=================================== Deploying New Environment: Workflow =================================== Introduction ============ Deploying a new environment requires the following: 1. Configuring the environment in **bob** 2. Configuring the environment in GIT (``git.psi.ch``) - Environment format: ``data-`` - And change permissions accordingly 3. Configuring the environment in Puppet (``puppet01.psi.ch``) Configuring the environment in sysdb ------------------------------------ Bob allows to create a new environment in ``sysdb`` by using the ``bob env`` option. You must have permissions to do that. You must belong to the ``sysdb-admins`` group that is actually configured on the local ``/etc/group`` file. A migration to Active Directory should be done for that group. To list current defined environments run:: bob env list To add a new environment, run:: bob env add "" In example, for the MeG cluster:: bob env add meg caubet_m unx-hpc_adm "MeG Cluster" Test new environment in BOB ~~~~~~~~~~~~~~~~~~~~~~~~~~~ In order to test that environment was successfully created:: bob env list | grep In example:: caubet_m@caubet-laptop:~/GIT/admin-guide/deployment$ bob env list | grep meg meg caubet_m unx-hpc_adm MeG Cluster Configuring the environment in GIT ---------------------------------- Current **GIT** server at **PSI** is ``git.psi.ch``. Every new environment should in principle belong to the **linux-infra** project. You must belong to the ``puppet_env`` Active Directory group in order to be able to create new projects. In order to create a new environment in **GIT**, you should access and login in the following link: https://git.psi.ch/linux-infra/. Here you can see the different environments and **GIT** projects belonging to the **linux-infra** group. The steps to create and configure a new **GIT** project are: 1. Create a new project (environment). It can be done here: https://git.psi.ch/projects/new - Go to ``[Blank project] Tab`` (which is the *default* tab) - Change ``[Project Path]`` as follows: - https://git.psi.ch/ + ``linux-infra`` - Define ``[Project Name]``, which *must* have the following format: - ``data-`` where ```` is the one defined in **Bob** - *[Optional]* Specify ``[Project description]`` - Specify ``[Visibility Level]``: - Should be ``Internal`` 2. Configure *project* permissions as follows: - ``[data-[Settings]->[Repository]``, or directly: https://git.psi.ch/linux-infra/data-(environment_name)/settings/repository - ``[Deploy Keys]`` -> select ``root@puppet01.psi.ch'`` -> click on ``'Enable'`` - ``[data-[Settings]->[Members]``, or directly: https://git.psi.ch/linux-infra/data-(environment_name)/project_members - Setup specific permissions for specific users or groups. In example: - Set project ``Master``: - ``[Select members to invite]`` (``caubet_m``) + ``[Choose a role permission]`` (``Master``) + ``[Add to project]`` - Set other roles: - ``[Select members to invite]`` (``ozerov_d``) + ``[Choose a role permission]`` (``Developer``) + ``[Add to project]`` - ``[data-[Settings]->[Integrations]``, or directly: https://git.psi.ch/linux-infra/data-(environment_name)/settings/integrations - Add WebHook as follows: - ``[URL]``: http://puppet01.psi.ch/events/dataupdate - (Checked) ``[Push events]``. Uncheck the rest. - ``[SSL verification]`` -> (uncheck) ``[Enable SSL verification]`` - Confirm information from above, and click on ``[Add webhook]`` to add the new WebHook. Test new environment in GIT ~~~~~~~~~~~~~~~~~~~~~~~~~~~ In order to test that environment was successfully created:: git clone git@git.psi.ch:linux-infra/data-.git In example:: caubet_m@caubet-laptop:~/GIT$ git clone git@git.psi.ch:linux-infra/data-meg.git Cloning into 'data-meg'... X11 forwarding request failed warning: You appear to have cloned an empty repository. Configuring the environment in Puppet ------------------------------------- Current *test* **Puppet** server is ``puppet00-test.psi.ch``. Current *production* **Puppet** server is ``puppet01.psi.ch``. This documentation will take as an example an environment deployed in the *production* server ``puppet01.psi.ch``. You must have ``root`` access to the Puppet server in order to be able to configure it. Steps are: 1. Login in to the Puppet server:: ssh root@puppet01.psi.ch 2. Clone the already created **GIT** project to the ``/srv/puppet/data`` path, which contains all the different projects (Bob environments):: git clone git@git.psi.ch:linux-infra/data-.git /srv/puppet/data/ # In example: git clone git@git.psi.ch:linux-infra/data-meg.git /srv/puppet/data/meg 3. Change permissions to ``plidata.puppet`` for the new directory ``/srv/puppet/data/``:: chown -R plidata.puppet /srv/puppet/data/ # In example: chown -R plidata.puppet /srv/puppet/data/meg At this point, everything should be configured and we can proceed to test that it works. Test new environment in Puppet ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In order to test that environment was successfully created:: git clone git@git.psi.ch:linux-infra/data-.git Add a new file .yaml in to the project:: cd data- touch .yaml git add .yaml git commit -a -m "Added first empty file" git push After a few seconds (needs time to trigger the change), check in ``puppet01.psi.ch:/srv/puppet/data/`` that file was successfully triggered (copied) to the puppet server from **GIT**:: ssh root@puppet01.psi.ch ls /srv/puppet/data//.yaml Full real example:: git clone git@git.psi.ch:linux-infra/data-meg.git cd data-meg touch meg.yaml git add meg.yaml git commit -a -m "Added first empty file" git push sleep 5 ssh root@puppet01.psi.ch ls /srv/puppet/data/meg/meg.yaml