Changes

2,289 bytes added , 7 March

→‎Additional Users

Line 1: Line 1: +

{{Note box|This howto is for building your own koji build farm.

For how to use the koozali.org build farm, please see [[Koji Usage]]}}

Official Koji documentation can be found at: https://docs.pagure.org/koji/

{{Note box|This is a work in progress.....

−

And some components do not work yet.

And some components do not work yet.}}

−

~~I am now scripting this, using the ClearLinux koji build scripts as a basis. see https://src.koozali.org/smedev/smeserver-koji~~}}

I'll document what I have done so far, what is working and what is not.

Line 15: Line 16:

Major Koji components:

−

* hub

* hub (koji-hub)

−

* web server

* web server (koji-web)

−

* ~~build servers~~

* builders

−

* build daemon

* build daemon (kojid)

−

* Dnf|Yum repository creation and maintenance daemon

* Dnf|Yum repository creation and maintenance daemon (kojira)

−

You need at least the one server which can perform all functions, or split it into a hub plus 1+ build servers.

You need at least the one server which can perform all functions, or split it into a hub, web plus 1+ build servers.

−

~~In our example build, we~~ will have 2 servers.

A typical scenario will be to have 2+ servers.

* hub - which will run the hub, web and dnf|Yum repository daemon

−

* ~~build server~~ - there can be multiple of these~~, but we'll just do 1 to start with~~

* builders - there can be multiple of these

−

~~These~~ servers will be based on bare Rocky 8 - minimal install, servers.

For our purposes, all of these servers will be based on bare Rocky 8 - minimal install, servers.

== Install ==

−

~~This is now scripted~~.

{{Note box|1=You can run everything (the hub, web and build) on the one server, just run the script without any parameters.}}

Create your hub, web and build servers (Rocky 8 minimal install).

−

~~Create your hub and build servers (Rocky 8 minimal install).~~

On all servers enable the network and name the servers as the FQDN (the servers need to be accessible via their FQDN's, so either via DNS or you need to add them to your /etc/hosts files).

−

~~{{Note box|You can run both the hub and build on the one server, just press enter when first prompted for the Build Server FQDN.}}~~

−

On ~~both~~ servers enable the network and name the servers (the servers need to be accessible via their FQDN's, so either via DNS or you need to add them to your /etc/hosts files).

It's also a good idea to update them to the latest

Line 48: Line 49:

./install-koji-farm.sh

</syntaxhighlight>

The install-koji-farm.sh script will accept multiple parameters<syntaxhighlight lang="bash">

install-koji-farm.sh [web=<web FQDN> | build=<build FQDN> | scm=<scm ip or name>:/* | debug]

</syntaxhighlight>

* web=<FQDN> - defaults to hub FQDN

*build=<FQDN> - multiple allowed

*scm=<IP or Name of SCM>:/* - multiple allowed

*debug - will list each line executed, plus lots of other gunk (very noisy)

You will be prompted for various items

−

* ~~ssh~~ values (e.g. Country, State, City, Organization, Organisational Unit)

*values for your ssl certificates (e.g. Country, State, City, Organization, Organisational Unit)

−

* For ~~each Build~~ server (~~It will loop until a blank input~~)

* For the web server (unless it's the hub)

−

** ~~Build~~ server ~~FQDN (pressing enter~~ for the ~~first loop will use~~ the ~~Hub FQDN as an all-in-one~~ server).

**to accept the build server signature

−

** to accept the build server ~~ssl~~ signature

**for the root password on the web server

−

** for the root password on the ~~Hub~~ server

*For each build server

**to accept the build server signature

**for the root password on the build server

The web interface will be available via http://<your hub server>/koji

=== Build Targets ===

This will have created 6 build targets with various build tags to use

* dist-sme10-os (dist-sme10-os-build)

* dist-sme10-contribs (dist-sme10-contribs-build)

* dist-sme11-os (dist-sme11-os-build)

* dist-sme11-contribs (dist-sme11-contribs-build)

* dist-sme12-os (dist-sme12-os-build)

* dist-sme12-contribs (dist-sme12-contribs-build)

There is a hierarchy inheritance structure for each release (see 10, 11 & 12), where the basic settings are inherited (e.g. yum or dnf, centos:7 or rockylinux:8 bootstrap image for mock) as well as which external repositories to use (e.g. centos7/el7 versions or rocky8/el8 versions)

+ dist-sme<release>-os

++ dist-sme<release>-os-build

++ dist-sme<release>-contribs

+++ dist-sme<release>-contribs-buikl

++ dist-sme<release>-addons

++ dist-sme<release>-testing

++ dist-sme<release>-updates

++ dist-sme<release>-updates-testing

How to build etc. will be covered in the 'to be written' koji usage page......

===Additional Builders===

You can add additional build servers later, via<syntaxhighlight lang="bash">

koji-add-builder.sh <FQDN of build server> [debug]

−

</syntaxhighlight>~~Updates~~/~~Admin can~~ be ~~made via~~ the ~~kojiadmin~~ user on the ~~hub~~. ~~Usage etc~~. will be ~~discussed elsewhere~~.

</syntaxhighlight>

===Additional Users===

You can add end Users via

koji-add-user.sh <User Name> [ permission=<permission> | debug ]

</syntaxhighlight>

Where <permission> could be "admin".

This will add the user into the koji db and generate ssl CLI and browser keys, which will be bundled up in a tgz file at /etc/pki/koji/bundle/koji-<User Name>-bundle.tgz.

This bundle should be copied and extracted into their home (~) directory and will create a .koji directory containing config and keys.This can be on a remote machine with the koji client installed.

−

su - ~~kojiadmin~~

cd ~

−

koji ~~help~~

tar -zxf koji-<User Name>-bundle.tgz

koji moshimoshi

</syntaxhighlight>

−

== ~~The long way~~ ==

=== Bootstrap ===

The setup of the repos used for building SME10, SME11 & SME12 are all included in the install script, but a brief description of what has been setup seems sensible.

−

===== Hub/Web Server =====

==Install - The long way (Beware: Demons lurk here) ==

{{Warning box|This has been left here to help understand what is in the scripts (which may have changed since this was written)}}

=====Hub/Web Server=====

OS: Rocky 8.8-minimal

Line 98: Line 157:

</syntaxhighlight>

−

===== SSL preparations =====

=====SSL preparations=====

We'll be using ssl certificates so let's create the koji ssl working directories and edit the koji ssl config file

Line 191: Line 250:

openssl req -config ssl.cnf -new -x509 -days 3650 -key private/koji_ca_cert.key -out koji_ca_cert.crt -extensions v3_ca

</syntaxhighlight>You will have to enter your details, but make sure the commonName is the full server name (e.g. koji.koozali.org).

Line 223: Line 283:

koji_make_cert.sh kojiadmin

</syntaxhighlight>

−

====== Koji Hub ======

====== Koji Hub======

Install koji hub and pre-requisites<syntaxhighlight lang="bash">

dnf install koji-hub mod_ssl

Line 230: Line 290:

dnf install koji

</syntaxhighlight>

−

====== POSTGRES setup ======

======POSTGRES setup======

As root we need to do the initial config<syntaxhighlight lang="bash">

postgresql-setup --initdb --unit postgresql

Line 276: Line 336:

</syntaxhighlight>

−

===== Koji hub setup =====

=====Koji hub setup=====

We can now set up the hub itself.

Line 314: Line 374:

</syntaxhighlight>ProxyDNs should be set to the DN of the kojiweb certificate. For example: <syntaxhighlight lang="ini">

DNUsernameComponent = CN

−

ProxyDNs = /C=AU/ST=Victoria/L=Melbourne/O=~~Batley~~/OU=~~koji.koozali.org~~/CN=koji.koozali.org

ProxyDNs = /C=AU/ST=Victoria/L=Melbourne/O=koji/OU=kojiweb/CN=koji.koozali.org

</syntaxhighlight>SELinux changes to allow access<syntaxhighlight lang="bash">

setsebool -P httpd_can_network_connect_db 1

Line 322: Line 382:

</syntaxhighlight>

−

===== Create the koji skeleton file system =====

=====Create the koji skeleton file system=====

cd /mnt

Line 338: Line 398:

firewall-cmd --reload

</syntaxhighlight>

−

===== Koji CLI client =====

===== Koji CLI client=====

Let's configure the cli client. The system setting is in /etc/koji.conf, individual user settings can be set in ~/.koji/config<syntaxhighlight lang="bash">

nano /etc/koji.conf

Line 385: Line 445:

</syntaxhighlight>

−

===== Koji Web Service =====

=====Koji Web Service=====

Install the koji web components<syntaxhighlight lang="bash">

dnf install koji-web mod_ssl

Line 433: Line 493:

</syntaxhighlight>

−

==== Koji ~~Build Servers~~ ====

====Koji Builders====

For this exercise I only created 1 build server. You can have as many as you like...

Line 444: Line 504:

FQDN: build1.koozali.org

−

===== Koji Hub setup for build server =====

=====Koji Hub setup for build server=====

First off, set up some items on the koji hub for your build server/s

Line 476: Line 536:

</syntaxhighlight>

−

===== ~~Build Server~~ setup =====

=====Builder setup=====

You'll need to set up your network: You can do this during the install or post install (ensure network activated, IP address, FQDN, Gateway, DNS)

Line 526: Line 586:

systemctl start kojid

</syntaxhighlight>

[[Category:Developer]]

[[Category:Infrastructure]]

TrevorB

371

edits

Retrieved from "https://wiki.koozali.org/Special:MobileDiff/42288...42570"

Changes

Koji Build Farm (view source)

Revision as of 03:28, 7 March 2024

Navigation menu

Search