Spacewalk and Koji at Fermilab

Troy Dawson [email protected] HEPIX Spring 2010 April 22, 2010

What is Spacewalk?

● Spacewalk is a systems management solution ● It is the upstream project from which Red Hat Satellite is derived

What is Spacewalk?

● It allows you to – Install and update software on your systems – Collect and distribute custom software packages into manageable channels – Mark packages as security, bugs or enhancements.

What is Spacewalk?

● It allows you to – Inventory your systems

● Both hardware and software – Monitor your systems – Kickstart your systems

● Can generate an automatic kickstart file ● Is integrating with Cobbler

Spacewalk at Fermilab?

● Still in the testing phase – Can it do errata web pages like

● https://rhn.redhat.com/errata/ – How well does it monitor machines? – Can different groups use the same spacewalk server for their machines? – Can there be a master spacewalk server with slave servers? – Can someone else's spacewalk server just sync the channels but nothing else? Fermilab Results

● We are able to add packages to channels easily. – spacewalk-repo-sync --channel --url http:/// --type yum ● We are able to use scripts to create errata and to mark packages as being associated with the errata.

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

● We are able to use groups to – Organize larger groups of machines – Separate users from each other ● We are able to use keys to – Automatically mark a computer to a group – Automatically assign channels to machines – Automatically register a machine to a user

Fermilab Results

● We are able to – Quickly see if a machine needs updates – Quickly see if any of the machines we monitor needs updates. – See if updates needed are for security, or just bug fix updates – Update packages on a single machine – Update packages on a group of machines

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Fermilab Results

Still Need to Test

● Can there be a master spacewalk server with slave servers? – Waiting for spacewalk 0.9 to test this feature ● Can someone else's spacewalk server just sync the channels but nothing else? – Waiting for spacewalk 0.9 or 1.0 to test this.

Still Need to Test

● How many machines can it monitor before it get's bogged down? ● How many machines can a user easily take care of? ● How well does cobbler work with Spacewalk – There are several areas at Fermilab using or investigating cobbler – Spacewalk is supposed to work well with cobbler. We plan on testing this.

What is Koji?

● Koji is the software the builds RPMs for the Fedora Project and EPEL. – Uses Yum and Mock – New buildroot for each build – Active code base – Web interface with SSL and Kerberos authentication – Buildroot contents are tracked in the database

What is Koji?

What is Koji?

What is Koji?

Why are we using it?

● We are planning on using Koji to build Scientific Linux 6 ● Since Koji is what Fedora and EPEL are using to build, we expect RedHat is using Koji to build RHEL6 – We don't know this, but we are guessing ● We are already using mock to build SL5 packages. Since Koji used mock we are familiar with how that part works.

Why are we using it?

● It has the idea of batch queues ● It has the ability to build from either srpm or from source code management (cvs, svn, git) ● We can have collaborators build rpm's easier ● Easier to track our build history

Results Thus Far

● We have successfully setup a Koji environment

● Only one bullet point for all that work? ● We have successfully created extra worker nodes – This is very important to help spread the work load among different machines. – Try to build SL5 packages on SL5 build nodes and SL6 packages on SL6 build nodes

● In theory you shouldn't need to do this ● We are just testing this out. Results Thus Far

● We are still tweaking the settings – Currently, all authentication is done via certificates. We are trying to have it work with kerberos as well. – We are still working out some bugs

● Luckily all open source projects are documented – “Read the Source Luke ... Read the Source” – We are testing various ways of submitting jobs and getting results. Each time we do this more tweaks are needed.

Results Thus Far

● When I say “we” when talking about Koji, I mainly mean Connie Sieh. She had done 95% of the work.

Results Thus Far

Results Thus Far

Results Thus Far

Results Thus Far

Results Thus Far

Results Thus Far

Results Thus Far

Koji Futures

● MASH – Publishes built and signed packages to a yum repository ● BHODI – Web system that facilitates the process of publishing updates ● We have not implemented either of these, but we are looking at them.

Koji - BHODI

Koji - BHODI

Koji - BHODI

References

● http://www.redhat.com/spacewalk/

● https://fedorahosted.org/spacewalk/

● https://rhn.redhat.com/errata/

● https://fedorahosted.org/koji/wiki

● http://fedoraproject.org/wiki/Koji

● http://fedoraproject.org/wiki/Koji/ServerHowTo

● http://indico.cern.ch/conferenceDisplay.py?confId=55091

● http://fedoraproject.org/w/uploads/a/a6/Traylen-FudCon09.pdf

● https://admin.fedoraproject.org/updates