(Advanced) Using ECS as an NFS Server to Isolate Resources of Multiple Users
Application Scenario
FunctionGraph functions can be mounted to SFS file systems or NFS shared paths shared by ECSs. In multi-user scenarios, ECSs can be used to effectively manage resources of multiple users. You can configure specific permissions to meet the requirements of strong isolation between users.
Prerequisites
- Each user must have the SWR Admin, VPC Administrator, Server Administrator, SFS FullAccess, and SFS Turbo FullAccess permissions in their agencies.
- Each user must complete the steps in Deploying and Using the Stable Diffusion Application to create an application.
- You have completed steps in Step 1: Creating a VPC and Subnet.
Step 1: Buying an ECS
- Basic Configuration: See Figure 1. In this example, the Pay-per-use billing mode is used, and the region is CN East-Shanghai1.
- OS: EulerOS 2.5 64bit(40 GiB) is used in this example.
Some Linux commands may vary with the image version.
- Storage & Backup: The size of most model files ranges from 1 GB to 10 GB. You are advised to select the system disk capacity based on the actual requirements and add data disks by referring to Figure 2.
- Network: Select the VPC and subnet created in Step 1: Creating a VPC and Subnet, as shown in Figure 3.
- Security Group: Create a security group by referring to Figure 4. The inbound rule allows IP addresses in the subnet to access ports 111, 2049, 2051, 2052, and 20048 to support the NFS service. Other ports, such as port 22 for SSH and SFTP and port 21 for FTP, can be configured based on the actual protocol, port, and source address.
Step 2: Configuring NFS Sharing for the ECS
- Add user1 and user2 and create the home directory.
useradd -m user1 && useradd -m user2
- Change the passwords of user1 and user2.
passwd user1 passwd user2
- Create a shared directory for users and change the operation permission on the shared directory to 777.
mkdir /home/user1/share && chmod 777 /home/user1/share mkdir /home/user2/share && chmod 777 /home/user2/share
The shared directory is used as a subdirectory of the home directory to restrict other users' operations and ensure that the function has the operation permission after being mounted to the directory. Therefore, setting the permission to 777 does not cause excessive permissions.
- Install the NFS service.
yum install rpcbind nfs-utils // Run the corresponding command for images that use apt or other package management tools.
- Add the following content to the /etc/exports file:
/home/user1/share xx.xx.xx.xx/xx (rw) // Enter the created subnet CIDR block. /home/user2/share xx.xx.xx.xx/xx (rw) // Enter the created subnet CIDR block.
- Start the NFS service.
systemctl start rpcbind nfs
- Enable the NFS service to automatically start upon system startup.
echo "xx.xx.xx.xx:/home/user1/share /nfs nfs4 defaults 0 0" >> /etc/fstab // Enter the IP address of the ECS in the subnet. echo "xx.xx.xx.xx:/home/user2/share /nfs nfs4 defaults 0 0" >> /etc/fstab // Enter the IP address of the ECS in the subnet. mount -av
- Check the sharing information. If the information shown in Figure 5 is displayed, the NFS sharing is successfully configured.
showmount -e xx.xx.xx.xx //Replace IP address with the private IP address of the server host.
Step 3: Mounting an ECS to the Stable Diffusion Application
Log in to the FunctionGraph console and go to the application center. user1 and user2 have created a Stable Diffusion application under their respective accounts. The following uses user1 as an example. The operations for user2 are the same.
- Go to the application details page, find the function resources whose Logic Name are stable_diffusion and custom_models_tool in the Resources tab. Click the links to go to the function details page, as shown in Figure 6.
- On the function details page shown in Figure 7, choose Configuration > Network, enable VPC Access, select the VPC and subnet used in Step 1: Buying an ECS, and click Save.
- In the navigation tree on the left of the Configuration page, choose File Systems > Mount File System. After the configuration is complete, click OK.
- File System Type: Select ECS.
- ECS: Select the ECS created in Step 1: Buying an ECS.
- Shared Directory: Enter /home/user1/share (e/home/user2/share for user2).
- Access Path: Enter /mnt/auto.
If an SFS Turbo file system has been mounted, unmount the SFS Turbo file system after the ECS is successfully mounted and release the SFS Turbo file system resources in a timely manner to avoid continuous charging.
- Set the custom_models_tool function by referring to 1 to 3.
Step 4: Uploading and Loading a Model
- Return to the application details page and click Access Application to go to the WebUI. The function automatically creates the directories and files required by the application in the mounting directory.
- After the page is successfully loaded, return to the application details page and click Upload Model to open the file management tool. The default username and password are both admin. After login, change the password on the setting page to ensure data security. Figure 8 shows the sd directory related to the application.
- Upload the model and plugin files to the corresponding directories. For details about some key directories, see Table 3.
- Reload the WebUI. The newly imported models are displayed.
- Click Generate in the upper right corner to start AI drawing. The result image is automatically saved to the /home/user1/share/sd/outputs/txt2img/202x-xx-xx directory, as shown in Figure 9.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
