本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# 將服務受管機群連接至自訂授權伺服器
您可以攜帶自己的授權伺服器,以與截止日期雲端服務受管機群搭配使用。若要取得自己的授權,您可以使用陣列中的佇列環境來設定授權伺服器。若要設定授權伺服器,您應該已設定陣列和佇列。
連線至軟體授權伺服器的方式取決於機群的組態和軟體廠商的需求。一般而言,您可以透過下列兩種方式之一存取伺服器:
+ 直接傳送至授權伺服器。您的工作者會使用網際網路從軟體廠商的授權伺服器取得授權。您的所有工作者都必須能夠連線到伺服器。
+ 透過授權代理。您的工作者連線到本機網路中的代理伺服器。只有代理伺服器才能透過網際網路連線至廠商的授權伺服器。
使用下列指示,您可以使用 Amazon EC2 Systems Manager (SSM) 將連接埠從工作者執行個體轉送到您的授權伺服器或代理執行個體。在以下範例中,如果您的授權伺服器無法提供授權,則會使用 Deadline Cloud 的用量型授權。在耗盡授權之後,移除不適用於您不想使用用量型授權之管道或產品的區段。
**Topics**
+ [步驟 1:設定佇列環境](#configure-queue-environment)
+ [步驟 2:(選用) 授權代理執行個體設定](#license-proxy)
+ [步驟 3: CloudFormation 範本設定](#byol-cfn-template)
## 步驟 1:設定佇列環境
您可以在佇列中設定佇列環境來存取授權伺服器。首先,請確定您已使用下列其中一種方法來設定具有授權伺服器存取權的 AWS 執行個體:
+ 授權伺服器 – 執行個體會直接託管授權伺服器。
+ 授權代理 – 執行個體具有授權伺服器的網路存取權,並將授權伺服器連接埠轉送至授權伺服器。如需如何設定授權代理執行個體的詳細資訊,請參閱 [步驟 2:(選用) 授權代理執行個體設定](#license-proxy)。
如需設定授權環境變數的詳細資訊,請參閱 [步驟 3:將轉譯應用程式連接到端點](cmf-ubl.md)。對於自訂授權伺服器設定,授權伺服器地址會保持 localhost,而不是 Amazon VPC 端點。
**將必要的許可新增至佇列角色**
1. 從[截止日期雲端主控台](https://console.aws.amazon.com/deadlinecloud/home)中,選擇**前往儀表板**。
1. 從儀表板中選取陣列,然後選取您要設定的佇列。
1. 從佇列詳細資訊 > 服務角色中,選取角色。
1. 選擇**新增許可**,然後選擇**建立內嵌政策**。
1. 選取 JSON 政策編輯器,然後將下列文字複製並貼到編輯器中。
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"ssm:StartSession"
],
"Resource": [
"arn:aws:ssm:us-east-1::document/AWS-StartPortForwardingSession",
"arn:aws:ec2:us-east-1:111122223333:instance/instance_id"
]
}
]
}
```
------
1. 儲存新政策之前,請在政策文字中取代下列值:
+ `region` 將 取代為您陣列所在的 AWS 區域
+ `instance_id` 將 取代為您正在使用的授權伺服器或代理執行個體的執行個體 ID
+ `account_id` 以包含您陣列 AWS 的帳號取代
1. 選擇**下一步**。
1. 針對政策名稱,輸入 **LicenseForwarding**。
1. 選擇**建立政策**以儲存您的變更,並建立具有所需許可的政策。
**將新的佇列環境新增至佇列**
1. 如果您尚未前往儀表板,請從[截止日期雲端主控台](https://console.aws.amazon.com/deadlinecloud/home)選擇**前往儀表板**。
1. 從儀表板中選取陣列,然後選取您要設定的佇列。
1. 選擇**佇列環境** > **動作** > **使用 YAML 建立新的** 。
1. 將下列文字複製並貼到 YAML 指令碼編輯器。
------
#### [ Windows ]
```
specificationVersion: "environment-2023-09"
parameterDefinitions:
- name: LicenseInstanceId
type: STRING
description: >
The Instance ID of the license server/proxy instance
default: ""
- name: LicenseInstanceRegion
type: STRING
description: >
The region containing this farm
default: ""
- name: LicensePorts
type: STRING
description: >
Comma-separated list of ports to be forwarded to the license server/proxy
instance. Example: "2701,2702,7075,2703,6101,1715,1716,1717,7054,7055,30304"
default: "2701,2702,7075,2703,6101,1715,1716,1717,7054,7055,30304"
environment:
name: BYOL License Forwarding
variables:
example_LICENSE: 2701@localhost
script:
actions:
onEnter:
command: bash
args: [ "{{Env.File.Enter}}" ]
onExit:
command: bash
args: [ "{{Env.File.Exit}}" ]
embeddedFiles:
- name: Enter
type: TEXT
runnable: True
data: |
curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/windows/SessionManagerPlugin.zip" -o "{{Session.WorkingDirectory}}/ssm-plugin.zip"
powershell -Command "Expand-Archive -Path '{{Session.WorkingDirectory}}/ssm-plugin.zip' -DestinationPath '{{Session.WorkingDirectory}}/ssm-plugin' -Force; Expand-Archive -Path '{{Session.WorkingDirectory}}/ssm-plugin/package.zip' -DestinationPath '{{Session.WorkingDirectory}}/ssm-plugin/package' -Force"
conda activate
python "{{Env.File.StartSession}}" "{{Session.WorkingDirectory}}/ssm-plugin/package/bin/session-manager-plugin.exe"
- name: Exit
type: TEXT
runnable: True
data: |
echo Killing SSM Manager Plugin PIDs: $BYOL_SSM_PIDS
for pid in ${BYOL_SSM_PIDS//,/ }; do kill $pid; done
- name: StartSession
type: TEXT
data: |
import boto3
import json
import subprocess
import sys
import os
import tempfile
instance_id = "{{Param.LicenseInstanceId}}"
region = "{{Param.LicenseInstanceRegion}}"
license_ports_list = "{{Param.LicensePorts}}".split(",")
ssm_client = boto3.client("ssm", region_name=region)
pids = []
for port in license_ports_list:
session_response = ssm_client.start_session(
Target=instance_id,
DocumentName="AWS-StartPortForwardingSession",
Parameters={"portNumber": [port], "localPortNumber": [port]}
)
cmd = [
sys.argv[1],
json.dumps(session_response),
region,
"StartSession",
"",
json.dumps({"Target": instance_id}),
f"https://ssm.{region}.amazonaws.com"
]
process = subprocess.Popen(cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
pids.append(process.pid)
print(f"SSM Port Forwarding Session started for port {port}")
print(f"openjd_env: BYOL_SSM_PIDS={','.join(str(pid) for pid in pids)}")
# Enabling UBL after the BYOL has run out requires prepending the BYOL configuration to the existing license setup
# Remove the sections that do not apply to your pipeline, or you do not want to use UBL after exhausting the BYOL licenses.
# The port numbers used may not match what your license server is serving.
# Arnold
os.environ["ADSKFLEX_LICENSE_FILE"] = f"2701@localhost;{os.environ.get('ADSKFLEX_LICENSE_FILE', '')}"
print(f"openjd_env: ADSKFLEX_LICENSE_FILE={os.environ['ADSKFLEX_LICENSE_FILE']}")
# Cinema4D
os.environ["g_licenseServerRLM"] = f"localhost:7057;{os.environ.get('g_licenseServerRLM', '')}"
print(f"openjd_env: g_licenseServerRLM={os.environ['g_licenseServerRLM']}")
# Nuke
os.environ["foundry_LICENSE"] = f"6101@localhost;{os.environ.get('foundry_LICENSE', '')}"
print(f"openjd_env: foundry_LICENSE={os.environ['foundry_LICENSE']}")
# SideFX
os.environ["SESI_LMHOST"] = f"localhost:1715;{os.environ.get('SESI_LMHOST', '')}"
print(f"openjd_env: SESI_LMHOST={os.environ['SESI_LMHOST']}")
# Redshift and Red Giant
os.environ["redshift_LICENSE"] = f"7054@localhost;7055@localhost;{os.environ.get('redshift_LICENSE', '')}"
print(f"openjd_env: redshift_LICENSE={os.environ['redshift_LICENSE']}")
# V-Ray doesn't support multiple license servers in a single environment variable
# See https://documentation.chaos.com/space/LIC5/125050770/Sharing+a+License+Configuration+in+a+Network
vray_license = os.environ.get('VRAY_AUTH_CLIENT_SETTINGS', '')
xml_content = """
localhost
30304"""
if vray_license and vray_license.startswith('licset://'):
server_parts = vray_license.removeprefix('licset://').split(':')
if len(server_parts) >= 2:
xml_content += f"""
{server_parts[0]}
{server_parts[1]}"""
xml_content += """
"""
temp_dir = tempfile.gettempdir()
xml_path = os.path.join(temp_dir, 'vrlclient.xml')
with open(xml_path, 'w') as f:
f.write(xml_content)
os.environ["VRAY_AUTH_CLIENT_FILE_PATH"] = temp_dir
print(f"openjd_env: VRAY_AUTH_CLIENT_FILE_PATH={os.environ['VRAY_AUTH_CLIENT_FILE_PATH']}")
# Clear the existing VRAY_AUTH_CLIENT_SETTINGS so only the vrlclient.xml file is used.
os.environ["VRAY_AUTH_CLIENT_SETTINGS"] = ''
print(f"openjd_env: VRAY_AUTH_CLIENT_SETTINGS={os.environ['VRAY_AUTH_CLIENT_SETTINGS']}")
# Print out the created xml file's contents
print(f"V-Ray configuration file: {xml_path}")
with open(xml_path, 'r') as f:
print(f"{f.read()}")
```
------
#### [ Linux ]
```
specificationVersion: "environment-2023-09"
parameterDefinitions:
- name: LicenseInstanceId
type: STRING
description: >
The Instance ID of the license server/proxy instance
default: ""
- name: LicenseInstanceRegion
type: STRING
description: >
The region containing this farm
default: ""
- name: LicensePorts
type: STRING
description: >
Comma-separated list of ports to be forwarded to the license server/proxy
instance. Example: "2701,2702,7075,2703,6101,1715,1716,1717,7054,7055,30304"
default: "2701,2702,7075,2703,6101,1715,1716,1717,7054,7055,30304"
environment:
name: BYOL License Forwarding
variables:
example_LICENSE: 2701@localhost
script:
actions:
onEnter:
command: bash
args: [ "{{Env.File.Enter}}" ]
onExit:
command: bash
args: [ "{{Env.File.Exit}}" ]
embeddedFiles:
- name: Enter
type: TEXT
runnable: True
data: |
curl https://s3.amazonaws.com/session-manager-downloads/plugin/latest/linux_64bit/session-manager-plugin.rpm -Ls | rpm2cpio - | cpio -iv --to-stdout ./usr/local/sessionmanagerplugin/bin/session-manager-plugin > {{Session.WorkingDirectory}}/session-manager-plugin
chmod +x {{Session.WorkingDirectory}}/session-manager-plugin
conda activate
python {{Env.File.StartSession}} {{Session.WorkingDirectory}}/session-manager-plugin
- name: Exit
type: TEXT
runnable: True
data: |
echo Killing SSM Manager Plugin PIDs: $BYOL_SSM_PIDS
for pid in ${BYOL_SSM_PIDS//,/ }; do kill $pid; done
- name: StartSession
type: TEXT
data: |
import boto3
import json
import subprocess
import sys
import os
import tempfile
instance_id = "{{Param.LicenseInstanceId}}"
region = "{{Param.LicenseInstanceRegion}}"
license_ports_list = "{{Param.LicensePorts}}".split(",")
ssm_client = boto3.client("ssm", region_name=region)
pids = []
for port in license_ports_list:
session_response = ssm_client.start_session(
Target=instance_id,
DocumentName="AWS-StartPortForwardingSession",
Parameters={"portNumber": [port], "localPortNumber": [port]}
)
cmd = [
sys.argv[1],
json.dumps(session_response),
region,
"StartSession",
"",
json.dumps({"Target": instance_id}),
f"https://ssm.{region}.amazonaws.com"
]
process = subprocess.Popen(cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
pids.append(process.pid)
print(f"SSM Port Forwarding Session started for port {port}")
print(f"openjd_env: BYOL_SSM_PIDS={','.join(str(pid) for pid in pids)}")
# Enabling UBL after the BYOL has run out requires prepending the BYOL configuration to the existing license setup
# Remove the sections that do not apply to your pipeline, or you do not want to use UBL after exhausting the BYOL licenses.
# The port numbers used may not match what your license server is serving.
# Arnold
os.environ["ADSKFLEX_LICENSE_FILE"] = f"2701@localhost:{os.environ.get('ADSKFLEX_LICENSE_FILE', '')}"
print(f"openjd_env: ADSKFLEX_LICENSE_FILE={os.environ['ADSKFLEX_LICENSE_FILE']}")
# Nuke
os.environ["foundry_LICENSE"] = f"6101@localhost:{os.environ.get('foundry_LICENSE', '')}"
print(f"openjd_env: foundry_LICENSE={os.environ['foundry_LICENSE']}")
# SideFX
os.environ["SESI_LMHOST"] = f"localhost:1715;{os.environ.get('SESI_LMHOST', '')}"
print(f"openjd_env: SESI_LMHOST={os.environ['SESI_LMHOST']}")
# Redshift and Red Giant
os.environ["redshift_LICENSE"] = f"7054@localhost:7055@localhost:{os.environ.get('redshift_LICENSE', '')}"
print(f"openjd_env: redshift_LICENSE={os.environ['redshift_LICENSE']}")
# V-Ray doesn't support multiple license servers in a single environment variable
# See https://documentation.chaos.com/space/LIC5/125050770/Sharing+a+License+Configuration+in+a+Network
vray_license = os.environ.get('VRAY_AUTH_CLIENT_SETTINGS', '')
xml_content = """
localhost
30304"""
if vray_license and vray_license.startswith('licset://'):
server_parts = vray_license.removeprefix('licset://').split(':')
if len(server_parts) >= 2:
xml_content += f"""
{server_parts[0]}
{server_parts[1]}"""
xml_content += """
"""
temp_dir = tempfile.gettempdir()
xml_path = os.path.join(temp_dir, 'vrlclient.xml')
with open(xml_path, 'w') as f:
f.write(xml_content)
os.environ["VRAY_AUTH_CLIENT_FILE_PATH"] = temp_dir
print(f"openjd_env: VRAY_AUTH_CLIENT_FILE_PATH={os.environ['VRAY_AUTH_CLIENT_FILE_PATH']}")
# Clear the existing VRAY_AUTH_CLIENT_SETTINGS so only the vrlclient.xml file is used.
os.environ["VRAY_AUTH_CLIENT_SETTINGS"] = ''
print(f"openjd_env: VRAY_AUTH_CLIENT_SETTINGS={os.environ['VRAY_AUTH_CLIENT_SETTINGS']}")
# Print out the created xml file's contents
print(f"V-Ray configuration file: {xml_path}")
with open(xml_path, 'r') as f:
print(f"{f.read()}")
```
------
1. 儲存佇列環境之前,請視需要對環境文字進行下列變更:
+ 更新下列參數的預設值,以反映您的環境:
+ **LicenseInstanceID** – 授權伺服器或代理執行個體的 Amazon EC2 執行個體 ID
+ **LicenseInstanceRegion** – 包含您陣列 AWS 的區域
+ **LicensePorts** – 以逗號分隔的連接埠清單,以轉送至授權伺服器或代理執行個體 (例如 2700,2701)
+ 如果您想要在用盡自有授權 (BYOL) 後使用以用量為基礎的授權 (UBL),請確定連接埠適用於您的授權伺服器。如果您在 BYOL 用盡之後不想使用 UBL,請將任何必要的授權環境變數新增至變數區段。
這些變數應將 DCCs導向授權伺服器連接埠上的 localhost。例如,如果您的 Foundry 授權伺服器正在接聽連接埠 6101,您可以將變數新增為 **foundry\$1LICENSE: 6101@localhost**。
1. (選用) 您可以將**優先順序**設定為 **0**,也可以將其變更為在多個佇列環境中以不同的方式排序優先順序。
1. 選擇**建立佇列環境**以儲存新環境。
設定佇列環境後,提交至此佇列的任務會從已設定的授權伺服器擷取授權。
## 步驟 2:(選用) 授權代理執行個體設定
除了使用授權伺服器之外,您也可以使用授權代理。若要建立授權代理,請建立具有授權伺服器網路存取權的新 Amazon Linux 2023 執行個體。如有需要,您可以使用 VPN 連線設定此存取權。如需詳細資訊,請參閱《*Amazon VPC 使用者指南*》中的 [VPN 連線](https://docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html)。
若要為截止日期雲端設定授權代理執行個體,請遵循此程序中的步驟。在此新執行個體上執行下列組態步驟,以啟用將授權流量轉送到您的授權伺服器
1. 若要安裝 HAProxy 套件,請輸入
```
sudo yum install haproxy
```
1. 使用下列內容更新 **/etc/haproxy/haproxy.cfg** 組態檔案的接聽授權伺服器區段:
1. 將 **LicensePort1** 和 **LicensePort2** 取代為要轉送至授權伺服器的連接埠號碼。新增或移除逗號分隔值,以容納所需的連接埠數量。
1. 以授權伺服器的主機名稱或 IP 地址取代 **LicenseServerHost**。
```
lobal
log 127.0.0.1 local2
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
listen license-server
bind *:LicensePort1,*:LicensePort2
server license-server LicenseServerHost
```
1. 若要啟用和啟動 HAProxy 服務,請執行下列命令:
```
sudo systemctl enable haproxy
sudo service haproxy start
```
完成這些步驟後,從轉送佇列環境傳送至 localhost 的授權請求應轉送至指定的授權伺服器。
## 步驟 3: CloudFormation 範本設定
您可以使用 CloudFormation 範本來設定整個陣列,以使用您自己的授權。
1. 修改下一個步驟中提供的範本,將任何必要的授權環境變數新增至 **BYOLQueueEnvironment** 下的**變數**區段。
1. 使用下列 CloudFormation 範本。
```
AWSTemplateFormatVersion: 2010-09-09
Description: "Create &ADC; resources for BYOL"
Parameters:
LicenseInstanceId:
Type: AWS::EC2::Instance::Id
Description: Instance ID for the license server/proxy instance
LicensePorts:
Type: String
Description: Comma-separated list of ports to forward to the license instance
Resources:
JobAttachmentBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub byol-example-ja-bucket-${AWS::AccountId}-${AWS::Region}
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
Farm:
Type: AWS::Deadline::Farm
Properties:
DisplayName: BYOLFarm
QueuePolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
ManagedPolicyName: BYOLQueuePolicy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- s3:GetObject
- s3:PutObject
- s3:ListBucket
- s3:GetBucketLocation
Resource:
- !Sub ${JobAttachmentBucket.Arn}
- !Sub ${JobAttachmentBucket.Arn}/job-attachments/*
Condition:
StringEquals:
aws:ResourceAccount: !Sub ${AWS::AccountId}
- Effect: Allow
Action: logs:GetLogEvents
Resource: !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/deadline/${Farm.FarmId}/*
- Effect: Allow
Action:
- s3:ListBucket
- s3:GetObject
Resource:
- "*"
Condition:
ArnLike:
s3:DataAccessPointArn:
- arn:aws:s3:*:*:accesspoint/deadline-software-*
StringEquals:
s3:AccessPointNetworkOrigin: VPC
BYOLSSMPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
ManagedPolicyName: BYOLSSMPolicy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- ssm:StartSession
Resource:
- !Sub arn:aws:ssm:${AWS::Region}::document/AWS-StartPortForwardingSession
- !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:instance/${LicenseInstanceId}
WorkerPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
ManagedPolicyName: BYOLWorkerPolicy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- logs:CreateLogStream
Resource: !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/deadline/${Farm.FarmId}/*
Condition:
ForAnyValue:StringEquals:
aws:CalledVia:
- deadline.amazonaws.com
- Effect: Allow
Action:
- logs:PutLogEvents
- logs:GetLogEvents
Resource: !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/deadline/${Farm.FarmId}/*
QueueRole:
Type: AWS::IAM::Role
Properties:
RoleName: BYOLQueueRole
ManagedPolicyArns:
- !Ref QueuePolicy
- !Ref BYOLSSMPolicy
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- sts:AssumeRole
Principal:
Service:
- credentials.deadline.amazonaws.com
- deadline.amazonaws.com
Condition:
StringEquals:
aws:SourceAccount: !Sub ${AWS::AccountId}
ArnEquals:
aws:SourceArn: !Ref Farm
WorkerRole:
Type: AWS::IAM::Role
Properties:
RoleName: BYOLWorkerRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AWSDeadlineCloud-FleetWorker
- !Ref WorkerPolicy
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- sts:AssumeRole
Principal:
Service: credentials.deadline.amazonaws.com
Queue:
Type: AWS::Deadline::Queue
Properties:
DisplayName: BYOLQueue
FarmId: !GetAtt Farm.FarmId
RoleArn: !GetAtt QueueRole.Arn
JobRunAsUser:
Posix:
Group: ""
User: ""
RunAs: WORKER_AGENT_USER
JobAttachmentSettings:
RootPrefix: job-attachments
S3BucketName: !Ref JobAttachmentBucket
Fleet:
Type: AWS::Deadline::Fleet
Properties:
DisplayName: BYOLFleet
FarmId: !GetAtt Farm.FarmId
MinWorkerCount: 1
MaxWorkerCount: 2
Configuration:
ServiceManagedEc2:
InstanceCapabilities:
VCpuCount:
Min: 4
Max: 16
MemoryMiB:
Min: 4096
Max: 16384
OsFamily: LINUX
CpuArchitectureType: x86_64
InstanceMarketOptions:
Type: on-demand
RoleArn: !GetAtt WorkerRole.Arn
QFA:
Type: AWS::Deadline::QueueFleetAssociation
Properties:
FarmId: !GetAtt Farm.FarmId
FleetId: !GetAtt Fleet.FleetId
QueueId: !GetAtt Queue.QueueId
CondaQueueEnvironment:
Type: AWS::Deadline::QueueEnvironment
Properties:
FarmId: !GetAtt Farm.FarmId
Priority: 5
QueueId: !GetAtt Queue.QueueId
TemplateType: YAML
Template: |
specificationVersion: 'environment-2023-09'
parameterDefinitions:
- name: CondaPackages
type: STRING
description: >
This is a space-separated list of conda package match specifications to install for the job.
E.g. "blender=3.6" for a job that renders frames in Blender 3.6.
See https://docs.conda.io/projects/conda/en/latest/user-guide/concepts/pkg-specs.html#package-match-specifications
default: ""
userInterface:
control: LINE_EDIT
label: Conda Packages
- name: CondaChannels
type: STRING
description: >
This is a space-separated list of conda channels from which to install packages. &ADC; SMF packages are
installed from the "deadline-cloud" channel that is configured by &ADC;.
Add "conda-forge" to get packages from the https://conda-forge.org/ community, and "defaults" to get packages
from Anaconda Inc (make sure your usage complies with https://www.anaconda.com/terms-of-use).
default: "deadline-cloud"
userInterface:
control: LINE_EDIT
label: Conda Channels
environment:
name: Conda
script:
actions:
onEnter:
command: "conda-queue-env-enter"
args: ["{{Session.WorkingDirectory}}/.env", "--packages", "{{Param.CondaPackages}}", "--channels", "{{Param.CondaChannels}}"]
onExit:
command: "conda-queue-env-exit"
BYOLQueueEnvironment:
Type: AWS::Deadline::QueueEnvironment
Properties:
FarmId: !GetAtt Farm.FarmId
Priority: 10
QueueId: !GetAtt Queue.QueueId
TemplateType: YAML
Template: !Sub |
specificationVersion: "environment-2023-09"
parameterDefinitions:
- name: LicenseInstanceId
type: STRING
description: >
The Instance ID of the license server/proxy instance
default: ""
- name: LicenseInstanceRegion
type: STRING
description: >
The region containing this farm
default: ""
- name: LicensePorts
type: STRING
description: >
Comma-separated list of ports to be forwarded to the license server/proxy
instance. Example: "2701,2702,7075,2703,6101,1715,1716,1717,7054,7055,30304"
default: "2701,2702,7075,2703,6101,1715,1716,1717,7054,7055,30304"
environment:
name: BYOL License Forwarding
variables:
example_LICENSE: 2701@localhost
script:
actions:
onEnter:
command: bash
args: [ "{{Env.File.Enter}}" ]
onExit:
command: bash
args: [ "{{Env.File.Exit}}" ]
embeddedFiles:
- name: Enter
type: TEXT
runnable: True
data: |
curl https://s3.amazonaws.com/session-manager-downloads/plugin/latest/linux_64bit/session-manager-plugin.rpm -Ls | rpm2cpio - | cpio -iv --to-stdout ./usr/local/sessionmanagerplugin/bin/session-manager-plugin > {{Session.WorkingDirectory}}/session-manager-plugin
chmod +x {{Session.WorkingDirectory}}/session-manager-plugin
conda activate
python {{Env.File.StartSession}} {{Session.WorkingDirectory}}/session-manager-plugin
- name: Exit
type: TEXT
runnable: True
data: |
echo Killing SSM Manager Plugin PIDs: $BYOL_SSM_PIDS
for pid in ${BYOL_SSM_PIDS//,/ }; do kill $pid; done
- name: StartSession
type: TEXT
data: |
import boto3
import json
import subprocess
import sys
import os
import tempfile
instance_id = "{{Param.LicenseInstanceId}}"
region = "{{Param.LicenseInstanceRegion}}"
license_ports_list = "{{Param.LicensePorts}}".split(",")
ssm_client = boto3.client("ssm", region_name=region)
pids = []
for port in license_ports_list:
session_response = ssm_client.start_session(
Target=instance_id,
DocumentName="AWS-StartPortForwardingSession",
Parameters={"portNumber": [port], "localPortNumber": [port]}
)
cmd = [
sys.argv[1],
json.dumps(session_response),
region,
"StartSession",
"",
json.dumps({"Target": instance_id}),
f"https://ssm.{region}.amazonaws.com"
]
process = subprocess.Popen(cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
pids.append(process.pid)
print(f"SSM Port Forwarding Session started for port {port}")
print(f"openjd_env: BYOL_SSM_PIDS={','.join(str(pid) for pid in pids)}")
# Enabling UBL after the "bring your own license" (BYOL) has run out requires prepending the BYOL configuration to the existing license setup
# Remove the sections that do not apply to your pipeline, or you do not want to use UBL after exhausting the BYOL licenses.
# The port numbers used may not match what your license server is serving.
# Arnold
os.environ["ADSKFLEX_LICENSE_FILE"] = f"2701@localhost:{os.environ.get('ADSKFLEX_LICENSE_FILE', '')}"
print(f"openjd_env: ADSKFLEX_LICENSE_FILE={os.environ['ADSKFLEX_LICENSE_FILE']}")
# Nuke
os.environ["foundry_LICENSE"] = f"6101@localhost:{os.environ.get('foundry_LICENSE', '')}"
print(f"openjd_env: foundry_LICENSE={os.environ['foundry_LICENSE']}")
# SideFX
os.environ["SESI_LMHOST"] = f"localhost:1715;{os.environ.get('SESI_LMHOST', '')}"
print(f"openjd_env: SESI_LMHOST={os.environ['SESI_LMHOST']}")
# Redshift and Red Giant
os.environ["redshift_LICENSE"] = f"7054@localhost:7055@localhost:{os.environ.get('redshift_LICENSE', '')}"
print(f"openjd_env: redshift_LICENSE={os.environ['redshift_LICENSE']}")
# V-Ray doesn't support multiple license servers in a single environment variable
# See https://documentation.chaos.com/space/LIC5/125050770/Sharing+a+License+Configuration+in+a+Network
vray_license = os.environ.get('VRAY_AUTH_CLIENT_SETTINGS', '')
xml_content = """
localhost
30304"""
if vray_license and vray_license.startswith('licset://'):
server_parts = vray_license.removeprefix('licset://').split(':')
if len(server_parts) >= 2:
xml_content += f"""
{server_parts[0]}
{server_parts[1]}"""
xml_content += """
"""
temp_dir = tempfile.gettempdir()
xml_path = os.path.join(temp_dir, 'vrlclient.xml')
with open(xml_path, 'w') as f:
f.write(xml_content)
os.environ["VRAY_AUTH_CLIENT_FILE_PATH"] = temp_dir
print(f"openjd_env: VRAY_AUTH_CLIENT_FILE_PATH={os.environ['VRAY_AUTH_CLIENT_FILE_PATH']}")
# Clear the existing VRAY_AUTH_CLIENT_SETTINGS so only the vrlclient.xml file is used.
os.environ["VRAY_AUTH_CLIENT_SETTINGS"] = ''
print(f"openjd_env: VRAY_AUTH_CLIENT_SETTINGS={os.environ['VRAY_AUTH_CLIENT_SETTINGS']}")
# Print out the created xml file's contents
print(f"V-Ray configuration file: {xml_path}")
with open(xml_path, 'r') as f:
print(f"{f.read()}")
```
1. 部署 CloudFormation 範本時,請提供下列參數:
+ 使用授權伺服器或代理執行個體的 Amazon EC2 執行個體 ID 更新 **LicenseInstanceID**
+ 使用以逗號分隔的連接埠清單更新 **LicensePorts**,以轉送至授權伺服器或代理執行個體 (例如 2700,2701)
+ 在範本**example\$1LICENSE: 2700@localhost**中取代 以新增授權環境變數
1. 部署 範本以使用您自己的授權功能來設定您的陣列。