Installer for running CI as a service.
1. Add dns entries for nodepool and zuul (possibly using /etc/hosts) and use the inventory file at inventory/ci. Services may be deployed onto one node or across mulitple nodes.
2. Setup a secrets yaml (see secrets.yml.example). TODO: Store these somewhere sane.
Run playbook:
$ ansible-playbook -i hosts -e @secrets.yml install-ci.yml
To create a new bastion in a cloud for automating things follow these steps:
1. Setup your local (to your development enviroment) clouds.yml with access to the new cloud.
Add new bastion to provision.yml, adding a tag for the new cloud.
Bastion nodes should be Ubuntu Xenial 16.04
Run this to just provision the new one:
$ ansible-playbook -i localhost, provision.yml -t new_cloud_tag
SSH to the new instance and put /etc/secrets.yml in place.
Set ownership on secrets files:
$ sudo chown root.root /etc/secrets.yml
Add the new bastion host to inventory/bastions
Run bastion.yml playbook:
$ ansible-playbook -i inventory/bastions bastion.yml -e @secrets.yml
After that the bastion should self-manage, and logs should be visible at http://<<bastion>>/cron-logs/
As we add or adjust secrets, we'll need to update the secrets file that lives on bastion hosts. As always, if introducing a new secret, update our example secrets file in this repo first. Then update the running bastion.
See our documentation on testing with vagrant.