Rev 4071: (mbp) documentation on ec2 build host in file:///home/pqm/archives/thelove/bzr/%2Btrunk/
Canonical.com Patch Queue Manager
pqm at pqm.ubuntu.com
Tue Mar 3 03:40:54 GMT 2009
At file:///home/pqm/archives/thelove/bzr/%2Btrunk/
------------------------------------------------------------
revno: 4071
revision-id: pqm at pqm.ubuntu.com-20090303034049-faaink61hujui1sy
parent: pqm at pqm.ubuntu.com-20090302155409-89pygn9tisbc0lir
parent: mbp at sourcefrog.net-20090303022329-tyc85oupgnr74ijz
committer: Canonical.com Patch Queue Manager <pqm at pqm.ubuntu.com>
branch nick: +trunk
timestamp: Tue 2009-03-03 03:40:49 +0000
message:
(mbp) documentation on ec2 build host
added:
doc/developers/ec2-windows.txt ec2windows.txt-20090219062112-2ga0nqpcm7n02njf-1
modified:
doc/developers/index.txt index.txt-20070508041241-qznziunkg0nffhiw-1
------------------------------------------------------------
revno: 4012.2.2
revision-id: mbp at sourcefrog.net-20090303022329-tyc85oupgnr74ijz
parent: mbp at sourcefrog.net-20090219062124-ejpr4liyvgh1jvz4
committer: Martin Pool <mbp at sourcefrog.net>
branch nick: doc-ec2
timestamp: Tue 2009-03-03 13:23:29 +1100
message:
ReST syntax fix
modified:
doc/developers/ec2-windows.txt ec2windows.txt-20090219062112-2ga0nqpcm7n02njf-1
------------------------------------------------------------
revno: 4012.2.1
revision-id: mbp at sourcefrog.net-20090219062124-ejpr4liyvgh1jvz4
parent: pqm at pqm.ubuntu.com-20090218040347-uw2nm8ix8udwditt
committer: Martin Pool <mbp at sourcefrog.net>
branch nick: doc-ec2
timestamp: Thu 2009-02-19 17:21:24 +1100
message:
Documentation on using EC2 Windows VM
added:
doc/developers/ec2-windows.txt ec2windows.txt-20090219062112-2ga0nqpcm7n02njf-1
modified:
doc/developers/index.txt index.txt-20070508041241-qznziunkg0nffhiw-1
=== added file 'doc/developers/ec2-windows.txt'
--- a/doc/developers/ec2-windows.txt 1970-01-01 00:00:00 +0000
+++ b/doc/developers/ec2-windows.txt 2009-03-03 02:23:29 +0000
@@ -0,0 +1,189 @@
+=========================
+Bazaar Windows EC2 Server
+=========================
+
+We have an Amazon EC2 virtual machine called Desolation_ for
+building Windows packages and general testing on Windows. As of
+2009-02-19, this is just experimental and this is a draft specification,
+but we aim to use it for the production Windows installer build of 1.13 in
+March.
+
+See also:
+
+* `Bazaar Developer Documentation Catalog <index.html>`_.
+
+
+.. _Desolation: http://en.wikipedia.org/wiki/Desolation_Island
+
+
+Goals
+=====
+
+* The instance is only running (and incurring charges) when it's needed
+ for testing or packaging.
+
+* It can be started or stopped by anyone on the team using a
+ straightforward script.
+
+* Multiple people can get into the same instance at the same time, e.g.
+ if one person needs to pass work on to some one else.
+
+* We keep snapshot of the OS and tool chain so that we can roll back if
+ we need to.
+
+* bzr branches and similar information are kept on stable storage that
+ survives rollbacks of the OS state, and that can be backed up.
+
+Later on we may try automated Windows testing in a similar setup.
+
+
+Approach
+========
+
+The working disk and the AMI images are stored in one person's account for
+billing purposes.
+
+Ideally we want to give other people access to run this machine without
+giving full access to the account. I'm not sure if that's feasible. If
+it's not, we might need to allow people to launch the image within their
+own account; this may be problematic if the shared volume is already in
+use by someone else.
+
+I don't think it's possible to have an EBS that's shared across accounts,
+and they can't be attached to multiple running instances. So for now it's
+probably best to just ignore the concept and store the working data on the
+instance's local storage, and to copy things up e.g. to Launchpad as
+required.
+
+On this machine, ``C:`` should be used only for the Windows system files,
+``D:`` for installed programs and working directories, and other drive
+letters can be used later for mounting EBS storage if desired.
+
+Through ``ec2-modify-image-attribute`` we can allow nominated users to
+access an existing image. We need to have their AWS opaque ID.
+
+Through ``ec2-bundle-image`` we can make a new snapshot at any point,
+which will be stored into the current user's S3 account.
+
+We'll (probably) have one shared account for running builds which is also
+an administrator for ease of installing software.
+
+You do need to have an RSA keypair to get the initial password for a
+Windows machine, even though you can't use it to log in later. As a quirk
+of the tools(?) ``ec2-get-password`` needs the full path to the keypair
+but ``ec2-add-keypair`` just wants part of the name. I guess this is
+distinct from the account identifier because the image is relatively
+untrusted(?). If the password is already set in the image, this shouldn't
+be necessary.
+
+It would be nice if rdesktop could use private key authentication but
+apparently not.
+
+Should check how the Launchpad ec2test scripts work.
+
+
+
+Procedures
+==========
+
+Preparation
+-----------
+
+* Be in the bzr core team. If you are interested in helping with
+ Windows packaging, testing or development just ask.
+
+* Install the
+ `Amazon EC2 API tools`_ (needs-packaging `bug 330930`_)
+
+* Create a private key and certificate for yourself.
+ Check these environment variables are set and exported, e.g. by setting
+ them in the file ``~/.aws``. Make sure the files are private.::
+
+ EC2_PRIVATE_KEY=~/.ec2/pk-XXXXXX.pem
+ EC2_CERT=~/.ec2/cert-XXXXXX.pem
+ EC2_HOME=~/build/ec2-api-tools-1.3-30349
+ AWS_SECRET_ACCESS_KEY=XXXXXXXXX
+ AWS_ACCESS_KEY_ID=XXXXXXXXXXX
+ PATH=$PATH:$EC2_HOME/bin
+ JAVA_HOME=/usr/lib/jvm/java-6-openjdk
+
+* Install the rdesktop client, to actually access the machine.
+
+* Create an Amazon Web Services account, sign up for S3 and EC2, and do
+ the various steps to create authentication devices
+
+* Possibly read some of the `EC2 documentation`_ for background.
+
+.. _`bug 330930`: https://bugs.edge.launchpad.net/ubuntu/+bug/330930
+.. _`Amazon EC2 API tools`:
+ http://developer.amazonwebservices.com/connect/entry.jspa?externalID=368&categoryID=88
+.. _`EC2 documentation`: http://aws.amazon.com/
+
+* Create a security group for your that allows rdesktop access and icmp with::
+
+ ec2-add-group desolation-group -d 'bzr win32 build machine'
+ ec2-authorize desolation-group -p 3389 -s 1.2.3.4/32
+ ec2-authorize desolation-group -t -1:-1 -P icmp
+
+ Add your public IP there. You can repeat that command to allow others
+ in.
+
+
+To start up an instance
+-----------------------
+
+1. Get the right AMI image ID from another developer.
+
+1. Start the instance::
+
+ ec2-run-instances $image_id -g desolation-group
+
+ This will print out some information including the image id, something
+ like ``i-31a74258``.
+
+1. Actually starting the machine will take a few minutes. Once it's in
+ the *running* state, get the machine's public IP with ::
+
+ ec2-describe-instances
+
+1. and then connect ::
+
+ rdesktop -g 1200x850 -u Administrator $machine_ip
+
+Don't forget to shut it down when you're done, and check with
+``ec2-describe-instances`` that it did terminate.
+
+
+To save a system snapshot as an image
+-------------------------------------
+
+1. Bundle the current state. *Doing this will reboot the machine.*
+ You need to choose a unique s3 bucket name,
+ typically based on a domain or email address, which can contain
+ any number of images. You also need a name unique within the bucket
+ for this image, like ``desolation-vs2008-20090219``. And finally
+ it needs your AWS S3 access key and secret key, which should be set in
+ ``~/.aws``::
+
+ ec2-bundle-instance -b ec2.sourcefrog.net \
+ -p desolation-vs2008-2009021 \
+ -o "$AWS_ACCESS_KEY_ID" \
+ -w "$AWS_SECRET_ACCESS_KEY"
+
+1. This will take several minutes: You can check progress with ::
+
+ ec2-describe-bundle-tasks
+
+1. Register the files as an image, e.g.::
+
+ ec2-register ec2.sourcefrog.net/desolation-vs2008-2009021
+
+ This will give you an AMI id for the image.
+
+1. Give access to other team members identified by their Amazon account id::
+
+ ec2-modify-image-attributes $ami_id -l -a 123412341234
+
+
+..
+ vim: ft=rst tw=74 ai
=== modified file 'doc/developers/index.txt'
--- a/doc/developers/index.txt 2009-02-13 03:44:31 +0000
+++ b/doc/developers/index.txt 2009-02-19 06:21:24 +0000
@@ -42,6 +42,9 @@
* `Profiling notes <profiling.html>`_ |--| Instructions on how to profile
bzr code and visualize the results.
+* `EC2 Windows server <ec2-windows.html>`_ |--| A team resource for
+ Windows packaging and testing.
+
Plans
=====
More information about the bazaar-commits
mailing list