Gitiles
Code Review Sign In
gerrit.cesnet.cz / github / openstack-infra / zuul / a8387ec78b726916c96127f3bd85701d78b709a5 / . / doc / source / admin / components.rst
blob: b91e7e7eb21eb5b06a34e1d59bcae65a4303e577 [file] [log] [blame]
James E. Blaireff5a9d2017-06-20 00:00:37 -0700[diff] [blame]1:title: Components
2
3.. _components:
4
5Components
6==========
7
8Zuul is a distributed system consisting of several components, each of
9which is described below. All Zuul processes read the
10**/etc/zuul/zuul.conf** file (an alternate location may be supplied on
11the command line) which uses an INI file syntax. Each component may
12have its own configuration file, though you may find it simpler to use
13the same file for all components.
14
15A minimal Zuul system may consist of a *scheduler* and *executor* both
16running on the same host. Larger installations should consider
17running multiple executors, each on a dedicated host, and running
18mergers on dedicated hosts as well.
19
20Common
21------
22
23The following applies to all Zuul components.
24
25Configuration
26~~~~~~~~~~~~~
27
28The following sections of **zuul.conf** are used by all Zuul components:
29
30gearman
31"""""""
32
33Client connection information for gearman.
34
35**server**
36 Hostname or IP address of the Gearman server.
37 ``server=gearman.example.com`` (required)
38
39**port**
40 Port on which the Gearman server is listening.
41 ``port=4730`` (optional)
42
43**ssl_ca**
44 Optional: An openssl file containing a set of concatenated
45 “certification authority” certificates in PEM formet.
46
47**ssl_cert**
48 Optional: An openssl file containing the client public certificate in
49 PEM format.
50
51**ssl_key**
52 Optional: An openssl file containing the client private key in PEM format.
53
James E. Blairfdb111d2017-06-23 20:56:05 +0100[diff] [blame]54zookeeper
55"""""""""
56
57**hosts**
58 A list of zookeeper hosts for Zuul to use when communicating with
59 Nodepool. ``hosts=zk1.example.com,zk2.example.com,zk3.example.com``
60
James E. Blairedc40162017-06-23 20:43:38 +0100[diff] [blame]61zuul
62""""
63
64**status_url**
65 URL that will be posted in Zuul comments made to changes when
66 starting jobs for a change. Used by zuul-scheduler only.
67 ``status_url=https://zuul.example.com/status``
68
James E. Blaireff5a9d2017-06-20 00:00:37 -0700[diff] [blame]69
70Scheduler
71---------
72
73The scheduler is the primary component of Zuul. The scheduler is not
74a scalable component; one, and only one, scheduler must be running at
75all times for Zuul to be operational. It receives events from any
76connections to remote systems which have been configured, enqueues
77items into pipelines, distributes jobs to executors, and reports
78results.
79
80Configuration
81~~~~~~~~~~~~~
82
83The following sections of **zuul.conf** are used by the scheduler:
84
85gearman_server
86""""""""""""""
87
88The builtin gearman server. Zuul can fork a gearman process from itself rather
89than connecting to an external one.
90
91**start**
92 Whether to start the internal Gearman server (default: False).
93 ``start=true``
94
95**listen_address**
96 IP address or domain name on which to listen (default: all addresses).
97 ``listen_address=127.0.0.1``
98
99**log_config**
100 Path to log config file for internal Gearman server.
101 ``log_config=/etc/zuul/gearman-logging.yaml``
102
103**ssl_ca**
104 Optional: An openssl file containing a set of concatenated “certification authority” certificates
105 in PEM formet.
106
107**ssl_cert**
108 Optional: An openssl file containing the server public certificate in PEM format.
109
110**ssl_key**
111 Optional: An openssl file containing the server private key in PEM format.
112
113webapp
114""""""
115
116**listen_address**
117 IP address or domain name on which to listen (default: 0.0.0.0).
118 ``listen_address=127.0.0.1``
119
120**port**
121 Port on which the webapp is listening (default: 8001).
122 ``port=8008``
123
James E. Blaireff5a9d2017-06-20 00:00:37 -0700[diff] [blame]124**status_expiry**
125 Zuul will cache the status.json file for this many seconds. This is an
126 optional value and ``1`` is used by default.
127 ``status_expiry=1``
128
129scheduler
130"""""""""
James E. Blaireff5a9d2017-06-20 00:00:37 -0700[diff] [blame]131
132**tenant_config**
133 Path to tenant config file.
134 ``layout_config=/etc/zuul/tenant.yaml``
135
136**log_config**
137 Path to log config file.
138 ``log_config=/etc/zuul/scheduler-logging.yaml``
139
140**pidfile**
141 Path to PID lock file.
142 ``pidfile=/var/run/zuul/scheduler.pid``
143
144**state_dir**
145 Path to directory that Zuul should save state to.
146 ``state_dir=/var/lib/zuul``
147
148Operation
149~~~~~~~~~
150
151To start the scheduler, run ``zuul-scheduler``. To stop it, kill the
152PID which was saved in the pidfile specified in the configuration.
153
154Most of Zuul's configuration is automatically updated as changes to
155the repositories which contain it are merged. However, Zuul must be
156explicitly notified of changes to the tenant config file, since it is
157not read from a git repository. To do so, send the scheduler PID
158(saved in the pidfile specified in the configuration) a SIGHUP signal.
159
160Merger
161------
162
163Mergers are an optional Zuul service; they are not required for Zuul
164to operate, but some high volume sites may benefit from running them.
165Zuul performs quite a lot of git operations in the course of its work.
166Each change that is to be tested must be speculatively merged with the
167current state of its target branch to ensure that it can merge, and to
168ensure that the tests that Zuul perform accurately represent the
169outcome of merging the change. Because Zuul's configuration is stored
170in the git repos it interacts with, and is dynamically evaluated, Zuul
171often needs to perform a speculative merge in order to determine
172whether it needs to perform any further actions.
173
174All of these git operations add up, and while Zuul executors can also
175perform them, large numbers may impact their ability to run jobs.
176Therefore, administrators may wish to run standalone mergers in order
177to reduce the load on executors.
178
179Configuration
180~~~~~~~~~~~~~
181
182The following section of **zuul.conf** is used by the merger:
183
184merger
185""""""
186
187**git_dir**
188 Directory that Zuul should clone local git repositories to.
189 ``git_dir=/var/lib/zuul/git``
190
191**git_user_email**
192 Optional: Value to pass to `git config user.email`.
193 ``git_user_email=zuul@example.com``
194
195**git_user_name**
196 Optional: Value to pass to `git config user.name`.
197 ``git_user_name=zuul``
198
199**log_config**
200 Path to log config file for the merger process.
201 ``log_config=/etc/zuul/logging.yaml``
202
203**pidfile**
204 Path to PID lock file for the merger process.
205 ``pidfile=/var/run/zuul-merger/merger.pid``
206
207Operation
208~~~~~~~~~
209
210To start the merger, run ``zuul-merger``. To stop it, kill the
211PID which was saved in the pidfile specified in the configuration.
212
213Executor
214--------
215
216Executors are responsible for running jobs. At the start of each job,
217an executor prepares an environment in which to run Ansible which
218contains all of the git repositories specified by the job with all
219dependent changes merged into their appropriate branches. The branch
220corresponding to the proposed change will be checked out (in all
221projects, if it exists). Any roles specified by the job will also be
222present (also with dependent changes merged, if appropriate) and added
223to the Ansible role path. The executor also prepares an Ansible
224inventory file with all of the nodes requested by the job.
225
226The executor also contains a merger. This is used by the executor to
227prepare the git repositories used by jobs, but is also available to
228perform any tasks normally performed by standalone mergers. Because
229the executor performs both roles, small Zuul installations may not
230need to run standalone mergers.
231
232Trusted and Untrusted Playbooks
233~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
234
235The executor runs playbooks in one of two execution contexts depending
236on whether the project containing the playbook is a *config project*
237or an *untrusted project*. If the playbook is in a *config project*,
238the executor runs the playbook in the *trusted* execution context,
239otherwise, it is run in the *untrusted* execution context.
240
241Both execution contexts use `bubblewrap`_ to create a namespace to
242ensure that playbook executions are isolated and are unable to access
243files outside of a restricted environment. The administrator may
244configure additional local directories on the executor to be made
245available to the restricted environment.
246
247The *trusted* execution context has access to all Ansible features,
248including the ability to load custom Ansible modules. Needless to
249say, extra scrutiny should be given to code that runs in a trusted
250context as it could be used to compromise other jobs running on the
251executor, or the executor itself, especially if the administrator has
252granted additional access through bubblewrap, or a method of escaping
253the restricted environment created by bubblewrap is found.
254
255Playbooks run in the *untrusted* execution context are not permitted
256to load additional Ansible modules or access files outside of the
257restricted environment prepared for them by the executor. In addition
258to the bubblewrap environment applied to both execution contexts, in
259the *untrusted* context some standard Ansible modules are replaced
260with versions which prohibit some actions, including attempts to
261access files outside of the restricted execution context. These
262redundant protections are made as part of a defense-in-depth strategy.
263
264.. _bubblewrap: https://github.com/projectatomic/bubblewrap
265
266Configuration
267~~~~~~~~~~~~~
268
269The following sections of **zuul.conf** are used by the executor:
270
271executor
272""""""""
273
274**finger_port**
275 Port to use for finger log streamer.
276 ``finger_port=79``
277
278**git_dir**
279 Directory that Zuul should clone local git repositories to.
280 ``git_dir=/var/lib/zuul/git``
281
282**log_config**
283 Path to log config file for the executor process.
284 ``log_config=/etc/zuul/logging.yaml``
285
286**private_key_file**
287 SSH private key file to be used when logging into worker nodes.
288 ``private_key_file=~/.ssh/id_rsa``
289
290**user**
291 User ID for the zuul-executor process. In normal operation as a daemon,
292 the executor should be started as the ``root`` user, but it will drop
293 privileges to this user during startup.
294 ``user=zuul``
295
296merger
297""""""
298
299**git_user_email**
300 Optional: Value to pass to `git config user.email`.
301 ``git_user_email=zuul@example.com``
302
303**git_user_name**
304 Optional: Value to pass to `git config user.name`.
305 ``git_user_name=zuul``
306
307Operation
308~~~~~~~~~
309
310To start the executor, run ``zuul-executor``.
311
312There are several commands which can be run to control the executor's
313behavior once it is running.
314
315To stop the executor immediately, aborting all jobs (they may be
316relaunched according to their retry policy), run ``zuul-executor
317stop``.
318
319To request that the executor stop executing new jobs and exit when all
320currently running jobs have completed, run ``zuul-executor graceful``.
321
322To enable or disable running Ansible in verbose mode (with the '-vvv'
323argument to ansible-playbook) run ``zuul-executor verbose`` and
324``zuul-executor unverbose``.