Common ssh setup for benchmark team

Commit instructions and setup for ssh access to common servers for servers needed for benchmark work. Relates elastic#92
cbuescher · Jan 22, 2019 · c899089 · c899089
1 parent 7aedf13
commit c899089
Show file tree

Hide file tree

Showing 5 changed files with 142 additions and 0 deletions.
diff --git a/external/ssh_config/README.md b/external/ssh_config/README.md
@@ -0,0 +1,57 @@
+## Configure ssh environment for access to benchmark machines
+
+The following instructions allow you to easily ssh to our benchmarking environment using aliases like:
+
+```
+ssh night-rally-1
+```
+
+## Prerequisites
+
+1. Vault configured according to [infra instructions](https://github.com/elastic/infra/blob/master/docs/vault.md#github-auth) and environment variable `VAULT_ADDR` set in your shell.
+2. OpenSSH version >=7.3p1. Check this with `ssh -V`.
+3. \[Optional, macOS\] If you want auto-completion with bash:
+    1. `brew install bash-completion2`
+    2. Add the following to your `~/.bashrc`:
+        ```
+        if [ -f $(brew --prefix)/share/bash-completion/bash_completion ]; then
+        export BASH_COMPLETION_COMPAT_DIR="$(brew --prefix)/etc/bash_completion.d"
+        source $(brew --prefix)/share/bash-completion/bash_completion
+        fi
+        ```
+
+## Setup
+
+1. Create a `config.d` directory under your `~/.ssh`:
+
+    ```
+    mkdir ~/.ssh/config.d
+    chmod 0700 ~/.ssh/config.d
+    ```
+
+2. Copy the files in `config.d/` found under this README.md file to the new config.d directory you created in 1:
+
+    ```
+    cp -r config.d/. ~/.ssh/config.d
+    ```
+
+3. Edit `~/.ssh/config.d/common` and change `<yourlocalsshuser>` in line 5 with the unix account you used in the [infra repo](https://github.com/elastic/infra/blob/master/docs/accessing-instances.md#ssh-access) when you submitted your public key.
+
+4. Add the following include **at the top** of your `~/.ssh/config` (if you don't have a config file, create a new one):
+
+    ```
+    Include ~/.ssh/config.d/*
+    ```
+
+5. Test your setup:
+
+    ```
+    ssh night-rally-1
+
+    ssh lowmem-rally-1
+    ```
+
+## Troubleshooting
+
+Most of the issues are either due to a non-working Vault configuration or due to a missing `.known_hosts` file.
+For the latter, ensure that `.known_hosts` got copied correctly in step 2 and is present under `~/.ssh/config.d`.
diff --git a/external/ssh_config/config.d/.known_hosts b/external/ssh_config/config.d/.known_hosts
@@ -0,0 +1,9 @@
+34.202.159.145 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM9Cp89NaCRgogDM9+2v+juokrirmxOUUncR5X3q4biHS0a/q8UJrghc5EX9wMAr4lIsIdhXUKZ+Hk8R1jDg0Jk=
+bastion-europe-west1.gcp.elasticnet.co,35.205.119.111 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCjci8w+wlP+5X1BoTcCeYp9dZ28rLCdq4/2C2U1CX247Ks7IBeTB3a7HxN6K/4zkpF2y3nqigNZDXQq0QcjHJ8=
+bastion-infra.elastic-prod.aws.elasticnet.co,50.112.53.117 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEq21SjTiApbSiZW9FKJ1jMd75uocghX7oTwZmtv4khAUKhlRqzs16NkwuX6K0hhMHXEC/kCQgvUc7ZTlV3bhsc=
+bastion-infra.elastic.aws.elasticnet.co,52.37.1.158 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAFcOg5LJ6paY0ED928DENV4yAV9EA6EbfcArDJ2MB7gH5qcEddfGvxqZ8Y4mwQMixwfWgV+LJ9SwjGT2919Gfs=
+bastion-jenkins.elastic-ci-dev.gcp.elasticnet.co,35.226.148.78 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP0112j4DAHSIVghZ3i/7GsZNvvlKeEXKnbNmXqPf2Y6ejXPdwPeJnqNm+r8mq2+rnafKfKHZN4vhnC3rHmwjr0=
+bastion-jenkins.elastic-ci-prod.gcp.elasticnet.co,104.155.182.31 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNWeFfAwVfRm22sAOgbaNtJKMUgxcT2rcN3k7gcptuXfIvpnHC/B4Hgj2I5qnqnKhtxtR7/S8b13GjdraKndgvU=
+bastion-registry.elastic-prod.aws.elasticnet.co,54.209.171.86 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYc+0q6aFKI91SnoPCcWOPgXtKSQSoo04PbV5V0yrTdN7fvyvonJ4MffspZ9XXxVzE/1d81PSh4PuXoKDorJhw=
+bastion-us-central1.gcp.elasticnet.co,104.154.164.114 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL+eIL25kFrAGu37iULa+jJDLUnT39DJhy06lu3mEm8mm0LNF9amNjAHomk2XK4j8g2tBzSqGdRakyv8Uatq6Us=
+bastion-us-west1.gcp.elasticnet.co,35.230.50.230 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYtq4vpG02htEbsum4W7epLGzqGIK2HYQoFGyVqWG6jJtFnmGtxElKXoIbRYTjmNVsfB2QLggac48t0DG/RW1U=
diff --git a/external/ssh_config/config.d/benchmarks b/external/ssh_config/config.d/benchmarks
@@ -0,0 +1,69 @@
+# Night Rally load driver and target machines section
+Host night-rally-1
+  Hostname worker-746202.build.fsn1-dc4.hetzner.elasticnet.co
+
+Host night-rally-2
+  Hostname target-746203.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+Host night-rally-3
+  Hostname target-746204.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+Host night-rally-4
+  Hostname target-746205.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+# Night Rally Group 1
+Host night-rally-5
+  Hostname worker-953730.build.fsn1-dc14.hetzner.elasticnet.co
+
+Host night-rally-6
+  Hostname target-953729.benchmark.fsn1-dc14.hetzner.elasticnet.co
+
+Host night-rally-7
+  Hostname target-953732.benchmark.fsn1-dc14.hetzner.elasticnet.co
+
+Host night-rally-8
+  Hostname target-953733.benchmark.fsn1-dc14.hetzner.elasticnet.co
+
+# Night Rally Group 2
+Host night-rally-9
+  Hostname worker-953731.build.fsn1-dc14.hetzner.elasticnet.co
+
+Host night-rally-10
+  Hostname target-953734.benchmark.fsn1-dc14.hetzner.elasticnet.co
+
+Host night-rally-11
+  Hostname target-953735.benchmark.fsn1-dc14.hetzner.elasticnet.co
+
+Host night-rally-12
+  Hostname target-953736.benchmark.fsn1-dc14.hetzner.elasticnet.co
+# End Night Rally load driver and target machines section
+
+# Memory benchmark machines
+Host lowmem-rally-1
+  Hostname memory-869742.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+Host lowmem-rally-2
+  Hostname memory-869743.benchmark.fsn1-dc4.hetzner.elasticnet.co
+# End Memory benchmark machines
+
+# Longrun benchmarks section
+Host long-run-rally-1
+  Hostname longrun-669376.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+Host long-run-rally-2
+  Hostname longrun-669377.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+Host long-run-rally-3
+  Hostname longrun-669378.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+Host long-run-rally-4
+  Hostname longrun-669380.benchmark.fsn1-dc4.hetzner.elasticnet.co
+
+# End Longrun benchmarks section
+
+Host microbenchmark
+  Hostname 148.251.138.133
+  # AKA worker-349501.build.fsn1-dc12.hetzner.elasticnet.co
+
+Host adhoc-rally-1
+  Hostname worker-775501.build.fsn1-dc4.hetzner.elasticnet.co
diff --git a/external/ssh_config/config.d/common b/external/ssh_config/config.d/common
@@ -0,0 +1,5 @@
+Host *rally* microbenchmark *.hetzner.elasticnet.co wopr*
+  StrictHostKeyChecking No
+  UserKnownHostsFile /dev/null
+  ProxyCommand vault ssh -role bastion -mode otp -user-known-hosts-file=~/.ssh/config.d/.known_hosts %[email protected] -W %h:%p
+  User <yourlocalsshuser>
diff --git a/external/ssh_config/config.d/general b/external/ssh_config/config.d/general
@@ -0,0 +1,2 @@
+Host wopr
+  Hostname wopr.elasticnet.co