From Wikitech
Jump to: navigation, search

This page contains information how to set up an instance. Instances are not projects: see Help:Terminology and the full list of projects with their members.

An instance is a virtual machine, see Help:Terminology.

Creating an instance

You must have Project Admin rights (see Help:Terminology) in a project to create and manage its instances. You can ask an existing Project Admin in a project to grant you the role.

In a project you can create as many instances as you'd like up to its quota. A wikitech admin can increase a project's limits as needed.

If you are in the cloudadmin group on this wiki, and have two-factor authentication enabled, you can add members to any project.

Before you create an instance, make sure your project has an appropriate security group for the instance's networking needs. For example, a web server or wiki requires access on port 80, the default port for HTTP requests; the security group for this is often named "Web" or "web-servers".

Add Instance link

  1. Log in to Horizon.
  2. Use the dropdown at top to select the project you want to work on.
  3. Click 'Instances' in the sidebar.
  4. Click the 'Launch instance' button.
  5. Choose the parameters you want and launch the instance.

Initial settings

Instance information

  1. Instance name
    The name of your instance will also be its hostname. Important: it’s a good idea to name your instance using the following format project-instance, e.g, project name is myproject, instance is coolbot, so the resulting instance name would be myproject-coolbot
  2. Instance type
    The drop-down contains a range of possible instance types indicating RAM, number of CPUs, and Hard Drive space. Further information on Instance Types also known as Flavors.
    The drop-down contains a list of system images available with your most likely choice at the top.
  3. Security groups
    A list of available security groups for your instance is listed; select any security groups you think you need for this instance; it is usually best to make sure that at least the default security group is selected.
    nb: if the projectadmin for the project has not created any additional security groups, besides the default group, you will only see the default security group listed; also, before creating your instance, make sure you read the information on Security groups - you cannot add or remove security groups assigned to an instance after it has been created. while security groups can never be added or removed from an instance, after the instance has been created, you can add and remove firewall rules from the already defined and assigned security groups, so, it is usually best to create your necessary security groups before creating your instance, assign those to the instance, and then add/remove rules from those groups as necessary after instance creation.

Build the Instance

When happy with the configuration, click on the [Submit] button.

The instance will be created, but it will be a short while until the instance is ready to be logged into. You can check the process of the build by viewing the instance's console log (see § Managing Instances). When the puppet run finishes, you can log into it with ssh (see Help:Access).

Managing Instances

Once your instance is created it appears as a row in its project's instance list). You can click the instance to get more information about it, and you can perform various actions on the instance:

  • configure: configure the instance using a Puppet configuration listed
  • delete: Delete the instance together with logical volume where OS is stored (your home is preserved)
  • get console output
  • reboot: reboot the instance

Puppet information

Wikimedia Labs uses Puppet to manage instance configurations. You select Puppet configurations after instance creation using the “Configure” link of the instance (next section).

You can also ssh to your instance and administer it from the command line. You can use apt-get (Ubuntu’s documentation, also see Debian's package management) or other package manager if you wish. But if you are developing something that will eventually get deployed to Wikimedia servers, you have to use puppet to configure it, see Help:Self-hosted puppetmaster.

Configuring Instances

When you click configure, you get a list of various puppet roles available for your instance. If you're setting up a test MediaWiki server, role::labs::mediawiki_vagrant is all you need, see MediaWiki Vagrant in Labs.

  • To add specific puppet classes to your project and make them available to your instances, use the Manage Puppet Groups special page.
  • To make changes to the puppet classes available to your instance, check out the puppet configs following the instructions in the help page on Git.

Once you submit the change, you can either run puppet by running

sudo puppet agent -tv

or just wait until puppet runs on your instance. If you encounter a problem running the sudo command above, then you might need be added as a sudo user for the project you're working on. Any user with the projectadmin role for the project can do that – see Help:Sudo policies for more information.

Understanding the Instance lifecycle

Periodically we verify use and cleanup unused resources to keep them available for active projects

Instance lifecycle

Searching for instances by Puppet role

If you'd like to know which labs instances are currently assigned a Puppet class, you can use the ldapsearch command-line tool. On any labs instance, run:

 ldapsearch -LLL -x -D 'cn=proxyagent,ou=profile,dc=wikimedia,dc=org' \
     -w $(grep -Po "(?<=bindpw).*" /etc/ldap.conf) -b 'ou=hosts,dc=wikimedia,dc=org' \
     'puppetClass=role::beta::logging::mediawiki' 'associatedDomain'

Replace 'role::beta::logging::mediawiki' with the name of the class you are searching for.