26 Commits

Author SHA1 Message Date
Jenkins
46ccd7021a Merge "Make ci-launch directory readable by admin users" 2013-09-23 20:57:20 +00:00
Monty Taylor
eef4f76011 Clean up flake8 issues before switch
In anticipation of swtiching to flake8 as part of the removal of
pyflakes jobs, clean up a few flake8 errors so that we don't have to
ignore as many things.

Change-Id: Idb8466bb3194904d84e17dd3f2a7c32aff13788c
2013-09-20 14:37:30 -07:00
Jeremy Stanley
059d1ad4e0 Make ci-launch directory readable by admin users
Commit 5ae5e6cc added puppetry for /root/ci-launch on the Puppet
master server, but set permissions on it too restrictive for users
launching new servers to be able to read the files within it.

* launch/README: Note that the user following these directions
should also be in the admin group.

* modules/openstack_project/manifests/puppetmaster.pp: Set group
ownership of /root/ci-launch to admin so members of that group will
be able to read the files within it.

Change-Id: I6c657eb4311b27ce329f249df3e60c2b902677ae
2013-09-13 19:01:14 +00:00
Jeremy Stanley
5945fb747b Mention the --salt option in launch instructions
Change-Id: I8f8ddc32c2be997bfedd772e8a462837b7a43423
2013-09-12 17:43:57 +00:00
Robert Collins
49b0b0c78d Make third-party imports clearer in launch/.
This is a minor step towards PEP-8 as well, but mainly makes it easier
to document what third party modules are needed.

Change-Id: Id901ef437fcdeb11c8dd555e8db7c13daa86c4b2
2013-08-31 09:54:09 +12:00
Robert Collins
6425e0aeb1 Make the adduser commands copy-pasteable.
YOURUSER==$(whoami), and copy-paste is easier than interpreting by
hand.

Change-Id: Ia17d13045517e8007db3afe8ff0eedf36019b2df
2013-08-31 09:48:14 +12:00
Robert Collins
5f717e6ec9 Fix launch-node for non-official environments.
Infrastructures derived from the OpenStack CI infrastructure currently
need to fork launch-node.py, better if it just takes an option ;).

Change-Id: Iad94451ed2b4da425f059595ae727dcf2847733a
2013-08-31 08:43:13 +12:00
Robert Collins
9edc063d2e Correct launch README.
The repository should be checked out on the master, not in any
arbitrary location.

Change-Id: I4cd158d205ae57e6768e522fb733910adf31bba4
2013-08-29 22:17:32 +12:00
Clark Boylan
5a93318056 Make salt key management on node launch optional.
* launch/launch-node.py: Make salt key management when launching nodes
optional as we may not always be running salt or choose to have a node
run a salt daemon. Default to disabling management.

Change-Id: If1bf137e91d250d5c94a957ff00d19401685c730
2013-08-26 15:25:22 -07:00
Jeremy Stanley
783e9bd766 More launch improvements
* launch/README: On servers where the puppet agent daemon needs to
enabled, don't run the initscript directly under sudo. Passing it
through su avoids permission issues with the puppet mysql module.

* launch/launch-node.py: Only test IPv6 connectivity when providers
support it.

Change-Id: Ic37305331ba57ba3de2fb349e1ab503cabcc697d
2013-08-02 20:04:29 +00:00
Jenkins
a9e6c6cc0a Merge "Test for IPv6 DSCP related issues." 2013-07-24 21:24:33 +00:00
Jeremy Stanley
aeb0fae83b Test for IPv6 DSCP related issues.
* launch/launch-node.py: Sometimes we get a broken server from a
provider, probably actually a broken compute node behind the scenes,
which fails to send IPv6 packets with a DSCP > 3. Test that we can
send DSCP 0x10 packets to at least one IPv6-connected host and get a
response, or else discard the server.

Change-Id: I379589d74f9e5892e3fda85bd267567038b6c2c9
2013-07-22 05:15:56 +00:00
Jenkins
1b8dd965f6 Merge "Add a node pattern for precise3k slaves." 2013-07-19 20:24:17 +00:00
Jeremy Stanley
fe2a4cd0a6 Add a node pattern for precise3k slaves.
* manifests/site.pp: Add a node pattern for slave servers which run
Ubuntu Precise Pangolin and default to Python 3.3 for the Puppet PIP
package provider.

* launch/README: Starting with precise3k slaves, individual Puppet
certificates will now be used per-server.

Change-Id: I2cde440720afd8014fc98dfd133d29a428751a9d
2013-07-18 22:34:36 +00:00
Jeremy Stanley
f659b975a0 Launch improvements.
* launch/README: Add note on enabling puppet agent for non-slave
CentOS servers.

* launch/launch-node.py: Reboot immediately after puppeting so that
we don't leave the server booted on an old/vulnerable kernel.

Change-Id: I5d0d36c2a11b078321a8715985868422946b06cb
2013-07-18 03:22:19 +00:00
Jeremy Stanley
7f2c8e5bf1 Switch jobs from Ubuntu Quantal to Precise slaves.
All jobs previously using a quantal node label are now using a
precise node label instead. Documentation has also been updated to
reflect the change in preferred release/image name.

Change-Id: I636416a9d9dc6714cd9751e2210882db2cbf786e
Reviewed-on: https://review.openstack.org/28861
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
2013-05-13 16:57:34 +00:00
Jeremy Stanley
b48c3bc49b Update launch docs for salt permissions.
* launch/README: Mention adding yourself to the salt group.

* modules/salt/manifests/master.pp: Loosen directory permissions
minimally as needed for salt group members to be able to run the
launch script without being root.

Change-Id: I4e462fe2efabe2200a635c79e4b7a1314bf174a3
Reviewed-on: https://review.openstack.org/27562
Reviewed-by: Jesse Keating <jesse.keating@rackspace.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
2013-04-30 17:22:23 +00:00
David Boucha
e8862b1d1a Add functionality to create Salt keypairs
Create Salt key pair if needed
Move Salt key pair creation above bootstrap_server
Pre-seed Salt Minion keys
Use fqdn instead of cert name.
Set the Minion ID to be the fqdn
Logic improvements in add_salt_keypair
Use proper splitext, some suggested fixes
Remove minion_id definition. Let fqdn define minion id

Change-Id: I74e5ffb1a414ee61f1214332be34b5ed0fd26e95
Reviewed-on: https://review.openstack.org/26046
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Nicolas Simonds <nic@metacloud.com>
Reviewed-by: Anita Kuno <anita.kuno@enovance.com>
Reviewed-by: Matthew Sherborne <msherborne+openstack@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
2013-04-11 23:45:00 +00:00
Jeremy Stanley
8de13371f7 Increase example Jenkins slave flavor.
* launch/README: The preferred flavor for a Jenkins slave in
Rackspace nova has RAM 8192, so we can get the same 4 CPU count we
had with Rackspace legacy VMs.

Change-Id: I55563ff966061b5c02fb68b671156d782c2d042d
Reviewed-on: https://review.openstack.org/23658
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
2013-03-07 03:43:51 +00:00
James E. Blair
8b04d362b5 Print DNS commands when launching a node.
Still not automatic, but much less typing.

Change-Id: I348b866db3f2778ba08a516a00d258358c4a9129
Reviewed-on: https://review.openstack.org/22468
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
2013-02-22 00:19:25 +00:00
Jeremy Stanley
c7d29a37d4 Minor launch documentation improvements.
* launch/README: Demonstrate use of the nova client's image-list
and flavor-list features, to assist in selecting/confirming image
and RAM choices for passing to launch-node.py. Also improve the
section headers and add a section about activating the Puppet agent
on non-Jenkins-slave servers.

* launch/launch-node.py: Upon successful completion, display
parameters useful for subsequent DNS assignments.

Change-Id: I0defc62434ab2f60b23afe2048e8093614ca49ca
Reviewed-on: https://review.openstack.org/20923
Reviewed-by: Khai Do <do.khai@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
2013-02-11 23:06:04 +00:00
Jeremy Stanley
168b11398a Streamline launching new nodes.
* launch/README: More clarity on Jenkins slave example, and
additional levels of cut-n-pasteability on the DNS record creation
example. Also switch from requiring root to expecting to be run from
a normal account with sudo access and membership in the puppet
group.

* launch/launch-node.py: Default to assuming the certname is the
same as the node FQDN, if it isn't overridden via command-line
option.

Change-Id: I9c987055b18e084983f2459fe01598837e1ebcc6
Reviewed-on: https://review.openstack.org/20645
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
2013-01-28 22:14:25 +00:00
Jeremy Stanley
c0d16ddc1d Correct typo in launch documentation.
* launch/README: Fix a minor error in the path to a shell fragment
in one of the example commands.

Change-Id: Ie42e6d6b86b9518893c6661251deeab7bbce0d11
Reviewed-on: https://review.openstack.org/20429
Reviewed-by: Elizabeth Krumbach <lyz@princessleia.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
2013-01-24 21:23:26 +00:00
James E. Blair
85a97ecd1a Update launch-node script.
* Update credential paths in launch README.
* Add puppet environment command line option to launch-node.
* Invoke install_puppet.sh from launch-node.

Change-Id: I11a326d4be2274fcecb1a58a32c8962b36af24a8
Reviewed-on: https://review.openstack.org/19000
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
2013-01-06 19:09:26 +00:00
Jeremy Stanley
5741ee70d1 Clarify server launch documentation.
* launch/README: Note that commands are assumed to be run in a full root
environment, mention existence of 'nova list' for determining server
details, get happy with variables in the DNS examples and also adjust
examples for a recent change in RackSpace's DNS API which assumes a
lower-case version of the region name.

Change-Id: I6a80893379acf573e04fefd39d98965c7b873ad5
Reviewed-on: https://review.openstack.org/16112
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
2012-11-16 00:44:28 +00:00
James E. Blair
745cc18290 Add a launch script.
Add a script to launch new OpenStack project servers.

Change-Id: I9f12ac0b7e38592128de1d6b999a5d540d621514
Reviewed-on: https://review.openstack.org/14246
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
2012-10-13 16:49:55 +00:00