Nextflow enables scalable and reproducible scientific workflows using software containers. It allows the adaptation of pipelines written in the most common scripting languages.
In this post I’ll explore how to create a "work environment" where run Nextflow pipelines using Kubernetes.
The user will be able to create and edit the pipeline, configuration and assets into their computer and run the pipelines in the cluster in a fluent way.
The idea is to provide to the user the most complete environment in their computer so, once tested and validated, it will run in a real cluster.
Problem
When you’re deploying Nextflow’s pipelines in kubernetes you need to find a way to share the workdir. Options are basically use volumes or use fusion
Fusion is very easy to use (basically enable=true in the nextflow.config) but you create an external dependency.
Volumes are more "native" solution, but you need to fight with the infrastructure, providers, etc.
Another challenge working with pipelines in kubernetes is to retrieve outputs once the pipeline is completed. Probably you need to run some kubectl cp commands
In this post I’ll create a cluster (with only 1 node) from scratch and run some pipelines on it. We’ll see how pods are created and how we can edit the pipeline and/or configuration using our preferred IDE (notepad, vi, VSCode,…)
Requirements
- a computer (and internet connection of course)
We need to have installed following command line tools:
kubectl (if you work in kubernetes you’ve it)
skaffold https://skaffold.dev/docs/install/
k9s. Is not required but very useful
Create a cluster
k3d cluster create nextflow --port 9999:80@loadbalancer
We’re creating a new cluster called nextflow (can be whatever). We’ll use 9999 port to access to our results
kubectl cluster-info Kubernetes control plane is running at https://0.0.0.0:40145 CoreDNS is running at https://0.0.0.0:40145/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy Metrics-server is running at https://0.0.0.0:40145/api/v1/namespaces/kube-system/services/https:metrics-server:https/proxy Preparing our environment
Create a folder test
Nextflow area
Create a subfolder project (will be our nextflow working area)
Create a nextflow.config in this subfolder
k8s { context = 'k3d-nextflow' (1) namespace = 'default' (2) runAsUser = 0 serviceAccount = 'nextflow-sa' storageClaimName = 'nextflow' storageMountPath = '/mnt/workdir' } process { executor = 'k8s' container = "quay.io/nextflow/rnaseq-nf:v1.2.1" } | 1 | k3d-nextflow was created by k3d. If you chose another name you need to change it |
| 2 | I’ll use the default namespace |
K8s area
Create a subfolder k8s and create following files into it:
pvc.yml
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: nextflow namespace: default spec: accessModes: - ReadWriteOnce storageClassName: local-path resources: requests: storage: 2Gi admin.yml
--- apiVersion: v1 kind: ServiceAccount metadata: name: nextflow-sa --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: nextflow-role rules: - apiGroups: [""] resources: ["pods", "pods/status", "pods/log", "pods/exec"] verbs: ["get", "list", "watch", "create", "delete"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: nextflow-rolebind roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: nextflow-role subjects: - kind: ServiceAccount name: nextflow-sa jagedn.yml
--- apiVersion: apps/v1 kind: Deployment metadata: name: jagedn (1) labels: app: jagedn spec: selector: matchLabels: app: jagedn template: metadata: labels: app: jagedn spec: serviceAccountName: nextflow-sa terminationGracePeriodSeconds: 5 securityContext: fsGroup: 0 runAsGroup: 0 runAsNonRoot: false runAsUser: 0 containers: - name: nextflow image: jagedn volumeMounts: - mountPath: /mnt/workdir name: volume - name: nginx-container image: nginx:latest ports: - containerPort: 80 volumeMounts: - name: volume mountPath: /usr/share/nginx/html volumes: - name: volume persistentVolumeClaim: claimName: nextflow | 1 | jagedn is my nick, you can use whatever but pay attention to replace in all places |
kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - pvc.yml - admin.yml - jagedn.yaml Basically we’re creating:
service account and their roles
a persistent volume claim to share across pods
a pod
Skaffold
In the "parent" folder create following files:
Dockerfile
FROM nextflow/nextflow:24.03.0-edge RUN yum install -y tar (1) ADD project /home/project (2) ENTRYPOINT ["tail", "-f", "/dev/null"] | 1 | Required by skaffold to sync files |
| 2 | Required by skaffold to sync files |
skaffold.yaml
apiVersion: skaffold/v4beta10 kind: Config metadata: name: nextflow build: artifacts: - image: jagedn context: . docker: dockerfile: Dockerfile sync: manual: - src: 'project/**' dest: /home manifests: kustomize: paths: - k8s deploy: kubectl: {} Watching
Only for the purpose to watch how pods are created and destroyed we’ll run in a terminal console k9s
Go
Open the project with VSCode (for example)
Open a terminal tab and execute:
skaffold dev
let the terminal running
In another terminal console execute:
kubectl exec -it jagedn-56b9fb64dc-2xw8f — /bin/bash
- WARNING
-
You’ll need to use the pod id skaffold has created
and cd to /home/project
- INFO
-
Using you VCode editor open
nextflow.configand change something (a comment for example). Save the change and in the terminal run acatcommand to verify skaffold has been synced the file
Run
In the terminal execute
NXF_ASSETS=/mnt/workdir/assets nextflow run nextflow-io/rnaseq-nf -with-docker -w /mnt/workdir -cache false
If you change to the k9s console, you’ll see how pods are created
After a while the pipeline is completed !!!!
Extra ball
If you inspect the folder /home/project/results you’ll find the outputs of the pipeline, so … how we can inspect them?
Execute cp -R results/ /mnt/workdir/ in the kubectl terminal and open a browser to http://localhost:9999/results/multiqc_report.html
- INFO
-
A better approach is to create another volume for the result so nginx sidecar pod can read directly
Clean up
Once you want to end with your cluster only finish (ctrl+c) the skaffold session and it will remove all resources
To delete the cluster you can run k3d cluster delete nextflow
Conclusion
Don’t know if this approach is the best or maybe a little complicate but I think can be a good approach to have a very productive kubernetes environment without the need to have a full cluster
Top comments (0)