Devspace needs You!

...and vice versa?

Jean-Marie Burel

November 2017

Outline

  • What is Devspace
  • How to deploy
  • What is changing
  • Work in Progress: version 0.6.0
  • Useful tips
  • Advance
  • What's next

What is Devspace

Collection of Docker containers "compose" together to make a framework, managed by Jenkins CI, that runs jobs


Useful links:

Repositories

Devspace repository layout

Devspace:

Personal Continuous Integration system with:

  • OMERO jobs
  • and Bio-Formats jobs

Forked Repositories

By default, you will need to fork the following repositories

OMERO jobs:

  • OMERO-push: merge PRs
  • OMERO-build: build artifacts (server, clients)
  • OMERO-server: deploy an OMERO.server
  • OMERO-web: deploy an OMERO.web client
  • OMERO-test-integration: run the integration tests
  • OMERO-docs (recent): build the documentation

Bio-Formats jobs:

  • BIOFORMATS-push: merge PRs
  • BIOFORMATS-ant: build and run unit tests
  • BIOFORMATS-maven: build and run unit tests

Trigger job: Run in a specific order

  • the Bio-Formats jobs
  • then the OMERO jobs

More jobs can be added! Recently added:

How to deploy

Two ways to deploy a devspace

Deploy on Openstack

Two Ansible playbooks are used:

  • One to create an instance
  • One to provision

Extra repository to consider:

What is changing

First round

Work in progress: version 0.6.0

Reviewer wanted!

Deployment on Openstack is based on

Configuration: Openstack

  • Connect OME OpenStack
  • Go to Access & Security > Key Pairs. Click on Import Key Pair. Copy the content of the public key you use to access our resources e.g. id_rsa.pub
  • Go to Access & Security > API Access, download your configuration by clicking on Download OpenStack RC File v2.0. The file will be named by default omedev-openrc.sh

Configuration: SSH and Git (NEW)

  • Create a directory devspace_config/.ssh where you wish
  • Create a new id_gh_rsa SSH key without passphrase in the devspace_config/.ssh directory
    
    ssh-keygen -t rsa -b 4096 -C "your_email_address" -f path/to/devspace_config/.ssh/id_gh_rsa -q -P ""
                                
  • Upload the public key i.e. id_gh_rsa.pub to your GitHub account
  • Create a file devspace_config/.ssh/config and add the following:
    
    Host github.com
        User git
        IdentityFile ~/.ssh/id_gh_rsa
    

Configuration: SSH and Git (NEW)

  • Create a devspace_config/.gitconfig file
  • Generate a GitHub token
  • Add it to your devspace_config/.gitconfig file. Minimally the file should contain:
    
    [github]
            token = your_token
            user = your_gh_username
    [user]
            email = your_email_address
            name = your_name
                                
  • The key and the configuration files will be copied to the devspace so that branches can be pushed to your GitHub account by scc

Set up

  • Clone the devspace Git repository (NEW)
    
    $ git clone https://github.com/openmicroscopy/devspace.git
    
  • Create a virtual environment and go to the devspace directory and install Ansible (2.4)(version bump) and shade to access OpenStack via the command line
    
    $ virtualenv ~/dev
    $ . ~/dev/bin/activate
    $ cd devspace
    (dev) $ pip install -r requirements.txt
                                
  • Source the OpenStack configuration file to set the environment variables.
    
    (dev) $ . omedev-openrc.sh
    Enter your password
                                

Install roles

  • Install the various ansible roles from the Galaxy website:
    
    (dev) $ cd ansible
    (dev) $ ansible-galaxy install -r requirements.yml
    
  • Exception: the ansible-role-devspace is work in progress PR #5
  • To "upgrade" roles, you may want to specify --force when installing the roles

Create instance

  • Create an instance on OpenStack (omedev tenancy). In the ansible directory:
    
    (dev) $ ansible-playbook create-devspace.yml -e vm_name=your_name-devspace-name -e vm_key_name=your_key
    
    (replace your_name-devspace-name and your_key)
  • To configure the size of the volume (default 50GiB), pass for example
    
    -e vm_size=100
    
  • To configure the amount of ram (default 32GB), pass for example
    
    -e vm_flavour_ram=8
    

Configure playbook (NEW)

In the ansible directory, configure the parameters in provision-devspace.yml:

  roles:
    - role: openmicroscopy.devspace
      # Path to SSH and Git configuration files
      configuration_dir_path: "/Users/jmarie/devspace_training"
      # The name of the git branch all the jobs will be using. The default is develop
      # devspace_omero_branch: develop
      # The devspace repository to use. The default is https://github.com/openmicroscopy/devspace.git
      devspace_git_repo: https://github.com/openmicroscopy/devspace.git
      # The devspace branch to use. The default is the latest released version
      devspace_git_repo_version: "0.6.0"
      # force a clean
      devspace_git_update: yes
      devspace_git_force: yes
                            

Provision the devspace (NEW) In ansible directory


(dev) $ ansible-playbook -u centos -i devspace_openstack_ip, provision-devspace.yml
where devspace_openstack_ip = Floating IP e.g. 10.0.51.143

Access the devspace

Using your usual ssh key not the key created for devspace


ssh omero@devspace_openstack_ip
cd devspace
                    

Determine dynamic ports (NEW)

Useful tips

Failure when provisioning devspace


...
host key for 10.0.51.146 has changed and you have requested strict checking.\r\nHost key verification failed.\r\n", "unreachable": true}
  • Open ~/.ssh/known_hosts
  • Remove devspace_openstack_ip e.g. 10.0.51.146
  • Run playbook again

Trigger: Edit configuration

  • Click on Trigger > Configure
  • Go to Pipeline
  • Remove, for example, the Bio-Formats jobs from the Script shell:
    
    build job: 'OMERO-push'
    
    build job: 'OMERO-build'
    
    build job: 'OMERO-server'
    ...
                        
  • The jobs will still show up in the Jenkins UI but won't be run

Trigger: sandbox yes or no

The following error is sent if Use Groovy Sandbox is not selected


org.jenkinsci.plugins.scriptsecurity.scripts.UnapprovedUsageException: script not yet approved for use
    at org.jenkinsci.plugins.scriptsecurity.scripts.ScriptApproval.using(ScriptApproval.java:459)
    at org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition.create(CpsFlowDefinition.java:109)
 

OMERO-push failure


Installing JDK jdk-8u121-oth-JPR
Downloading JDK from http://download.oracle.com/otn/java/jdk/8u121-b13/e9e7ea248e2c4826b92b3f075a80e441/jdk-8u121-linux-x64.tar.gz
Oracle now requires Oracle account to download previous versions of JDK. Please specify your Oracle account username/password.
ERROR: Unable to install JDK unless a valid Oracle account username/password is provided in the system configuration.
Finished: FAILURE
                    
  • Click on Manage Jenkins > Global Tool Configuration
  • Click on JDK installations...
  • Select the latest JDK 8 using the selection box

OMERO-push: Configure Merge

  • Click on OMERO-push > Configure
  • Go to MERGE_COMMAND
  • Merge, for example, only PRs from openmicroscopy with --training in the description e.g. PR #5548:
    
    merge develop -Dnone -Itraining --no-ask --reset --shallow
                        
  • If you want to update the scripts, replace --shallow by --update-gitmodules. You must have forked ome/scripts

Test a DB upgrade script

  • Update OMERO-server and OMERO-test-integration
  • Click on OMERO-server > Configure
  • Go to Build section
  • In the example below, we change the password of the guest user

OMERO_INSTALL=/tmp/omero-install/linux
source $OMERO_INSTALL/settings.env
OMERO_DB_NAME=$DB_NAME
OMERO_DIST=$WORKSPACE/OMERO.server
OMERO_DATA_DIR=$DATA_DIR

...

psql -h $OMERO_DB_HOST -U $OMERO_DB_USER $OMERO_DB_NAME < OMERO_DIST/sql/psql/OMERO5.4__0/allow-guest-user-without-password.sql

rm -rf $WORKSPACE/*

Configure OMERO-web

  • Click on OMERO-web > Configure
  • Go to Execute shell section
  • In the example below, we set up CORS

OMERO_DIST=$WORKSPACE/OMERO.web
OMERO_INSTALL=/tmp/omero-install/linux

ZIP=$(ls OMERO.py*.zip)
DIST=${ZIP%.zip}
unzip $ZIP
rm -f $ZIP
mv $WORKSPACE/$DIST $OMERO_DIST

virtualenv $WORKSPACE/omero-virtualenv --system-site-packages
source $WORKSPACE/omero-virtualenv/bin/activate

source $OMERO_INSTALL/settings.env

pip install -r $OMERO_DIST/share/web/requirements-py27.txt
# Add dependencies
pip install django-cors-headers

#start-config
$OMERO_DIST/bin/omero config set omero.web.application_server 'wsgi-tcp'
$OMERO_DIST/bin/omero config set omero.web.application_server.max_requests 0

$OMERO_DIST/bin/omero config set omero.web.prefix $WEB_PREFIX
$OMERO_DIST/bin/omero config set omero.web.static_url $WEB_PREFIX'/static/'
$OMERO_DIST/bin/omero config set omero.web.static_root $HOME'/static/web/'

$OMERO_DIST/bin/omero config set omero.web.session_engine 'django.contrib.sessions.backends.cache'
$OMERO_DIST/bin/omero config set omero.web.caches '{"default": {"BACKEND": "django_redis.cache.RedisCache","LOCATION": "redis://redis:6379/0"}}'

$OMERO_DIST/bin/omero config set omero.web.server_list '[["omero", 4064, "omero"], ["testintegration", 14064, "testintegration"]]'

$OMERO_DIST/bin/omero config set omero.web.application_server.host $NODE_NAME
$OMERO_DIST/bin/omero config set omero.web.application_server.port 4080

# Configure cors
$OMERO_DIST/bin/omero config append omero.web.apps '"corsheaders"'
$OMERO_DIST/bin/omero config append omero.web.middleware '{"index": 0.5, "class": "corsheaders.middleware.CorsMiddleware"}'
$OMERO_DIST/bin/omero config append omero.web.middleware '{"index": 10, "class": "corsheaders.middleware.CorsPostCsrfMiddleware"}'
$OMERO_DIST/bin/omero config set omero.web.cors_origin_allow_all True


$OMERO_DIST/bin/omero web config nginx --http "$OMERO_WEB_PORT" >$OMERO_DIST/nginx.conf.tmp

sudo cp $OMERO_DIST/nginx.conf.tmp $HOME/nginx/$NODE_NAME.conf

$OMERO_DIST/bin/omero config set omero.web.wsgi_args -- '--log-level=DEBUG --error-logfile='$OMERO_DIST'/var/log/gunicorn.err'

$OMERO_DIST/bin/omero config set omero.web.application_server.host 0.0.0.0

BUILD_ID=DONT_KILL_ME $OMERO_DIST/bin/omero web start

deactivate

Available by default?

Access the Docker containers

  • Log in: ssh omero@devspace_openstack_ip
  • To list the Docker containers, run docker ps

CONTAINER ID        IMAGE                                 ... NAMES
dfb33a9d5de8        devspace_nginx                        ... devspace_nginx_1
1f15a9e43d4f        devspace_web                          ... devspace_web_1
e1c08c9ae43b        devspace_testintegration              ... devspace_testintegration_1
d5faa737a5ce        devspace_omero                        ... devspace_omero_1
60c351551adc        selenium/node-firefox:3.0.0-dubnium   ... devspace_seleniumfirefox_1
ff98f484026b        selenium/node-chrome:3.0.0-dubnium    ... devspace_seleniumchrome_1
63196e8cbf42        nginx:1.10                            ... devspace_nginxjenkins_1
a568a26fa8f0        devspace_jenkins                      ... devspace_jenkins_1
96f111f85e5b        postgres                              ... devspace_pg_1
e292284df351        redis                                 ... devspace_redis_1
01d82142d674        selenium/hub:3.0.0-dubnium            ... devspace_seleniumhub_1

Access the OMERO.server logs

  • Access the OMERO-server container
    
    docker exec -ti devspace_omero_1 bash
                        
  • Access the logs:
    
    cd /home/omero/workspace/OMERO-server/OMERO.server/
    cd var/log
                        

Transfer the OMERO.server logs

Transfer the logs to your local machine. Two steps process:

  • Copy the logs from the container
    
    docker cp devspace_omero_1:/home/omero/workspace/OMERO-server/OMERO.server/var/log .
                        
  • Copy the logs to your machine
    
    scp -Cr omero@devspace_openstack_ip:/home/omero/log /local/path/for/log
                        

Access the OMERO-test-integration logs

  • Access the OMERO-test-integration container
    
    docker exec -ti devspace_testintegration_1 bash
                        
  • Access the logs:
    
    cd /home/omero/workspace/OMERO-test-integration/src/dist
    cd var/log
                        
  • To transfer the logs, follow the instructions on how to transfer the OMERO.server logs

Give Access to others

  • Log in: ssh omero@devspace_openstack_ip
  • Open .ssh/authorized_keys and add the key(s)

Advance

Example: How to add support for PostgreSQL 10

workflow

What's next