This document is specific to the London RedCentric lab, but should evolve to a more generic setup once we have more labs. For now, there are some hard-coded logic in the wiki as well as the scripts, to make sure we can reproduce at least the one lab we have. Once we have more labs, we'll work to automate that using configuration files, command line options, etc.
...
The hpc-admin node will be the physical server hosting the MrProvisioner and Jenkins services for the HPC lab.
The baremetal installation is : a Debian9 (stretch) hosting the two services using KVM/QEMU for the moment (migration to Docker/Containers will be possible when MrP support for containers is production ready.)
Required Packages and repos
Install Debian as you normally would for a server, do care to install the ssh server and to plan for enough space for the Jenkins logs (a bare minimum of 500Go for the Jenkins VM is desirable)
| Code Block | ||||
|---|---|---|---|---|
| ||||
root@hpc-admin # apt update && apt upgrade root@hpc-admin # apt install sudo git net-tools vim bridge-utils qemu-kvm libvirt-clients libvirt-daemon-system virtinst dirmngr build-essential root@hpc-admin # echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main" >> /etc/apt/sources.list root@hpc-admin # apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 root@hpc-admin # apt update && apt install ansible git qemu-kvm libvirt-clients libvirt-daemon-system |
You
...
'll also need a few repositories for the automation:
| Code Block | ||
|---|---|---|
| ||
root@hpc-admin # git clone ssh-keygen -t rsa -b 2048 -N "" -f /root/.ssh/id_rsa://git@dev-private-git.linaro.org/hpc/labconf.git root@hpc-admin # git clone https://github.com/BaptisteGerondeau/ans_setup_jenkins.git root@hpc-admin # git cpclone https:/root/github.ssh/id_rsa.pub /root/.ssh/authorized_keys |
Setting up the VMs
First you need to setup libvirt's bridge adaptor, so we can bind the VMs network interfaces to it:
| Code Block |
|---|
com/BaptisteGerondeau/infra-automation.git && cd infra_automation/ansible |
You now have a working baremetal server running Debian9 with all the appropriate utilities and tools.
Network Configuration
For the VMs to work on the two network interfaces of the host, we need to create a bridge in each and assign the required static IPs, as well as enabling IP forward and creating the SSH keys.
This is all done by the network_setup.sh script in our labconf repository:
| Code Block | ||
|---|---|---|
| ||
root@hpc-admin # vimcd labconf/etc/network/interfaces # auto enp0s25 root@hpc-admin # iface enp0s25 inet dhcp auto br0 iface br0 inet static address 10.50.0.2 netmask 255.255.0.0 gateway 10.50.0.1 dns-nameservers 10.50.0.1 bridge_ports enp0s25 bridge_stp off bridge_maxwait 0 bridge_fd 0 root@hpc-admin # systemctl restart networking./network_setup.sh <IF0> <IF1> |
Change IF0 to your primary interface (the one connected to the firewall / VPN and IF1 to the one that will be connected to the BMCs (via the MrP VM).
Warning: This script will restart your network, make sure you're running on a physical terminal.
Setting up the VMs
With the network in place, you can clone the HPC Lab Conf repository (you must be allowed and have your key in the private repo):
| Code Block | ||
|---|---|---|
| ||
root@hpc-admin # git clone ssh://git@dev-private-git.linaro.org/hpc/labconf.git
root@hpc-admin # cd labconf/kvm |
Then create the Jenkins VM:
| Code Block |
|---|
root@hpc-admin # ./jenkins_virt_install.sh |
...
Installing the Jenkins service
Clone the ansible repository to setup Jenkins:
...
Copy the secret files from our private repo to the Jenkins ansible repo
...
:
| Code Block | ||||
|---|---|---|---|---|
| ||||
root@hpc-admin # cp -r labconf/roles/ ans_set_jenkins/ |
...
You may get two warnings when you log in to Jenkins, which can be corrected on the Global Security screen:
- Agent to master security subsystem is currently off: Check the box saying "Enable Agent → Master Access Control"
- Jenkins instance uses deprecated protocols: JNLP3-connect: Uncheck the box "Java Web Start Agent Protocol/3" in "Agent Protocols"
Save the configuration and you should be all set.
Installing the MrP service
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
root@hpc-admin # git clone https://github.com/niedbalski/infra-automation.git && cd infra_automation/ansible
root@hpc-admin # ansible-playbook playbooks/infra-server.yml -vvv -u root |
...