Nova Resource:Integration/Setup: Difference between revisions
No edit summary |
|||
Line 7: | Line 7: | ||
* Create a new instance named <code>integration-agent-{type}-XXXX</code> where <code>{type}</code> is a role (example: <code>docker</code>) and <code>XXXX</code> increments starting from 1001. |
* Create a new instance named <code>integration-agent-{type}-XXXX</code> where <code>{type}</code> is a role (example: <code>docker</code>) and <code>XXXX</code> increments starting from 1001. |
||
* Source: pick the Stretch image |
* Source: pick the Stretch image |
||
* Flavor: pick <code>mediumram</code> flavor |
* Flavor: pick <code>mediumram</code> flavor (as of 2021: <code>g2.cores8.ram24.disk80</code>, I think?) |
||
Wait a few minutes (during which the instance is created, initial setup happens). Then connect to the instance over SSH and fix puppet: |
Wait a few minutes (during which the instance is created, initial setup happens). Then connect to the instance over SSH and fix puppet: |
Revision as of 22:57, 3 September 2021
Roles
integration-agent-{type}-XXXX
Updated September 2019 based on https://phabricator.wikimedia.org/T226233
On https://horizon.wikimedia.org/project/instances/
- Create a new instance named
integration-agent-{type}-XXXX
where{type}
is a role (example:docker
) andXXXX
increments starting from 1001. - Source: pick the Stretch image
- Flavor: pick
mediumram
flavor (as of 2021:g2.cores8.ram24.disk80
, I think?)
Wait a few minutes (during which the instance is created, initial setup happens). Then connect to the instance over SSH and fix puppet:
sudo rm -fR /var/lib/puppet/ssl && sudo puppet agent -tv
- If that complains:
- get the instance fully qualified domain name (FQDN):
hostname --fqdn
- On
integration-puppetmaster-02.integration.eqiad.wmflabs
, clean the old and invalid certificate(s):sudo puppet cert clean <FQDN OF INSTANCE HERE
- get the instance fully qualified domain name (FQDN):
Apply the Puppet role:
- https://horizon.wikimedia.org/project/instances/
- Click the instance then head to the tab
Puppet
- Pick
role::ci::slave::labs::docker
- For a Docker agent, set
docker_lvm_volume
variable totrue
.
Run puppet on the instance (puppet agent -tv
) and verify:
- If a Docker agent, make sure there is a
/var/lib/docker
partition for Docker - Clean unused packages:
apt-get autoremove --purge
- Upgrade packages:
apt-get -y dist-upgrade
Reboot the instance (Before adding to Jenkins). This cleans state, launches deamons, and fixes Shinken monitoring (phabricator:T91351). Once it is back, you can then add it to Jenkins
Add the instance to Jenkins
- Create "New Node" in Jenkins management
- Name: (short hostname of instance)
- Type: Permanent Agent
- Executors: 1 (for Docker agents: 4, for Qemu agents: 1)
- Remote root directory:
/srv/jenkins/workspace
- Labels:
- For Docker agents:
Docker
- For Qemu agents:
Qemu
- For Docker agents:
- Usage:
EXCLUSIVE
(Only build jobs with label restrictions matching this node) - Launch method: SSH
- Host: (internal IP of instance)
- Credentials: jenkins-deploy (key from role::ci::slave::labs::common)
- Availability:
Always
(Keep this slave on-line as much as possible)
The Jenkins master will automatically trust the ssh key upon the first connection.
integration-dev
- Create instance:
m1.medium
- Security group: Default
- Wait 10 minutes
- Reconfigure instance from wikitech: Enable
role::ci::slave::labs
. - Via SSH, force a puppet run (applies role).
Utilities
puppet
Use sudo /usr/local/sbin/puppet-run &
. Don't use , because that is not what cron uses and leads to inconsistencies with e.g. umask and other factors affecting default values used at runtime.
sudo puppet agent -t