X-Git-Url: https://git.arvados.org/arvados-dev.git/blobdiff_plain/84dd5e80955f6fd3c5a26c0eb752c765e5011c5c..ea0e43b2e928db9e7ef77977adc789cf44bc81c2:/jenkins/run-deploy.sh diff --git a/jenkins/run-deploy.sh b/jenkins/run-deploy.sh index 6509e91..519c126 100755 --- a/jenkins/run-deploy.sh +++ b/jenkins/run-deploy.sh @@ -1,15 +1,61 @@ #!/bin/bash +DEBUG=0 + +function usage { + echo >&2 + echo >&2 "usage: $0 [options] " + echo >&2 + echo >&2 " Arvados cluster name" + echo >&2 + echo >&2 "$0 options:" + echo >&2 " -d, --debug Enable debug output" + echo >&2 " -h, --help Display this help and exit" + echo >&2 + echo >&2 "Note: this script requires an arvados token created with these permissions:" + echo >&2 ' arv api_client_authorization create_system_auth \' + echo >&2 ' --scopes "[\"GET /arvados/v1/virtual_machines\",' + echo >&2 ' \"GET /arvados/v1/keep_services\",' + echo >&2 ' \"GET /arvados/v1/groups\",' + echo >&2 ' \"GET /arvados/v1/links\",' + echo >&2 ' \"GET /arvados/v1/groups/\",' + echo >&2 ' \"GET /arvados/v1/keep_services/accessible\",' + echo >&2 ' \"POST /arvados/v1/collections\",' + echo >&2 ' \"POST /arvados/v1/links\"]"' + echo >&2 +} + +# NOTE: This requires GNU getopt (part of the util-linux package on Debian-based distros). +TEMP=`getopt -o hd \ + --long help,debug \ + -n "$0" -- "$@"` + +if [ $? != 0 ] ; then echo "Use -h for help"; exit 1 ; fi +# Note the quotes around `$TEMP': they are essential! +eval set -- "$TEMP" + +while [ $# -ge 1 ] +do + case $1 in + -d | --debug) + DEBUG=1 + shift + ;; + --) + shift + break + ;; + *) + usage + exit 1 + ;; + esac +done + IDENTIFIER=$1 -DEPLOY_REPO=$2 if [[ "$IDENTIFIER" == '' ]]; then - echo "Syntax: $0 " - exit 1 -fi - -if [[ "$DEPLOY_REPO" == '' ]]; then - echo "Syntax: $0 " + usage exit 1 fi @@ -18,109 +64,180 @@ EXITCODE=0 COLUMNS=80 title () { - printf "\n%*s\n\n" $(((${#title}+$COLUMNS)/2)) "********** $1 **********" + date=`date +'%Y-%m-%d %H:%M:%S'` + printf "$date $1\n" } -# We only install capistrano in dev mode -export RAILS_ENV=development +function run_puppet() { + node=$1 + return_var=$2 -source /etc/profile.d/rvm.sh -echo $WORKSPACE + title "Running puppet on $node" + TMP_FILE=`mktemp` + if [[ "$DEBUG" != "0" ]]; then + ssh -t -p2222 -o "StrictHostKeyChecking no" -o "ConnectTimeout 5" root@$node -C "/usr/bin/puppet agent -t" | tee $TMP_FILE + else + ssh -t -p2222 -o "StrictHostKeyChecking no" -o "ConnectTimeout 5" root@$node -C "/usr/bin/puppet agent -t" > $TMP_FILE 2>&1 + fi -# Weirdly, jenkins/rvm ties itself in a knot. -rvm use default + ECODE=$? + RESULT=$(cat $TMP_FILE) + + if [[ "$ECODE" != "255" && ! ("$RESULT" =~ 'already in progress') && "$ECODE" != "2" && "$ECODE" != "0" ]]; then + # Ssh exits 255 if the connection timed out. Just ignore that. + # Puppet exits 2 if there are changes. For real! + # Puppet prints 'Notice: Run of Puppet configuration client already in progress' if another puppet process + # was already running + echo "ERROR running puppet on $node: exit code $ECODE" + if [[ "$DEBUG" == "0" ]]; then + title "Command output follows:" + echo $RESULT + fi + fi + if [[ "$ECODE" == "255" ]]; then + title "Connection timed out" + ECODE=0 + fi + if [[ "$ECODE" == "2" ]]; then + ECODE=0 + fi + rm -f $TMP_FILE + eval "$return_var=$ECODE" +} -# Just say what version of ruby we're running -ruby --version +function run_command() { + node=$1 + return_var=$2 + command=$3 + + title "Running '$command' on $node" + TMP_FILE=`mktemp` + if [[ "$DEBUG" != "0" ]]; then + ssh -t -p2222 -o "StrictHostKeyChecking no" -o "ConnectTimeout 5" root@$node -C "$command" | tee $TMP_FILE + else + ssh -t -p2222 -o "StrictHostKeyChecking no" -o "ConnectTimeout 5" root@$node -C "$command" > $TMP_FILE 2>&1 + fi -function ensure_symlink() { - if [[ ! -L $WORKSPACE/$1 ]]; then - ln -s $WORKSPACE/$DEPLOY_REPO/$1 $WORKSPACE/$1 + ECODE=$? + RESULT=$(cat $TMP_FILE) + + if [[ "$ECODE" != "255" && "$ECODE" != "0" ]]; then + # Ssh exists 255 if the connection timed out. Just ignore that, it's possible that this node is + # a shell node that is down. + title "ERROR running command on $node: exit code $ECODE" + if [[ "$DEBUG" == "0" ]]; then + title "Command output follows:" + echo $RESULT + fi + fi + if [[ "$ECODE" == "255" ]]; then + title "Connection timed out" + ECODE=0 fi + rm -f $TMP_FILE + eval "$return_var=$ECODE" } -# Check out/update the $DEPLOY_REPO repository -if [[ ! -d $DEPLOY_REPO ]]; then - mkdir $DEPLOY_REPO - git clone git@git.curoverse.com:$DEPLOY_REPO.git +title "Loading ARVADOS_API_HOST and ARVADOS_API_TOKEN" +if [[ -f "$HOME/.config/arvados/$IDENTIFIER.arvadosapi.com.conf" ]]; then + . $HOME/.config/arvados/$IDENTIFIER.arvadosapi.com.conf else - cd $DEPLOY_REPO - git pull + title "WARNING: $HOME/.config/arvados/$IDENTIFIER.arvadosapi.com.conf not found." +fi +if [[ "$ARVADOS_API_HOST" == "" ]] || [[ "$ARVADOS_API_TOKEN" == "" ]]; then + title "ERROR: ARVADOS_API_HOST and/or ARVADOS_API_TOKEN environment variables are not set." + exit 1 fi -# Make sure the necessary symlinks are in place -cd "$WORKSPACE" -ensure_symlink "apps/workbench/Capfile.workbench.$IDENTIFIER" -ensure_symlink "apps/workbench/config/deploy.common.rb" -ensure_symlink "apps/workbench/config/deploy.curoverse.rb" -ensure_symlink "apps/workbench/config/deploy.workbench.$IDENTIFIER.rb" - -ensure_symlink "services/api/Capfile.$IDENTIFIER" -ensure_symlink "services/api/config/deploy.common.rb" -ensure_symlink "services/api/config/deploy.$IDENTIFIER.rb" - -# Deploy API server -title "Deploying API server" -cd "$WORKSPACE" -cd services/api - -bundle install --deployment +title "Locating Arvados Standard Docker images project" -# make sure we do not print the output of config:check -sed -i'' -e "s/RAILS_ENV=production #{rake} config:check/RAILS_ENV=production QUIET=true #{rake} config:check/" $WORKSPACE/$DEPLOY_REPO/services/api/config/deploy.common.rb +JSON_FILTER="[[\"name\", \"=\", \"Arvados Standard Docker Images\"], [\"owner_uuid\", \"=\", \"$IDENTIFIER-tpzed-000000000000000\"]]" +DOCKER_IMAGES_PROJECT=`ARVADOS_API_HOST=$ARVADOS_API_HOST ARVADOS_API_TOKEN=$ARVADOS_API_TOKEN arv --format=uuid group list --filters="$JSON_FILTER"` -bundle exec cap deploy -f Capfile.$IDENTIFIER +if [[ "$DOCKER_IMAGES_PROJECT" == "" ]]; then + title "Warning: Arvados Standard Docker Images project not found. Creating it." -ECODE=$? + DOCKER_IMAGES_PROJECT=`ARVADOS_API_HOST=$ARVADOS_API_HOST ARVADOS_API_TOKEN=$ARVADOS_API_TOKEN arv --format=uuid group create --group "{\"owner_uuid\":\"$IDENTIFIER-tpzed-000000000000000\", \"name\":\"Arvados Standard Docker Images\", \"group_class\":\"project\"}"` + ARVADOS_API_HOST=$ARVADOS_API_HOST ARVADOS_API_TOKEN=$ARVADOS_API_TOKEN arv link create --link "{\"tail_uuid\":\"$IDENTIFIER-j7d0g-fffffffffffffff\", \"head_uuid\":\"$DOCKER_IMAGES_PROJECT\", \"link_class\":\"permission\", \"name\":\"can_read\" }" + if [[ "$?" != "0" ]]; then + title "ERROR: could not create standard Docker images project Please create it, cf. http://doc.arvados.org/install/create-standard-objects.html" + exit 1 + fi +fi -# restore unaltered deploy.common.rb -cd $WORKSPACE/$DEPLOY_REPO -git checkout services/api/config/deploy.common.rb +title "Found Arvados Standard Docker Images project with uuid $DOCKER_IMAGES_PROJECT" +GIT_COMMIT=`ssh -o "StrictHostKeyChecking no" $IDENTIFIER cat /usr/local/arvados/src/git-commit.version` -if [[ "$ECODE" != "0" ]]; then - title "!!!!!! DEPLOYING API SERVER FAILED !!!!!!" - EXITCODE=$(($EXITCODE + $ECODE)) - exit $EXITCODE +if [[ "$?" != "0" ]] || [[ "$GIT_COMMIT" == "" ]]; then + title "ERROR: unable to get arvados/jobs Docker image git revision" + exit 1 +else + title "Found git commit for arvados/jobs Docker image: $GIT_COMMIT" fi -title "Deploying API server complete" - -# Install updated debian packages -title "Deploying updated arvados debian packages" +run_command shell.$IDENTIFIER ECODE "ARVADOS_API_HOST=$ARVADOS_API_HOST ARVADOS_API_TOKEN=$ARVADOS_API_TOKEN /usr/local/rvm/bin/rvm-exec default arv keep docker" |grep -q $GIT_COMMIT -ssh -p2222 $IDENTIFIER.arvadosapi.com -C "apt-get update && apt-get install arvados-src python-arvados-fuse python-arvados-python-client" +if [[ "$?" == "0" ]]; then + title "Found latest arvados/jobs Docker image, nothing to upload" +else + title "Installing latest arvados/jobs Docker image" + ssh -o "StrictHostKeyChecking no" shell.$IDENTIFIER "ARVADOS_API_HOST=$ARVADOS_API_HOST ARVADOS_API_TOKEN=$ARVADOS_API_TOKEN /usr/local/rvm/bin/rvm-exec default arv keep docker --pull --project-uuid=$DOCKER_IMAGES_PROJECT arvados/jobs $GIT_COMMIT" +fi -if [[ "$ECODE" != "0" ]]; then - title "!!!!!! DEPLOYING DEBIAN PACKAGES FAILED !!!!!!" - EXITCODE=$(($EXITCODE + $ECODE)) +title "Gathering list of shell and Keep nodes" +SHELL_NODES=`ARVADOS_API_HOST=$ARVADOS_API_HOST ARVADOS_API_TOKEN=$ARVADOS_API_TOKEN arv virtual_machine list |jq .items[].hostname -r` +KEEP_NODES=`ARVADOS_API_HOST=$ARVADOS_API_HOST ARVADOS_API_TOKEN=$ARVADOS_API_TOKEN arv keep_service list |jq .items[].service_host -r` + +title "Updating API server" +SUM_ECODE=0 +run_puppet $IDENTIFIER ECODE +SUM_ECODE=$(($SUM_ECODE + $ECODE)) +run_command $IDENTIFIER ECODE "/usr/local/bin/arvados-api-server-upgrade.sh" +SUM_ECODE=$(($SUM_ECODE + $ECODE)) +run_command $IDENTIFIER ECODE "dpkg -L arvados-mailchimp-plugin 2>/dev/null && apt-get install arvados-mailchimp-plugin --reinstall || echo" +SUM_ECODE=$(($SUM_ECODE + $ECODE)) + +if [[ "$SUM_ECODE" != "0" ]]; then + title "ERROR: Updating API server FAILED" + EXITCODE=$(($EXITCODE + $SUM_ECODE)) exit $EXITCODE fi -title "Deploying updated arvados debian packages complete" - -# Deploy Workbench -title "Deploying workbench" -cd "$WORKSPACE" -cd apps/workbench -bundle install --deployment - -# make sure we do not print the output of config:check -sed -i'' -e "s/RAILS_ENV=production #{rake} config:check/RAILS_ENV=production QUIET=true #{rake} config:check/" $WORKSPACE/$DEPLOY_REPO/apps/workbench/config/deploy.common.rb - -bundle exec cap deploy -f Capfile.workbench.$IDENTIFIER - -ECODE=$? +title "Updating workbench" +SUM_ECODE=0 +if [[ `host workbench.$ARVADOS_API_HOST` != `host $ARVADOS_API_HOST` ]]; then + # Workbench runs on a separate host. We need to run puppet there too. + run_puppet workbench.$IDENTIFIER ECODE + SUM_ECODE=$(($SUM_ECODE + $ECODE)) +fi -# restore unaltered deploy.common.rb -cd $WORKSPACE/$DEPLOY_REPO -git checkout apps/workbench/config/deploy.common.rb +run_command workbench.$IDENTIFIER ECODE "/usr/local/bin/arvados-workbench-upgrade.sh" +SUM_ECODE=$(($SUM_ECODE + $ECODE)) -if [[ "$ECODE" != "0" ]]; then - title "!!!!!! DEPLOYING WORKBENCH FAILED !!!!!!" - EXITCODE=$(($EXITCODE + $ECODE)) +if [[ "$SUM_ECODE" != "0" ]]; then + title "ERROR: Updating workbench FAILED" + EXITCODE=$(($EXITCODE + $SUM_ECODE)) exit $EXITCODE fi -title "Deploying workbench complete" +for n in manage $SHELL_NODES $KEEP_NODES; do + ECODE=0 + if [[ $n =~ $ARVADOS_API_HOST$ ]]; then + # e.g. keep.qr1hi.arvadosapi.com + node=$n + else + # e.g. shell + node=$n.$ARVADOS_API_HOST + fi + + # e.g. keep.qr1hi + node=${node%.arvadosapi.com} -exit $EXITCODE + title "Updating $node" + run_puppet $node ECODE + if [[ "$ECODE" != "0" ]]; then + title "ERROR: Updating $node node FAILED: exit code $ECODE" + EXITCODE=$(($EXITCODE + $ECODE)) + exit $EXITCODE + fi +done