Installing new servers
Server installation consists of these steps:
- partitioning hard discs and configuring /etc/fstab
- installing OS
- configuring Puppet
- profit???
Puppet should configure the server as desired. The server configurations flow from the Puppet node configuration and are based on the buildnode class.
Installing a new build node
Partitioning
They usually have basic partitioning (EFI + /), for example:
[root@ociaa1 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 150G 0 disk
├─sda1 8:1 0 128M 0 part /boot/EFI
└─sda2 8:2 0 149.9G 0 part /
Configuration
It basically needs:
- iurt package installed
- iurt user created
- sudo config based on the sudoers template.
- /etc/iurt files for each distro based on the iurt config.
- schedbot ssh key in ~iurt/.ssh/authorized_keys
Other changes are:
- add the new machine to the DNS
- to give access to the new machine to the private repository in the httpd config
- add it to the list of build nodes
See how it was done in this git commit.
Note that there are no specific 32-bit build servers for i586 and and armv7 builds. We build for those on the same machines as x86_64 and aarch64, respectively, running iurt inside
a linux32 wrapper.
Details
This requires a certain number of steps for a machine named lavand (IP x.y.z.t):
First on the build node itself
- Prepare the build node by deploying the machine allocating the maximum for the /home file system and with the following packages mentioned in an auto_inst.pl file:
'default_packages' => [
'urpmi',
'git',
'kernel-server-latest',
'openssh-server',
'openssh-clients',
'python3',
'shorewall',
'sudo',
'vim-minimal',
'wget',
'xz',
],
|
Then on the Mageia infra repository, that you modify the following way:
git clone ssh://git.mageia.org/infrastructure/puppet
cd puppet
git checkout -b infra
|
cd manifests/nodes
cp ociaa1.pp lavand.pp
perl -pi -e 's|ociaa1|lavand|' lavand.pp
git add lavand.pp
|
Check your modifications with
puppet parser validate lavand.pp
|
- Update the IPs list with the info of this new machine
lavand => {
ipv4 => 'x.y.z.t',
},
|
- Update the IPs list with the info of this new machine
cd ../deployment/dns/templates/
vi mageia.org.zone
|
- Add the new machine in the build nodes aliases area; remember to increment the timestamp at the start (Serial)
lavand0 IN CNAME lavand
lavand1 IN CNAME lavand
|
- Now monitor the new build node:
cd ../../../modules/xymon/templates/
vi bb-hosts
|
- Add potentially a group and the new build node:
group-compress Hetzner
x.y.z.t lavand.<%= domain %> # testip
|
- Allow access to repository
cd ../../../deployment/mga_buildsystem/manifests/
vi config.pp
|
- Add the build node to the ones allowed to acces the repo
$repo_allow_from_ips = [
[...]
$::nodes_ipaddr[lavand][ipv4],
[...]
|
- Before committing, check your modifications:
git diff
git add -p
puppet parser validate manifests/nodes/duvel.pp
puppet parser validate manifests/nodes/sucuk.pp
puppet parser validate manifests/nodes/neru.pp
git commmit -m 'Add a new build node lavand to the infra'
|
The parser validate commands will check the build system for duvel and the DNS configuration for sucuk and neru.
- After the permissions have propagated, add the appropriate internal repository, currently infra_9 for Mageia 9
urpmi.addmedia infra_9 http://repository.mageia.org/distrib/infra_9/aarch64/media/infra/updates
|
- Add the iurt and puppet packages on the build node, they should come from the infra repository
- Allow the machine to connect to puppet on duvel
iptables -A INPUT -s x.y.z.t/32 -p tcp -m tcp --dport 8140 -j ACCEPT
|
- Register the machine with puppet and apply the config
puppet agent --test --verbose --waitforcert 240
|
- While it is waiting, in another terminal on duvel accept and sign the certificate generated
puppet ca list
puppet ca sign lavand.mageia.org
|
- Finally add your build node to the list for right architecture in puppet config deployment/mga_buildsystem/manifests/config.pp:
build_nodes => {
[...]
'aarch64' => [ 'ociaa1-a', 'ociaa1-b', 'lavand0', 'lavand1'],
[...]
build_nodes_aliases => {
[...]
'lavand0' => "lavand.${::domain}",
'lavand1' => "lavand.${::domain}",
[...]
|
The scheduler is rather basic and builds only a package at a time. So having multiple "virtual" entries (named 0, 1, ...) allows to build multiple packages on the same physical build node.