From ffd145b1c3538210a229c330cb7a5f2bfcc4fde1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Wed, 28 Oct 2020 11:02:30 -0400
Subject: [PATCH] move cluster init in a separate section

---
 howto/ganeti.md | 128 ++++++++++++++++++++++++++++++++----------------
 1 file changed, 86 insertions(+), 42 deletions(-)

diff --git a/howto/ganeti.md b/howto/ganeti.md
index 040570b6..99aa11d4 100644
--- a/howto/ganeti.md
+++ b/howto/ganeti.md
@@ -957,20 +957,8 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd).
           --no-node-setup \
           fsn-node-02.torproject.org
 
-     If this is an entirely new cluster, you need a different procedure:
-
-         gnt-cluster init \
-          --master-netdev vlan-gntbe \
-          --vg-name vg_ganeti \
-          --secondary-ip 172.30.135.1 \
-          --enabled-hypervisors kvm \
-          --nic-parameters link=br0,vlan=4000 \
-          --mac-prefix 00:66:37 \
-          --no-ssh-init \
-          --no-etc-hosts \
-          fsngnt.torproject.org
-    
-     The above assumes that `fsngnt` is already in DNS.
+    If this is an entirely new cluster, you need a different
+    procedure, see [the cluster initialization procedure](#gnt-fsn-cluster-initialization) instead.
 
  13. make sure everything is great in the cluster:
 
@@ -988,6 +976,45 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd).
          ssh fsn-node-03.torproject.org "puppet agent -t; service ipsec reload"
          ssh fsn-node-06.torproject.org "puppet agent -t; service ipsec reload; ipsec up gnt-fsn-be::fsn-node-03"
 
+### gnt-fsn cluster initialization
+
+This procedure replaces the `gnt-node add` step in the initial setup
+of the first Ganeti node when the `gnt-fsn` cluster was setup:
+
+    gnt-cluster init \
+        --master-netdev vlan-gntbe \
+        --vg-name vg_ganeti \
+        --secondary-ip 172.30.135.1 \
+        --enabled-hypervisors kvm \
+        --nic-parameters link=br0,vlan=4000 \
+        --mac-prefix 00:66:37 \
+        --no-ssh-init \
+        --no-etc-hosts \
+        fsngnt.torproject.org
+
+The above assumes that `fsngnt` is already in DNS. See the [MAC
+address prefix selection](#mac-address-prefix-selection) section for information on how the
+`--mac-prefix` argument was selected.
+
+Then the following extra configuration was performed:
+
+    gnt-cluster modify --reserved-lvs vg_ganeti/root,vg_ganeti/swap
+    gnt-cluster modify -H kvm:kernel_path=,initrd_path=,
+    gnt-cluster modify -H kvm:security_model=pool
+    gnt-cluster modify -H kvm:kvm_extra='-device virtio-rng-pci\,bus=pci.0\,addr=0x1e\,max-bytes=1024\,period=1000'
+    gnt-cluster modify -H kvm:disk_cache=none
+    gnt-cluster modify -H kvm:disk_discard=unmap
+    gnt-cluster modify -H kvm:scsi_controller_type=virtio-scsi-pci
+    gnt-cluster modify -H kvm:disk_type=scsi-hd
+    gnt-cluster modify -H kvm:migration_bandwidth=950
+    gnt-cluster modify -H kvm:migration_downtime=500
+    gnt-cluster modify -D drbd:c-plan-ahead=0,disk-custom='--c-plan-ahead 0'
+    gnt-cluster modify --nic-parameters mode=openvswitch,link=br0,vlan=4000
+    gnt-cluster modify --uid-pool 4000-4019
+
+The [network configuration](#network-configuration) (below) must also be performed for the
+address blocks reserved in the cluster.
+
 ### New gnt-chi node
 
  1. to create a new box, follow the [cymru new-machine howto](howto/new-machine-cymru)
@@ -1036,41 +1063,58 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd).
           --no-node-setup \
           chi-node-02.torproject.org
 
-    If this is an entirely new cluster, you need a different procedure:
-
-         gnt-cluster init \
-          --master-netdev eth1 \
-          --vg-name vg_ganeti \
-          --secondary-ip 172.30.130.1 \
-          --enabled-hypervisors kvm \
-          --mac-prefix 00:66:38 \
-          --no-ssh-init \
-          --no-etc-hosts \
-          chignt.torproject.org
-    
-    The above assumes that `chignt` is already in DNS.
+    If this is an entirely new cluster, you need a different
+    procedure, see [the cluster initialization procedure](#gnt-fsn-cluster-initialization) instead.
 
  11. make sure everything is great in the cluster:
 
          gnt-cluster verify
 
-### cluster config
+### gnt-chi cluster initialization
 
-These could probably be merged into the cluster init, but just to document what has been done:
+This procedure replaces the `gnt-node add` step in the initial setup
+of the first Ganeti node when the `gnt-chi` cluster was setup:
 
-    gnt-cluster modify --reserved-lvs vg_ganeti/root,vg_ganeti/swap
-    gnt-cluster modify -H kvm:kernel_path=,initrd_path=,
-    gnt-cluster modify -H kvm:security_model=pool
-    gnt-cluster modify -H kvm:kvm_extra='-device virtio-rng-pci\,bus=pci.0\,addr=0x1e\,max-bytes=1024\,period=1000'
-    gnt-cluster modify -H kvm:disk_cache=none
-    gnt-cluster modify -H kvm:disk_discard=unmap
-    gnt-cluster modify -H kvm:scsi_controller_type=virtio-scsi-pci
-    gnt-cluster modify -H kvm:disk_type=scsi-hd
-    gnt-cluster modify --uid-pool 4000-4019
-    gnt-cluster modify --nic-parameters mode=openvswitch,link=br0,vlan=4000
-    gnt-cluster modify -D drbd:c-plan-ahead=0,disk-custom='--c-plan-ahead 0'
-    gnt-cluster modify -H kvm:migration_bandwidth=950
-    gnt-cluster modify -H kvm:migration_downtime=500
+    gnt-cluster init \
+        --master-netdev eth1 \
+        --vg-name vg_ganeti \
+        --secondary-ip 172.30.130.1 \
+        --enabled-hypervisors kvm \
+        --mac-prefix 06:66:38 \
+        --no-ssh-init \
+        --no-etc-hosts \
+        chignt.torproject.org
+    
+The above assumes that `chignt` is already in DNS. See the [MAC
+address prefix selection](#mac-address-prefix-selection) section for information on how the
+`--mac-prefix` argument was selected.
+
+Then the following extra configuration was performed:
+
+```
+gnt-cluster modify --reserved-lvs vg_ganeti/root,vg_ganeti/swap
+gnt-cluster modify -H kvm:kernel_path=,initrd_path=,
+gnt-cluster modify -H kvm:security_model=pool
+gnt-cluster modify -H kvm:disk_cache=none
+gnt-cluster modify -H kvm:disk_discard=unmap
+gnt-cluster modify -H kvm:scsi_controller_type=virtio-scsi-pci
+gnt-cluster modify -H kvm:disk_type=scsi-hd
+gnt-cluster modify -H kvm:migration_bandwidth=950
+gnt-cluster modify -H kvm:migration_downtime=500
+gnt-cluster modify -D drbd:c-plan-ahead=0,disk-custom='--c-plan-ahead 0'
+gnt-cluster modify --uid-pool 4000-4019
+```
+
+The following was done on the `gnt-fsn` cluster but it may not be
+required on the `gnt-chi` cluster.
+
+```
+gnt-cluster modify -H kvm:kvm_extra='-device virtio-rng-pci\,bus=pci.0\,addr=0x1e\,max-bytes=1024\,period=1000'
+gnt-cluster modify --nic-parameters mode=openvswitch,link=br0,vlan=4000
+```
+
+The [network configuration](#network-configuration) (below) must also be performed for the
+address blocks reserved in the cluster.
 
 ### Network configuration
 
-- 
GitLab