Computer Laboratory

Introduction

Building Monitoring

Carbon Commute

Locker Under the Hood

In our deployment, we use a personal container implemntation called locker, with each instance of a locker running in it's own LXC container. This runs a node and mongo process for each locker within it's own isolated container, and allows quick starting, stopping and migration of an entire user's data, including app state etc. Multiple LXC containers run inside a Xen virtual machine, which also runs an Nginx server, providing proxying and authentication services to each container. Each subdomain of locker.cam.ac.uk points to this machine, and the Nginx instance directs requests to the correct locker.

Each locker runs multiple API endpoints, on of which allows the push of data into the locker. This endpoint is used by the Carbon Commute app after each commute is complete, to push a JSON object into the personal container. This JSON object represents each commute, and contains metadata such as the start and end of the commute, along with an array of GPS points.

Lockers are currently run from inside a Xen virtual machine, hosted by the University Computing Service. A second Xen machine handles the DNS records for the lockers.


Locker Creation

Locker creation and setup involves a number of steps, and a helper script exist to simplify the process. Once you have logged on to the root locker server (currently db1.locker.cam.ac.uk), lockers reside in /lockers/containers/. This directory also includes the 'Scripts' sub-directory which contains the helper scripts, list of internal IPs currently in-use by active lockers etc. Each sub-directory is named after each locker, and contains a self-titled directory which contains the actual container filesystem, a fstab and configuration file for LXC to mount the appropriate directories, and a log file for output of the container while running.

To create a locker, execute "python /lockers/containers/Scripts/SpinNewContainer.py username password" where username and password are the authentication credentials you wish to use for the new locker. This will create a new LXC container with a minimal install of Debian within it, alter the networking setup for the container and the locker instance within it, and also add a proxy routing entry for the nginx server to route username.locker.cam.ac.uk to the newly created container. After this is complete, you can start the locker using "lxc-start -n xyz -d --logfile=/lockers/containers/xyz/xyz.log" with the relevant username in place of xyz, and stop the container with "lxc-stop -n xyz".

At this point the locker will be starting up, however you will need to log in to the name server and add the username to the root server's IP in the DNS server configuration so that username.locker.cam.ac.uk will point to the right place. Currently this involves editing etc/nsd3/locker.cam.ac.uk.zone (adding an A record for the new username is usually all that's needed, ie: 

username   A       193.60.91.222
and then doing "nsdc rebuild" and then "nsdc reload". The Nginx proxy will then forward the request to the correct container based on the hostname.

After giving the container a few seconds to startup, you should be able to ssh in using the IP address assigned by the script in the first step. To then start the locker service, run "cd /locker/" and then "./lockerBigStack > Logs/test.log 2>&1 &", which will start the node locker service, and create a mongodb store for it to use.


Locker Access

Once you have setup a locker, username.locker.cam.ac.uk should point to the correct 'username' locker, and allow you access after entering your authentication credentials.

Within each locker, there are the connectors, which fetch / accept data from various sources. This includes presenting the push endpoint that the iPhone app uses to upload the commutes it records. Each locker includes information and documentation on using these endpoints, specificly the API explorer can be used to trial requests of data from the locker, and can be found at username.locker.cam.ac.uk/dashboard/develop#Develop-ApiExplorer. The /push/getCurrent endpoint is used to request data from the push service within the locker, currently the collection used is "test5" however this will be formalised to something more meaningfull shortly.

To view your commutes that have be pushed into the locker so far, a basic webapp has been created that displays basic information, a histogram of the speed throughout the journey, and will plot the commute on a map. The app can be found at username.locker.cam.ac.uk/Me/mytravels/.

To obtain the Carbon Commute App, please see iPhone App