file called 99-custom-message in /etc/update-motd.d, it doesn't work when ssshing for the first time but works in the second time and I have no clue why?

I also tried doing something like this

  provisioner "shell" {
    inline = [
      "sudo mv /tmp/welcome.sh /etc/ssh/welcome.sh",
      "sudo chmod +x /etc/ssh/welcome.sh",
      "sudo sed -i 's/#Banner/Banner/' /etc/ssh/sshd_config",
      "sudo sed -i '/^Banner/c\\Banner /etc/ssh/welcome.sh' /etc/ssh/sshd_config",
      "sudo systemctl restart sshd"
    ]
  }

This works but the script is not seen as a script but it rather prints out everything.

So if my /tmp/welcome.sh was like this

#!/bin/bash

"Welcome to your instance!"
"You can find examples and documentation at <link>"
"To run something, use <command>"

Then everything is printed as it is

[philschmid]

Left some comments!
Do you know if we also can add a "print" when the instance is launched with some instructions, e.g. where to find examples, docs and how to run something. Like a welcome messages.

Hi @philschmid regarding this, I tried making a file called 99-custom-message in /etc/update-motd.d, it doesn't work when ssshing for the first time but works in the second time and I have no clue why?

I also tried doing something like this

  provisioner "shell" {
    inline = [
      "sudo mv /tmp/welcome.sh /etc/ssh/welcome.sh",
      "sudo chmod +x /etc/ssh/welcome.sh",
      "sudo sed -i 's/#Banner/Banner/' /etc/ssh/sshd_config",
      "sudo sed -i '/^Banner/c\\Banner /etc/ssh/welcome.sh' /etc/ssh/sshd_config",
      "sudo systemctl restart sshd"
    ]
  }

This works but the script is not seen as a script but it rather prints out everything.

So if my /tmp/welcome.sh was like this

#!/bin/bash

"Welcome to your instance!"
"You can find examples and documentation at <link>"
"To run something, use <command>"

Then everything is printed as it is

Please try look into what it is not shown. Having a message for the second ssh is not helpful. Have you tried searching for it?, e.g. https://askubuntu.com/questions/1394600/motd-not-showing-up-on-ubuntu-21-10
Or does the base AMI already have something which can lead to issues etc. It should work since i used other ubuntu based ami in the past which had this.

[philschmid]

I did another review. Please look at my comments there are a lot of things unclear to me. Also we want to use the existing Neuron AMI. We don't want to install any neuronx dependencies.

[shub-kris]

I need to create a channel and an app in order to set this up.
I was thinking of naming it optimum-neuron-ci-daily
@philschmid

[philschmid]

can you check with the infra team. They have some conventions for alerts, and they can create a channel

[shub-kris]

Okay

[philschmid]

Left two minor comments, but overall looks good!

[philschmid]

Lets unify this an call it OPTIMUM_VERSION

[philschmid]

can we add a comment where/how to get new ami ids?

[philschmid]

LGTM!

[dacorvo]

Suggested change

	- [build.pkr.hcl](./hcl2-files/build.pkr.hcl): contains the [build](https://developer.hashicorp.com/packer/docs/templates/hcl_templates/blocks/build) defines what builders are started, how to provision them using [provisioner](https://developer.hashicorp.com/packer/docs/templates/hcl_templates/blocks/build/provisioner) and if necessary what to do with their artifacts using `post-process`.
	- [build.pkr.hcl](./hcl2-files/build.pkr.hcl): contains the [build](https://developer.hashicorp.com/packer/docs/templates/hcl_templates/blocks/build), defines what builders are started, how to provision them using [provisioner](https://developer.hashicorp.com/packer/docs/templates/hcl_templates/blocks/build/provisioner) and if necessary what to do with their artifacts using `post-process`.

[dacorvo]

Consider splitting this comment on multiple lines: not all editors wrap lines automatically (mine doesn't)

[shub-kris]

Okay

[dacorvo]

Are we sure we want to share this on a public repository ?

[shub-kris]

Umm, then we add it in secrets somewhere I guess.
@philschmid wdyt?

[philschmid]

Yes AWS Account IDs are not sensitive.

[philschmid]

While account IDs, like any identifying information, should be used and shared carefully, they are not considered secret, sensitive, or confidential information.

https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-identifiers.html#:~:text=While%20account%20IDs%2C%20like%20any,Canonical%20user%20ID

[dacorvo]

Why not letting optimum-neuron pull the right version ?

[philschmid]

Would this install the extras? i don't think thats possible.

[shub-kris]

I don't think it will install extras, https://github.com/huggingface/optimum-neuron/blob/main/setup.py#L16

[philschmid]

We require the transformers extras with sklearn,sentencepiece,vision to make sure training for all model works correctly, e.g. models needing sentence piece or pillow.

[dacorvo]

LGTM, thanks for the pull-request !

[dacorvo]

The CI is failing: is this expected ?

[shub-kris]

The CI is failing: is this expected ?

@dacorvo fails because of not having the aws account credentials yet in the repo.

[philschmid]

Lets align the ref and then we are good.

[philschmid]

Why is it here github.event.repository.default_branch and not github.ref? Wouldn't this mean that when we open a PR with changes, we would still install the main branch?

Lets align this. Otherwise i can be confusing for others when the need to makes changes for the ami and the main branch.

[shub-kris]

Yes, it would then install the main branch.

The workflow either gets triggered when someone makes changes to infrastructure/ami/**' then in that case the optimum_version would be main and if it is triggered automatically using scheduler or manually through cli then it would either be main or the tag passed.

If we want to build this image at any particular change in ref repo, which makes sense then I need to remove the path: infrastructure/ami/**

[philschmid]

okay let's keep it but add a comment that others understand why.

[shub-kris]

@philschmid Added the comments

[shub-kris]

So shall I go ahead and merge it?

[philschmid]

Yes feel free to merge