OBS readme

OBS Readme

This file briefly describes how to setup an Open Build Service
(OBS) with the rpm packages from the openSUSE project. By default all
services run on the same system. This document does not describe how
to distribute them to increase reliability and do load balancing, but
this is possible.

An easier way to run OBS is via using the OBS Appliance. It is also
usable for a production server. Please find details here:

  http://wiki.opensuse.org/openSUSE:Build_Service_Appliance


1. Run the backend
==================

The backend hosts all sources and built packages. It also schedules
the jobs. You need to install the "obs-server" package for this.


1.1 Start the following services in this order
==============================================

WARNING: The following commands start services which are accessible from
         the outside. Do not do this on a system connected to an untrusted
         network or make sure to block the ports with a firewall.

  rcobsrepserver start
  rcobssrcserver start
  rcobsscheduler start
  rcobsdispatcher start
  rcobspublisher start

The data gets stored inside the /srv/obs directory by default.


1.2 Start the following optional services
=========================================

You may start

  rcobssigner start

in case you want to use the automatic package signing features.

You may start

  rcobswarden start

in case you want to monitor your workers


2. Start the workers
====================
The workers ask the backend for open build jobs and do the build.
You need to install the "obs-worker" package for this.


2.1 Local worker
================

A worker can be started on localhost by calling

  rcobsworker start


2.2 Setup multiple workers on remote systems
============================================

A worker can be started on other machines in your network (on the Internet
too, but you should have a really fast Internet connection ;-)).
You must install the package "obs-worker" on this machine and change some
configuration files on both systems.


2.2.1 Necessary changes on machine *main* machine
=================================================

Please check /usr/lib/obs/server/BSConfig.pm on the main machine.
By default, the local hostname is used.


2.2.2 Necessary changes on worker machine
=========================================

If you have installed the package "obs-worker", edit the file
/etc/sysconfig/obs-server to change the variable OBS_REPO_SERVERS to
"main.fqdn:5252" where "main.fqdn" is the output of "hostname -f" or
the IP of the machine where the repserver is running.


3. Run the api
==============

You need to install the "obs-api" package for this and a MySQL server
on this or a remote host. When using SLE11, the needed packages are only
available after adding the SDK to the available installation repositories.


3.1 Setup and configure the MySQL database
==========================================


3.1.1 Initialize fresh Database
=============================

* start the MySQL database

    rcmysql start    # use "insserv mysql" for permanent start

  If you do this for the first time, MySQL will initialize itself and
  ask to create a root password in the database.

  After starting mysql for the first time, run the program

    mysql_secure_installation

  If you want to give the "root" user the rights to always access your mysql
  database, create a file "/root/.my.cnf" with the following content:

    [client]
    user = root
    password = foobar
    [mysqladmin]
    user= root
    password = foobar

  Make sure that this file has the correct permissions with the command:

    chmod 0600 /root/.my.cnf

* Create the empty production databases:

    # mysql -u root -p
    mysql> create database api_production;
    mysql> create database webui_production;
    mysql> quit

* If you use the MySQL database for other services, too, then
  it's recommended to add a separate MySQL user, e.g. "obs", like
  this:

    # mysql -u root -p'your-password'
    mysql> create user 'obs'@'%' identified by 'obspassword';
    mysql> create user 'obs'@'localhost' identified by 'obspassword';
    mysql> GRANT all privileges
      ON api_production.*
      TO 'obs'@'%', 'obs'@'localhost';
    mysql> GRANT all privileges
      ON webui_production.*
      TO 'obs'@'%', 'obs'@'localhost';
    mysql> FLUSH PRIVILEGES;
    mysql> quit

* Configure your MySQL user and password in
  in the "production" section of the api and webui config:

    /srv/www/obs/api/config/database.yml
    /srv/www/obs/webui/config/database.yml

  A template for this file can be found in same directory as
  "database.yml.example".

* populate the database

    cd /srv/www/obs/api/
    sudo RAILS_ENV="production" rake db:setup
    sudo chown -R wwwrun.www log tmp

    cd /srv/www/obs/webui/
    sudo RAILS_ENV="production" rake db:setup
    sudo chown -R wwwrun.www log tmp


3.2 Setup and configure apache2 for the api and webui
=====================================================

Now we need to configure the webserver. By default, you can reach the
familiar web user interface on port 443 (e.g: https://localhost), the api
on port 444 (e.g. https://localhost:444), and the repos on port 82 (once
some packages are built).
An overview page about your OBS instance can be found behind http://localhost

The obs-api package comes with a apache vhost file, which does not need to get
modified when you stay with these defaults: /etc/apache2/vhosts.d/obs.conf

Install the required packages via

  zypper in obs-api apache2 apache2-mod_xforward rubygem-passenger-apache2

Add the follwing apache modules in /etc/sysconfig/apache2:

  APACHE_MODULES="... passenger rewrite proxy proxy_http xforward headers"

Enable SSL in /etc/sysconfig/apache2 via

  APACHE_SERVER_FLAGS="-DSSL"

Generate an ssl certificate via following commands:

  mkdir /srv/obs/certs
  openssl genrsa -out /srv/obs/certs/server.key 1024
  openssl req -new -key /srv/obs/certs/server.key \
          -out /srv/obs/certs/server.csr
  openssl x509 -req -days 365 -in /srv/obs/certs/server.csr \
          -signkey /srv/obs/certs/server.key -out /srv/obs/certs/server.crt
  cat /srv/obs/certs/server.key /srv/obs/certs/server.crt \
      > /srv/obs/certs/server.pem


3.2.1 Change /srv/www/obs/webui/config/options.yml
==================================================

You should set "exception_recipients" to a valid mail address which
should receive notification mail if the WebUI hits any program exception.

It is recommended to enable

  use_xforward:true

as well here.


3.2.2 Change /srv/www/obs/api/config/options.yml
================================================

If you change the hostnames/ips of the api, you need to adjust
"source_server_url" accordingly in

  /srv/www/obs/api/config/options.yml

You should set "exception_recipients" to a valid mail address which
should receive notification mail if the API hits any program exception.

It is recommended to enable

  use_xforward:true

as well here.


3.2.3 Restart apache2
=====================

Afterwards you can start the OBS web api via

  rcapache2 start        # use "insserv apache2" for permanent start
  rcobsapidelayed start  # use "insserv obsapidelayed" for permanent start


4. Setup initial distributions
==============================

The easiest way is reuse a base distro hosted at openSUSE.org.
The Open Build Service has a mechanism to reuse projects from a remote
instance since version 0.9. It is recommended to use this mechanism.
In addition to that, it is also possible to copy base projects with the
provided scripts (see 4.2 below).


4.1 Reuse projects hosted on openSUSE.org build service
=======================================================

Create the reference project pointing to the openSUSE.org build service.
This will allow you to reuse the base distributions from there and avoids
further manual setup.

You can do this via clicking on the "Setup OBS" link in your web interface.

The alternative manual way is to call the following command:

  curl -0 --user "Admin:opensuse" -X PUT \
       -T /usr/share/doc/packages/obs-api/openSUSE.org.xml \
       https://localhost:444/source/openSUSE.org/_meta

If you created a self-signed certificate as described above, also add the
option "--insecure".


4.2 import base distributions into the backend
==============================================

This point can be skipped, when you did run point 4.1 successfully.
In case you want a full copy of a base distribution you need to do
the following steps:

  # As root, validate that osc has account data. You may need to enter
  # your account data for api.openSUSE.org here.
  osc

  # Run the script to mirror "openSUSE:11.2", for example (for this
  # command, you need the package "obs-utils").
  obs_mirror_project openSUSE:11.2 standard i586

  # Restart the scheduler to scan the new project
  rcobsscheduler restart

  # Run the api import script:
  # cd /srv/www/obs/api/script
  # RAILS_ENV="production" ruby import


5. Access
=========

By default you can access the api using any browser with the URL

  https://$servername:444

The web interface is accessible via

  https://$servername

The default user is "Admin" with the password "opensuse".


5.1 Changing the default URLs
=============================

To change the default URLs of the api, configure the lighttpd vhosts
accordingly. Edit /etc/apache2/vhosts.d/obs.conf and add the new virtual
hostnames.

Then change the FRONTEND_HOST variable in
/srv/www/obs/webui/config/environments/production.rb
to also point to the new api URL.


6. Using osc with your local build service:
===========================================

In order to use the command line tool for the build service, run osc with

  osc -A https://your_server:444 ls

for example. osc asks the first time for a user and password pair.


6.1. Test build
===============

You can do a test build like this (for example, in a svn checkout of
the current openSUSE build server, in the buildservice/dist subdir):

Add an "openSUSE:Tools" project with an "obs-server" package. The
following commands offer you a template project or package description
file. In the self-explanatory xml, only enable the 10.2 distro on
i586:

  osc -A http://$servername:81 meta prj openSUSE:Tools -e

Check whether that worked on

  http://$servername/project/list_all

Do the same for the package:

  osc -A http://$servername:81 meta pkg openSUSE:Tools obs-server -e

Check whether that worked on

  http://$servername/project/show?project=openSUSE%3ATools

Now prepare for a check-in. This will do a checkout and locally build
using the packages from your local buildserver:

  OSCOPT="-A http://$servername:81" ./distribute

now do a check-in into the build server:

  cd openSUSE:Tools/obs-server
  osc add *
  osc ci

The rebuild will automatically be triggered. Monitor the build status
here:

  http://localhost/project/monitor?project=openSUSE%3ATools

or via osc, in the same directory as indicated above, with the command:

  osc r


6.2. Run and Stop the Service
=============================

To start and stop everything you can use the following command sequences:

  rcmysql start
  rcobsrepserver start
  rcobssrcserver start
  rcobsscheduler start
  rcobsworker start
  rcobsdispatcher start
  rcobspublisher  start
  rcapache2 start
  rcobsapidelayed start

  rcapache2 stop
  rcobsapidelayed stop
  rcobspublisher  stop
  rcobsdispatcher stop
  rcobsworker stop
  rcobsscheduler stop
  rcobssrcserver stop
  rcobsrepserver stop
  rcmysql stop


To automatically start everything at system boot you can use the following:

  chkconfig --add  mysql  obssrcserver  obsrepserver  obsscheduler \
                   obspublisher  obsdispatcher obsworker  \
                   apache2

Use "chkconfig --del" analogously to no longer automatically start them
at boot.


6.3 Optional services
=====================

The following service are optional:

 * obswarden
   It checks if build hosts are dying and cleans up hanging builds

 * obssigner
   It is used to sign packages via the obs-sign daemon. You need to configure
   it in BSConfig.pm before you can use it.

 * obsservice
   This is the source service daemon. Older versions of OBS (<= 1.7) just came
   with a download service. Newer versions include a couple of "obs-service-*"
   packages that can be installed separately.
   This feature is considered to be experimental so far, but can be already
   extended with own services.

The following runlevel scripts are only running on the OBS Appliance for
auto configuration:

 * obsstoragesetup
   Configures storage volumes based on LVM partitions automatically.

 * obsapisetup
   Updates automatically the database layout and configures the web server
   automatically based on your network setup.


7. Feedback
===========

Please send feedback about this file or the packages to
opensuse-buildservice@opensuse.org


8. Miscellaneous notes
=====================

 * OBS in the production mode uses memcached optionally.
   You can install and enable it as a service:

       zypper in memcached
       rcmemcached start

 * logs are located in various directories.

       apache2: /var/log/apache2
       obs: /srv/obs/log
       api: /srv/www/obs/api/log
       webui: /srv/www/obs/webui/log






https://api.opensuse.org/apidocs/
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值