CIDuty/How To/How To Loan BD
Contents
Introduction
Use this page if you want to loan a machine to a developer. This guide has been updated on 26 March 2018 and reflects the new changes/requirements on how you should approach the process.
The format will be as follows:
- Finding a server
- Cleaning it up
- Activating and Testing the VNC connection to the server
- Sending the credentials to the requester
Everything you need to do when loaning one of the two type of servers is on this page. You can safely click on the links when instructed too as you will be automatically scrolled to the next step (eg: Server Steps -> VNC -> Email).
Windows Machines
TaskCluster Windows machines are self-served! We have to let the requester know how to obtain the server(s) himself. Provide the following link to the requester: https://wiki.mozilla.org/ReleaseEngineering/How_To/Self_Provision_a_TaskCluster_Windows_Instance
OSX Yosemite r7
Find a server
Head to TaskCluster, following this link: [1] and search for a worker that doesn't have a running job and it's not quarantined.
If all workers are running jobs come back in 30 minutes and check again.
Connect to the server
Now that we have a server number, we need to SSH into it, you can do that by typing this into the terminal: ssh root@t-yosemite-r7-462.test.releng.xxxx.mozilla.com xxxx- represents the datacenter the worker is located into.
Now run the following to commands:
passwd root passwd cltbld And change the passwords to the ones offered by your team leader.
Terminate TC Worker and Clean up TC files
At this step we gonna run, again, 3 commands, to clean up some files from server. Like last time, run this commands one at a time.
rm -rf /var/lib/puppet/ssl/private_keys /Library/LaunchDaemons/com.mozilla.puppet.plist \ /Library/LaunchDaemons/org.mozilla.puppetize.plist ~cltbld/.bash_history \ ~root/.bash_history ~root/.sh_history /etc/kcpassword ~cltbld/.ssh \ /opt/runner /etc/taskcluster-worker.yml /usr/local/bin/taskcluster-worker \ /usr/local/bin/generic-worker/ \ /Library/LaunchDaemons/org.mozilla.pf.plist \ /Library/LaunchDaemons/org.mozilla.pflog.plist \ /Library/LaunchAgents/net.generic.worker.plist find /builds -maxdepth 1 -type f -print -delete rm -f /usr/local/bin/{taskcluster,generic}-worker rm -f /etc/generic-worker.config pkill -f '(generic|taskcluster)-worker' sudo reboot
Activate VNC on the server
Copy and Paste the following commands, run them one by one and give it a few seconds for the output to come. vncpw=moz1234 /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -configure -allowAccessFor -allUsers -privs -all /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -configure -clientopts -setvnclegacy -vnclegacy yes /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -configure -clientopts -setvncpw -vncpw ${vncpw} /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -restart -agent -console
Add the requester to the LDAPAdmin -> Group -> List. (https://wiki.mozilla.org/ReleaseEngineering/How_To/Update_VPN_ACL)
If you don't have access in order to grant access to requester and add the ip & host of the loaned machine, you should create a bug for MOC: Service Requests. You can use this bug as reference. To speedup the process, check on #moc for the admin on duty and tell him about your request and the bug that you've created. At this point all thats left if to send the credentials to the requester.
Grant access to keychain
If the loaner needs to access the keychain, you can reset the password issuing the following command: security set-keychain-password /Users/cltbld/Library/Keychains/login.keychain ( enter the cltbld password from private repo as old password then use the loaner cltbld password as new password value. )
Finally reboot the machine.
Send the credentials for the server to the requester
Follow this link and copy the first code block, as your email template: https://wiki.mozilla.org/ReleaseEngineering/How_To/Loan_a_Slave#Notifying
Change the needed information and send it.
The second code block, from the above link, copy it, paste it inside the Bugzilla Bug, modify it and then assign the ticket to the requester, as shown below. Pro-Tip: If you don't see all those field, click on the Blue "Edit" button. Don't forget to Save changes!