[tor-bugs] #31239 [Internal Services/Tor Sysadmin Team]: automate installs
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Mar 20 03:18:18 UTC 2020
#31239: automate installs
-------------------------------------------------+-------------------------
Reporter: anarcat | Owner: anarcat
Type: enhancement | Status:
| assigned
Priority: Low | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution:
Keywords: tpa-roadmap-april | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by anarcat):
today, i did a new-machine-hetzner-robot process almost entirely
automatically, using fabric, with the followign command:
{{{
./install -H root at 88.99.194.57 --fingerprint
0d:4a:c0:85:c4:e1:fe:03:15:e0:99:fe:7d:cc:34:f7 --verbose hetzner-robot
fsn-node-05.torproject.org installer/disk-config/gnt-fsn-NVMe
installer/packages installer/post-scripts/
}}}
the fingerprint was the ed25519 one provided by hetzner email.
this is a major step in the automation work because we reviewed the way
Fabric handles remote hosts SSH keys (it doesn't, ouch), and worked around
the problems found. we especially were able to add the `--fingerprint`
argument *fairly* easily once I understood the internal mechanics of
Paramiko (which wasn't quite obvious).
the next step of this process is to finish converting the common trunk,
new-machine, into fabric, so that (e.g.) puppet procedures are fully
automated.
but i can believe this can wait until the next server. doing this install
took about a day because of the automation, so we shouldn't burn too much
work credit on that...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31239#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list