A git repository is configured to be shared between users from the same group with:
# grep group /srv/repos/git/l2mesh.git/config
shared = group
The repository directory is set with the group sticky bit so that files created by a user have the same group and permissions as the directory:
root@redmine ~# ls -ld /srv/repos/git/l2mesh.git/config
-rw-rw-r-- 1 root git 82 Nov 23 13:09 /srv/repos/git/l2mesh.git/config
The repository can then be cloned with
git clone ssh://redmine.the.re/srv/repos/git/l2mesh.git
Continue reading “shared git repository over ssh”
The 2a01:4f8:162:12e3::2 IPv6 address is assigned to http://packaging-farm.dachary.org/ from the IPv6 subnet provided by Hetzner. The OpenStack host on which the instance running packaging-farm.dachary.org is running is configured as a proxy with
sysctl -w net.ipv6.conf.all.proxy_ndp=1
ip -6 neigh add proxy 2a01:4f8:162:12e3::2 dev eth0
and an OpenStack Essex bug is worked around by manually disabling hairpin_mode:
echo 0 > /sys/class/net/br2003/brif/vnet1/hairpin_mode
The page can then be retrieved with
$ curl --verbose -6 http://packaging-farm.dachary.org/
* About to connect() to packaging-farm.dachary.org port 80 (#0)
* Trying 2a01:4f8:162:12e3::2...
* Connected to packaging-farm.dachary.org (2a01:4f8:162:12e3::2) port 80 (#0)
> Host: packaging-farm.dachary.org
> Accept: */*
<address>Apache/2.2.19 (Debian) Server at packaging-farm.dachary.org Port 80</address>
* Connection #0 to host packaging-farm.dachary.org left intact
* Closing connection #0
Continue reading “routing ipv6 from Hetzner to an OpenStack instance”
A git repository containing a puppet module is bound to a jenkins project. When the repository changes, jenkins boots a virgin puppetmaster OpenStack instance in a dedicated tenant. It runs the run-jenkins-test-in-openstack.sh script in the puppetmaster instance. In addition to the puppet unit tests, the script will launch realistic tests by launching OpenStack instances and checking their state. The checks are done with nagios which can also be used in a production environment to continuously monitor the deployment.
Continue reading “realistic puppet tests with jenkins and OpenStack (part 1/2)”
A Debian GNU/Linux wheezy image is booted and modified to set its hostname based on the content of the http://169.254.169.254/latest/meta-data/hostname metadata. The /etc/rc.local file is changed to run puppet agent –waitforcert 60 at boot time. The instance is then snapshoted and the corresponding file system reduced to a minimal size with resize2fs -M.
Continue reading “creating a Debian GNU/Linux Wheezy puppet client for OpenStack”
A turnkeylinux jenkins is installed to run tests related to the management of the the.re OpenStack cluster. It is configured to be used by registered users only from the web. An IRC bot is installed to allow interactions from the irc://irc.freenode.net#the.re chat room.
Continue reading “Configuring jenkins turnkeylinux on OpenStack”