public inbox for buildbot@sourceware.org
 help / color / mirror / Atom feed
From: " via RT" <hosting-request@osuosl.org>
Cc: buildbot@sourceware.org
Subject: Re: [support.osuosl.org #32563] Request CI hosting for builder.sourceware.org
Date: Thu, 16 Jun 2022 15:49:29 -0700	[thread overview]
Message-ID: <rt-4.0.4-176523-1655419769-1860.32563-6-0@osuosl.org> (raw)
In-Reply-To: <YquzaUkVzeNrp20b@wildebeest.org>

[-- Attachment #1: Type: text/plain, Size: 2437 bytes --]

Hi Lance,

On Thu, Jun 16, 2022 at 10:40:42AM -0700, Lance Albertson via RT wrote:
> On Tue Jun 07 15:25:09 2022, mark@klomp.org wrote:
> > Yes. I didn't know if it was appropriate to include a public list on osuosl
> > tickets. But I added the builder project email address buildbot@sourceware.org
> > to this email.
> 
> We've done it with other projects so it shouldn't be a problem as long as you're
> OK with it.

Yes, this makes sure all builder contributors know what is being setup.

> > Fedora would be fine. But for the other container builders we are actually
> > using Fedora CoreOS, which is an auto updating variant (which is great for our
> > zero maintenance infrastructure). We could install that ourselves. Or go with
> > plain Fedora if we make sure it also autoupdates.
> 
> I haven't had a chance to get in the data center to allocate a system. I'm
> hoping to get to that next week. Sorry for the delay! I'll try and get Fedora
> CoreOS installed.

If you could use something like the attached butane/ignition file that
would be great. You might need to change the disk device name if it
isn't /dev/vda but everything else (except the hostname) is generic
and allows the buildbot to connect to it through ssh directly (might
be on a different port behind NAT).

This is all the state/config needed. Everything else (docker images,
git repos, buildbot workers, builds, etc) can/will be regenerated when
needed. So we don't need any backups, because the whole setup can be
regenerated by this butane.yaml file.

Assuming you are using openstack, see also
https://docs.fedoraproject.org/en-US/fedora-coreos/provisioning-openstack/

You don't need to use my ssh key for the core user. With this setup I
don't really need access. You can assign a different authorized key if
you want to have access yourself.

But we can also go with plain Fedora and then I'll setup docker and
the builder user up myself.

> > > We typically name systems as <short project name>-<hostname>.osuosl.org. So
> > > I'd assume we'd go with sourceware-<hostname>.osuosl.org. Do you have a
> > > hostname in mind?
> >
> > sourceware-builder.osuosl.org but note that we don't need a public reachable
> > host. All that is needed is a port to access it through ssh, which doesn't
> > need to be port 22.
> 
> I'll likely go with sourceware-builder1.osuosl.org so we can easily increment it
> if we add more hosts.

I like that :)

Thanks,

Mark

[-- Attachment #2: osuosl-butane.yaml --]
[-- Type: text/plain, Size: 2572 bytes --]

variant: fcos
version: 1.4.0
storage:
  disks:
  - device: /dev/vda
    wipe_table: false
    partitions:
    # 10GB root (already exists, resize)
    - number: 4
      label: root
      size_mib: 10240
      resize: true
    # 8GB swap
    - number: 5
      label: swap
      size_mib: 8192
    # Everything else for /var (which includes everything writable)
    - size_mib: 0
      label: var
  filesystems:
    - device: /dev/disk/by-partlabel/swap
      format: swap
      wipe_filesystem: true
      with_mount_unit: true
    - path: /var
      device: /dev/disk/by-partlabel/var
      # We can select the filesystem we'd like.
      format: ext4
      wipe_filesystem: true
      # Ask Butane to generate a mount unit for us so that this filesystem
      # gets mounted in the real root.
      with_mount_unit: true
  files:
    - path: /etc/hostname
      mode: 0644
      contents:
        inline: sourceware-builder1
systemd:
  units:
    # Create and set selinux context for shared builder dir
    - name: builder-shared-dir.service
      enabled: true
      contents: |
        [Unit]
        Description=Builder shared dir
        Wants=network-online.target
        After=network-online.target
        Before=zincati.service
        ConditionPathExists=!/var/lib/%N.stamp

        [Service]
        Type=oneshot
        RemainAfterExit=yes
        ExecStart=/bin/mkdir -p /home/builder/shared
        ExecStart=/bin/chown builder.builder /home/builder/shared
        ExecStart=/bin/chcon -t container_file_t /home/builder/shared
        ExecStart=/bin/touch /var/lib/%N.stamp

        [Install]
        WantedBy=multi-user.target
passwd:
  users:
    - name: core
      ssh_authorized_keys:
        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCgVJJnY8zh8uHn8d/E7p4j+9ueTvTHMRYOS0kkGhHBC7JmxCw6/EvbnbTsI0CQeyIJHlmPIqDVgRVjijcTWacd3vIdazzH9sqs65nl49yMnA23tIya4VWlbHC3J4x/LL84A4GaJO/FVF2vv6hVg3IGbopp5KX+pr6s56TiWddSDqMgjb7rSzjWuNyRK75ToctL7Y/Zn6st3ZioO7LXq3ghkWf8JR7ZaUFIY6P1qS5heiCHP0PxQJSrtpYzH3rKJoHpIkjxnsB/sD0C05cAdlzXBTUVTNLY+DPlQ7FeRkG+VK91briG4tvQ8ohhEiC9HuJu1AKMNWBZ9qeUwsXaJvNz
    - name: builder
      uid: 1001
      groups: [docker]
      ssh_authorized_keys:
        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnB//uE66TX+nmLuox3ETfZ7dvjUl2mlwN4Q+107EWCuP05eKxcahyzwenmzODzzC8/hUVeUtuCJJyMW8+CpqCluHd2bEUT9WIzP1C/T22jBUbhY7zXLufSYfKmZe9zHNUizEbqbGAfR01D3jv3wis8JNOq/yopGLKJmAPd/Ye8XN5lsfAUTREIF+xygjxSb6SZPU9UvKlJmnwZoCN2Fd1u4IhSWBcD3dyZyirD80ZLGsSdOUmzX2Z2NaSI5tG6MxjYtQZbzmsG/Z0HY1Y/KiSolX989+7dMKMy2V911SkS6Cx9aVuSY+ig9Rq6GpfjGkBnHrNCCeVFe8PlYJl6DXZ

  reply	other threads:[~2022-06-16 22:49 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <RT-Ticket-32563@osuosl.org>
     [not found] ` <Yp5+pqvhR8WYiaqq@wildebeest.org>
     [not found]   ` <rt-4.0.4-32453-1654617175-469.32563-6-0@osuosl.org>
2022-06-07 22:24     ` Mark Wielaard
     [not found]       ` <rt-4.0.4-80639-1654640709-839.32563-6-0@osuosl.org>
2022-06-16 17:40         ` Lance Albertson via RT
2022-06-16 22:49           ` Mark Wielaard
2022-06-16 22:49             `  via RT [this message]
     [not found]             ` <rt-4.0.4-176523-1655419769-1468.32563-6-0@osuosl.org>
2022-06-20 19:36               ` Lance Albertson via RT
2022-06-20 22:06                 ` Mark Wielaard
2022-06-20 22:06                   `  via RT
     [not found]         ` <rt-4.0.4-135343-1655762795-1742.32563-6-0@osuosl.org>
2022-08-05  0:29           ` Lance Albertson via RT
2022-08-05  1:30             ` Mark Wielaard
2022-08-05  1:31               `  via RT
     [not found]               ` <rt-4.0.4-195587-1659663068-623.32563-6-0@osuosl.org>
2022-08-05 15:52                 ` Lance Albertson via RT
2022-08-05 21:17                   ` Mark Wielaard
2022-08-05 21:17                     `  via RT
     [not found]                     ` <rt-4.0.4-171867-1659734276-616.32563-6-0@osuosl.org>
2022-08-05 21:52                       ` Lance Albertson via RT

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=rt-4.0.4-176523-1655419769-1860.32563-6-0@osuosl.org \
    --to=hosting-request@osuosl.org \
    --cc=buildbot@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).