← Back to team overview

launchpad-reviewers team mailing list archive

Re: [Merge] ~cjwatson/launchpad:doc-running into launchpad:master

 

Only made it halfway through until it got too late.

Diff comments:

> diff --git a/doc/running.rst b/doc/running.rst
> new file mode 100644
> index 0000000..7f9c3a6
> --- /dev/null
> +++ b/doc/running.rst
> @@ -0,0 +1,407 @@
> +=================
> +Running Launchpad
> +=================
> +
> +.. note::
> +
> +    `Ask for help <https://dev.launchpad.net/Help>`_ right away if you run
> +    into problems.
> +
> +This page explains how to set up and run Launchpad (for development) on your
> +own machine, using a `LXD
> +<https://linuxcontainers.org/lxd/introduction/>`_-managed container to
> +isolate it from the rest of your system.
> +
> +Supported operating systems
> +===========================
> +
> +For the host system, any reasonably modern Ubuntu release should work.
> +Other Linux distributions that have LXD should work too, though we don't
> +test on them.
> +
> +For the containers, these instructions should work with Ubuntu 16.04 LTS or
> +later.  We currently test on 16.04 and 18.04, with the aim of upgrading
> +production to 18.04 soon.  20.04 is known not to work yet.
> +
> +Launchpad requires at least Python 3.5 (i.e. newer than Ubuntu 14.04 LTS).
> +
> +We'd like Launchpad to run on other operating systems, especially `Debian
> +GNU/Linux <https://www.debian.org/>`_, so that more people can contribute to
> +Launchpad development.  If you're interested in working on Launchpad
> +portability, please `let us know <https://dev.launchpad.net/Help>`_.  Note
> +that our focus is on getting Launchpad to build easily so more people can
> +participate in Launchpad development.  Running a stable production instance
> +would be *much* harder than running a single-developer test instance, and we
> +don't recommend it.  Unlike many open source projects, we're not seeking to
> +maximize the number of installations; our goal is to improve the `instance
> +we're already running <https://launchpad.net/>`_.
> +
> +Why use LXD containers?
> +=======================
> +
> +Launchpad development setup makes significant changes to your machine; it's
> +nice to be unaffected by those when you're not doing such development.
> +Using containers means that the version of Ubuntu on your host system
> +doesn't need to match Launchpad's requirements.  Multiple containers can be
> +used to work around Launchpad's limitations regarding concurrent test runs
> +on a single machine.
> +
> +LXD also has some nice snapshotting and ZFS capabilities, and is what other
> +Launchpad developers use, so other people will be able to help you debug
> +your setup if needed.
> +
> +The installation script is written with the assumption that it will be
> +running inside such a container.  If you run it on your host system, it may
> +well break your host system.
> +
> +Create a LXD container

Might that be `an LXD container`?

> +======================
> +
> +This assumes you already have LXD set up.  If not, follow the `instructions
> +<https://linuxcontainers.org/lxd/getting-started-cli/>`_ for getting it
> +installed and configured on your network.
> +
> +1. If you haven't done so already, run this script to set up LXD to let you
> +   use your home directory inside the container.  Some developers prefer to
> +   only mount a subdirectory of their home directory in the container: to do
> +   that, replace ``$HOME`` with ``$HOME/src`` or similar.
> +
> +.. code-block:: sh
> +
> +    #! /bin/sh
> +    
> +    id=400000  # some large uid outside of typical range, and outside of already mapped ranges in /etc/sub{u,g}id
> +    uid=$(id -u)
> +    gid=$(id -g)
> +    user=$(id -un)
> +    group=$(id -gn)
> +    
> +    # give lxc permission to map your user/group id through
> +    sudo usermod --add-subuids ${uid}-${uid} --add-subgids ${gid}-${gid} root
> +    
> +    # create a profile to control this
> +    lxc profile create $user >/dev/null 2>&1
> +    
> +    # configure profile
> +    cat << EOF | lxc profile edit $user
> +    name: $user
> +    description: allow home dir mounting for $user
> +    config:
> +      raw.idmap: |
> +        uid $uid $id
> +        gid $gid $id
> +      user.user-data: |
> +        #cloud-config
> +        runcmd:
> +          - "groupadd $group --gid $id"
> +          - "useradd $user --uid $id --gid $group --groups adm,sudo --shell /bin/bash"
> +          - "echo '$user ALL=(ALL) NOPASSWD:ALL' >/etc/sudoers.d/90-cloud-init-users"
> +          - "chmod 0440 /etc/sudoers.d/90-cloud-init-users"
> +    devices:
> +      home:
> +        type: disk
> +        source: $HOME
> +        path: $HOME
> +    EOF
> +
> +2. Create a container.  This command creates a Ubuntu 16.04 unprivileged
> +   container using the profile created in the previous step.
> +
> +.. code-block:: sh
> +
> +    lxc launch ubuntu:16.04 lpdev -p default -p $USER
> +
> +3. Find the container IP, either from ``lxc list`` or ``lxc info lpdev``.
> +
> +4. In order to be able to ssh into the container, you need to add your
> +   public key to your local ``.ssh/authorized_keys`` configuration.  Also
> +   make sure that both ``.ssh`` (700) and ``authorized_keys`` (600) have the
> +   correct permissions.
> +
> +5. Connect as follows.  (The -A permits you to access Launchpad code hosting
> +   from within the container without needing to reenter passphrases.)
> +
> +.. code-block:: sh
> +
> +    ssh -A $user@IP_ADDRESS_FROM_LXC_LS
> +
> +Getting Launchpad
> +=================
> +
> +Do all this *inside* the container you set up previously.  Be aware that
> +changes in your home directory inside the container will also be seen
> +outside the container and vice versa.
> +
> +If your Launchpad username differs from your local one, then put this in
> +``~/.ssh/config`` in the container before doing anything else, replacing
> +``LPUSERNAME`` with your Launchpad username::
> +
> +    Host bazaar.launchpad.net
> +            User LPUSERNAME
> +    Host git.launchpad.net
> +            User LPUSERNAME
> +
> +Then:
> +
> +.. code-block:: shell-session
> +
> +   $ mkdir ~/launchpad
> +   $ cd ~/launchpad
> +   $ curl https://git.launchpad.net/launchpad/plain/utilities/rocketfuel-setup >rocketfuel-setup
> +
> +Read through the rocketfuel-setup script at this point and make sure you're
> +OK with what it's going to do.
> +
> +.. code-block:: shell-session
> +
> +   $ chmod a+x rocketfuel-setup
> +   $ ./rocketfuel-setup
> +
> +This will take a while -- maybe a few hours to get everything, depending on
> +your Internet connection.
> +
> +Note that you will be prompted for your ``sudo`` password, and for a
> +Launchpad login ID (that is, your username on ``launchpad.net``).  The sudo
> +access is necessary to get Launchpad running on your box; the Launchpad
> +login is not strictly necessary, and you can just hit Return there if you
> +want.  See below for an explanation.
> +
> +Note that this will make changes to your Apache configuration if you already
> +have an Apache server in your container.  It will also add entries to
> +``/etc/hosts``, and it will setup a PostgreSQL server in your container.
> +
> +If you are running ``rocketfuel-setup`` to bring up a new container but your
> +home directory already has a usable Launchpad tree, you can pass
> +``--no-workspace`` to only perform the system-wide setup.
> +
> +Note that if ``rocketfuel-setup`` bails out with instructions to fix
> +something, you just need to run it again and it should pick up where it left
> +off.
> +
> +.. code-block:: shell-session
> +
> +   $ sudo apt-get dist-upgrade
> +
> +This is just to make doubly-sure everything from the Launchpad PPA gets
> +installed.
> +
> +.. code-block:: shell-session
> +
> +   $ ls
> +   launchpad/    lp-sourcedeps/
> +   $ cd launchpad
> +
> +You are now in a newly-cloned Git repository, with one branch ('master'),
> +into whose working tree the other source dependencies have been symlinked.
> +The source dependencies actually live in ``../lp-sourcedeps``.
> +
> +Installing the pre-commit hook
> +==============================
> +
> +If you intend to make any changes to Launchpad, you should also set up
> +`pre-commit <https://pre-commit.com/>`_ now:
> +
> +1. Install ``pre-commit`` itself.  If your host system is Ubuntu 20.10 or
> +   newer, then ``sudo apt install pre-commit`` is enough; otherwise, you can
> +   install it in your user account (`pipx <https://pypi.org/project/pipx/>`_
> +   works well to keep it isolated; whatever you do, don't run ``pip``
> +   system-wide as root!).  We require this to be installed separately rather
> +   than including it in Launchpad's virtual environment because developers
> +   commonly run ``git commit`` outside the container used for running
> +   Launchpad.
> +
> +2. Install the ``pre-commit`` git hook by running ``pre-commit install`` in
> +   your newly-cloned ``launchpad`` repository.
> +
> +Building
> +========
> +
> +Before you can run Launchpad for the first time, you need to set up PostgreSQL.
> +
> +.. note::
> +
> +    **DO NOT run the database setup script below if you use PostgreSQL for
> +    anything other than Launchpad!**  Running the script will destroy any
> +    PostgreSQL databases on your system.  See
> +    https://dev.launchpad.net/DatabaseSetup for details.
> +
> +.. code-block:: shell-session
> +
> +    $ ./utilities/launchpad-database-setup $USER
> +
> +**(Please have read the previous comment before you run the above command!)**
> +
> +Finally, build the database schema (this may take several minutes):
> +
> +.. code-block:: shell-session
> +
> +    $ make schema
> +
> +Running
> +=======
> +
> +Now you should be able to start up Launchpad:
> +
> +.. code-block:: shell-session
> +
> +    $ make run
> +
> +This only runs the basic web application.  `Codehosting
> +<Code/HowToUseCodehostingLocally>`_ and `Soyuz
> +<Soyuz/HowToUseSoyuzLocally>`_ require additional steps.
> +
> +For subsequent builds, you can just do ``make run`` right away.  You don't
> +need to do ``make schema`` every time, and you should avoid it because it's
> +expensive and because it will clean out any data you might have put into
> +your test instance (through the web UI or by running other scripts).
> +
> +Setting up remote access
> +========================
> +
> +Unless the only thing you're doing is running parts of the test suite, you
> +probably want to make your new Launchpad instance accessible from other
> +machines on the same local network, or in particular from the host system.
> +
> +Amending the Apache configuration
> +---------------------------------
> +
> +Launchpad's default development Apache config
> +(``/etc/apache2/sites-available/local-launchpad.conf``) only listens on
> +127.0.0.88.  This can be overridden with the ``LISTEN_ADDRESS`` environment
> +variable when running ``make install``.  You probably want to make it listen
> +on everything:
> +
> +.. code-block:: shell-session
> +
> +    $ sudo make LISTEN_ADDRESS='*' install
> +
> +Amending the hosts file
> +-----------------------
> +
> +Launchpad makes extensive use of virtual hosts, so you'll need to add
> +entries to ``/etc/hosts`` on any machine from which you want to access the
> +Launchpad instance.  You'll see the relevant hostnames in ``/etc/hosts`` on
> +the machine running the instance - they need to be added to the remote
> +machine, mapped to the server machine or container's external IP address.
> +
> +If some of those other machines run Windows, it may be helpful to know that
> +the Windows equivalent of ``/etc/hosts`` is located at
> +``C:\WINDOWS\system32\drivers\etc\hosts``.  Note that Windows' version has a
> +line length limit, so you might have to split it across multiple lines or
> +only include the hostnames that you need.
> +
> +You should now be able to access ``https://launchpad.test/`` in a web
> +browser on a suitably configured remote computer.  Accept the local
> +self-signed certificate.  You can log in as ``admin@xxxxxxxxxxxxx`` without
> +a password.  (This is only for development convenience, and assumes that you
> +trust machines that can route to your LXD containers; of course a production
> +deployment would need real authentication.)
> +
> +Accessing launchpad.test from a single host over SSH
> +----------------------------------------------------
> +
> +As an alternative to the above, SSH provides a SOCKS proxy.  By running that
> +proxy on the target machine, you can view its Launchpad web site as if you
> +were on that machine, without having to open non-SSH ports to a wider
> +network.  To do so:
> +
> +.. code-block:: shell-session
> +
> +    $ ssh -D8110 target-machine
> +
> +Then set your browser's SOCKS proxy settings to use ``target-machine:8110``.
> +
> +Stopping
> +========
> +
> +You can stop Launchpad by hitting **Control-C** in the terminal where you
> +started it:
> +
> +.. code-block:: shell-session
> +
> +    ^C
> +    [...shutting down Launchpad...]
> +    $ 
> +
> +Or you can be at a prompt in the same directory and run this:
> +
> +.. code-block:: shell-session
> +
> +    $ make stop
> +
> +Details
> +=======
> +
> +What the installation process does
> +----------------------------------
> +
> +The ``rocketfuel-setup`` script first determines what release of Ubuntu
> +you're running, then installs various lines into files under ``/etc``, to
> +enable you to run Launchpad services locally.  For example, it adds entries
> +for "launchpad.test", "bazaar.launchpad.test", "lists.launchpad.test", and
> +others to your ``/etc/hosts`` file, so that after you build Launchpad you
> +can browse to ``launchpad.test`` and see a locally-running instance.  It
> +also installs some packages, dependencies that Launchpad needs in order to
> +run.  This is why the ``sudo`` access is necessary; consult the script for
> +details of what it's doing.
> +
> +Once it's got the system preparation out of the way, the script clones
> +Launchpad's Git repository (that's the ``launchpad`` directory above).  That
> +will take a while.
> +
> +After it gets that, it fetches the other dependencies, the third-party
> +libraries, by invoking a separate script,
> +``launchpad/utilities/rocketfuel-get``.  That will take a while too, as
> +there are over 200 such libraries.
> +
> +Once it has all the dependencies, it links them into the trunk working tree,
> +using the script ``launchpad/utilities/link-external-sourcecode``.
> +
> +Do-it-yourself installation
> +---------------------------
> +
> +**We only support using rocketfuel-setup to set up Launchpad.**  It adjusts
> +a lot of things to get the development process running smoothly, as
> +summarized above.  However, sometimes you might want to just get a build of
> +Launchpad to run its tests, or to run a script packaged with Launchpad, or
> +to do your own manual changes of the files that ``rocketfuel-setup`` would
> +normally touch.  These are the basics of what needs to be done for that
> +route - **unsupported hints**.
> +
> +You'll need packages from a PPA: ``ppa:launchpad/ubuntu/ppa``.
> +
> +.. code-block:: shell-session
> +
> +    $ sudo apt-add-repository ppa:launchpad/ubuntu/ppa
> +
> +Install the ``launchpad-developer-dependencies`` package.
> +
> +Get the code:
> +
> +.. code-block:: shell-session
> +
> +    $ git clone https://git.launchpad.net/launchpad
> +    $ cd launchpad
> +    $ utilities/update-sourcecode
> +    $ git clone --depth=1 https://git.launchpad.net/lp-source-dependencies download-cache
> +    $ make
> +
> +Troubleshooting
> +===============
> +
> +"The LXC container is not getting an IPv4 address assigned and the network
> +connectivity inside the container doesn't work."
> +
> +On Ubuntu 21.10, ``ufw`` uses ``nftables`` by default, so if you are using
> +Ubuntu 21.10 on the host and ``ufw`` is enabled with the default policy of
> +blocking incoming and routed traffic, the rules added by LXD will not take
> +effect, and hence LXD's traffic will be dropped.
> +
> +The fix is to add ``ufw allow`` rules to allow incoming and routed traffic
> +on the bridge interface, like this (replacing ``lxdbr0`` with the name of
> +the bridge interface on your computer):
> +
> +.. code-block:: sh
> +
> +    sudo ufw allow in on lxdbr0
> +    sudo ufw route allow in on lxdbr0


-- 
https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/412405
Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:doc-running into launchpad:master.



References