At file:///home/pqm/archives/thelove/bzr/%2Btrunk/ ------------------------------------------------------------ revno: 4071 revision-id: [email protected] parent: [email protected] parent: [email protected] committer: Canonical.com Patch Queue Manager <[email protected]> branch nick: +trunk timestamp: Tue 2009-03-03 03:40:49 +0000 message: (mbp) documentation on ec2 build host added: doc/developers/ec2-windows.txt ec2windows.txt-20090219062112-2ga0nqpcm7n02njf-1 modified: doc/developers/index.txt index.txt-20070508041241-qznziunkg0nffhiw-1 ------------------------------------------------------------ revno: 4012.2.2 revision-id: [email protected] parent: [email protected] committer: Martin Pool <[email protected]> branch nick: doc-ec2 timestamp: Tue 2009-03-03 13:23:29 +1100 message: ReST syntax fix modified: doc/developers/ec2-windows.txt ec2windows.txt-20090219062112-2ga0nqpcm7n02njf-1 ------------------------------------------------------------ revno: 4012.2.1 revision-id: [email protected] parent: [email protected] committer: Martin Pool <[email protected]> branch nick: doc-ec2 timestamp: Thu 2009-02-19 17:21:24 +1100 message: Documentation on using EC2 Windows VM added: doc/developers/ec2-windows.txt ec2windows.txt-20090219062112-2ga0nqpcm7n02njf-1 modified: doc/developers/index.txt index.txt-20070508041241-qznziunkg0nffhiw-1 === added file 'doc/developers/ec2-windows.txt' --- a/doc/developers/ec2-windows.txt 1970-01-01 00:00:00 +0000 +++ b/doc/developers/ec2-windows.txt 2009-03-03 02:23:29 +0000 @@ -0,0 +1,189 @@ +========================= +Bazaar Windows EC2 Server +========================= + +We have an Amazon EC2 virtual machine called Desolation_ for +building Windows packages and general testing on Windows. As of +2009-02-19, this is just experimental and this is a draft specification, +but we aim to use it for the production Windows installer build of 1.13 in +March. + +See also: + +* `Bazaar Developer Documentation Catalog <index.html>`_. + + +.. _Desolation: http://en.wikipedia.org/wiki/Desolation_Island + + +Goals +===== + +* The instance is only running (and incurring charges) when it's needed + for testing or packaging. + +* It can be started or stopped by anyone on the team using a + straightforward script. + +* Multiple people can get into the same instance at the same time, e.g. + if one person needs to pass work on to some one else. + +* We keep snapshot of the OS and tool chain so that we can roll back if + we need to. + +* bzr branches and similar information are kept on stable storage that + survives rollbacks of the OS state, and that can be backed up. + +Later on we may try automated Windows testing in a similar setup. + + +Approach +======== + +The working disk and the AMI images are stored in one person's account for +billing purposes. + +Ideally we want to give other people access to run this machine without +giving full access to the account. I'm not sure if that's feasible. If +it's not, we might need to allow people to launch the image within their +own account; this may be problematic if the shared volume is already in +use by someone else. + +I don't think it's possible to have an EBS that's shared across accounts, +and they can't be attached to multiple running instances. So for now it's +probably best to just ignore the concept and store the working data on the +instance's local storage, and to copy things up e.g. to Launchpad as +required. + +On this machine, ``C:`` should be used only for the Windows system files, +``D:`` for installed programs and working directories, and other drive +letters can be used later for mounting EBS storage if desired. + +Through ``ec2-modify-image-attribute`` we can allow nominated users to +access an existing image. We need to have their AWS opaque ID. + +Through ``ec2-bundle-image`` we can make a new snapshot at any point, +which will be stored into the current user's S3 account. + +We'll (probably) have one shared account for running builds which is also +an administrator for ease of installing software. + +You do need to have an RSA keypair to get the initial password for a +Windows machine, even though you can't use it to log in later. As a quirk +of the tools(?) ``ec2-get-password`` needs the full path to the keypair +but ``ec2-add-keypair`` just wants part of the name. I guess this is +distinct from the account identifier because the image is relatively +untrusted(?). If the password is already set in the image, this shouldn't +be necessary. + +It would be nice if rdesktop could use private key authentication but +apparently not. + +Should check how the Launchpad ec2test scripts work. + + + +Procedures +========== + +Preparation +----------- + +* Be in the bzr core team. If you are interested in helping with + Windows packaging, testing or development just ask. + +* Install the + `Amazon EC2 API tools`_ (needs-packaging `bug 330930`_) + +* Create a private key and certificate for yourself. + Check these environment variables are set and exported, e.g. by setting + them in the file ``~/.aws``. Make sure the files are private.:: + + EC2_PRIVATE_KEY=~/.ec2/pk-XXXXXX.pem + EC2_CERT=~/.ec2/cert-XXXXXX.pem + EC2_HOME=~/build/ec2-api-tools-1.3-30349 + AWS_SECRET_ACCESS_KEY=XXXXXXXXX + AWS_ACCESS_KEY_ID=XXXXXXXXXXX + PATH=$PATH:$EC2_HOME/bin + JAVA_HOME=/usr/lib/jvm/java-6-openjdk + +* Install the rdesktop client, to actually access the machine. + +* Create an Amazon Web Services account, sign up for S3 and EC2, and do + the various steps to create authentication devices + +* Possibly read some of the `EC2 documentation`_ for background. + +.. _`bug 330930`: https://bugs.edge.launchpad.net/ubuntu/+bug/330930 +.. _`Amazon EC2 API tools`: + http://developer.amazonwebservices.com/connect/entry.jspa?externalID=368&categoryID=88 +.. _`EC2 documentation`: http://aws.amazon.com/ + +* Create a security group for your that allows rdesktop access and icmp with:: + + ec2-add-group desolation-group -d 'bzr win32 build machine' + ec2-authorize desolation-group -p 3389 -s 1.2.3.4/32 + ec2-authorize desolation-group -t -1:-1 -P icmp + + Add your public IP there. You can repeat that command to allow others + in. + + +To start up an instance +----------------------- + +1. Get the right AMI image ID from another developer. + +1. Start the instance:: + + ec2-run-instances $image_id -g desolation-group + + This will print out some information including the image id, something + like ``i-31a74258``. + +1. Actually starting the machine will take a few minutes. Once it's in + the *running* state, get the machine's public IP with :: + + ec2-describe-instances + +1. and then connect :: + + rdesktop -g 1200x850 -u Administrator $machine_ip + +Don't forget to shut it down when you're done, and check with +``ec2-describe-instances`` that it did terminate. + + +To save a system snapshot as an image +------------------------------------- + +1. Bundle the current state. *Doing this will reboot the machine.* + You need to choose a unique s3 bucket name, + typically based on a domain or email address, which can contain + any number of images. You also need a name unique within the bucket + for this image, like ``desolation-vs2008-20090219``. And finally + it needs your AWS S3 access key and secret key, which should be set in + ``~/.aws``:: + + ec2-bundle-instance -b ec2.sourcefrog.net \ + -p desolation-vs2008-2009021 \ + -o "$AWS_ACCESS_KEY_ID" \ + -w "$AWS_SECRET_ACCESS_KEY" + +1. This will take several minutes: You can check progress with :: + + ec2-describe-bundle-tasks + +1. Register the files as an image, e.g.:: + + ec2-register ec2.sourcefrog.net/desolation-vs2008-2009021 + + This will give you an AMI id for the image. + +1. Give access to other team members identified by their Amazon account id:: + + ec2-modify-image-attributes $ami_id -l -a 123412341234 + + +.. + vim: ft=rst tw=74 ai
=== modified file 'doc/developers/index.txt' --- a/doc/developers/index.txt 2009-02-13 03:44:31 +0000 +++ b/doc/developers/index.txt 2009-02-19 06:21:24 +0000 @@ -42,6 +42,9 @@ * `Profiling notes <profiling.html>`_ |--| Instructions on how to profile bzr code and visualize the results. +* `EC2 Windows server <ec2-windows.html>`_ |--| A team resource for + Windows packaging and testing. + Plans ===== -- bazaar-commits mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/bazaar-commits
