Nova Resource:Integration/Setup: Difference between revisions

From Wikitech
Browse history interactively
← Older editNewer edit →
Content deleted Content added
VisualWikitext
No edit summary
Line 7: Line 7:
* Create a new instance named <code>integration-agent-{type}-XXXX</code> where <code>{type}</code> is a role (example: <code>docker</code>) and <code>XXXX</code> increments starting from 1001.
* Create a new instance named <code>integration-agent-{type}-XXXX</code> where <code>{type}</code> is a role (example: <code>docker</code>) and <code>XXXX</code> increments starting from 1001.
* Source: pick the Stretch image
* Source: pick the Stretch image
* Flavor: pick <code>mediumram</code> flavor
* Flavor: pick <code>mediumram</code> flavor (as of 2021: <code>g2.cores8.ram24.disk80</code>, I think?)


Wait a few minutes (during which the instance is created, initial setup happens). Then connect to the instance over SSH and fix puppet:
Wait a few minutes (during which the instance is created, initial setup happens). Then connect to the instance over SSH and fix puppet:

Revision as of 22:57, 3 September 2021

Roles

integration-agent-{type}-XXXX

Updated September 2019 based on https://phabricator.wikimedia.org/T226233

On https://horizon.wikimedia.org/project/instances/

  • Create a new instance named integration-agent-{type}-XXXX where {type} is a role (example: docker) and XXXX increments starting from 1001.
  • Source: pick the Stretch image
  • Flavor: pick mediumram flavor (as of 2021: g2.cores8.ram24.disk80, I think?)

Wait a few minutes (during which the instance is created, initial setup happens). Then connect to the instance over SSH and fix puppet:

  • sudo rm -fR /var/lib/puppet/ssl && sudo puppet agent -tv
  • If that complains:
    • get the instance fully qualified domain name (FQDN): hostname --fqdn
    • On integration-puppetmaster-02.integration.eqiad.wmflabs, clean the old and invalid certificate(s): sudo puppet cert clean <FQDN OF INSTANCE HERE

Apply the Puppet role:

Run puppet on the instance (puppet agent -tv) and verify:

  • If a Docker agent, make sure there is a /var/lib/docker partition for Docker
  • Clean unused packages: apt-get autoremove --purge
  • Upgrade packages: apt-get -y dist-upgrade

Reboot the instance (Before adding to Jenkins). This cleans state, launches deamons, and fixes Shinken monitoring (phabricator:T91351). Once it is back, you can then add it to Jenkins

Add the instance to Jenkins

  1. Create "New Node" in Jenkins management
    • Name: (short hostname of instance)
    • Type: Permanent Agent
    • Executors: 1 (for Docker agents: 4, for Qemu agents: 1)
    • Remote root directory: /srv/jenkins/workspace
    • Labels:
      • For Docker agents: Docker
      • For Qemu agents: Qemu
    • Usage: EXCLUSIVE (Only build jobs with label restrictions matching this node)
    • Launch method: SSH
      • Host: (internal IP of instance)
      • Credentials: jenkins-deploy (key from role::ci::slave::labs::common)
    • Availability: Always (Keep this slave on-line as much as possible)

The Jenkins master will automatically trust the ssh key upon the first connection.

integration-dev

  1. Create instance:
    • m1.medium
    • Security group: Default
  2. Wait 10 minutes
  3. Reconfigure instance from wikitech: Enable role::ci::slave::labs.
  4. Via SSH, force a puppet run (applies role).

Utilities

puppet

This page may be outdated or contain incorrect details. Please update it if you can.

Use sudo /usr/local/sbin/puppet-run &. Don't use sudo puppet agent -t, because that is not what cron uses and leads to inconsistencies with e.g. umask and other factors affecting default values used at runtime.

Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=Nova_Resource:Integration/Setup&oldid=1924193"