| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing AWS backend uses system containers backed on to the AWS
hosted NFS service (EFS). This has some advantages, but also some
disadvantages.
Using the EFS service allows building a container on one instance,
with the state being held on the EFS, and then launching a new
instance to run the container. Using EFS also provides persistence, at
least beyond individual EC2 instances.
However, build performance when using EFS is poor compared with a
local store without the overhead of the network latency. Additionally,
the startup speed of the container running off EFS is slow compared to
local storage.
This backend doesn't use EFS, instead the Guix store sits on instance
storage. Rather than using a system container for a Mini Environment,
an Amazon Machine Image (AMI) is built instead. The fast local storage
makes builds faster, and using EBS storage for the Mini Envirnoments
as well as not having the overhead of starting Ubuntu, then starting
the container also makes startup faster.
|
| |
|
| |
|
|
|
|
|
| |
This will enable garbage collection of the Guix store, without
removing things that are still in use.
|
| |
|
| |
|
|
|
|
|
| |
Support multiple addresses to handle the GOV.UK PaaS, which has
multiple egress points.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the Terraform code uses chdir in the Ruby process to change
to the right working directory. This affects all threads in the
process, and thus means that all Terraform jobs conflict with each
other.
It would be good to fix this somehow, e.g. not changing directory, and
just specifying the directory in which to run Terraform when starting
it, but for now, use the advisory locks to force the jobs to run
sequentially.
|
|
|
|
|
| |
This fixes the mini environment Terraform working, now that the
backend is protected by basic authentication.
|
|
|
|
|
| |
Other parts of the code handle not having Guix locally, so add support
here also.
|
|
|
|
| |
Rather than hardcoding localhost.
|
|
|
|
| |
To better handle remote hosts.
|
|
|
|
|
| |
Explicitly use the specified private key where possible. Also, use a
struct for the user, address and private key.
|
|
|
|
|
| |
To prevent them conflicting. Terraform itself has a locking mechanism,
which isn't being used, but this should be sufficient.
|
| |
|
|
|
|
|
|
| |
Rather than the configured domain, as the corresponding SSH key
shouldn't change for the AWS domain (whereas it does for the
configured domain, if the machine changes).
|
|
|
|
| |
Which means just destroying the build machine.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This makes it more explicit, and works around Terraform being
unpredictable when dealing with SSH agents.
|
|
|
|
|
| |
With a service that performs the same function, and use the
MiniEnvironmentJob instead.
|
|
|
|
|
| |
This can then be used to update the Terraform state for the Mini
Environment.
|
|
|
|
|
| |
This should enable making the show page better, as it can actually
start displaying the status, and appropriate actions.
|
|
|
|
|
| |
This is no longer necessary, as Que now supports keeping the job
entries around in the que_jobs table.
|
|
|
|
| |
As the has_many didn't work, as the key is not what Rails expects.
|
| |
|
|
|
|
| |
So that it can be used in other methods.
|
| |
|
| |
|
|
|
|
| |
This makes the TerraformLibvirt class shorter, and easier to read.
|
|
|
|
|
| |
Separate the mini environment related methods in to a module, to make
both more readable.
|
| |
|
| |
|
|
|
|
|
| |
In the AWS backend. This means that they don't end up on a tmpfs and
using up RAM.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
For the AWS backend.
Bring it in to the Terraform configuration for the backend, where
previously only the id was known. Also, alter the provisioning so that
it can handle an empty EFS file system.
This reduces the amount of manual setup required for AWS.
|
|
|
|
| |
For the Terraform libvirt backend.
|
| |
|
|
|
|
| |
To store if a DataSnapshot is being used.
|
|
|
|
| |
This is for use when rendering these in a view.
|
|
|
|
|
|
|
| |
I'm a bit unsure about this, but it feels like generating snapshots
remotely is useful, but if that is supported, then a remote snapshot
won't be available locally to use. Adding the option of making them
backend specific is one way of working around this.
|
|
|
|
|
|
|
| |
It now takes two arguments, and when used by the
MiniEnvironmentsController, the split is performed there.
This makes it easier to reuse elsewhere in the codebase.
|
|
|
|
|
| |
This is to record the revision of govuk-guix used to create the
snapshot.
|
| |
|
|
|
|
|
|
| |
To avoid the origin being too easy to access, which could potentially
be misleading as a mini environment isn't the real GOV.UK website,
although it might look similar.
|