From Fedora Project Wiki

(remove f18 instance, it's eol)
(add new power10 instance, update others.)
 
(64 intermediate revisions by 10 users not shown)
Line 5: Line 5:


== Available Machines/Instances ==
== Available Machines/Instances ==
 
{| class="wikitable"
{|
! hostname !! fedora version !! arch  !! cpu !! memory !! disk !! contact
! hostname !! fedora version !! arch  !! cpu !! memory !! disk !! contact
|-
|-
| thulsadoom.scrye.com / rawhide-test.scrye.com || rawhide || x86_64 kvm instance || 2.13Ghz || 8GB ram || 100GB disk || Kevin Fenzi <kevin@scrye.com>
| rawhide-test.fedorainfracloud.org || rawhide || x86_64 cloud instance || 3.00GHz || 8GB ram || 100GB disk || admin@fedoraproject.org
|-
| el9-test.fedorainfracloud.org || CentOS Stream 9 || x86_64 cloud instance || 3.00GHz || 8GB ram || 100GB disk || admin@fedoraproject.org
|-
|-
| draco.scrye.com / epel5-test.scrye.com || centos5 || i686 kvm instance || 2.13Ghz || 2GB ram || 100GB disk || Kevin Fenzi <kevin@scrye.com>
| f39-test.fedorainfracloud.org || f39 || x86_64 cloud instance || 3.1Ghz || 8GB ram || 100GB disk || admin@fedoraproject.org
|-
|-
| gandohar.scrye.com / epel6-test.scrye.com || rhel6 || x86_64 kvm instance || 2.13Ghz || 2048MB ram || 100GB disk || Kevin Fenzi <kevin@scrye.com>
| ppc64le-test.fedorainfracloud.org || f39 || power9 ppc64le vm || - || 8GB ram || 40GB disk || admin@fedoraproject.org
|-
|-
| peven.scrye.com / epel7-test.scrye.com || rhel7beta || x86_64 kvm instance || 2.13Ghz || 4096 MB ram || 20GB disk || Kevin Fenzi <kevin@scrye.com>
| ppc64le-test02.fedorainfracloud.org || f40 || power10 ppc64le vm || - || 16GB ram || 160GB disk || admin@fedoraproject.org
|-
|-
| ningauble.scrye.com / f19-test.scrye.com || f19 || x86_64 kvm instance || 2.13Ghz || 1024MB ram || 20GB disk || Kevin Fenzi <kevin@scrye.com>
| aarch64-test01.fedorainfracloud.org || f40 || aarch64 cloud instance || - || 8GB ram || 100GB disk || admin@fedoraproject.org
|-
|-
| arawn.scrye.com / f20-test.scrye.com || f20 || x86_64 kvm instance || 2.13Ghz || 1024MB ram || 20GB disk || Kevin Fenzi <kevin@scrye.com>
| aarch64-test02.fedorainfracloud.org || f40 || aarch64 cloud instance || - || 8GB ram || 100GB disk || admin@fedoraproject.org
|-
|-
|}
|}


{{admon/note|IP and DNS information has changed|As of 2011-05-14 all these instances are behind a single IP address. You will need to fetch: http://kevin.fedorapeople.org/test-machine-ssh-config and add it to your ~/.ssh/config to be able to access them (or look at it and use the right port on the single IP) or use ipv6.. Sorry for the trouble. }}
{{admon/note|machine names and location has changed as of 2020-03-18}}


== FAQ ==
== FAQ ==
Line 29: Line 30:
Q: What precautions should I take on these machines.
Q: What precautions should I take on these machines.


A: Since all Fedora packagers have root access on these machines, do not enter any sensitive information, including FAS credentials on these machines.  These systems should never ask you for your FAS password (sudo is NOPASSWD).  Authentication is only done via the SSH key you have set in FAS.  In particular, it is recommended to disable SSH agent forwarding on these machines on the client side (agent forwarding is disabled on the server, but any user on the system could potentially reenable it).  To do this, add the following to your ~/.ssh/config:
A: Since all Fedora packagers or qa members have root access on these machines, do not enter any sensitive information, including FAS credentials on these machines.  These systems should never ask you for your FAS password (sudo is NOPASSWD).  Authentication is only done via the SSH key you have set in FAS.  In particular, it is recommended to disable SSH agent forwarding on these machines on the client side (agent forwarding is disabled on the server, but any user on the system could potentially reenable it).  To do this, add the following to your ~/.ssh/config:
<pre>
<pre>
Host *.scrye.com
Host *.fedorainfracloud.org
  ForwardAgent no
Host *.cloud.fedoraproject.org
   ForwardAgent no
   ForwardAgent no
</pre>
</pre>
Line 37: Line 40:
Q: Who has access to these instances?
Q: Who has access to these instances?


A: Anyone who is in the Fedora "packager" group. Use your ssh key from the fedora account system to login. Package maintainers have 'sudo' access.  
A: Anyone who is in the Fedora "packager" group. or anyone in the Fedora "qa" group for the qa machines. Use your ssh key from the fedora account system to login. Package maintainers have 'sudo' access.  


Q: What kinds of things can I do on these machines?  
Q: What kinds of things can I do on these machines?  
Line 72: Line 75:
Q: Can I use one of these instances to maintain my packages from?
Q: Can I use one of these instances to maintain my packages from?


A: No. ssh agent forwarding is disabled for security reasons, so you will not be able to do cvs checkins from these instances. Additionally, they could be re-installed or files could be wiped at any time. You should not use these as a place to maintain your packages from.
A: No. ssh agent forwarding is disabled for security reasons, so you will not be able to do git checkins from these instances. Additionally, they could be re-installed or files could be wiped at any time. You should not use these as a place to maintain your packages from.
 
Q: I messed up one of the existing instances. What do I do?
 
A: Don't panic. Just inform the owner of that instance and they will spin up another instance. It's not a problem.  


Q: I would like to contibute a host/instance/machine to allow people to test things, how can I do that?
Q: I would like to contibute a host/instance/machine to allow people to test things, how can I do that?


A: I would be happy to help you in setting up a machine as the above test instances are. Contact me (kevin@scrye.com) for more info on how to set up the hosts.  
A: I would be happy to help you in setting up a machine as the above test instances are. Contact me (kevin@scrye.com) for more info on how to set up the hosts. If you want to know some details about the setup, take a look at the ansible playbooks used for these machines at [https://www.scrye.com/~kevin/fedora/scrye-ansible/ https://www.scrye.com/~kevin/fedora/scrye-ansible/]. To make them work you need a special FAS account that is in the group <code>thirdparty</code>, though.


Q: I would like to donate some secondary arch hardware/machine resources to this effort. How can I do that?  
Q: I would like to donate some secondary arch hardware/machine resources to this effort. How can I do that?  


A: See the previous question if you just want to bring up your own test machines at your site. If you would like me to host/manage your machines, please  
A: See the previous question if you just want to bring up your own test machines at your site. If you would like me to host/manage your machines, please  
contact me (kevin@scrye.com) and we can see if we can work something out. In particular I would love a ppc64 host to allow maintainers to use.
contact me (kevin@scrye.com) and we can see if we can work something out.  


Q: What should the ssh host keys be for these instances?  
Q: What should the ssh host keys be for these instances?  


A1: The ssh host keys are in DNS (dnssec enabled). Just set the openssh VerifyHostKeyDNS=yes.
A1: https://admin.fedoraproject.org/ssh_known_hosts has all the ssh host keys
A2: Here's a list of ssh host keys for the machines:  
 
<pre>
rawhide-test.scrye.com,thulsadoom.scrye.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwcyeuOv+hwYjMLobYmysZJl0XBwPsx3OuExgoSZqof4zKm+Gws/IxWDnwfov/bQ9PKlcsaGTlCeXS7ZfaUA4tYH5GksJP8tczGg35iFjn115ep0/1FF4rsUsc0mNMHVlgF2yibn//5P48in2VgJh7+kjKo6/yBxwFZVEI0Vwncy621dL0VZI52fdbiTacik7BoUWFupDUc7mEXYXL+KLD4WkiQd880VmimgbKzw+M+L19vPKwebMuD8Qat5DAaH+Wji+XR7nRZqvGOa1IOzbb7CPveJk7WEd/07KfU/p3X0Ek1d3Omqex5/Cew2NVFHETF3HEu6LomaNkKjdaqF+Nw==
epel5-test.scrye.com,[75.148.32.189]:3005,draco.scrye.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApaGSaZ52+S5ARafXKtYqoNzDklQ2tVaX+73SAyVZNIkV+Eij7oaqiQeBzQjrzmPQBUS1RR4To3puFNjVB0ZKzFwR//hExO+9rP3bqoOHEf/AS6uh/S6sxnClzut6MYDf0QfqlY402puZeQJN/zueCPWKmws08WcfxjLTNDEqiZIMwpRv6V5p20iI7coXiz/R2gN8yD8htNvbFAaqehcYJI6vpUCZR/4LRWVLn/c+rqLVJc3lXuAKuRgkeLbSTyLmX9UZWUX1bIiiqPo0GD7YX4QRAm4l4CSshk2QJc1V9o0j0NpYX+7Yt45lfhlDblTNyT1CSpKI4lXnmF+0knJ2DQ==
epel6-test.scrye.com,[75.148.32.189]:3006,gandohar.scrye.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyJV+yuO1cvo7y56lMSY0LKaww0le7/5/jaOfqj9R52ovNTikdqVx/ZmS5GUQvwnn8/8xrZJF1wB+DydYXX8u+Lhz1k68nclHA0oVzf87Q5Vh9VgUyvsp2YPuyY1KGEgc4Bf37FL6eORfVs4K4U5pk5Qj7xs4Ea7RbcpRmWWUG5G/QYbZi/oO2e6vdFh0eiFS+mXidck5GJqxMO+AZ1oQa+H9Pb56+fHmvcc3WgDfIKqTBOPdpFcp8F0IUAJbfvLfKM78UdP2lcv1+QMkPtJtaV5h4Jh4Kb0zu2lokeqLKLqCZ32I9u21BkPCeTlq4RXoWRULSJBO5K6hbl6za2UTcQ==
ningauble.scrye.com,f19-test.scrye.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsLBNlOZcoLqWYAQWHHM94mWzIhXsXSC1R4jfwGUHkFKPzQj4Odva5U3fgOLCC4Ea4jiK26hKJv8haGvs2kbhrxJ7fDAEJ3YhxFStbDhg0rHN6euPJUN6vZTSSItRtlQtvCyYgrv3Z8g3oYp8E2qafq+rC18RMPUIxdI5nlaQADsbQ4dx/7xROROwVTD+OI+r9xS2GLVu3FVJQjSLiG6c1GF5DDQqyT7G3ltXdRr1WWALA/bOkGKKTHvC1N6sPwRVhzk+oi0VWCs+udhEiAMd0mAKGVBlu4uvxmsvJ/lbcCpbQwZVzNEN+QdpKtdXWBgDQSk3OfI9VGfAg2pnmM+Br
arawn.scrye.com,f20-test.scrye.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/4PlTTPnb0200cPMKPtlNoIih/EKgpG8zAkDJ5721SgrkohFzn39cw0Fg7fNRYS4P9WLZ18ReHdC9lVuL3k39tfLvqdkSpEe/FvhbiJ5LCKaSzItrZAI+icsgVD9tn40npRhQUURAwP1O8Hw4t0cE2f+wUkjhq8du3o0yMOfEmdBiKDj8nBE3eOtBXdcWuuJxFXw9vHpzPdYgGuBRXXGnnMP0TdhC2Y3vgK4cUUVS7QUMW9X3rw1Jph70I4EqEEno3+ddYSQd8Y+kz7O6+ns7v9IaFnHECLDHqQZjexGXBZxHy15qqaLdUkz3b68kb0GFFGVJGV8s31FDhU22Tulx
peven.scrye.com,epel7-test.scrye.com,2001:470:b8bc:fed:5054:ff:fe55:7416 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyRoLbEfN4Qtm7j1LmIKkbkp6F5t7KclUXI32jsASdaZ0sB3HI+S3deiTAC4R2F0ptsIn+LiUrJO1j0sYRQ3drvkSc6PaDT3Z9zwtH1Roi4gwp/hytHiLr/dI1Z437yIrFmnF560VHOsPlRY/1a003ehtZcMw0EHeeEXVrqCOuACl6IHjAyKluKsvnb0ok9gr8O3AInOiwDZU+1mY2NkCXzIvSrTPM7VUEFdelZwtEzEg8byKK8e/8cB69KdrHxC9BnCAreIyBM0Q4ELQOBRt8uyBNpg6GMBBzVLeITV0SU6wKHkWCRSd581BnURb0d+YYB0AjPSWRJM5PF4aj/Twv
</pre>


== IPV6 info ==
== IPV6 info ==


All the instances are using a tunnelbroker.net ipv6 gateway, and should be reachable via ipv6. There should be AAAA records for all the hosts and they should be available for ping6 or ssh.
Sadly, ipv6 isn't currently available due to a provider issue. Will get it enabled as soon as we can offer it.  


[[Category:Package Maintainers]]
[[Category:Package Maintainers]]

Latest revision as of 18:20, 4 October 2024

Overview

In some cases Fedora Package maintainers may not have access to all supported architectures or releases of Fedora that they maintain packages for. In order to assist with this, some community members are providing access to test machines/instances that they maintain to allow Fedora package maintainers to test, build, compile or debug their packages.

Available Machines/Instances

hostname fedora version arch cpu memory disk contact
rawhide-test.fedorainfracloud.org rawhide x86_64 cloud instance 3.00GHz 8GB ram 100GB disk admin@fedoraproject.org
el9-test.fedorainfracloud.org CentOS Stream 9 x86_64 cloud instance 3.00GHz 8GB ram 100GB disk admin@fedoraproject.org
f39-test.fedorainfracloud.org f39 x86_64 cloud instance 3.1Ghz 8GB ram 100GB disk admin@fedoraproject.org
ppc64le-test.fedorainfracloud.org f39 power9 ppc64le vm - 8GB ram 40GB disk admin@fedoraproject.org
ppc64le-test02.fedorainfracloud.org f40 power10 ppc64le vm - 16GB ram 160GB disk admin@fedoraproject.org
aarch64-test01.fedorainfracloud.org f40 aarch64 cloud instance - 8GB ram 100GB disk admin@fedoraproject.org
aarch64-test02.fedorainfracloud.org f40 aarch64 cloud instance - 8GB ram 100GB disk admin@fedoraproject.org
machine names and location has changed as of 2020-03-18

FAQ

Q: What precautions should I take on these machines.

A: Since all Fedora packagers or qa members have root access on these machines, do not enter any sensitive information, including FAS credentials on these machines. These systems should never ask you for your FAS password (sudo is NOPASSWD). Authentication is only done via the SSH key you have set in FAS. In particular, it is recommended to disable SSH agent forwarding on these machines on the client side (agent forwarding is disabled on the server, but any user on the system could potentially reenable it). To do this, add the following to your ~/.ssh/config:

Host *.fedorainfracloud.org
  ForwardAgent no
Host *.cloud.fedoraproject.org
  ForwardAgent no

Q: Who has access to these instances?

A: Anyone who is in the Fedora "packager" group. or anyone in the Fedora "qa" group for the qa machines. Use your ssh key from the fedora account system to login. Package maintainers have 'sudo' access.

Q: What kinds of things can I do on these machines?

A: Any of the following:

  • mock build packages
  • install and test packages
  • build packages locally to try and fix problems or compile errors
  • Check locations of files, layout or versions to help solve a Fedora bug.
  • Basically anything that is directly related to Fedora Maintainer tasks.

Q: What should I not do?

A: Any of the following:

  • Things that are not related to your job as maintainer of Fedora packages.
  • Probing or accessing any other system.
  • publishing data or content to the internet.

Q: Can I upgrade/downgrade $basepackage, or reboot the instances?

A: If you need to do this, please contact the maintainer of the instance and arrange it.

Q: Can I leave any data on these instances?

A: No. They could be re-installed at most any time, or rebooted, or suffer a data loss. Please scp or rsync your work off often, and when done, please revert any package installs/downgrades/upgrades.

Q: Aren't you worried that someone will misuse these instances?

A: No. We trust the packagers to maintain and build our packages in Fedora, why would we not trust them to use test instances correctly? Additionally, the instances are all isolated from any local machines, ssh agent forwarding is disabled, and they only allow incoming ssh and a handfull of outgoing traffic.

Q: Can I use one of these instances to maintain my packages from?

A: No. ssh agent forwarding is disabled for security reasons, so you will not be able to do git checkins from these instances. Additionally, they could be re-installed or files could be wiped at any time. You should not use these as a place to maintain your packages from.

Q: I messed up one of the existing instances. What do I do?

A: Don't panic. Just inform the owner of that instance and they will spin up another instance. It's not a problem.

Q: I would like to contibute a host/instance/machine to allow people to test things, how can I do that?

A: I would be happy to help you in setting up a machine as the above test instances are. Contact me (kevin@scrye.com) for more info on how to set up the hosts. If you want to know some details about the setup, take a look at the ansible playbooks used for these machines at https://www.scrye.com/~kevin/fedora/scrye-ansible/. To make them work you need a special FAS account that is in the group thirdparty, though.

Q: I would like to donate some secondary arch hardware/machine resources to this effort. How can I do that?

A: See the previous question if you just want to bring up your own test machines at your site. If you would like me to host/manage your machines, please contact me (kevin@scrye.com) and we can see if we can work something out.

Q: What should the ssh host keys be for these instances?

A1: https://admin.fedoraproject.org/ssh_known_hosts has all the ssh host keys

IPV6 info

Sadly, ipv6 isn't currently available due to a provider issue. Will get it enabled as soon as we can offer it.