Project

General

Profile

Actions

Bug #20889

closed

Installer potholes

Added by Peter Amstutz over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Deployment
Story points:
-
Release relationship:
Auto

Description

Encrypted certificates feature is undocumented, we should include it in the install docs as an advanced option, maybe on another page, so we have it written down at least for our own reference.

USE_SSH_JUMPHOST, BRANCH, LE_AWS_SECRET_ACCESS_KEY and LE_AWS_ACCESS_KEY_ID need to be blank or set to a default value to avoid "unbound variable" error

need to separate database host from DATABASE_INT_IP for RDS installs (where we don't need DATABASE_INT_IP at all) because host_entries.sls will complain about invalid IP address

With BYO certificates, add a step that checks that all the certificates exist ahead of time.

S3 Bucket & IAMInstanceProfile names should be configurable from local.params, just in case the default name is not in use.


Subtasks 1 (1 open0 closed)

Task #20900: Review 20889-installer-fixesIn ProgressPeter Amstutz08/25/2023Actions

Related issues 1 (0 open1 closed)

Related to Arvados - Bug #20926: Need to install postgresql-client matching database versionResolvedLucas Di Pentima09/12/2023Actions
Actions #1

Updated by Peter Amstutz over 1 year ago

  • Status changed from New to In Progress
Actions #2

Updated by Peter Amstutz over 1 year ago

  • Description updated (diff)
Actions #3

Updated by Peter Amstutz over 1 year ago

  • Description updated (diff)
Actions #4

Updated by Peter Amstutz over 1 year ago

  • Description updated (diff)
Actions #5

Updated by Peter Amstutz over 1 year ago

  • Description updated (diff)
Actions #6

Updated by Peter Amstutz over 1 year ago

  • Category set to Deployment
Actions #7

Updated by Peter Amstutz over 1 year ago

  • Description updated (diff)
Actions #8

Updated by Lucas Di Pentima over 1 year ago

  • Description updated (diff)
Actions #9

Updated by Lucas Di Pentima over 1 year ago

  • Description updated (diff)
Actions #10

Updated by Lucas Di Pentima over 1 year ago

  • Assigned To set to Lucas Di Pentima
Actions #11

Updated by Peter Amstutz over 1 year ago

  • Release set to 66
Actions #12

Updated by Lucas Di Pentima over 1 year ago

  • Release deleted (66)

Updates at 627f0941a - branch 20889-installer-fixes
Test run: developer-run-tests-doc-and-sdk-R: #1952

  • Changes prometheus install source so that it gets installed from archives, avoiding a compatibility issue with grafana on Ubuntu.
  • Adds configurable data retention parameter to Prometheus.
  • Fixes default values for some environment variables from local.params to avoid script failures.
  • Removes DISABLED_CONTROLLER from user-editable local.params to avoid confusion, as the rolling upgrades are performed automatically.
  • Updates documentation removing the manual rolling upgrade instructions.
  • Adds parameter to handle external database services instead of relying on the DATABASE_INT_IP env var that was also used to set up /etc/hosts entries and failed if not using an IP address.
  • Adds configurable parameters for Keep S3 bucket name and IAM profile in local.params.
  • Adds configurable parameters for database name and user in local.params.
  • Fixes a "unbound variable" bug when using the database and controller roles on the same node (the default multi node deployment configuration)
  • Adds checks for certificate file presence when using SSL_MODE=bring-your-own, and updates related documentation.
  • Unifies installer.sh indentation because it was a mix of spaces and tabs.
  • Adds documentation for the TLS certificate key encryption feature.
  • Updates installer's Keep S3 backend documentation.
Actions #13

Updated by Lucas Di Pentima over 1 year ago

  • Release set to 66
Actions #14

Updated by Peter Amstutz over 1 year ago

  • Target version changed from Development 2023-08-30 to Development 2023-09-13 sprint
Actions #15

Updated by Peter Amstutz over 1 year ago

Lucas Di Pentima wrote in #note-12:

Updates at 627f0941a - branch 20889-installer-fixes
Test run: developer-run-tests-doc-and-sdk-R: #1952

  • Changes prometheus install source so that it gets installed from archives, avoiding a compatibility issue with grafana on Ubuntu.
  • Adds configurable data retention parameter to Prometheus.
  • Fixes default values for some environment variables from local.params to avoid script failures.
  • Removes DISABLED_CONTROLLER from user-editable local.params to avoid confusion, as the rolling upgrades are performed automatically.
  • Updates documentation removing the manual rolling upgrade instructions.
  • Adds parameter to handle external database services instead of relying on the DATABASE_INT_IP env var that was also used to set up /etc/hosts entries and failed if not using an IP address.
  • Adds configurable parameters for Keep S3 bucket name and IAM profile in local.params.
  • Adds configurable parameters for database name and user in local.params.
  • Fixes a "unbound variable" bug when using the database and controller roles on the same node (the default multi node deployment configuration)
  • Adds checks for certificate file presence when using SSL_MODE=bring-your-own, and updates related documentation.
  • Unifies installer.sh indentation because it was a mix of spaces and tabs.
  • Adds documentation for the TLS certificate key encryption feature.
  • Updates installer's Keep S3 backend documentation.

I have not tried actually running the installer, but looking through the changes, this all LGTM.

Perhaps we should copy the newest installer.sh/provision.sh and salt pillars over to the scale cluster configuration and try that?

Actions #16

Updated by Peter Amstutz over 1 year ago

  • Related to Bug #20926: Need to install postgresql-client matching database version added
Actions #17

Updated by Lucas Di Pentima over 1 year ago

Applied changes on the scale-testing repo, commit 977bd92 without errors. Also ran the diagnostics successfully, please double check.

Actions #18

Updated by Peter Amstutz over 1 year ago

Lucas Di Pentima wrote in #note-17:

Applied changes on the scale-testing repo, commit 977bd92 without errors. Also ran the diagnostics successfully, please double check.

This LGTM, thanks.

Actions #19

Updated by Lucas Di Pentima over 1 year ago

  • % Done changed from 0 to 100
  • Status changed from In Progress to Resolved
Actions

Also available in: Atom PDF