CIDuty/How To/How To Loan BD: Difference between revisions

From MozillaWiki
< CIDuty‎ | How To
Jump to navigation Jump to search
m (Live preview of formating.)
(Added deprecated text box.)
 
(5 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{warning|This page is deprecated!}}
= Introduction =  
= Introduction =  
Use this page if you want to loan a machine to a developer. This guide has been updated on '''26 March 2018''' and reflects the new changes/requirements on how you should approach the process.  
Use this page if you want to loan a machine to a developer. This guide has been updated on '''26 March 2018''' and reflects the new changes/requirements on how you should approach the process.  
Line 8: Line 10:
* Sending the credentials to the requester
* Sending the credentials to the requester
Everything you need to do when loaning one of the two type of servers is on this page. You can safely click on the links when instructed too as you will be automatically scrolled to the next step (eg: Server Steps -> VNC -> Email).
Everything you need to do when loaning one of the two type of servers is on this page. You can safely click on the links when instructed too as you will be automatically scrolled to the next step (eg: Server Steps -> VNC -> Email).
= Windows Machines=


TaskCluster Windows machines are self-served! We have to let the requester know how to obtain the server(s) himself. Provide the following link to the requester: https://wiki.mozilla.org/ReleaseEngineering/How_To/Self_Provision_a_TaskCluster_Windows_Instance


= OSX Yosemite r7 - Test - Build Bot =
= OSX Yosemite r7 =
==  Find a server ==
==  Find a server ==
Head to SlaveAlloc, following this link: [https://secure.pub.build.mozilla.org/slavealloc/ui/#slaves] and in the top-right search for '''yosemite-r7''':
Head to TaskCluster, following this link: [https://tools.taskcluster.net/provisioners/releng-hardware/worker-types/gecko-t-osx-1010] and search for a worker that doesn't have a running job and it's not quarantined.
Look for a server that '''DOESN'T''' have a note to it, such as the note in the example below, keep in mind servers with "'''migration to taskcluster'''" are not good for loaning either:
 
[[File:Slavealloc-search-example.png|thumb]]
If all workers are running jobs come back in 30 minutes and check again.
----
Take note of the server number, then lets find out if there is a task running on the server.
Follow [https://secure.pub.build.mozilla.org/buildapi/running THIS LINK] and in the top-right search for '''10.10.5''' (version of OSX yosemite). At this point there should be 2 things:
1) Nothing shows up. Make sure your search query is correct and if it is, it's safe to assume there are no tasks running on any of the selected servers, so feel free to pick whichever you find fancy.
Now if you have the server '''SKIP TO Connect to the server section'''.
----
2) There is stuff that shows up, which means we need to do some more investigation. If after the search you see anything (as shown below) click on all the '''Buildmaster''' column links:
[[File:Slavealloc-search-with-results.png|thumb]]
----
The link will lead you to the task-execution page which shows you what's happening on the slave. At this point (if there are more than 5 results) I would '''recommend''' you to open a text editor as we need to keep track of which server is running. You can extract the number from the textfield in the example below:
[[File:Slave-alloc-buildmaster-tasknumber.png|thumb]]
----
After you have a complete list of all the busy servers, see if there are servers that are free/idle. If not, come back again 30 minutes later and check again.


== Connect to the server ==
== Connect to the server ==
TBA
Now that we have a server number, we need to SSH into it, you can do that by typing this into the terminal:
ssh root@t-yosemite-r7-462.test.releng.xxxx.mozilla.com
xxxx- represents the datacenter the worker is located into.


== Cleaning up BuildBot and Puppet files ==
Now run the following to commands:
TBA
passwd root
passwd cltbld
And change the passwords to the ones offered by your team leader.


= OSX Yosemite r7 - Test - TaskCluster =
== Terminate TC Worker and Clean up TC files ==
==  Find a server ==
At this step we gonna run, again, 3 commands, to clean up some files from server. Like last time, run this commands one at a time.
TBA
  <nowiki> rm -rf /var/lib/puppet/ssl/private_keys /Library/LaunchDaemons/com.mozilla.puppet.plist \
 
  /Library/LaunchDaemons/org.mozilla.puppetize.plist ~cltbld/.bash_history \
== Connect to the server ==
  ~root/.bash_history ~root/.sh_history /etc/kcpassword ~cltbld/.ssh \
TBA
  /opt/runner /etc/taskcluster-worker.yml /usr/local/bin/taskcluster-worker \
  /usr/local/bin/generic-worker/ \
  /Library/LaunchDaemons/org.mozilla.pf.plist \
  /Library/LaunchDaemons/org.mozilla.pflog.plist \
  /Library/LaunchAgents/net.generic.worker.plist


== Terminate the TC Worker ==
find /builds -maxdepth 1 -type f -print -delete
TBA
</nowiki>
<nowiki>rm -f /usr/local/bin/{taskcluster,generic}-worker
  rm -f /etc/generic-worker.config
  pkill -f '(generic|taskcluster)-worker'


== Cleaning up TC files ==
sudo reboot</nowiki>
TBA


= Setup, test and grant VNC access =
== Activate VNC on the server ==
== Activate VNC on the server ==
TBA
Copy and Paste the following commands, run them one by one and give it a few seconds for the output to come.
<nowiki>vncpw=moz1234
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
-configure -allowAccessFor -allUsers -privs -all
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
-configure -clientopts -setvnclegacy -vnclegacy yes
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
-configure -clientopts -setvncpw -vncpw ${vncpw}
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \
-restart -agent -console</nowiki>


== Test the VNC connection ==
Add the requester to the LDAPAdmin -> Group -> List. (https://wiki.mozilla.org/ReleaseEngineering/How_To/Update_VPN_ACL)
TBA


== Grant VNC access/rights to the requester ==
If you don't have access in order to grant access to requester and add the ip & host of the loaned machine, you should create a bug for MOC: Service Requests. You can use this bug as reference. To speedup the process, check on #moc for the admin on duty and tell him about your request and the bug that you've created.
TBA
At this point all thats left if to send the credentials to the requester.


At this point all thats left if to send the credentials to the requester.
== Grant access to keychain ==
If the loaner needs to access the keychain, you can reset the password issuing the following command:
<nowiki>security set-keychain-password /Users/cltbld/Library/Keychains/login.keychain</nowiki>
( enter the cltbld password from private repo as old password then use the loaner cltbld password as new password value. )


Finally reboot the machine.
= Send the credentials for the server to the requester =
= Send the credentials for the server to the requester =
Follow this link and copy the first code block, as your email template: https://wiki.mozilla.org/ReleaseEngineering/How_To/Loan_a_Slave#Notifying
Change the needed information and send it.
The second code block,  from the above link, copy it, paste it inside the Bugzilla Bug, modify it and then assign the ticket to the requester, as shown below.
Pro-Tip: If you don't see all those field, click on the Blue "Edit" button. Don't forget to Save changes!

Latest revision as of 16:21, 15 January 2019

Warning signWarning: This page is deprecated!

Introduction

Use this page if you want to loan a machine to a developer. This guide has been updated on 26 March 2018 and reflects the new changes/requirements on how you should approach the process.

The format will be as follows:

  • Finding a server
  • Cleaning it up
  • Activating and Testing the VNC connection to the server
  • Sending the credentials to the requester

Everything you need to do when loaning one of the two type of servers is on this page. You can safely click on the links when instructed too as you will be automatically scrolled to the next step (eg: Server Steps -> VNC -> Email).

Windows Machines

TaskCluster Windows machines are self-served! We have to let the requester know how to obtain the server(s) himself. Provide the following link to the requester: https://wiki.mozilla.org/ReleaseEngineering/How_To/Self_Provision_a_TaskCluster_Windows_Instance

OSX Yosemite r7

Find a server

Head to TaskCluster, following this link: [1] and search for a worker that doesn't have a running job and it's not quarantined.

If all workers are running jobs come back in 30 minutes and check again.

Connect to the server

Now that we have a server number, we need to SSH into it, you can do that by typing this into the terminal: ssh root@t-yosemite-r7-462.test.releng.xxxx.mozilla.com xxxx- represents the datacenter the worker is located into.

Now run the following to commands: 

passwd root
passwd cltbld
And change the passwords to the ones offered by your team leader.

Terminate TC Worker and Clean up TC files

At this step we gonna run, again, 3 commands, to clean up some files from server. Like last time, run this commands one at a time. 

 rm -rf /var/lib/puppet/ssl/private_keys /Library/LaunchDaemons/com.mozilla.puppet.plist \
   /Library/LaunchDaemons/org.mozilla.puppetize.plist ~cltbld/.bash_history \
   ~root/.bash_history ~root/.sh_history /etc/kcpassword ~cltbld/.ssh \
   /opt/runner /etc/taskcluster-worker.yml /usr/local/bin/taskcluster-worker \
   /usr/local/bin/generic-worker/ \
   /Library/LaunchDaemons/org.mozilla.pf.plist \
   /Library/LaunchDaemons/org.mozilla.pflog.plist \
   /Library/LaunchAgents/net.generic.worker.plist

 find /builds -maxdepth 1 -type f -print -delete
 
rm -f /usr/local/bin/{taskcluster,generic}-worker
  rm -f /etc/generic-worker.config
  pkill -f '(generic|taskcluster)-worker' 

sudo reboot

Activate VNC on the server

Copy and Paste the following commands, run them one by one and give it a few seconds for the output to come. vncpw=moz1234 /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -configure -allowAccessFor -allUsers -privs -all /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -configure -clientopts -setvnclegacy -vnclegacy yes /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -configure -clientopts -setvncpw -vncpw ${vncpw} /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -restart -agent -console

Add the requester to the LDAPAdmin -> Group -> List. (https://wiki.mozilla.org/ReleaseEngineering/How_To/Update_VPN_ACL)

If you don't have access in order to grant access to requester and add the ip & host of the loaned machine, you should create a bug for MOC: Service Requests. You can use this bug as reference. To speedup the process, check on #moc for the admin on duty and tell him about your request and the bug that you've created. At this point all thats left if to send the credentials to the requester.

Grant access to keychain

If the loaner needs to access the keychain, you can reset the password issuing the following command: security set-keychain-password /Users/cltbld/Library/Keychains/login.keychain ( enter the cltbld password from private repo as old password then use the loaner cltbld password as new password value. )

Finally reboot the machine.

Send the credentials for the server to the requester

Follow this link and copy the first code block, as your email template: https://wiki.mozilla.org/ReleaseEngineering/How_To/Loan_a_Slave#Notifying

Change the needed information and send it.

The second code block, from the above link, copy it, paste it inside the Bugzilla Bug, modify it and then assign the ticket to the requester, as shown below. Pro-Tip: If you don't see all those field, click on the Blue "Edit" button. Don't forget to Save changes!

Retrieved from "https://wiki.allizom.org/index.php?title=CIDuty/How_To/How_To_Loan_BD&oldid=1206247"