Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Platform] Enable SSH pipelining during universe provisioning #7995

Closed
artem-mindrov opened this issue Apr 12, 2021 · 0 comments
Closed

[Platform] Enable SSH pipelining during universe provisioning #7995

artem-mindrov opened this issue Apr 12, 2021 · 0 comments
Assignees
@artem-mindrov
Labels
area/platform Yugabyte Platform
Milestone
2.7.x

Comments

@artem-mindrov
Copy link
Contributor

artem-mindrov commented Apr 12, 2021
edited
Loading

Current setting in ansible.cfg is to disable SSH pipelining:

# YugaByte notes:
# Enabling this creates problems when trying to bring up nodes on EC2 and then run sudo commands
# on them, so we're leaving this off for now. Such problems do not appear to exist on GCE, though.
# pipelining = True

This was most likely related to having to disable requiretty in /etc/sudoers, but

  • neither AWS nor GCP VMs have this setting any longer
  • even if they would, it could have been turned off in a pre-provisioning task

There is more room for runtime optimization:

  • the entire provisioning sequence is linear, although some tasks can be run concurrently, such as install_backup_util role along with ansible-prometheus, subtasks in install-s3cmd
  • some tasks are run several times redundantly (configure-cluster-server.yml is run first for master then tserver, but tserver tasks are run twice because the first run is missing an explicit server type argument so the playbook executes both master and tserver tasks due to how conditional execution is written, the same applies to install_package)
  • some tasks in configure-cluster-server do not depend on yb_process_type, they should probably be extracted out of this playbook
@artem-mindrov artem-mindrov added the area/platform Yugabyte Platform label Apr 12, 2021
@artem-mindrov artem-mindrov self-assigned this Apr 12, 2021
@streddy-yb streddy-yb added this to the 2.7.x milestone Apr 12, 2021
artem-mindrov added a commit that referenced this issue Apr 19, 2021
@artem-mindrov
[#7995] Enable SSH pipelining
2fb0c98 
Summary:
1. Enable SSH pipelining in ansible.cfg
2. Add a task to disable requiretty in /etc/sudoers. Make sure pipelining is disabled for this task specifically (since it requires sudo and may fail). Also make sure required pre-provisioning tasks are run regardless of the disable_custom_ssh setting (run them in a separate playbook) as this violates the SRP.
3. AnsibleProcess#run changed to allow idempotent invocations with the same extra vars.

Test Plan:
Provision a single node universe on
 - AWS
 - GCP
Do the same with ANSIBLE_SSH_PIPELINING=False in the YW environment, check that 'disable requiretty in /etc/sudoers' task is skipped

Reviewers: daniel, rtsisyk, wesley, dskorobogaty

Reviewed By: dskorobogaty

Subscribers: jenkins-bot, devops

Differential Revision: https://phabricator.dev.yugabyte.com/D11218
@artem-mindrov artem-mindrov mentioned this issue Apr 21, 2021
Open
artem-mindrov added a commit that referenced this issue Apr 21, 2021
@artem-mindrov
Add preprovision.yml to release manifest
4cf68d1 
Summary: the new playbook added under #7995 was missing in the release manifest

Test Plan: make sure the playbook is included in the release

Reviewers: wesley

Reviewed By: wesley

Differential Revision: https://phabricator.dev.yugabyte.com/D11313
YintongMa pushed a commit to YintongMa/yugabyte-db that referenced this issue May 26, 2021
@artem-mindrov @YintongMa
[yugabyte#7995] Enable SSH pipelining
28e07f3 
Summary:
1. Enable SSH pipelining in ansible.cfg
2. Add a task to disable requiretty in /etc/sudoers. Make sure pipelining is disabled for this task specifically (since it requires sudo and may fail). Also make sure required pre-provisioning tasks are run regardless of the disable_custom_ssh setting (run them in a separate playbook) as this violates the SRP.
3. AnsibleProcess#run changed to allow idempotent invocations with the same extra vars.

Test Plan:
Provision a single node universe on
 - AWS
 - GCP
Do the same with ANSIBLE_SSH_PIPELINING=False in the YW environment, check that 'disable requiretty in /etc/sudoers' task is skipped

Reviewers: daniel, rtsisyk, wesley, dskorobogaty

Reviewed By: dskorobogaty

Subscribers: jenkins-bot, devops

Differential Revision: https://phabricator.dev.yugabyte.com/D11218
YintongMa pushed a commit to YintongMa/yugabyte-db that referenced this issue May 26, 2021
@artem-mindrov @YintongMa
Add preprovision.yml to release manifest
2c8d8da 
Summary: the new playbook added under yugabyte#7995 was missing in the release manifest

Test Plan: make sure the playbook is included in the release

Reviewers: wesley

Reviewed By: wesley

Differential Revision: https://phabricator.dev.yugabyte.com/D11313
@ryan-ally ryan-ally mentioned this issue Nov 15, 2023
Open
@nyndyny nyndyny mentioned this issue Nov 15, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@artem-mindrov artem-mindrov

Labels
area/platform Yugabyte Platform
Projects
None yet
Milestone
2.7.x
Development

No branches or pull requests
2 participants
@artem-mindrov @streddy-yb