Maxamillion (talk | contribs) |
Maxamillion (talk | contribs) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 22: | Line 22: | ||
Koji-shadow uses /tmp/koji-shadow/ as a workspace so be sure that this has plenty of storage behind it. If running on Fedora or on RHEL7+ this probably should not be a tmpfs, so facilitate this: | Koji-shadow uses /tmp/koji-shadow/ as a workspace so be sure that this has plenty of storage behind it. If running on Fedora or on RHEL7+ this probably should not be a tmpfs, so facilitate this: | ||
<pre> | |||
systemctl mask tmp.mount | systemctl mask tmp.mount | ||
# Either umount /tmp/ or reboot | # Either umount /tmp/ or reboot | ||
</pre> | |||
== Koji-Shadow Config (SSL Auth) == | == Koji-Shadow Config (SSL Auth) == | ||
Line 58: | Line 58: | ||
In the above example: | In the above example: | ||
'''[main]''' | |||
* '''server''' - This is the "destination koji" which is where you will be sending builds based on what the "origin koji" is doing (i.e. - the Koji that's '''doing the shadowing''') | * '''server''' - This is the "destination koji" which is where you will be sending builds based on what the "origin koji" is doing (i.e. - the Koji that's '''doing the shadowing''') | ||
* '''remote''' - This is the "origin koji" which is where you will be getting the information for the builds to send to the "destination koji" (i.e. - the Koji that's '''being shadowed''') | * '''remote''' - This is the "origin koji" which is where you will be getting the information for the builds to send to the "destination koji" (i.e. - the Koji that's '''being shadowed''') | ||
Line 66: | Line 69: | ||
* '''serverca''' - Server CA of the destination koji instance | * '''serverca''' - Server CA of the destination koji instance | ||
* '''remote_topurl''' - Root URL destination on the origin koji instance to be able to download SRPMS | * '''remote_topurl''' - Root URL destination on the origin koji instance to be able to download SRPMS | ||
'''[rules]''' | |||
* TODO | |||
== Running koji-shadow == | == Running koji-shadow == |
Latest revision as of 14:33, 1 May 2015
Setting Up a Koji-Shadow Build System
This document will cover how to setup and use koji-shadow, a part of the koji-utils package. The koji-shadow utility allows to orchestrate one Koji instance to perform the same builds as another Koji instance, such that it "shadows" the primary Koji's actions.
Knowledge Prerequisites
- You should have a solid understanding of what Koji is and how to set it up.
- Need a working Koji environment and to have admin privileges on it.
- All tags aimed at being shadowed must match between the origin koji and the destination koji.
- The user being used to facilitate koji-shadow must have admin privileges on the destination koji. (i.e. - the koji instance doing the shadowing)
Package Prerequisites
On the machine facilitating koji-shadow
- koji-utils
A note on filesystem space
Koji-shadow uses /tmp/koji-shadow/ as a workspace so be sure that this has plenty of storage behind it. If running on Fedora or on RHEL7+ this probably should not be a tmpfs, so facilitate this:
systemctl mask tmp.mount # Either umount /tmp/ or reboot
Koji-Shadow Config (SSL Auth)
This example assumes SSL authentication for koji.
koji-shadow.conf
# koji-shadow example config file # (still working out all the config options) [main] server=http://arm.koji.fedoraproject.org/kojihub/ remote=http://koji.fedoraproject.org/kojihub arches=aarch64 prefer_new=True import_noarch=True auth_cert=/home/myuser/.fedora.cert auth_ca=/home/myuser/.fedora-server-ca.cert serverca=/home/myuser/.fedora-server-ca.cert remote_topurl=http://kojipkgs.fedoraproject.org/ [rules] protectlist=fedora-release fedora-repos ignorelist=uClibc udev mktemp glibc32 libbsr librtas libvpd lsvpd apmud firmware-addon-dell pcmciautils svgalib vbetool substitutions= gluegen2-2.2.4-1.fc22 gluegen2-2.2.4-2.fc22 openssh-6.7p1-3.fc22 openssh-6.7p1-7.fc22
In the above example:
[main]
- server - This is the "destination koji" which is where you will be sending builds based on what the "origin koji" is doing (i.e. - the Koji that's doing the shadowing)
- remote - This is the "origin koji" which is where you will be getting the information for the builds to send to the "destination koji" (i.e. - the Koji that's being shadowed)
- arches - The architectures to build to SRPMS from the origin koji on the destination koji
- prefer_new - Tells koji-shadow to use newer Name-Version-Release if it exists rather than the exact Name-Version-Release from a specific build metadata pulled from the origin koji
- auth_cert - Authentication certificate to access the "destination koji" instance (NOTE: The user these credentials match with must be an administrator in the destination koji instance)
- auth_ca - Authentication CA for the destination koji instance
- serverca - Server CA of the destination koji instance
- remote_topurl - Root URL destination on the origin koji instance to be able to download SRPMS
[rules]
- TODO
Running koji-shadow
The following can be run on a machine (recommended to run in either screen or tmux), or as a cron job. Entirely based on preference and needs.
/usr/sbin/koji-shadow -c ~/fedora/koji-shadow.cfg --prefer-new --import-noarch --tag-build f22 2>&1 | tee ~/koji-shadow/output.log