Google Git
Sign in
go / build / 999f6e20bad4ce0fbc097456f46394b529bd65f0^! / .
commit999f6e20bad4ce0fbc097456f46394b529bd65f0[log] [tgz]
authorCarlos Amedee <carlos@golang.org>Fri Jun 05 12:01:28 2020 -0400
committerCarlos Amedee <carlos@golang.org>Fri Jul 17 20:48:01 2020 +0000
treed3052a534419d0dd6406cf7e27de6d3c5ba3f14e
parent6a30d041565f1d8a63f7127d0659cd81d321c5ad [diff]
buildenv, cmd/debugnewvm: add a region to the AWS configuration

This change adds a region for AWS services to the build environment
configuration. The region for the debug vm tool is set in the
corresponding enviornment chosen by the flags set by
buildenv.RegisterFlags call. The region can be overriden
by setting the awsRegion flag.

The identifier for the security groups has been changed to the name of
the group instead of the id since that is what the AWS API expects.
The AWS availability zones have been added to the staging environment.

Updates golang/go#36841

Change-Id: Iee64257dd68d3a75027aaed13f3e767af48a406c
Reviewed-on: https://go-review.googlesource.com/c/build/+/236797
Run-TryBot: Carlos Amedee <carlos@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Alexander Rakoczy <alex@golang.org>

diff --git a/buildenv/envs.go b/buildenv/envs.go
index c0280e8..edc4645 100644
--- a/buildenv/envs.go
+++ b/buildenv/envs.go

@@ -143,10 +143,15 @@
 	// a container when the instance is created.
 	COSServiceAccount string
 
-	// AWSSecurityGroup is the security group that any VM instance
+	// AWSSecurityGroup is the security group name that any VM instance
 	// created on EC2 should contain. These security groups are
 	// collections of firewall rules to be applied to the VM.
 	AWSSecurityGroup string
+
+	// AWSRegion is the region where AWS resources are deployed.
+	// The availability zones set in VMEC2Zones should all reside
+	// within this region.
+	AWSRegion string
 }
 
 // ComputePrefix returns the URI prefix for Compute Engine resources in a project.
@@ -261,6 +266,7 @@
 	IsProd:                true,
 	ControlZone:           "us-central1-f",
 	VMZones:               []string{"us-central1-a", "us-central1-b", "us-central1-c", "us-central1-f"},
+	VMEC2Zones:            []string{"us-east-1a", "us-east-1b"},
 	StaticIP:              "104.154.113.235",
 	MachineType:           "n1-standard-1",
 	PreferContainersOnCOS: true,
@@ -283,7 +289,8 @@
 	LogBucket:         "dev-go-build-log",
 	SnapBucket:        "dev-go-build-snap",
 	COSServiceAccount: "linux-cos-builders@go-dashboard-dev.iam.gserviceaccount.com",
-	AWSSecurityGroup:  "sg-02c2a75a3eed843bb",
+	AWSSecurityGroup:  "staging-go-builders",
+	AWSRegion:         "us-east-1",
 }
 
 // Production defines the environment that the coordinator and build
@@ -319,7 +326,8 @@
 	SnapBucket:          "go-build-snap",
 	AutoCertCacheBucket: "farmer-golang-org-autocert-cache",
 	COSServiceAccount:   "linux-cos-builders@symbolic-datum-552.iam.gserviceaccount.com",
-	AWSSecurityGroup:    "sg-02c2a75a3eed843bb",
+	AWSSecurityGroup:    "go-builders",
+	AWSRegion:           "us-east-2",
 }
 
 var Development = &Environment{

diff --git a/cmd/debugnewvm/debugnewvm.go b/cmd/debugnewvm/debugnewvm.go
index 932b627..1c26ffa 100644
--- a/cmd/debugnewvm/debugnewvm.go
+++ b/cmd/debugnewvm/debugnewvm.go

@@ -43,7 +43,7 @@
 
 	awsKeyID     = flag.String("aws-key-id", "", "if the builder runs on aws then key id is required. If executed on GCE, it will be retrieved from secrets.")
 	awsAccessKey = flag.String("aws-access-key", "", "if the builder runs on aws then the access key is required. If executed on GCE, it will be retrieved from secrets.")
-	awsRegion    = flag.String("aws-region", "us-east-2", "if the builder runs on aws then it is created in this region.")
+	awsRegion    = flag.String("aws-region", "", "if non-empty and the requested builder is an EC2 instance, force an EC2 region.")
 )
 
 var (
@@ -112,12 +112,13 @@
 	name := fmt.Sprintf("debug-temp-%d", time.Now().Unix())
 
 	log.Printf("Creating %s (with VM image %s)", name, vmImageSummary)
-	var (
-		bc  *buildlet.Client
-		err error
-	)
+	var bc *buildlet.Client
 	if hconf.IsEC2() {
-		awsC, err := cloud.NewAWSClient(*awsRegion, *awsKeyID, *awsAccessKey)
+		region := env.AWSRegion
+		if *awsRegion != "" {
+			region = *awsRegion
+		}
+		awsC, err := cloud.NewAWSClient(region, *awsKeyID, *awsAccessKey)
 		if err != nil {
 			log.Fatalf("unable to create aws cloud client: %s", err)
 		}
@@ -126,6 +127,9 @@
 			log.Fatalf("unable to create ec2 client: %v", err)
 		}
 		bc, err = ec2Buildlet(context.Background(), ec2C, hconf, env, name, *hostType, *zone)
+		if err != nil {
+			log.Fatalf("Start EC2 VM: %v", err)
+		}
 	} else {
 		buildenv.CheckUserCredentials()
 		creds, err := env.Credentials(ctx)
@@ -134,9 +138,9 @@
 		}
 		computeSvc, _ = compute.New(oauth2.NewClient(ctx, creds.TokenSource))
 		bc, err = gceBuildlet(creds, env, name, *hostType, *zone)
-	}
-	if err != nil {
-		log.Fatalf("StartNewVM: %v", err)
+		if err != nil {
+			log.Fatalf("Start GCE VM: %v", err)
+		}
 	}
 	dir, err := bc.WorkDir(ctx)
 	log.Printf("WorkDir: %v, %v", dir, err)