diff options
| author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-03-10 16:34:47 +0000 |
|---|---|---|
| committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-03-13 15:14:29 +0000 |
| commit | a3d7604896898a0d1e2728eed9bbad344838551c (patch) | |
| tree | 7c1aed8bdbf450c1f4b8bdd6cda84f9a22f8d976 | |
| parent | 1b45d71854febaa1e85e8cffe465e83d6c29d096 (diff) | |
| download | infrastructure-a3d7604896898a0d1e2728eed9bbad344838551c.tar.gz | |
gerrit: Improvements to deployment
These came about after I redeployed gerrit.baserock.org from scratch
(but using the same database).
| -rw-r--r-- | README.mdwn | 45 | ||||
| -rw-r--r-- | baserock_gerrit/instance-config.yml | 6 |
2 files changed, 30 insertions, 21 deletions
diff --git a/README.mdwn b/README.mdwn index 4bf30707..9d77055b 100644 --- a/README.mdwn +++ b/README.mdwn @@ -197,6 +197,12 @@ https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/ To deploy to production: + nova volume-create \ + --display-name gerrit-volume \ + --display-description 'Gerrit volume' \ + --volume-type Ceph \ + 100 + morph build baserock_gerrit/gerrit-system-x86_64.morph morph deploy baserock_gerrit/baserock_gerrit.morph @@ -205,26 +211,32 @@ To deploy to production: --flavor 'dc1.2x4.40' \ --image baserock_gerrit \ --nic net-id=d079fa3e-2558-4bcb-ad5a-279040c202b5,v4-fixed-ip=192.168.222.69 \ + --security-groups default,gerrit,git-server,web-server --user-data baserock-ops-team.cloud-config - nova volume-create \ - --display-name gerrit-volume \ - --display-description 'Gerrit volume' \ - --volume-type Ceph \ - 100 nova volume-attach gerrit.baserock.org <volume-id> /dev/vdb - # Download the JRE -- this implies that you accept the 'Oracle Binary Code - # License Agreement for Java SE'. Visit Make sure you use the latest - # version of Java, don't copy-paste this commandline directly ;) - # - # See: http://www.oracle.com/technetwork/java/javase/downloads/index.html +Accept the license and download the latest Java Runtime Environment from +http://www.oracle.com/technetwork/java/javase/downloads/server-jre8-downloads-2133154.html + +Accept the license and download the latest Java Cryptography Extensions from +http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html + +Save these two files in the baserock_gerrit/ folder. The instance-config.yml +Ansible playbook will upload them to the new system. + + # Don't copy-paste this! Use the Oracle website instead! wget --no-cookies --no-check-certificate \ - --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \ - "http://download.oracle.com/otn-pub/java/jdk/8u31-b13/server-jre-8u31-linux-x64.tar.gz" + --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \ + "http://download.oracle.com/otn-pub/java/jdk/8u40-b25/server-jre-8u40-linux-x64.tar.gz" + wget --no-cookies --no-check-certificate \ + --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \ + "http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip" ansible-playbook -i hosts baserock_gerrit/instance-config.yml +#### Access control + Now, log into the new Gerrit instance with your OpenID. Make sure you're the first one to have registered, and you will automatically have been added to the Administrators group. @@ -238,10 +250,6 @@ appear for some reason, or it might not work at all. Click off the page and come back to it and it might suddenly have appeared. I've not investigated why this happens. -[gerrit set-members]: https://gerrit-documentation.storage.googleapis.com/Documentation/2.9.4/cmd-set-members.html - -#### Access control rules - Now set up the Gerrit access configuration. You'll need to have cloned <https://github.com/ssssam/ansible-gerrit> alongside infrastructure.git, and ran `make` in that directory. You'll also need 'pygerrit' installed somewhere @@ -266,14 +274,15 @@ which will be needed in the next step. git push origin config:refs/meta/config cd - +[gerrit set-members]: https://gerrit-documentation.storage.googleapis.com/Documentation/2.9.4/cmd-set-members.html + #### Mirroring TO DO: link to document on setting up mirroring. Run: - ANSIBLE_LIBRARY=../ansible-gerrit \ - ansible-playbook baserock_gerrit/mirroring-config.yml + ansible-playbook -i hosts baserock_gerrit/instance-mirroring-config.yml ### Storyboard diff --git a/baserock_gerrit/instance-config.yml b/baserock_gerrit/instance-config.yml index 77de7722..0a06413c 100644 --- a/baserock_gerrit/instance-config.yml +++ b/baserock_gerrit/instance-config.yml @@ -12,10 +12,10 @@ GERRIT_VERSION: 2.9.4 # Download from http://www.oracle.com/technetwork/java/javase/downloads/server-jre8-downloads-2133154.html - JRE_FILE: server-jre-8u31-linux-x64.tar.gz + JRE_FILE: server-jre-8u40-linux-x64.tar.gz # This path should correspond to where the JRE ends up if you extract the # downloaded tarball in /opt. - JRE_DIR: /opt/jdk1.8.0_31 + JRE_DIR: /opt/jdk1.8.0_40 # Download from http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html JCE_FILE: jce_policy-8.zip @@ -29,7 +29,7 @@ user: name=gerrit shell=/bin/false - name: unpack the Java Runtime Environment - unarchive: src=/root/{{ JRE_FILE }} dest=/opt owner=root group=root creates={{ JRE_DIR }} + unarchive: src={{ JRE_FILE }} dest=/opt owner=root group=root creates={{ JRE_DIR }} # The Java Cryptography Extensions are needed in order to enable all SSH # ciphers, due to US export restrictions. |