| commit | 39f86e91cb2d849d34df9bd58e252a4b50a79c56 | [log] [tgz] |
|---|---|---|
| author | Michael Pratt <mpratt@google.com> | Wed Feb 07 09:32:46 2024 -0500 |
| committer | Gopher Robot <gobot@golang.org> | Thu Feb 08 20:44:54 2024 +0000 |
| tree | da19c0ffb5c75407cf90f8d71101bebad080900b | |
| parent | ca189a889e969f8079f6415f9b5f67b17051b28a [diff] |
cmd/makemac: add full instance management to makemac Currently makemac is extremely minimal, all it does is renew existing leases. It does not attempt to detect broken leases or create new leases. Over time as leases disappear for various reasons, the pool slowly dwindles, and a human must come along and add new leases. Extend makemac to perform complete lifecycle management. config.go specifies the desired count of each image type, and makemac attempts to maintain that many healthy leases. There are several different ways that a lease may be unhealthy: It may fail initial boot. If it fails to connect to the hypervisor, MacService will automatically remove it eventually. If it connects to the hypervisor, but not to LUCI, then it will appear healthy in MacService but be missing from swarming. It may succeed initial boot and successfully connect to LUCI, but eventually freeze, crash, etc. This case will appears as a "dead" bot on LUCI, and may or may not be automatically removed from MacService depending on the nature of the freeze/crash. makemac attempts to detect and handle all of these cases. For example, if LUCI reports a bot as "dead", but MacService still reports it as alive, makemac will destroy the lease. Since makemac can now perform destructive actions, we need to add a bit more safety. Leases created by makemac will set the MacService lease "project name" to "makemac". The "project name" is effectively just a tag on the lease. makemac will only operate on leases with the "makemac" project. All other leases (such as those manually created by a human) will be left alone. Image updates can be performed by changing the image SHA in config.go. handleObsoleteLeases will automatically destroy old leases using the old image on the next run. Change-Id: I9bc53cb5812784adbb5cacf9fb224d64d063c089 Reviewed-on: https://go-review.googlesource.com/c/build/+/562399 Auto-Submit: Michael Pratt <mpratt@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
This repository holds the source for various packages and tools that support Go's build system and the development of the Go programming language.
Warning: Packages here are internal to Go's build system and its needs. Some may one day be promoted to another golang.org/x repository, or they may be modified arbitrarily or even disappear altogether. In short, code in this repository is not subject to the Go 1 compatibility promise nor the Release Policy.
This repository uses Gerrit for code changes. To contribute, see https://golang.org/doc/contribute.html.
The main issue tracker for the blog is located at https://github.com/golang/go/issues. Prefix your issue with “x/build/DIR: ” in the subject line.
The main components of the Go build system are:
The coordinator, in cmd/coordinator/, serves https://farmer.golang.org/ and https://build.golang.org/. It runs on GKE and coordinates the whole build system. It finds work to do (both pre-submit “TryBot” work, and post-submit work) and executes builds, allocating machines to run the builds. It is the owner of all machines. It holds the state for which builds passed or failed, and the build logs.
The Go package in buildenv/ contains constants for where the dashboard and coordinator run, for prod, staging, and local development.
The buildlet, in cmd/buildlet/, is the HTTP server that runs on each worker machine to execute builds on the coordinator's behalf. This runs on every possible GOOS/GOARCH value. The buildlet binaries are stored on Google Cloud Storage and fetched per-build, so we can update the buildlet binary independently of the underlying machine images. The buildlet is the most insecure server possible: it has HTTP handlers to read & write arbitrary content to disk, and to execute any file on disk. It also has an SSH tunnel handler. The buildlet must never be exposed to the Internet. The coordinator provisions buildlets in one of three ways:
by creating VMs on Google Compute Engine (GCE) with custom images configured to fetch & run the buildlet on boot, listening on port 80 in a private network.
by running Linux containers (on either Google Kubernetes Engine or GCE with the Container-Optimized OS image), with the container images configured to fetch & run the buildlet on start, also listening on port 80 in a private network.
by taking buildlets out of a pool of connected, dedicated machines. The buildlet can run in either listen mode (as on GCE and GKE) or in reverse mode. In reverse mode, the buildlet connects out to https://farmer.golang.org/ and registers itself with the coordinator. The TCP connection is then logically reversed (using revdial and when the coordinator needs to do a build, it makes HTTP requests to the coordinator over the already-open TCP connection.
These three pools can be viewed at the coordinator's https://farmer.golang.org/#pools.
The env/ directory describes build environments. It contains scripts to create VM images, Dockerfiles to create Kubernetes containers, and instructions and tools for dedicated machines.
maintner in maintner/ is a library for slurping all of Go's GitHub and Gerrit state into memory. The daemon maintnerd in maintner/maintnerd/ runs on GKE and serves https://maintner.golang.org/. The daemon watches GitHub and Gerrit and appends to a mutation log whenever it sees new activity. The logs are stored on GCS and served to clients.
The godata package in maintner/godata/ provides a trivial API to let anybody write programs against Go's maintner corpus (all of our GitHub and Gerrit history), live up to the second. It takes a few seconds to load into memory and a few hundred MB of RAM after it downloads the mutation log from the network.
pubsubhelper in cmd/pubsubhelper/ is a dependency of maintnerd. It runs on GKE, is available at https://pubsubhelper.golang.org/, and runs an HTTP server to receive Webhook updates from GitHub on new activity and an SMTP server to receive new activity emails from Gerrit. It then is a pubsub system for maintnerd to subscribe to.
The gitmirror server in cmd/gitmirror/ mirrors Gerrit to GitHub, and also serves a mirror of the Gerrit code to the coordinator for builds, so we don't overwhelm Gerrit and blow our quota.
The Go gopherbot bot logic runs on GKE. The code is in cmd/gopherbot. It depends on maintner via the godata package.
The developer dashboard at https://dev.golang.org/ runs on GKE. Its code is in devapp/. It also depends on maintner via the godata package.
cmd/retrybuilds: a Go client program to delete build results from the dashboard
The perfdata server, in perfdata/appengine serves https://perfdata.golang.org/. It runs on App Engine and serves the benchmark result storage system.
The perf server, in perf/appengine serves https://perf.golang.org/. It runs on App Engine and serves the benchmark result analysis system. See its README for how to start a local testing instance.
If you wish to run a Go builder, please email golang-dev@googlegroups.com first. There is documentation at https://golang.org/wiki/DashboardBuilders, but depending on the type of builder, we may want to run it ourselves, after you prepare an environment description (resulting in a VM image) of it. See the env directory.