commit | 58c04807645c3b3a4b86c97aca9a605dd0dfda9b | [log] [tgz] |
---|---|---|
author | Paul J. Davis <paul.joseph.davis@gmail.com> | Tue Jan 07 15:41:55 2020 -0600 |
committer | Paul J. Davis <paul.joseph.davis@gmail.com> | Wed Jan 08 12:52:09 2020 -0600 |
tree | 2877089e7f6adf1980e7dc99e3660d523285c6fa | |
parent | a2bfe4591be3be4e82f1c06d25ee03d7f0f13dec [diff] |
Switch to having agents dial into Jenkins This changes the configuration of Jenkins agents to dial into the Jenkins master instead of having Jenkins SSH to each node. This allows us to expand our private cloud worker pool much further.
This repository contains Ansible scripts for managing our VM testing infrastructure.
$ virtualenv venv $ source venv/bin/activate $ pip install -r requirements.txt
Our main workhorse is the cx2-4x8 instance type. There are also a few ppc64le nodes for doing full builds as well. Whoever provisions a VM should make sure to generate a new inventory as well as perform the first Ansible run against the new node so that other CouchDB infra members will have access.
There should be a single bastion VM setup for each subnet. We just use the cheapest cx2-2x4 instance for these nodes so that we can jump to the other hosts.
If the bastion changes public IP addresses we have to update group_vars/ci_agents.yml
and set the ansible_ssh_common_args
to use the new public IP for contacting servers. We should also update ssh.cfg
in this repository to make it easier for contacting servers manually.
Create a ~/.couchdb-infra-cm.cfg
file that contains the following options:
[ibmcloud] api_key = <REDACTED>
The tools/gen-inventory
script can then be used to generate our production
inventory file:
$ ./tools/gen-inventory > production
Once a CI worker has been provisioned we must also configure Jenkins to have the JAR url and secret ready. The easiest approach here is to just copy the existing configuration from one of the existing nodes. When viewing the conifguration page we then dump the secret value into an encrypted vault file in the host_vars
directory.
$ ansible-playbook -i production ci_agents.yml
If you want to ssh directly to a node, you can do:
$ ssh -F ssh.cfg $private_ip