From c8990897ce554751654a5630852950001ded8933 Mon Sep 17 00:00:00 2001 From: Dimitrios Liappis Date: Tue, 22 Jan 2019 12:05:05 +0200 Subject: [PATCH] Common ssh setup for benchmark team Commit instructions and setup for ssh access to common servers for servers needed for benchmark work. Relates #92 --- external/ssh_config/README.md | 57 +++++++++++++++++++ external/ssh_config/config.d/.known_hosts | 9 +++ external/ssh_config/config.d/benchmarks | 69 +++++++++++++++++++++++ external/ssh_config/config.d/common | 5 ++ external/ssh_config/config.d/general | 2 + 5 files changed, 142 insertions(+) create mode 100644 external/ssh_config/README.md create mode 100644 external/ssh_config/config.d/.known_hosts create mode 100644 external/ssh_config/config.d/benchmarks create mode 100644 external/ssh_config/config.d/common create mode 100644 external/ssh_config/config.d/general diff --git a/external/ssh_config/README.md b/external/ssh_config/README.md new file mode 100644 index 0000000000000..9ad3f6a98891a --- /dev/null +++ b/external/ssh_config/README.md @@ -0,0 +1,57 @@ +## Configure ssh environment for access to benchmark machines + +The following instructions allow you to easily ssh to our benchmarking environment using aliases like: + +``` +ssh night-rally-1 +``` + +## Prerequisites + +1. Vault configured according to [infra instructions](https://github.com/elastic/infra/blob/master/docs/vault.md#github-auth) and environment variable `VAULT_ADDR` set in your shell. +2. OpenSSH version >=7.3p1. Check this with `ssh -V`. +3. \[Optional, macOS\] If you want auto-completion with bash: + 1. `brew install bash-completion2` + 2. Add the following to your `~/.bashrc`: + ``` + if [ -f $(brew --prefix)/share/bash-completion/bash_completion ]; then + export BASH_COMPLETION_COMPAT_DIR="$(brew --prefix)/etc/bash_completion.d" + source $(brew --prefix)/share/bash-completion/bash_completion + fi + ``` + +## Setup + +1. Create a `config.d` directory under your `~/.ssh`: + + ``` + mkdir ~/.ssh/config.d + chmod 0700 ~/.ssh/config.d + ``` + +2. Copy the files in `config.d/` found under this README.md file to the new config.d directory you created in 1: + + ``` + cp -r config.d/. ~/.ssh/config.d + ``` + +3. Edit `~/.ssh/config.d/common` and change `` in line 5 with the unix account you used in the [infra repo](https://github.com/elastic/infra/blob/master/docs/accessing-instances.md#ssh-access) when you submitted your public key. + +4. Add the following include **at the top** of your `~/.ssh/config` (if you don't have a config file, create a new one): + + ``` + Include ~/.ssh/config.d/* + ``` + +5. Test your setup: + + ``` + ssh night-rally-1 + + ssh lowmem-rally-1 + ``` + +## Troubleshooting + +Most of the issues are either due to a non-working Vault configuration or due to a missing `.known_hosts` file. +For the latter, ensure that `.known_hosts` got copied correctly in step 2 and is present under `~/.ssh/config.d`. \ No newline at end of file diff --git a/external/ssh_config/config.d/.known_hosts b/external/ssh_config/config.d/.known_hosts new file mode 100644 index 0000000000000..1f824566df98d --- /dev/null +++ b/external/ssh_config/config.d/.known_hosts @@ -0,0 +1,9 @@ +34.202.159.145 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM9Cp89NaCRgogDM9+2v+juokrirmxOUUncR5X3q4biHS0a/q8UJrghc5EX9wMAr4lIsIdhXUKZ+Hk8R1jDg0Jk= +bastion-europe-west1.gcp.elasticnet.co,35.205.119.111 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCjci8w+wlP+5X1BoTcCeYp9dZ28rLCdq4/2C2U1CX247Ks7IBeTB3a7HxN6K/4zkpF2y3nqigNZDXQq0QcjHJ8= +bastion-infra.elastic-prod.aws.elasticnet.co,50.112.53.117 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEq21SjTiApbSiZW9FKJ1jMd75uocghX7oTwZmtv4khAUKhlRqzs16NkwuX6K0hhMHXEC/kCQgvUc7ZTlV3bhsc= +bastion-infra.elastic.aws.elasticnet.co,52.37.1.158 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAFcOg5LJ6paY0ED928DENV4yAV9EA6EbfcArDJ2MB7gH5qcEddfGvxqZ8Y4mwQMixwfWgV+LJ9SwjGT2919Gfs= +bastion-jenkins.elastic-ci-dev.gcp.elasticnet.co,35.226.148.78 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP0112j4DAHSIVghZ3i/7GsZNvvlKeEXKnbNmXqPf2Y6ejXPdwPeJnqNm+r8mq2+rnafKfKHZN4vhnC3rHmwjr0= +bastion-jenkins.elastic-ci-prod.gcp.elasticnet.co,104.155.182.31 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNWeFfAwVfRm22sAOgbaNtJKMUgxcT2rcN3k7gcptuXfIvpnHC/B4Hgj2I5qnqnKhtxtR7/S8b13GjdraKndgvU= +bastion-registry.elastic-prod.aws.elasticnet.co,54.209.171.86 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYc+0q6aFKI91SnoPCcWOPgXtKSQSoo04PbV5V0yrTdN7fvyvonJ4MffspZ9XXxVzE/1d81PSh4PuXoKDorJhw= +bastion-us-central1.gcp.elasticnet.co,104.154.164.114 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBL+eIL25kFrAGu37iULa+jJDLUnT39DJhy06lu3mEm8mm0LNF9amNjAHomk2XK4j8g2tBzSqGdRakyv8Uatq6Us= +bastion-us-west1.gcp.elasticnet.co,35.230.50.230 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYtq4vpG02htEbsum4W7epLGzqGIK2HYQoFGyVqWG6jJtFnmGtxElKXoIbRYTjmNVsfB2QLggac48t0DG/RW1U= diff --git a/external/ssh_config/config.d/benchmarks b/external/ssh_config/config.d/benchmarks new file mode 100644 index 0000000000000..3558fe3024ec1 --- /dev/null +++ b/external/ssh_config/config.d/benchmarks @@ -0,0 +1,69 @@ +# Night Rally load driver and target machines section +Host night-rally-1 + Hostname worker-746202.build.fsn1-dc4.hetzner.elasticnet.co + +Host night-rally-2 + Hostname target-746203.benchmark.fsn1-dc4.hetzner.elasticnet.co + +Host night-rally-3 + Hostname target-746204.benchmark.fsn1-dc4.hetzner.elasticnet.co + +Host night-rally-4 + Hostname target-746205.benchmark.fsn1-dc4.hetzner.elasticnet.co + +# Night Rally Group 1 +Host night-rally-5 + Hostname worker-953730.build.fsn1-dc14.hetzner.elasticnet.co + +Host night-rally-6 + Hostname target-953729.benchmark.fsn1-dc14.hetzner.elasticnet.co + +Host night-rally-7 + Hostname target-953732.benchmark.fsn1-dc14.hetzner.elasticnet.co + +Host night-rally-8 + Hostname target-953733.benchmark.fsn1-dc14.hetzner.elasticnet.co + +# Night Rally Group 2 +Host night-rally-9 + Hostname worker-953731.build.fsn1-dc14.hetzner.elasticnet.co + +Host night-rally-10 + Hostname target-953734.benchmark.fsn1-dc14.hetzner.elasticnet.co + +Host night-rally-11 + Hostname target-953735.benchmark.fsn1-dc14.hetzner.elasticnet.co + +Host night-rally-12 + Hostname target-953736.benchmark.fsn1-dc14.hetzner.elasticnet.co +# End Night Rally load driver and target machines section + +# Memory benchmark machines +Host lowmem-rally-1 + Hostname memory-869742.benchmark.fsn1-dc4.hetzner.elasticnet.co + +Host lowmem-rally-2 + Hostname memory-869743.benchmark.fsn1-dc4.hetzner.elasticnet.co +# End Memory benchmark machines + +# Longrun benchmarks section +Host long-run-rally-1 + Hostname longrun-669376.benchmark.fsn1-dc4.hetzner.elasticnet.co + +Host long-run-rally-2 + Hostname longrun-669377.benchmark.fsn1-dc4.hetzner.elasticnet.co + +Host long-run-rally-3 + Hostname longrun-669378.benchmark.fsn1-dc4.hetzner.elasticnet.co + +Host long-run-rally-4 + Hostname longrun-669380.benchmark.fsn1-dc4.hetzner.elasticnet.co + +# End Longrun benchmarks section + +Host microbenchmark + Hostname 148.251.138.133 + # AKA worker-349501.build.fsn1-dc12.hetzner.elasticnet.co + +Host adhoc-rally-1 + Hostname worker-775501.build.fsn1-dc4.hetzner.elasticnet.co diff --git a/external/ssh_config/config.d/common b/external/ssh_config/config.d/common new file mode 100644 index 0000000000000..907df20803893 --- /dev/null +++ b/external/ssh_config/config.d/common @@ -0,0 +1,5 @@ +Host *rally* microbenchmark *.hetzner.elasticnet.co wopr* + StrictHostKeyChecking No + UserKnownHostsFile /dev/null + ProxyCommand vault ssh -role bastion -mode otp -user-known-hosts-file=~/.ssh/config.d/.known_hosts %r@bastion-europe-west1.gcp.elasticnet.co -W %h:%p + User diff --git a/external/ssh_config/config.d/general b/external/ssh_config/config.d/general new file mode 100644 index 0000000000000..f21ac03717734 --- /dev/null +++ b/external/ssh_config/config.d/general @@ -0,0 +1,2 @@ +Host wopr + Hostname wopr.elasticnet.co