From 6b6a238d3acc5fe83cdfd76f3cfec690f2b8fa8d Mon Sep 17 00:00:00 2001 From: yackob03 Date: Tue, 29 Oct 2013 18:13:27 -0400 Subject: [PATCH 1/4] Not all hosts may have apt-add-repository. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 2f608b81b..1e658d180 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ to prepare a new host: ``` +sudo apt-get install software-properties-common sudo apt-add-repository -y ppa:nginx/stable sudo apt-get update sudo apt-get install -y git python-virtualenv python-dev phantomjs From ba5553e9a816224bec832434d10a5b8ce9eb54a5 Mon Sep 17 00:00:00 2001 From: yackob03 Date: Tue, 29 Oct 2013 18:14:00 -0400 Subject: [PATCH 2/4] Make the nginx config ALMOST work on digital ocean. --- nginx.conf | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index 93e5a1ce1..68b3ed5c5 100644 --- a/nginx.conf +++ b/nginx.conf @@ -10,6 +10,7 @@ events { } http { + types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; @@ -36,8 +37,8 @@ http { keepalive_timeout 5; ssl on; - ssl_certificate /home/ubuntu/quay/certs/unified.cert; - ssl_certificate_key /home/ubuntu/quay/certs/quay.key; + ssl_certificate ./certs/unified.cert; + ssl_certificate_key ./certs/quay.key; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; From d3d593f7e134f9bce41e92cbdba8f024c0b55168 Mon Sep 17 00:00:00 2001 From: yackob03 Date: Tue, 29 Oct 2013 18:14:22 -0400 Subject: [PATCH 3/4] Add some missing dependencies to for the workers. --- requirements-nover.txt | 3 ++- requirements.txt | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/requirements-nover.txt b/requirements-nover.txt index a12714454..8d95e3e48 100644 --- a/requirements-nover.txt +++ b/requirements-nover.txt @@ -15,4 +15,5 @@ beautifulsoup4 marisa-trie apscheduler python-daemon -paramiko \ No newline at end of file +paramiko +python-digitalocean \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index 171930241..494ed9198 100644 --- a/requirements.txt +++ b/requirements.txt @@ -12,6 +12,7 @@ beautifulsoup4==4.3.2 blinker==1.3 boto==2.15.0 distribute==0.6.34 +ecdsa==0.10 eventlet==0.14.0 greenlet==0.4.1 gunicorn==18.0 @@ -19,10 +20,13 @@ itsdangerous==0.23 lockfile==0.9.1 marisa-trie==0.5.1 mixpanel-py==3.0.0 +paramiko==1.12.0 peewee==2.1.4 py-bcrypt==0.4 +pycrypto==2.6.1 python-daemon==1.6 python-dateutil==2.1 +python-digitalocean==0.5 requests==2.0.0 six==1.4.1 stripe==1.9.8 From 5e81f999d1bab74d0fa24cd18ef4a8c4f6b22566 Mon Sep 17 00:00:00 2001 From: yackob03 Date: Tue, 29 Oct 2013 18:15:12 -0400 Subject: [PATCH 4/4] Make the build server and build worker slightly more robust to errors. --- buildserver/buildserver.py | 2 +- workers/dockerfilebuild.py | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/buildserver/buildserver.py b/buildserver/buildserver.py index 82cb24ac7..ebd039cdc 100644 --- a/buildserver/buildserver.py +++ b/buildserver/buildserver.py @@ -124,7 +124,7 @@ def build_image(build_dir, tag_name, num_steps, result_object): except Exception as e: logger.exception('Exception when processing request.') result_object['status'] = 'error' - result_object['message'] = e.message + result_object['message'] = str(e.message) MIME_PROCESSORS = { diff --git a/workers/dockerfilebuild.py b/workers/dockerfilebuild.py index 2f7aea2da..5112145b0 100644 --- a/workers/dockerfilebuild.py +++ b/workers/dockerfilebuild.py @@ -43,7 +43,7 @@ def retry_command(to_call, args=[], kwargs={}, retries=5, period=5): def get_status(url): - return requests.get(url).json()['status'] + return retry_command(requests.get, [url]).json()['status'] def babysit_builder(request): @@ -112,8 +112,10 @@ def babysit_builder(request): ssh_client = paramiko.SSHClient() ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + logger.debug('Connecting to droplet through ssh at ip: %s' % + droplet.ip_address) retry_command(ssh_client.connect, [droplet.ip_address, 22, 'root'], - {'look_for_keys': False, + {'look_for_keys': False, 'timeout': 10.0, 'key_filename': app.config['DO_SSH_PRIVATE_KEY_FILENAME']}) # Load the node with the pull token