VPS bootstrapping

[Tom Buckley-Houston]

I've made a start on amending the chef recipes to work on a VPS. As was mentioned the main task was moving away from the vagrant user, I chose rukosan (as in the Japanese honorific) as there is a rukouser used by the dynohost that has different privileges. Of course this also meant updating the integration tests to refer to the new user.

So the bootstrapper is https://github.com/tombh/bootstrap-openruko/compare/vps_deployable

And the new integration tests are https://github.com/tombh/integration-tests

I've been running them on an Ubuntu 12.04 64bit Linode instance. They don't work completely unfortunately. The first thing is getting nvm (and thus npm and node) recognised in non-interactive sessions. For some reason, that I cannot fathom, /etc/profile.d/nvm.sh is always sourced in vagrant but not on the VPS. So for instance, `bash <some_script.sh>' will not have access to nvm, npm or node :( I've tried all sorts of things but have just had to resort to sourcing nvm.sh every time it is needed by chef, which feels like a hack. But from what I can gather it is expected behaviour for non-interactive shells to not source any profile or rc files, so vagrant is doing something special perhaps?

Anyway, everything installs and the integration-tests pass up to the point of deploying the first repo. I've debugged the issue to LXC not launching the build container, the offending log lines are;

lxc-start 1357075274.909 ERROR lxc_conf - Device or resource busy - failed to mount a new instance of '/dev/pts'

lxc-start 1357075274.909 ERROR lxc_conf - failed to setup the new pts instance
lxc-start 1357075274.909 ERROR lxc_start - failed to setup the container
lxc-start 1357075274.909 ERROR lxc_sync - invalid sequence number 1. expected 2
lxc-start 1357075274.909 ERROR lxc_start - failed to spawn 'a4b351ed-0759-e4a7-cd26-842086b811d4'

I have no idea how to debug this any further :(

Max, you said to remind you to share your attempt at porting the chef scripts, maybe you've had more luck?

Thanks,

tom :)

[Maxence]

Hi tom,

and good works!

About nvm, I haven't use it in my recipes so i didn't get the problem.

Concerning, your solo.json file, I'm concerned that you use the alphabetic order. I'm not sure that needed dependencies are described in the metadata description of the recipes. I'll check my file and come back to you.

I'm note sure whether or not I tried to run the integration test. So I'll do and let you know.

++

Maxence

--
 
 

[Romain]

Hi Tom, 

Thank you for starting the VPS bootstrapping. It's a great part for OpenRuko.

About node and npm, I think the better solution would be to use the official nodejs/npm recipe, https://github.com/mdxp/nodejs-cookbook. I don't know why we don't do this on vagrant-openruko, but it has to be changed.

I take a look at bootstrap-openruko, and I think that once done, we will need to refactor vagrant-openruko to avoid duplicated code with bootstrap-openruko. 

We could create a project called `chef-openruko` containing every chef recipes. And use a variable for the username, usergroup, postgresql password, adminapi_key, ...

Then bootstrap-openruko, and vagrant-openruko will use `chef-openruko`.

Are you interested in working on the `chef-openruko` repo ?

About the LXC error, could you try the following commands:

    sudo lxc-create -t ubuntu -n ubuntu1

    sudo lxc-start -n ubuntu1

Then in a second shell, do `sudo lxc-stop -n ubuntu1`

Before christmas I run the integration-tests and everything was working great.

Cheers

Romain

2013/1/1 Maxence <max...@maxired.fr>

--
 
 

[Thomas Buckley-Houston]

Hey Romain,

So I replaced the nvm recipe with the official nodejs recipe you linked to and it worked first time without any need for messing about with bash profiles and non-interactive sessions :)

I had actually already envisioned that these changes I'm making would cater for both a Vagrant and a VPS environment. I've changed the name of the repo to chef-openruko.

I did begin the work of using global variables for the recipes (for the user, group, etc) but then I thought I'd take a different angle and strip the chef config from the Vagrantfile and instead simply get it run the bootstrap.sh script that is used for VPS deployment too. That way a vagrant instance will actually have a vagrant user *and* the rukosan user. It seems to work okay, as in `vagrant up` is working and all the recipes install fine. But the tests fail at the first git push, this time because it won't recognise the SSH key. I haven't had time to look into it, hopefully it's just something simple. But to be fair these chef recipes and boot scripts are coming to be a fairly significant deviation from the current vagrant-openruko repo. 

And finally, with regards to the LXC error from earlier, the output from running `sudo lxc-create -t ubuntu -n ubuntu1` is;

lxc-start: failed to create vetheuVUzp-vethp5gPpS : Operation not supported

lxc-start: failed to create netdev

lxc-start: failed to create the network

lxc-start: failed to spawn 'ubuntu1'

lxc-start: No such file or directory - failed to remove cgroup '/sys/fs/cgroup/cpuset//lxc/ubuntu1'

Thanks,

tom :)

[Romain]

Could you try an lxc-checkconfig.

[Thomas Buckley-Houston]

Sure;

--- Namespaces ---

Namespaces: enabled

Utsname namespace: enabled

Ipc namespace: enabled

Pid namespace: enabled

User namespace: missing

Network namespace: enabled

Multiple /dev/pts instances: missing

--- Control groups ---

Cgroup: enabled

Cgroup clone_children flag: enabled

Cgroup device: enabled

Cgroup sched: enabled

Cgroup cpu account: enabled

Cgroup memory controller: missing

Cgroup cpuset: enabled

--- Misc ---

Veth pair device: missing

Macvlan: missing

Vlan: missing

File capabilities: enabled

[Romain]

Your kernel is not compiled with the right options.

Everything should be enabled

:(

Le mercredi 2 janvier 2013, Thomas Buckley-Houston a écrit :

--
 
 

[Thomas Buckley-Houston]

You're right. Linode uses some fancy custom kernel. So running on an AWS instance and LXC works fine :)

[Tom Buckley-Houston]

Ok so it's working :)

The 'vps_deloyable' branch here https://github.com/tombh/chef-openruko/tree/vps_deployable works on both an AWS instance namely (ami-1bf97772) and vagrant. That branch uses this amended version of the integration tests https://github.com/tombh/integration-tests

However it does appear that the "malicious host" prevention commit to httprouting is breaking the test. Simply commenting out those lines fixes the tests.

tom :)

[Romain]

Good job, I will try it today ;)

Just a question, is the proxy recipe breaking something? I saw that you disable it. It should do nothing if your host does not expose some proxy specific environment variable.

About the breaking commit I let Mishudark fix this, he said that he will.

--
 
 

[Maxence]

Hi Tom,

I checked your files with my previous developments.

Since you changed the order of the recipes, they are now very similar.

@Filirom1, I successfully ran the installation with the proxy recipe, with adding a proxy configuration in the solo.json 

"proxy": { "http_proxy" :"http://myproxy:3128",

"https_proxy" :"http://myproxy:3128",

"no_proxy":"127.0.0.1,localhost, mymachine.me, *.mymachine.me "}

Max

[Tom Buckley-Houston]

Ah yes, the proxy, I forgot to mention that I disabled it, it was because you could no longer dynamically set the variables in the static JSON file. But if those values work, I can just add them in.