diff --git a/admin-guide/deployment/sysdb_env.md b/admin-guide/deployment/sysdb_env.md index 0532380b..d70e71b5 100644 --- a/admin-guide/deployment/sysdb_env.md +++ b/admin-guide/deployment/sysdb_env.md @@ -53,25 +53,21 @@ Here you can see the different environments. The steps to create and configure a new **GIT** project are: -1. Create a new project (environment). It can be done here: https://git.psi.ch/projects/new +1. Create a new project (environment) in the `hiera` group. It can be done here: https://git.psi.ch/projects/new?namespace_id=1738 - - Go to `[Blank project] Tab` (which is the *default* tab) - - Change `[Project Path]` as follows: - - `https://git.psi.ch/` + `linux-infra/hiera` - - Define `[Project Name]`, which *must* have the following format: - - `data-` where `` is the one defined in **Bob** - - *[Optional]* Specify `[Project description]` - - Specify `[Visibility Level]`: - - Should be `Internal` or `Private` + - Click `[Create blank project]` + - Define `[Project name]`, which *must* have the format `data-` where `` is the one defined in **Bob** + - Specify `[Visibility Level]`: Should be `Internal` or `Private` + - Remove the tick `[Initialize repository with a README]`. 2. Configure project permissions as follows: - `[data-[Settings]->[Repository]`, or directly: https://git.psi.ch/linux-infra/hiera/data-(environment_name)/-/settings/repository - `[Deploy Keys]` -> `[Privately accessible deploy keys]` -> select `root@puppet01.psi.ch'` -> click on `'Enable'` - - `[data-[Settings]->[Members]`, or directly: https://git.psi.ch/linux-infra/hiera/data-(environment_name)/project_members + - `[data-[Manage]->[Members]`, or directly: https://git.psi.ch/linux-infra/hiera/data-(environment_name)/project_members - Setup specific permissions for specific users or groups. In example: - - Set project `Master`: - - `[Select members to invite]` (`caubet_m`) + `[Choose a role permission]` (`Master`) + `[Add to project]` + - Set project `Maintainer`: + - `[Select members to invite]` (`caubet_m`) + `[Choose a role permission]` (`Maintainer`) + `[Add to project]` - Set other roles: - `[Select members to invite]` (`dorigo_a`) + `[Choose a role permission]` (`Developer`) + `[Add to project]` - `[data-[Settings]->[Integrations]`, or directly: https://git.psi.ch/linux-infra/hiera/data-(environment_name)/-/hooks diff --git a/admin-guide/deployment/workflow.rst b/admin-guide/deployment/workflow.rst deleted file mode 100644 index 9d949b8b..00000000 --- a/admin-guide/deployment/workflow.rst +++ /dev/null @@ -1,147 +0,0 @@ -=================================== -Deploying New Environment: Workflow -=================================== - -Introduction -============ - -Deploying a new environment requires the following: - 1. Configuring the environment in **bob** - 2. Configuring the environment in GIT (``https://git.psi.ch/linux-infra/hiera``) - - - Environment format: ``data-`` - - And change permissions accordingly - - Configure the necessary webhooks for the Puppet and Sysdb server - - 3. Configuring the environment in Puppet (e.g. ``puppet01.psi.ch``) - -Configuring the environment in sysdb ------------------------------------- - -Bob allows to create a new environment in ``sysdb`` by using the ``bob -env`` option. You must have permissions to do that. - - -You must belong to the ``sysdb-admins`` group that is actually -configured on the local ``/etc/group`` file. A migration to Active -Directory should be done for that group. - -To list current defined environments run:: - - bob env list - -To add a new environment, run:: - - bob env add "" - -In example, for the MeG cluster:: - - bob env add meg caubet_m unx-hpc_adm "MeG Cluster" - -Test new environment in BOB -~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -In order to test that environment was successfully created:: - - bob env list | grep - -In example:: - - caubet_m@caubet-laptop:~/GIT/admin-guide/deployment$ bob env list | grep meg - meg caubet_m unx-hpc_adm MeG Cluster - -Configuring the environment in GIT ----------------------------------- - -Current **GIT** server at **PSI** is ``git.psi.ch``. Every new environment should in principle belong to the **linux-infra** project. - -You must belong to the ``puppet_env`` Active Directory group in order to be able to create new projects. - -In order to create a new environment in **GIT**, you should access and login in the following link: https://git.psi.ch/linux-infra/hiera/. -Here you can see the different environments. - -The steps to create and configure a new **GIT** project are: - -1. Create a new project (environment). It can be done here: https://git.psi.ch/projects/new - - - Go to ``[Blank project] Tab`` (which is the *default* tab) - - Change ``[Project Path]`` as follows: - - https://git.psi.ch/ + ``linux-infra/hiera`` - - Define ``[Project Name]``, which *must* have the following format: - - ``data-`` where ```` is the one defined in **Bob** - - *[Optional]* Specify ``[Project description]`` - - Specify ``[Visibility Level]``: - - Should be ``Internal`` - -2. Configure *project* permissions as follows: - - - ``[data-[Settings]->[Repository]``, or directly: https://git.psi.ch/linux-infra/hiera/data-(environment_name)/-/settings/repository - - ``[Deploy Keys]`` -> ``[Privately accessible deploy keys]`` -> select ``root@puppet01.psi.ch'`` -> click on ``'Enable'`` - - ``[data-[Settings]->[Members]``, or directly: https://git.psi.ch/linux-infra/hiera/data-(environment_name)/project_members - - Setup specific permissions for specific users or groups. In example: - - Set project ``Master``: - - ``[Select members to invite]`` (``caubet_m``) + ``[Choose a role permission]`` (``Master``) + ``[Add to project]`` - - Set other roles: - - ``[Select members to invite]`` (``ozerov_d``) + ``[Choose a role permission]`` (``Developer``) + ``[Add to project]`` - - ``[data-[Settings]->[Integrations]``, or directly: https://git.psi.ch/linux-infra/hiera/data-(environment_name)/-/hooks - - Add WebHooks as follows: - - ``[URL]``: http://puppet01.psi.ch/events/dataupdate - - ``[URL]``: http://sysdb.psi.ch/events/dataupdate - - (Checked) ``[Push events]``. Uncheck the rest. - - ``[SSL verification]`` -> (uncheck) ``[Enable SSL verification]`` - - Confirm information from above, and click on ``[Add webhook]`` to add the new WebHook. - -Test new environment in GIT -~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -In order to test that environment was successfully created:: - - git clone git@git.psi.ch:linux-infra/hiera/data-.git - -In example:: - - caubet_m@caubet-laptop:~/GIT$ git clone git@git.psi.ch:linux-infra/hiera/data-meg.git - Cloning into 'data-meg'... - X11 forwarding request failed - warning: You appear to have cloned an empty repository. - -Configuring the environment in Puppet server --------------------------------------------- - -In [bootstrap](https://git.psi.ch/linux-infra/bootstrap) add the new repo to `instcode/puppet/puppet_server/manifests/data.pp` and run the bootstrap for the Puppet server. - -Configuring the environment in Sysdb Server -------------------------------------------- - -In [bootstrap](https://git.psi.ch/linux-infra/bootstrap) add the new repo to the suitable inventory file (eg. `ansible/inventory.yaml` for production) and run the playbook for the Sysdb server. - -Test new environment in Puppet -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -In order to test that environment was successfully created:: - - git clone git@git.psi.ch:linux-infra/data-.git - -Add a new file .yaml in to the project:: - - cd data- - touch .yaml - git add .yaml - git commit -a -m "Added first empty file" - git push - -After a few seconds (needs time to trigger the change), check in ``puppet01.psi.ch:/srv/puppet/data/`` that file was successfully triggered (copied) to the puppet server from **GIT**:: - - ssh root@puppet01.psi.ch ls /srv/puppet/data//.yaml - -Full real example:: - - git clone git@git.psi.ch:linux-infra/data-meg.git - cd data-meg - touch meg.yaml - git add meg.yaml - git commit -a -m "Added first empty file" - git push - sleep 5 - ssh root@puppet01.psi.ch ls /srv/puppet/data/meg/meg.yaml -