----- Original Message -----
> From: "Itamar Heim"<iheim(a)redhat.com>
> To: "Eyal Edri"<eedri(a)redhat.com>
> Cc: infra(a)ovirt.org, "Mike Burns"<mburns(a)redhat.com>
> Sent: Thursday, January 19, 2012 4:54:41 PM
> Subject: Re: Jenkins Continuous Integration Server for oVirt is up and running!
>
> On 01/19/2012 04:44 PM, Eyal Edri wrote:
>>
>>
>> ----- Original Message -----
>>> From: "Itamar Heim"<iheim(a)redhat.com>
>>> To: "Mike Burns"<mburns(a)redhat.com>
>>> Cc: "Eyal Edri"<eedri(a)redhat.com>, infra(a)ovirt.org
>>> Sent: Thursday, January 19, 2012 3:46:38 PM
>>> Subject: Re: Jenkins Continuous Integration Server for oVirt is up
>>> and running!
>>>
>>> On 01/19/2012 02:13 PM, Mike Burns wrote:
>>>> On Thu, 2012-01-19 at 05:07 -0500, Eyal Edri wrote:
>>>>> fyi,
>>>>>
>>>>> oVirt project now has a Jenkins CI server[1] on
>>>>>
http://jenkins.ovirt.org.
>>>>>
>>>>> The CI server runs various jobs on oVirt components *[2] such as
>>>>> ovirt-engine,ovirt-node,etc..
>>>>> Every commit to
gerrit.ovirt.org will trigger the job
>>>>> 'ovirt_engine' which will run 'maven' build and
verify that the
>>>>> commit didn't break the code.
>>>>> If the commit did break the code, it will send an alert email to
>>>>> "engine-patches.ovirt.org" and to the commiter with a link
to a
>>>>> log console containing the error.
>>>>> On success, the job will trigger other jobs such as
"find_bugs",
>>>>> "gwt profiles", "create db",
"unit-tests", each testing a
>>>>> different part of the code.
>>>>>
>>>>> In time, more and more jobs will be added to jenkins, which will
>>>>> allow us to catch bugs much faster than before, and to improve
>>>>> code quality even more.
>>>>> If you have questions, don't hesitate to ask me or
>>>>> infra(a)ovirt.org.
>>>>>
>>>>> [1]
http://jenkins-ci.org/
>>>>> [2] currently only ovirt-engine is configured and working.
>>>>>
>>>>
>>>> Awesome, thanks for putting this together.
>>>>
>>>> I'm looking at ovirt-node now (and have already added part of the
>>>> config). Is there any plan to add a Fedora slave? ovirt-node as
>>>> it
>>>
>>> well, anyone can contribute machines for their favorite/needed
>>> distro
>>> and ask eyal to add them as slaves with relevant labels so jobs
>>> will
>>> run
>>> on them.
>>> I think eyal can also configure to run a job multiple times on
>>> different
>>> slaves (multi config job), to check node/vdsm don't break on any
>>> distro
>>> which added a slave.
>>>
>>> I'll add a fedora machine and send Eyal the details to add as a
>>> slave.
>>> before i do that, I want eyal to take a look at the jenkins EC2
>>> plugin,
>>> so we can see if we can have the guest only up when needed.
>>>
>>
>> I installed the EC2 plugin, need some info on the cloud.
>> attached is the configuration screen ( under
>>
http://jenkins.ovirt.org/configure )
>
> can the plugin start/stop existing slaves, or creates them as needed?
yes according to the plugin wiki page [1]:
"Allow Jenkins to start slaves on EC2 or Ubuntu Enterprise Cloud (Eucalyptus) on
demand, and kill them as they get unused.
With this plugin, if Jenkins notices that your build cluster is overloaded, it'll
start instances using the EC2 API and automatically connect them as Jenkins slaves. When
the load goes down, excessive EC2 instances will be terminated. This set up allows you to
maintain a small in-house cluster, then spill the spiky build/test loads into EC2 or
another EC2 compatible cloud."
[1]
https://wiki.jenkins-ci.org/display/JENKINS/Amazon+EC2+Plugin
"starting an instance" from an AMI in EC2 is actually creating the
instance as well.
is there another type of plugin which will start/stop instances?
> does amazon support a delegated user to an account with limited set
> of
> permission to only start/stop existing slaves based on permissions?
>
this can be done via the 'Project-based Matrix Authorization Strategy' to allow
certain users to certain jobs / slaves (didn't test it):
"This mode is an extension to "Matrix-based security" that allows
additional ACL matrix to be defined for each project separately (which is done on the job
configuration screen.)
This allows you to say things like "Joe can access project A, B, and C but he
can't see D."
ACLs are additive, so the access rights granted below will be effective for all the
projects."
we can also look for another security plugins that will better suit our needs.
I'm concerned with limiting what jenkins can do on EC2, not limiting the
jenkins side (well, that too, but first EC2)