Add Jenkins pipeline for builder reimage#2602
Open
jitendrasahu1803 wants to merge 9 commits into
Open
Conversation
Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
djgalloway
reviewed
Jun 2, 2026
djgalloway
reviewed
Jun 2, 2026
Comment on lines
+21
to
+22
| ANSIBLE_DIR="${WORK_DIR}/repos/ansible" | ||
| MAIN_DIR="${WORK_DIR}/repos/main" |
Contributor
There was a problem hiding this comment.
Can you add a comment above each of these saying what they're for?
djgalloway
reviewed
Jun 2, 2026
| SSH_USER="cloud-user" | ||
| else | ||
| SSH_USER="ubuntu" | ||
| fi |
Contributor
There was a problem hiding this comment.
I'm confused why this is necessary. MaaS is supposed to take care of creating the cm user (https://github.com/ceph/ceph-cm-ansible/blob/main/roles/maas/tasks/config_maas.yml#L90) with these keys: https://github.com/ceph/ceph-sepia-secrets/blob/main/ansible/inventory/group_vars/all.yml#L40. And I see jenkins-build@soko04 has a pubkey in there.
We should be SSHing as the cm user.
Contributor
Author
There was a problem hiding this comment.
I was informed that this should be the first command executed after reimage:
ansible-playbook ansible_managed.yml --limit="<all builders>" -e "ansible_ssh_user=ubuntu/cloud-user"
However, when I try running it using the 'cm' user (instead of 'ubuntu/cloud-user') immediately after the MaaS reimage, I encounter the following error:
❯ ansible-playbook ansible_managed.yml --limit="braggi16.front.sepia.ceph.com" -e "ansible_ssh_user=cm"
PLAY [all] **************************************************************************************************************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************************************************************************************************
[WARNING]: Host 'braggi16.front.sepia.ceph.com' is using the discovered Python interpreter at '/usr/bin/python3.12', but future installation of another Python interpreter could cause a different interpreter to be discovered. See https://docs.ansible.com/ansible-core/2.20/reference_appendices/interpreter_discovery.html for more information.
ok: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Create the sudo group.] *************************************************************************************************************************************************************************************************
ok: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Create the ansible user.] ***********************************************************************************************************************************************************************************************
[ERROR]: Task failed: Module failed: usermod: user cm is currently used by process 2279
Origin: /Users/jitendra/git/ceph/ceph-cm-ansible/roles/ansible-managed/tasks/main.yml:9:3
7 - user
8
9 - name: Create the ansible user.
^ column 3
fatal: [braggi16.front.sepia.ceph.com]: FAILED! => {"changed": false, "msg": "usermod: user cm is currently used by process 2279\n", "name": "cm", "rc": 8}
PLAY RECAP **************************************************************************************************************************************************************************************************************************************
braggi16.front.sepia.ceph.com : ok=2 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
On the other hand, the same playbook works successfully when executed with the 'ubuntu' user:
❯ ansible-playbook ansible_managed.yml --limit="braggi16.front.sepia.ceph.com" -e "ansible_ssh_user=ubuntu"
PLAY [all] **************************************************************************************************************************************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************************************************************************************************************************************
[WARNING]: Host 'braggi16.front.sepia.ceph.com' is using the discovered Python interpreter at '/usr/bin/python3.12', but future installation of another Python interpreter could cause a different interpreter to be discovered. See https://docs.ansible.com/ansible-core/2.20/reference_appendices/interpreter_discovery.html for more information.
ok: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Create the sudo group.] *************************************************************************************************************************************************************************************************
ok: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Create the ansible user.] ***********************************************************************************************************************************************************************************************
changed: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Delete the ansible users password.] *************************************************************************************************************************************************************************************
changed: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Ensure includedir is present in sudoers.] *******************************************************************************************************************************************************************************
changed: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Create the cephlab_sudo sudoers.d file.] ********************************************************************************************************************************************************************************
changed: [braggi16.front.sepia.ceph.com]
TASK [ansible-managed : Add authorized keys for the ansible user.] ******************************************************************************************************************************************************************************
[DEPRECATION WARNING]: Importing 'to_native' from 'ansible.module_utils._text' is deprecated. This feature will be removed from ansible-core version 2.24. Use ansible.module_utils.common.text.converters instead.
changed: [braggi16.front.sepia.ceph.com]
PLAY RECAP **************************************************************************************************************************************************************************************************************************************
braggi16.front.sepia.ceph.com : ok=7 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Contributor
There was a problem hiding this comment.
This commit takes care of that. What branch of ceph-cm-ansible is being used?
Contributor
Author
There was a problem hiding this comment.
Oh I see, Thank you for pointing this out. It uses main branch only, but the snippet I shared was tested from my old local branch. If needed, I'm happy to update my script to explicitly use the cm user. Please let me know how you would like it configured, and I will make the changes accordingly.
djgalloway
reviewed
Jun 2, 2026
Comment on lines
+70
to
+87
| # Admin user JSON builder | ||
| ADMIN_USERS=( | ||
| "akraitma" | ||
| "dgalloway" | ||
| "dmick" | ||
| "falcocer" | ||
| "jitendra" | ||
| "zack" | ||
| ) | ||
|
|
||
| build_admin_users_json() { | ||
| local json='{"managed_admin_users":[' | ||
| for u in "${ADMIN_USERS[@]}"; do | ||
| json+="{\"name\":\"${u}\"}," | ||
| done | ||
| json="${json%,}]}" | ||
| echo "${json}" | ||
| } |
Contributor
There was a problem hiding this comment.
Same question as https://github.com/ceph/ceph-build/pull/2602/changes#r3342141274
djgalloway
reviewed
Jun 2, 2026
Comment on lines
+4
to
+11
| # ----------------------------------------------------------------------------- | ||
| # Script Name: bootstrap_env.sh | ||
| # Description: | ||
| # Bootstraps the local Python environment for running the MAAS reimage script. | ||
| # - Installs MAAS CLI (Linux/macOS) | ||
| # - Creates Python virtual environment | ||
| # - Installs dependencies | ||
| # ----------------------------------------------------------------------------- |
Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
djgalloway
reviewed
Jun 2, 2026
| @@ -0,0 +1,27 @@ | |||
| import yaml | |||
Contributor
There was a problem hiding this comment.
Missing a shebang. If that's important. Please add a comment at the top showing usage and input/output.
sync_labels.py: file is removed as it's not being used Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
Signed-off-by: jitendrasahu1803 <jitendra.sahu1803@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Introduces Jenkins pipeline for builder reimage and post-reimage configuration.