Deploying ASUS at the Chinese Datacenter

Unknown
Unknown
edited July 2019 in Dev & Ops

Background information

For security reasons, clusters in our Chinese data center don't work in exactly the same way as those we host in Canada and the US. One of the main differences at the time of deployment is that there are no git repositories on any of the Chinese's data-servers. The way we put the source code into them is using rsync from an intermediary data-server hosted in Canada.

For the particular case of ASUS the data-server configuration is the following:

+ data.cl20066.vanilladev.com is the intermediate production data-server

+ data.cl51066.vanilladev.com is the production data-server in China

Please note that ASUS also has an international data-server that hosts other sites, called data.cl50066.vanilladev.com

So, cl50066 works as usual. Staging for international and staging for China site work as usual.

cl20066 is the data-server you are going to use for deploying. However, the actual deploy will occur in cl51066.

Under normal circumstances, for deploying the Chinese site you only need to log in to and work on `cl20066`.


Side-note about the Console

All the things you usually do in the regular console should be done in the special china console for sites hosted in China.

Access the special console at https://ordosc.vanilladev.com using the same credential that you use in the regular console.


One-time configuration in your personal computer

In order to be able to use the intermediate server and the tools we've built there to allow deploying, your SSH client needs to support Agent Forwarding. This allows your SSH key to be passed along to subsequent servers when you connect through a chain of servers.

The following configuration is required to enable Agent Forwarding.

Edit your SSH configuration

Edit the file ~/.ssh/config. If the file doesn't exist you should create one.

Make sure the following content exists:

Host data.cl20066.vanilladev.com
     AddKeysToAgent yes

Verify you are using the Agent

To make use of the ssh-agent, you need to use the parameter `-A` in the ssh command line.

If you are using a bash alias to connect to the data-server, your alias should look similar to:

ssh -A -l{YOUR_USERNAME} -p 4028 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no

Note: you can safely use the -A option when connecting to any of our data-server. The actual use of it depends on our ssh config file (the one you checked in the before step)

Deploy process

Once again, the Chinese deploy process is made using an intermediate data-server hosted in Canada.

All the repository manipulations are done in the intermediate data-server. When you are ready to deploy, you just run a script that handles the file synchronization, the pushing, the activation and the finalization of the process. So,

+ step #1: you do your thing with repo(s) [Do not sudo push code in any of their version. Pushing is handled in step 2]

+ step #2: run sync-china script

+ step #2a: enter your 2FA code when prompted

Categories