... | @@ -893,7 +893,7 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
... | @@ -893,7 +893,7 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
|
|
|
|
|
## Installation
|
|
## Installation
|
|
|
|
|
|
### New node
|
|
### New gnt-fsn node
|
|
|
|
|
|
1. To create a new box, follow [howto/new-machine-hetzner-robot](howto/new-machine-hetzner-robot) but change
|
|
1. To create a new box, follow [howto/new-machine-hetzner-robot](howto/new-machine-hetzner-robot) but change
|
|
the following settings:
|
|
the following settings:
|
... | @@ -932,9 +932,8 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
... | @@ -932,9 +932,8 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
|
|
|
|
|
reboot
|
|
reboot
|
|
|
|
|
|
8. Prepare all the nodes by configuring them in puppet. They should
|
|
8. Prepare all the nodes by configuring them in Puppet, by adding the
|
|
be in the class `roles::ganeti::fsn` if they are part of the fsn
|
|
class `roles::ganeti::fsn` to the node
|
|
cluster.
|
|
|
|
|
|
|
|
9. Re-enable modules disabling:
|
|
9. Re-enable modules disabling:
|
|
|
|
|
... | @@ -989,6 +988,72 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
... | @@ -989,6 +988,72 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
|
ssh fsn-node-03.torproject.org "puppet agent -t; service ipsec reload"
|
|
ssh fsn-node-03.torproject.org "puppet agent -t; service ipsec reload"
|
|
ssh fsn-node-06.torproject.org "puppet agent -t; service ipsec reload; ipsec up gnt-fsn-be::fsn-node-03"
|
|
ssh fsn-node-06.torproject.org "puppet agent -t; service ipsec reload; ipsec up gnt-fsn-be::fsn-node-03"
|
|
|
|
|
|
|
|
### New gnt-chi node
|
|
|
|
|
|
|
|
1. to create a new box, follow the [cymru new-machine howto](howto/new-machine-cymru)
|
|
|
|
|
|
|
|
2. follow the [howto/new-machine](howto/new-machine) post-install configuration
|
|
|
|
|
|
|
|
3. Allocate a private IP address in the `30.172.in-addr.arpa` zone for
|
|
|
|
the node, in the `admin/dns/domains.git` repository
|
|
|
|
|
|
|
|
4. add the private IP address to the eth1 interface, for example in
|
|
|
|
`/etc/network/interfaces.d/eth1`:
|
|
|
|
|
|
|
|
auto eth1
|
|
|
|
iface eth1 inet static
|
|
|
|
address 172.30.130.1
|
|
|
|
|
|
|
|
5. enable the interface:
|
|
|
|
|
|
|
|
ifup eth1
|
|
|
|
|
|
|
|
6. allow modules to be loaded and reboot:
|
|
|
|
|
|
|
|
touch /etc/no_modules_disabled
|
|
|
|
reboot
|
|
|
|
|
|
|
|
7. configure the node in Puppet by adding it to the
|
|
|
|
`roles::ganeti::chi` class, and run Puppet on the new node:
|
|
|
|
|
|
|
|
puppet agent -t
|
|
|
|
|
|
|
|
8. re-disable module loading:
|
|
|
|
|
|
|
|
rm /etc/no_modules_disabled
|
|
|
|
|
|
|
|
9. run puppet across the ganeti cluster to firewalls are correctly
|
|
|
|
configured:
|
|
|
|
|
|
|
|
cumin -p 0 'C:roles::ganeti::chi' 'puppet agent -t'
|
|
|
|
|
|
|
|
10. Then the node is ready to be added to the cluster, by running
|
|
|
|
this on the master node:
|
|
|
|
|
|
|
|
gnt-node add \
|
|
|
|
--secondary-ip 172.30.130.2 \
|
|
|
|
--no-ssh-key-check \
|
|
|
|
--no-node-setup \
|
|
|
|
chi-node-02.torproject.org
|
|
|
|
|
|
|
|
If this is an entirely new cluster, you need a different procedure:
|
|
|
|
|
|
|
|
gnt-cluster init \
|
|
|
|
--master-netdev eth1 \
|
|
|
|
--vg-name vg_ganeti \
|
|
|
|
--secondary-ip 172.30.130.1 \
|
|
|
|
--enabled-hypervisors kvm \
|
|
|
|
--mac-prefix 00:66:38 \
|
|
|
|
--no-ssh-init \
|
|
|
|
--no-etc-hosts \
|
|
|
|
chignt.torproject.org
|
|
|
|
|
|
|
|
The above assumes that `chignt` is already in DNS.
|
|
|
|
|
|
|
|
11. make sure everything is great in the cluster:
|
|
|
|
|
|
|
|
gnt-cluster verify
|
|
|
|
|
|
### cluster config
|
|
### cluster config
|
|
|
|
|
|
These could probably be merged into the cluster init, but just to document what has been done:
|
|
These could probably be merged into the cluster init, but just to document what has been done:
|
... | | ... | |