Skip to content

Instantly share code, notes, and snippets.

@grenade

grenade/questions-for-tc-and-pete.md

Last active February 23, 2016 09:29
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save grenade/b245603d35526bb669c3 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save grenade/b245603d35526bb669c3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
questions-for-tc-and-pete.md

  • what's the scopes problem with new tc-worker y-2012 (https://treeherder.mozilla.org/#/jobs?repo=try&revision=c2a12e796c42&selectedJob=16774445)

    solution: add scope (queue:create-task:aws-provisioner-v1/y-2012) to role (https://tools.taskcluster.net/auth/roles/#moz-tree:level:1)

  • how do you differentitate worker types for try vs build (https://bugzilla.mozilla.org/attachment.cgi?id=8719743&action=diff#a/testing/taskcluster/tasks/windows_build.yml_sec1)

    solution: set the worker type somewhere under: https://hg.mozilla.org/try/file/c2a12e796c42/testing/taskcluster/tasks/branches/try

  • how do we manage termination of idle instances?

    solution: provisioner should handle this by only spinning up instances as required. Still need to understand why all y-2012 instances stay up always.

  • how do we manage allocation of more instances (under demand)?

    solution: provisioner handles this up to max in worker type config

  • how do we manage updates to the worker type while builds are in progress?

  • The create script seems to want to terminate running instances when it does an update. This is problematic if we're running production builds at the same time as a worker type update (highly likely).

  • Since we also deregister old ami's at update time, we're left with no roll-back in the event of creating a duff ami (other than recreating the deleted ami from source controlled creation scripts).

  • How do I get ahold of the key-pair used by the provisioner when creating spot instances. Needed if we enable generating a new password for each spot instance (something we've been wanting to fix forever in releng. the consensus has been to fix it in tc, where we have a clean slate).

  • Why do we use the key-pair name to store metadata? Why not use tags? There's a ton of distinct key-pair names which are apparently just renames of the same key-pair in order to store metadata in the key-pair name. It's just a little misleading because of the intended purposes of key names, it's easy to infer that there are as many actual key-pairs, which isn't so.

  • Where can I get credentials for the TaskCluster PaperTrail logs? is there an encrypted repo somewhere we share secrets?

  • Were can I send instance logs (from eg: the worker type creation instance) so that they are aggregated? Should we use releng papertrail?

  • How do we manage security and firewalls for tc ec2 instances (eg: is there a vpn or jump host i can connect to in order to connect to worker type instances)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment