Open main menu

CDOT Wiki β

Changes

Fedora-ARM,Dogfood - koji Hub

3,109 bytes added, 07:06, 26 November 2010
no edit summary
'''Second stage'''
* Koji Database
1.Create Database
psql koji koji < /usr/share/doc/koji*/docs/schema.sql
exit
 
* Koji Hub Configuration
 
It was agreed that all parts of our Koji build system would reside on IRAQ.
After successfully installing and configuring Postgresql the next step is the Koji Hub.
In order for the Koji Hub to work Apache should be installed as well as a few additional modules.
Run the following command as root:
 
yum install koji-hub httpd mod_ssl mod_python
 
Then edit the Apache conf file – ‘/etc/httpd/conf/httpd.conf’ and change the “MaxRequestsPerChild” to 100.
On IRAQ these setting were already in place as Apache was running and configured.
 
Next edit the ‘/etc/koji-hub/hub.conf’ file and add the following lines:
DBName = koji
DBUser = koji
DBHost = localhost
KojiDir = /mnt/koji
LoginCreatesUser = On
KojiWebURL = http://iraq.proximity.on.ca/koji
Since we are using SSL for authentication, also add
 
DNUsernameComponent = CN
ProxyDNs = "/C=CA/ST=Ontario/O=Seneca CDOT/OU=/CN=kojiweb/emailAddress="
 
And in the ‘/etc/httpd/conf.d/kojihub.conf’ uncomment the following lines:
 
<Location /kojihub>
SSLOptions +StdEnvVars
</Location>
 
Using the Koji certificates, we need to add the following lines to ‘/etc/httpd/conf.d/ssl.conf’, under the section ‘VirtualHost _default_:443′:
 
SSLCertificateFile /etc/pki/koji/certs/kojihub.crt
SSLCertificateKeyFile /etc/pki/koji/certs/kojihub.key
SSLCertificateChainFile /etc/pki/koji/koji_ca_cert.crt
SSLCACertificateFile /etc/pki/koji/koji_ca_cert.crt
SSLVerifyClient require
SSLVerifyDepth 10
Even though SE Linux is not currently in use on IRAQ,
it may be in the future. In order to allow Apache to connect to the Postgresql database run the following command as root:
 
setsebool -P httpd_can_network_connect_db 1
To allow Koji to work, a skeleton filesystem needs to be created and the ownership
changed so Apache can write to it as required. The following commands were executed:
 
mkdir -p /mnt/koji/{packages,repos,work,scratch}
chown -R apache.apache /mnt/koji
Then edited the '/etc/koji.conf' file and changed the following lines:
 
;url of XMLRPC server
server = http://iraqong.proximity.on.ca/koji
;url of package download site
pkgurl = http://iraq.proximity.on.ca/packages
;path to the koji top directory
topdir = /mnt/koji
;configuration for SSL athentication
;client certificate
cert = ~/.koji/client.crt
;certificate of the CA that issued the client certificate
ca = ~/.koji/clientca.crt
;certificate of the CA that issued the HTTP server certificate
serverca = ~/.koji/serverca.crt
After this is competed, the final step is the addition of the user and builder accounts. First add the kojira account and grant repo privileges with the following command( this should be done before running kojira for the first time) :
 
su - kojiadmin
koji add-user kojira
koji grant-permission repo kojira
 
Then add as many builders as required using the following commands editing where required (this should also be done prior to running kojid on each host):
 
koji add-host arm-001-001 arm
koji add-host arm-001-002 arm
koji add-host arm-001-003 arm
== Project Plan ==
5,November I did build and create Koji Certifacation on IRAQ server.
919,Novenber November I set up Koji Database. 26,November I set up Koji hub Configuration
== Resources ==
1
edit