Changeset 2112 for trunk/server/doc/install-howto.sh
- Timestamp:
- Jan 15, 2012, 9:56:27 PM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/server/doc/install-howto.sh
r2111 r2112 128 128 systemctl enable syslog-ng.service 129 129 130 # Temporarily remove ghc-cgi-devel and ghc-cgi 131 rpm -e --nodeps ghc-cgi-devel ghc-cgi 132 130 133 # Install the full list of RPMs that users expect to be on the 131 134 # scripts.mit.edu servers. … … 156 159 # SPHEROID SHENANIGANS 157 160 161 # Install the Python eggs and Ruby gems and PEAR/PECL doohickeys that are on 162 # the other scripts.mit.edu servers and do not have RPMs. 163 # The general mode of operation will be to run the "list" command 164 # on both servers, see what the differences are, check if those diffs 165 # are packaged up as rpms, and install them (rpm if possible, native otherwise) 166 158 167 # Note: Since ultimately we'd like to move away from using per-language 159 168 # package manager and all of these be RPMs, it is of questionable … … 163 172 # packaged up the RPM. Unfortunately we don't really have good incants 164 173 # for this. 174 175 # Warning: If you're installing a new server mid-lifecycle (or even if 176 # this is the start of a cycle, but you've been staggering the 177 # installation of servers), upstream may have moved on. Because we 178 # don't normally upgrade spheroid projects, that means executing these 179 # instructions directly means that you will have mismatched versions 180 # (the new servers will have newer versions.) Please follow the 181 # UPGRADE commentary attached to each of these. 182 183 # Warning: The package lists that are generated are inconsistent on 184 # the question of whether or not they contain all packages (locally 185 # installed as well as distro packaged), or if they just contain locally 186 # installed packages. Check this carefully; many of the install incants 187 # filter out already installed packages. 188 189 # PERL CPAN 190 # --------- 165 191 166 192 # Install the full list of perl modules that users expect to be on the … … 174 200 perldoc -u perllocal | grep head2 | cut -f 3 -d '<' | cut -f 1 -d '|' | sort -u | perl -ne 'chomp; print "notest install $_\n" if system("rpm -q --whatprovides \"perl($_)\" >/dev/null 2>/dev/null")' > perl-packages.txt 175 201 # arrange for perl-packages.txt to be transferred to server 202 # Package list only contains new packages 176 203 cat perl-packages.txt | perl -MCPAN -e shell 177 178 # Install the Python eggs and Ruby gems and PEAR/PECL doohickeys that are on 179 # the other scripts.mit.edu servers and do not have RPMs. 180 # The general mode of operation will be to run the "list" command 181 # on both servers, see what the differences are, check if those diffs 182 # are packaged up as rpms, and install them (rpm if possible, native otherwise) 204 # These are in /usr/local 205 206 # UPGRADE: Installing old versions of CPAN modules requires you to 207 # specify the full path of a module, e.g. 208 # M/MS/MSCHWERN/Test-Simple-0.62.tar.gz. It is not currently clear how 209 # to get this information programatically. Furthermore, we have a lot 210 # of CPAN managed modules. Since CPAN is the only thing 211 # placed in /usr/local at this point, it may be easier to simple tar and 212 # cp the Perl modules from one server to another, to keep them 213 # consistent. But doing this is fiddly XXX 214 215 # PYTHON EGGS 216 # ----------- 217 183 218 # - Look at /usr/lib/python2.7/site-packages and 184 219 # /usr/lib64/python2.7/site-packages for Python eggs and modules. … … 192 227 # 'easy_install AuthKit jsonlib2 pygit' 193 228 cat /usr/lib/python2.7/site-packages/easy-install.pth | grep "^./" | cut -c3- | cut -f1 -d- > egg.txt 229 # Package list only contains new packages 194 230 cat egg.txt | xargs easy_install -Z 231 # These are in /usr 232 233 # UPGRADE: Use 'easy_install -n' to see what new versions are installed, and if there 234 # are updates validate them and upgrade them on the old servers. Since 235 # we have a really small package list (around 4) checking these manually 236 # should be fine. Note that dry run is slightly buggy and may fail 237 # midway processing files on account of a missing build directory. 238 239 # RUBY GEMS 240 # --------- 195 241 196 242 # - Look at `gem list` for Ruby gems. … … 200 246 # XXX This doesn't do the right thing for old version gems 201 247 gem list --no-version > gem.txt 248 # Package list contains distro gems too 202 249 gem install $(gem list --no-version | grep -Fxvf - gem.txt) 203 250 # Also, we need to install the old rails version 204 251 gem install -v=2.3.5 rails 252 # These are in /usr 253 254 # UPGRADE: You can either upgrade out-of-date gems, or leave them at 255 # the old version. We recommend the latter (see below for the 256 # rationale), but note that the install script described here doesn't 257 # pin against version, so you'll need to supply the -v parameters 258 # manually (the gems we install manually don't move too quickly, so this 259 # is fairly tractable if you check 'gem outdated'.) 260 # 261 # If you want to upgrade, do NOT use wildcard 'gem update'; use 'gem 262 # outdated' to find out all gems that are out of date, and verify this 263 # against our locally installed gems (there will be a lot of out of date 264 # gems, but this is simply because Fedora packaging lags behind the 265 # canonical versions (this is a good thing). Manually upgrade just 266 # those gems. Note that this doesn't save you from having to install 267 # old gems on the servers that are being installed out-of-cycle, 268 # because Ruby supports pinning against old versions, and if those gems 269 # then mysteriously disappear, things will be sad (note that this isn't 270 # a *huge* problem, because usually when you pin gems it's in 271 # conjunction with rvm, so they have their local copy of the gem.) 272 273 # PHP PEAR 274 # -------- 205 275 206 276 # - Look at `pear list` for Pear fruits (or whatever they're called). … … 209 279 # (you might get complaints about the php_scripts module; ignore them) 210 280 pear list | tail -n +4 | cut -f 1 -d " " > pear.txt 281 # Package list contains distro packages 211 282 pear config-set preferred_state beta 212 283 pear channel-update pear.php.net 213 284 pear install $(pear list | tail -n +4 | cut -f 1 -d " " | grep -Fxvf - pear.txt) 285 # These are in /usr 286 287 # PHP PECL 288 # -------- 214 289 215 290 # - Look at `pecl list` for PECL things. 'yum search', and if you must, … … 217 292 # pecl/foo' or 'pecl install foo-beta' or those two combined. 218 293 pecl list | tail -n +4 | cut -f 1 -d " " > pecl.txt 294 # Package list contains distro packages 219 295 pecl install --nodeps $(pecl list | tail -n +4 | cut -f 1 -d " " | grep -Fxvf - pecl.txt) 296 # These are in /usr 220 297 221 298 # ----------------------------->8-------------------------------------- 222 299 # INFINITE CONFIGURATION 223 300 224 # Create fedora-ds user (needed for credit-card)301 # [PROD] Create fedora-ds user (needed for credit-card) 225 302 useradd -u 103 -r -d /var/lib/dirsrv fedora-ds 226 303 227 304 # Run credit-card to clone in credentials and make things runabble 305 # NOTE: You may be tempted to run credit-card earlier in the install 306 # process in order, for example, to be able to SSH in to the servers 307 # with Kerberos. However, it is better to install the credentials 308 # *after* we have run a boatload untrusted code as part of the 309 # spheroids objects process. So don't move this step earlier! 228 310 python host.py push $server 229 311 … … 238 320 # # [TESTSERVER] daemon.scripts-test 239 321 322 # Test that zephyr is working 323 systemctl enable zhm.service 324 systemctl start zhm.service 325 echo 'Test!' | zwrite -d -c scripts -i test 326 327 # Check out the scripts /usr/vice/etc configuration 328 cd /root/vice 329 \cp -a etc /usr/vice 240 330 # [TESTSERVER] If you're installing a test server, this needs to be 241 331 # much smaller; the max filesize on XVM is 10GB. Pick something like 242 332 # 500000. Also, some of the AFS parameters are kind of retarded (and if 243 333 # you're low on disk space, will actually exhaust our inodes). Edit 244 # these parameters in /etc/sysconfig/openafs ( This doesn't work in the245 # new systemd world order: try editing the unit file instead.)334 # these parameters in /etc/sysconfig/openafs (I just chopped a zero 335 # off of all of our parameters) 246 336 echo "/afs:/usr/vice/cache:500000" > /usr/vice/etc/cacheinfo 247 # XXX This is out of date in the systemd world.248 337 vim /etc/sysconfig/openafs 249 250 # Test that zephyr is working251 systemctl enable zhm.service252 systemctl start zhm.service253 echo 'Test!' | zwrite -d -c scripts -i test254 255 # Check out the scripts /usr/vice/etc configuration256 cd /root/vice257 \cp -a etc /usr/vice258 338 259 339 # [PRODUCTION] Set up replication (see ./install-ldap). … … 365 445 # or do SSL. Generate with: 366 446 openssl req -new -x509 -keyout /etc/pki/tls/private/scripts.key -out /etc/pki/tls/certs/scripts.cert -nodes 367 # Also make /etc/pki/tls/certs/ca.pem match up (XXX what's the 368 # incant for that?) 447 ln -s /etc/pki/tls/private/scripts.key /etc/pki/tls/private/scripts-1024.key 448 # Also make /etc/pki/tls/certs/ca.pem match up 449 openssl rsa -in /etc/pki/tls/private/scripts.key -pubout > /etc/pki/tls/certs/ca.pem 369 450 370 451 # [TESTSERVER] More stuff for test servers
Note: See TracChangeset
for help on using the changeset viewer.