Capomastro

Merge lp:~caio1982/capomastro/kthxbye-deploy into lp:~ubuntuone-hackers/capomastro/deploy

  1. kthxbye-deploy
  2. Merge into deploy
Proposed by Caio Begotti
Status: Merged
Approved by: Daniel Manrique
Approved revision: 45
Merged at revision: 43
Proposed branch: lp:~caio1982/capomastro/kthxbye-deploy
Merge into: lp:~ubuntuone-hackers/capomastro/deploy
Diff against target: 177 lines (+1/-162)
3 files modified
README (+1/-0)
README.md (+0/-108)
mojo.sh (+0/-54)
To merge this branch: bzr merge lp:~caio1982/capomastro/kthxbye-deploy
Reviewer Review Type Date Requested Status
Daniel Manrique (community) Approve
Review via email: mp+248839@code.launchpad.net

Description of the change

The old deploy branch of Capomastro is no longer useful but people might still refer to it (either because it was a known URL or because they would expect deployment instructions to be under the project tree) so this change keeps a brief note pointing people to the right place.

To post a comment you must log in.
Revision history for this message
Daniel Manrique (roadmr) wrote :

+1, less confusion.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== added file 'README'
--- README 1970-01-01 00:00:00 +0000
+++ README 2015-02-06 00:43:30 +0000
@@ -0,0 +1,1 @@
1This branch has been abandoned, please see lp:canonical-mojo-specs instead. Or possibly lp:~canonical-is/canonical-mojo-specs/mojo-pes-capomastro for non-merged spec changes.
02
=== removed file 'README.md'
--- README.md 2015-01-12 11:34:00 +0000
+++ README.md 1970-01-01 00:00:00 +0000
@@ -1,108 +0,0 @@
1Deploying Capomastro
2====================
3
4Requirements
5------------
6
7 * Launchpad:
8 * Access to the spec code at lp:~canonical-is/canonical-mojo-specs/mojo-pes-capomastro/
9 * Access to Jenkins bot keys at lp:~ce-infrastructure/bygmester/ce-jenkins-bot
10 * Access to the PPA at lp:~ce-infrastructure/+archive/ubuntu/capomastro
11 * OS:
12 * Trusty (14.04)
13
14Setup
15-----
16
17Install the Mojo package from its PPA (and juju-local if doing local test):
18
19 sudo apt-add-repository --yes ppa:mojo-maintainers/ppa && sudo apt-get update
20 sudo apt-get --yes install mojo juju-local
21
22Initialize the local environment for Juju so you can deploy Capomastro:
23
24 juju init
25 juju switch local
26 juju bootstrap
27
28It is also highly recommended to use the company VPN to run any deployment, see
29https://wiki.canonical.com/InformationInfrastructure/IS/HowTo/CompanyOpenVPN
30for instructions on how to set it up. You may have problems accessing IS-owned
31resources if you do not use the VPN when running the Mojo script.
32
33
34Mojo configuration
35------------------
36
37There are two important vars in the deployment script: MOJO_REPO and MOJO_STAGE.
38
39MOJO_REPO should have the Launchpad address of the repository containing the spec
40of Capomastro. It can be a local repository, i.e. a local directory in the file
41system, as long as all changes have been committed (not necessarily pushed though).
42
43MOJO_STAGE point to the working spec directory inside the Mojo repository. You
44may need to tweak that if you are working on a new spec which does not follow the
45IS organization, but most likely that never needs to be changed.
46
47Also, before running the deployment script, you must have both the secret of Capomastro's
48PPA and the SSH key pair used by the Jenkins bot to fetch and build images.
49
50The script expects the Capomastro PPA to be configured through a charm option
51and it is copied over the rest of the Mojo files automatically. Just put the
52option formatted as YAML in /tmp/secrets, like this:
53
54capomastro:
55 services:
56 capomastro:
57 options:
58 repository: "<private PPA credentials here>"
59
60As for the Jenkins bot configuration, simply create a directory /tmp/keys
61and add both SSH key and its .pub inside it. The script will use them for some
62post desployment steps, otherwise Jenkins won't be able to fetch and build
63images correctly right after the setup of the service.
64
65All this ensures no secrets or credentials are stored anywhere in the spec.
66
67Deploying
68---------
69
70You may need to provide a password for sudo at the start of it:
71
72 ./mojo.sh
73
74Considerations
75--------------
76
771. you should avoid using this script for any serious production deployment. This
78was meant for testing and development only, though it could be used just fine
79on staging servers if needed. Local deployments with Juju and Mojo are supported
80but you may encounter unknown problems, so beware. Ideally you should always
81deploy to Canonistack, but that is quite slow, that's why this script exists.
82
832. if using a non-local provider you will need to associate a floating IP with
84the "apache2/0" service unit for web access. Optionally associate a floating
85IP with the "jenkins/0" service unit if you require web access to it as well,
86but keep in mind that would be insecure as all artifacts by default are visible
87in Jenkins.
88
893. when using this locally, you won't be able to actually build images with
90Capomastro right away as the default policy for LXC units is not to allow
91nesting. You'll need to stop the Jenkins unit, update its policy to allow that,
92restart the unit and then try again. These are the config options you'll need:
93
94 lxc.aa_profile = lxc-container-default-with-nesting
95 lxc.mount.auto = cgroup:mixed
96
97Old references
98-------------
99
100Previously, in the shellscripts used to deploy the Capomastro charm manually,
101these were the equivalent to the new Mojo spec commands we are using:
102
103 init.sh -> collect script
104 deploy.sh -> the manifest file at the root of the spec
105 bootstrap.sh -> manually done only when needed now
106 post-deploy-config.sh -> also part of the manifest file
107 upgrade-charm.sh -> collect-upgrade script
108 config/ directory -> services file
1090
=== removed file 'mojo.sh'
--- mojo.sh 2015-01-12 13:28:50 +0000
+++ mojo.sh 1970-01-01 00:00:00 +0000
@@ -1,54 +0,0 @@
1#!/bin/bash
2#
3# caio.begotti@canonical.com
4# Mon 2015-01-05 15:32:20 -0200
5
6echo "
7WARNING: this script is meant for testing mojo specs only,
8 please do not use this for real production work
9 as the script creates temporary unique LXC environments
10 and it never cleans them up... you've been warned!
11
12 [press any key to continue]
13 "
14read
15
16# env vars are used for practical reasons only
17# as mojo still have problems parsing them so
18# you should stick with command line parameters
19
20export MOJO_TIMESTAMP=$(date +%s)
21export MOJO_PROJECT=capomastro-${MOJO_TIMESTAMP}
22export MOJO_WORKSPACE=capomastro-${MOJO_TIMESTAMP}
23export MOJO_SERIES=trusty
24export MOJO_STAGE=pes/mojo-pes-capomastro/devel
25
26# this can be a local directory in the filesystem,
27# as long it is a working bzr repository and that you
28# have committed any changes (no need to push them though)
29export MOJO_REPO=lp:~canonical-is/canonical-mojo-specs/mojo-pes-capomastro/
30
31set -xev
32
33# not sure why it can't call sudo itself
34sudo --preserve-env mojo project-new --series ${MOJO_SERIES} ${MOJO_PROJECT}
35
36# known bug with mojo
37sudo chmod 755 /var/lib/lxc/${MOJO_PROJECT}.${MOJO_SERIES}
38
39# creates a temporary workspace for the repo
40mojo workspace-new --series ${MOJO_SERIES} --project ${MOJO_PROJECT} --stage ${MOJO_STAGE} ${MOJO_REPO} ${MOJO_WORKSPACE}
41
42# prepare the secrets for local deployment
43sudo mkdir -p /srv/mojo/LOCAL/${MOJO_PROJECT}/pes/mojo-pes-capomastro/devel
44
45# private ppa option for the capomastro charm
46sudo cp -a /tmp/secrets /srv/mojo/LOCAL/${MOJO_PROJECT}/pes/mojo-pes-capomastro/devel/
47
48# directory with key pair for ce-jenkins-bot
49sudo cp -a /tmp/keys /srv/mojo/LOCAL/${MOJO_PROJECT}/pes/mojo-pes-capomastro/devel/
50
51# will execute all phases listed inside the manifest file
52mojo run --series ${MOJO_SERIES} --project ${MOJO_PROJECT} --stage ${MOJO_STAGE} ${MOJO_REPO} ${MOJO_WORKSPACE}
53
54exit 0

Subscribers

People subscribed via source and target branches