b48c3bc49b
* launch/README: Mention adding yourself to the salt group. * modules/salt/manifests/master.pp: Loosen directory permissions minimally as needed for salt group members to be able to run the launch script without being root. Change-Id: I4e462fe2efabe2200a635c79e4b7a1314bf174a3 Reviewed-on: https://review.openstack.org/27562 Reviewed-by: Jesse Keating <jesse.keating@rackspace.com> Reviewed-by: Clark Boylan <clark.boylan@gmail.com> Reviewed-by: Monty Taylor <mordred@inaugust.com> Approved: James E. Blair <corvus@inaugust.com> Reviewed-by: James E. Blair <corvus@inaugust.com> Tested-by: Jenkins |
||
---|---|---|
.. | ||
dns.py | ||
launch-node.py | ||
README | ||
sshclient.py | ||
utils.py |
Create Server ============= Note that these instructions assume you're working from this directory on an updated local clone of the repository, and that your account is a member of the puppet and salt groups for access to their respective keys:: sudo adduser YOURUSER puppet sudo adduser YOURUSER salt (Remember to log out and back into your shell if you add yourself to a group.) To launch a node in the OpenStack CI account (production servers):: . ~root/ci-launch/openstackci-rs-nova.sh export FQDN=servername.openstack.org sudo puppet cert generate $FQDN ./launch-node.py $FQDN To launch a node in the OpenStack Jenkins account (slave nodes):: . ~root/ci-launch/openstackjenkins-rs-nova.sh export FQDN=slavename.slave.openstack.org export CERT=slavetype.slave.openstack.org nova image-list export IMAGE='Ubuntu 12.10 (Quantal Quetzal)' nova flavor-list export RAM=8192 sudo puppet cert generate $CERT ./launch-node.py $FQDN --cert $CERT.pem --image "$IMAGE" --ram $RAM If you are launching a replacement server, you may skip the generate step and specify the name of an existing puppet cert (as long as the private key is on this host). The server name and cert names may be different (as in the Jenkins slave example), but launch-node.py will assume they are the same unless specified. Manually add the hostname to DNS (the launch script does not do so automatically). Note that this example assumes you've already exported a relevant FQDN and sourced the appropriate API credentials above. Add DNS Records =============== There are no scripts to automatically handle DNS at the moment due to a lack of library support for the new Rackspace Cloud DNS (with IPv6). However, the launch-node script will print the commands needed to be run to configure DNS for a newly launched server. To see the commands for an existing server, run: ./dns.py $FQDN Activate Puppet Agent ===================== If this is a Jenkins slave, Puppet configuration is applied through an already installed cron job, so you can ignore this section. If this is ''not'' a Jenkins slave, you'll want to log into it via SSH and turn on the Puppet agent so it will start checking into the master on its own:: sudo sed -i 's/^START=.*/START=yes/' /etc/default/puppet sudo invoke-rc.d puppet start You should be able to tell from the Puppet Dashboard when it begins to check in, which normally happens at 10-minute intervals.