Installation Instructions
Summary
The goals of this page are to provide more detail than Quickstart and to treat special cases. If Quickstart worked for you, then you can safely skip this page.
The details vary depending upon the hardware that you want to share. These instructions are work in progress, and contributions and feedback are welcome. Please open a ticket at https://github.com/rerobots/hardshare/issues
Installation instructions are provided for macOS and modern GNU/Linux distributions, such as Ubuntu. We are working to support other kinds of hosts, including Windows and FreeBSD. If your host is not supported well, please tell us.
Main Aspects
The main aspects to an operational hardshare
installation:
- API token for a rerobots user account,
hardshare
client,- a container provider (also known as cprovider),
- rules around instance initialization, termination, and filtering.
To begin, initialize a new configuration
hardshare init
API Tokens
Instructions about managing API tokens are in the rerobots Web Guide. The token that you create at https://rerobots.net/tokens and download is saved to your local hardshare configuration. As such, the default expiration time might be too small for your application. Download the token, and add it
hardshare config --add-token path/to/your/jwt.txt
Containers
Hardshare shares hardware among remote users through containers. The term container in the context of hardshare includes Linux containers and other kinds of contained runtime environments, such as bhyve, emulators, and proxies. Supporting software that facilitates containers in hardshare are known cproviders. For new users, Docker is a good first cprovider to try and is the default in a newly installed hardshare
client configuration.
Finally, releases of the client are available at https://github.com/rerobots/hardshare/releases When installed, you should be able to get the version from the command-line interface (CLI)
hardshare version
Prepare a cprovider
A container provider (known as cprovider) must be installed before hardshare
can create instances.
Docker
The default cprovider is docker, which works for installations of Docker from the package management systems of popular distributions. To check that you have it,
docker version
You must be able to run docker
without sudo
. Typically, this is achieved by membership in the docker
group. For example, if your username is USER
and "docker" is not in the output of groups
, then do sudo useradd -a -G docker USER
.
If Docker is configured to be rootless, then
hardshare config --cprovider docker-rootless
In most cases, Docker images are available via Docker Hub. The correct image to use depends on your host architecture. On Linux, you can do
uname -m
to find this. For example, on Raspberry Pi this would be armv7l
, so Docker image tags that begin with armv7l-
can be used. To get the latest release of the base generic image
docker pull rerobots/hs-generic:armv7l-latest
which pulls the image from Docker Hub. To declare this image in the local hardshare configuration
hardshare config --assign-image rerobots/hs-generic:armv7l-latest
Many consumer "desktop" and "laptop" computers have the x86_64
architecture, so the corresponding image is instead rerobots/hs-generic:x86_64-latest
. Recent versions of RaspberryPi have aarch64
(also known as arm64
).
Images in this registry are defined by Dockerfiles under the directory devices/ of the sourcetree. To build the image from source files, use the command given in the comments of the Dockerfile. For example,
docker build -t rerobots/hs-generic:latest -f Dockerfile .
Podman
So-called rootless Linux containers can require extra configuration to present character devices inside. If SELinux is installed, try
sudo setsebool -P container_use_devices=true
Add the user as whom the hardshare processes will run to the group necessary for device access. This group is shown by a command like stat /dev/ttyACM0
. If it is dialout
, then
sudo usermod -a -G dialout username
and add the ID of this group to the range of subordinate group IDs for the user with a line in /etc/subgid like
username:20:1
If this is not sufficient, then find the GID of the character device inside the intended Podman image and use a switch like podman run --group-add 65537
.
For many operations, podman is a drop-in replacement for docker
. To switch to it with an existing hardshare configuration (created as described above),
hardshare config --cprovider podman
Then, the section about Docker can be followed by replacing docker
with podman
.
LXD
For many operations, LXD is a drop-in replacement for docker
. To switch to it with an existing hardshare configuration (created as described above),
hardshare config --cprovider lxd
Then, the section about Docker can be followed by replacing docker
with lxc
.
Include Devices
For example,
hardshare config --add-raw-device /dev/ttyUSB0
Access Rules
Each robot shared through rerobots is subject to access rules about who can do what with it. These rules are said to define capabilities. The decision sequence for a user username
trying to perform some action
is the following:
- if there is a rule about
action
explicitly forusername
, then apply it; - else, if there is a rule about
action
that is for a class of users of whichusername
is a member, then apply it; - else, if there is a rule about
action
that targets all users (indicated by*
), then apply it; - else (no match), default to not permit.
The most simple kind of rule is whether or not to allow someone to remotely access a device. When a new device is registered, a single rule is created that permits only you (i.e., your user account) to create instances. To get the list of access rules
hardshare rules -l
which should only have 1 item under rules
: a capability CAP_INSTANTIATE
and your username. To allow other users
hardshare rules --permit-all
What Next?
At this stage, you have a ready-to-use hardshare host. Next:
- Attach External Camera to provide video streams of your hardware.
- Go to https://rerobots.net/hardshare and create your first sandbox.
- If you have a PlatformIO-compatible board (for example, ESP32), do the Tutorial: ESP32.
- If you have a Misty robot, do the Tutorial: Misty.