ReleaseEngineering:AWS

From MozillaWiki
Jump to: navigation, search

How to create a new region

Default route

make sure that 0.0.0.0/0 points to vpc

DNS setup

  • add build vpn ns
  • use them in the VPC setup

Netflow

See bug 808096 and the deps for the details.

  • tcp/{80,443,22} netflow to relengweb1.dmz.scl3
  • tcp/{80,443} to ftp.mozilla.org
  • tcp/{80,443,22} to stage.mozilla.org
  • tcp/22 to hg.mozilla.org
  • tcp/22 to aus3-staging.mozilla.org

ACLs

  • Relops need to tweak apache configs for relengweb1. See bug 808105 for the details.
  • signing servers

Create AMI

python aws_create_ami.py -c centos-6-x86_64-base -r us-west-2 -k secrets/aws-secrets.json -s aws-releng ref-centos-6-x86_64-base

Create puppetmaster

Sync /data

  • create an instance with second volume as 200G.
  • Mount it as /data and sync.
  • Copy aa cronjob which does this from one of the puppetmasters and run it.
  • create a snapshot of the second volume and update aws_create_puppetmaster.py

Create it

# buildduty@cruncher
source ~/aws/aws-ve/bin/activate
cd ~/aws/cloud-tools/aws
# copy cvs files from another puppet master
hg pull -u
eval `ssh-agent`
ssh-add secrets/aws-releng
# TODO
python aws_create_puppetmaster.py --region us-east-1 --key-name aws-releng \
  --secrets=secrets/aws-secrets.json --config centos-6-x64-base \
  puppetmaster-01

Adjust configs

adjust /etc/puppet/production/manifests/extlookups/local-config.csv file and point slaves to this master

Create new slaves

configs

tests

slavealloc

create slaves for reals

# buildduty@cruncher
source ~/aws/aws-ve/bin/activate
cd ~/aws/cloud-tools/aws
hg pull -u
eval `ssh-agent`
ssh-add secrets/aws-releng
python aws_create_instance.py -c configs/bld-linux64 -r us-east-1 -s aws-releng \
   -k /home/buildduty/aws/cloud-tools/aws/secrets/aws-secrets.json \
   -i us-east-1.instance_data_prod.json  bld-linux64-ec2-3{01..10}
python aws_create_instance.py -c configs/try-linux64 -r us-east-1 -s aws-releng \
   -k /home/buildduty/aws/cloud-tools/aws/secrets/aws-secrets.json \
   -i us-east-1.instance_data_try.json  try-linux64-ec2-3{01..10}

Disable automatic slave start

>>> import boto
>>> from boto.ec2 import connect_to_region
>>> c = connect_to_region('us-west-1')
>>> r = c.get_all_instances(filters={"tag:Name": 'bld-linux64-ec2-00*'})
>>> for i in r: i.instances[0].add_tag('moz-state', 'rail: moving to new region');
... 
>>> r = c.get_all_instances(filters={"tag:Name": 'bld-linux64-ec2-01*'})
>>> for i in r: i.instances[0].add_tag('moz-state', 'rail: moving to new region')
... 
>>> r = c.get_all_instances(filters={"tag:Name": 'bld-linux64-ec2-020'})
>>> for i in r: i.instances[0].add_tag('moz-state', 'rail: moving to new region')
... 
>>>

New slavealloc pool

mysql> INSERT INTO pools (name) VALUES ('build-aws-us-west-2');
Query OK, 1 row affected (0.01 sec)

mysql> INSERT INTO pools (name) VALUES ('try-aws-us-west-2');
Query OK, 1 row affected (0.00 sec)

mysql> select * from pools where name like '%-aws-us-west-2';
+--------+---------------------+
| poolid | name                |
+--------+---------------------+
|     41 | build-aws-us-west-2 |
|     43 | try-aws-us-west-2   |
+--------+---------------------+
2 rows in set (0.00 sec)

mysql> insert into slave_passwords (poolid, distroid, password) values (41, 15, '......');
Query OK, 1 row affected (0.01 sec)

mysql> insert into slave_passwords (poolid, distroid, password) values (43, 15, '.......');
Query OK, 1 row affected (0.00 sec)

mysql>
Retrieved from "https://wiki.mozilla.org/index.php?title=ReleaseEngineering:AWS&oldid=492018"