ReleaseEngineering/How To/Add New AWS Subnets: Difference between revisions
< ReleaseEngineering | How To
Jump to navigation
Jump to search
No edit summary |
|||
| Line 5: | Line 5: | ||
== Create new subnets == | == Create new subnets == | ||
* Add subnets to https://github.com/mozilla/build-cloud-tools/blob/master/configs/subnets.yml | * Add subnets to https://github.com/mozilla/build-cloud-tools/blob/master/configs/subnets.yml | ||
** run `scripts/aws_manage_subnets.py configs/subnets.yml` from aws-manager server | ** run `scripts/aws_manage_subnets.py configs/subnets.yml` from aws-manager server to create the subnets in VPC | ||
Please check in AWS the new VPC subnets | Please check in AWS the new VPC subnets | ||
| Line 14: | Line 14: | ||
* Open bugs with netops to include new flows {{bug|1254144}} | * Open bugs with netops to include new flows {{bug|1254144}} | ||
* Add the subnets to https://github.com/mozilla/build-cloud-tools/blob/master/configs/securitygroups.yml | * Add the subnets to https://github.com/mozilla/build-cloud-tools/blob/master/configs/securitygroups.yml | ||
** run `scripts/aws_manage_subnets.py configs/subnets.yml` from aws-manager server to create the security groups | |||
'''NOTE:''' After the firewall rules has been added by netops team and the new subnets in securitygroups.yml, the changes will be applied overnight. Or you can ask dustin to run the command manually. (We don't have permissions to sudo to fwunit) | '''NOTE:''' After the firewall rules has been added by netops team and the new subnets in securitygroups.yml, the changes will be applied overnight. Or you can ask dustin to run the command manually. (We don't have permissions to sudo to fwunit) | ||
Revision as of 15:51, 10 March 2016
Below you can find the steps to add new aws subnests
Create new subnets
- Add subnets to https://github.com/mozilla/build-cloud-tools/blob/master/configs/subnets.yml
- run `scripts/aws_manage_subnets.py configs/subnets.yml` from aws-manager server to create the subnets in VPC
Please check in AWS the new VPC subnets
More details bug 1165432 or bug 1239263 and notes here https://github.com/mozilla/build-cloud-tools/pull/72
Update firewall rules
- Open bugs with netops to include new flows bug 1254144
- Add the subnets to https://github.com/mozilla/build-cloud-tools/blob/master/configs/securitygroups.yml
- run `scripts/aws_manage_subnets.py configs/subnets.yml` from aws-manager server to create the security groups
NOTE: After the firewall rules has been added by netops team and the new subnets in securitygroups.yml, the changes will be applied overnight. Or you can ask dustin to run the command manually. (We don't have permissions to sudo to fwunit)
dmitchell@fwunit1 ~/firewall-tests [master] $ sudo su - fwunit -sh-4.1$ umask 022 -sh-4.1$ cd /opt/fwunit/releng/src/tests/ -sh-4.1$ source /opt/fwunit/releng/bin/activate (releng)-sh-4.1$ fwunit aws_releng [2016-03-09 14:19:09,178] running aws_releng ... (releng)-sh-4.1$ fwunit releng ...
- Update firewall tests to include new subnets (private repo releng/firewall-tests) and ensure tests pass after netops has made the changes ( more details https://mana.mozilla.org/wiki/display/IT/How+to+Run+Flow+Tests )
Increase size of the pool
- Updated the size limit https://github.com/ciobancai/build-cloud-tools/blob/master/configs/watch_pending.cfg
Add the new platforms in build-clout-tolls
tst-linux64
- Add the new subnets for tst-linux64: https://github.com/mozilla/build-cloud-tools/blob/master/configs/tst-linux64