From 481b4e9340a438b579f6d3dc09ef4c6a382aec97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johan=20Bergstr=C3=B6m?= Date: Mon, 26 Oct 2015 11:15:24 +1100 Subject: [PATCH 1/6] freebsd: migrate playbooks A few things going on here: - move into the new {{id}} strategy where we use hostname - merge parts of the initial digitalocean migration pr - split variables meant for change into jenkins.conf - simplify all the things --- setup/freebsd/README.md | 16 +++++--- setup/freebsd/ansible-playbook.yaml | 56 ++++++++++++++++---------- setup/freebsd/ansible-vars.yaml | 5 ++- setup/freebsd/resources/jenkins | 59 +++++++++++++++++----------- setup/freebsd/resources/jenkins.conf | 4 ++ 5 files changed, 87 insertions(+), 53 deletions(-) create mode 100644 setup/freebsd/resources/jenkins.conf diff --git a/setup/freebsd/README.md b/setup/freebsd/README.md index 1ef37ac9c..097c2aba1 100644 --- a/setup/freebsd/README.md +++ b/setup/freebsd/README.md @@ -1,6 +1,12 @@ # io.js Build FreeBSD Setup -The current FreeBSD lives at Digitalocean. +The current FreeBSD VMs lives at Digitalocean. + +You have to install `python` before running ansible. Log in to the VM +and run the following: +``` +sudo pkg update && sudo pkg install -y python +``` To set up hosts, make sure you add them to your ssh config first: ``` @@ -13,14 +19,12 @@ Host test-digitalocean-freebsd10-x64-2 User freebsd ``` -Note that these hostnames are also used in the ansible-inventory file. The IP addresses will need to be updated each time the servers are reprovisioned. +Note that these hostnames are also used in the ansible-inventory file. +The IP addresses will need to be updated each time +the servers are reprovisioned. To set up a host, run: ```text $ ansible-playbook -i ../ansible-inventory ansible-playbook.yaml ``` - -**Users**: The ansible-vars.yaml file contains a list of users who's GitHub public keys are pulled and placed into -authorized_keys for both root and iojs users. This file should be updates when new users are added to the build project -who are able to help maintain the containerized builds. diff --git a/setup/freebsd/ansible-playbook.yaml b/setup/freebsd/ansible-playbook.yaml index a9c232239..83e25e2cd 100644 --- a/setup/freebsd/ansible-playbook.yaml +++ b/setup/freebsd/ansible-playbook.yaml @@ -1,4 +1,4 @@ ---- +---- - hosts: iojs-freebsd10 remote_user: freebsd @@ -17,7 +17,7 @@ tags: general - name: General | Install required packages - command: pkg install -U -y {{ item }} + command: pkg install -U -y {{ item }} with_items: packages tags: general @@ -49,22 +49,36 @@ command: curl -sL https://ci.nodejs.org/jnlpJars/slave.jar -o /home/{{ server_user }}/slave.jar tags: jenkins - - name: Jenkins | Copy init script - copy: src=./resources/jenkins dest={{ init_script_path }} owner={{ server_user }} group={{ server_user }} mode=0755 - tags: jenkins - - - name: Jenkins | Copy secret into init script - replace: dest={{ init_script_path }} regexp="\{\{secret\}\}" replace="{{ server_secret }}" - tags: jenkins - - - name: Jenkins | Copy server id into init script - replace: dest={{ init_script_path }} regexp="\{\{id\}\}" replace="{{ server_id }}" - tags: jenkins - - - name: Jenkins | Enable init script at startup - lineinfile: dest=/etc/rc.conf line="jenkins_enable=YES" - tags: jenkins - - - name: Jenkins | Start service - command: service jenkins start - tags: jenkins + - name: Assures that {{ init_base }}/{rc.d, rc.conf.d} directories exists + file: path={{ init_base }}/{{ item }} state=directory + with_items: + - rc.d + - rc.conf.d + tags: init + + - name: Init | Copy init script + copy: src=./resources/jenkins dest={{ init_base }}/rc.d/jenkins owner={{ server_user }} group={{ server_user }} mode=0755 + tags: init + + - name: Init | Copy config template + copy: src=./resources/jenkins.conf dest={{ init_base }}/rc.conf.d/jenkins owner={{ server_user }} group={{ server_user }} mode=0600 + tags: init + + - name: Init | Copy secret to config` + replace: dest={{ init_base }}/rc.conf.d/jenkins regexp="\{\{secret\}\}" replace="{{ server_secret }}" + tags: init + + - name: Init | Copy user/group to config` + replace: dest={{ init_base }}/rc.conf.d/jenkins regexp="\{\{{{item}}\}\}" replace="{{ server_user }}" + with_items: + - user + - group + tags: init + + - name: Init | Copy id to config + replace: dest={{ init_base }}/rc.conf.d/jenkins regexp="\{\{id\}\}" replace="{{ inventory_hostname }}" + tags: init + + - name: Init | Add to boot and start service + service: name=jenkins state=started enabled=yes + tags: init diff --git a/setup/freebsd/ansible-vars.yaml b/setup/freebsd/ansible-vars.yaml index 0d2294fdd..c164f1b63 100644 --- a/setup/freebsd/ansible-vars.yaml +++ b/setup/freebsd/ansible-vars.yaml @@ -1,11 +1,12 @@ --- server_user: iojs -init_script_path: /usr/local/etc/rc.d/jenkins +init_base: /usr/local/etc/ ssh_users: - rvagg - jbergstroem + - joaocgreis packages: - - openjdk-jre + - openjdk - git - gmake - ccache diff --git a/setup/freebsd/resources/jenkins b/setup/freebsd/resources/jenkins index 7593559e1..841ab14d3 100644 --- a/setup/freebsd/resources/jenkins +++ b/setup/freebsd/resources/jenkins @@ -1,13 +1,9 @@ #!/bin/sh -# $FreeBSD: $ # -# Based on the jenkins init script -# -# PROVIDE: jenkins-iojs +# PROVIDE: jenkins # REQUIRE: LOGIN # KEYWORD: shutdown - # # Configuration settings for jenkins in /etc/rc.conf: # @@ -21,31 +17,32 @@ name="jenkins" rcvar=jenkins_enable -load_rc_config "${name}" - +load_rc_config ${name} -OSTYPE="freebsd" -NODE_COMMON_PIPE="/home/iojs/test.pipe" PATH="/usr/local/libexec/ccache:/usr/local/bin:${PATH}" +NODE_COMMON_PIPE="/home/iojs/test.pipe" -jenkins_jnlpurl="https://ci.nodejs.org/computer/{{id}}/slave-agent.jnlp" -jenkins_secret="{{secret}}" jenkins_jar="/home/iojs/slave.jar" -jenkins_log_file="/home/iojs/jenkins_console.log" -jenkins_args="-jnlpUrl ${jenkins_jnlpurl} -secret ${jenkins_secret}" -jenkins_user="iojs" -jenkins_group="iojs" +jenkins_log_file="/home/${jenkins_user}/${name}_console.log" +jenkins_args="-jar ${jenkins_jar} \ + -jnlpUrl ${jenkins_jnlpurl} \ + -secret ${jenkins_secret}" jenkins_jobs="$(getconf NPROCESSORS_ONLN)" -pidfile="/var/run/jenkins/jenkins.pid" +# FreeBSD uses a java wrapper. Without full path pid monitoring won't work +procname=`cat /usr/local/etc/javavms | cut -d "#" -f 1` +pidfile="/var/run/${name}/${name}.pid" +monitor_pidfile="/var/run/${name}/${name}_monitor.pid" command="/usr/sbin/daemon" -procname="/usr/local/openjdk7-jre/bin/java" -command_args="-r -p ${pidfile} ${procname} -jar ${jenkins_jar} ${jenkins_args} > ${jenkins_log_file} 2>&1" -env="PATH=${PATH} JOBS=${jenkins_jobs} OSTYPE=${OSTYPE} NODE_COMMON_PIPE=${NODE_COMMON_PIPE} CC=cc CXX=c++" +command_args="-r -p ${pidfile} -P ${monitor_pidfile} ${procname} \ + ${jenkins_args} > ${jenkins_log_file} 2>&1" +env="PATH=${PATH} JOBS=${jenkins_jobs} OSTYPE=${OSTYPE} \ + NODE_COMMON_PIPE=${NODE_COMMON_PIPE} CC=cc CXX=c++" required_files="${procname} ${jenkins_jar}" -start_precmd="jenkins_prestart" -start_cmd="jenkins_start" +start_precmd="${name}_prestart" +start_cmd="${name}_start" +stop_cmd="${name}_stop" jenkins_prestart() { if [ ! -f "${jenkins_log_file}" ]; then @@ -53,8 +50,9 @@ jenkins_prestart() { chown "${jenkins_user}:${jenkins_group}" "${jenkins_log_file}" chmod 640 "${jenkins_log_file}" fi - if [ ! -d "/var/run/jenkins" ]; then - install -d -o "${jenkins_user}" -g "${jenkins_group}" -m 750 "/var/run/jenkins" + if [ ! -d `basename ${pidfile}` ]; then + install -d -o "${jenkins_user}" -g "${jenkins_group}" \ + -m 750 `basename ${pidfile}` fi if [ ! $jenkins_secret ]; then @@ -64,8 +62,21 @@ jenkins_prestart() { jenkins_start() { - check_startmsgs && echo "Starting ${name}." + check_startmsgs && echo -n "Starting ${name}" su -l ${jenkins_user} -c "${env} exec ${command} ${command_args}" + echo . +} + +jenkins_stop() +{ + if [ ! -f ${pidfile} ]; then + echo "${name} isn't running." + else + echo -n "Stopping service: ${name}" + kill `cat ${monitor_pidfile}` + rm ${pidfile} ${monitor_pidfile} + echo . + fi } run_rc_command "$1" diff --git a/setup/freebsd/resources/jenkins.conf b/setup/freebsd/resources/jenkins.conf new file mode 100644 index 000000000..b79f203d9 --- /dev/null +++ b/setup/freebsd/resources/jenkins.conf @@ -0,0 +1,4 @@ +jenkins_jnlpurl="https://ci.nodejs.org/computer/{{id}}/slave-agent.jnlp" +jenkins_secret="{{secret}}" +jenkins_user="{{user}}" +jenkins_group="{{group}}" From acbe194941306b6ec8b4e8338f9d8f56eb5c3cc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johan=20Bergstr=C3=B6m?= Date: Wed, 25 Nov 2015 19:03:50 +1100 Subject: [PATCH 2/6] doc: mention where to look for config refs: https://github.com/nodejs/build/issues/242 --- setup/freebsd/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/setup/freebsd/README.md b/setup/freebsd/README.md index 097c2aba1..24678cf44 100644 --- a/setup/freebsd/README.md +++ b/setup/freebsd/README.md @@ -28,3 +28,7 @@ To set up a host, run: ```text $ ansible-playbook -i ../ansible-inventory ansible-playbook.yaml ``` + +If you have to update settings related to how jenkins is deployed, +the configuration lives in `/usr/local/etc/rc.conf.d/jenkins`. + From bb61ea37871ca1b4482c5c0e2771c002bdbe19fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johan=20Bergstr=C3=B6m?= Date: Wed, 25 Nov 2015 20:22:37 +1100 Subject: [PATCH 3/6] fix: add bash to deps --- setup/freebsd/ansible-vars.yaml | 1 + setup/linter/ansible-vars.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/setup/freebsd/ansible-vars.yaml b/setup/freebsd/ansible-vars.yaml index c164f1b63..55d0c9042 100644 --- a/setup/freebsd/ansible-vars.yaml +++ b/setup/freebsd/ansible-vars.yaml @@ -10,3 +10,4 @@ packages: - git - gmake - ccache + - bash diff --git a/setup/linter/ansible-vars.yaml b/setup/linter/ansible-vars.yaml index a15934e9f..2e0012a74 100644 --- a/setup/linter/ansible-vars.yaml +++ b/setup/linter/ansible-vars.yaml @@ -11,4 +11,5 @@ packages: - gmake - ccache - node + - bash - llvm-devel From de89b936af9b6f15d0dcdf95466df009a6a428fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johan=20Bergstr=C3=B6m?= Date: Thu, 26 Nov 2015 23:16:57 +1100 Subject: [PATCH 4/6] feature: further slim down playbook - start the transition to global variables (open up for roles) - include variable files by default - avoid variables in names since they can't be expanded - use jinja2 templating instead of replacing variables - change subshelling in init script - make init script slightly more robust --- setup/ansible-includes/global-vars.yaml | 5 ++ setup/freebsd/ansible-playbook.yaml | 61 ++++++++++--------------- setup/freebsd/ansible-vars.yaml | 3 +- setup/freebsd/resources/jenkins | 14 +++--- setup/freebsd/resources/jenkins.conf | 4 -- setup/freebsd/resources/jenkins.conf.j2 | 4 ++ 6 files changed, 43 insertions(+), 48 deletions(-) create mode 100644 setup/ansible-includes/global-vars.yaml delete mode 100644 setup/freebsd/resources/jenkins.conf create mode 100644 setup/freebsd/resources/jenkins.conf.j2 diff --git a/setup/ansible-includes/global-vars.yaml b/setup/ansible-includes/global-vars.yaml new file mode 100644 index 000000000..f176d0259 --- /dev/null +++ b/setup/ansible-includes/global-vars.yaml @@ -0,0 +1,5 @@ +---- +# Varibles we use globally +# Avoid pollution at all costs :) +jenkins_user: iojs +jenkins_base_url: https://ci.nodejs.org/ diff --git a/setup/freebsd/ansible-playbook.yaml b/setup/freebsd/ansible-playbook.yaml index 83e25e2cd..4def8ef71 100644 --- a/setup/freebsd/ansible-playbook.yaml +++ b/setup/freebsd/ansible-playbook.yaml @@ -1,32 +1,36 @@ ---- - hosts: iojs-freebsd10 - + gather_facts: no remote_user: freebsd sudo: yes + vars_files: + - ../ansible-includes/global-vars.yaml + - ansible-vars.yaml + vars: - ansible_python_interpreter: "/usr/bin/env python" tasks: - - - include_vars: ansible-vars.yaml - tags: vars - - - name: General | Update package repository - command: pkg update - tags: general + - name: Bootstrap | Install python + raw: pkg install -y python + tags: bootstrap - name: General | Install required packages - command: pkg install -U -y {{ item }} + command: pkg install -y {{ item }} with_items: packages tags: general - - name: User | Add {{ server_user }} group - group: name="{{ server_user }}" state=present + - name: General | Start ntpd (and enable at boot) + service: name=ntpd state=started enabled=yes + tags: general + + - name: User | Add group + group: name="{{ jenkins_user }}" state=present tags: user - - name: User | Add {{ server_user }} user - user: name="{{ server_user }}" shell=/bin/sh append=yes groups={{ server_user }} + - name: User | Add user + user: name="{{ jenkins_user }}" shell=/bin/sh createhome=yes append=yes groups={{ jenkins_user }} tags: user - name: User | Download pubkey(s) @@ -40,16 +44,16 @@ with_items: ssh_users tags: user - - name: General | Create authorized_keys for {{ server_user }} - authorized_key: user="{{ server_user }}" key="{{ lookup('file', '/tmp/' + item + '.keys') }}" + - name: General | Create authorized_keys for user + authorized_key: user="{{ jenkins_user }}" key="{{ lookup('file', '/tmp/' + item + '.keys') }}" with_items: ssh_users tags: user - - name: Jenkins | Download Jenkins' slave.jar - command: curl -sL https://ci.nodejs.org/jnlpJars/slave.jar -o /home/{{ server_user }}/slave.jar + - name: Jenkins | Download Jenkins slave.jar + get_url: url={{ jenkins_base_url }}/jnlpJars/slave.jar dest=/home/{{ jenkins_user }}/slave.jar tags: jenkins - - name: Assures that {{ init_base }}/{rc.d, rc.conf.d} directories exists + - name: Init | Assure that {rc.d, rc.conf.d} directories exists file: path={{ init_base }}/{{ item }} state=directory with_items: - rc.d @@ -57,26 +61,11 @@ tags: init - name: Init | Copy init script - copy: src=./resources/jenkins dest={{ init_base }}/rc.d/jenkins owner={{ server_user }} group={{ server_user }} mode=0755 - tags: init - - - name: Init | Copy config template - copy: src=./resources/jenkins.conf dest={{ init_base }}/rc.conf.d/jenkins owner={{ server_user }} group={{ server_user }} mode=0600 - tags: init - - - name: Init | Copy secret to config` - replace: dest={{ init_base }}/rc.conf.d/jenkins regexp="\{\{secret\}\}" replace="{{ server_secret }}" - tags: init - - - name: Init | Copy user/group to config` - replace: dest={{ init_base }}/rc.conf.d/jenkins regexp="\{\{{{item}}\}\}" replace="{{ server_user }}" - with_items: - - user - - group + copy: src=./resources/jenkins dest={{ init_base }}/rc.d/jenkins mode=0755 tags: init - - name: Init | Copy id to config - replace: dest={{ init_base }}/rc.conf.d/jenkins regexp="\{\{id\}\}" replace="{{ inventory_hostname }}" + - name: Init | Generate config + template: src=./resources/jenkins.conf.j2 dest={{ init_base }}/rc.conf.d/jenkins tags: init - name: Init | Add to boot and start service diff --git a/setup/freebsd/ansible-vars.yaml b/setup/freebsd/ansible-vars.yaml index 55d0c9042..93c85fea9 100644 --- a/setup/freebsd/ansible-vars.yaml +++ b/setup/freebsd/ansible-vars.yaml @@ -1,12 +1,11 @@ --- -server_user: iojs init_base: /usr/local/etc/ ssh_users: - rvagg - jbergstroem - joaocgreis packages: - - openjdk + - openjdk-jre - git - gmake - ccache diff --git a/setup/freebsd/resources/jenkins b/setup/freebsd/resources/jenkins index 841ab14d3..053f75e8b 100644 --- a/setup/freebsd/resources/jenkins +++ b/setup/freebsd/resources/jenkins @@ -30,7 +30,7 @@ jenkins_args="-jar ${jenkins_jar} \ jenkins_jobs="$(getconf NPROCESSORS_ONLN)" # FreeBSD uses a java wrapper. Without full path pid monitoring won't work -procname=`cat /usr/local/etc/javavms | cut -d "#" -f 1` +procname=$(cat /usr/local/etc/javavms | cut -d "#" -f 1) pidfile="/var/run/${name}/${name}.pid" monitor_pidfile="/var/run/${name}/${name}_monitor.pid" command="/usr/sbin/daemon" @@ -50,9 +50,9 @@ jenkins_prestart() { chown "${jenkins_user}:${jenkins_group}" "${jenkins_log_file}" chmod 640 "${jenkins_log_file}" fi - if [ ! -d `basename ${pidfile}` ]; then + if [ ! -d $(dirname ${pidfile}) ]; then install -d -o "${jenkins_user}" -g "${jenkins_group}" \ - -m 750 `basename ${pidfile}` + -m 750 $(dirname ${pidfile}) fi if [ ! $jenkins_secret ]; then @@ -62,9 +62,10 @@ jenkins_prestart() { jenkins_start() { - check_startmsgs && echo -n "Starting ${name}" + check_startmsgs + echo "Starting ${name}." + # @TODO: get rid of nasty banner when su -l su -l ${jenkins_user} -c "${env} exec ${command} ${command_args}" - echo . } jenkins_stop() @@ -74,7 +75,8 @@ jenkins_stop() else echo -n "Stopping service: ${name}" kill `cat ${monitor_pidfile}` - rm ${pidfile} ${monitor_pidfile} + # files are removed on exit, but be extra sure + rm -f ${pidfile} ${monitor_pidfile} echo . fi } diff --git a/setup/freebsd/resources/jenkins.conf b/setup/freebsd/resources/jenkins.conf deleted file mode 100644 index b79f203d9..000000000 --- a/setup/freebsd/resources/jenkins.conf +++ /dev/null @@ -1,4 +0,0 @@ -jenkins_jnlpurl="https://ci.nodejs.org/computer/{{id}}/slave-agent.jnlp" -jenkins_secret="{{secret}}" -jenkins_user="{{user}}" -jenkins_group="{{group}}" diff --git a/setup/freebsd/resources/jenkins.conf.j2 b/setup/freebsd/resources/jenkins.conf.j2 new file mode 100644 index 000000000..0b3ca43f2 --- /dev/null +++ b/setup/freebsd/resources/jenkins.conf.j2 @@ -0,0 +1,4 @@ +jenkins_jnlpurl="{{ jenkins_base_url }}computer/{{ inventory_hostname }}/slave-agent.jnlp" +jenkins_secret="{{ server_secret }}" +jenkins_user="{{ jenkins_user }}" +jenkins_group="{{ jenkins_user }}" From 3bdcc916fc50b800980b3ceae7b8da22a80d9f8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johan=20Bergstr=C3=B6m?= Date: Thu, 26 Nov 2015 23:20:35 +1100 Subject: [PATCH 5/6] doc: python install is now part of bootstrap --- setup/freebsd/README.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/setup/freebsd/README.md b/setup/freebsd/README.md index 24678cf44..a9575d8d8 100644 --- a/setup/freebsd/README.md +++ b/setup/freebsd/README.md @@ -2,12 +2,6 @@ The current FreeBSD VMs lives at Digitalocean. -You have to install `python` before running ansible. Log in to the VM -and run the following: -``` -sudo pkg update && sudo pkg install -y python -``` - To set up hosts, make sure you add them to your ssh config first: ``` Host test-digitalocean-freebsd10-x64-1 From 28bea9ca84d93eaf8a9efdd4be6a6e71078940e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johan=20Bergstr=C3=B6m?= Date: Thu, 26 Nov 2015 23:21:44 +1100 Subject: [PATCH 6/6] fix: remove extra line --- setup/ansible-includes/global-vars.yaml | 2 +- setup/freebsd/ansible-playbook.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/setup/ansible-includes/global-vars.yaml b/setup/ansible-includes/global-vars.yaml index f176d0259..3269cf79d 100644 --- a/setup/ansible-includes/global-vars.yaml +++ b/setup/ansible-includes/global-vars.yaml @@ -1,4 +1,4 @@ ----- +--- # Varibles we use globally # Avoid pollution at all costs :) jenkins_user: iojs diff --git a/setup/freebsd/ansible-playbook.yaml b/setup/freebsd/ansible-playbook.yaml index 4def8ef71..bd1347dfd 100644 --- a/setup/freebsd/ansible-playbook.yaml +++ b/setup/freebsd/ansible-playbook.yaml @@ -1,4 +1,4 @@ ----- +--- - hosts: iojs-freebsd10 gather_facts: no remote_user: freebsd