shared git repository over ssh

A git repository is configured to be shared between users from the same group with:

# grep group /srv/repos/git/l2mesh.git/config
        shared = group

The repository directory is set with the group sticky bit so that files created by a user have the same group and permissions as the directory:

root@redmine ~# ls -ld /srv/repos/git/l2mesh.git/config
-rw-rw-r-- 1 root git 82 Nov 23 13:09 /srv/repos/git/l2mesh.git/config

The repository can then be cloned with

git clone ssh://

Continue reading “shared git repository over ssh”

routing ipv6 from Hetzner to an OpenStack instance

The 2a01:4f8:162:12e3::2 IPv6 address is assigned to from the IPv6 subnet provided by Hetzner. The OpenStack host on which the instance running is running is configured as a proxy with

sysctl -w net.ipv6.conf.all.proxy_ndp=1
ip -6 neigh add proxy 2a01:4f8:162:12e3::2 dev eth0

and an OpenStack Essex bug is worked around by manually disabling hairpin_mode:

echo 0 > /sys/class/net/br2003/brif/vnet1/hairpin_mode

The page can then be retrieved with

$ curl --verbose -6
* About to connect() to port 80 (#0)
*   Trying 2a01:4f8:162:12e3::2...
* connected
* Connected to (2a01:4f8:162:12e3::2) port 80 (#0)
> Host:
> Accept: */*
<address>Apache/2.2.19 (Debian) Server at Port 80</address>
* Connection #0 to host left intact
* Closing connection #0

Continue reading “routing ipv6 from Hetzner to an OpenStack instance”

realistic puppet tests with jenkins and OpenStack (part 1/2)

A git repository containing a puppet module is bound to a jenkins project. When the repository changes, jenkins boots a virgin puppetmaster OpenStack instance in a dedicated tenant. It runs the script in the puppetmaster instance. In addition to the puppet unit tests, the script will launch realistic tests by launching OpenStack instances and checking their state. The checks are done with nagios which can also be used in a production environment to continuously monitor the deployment.
Continue reading “realistic puppet tests with jenkins and OpenStack (part 1/2)”

creating a Debian GNU/Linux Wheezy puppet client for OpenStack

A Debian GNU/Linux wheezy image is booted and modified to set its hostname based on the content of the metadata. The /etc/rc.local file is changed to run puppet agent –waitforcert 60 at boot time. The instance is then snapshoted and the corresponding file system reduced to a minimal size with resize2fs -M.
Continue reading “creating a Debian GNU/Linux Wheezy puppet client for OpenStack”