Revision as of 14:11, 23 September 2016

Setting up a new Software Heritage desktop machine

Stable
root w/temporary password; no regular user (after setting up root password, cancel twice and jump forward to clock settings)
full disk with LVM; reduce home LV to leave half of the disk free
Standard system utilities, ssh server, no desktop environment (puppet will install that)

SSH login as root
Edit sources.list to add testing
apt-get update, dist-upgrade, autoremove --purge
- While you wait, create Vpn certificates for the new machine
- add the machine to the puppet configuration, in the swh_desktop role
apt-get install puppet openvpn
configure openvpn per Vpn
- add pergamon IP address to /etc/resolv.conf
- add louvre.softwareheritage.org to /etc/hosts
configure puppet
- systemctl disable puppet
- server=pergamon.internal.softwareheritage.org in /etc/puppet/puppet.conf
- puppet agent --enable
- puppet agent -t
- run puppet on pergamon to update munin server config
set proper root password, add it to password store
reboot

Naming scheme: machine_name.<zone>.<hoster>.internal.softwareheritage.org.

Provision the virtual machine from a Debian image
- Set the admin user to something temporary with an ssh key
- Avoid public IPs if you don't need them
- Add the machine to the internal dns (swh-site + puppet run on pergamon)
Connect to the machine with the temp admin user
apt-get update, dist-upgrade, autoremove --purge
set a root password (xckdpass, add to password store)
allow root ssh password login
connect as root
remove temporary user
- deluser foo
- rm -rf /home/foo
set the hostname
- /etc/hostname: machine.zone.hoster (e.g. worker01.euwest.azure)
- /etc/hosts: add {{<ip> machine.zone.hoster.internal.softwareheritage.org machine.zone.hoster}}} line
reboot to get new hostname
install and setup puppet
- apt-get install puppet
- systemctl disable puppet
- server=pergamon.internal.softwareheritage.org in /etc/puppet/puppet.conf
- puppet agent --enable
- puppet agent -t
- run puppet on pergamon to update munin server config
reboot to check new services
update clustershell configuration on louvre

@@ Line 35: / Line 35: @@
 * set proper root password, add it to password store
 * reboot
+= Setting up a new Virtual Machine (manual process) =
+Naming scheme: machine_name.<zone>.<hoster>.internal.softwareheritage.org.
+* Provision the virtual machine from a Debian image
+** Set the admin user to something temporary with an ssh key
+** Avoid public IPs if you don't need them
+** Add the machine to the internal dns (swh-site + puppet run on pergamon)
+* Connect to the machine with the temp admin user
+* apt-get update, dist-upgrade, autoremove --purge
+* set a root password (xckdpass, add to password store)
+* allow root ssh password login
+* connect as root
+* remove temporary user
+** deluser foo
+** rm -rf /home/foo
+* set the hostname
+** /etc/hostname: machine.zone.hoster (e.g. worker01.euwest.azure)
+** /etc/hosts: add {{<ip> machine.zone.hoster.internal.softwareheritage.org machine.zone.hoster}}} line
+* reboot to get new hostname
+* install and setup puppet
+** apt-get install puppet
+** systemctl disable puppet
+** server=pergamon.internal.softwareheritage.org in /etc/puppet/puppet.conf
+** puppet agent --enable
+** puppet agent -t
+** run puppet on pergamon to update munin server config
+* reboot to check new services
+* update clustershell configuration on louvre
 [[Category:Infrastructure]]
 [[Category:System administration]]