This guide walks you step by step until you get a Buildbot worker server, a.k.a. build worker, on the Edge that can connect to an arbitrary Buildbot main server.
Make sure that all of the mandatory prerequisites have been met before progressing further.
| Name | Source | Description |
|---|---|---|
| <CONTAINER_NAME> | User input | The name of the Linux container where the app will be run. |
| <IP_ADDRESS__CONTAINER> | Generated | The IPv4 address of the contaier run by the server on the Edge. |
| <IP_ADDRESS__MAIN_BUILDBOT_SERVER> | User input | The IPv4 address of the Buildbot Main Server, e.g. the IP address of the container which isolates the main server or the public IP address/domain name of a Buildbot main server (should also have port 9989 open). |
| <ROOT_PWD__CONTAINER> | User input | The password of the root user in the container. |
Run the following commands on your server on the Edge.
incus launch images:debian/bookworm/cloud <CONTAINER_NAME>
incus exec <CONTAINER_NAME> bash
You may need to change the default MTU for HTTPS connections to function. Run
ip link set dev eth0 mtu 1000if you findapt updateorapt upgradestuck for long time. This setting is non persistent and it is lost when the container reboots.
apt update && apt upgrade && apt install fish
If you are not already within the container, run the following command on your server on the Edge to log in as
root.
incus exec <CONTAINER_NAME> fish
passwd
Set a password for the root user and make a (mental) note of it. It will be denoted with a variable <ROOT_PWD__CONTAINER>.
From here on the root user will use fish as default shell.
chsh -s /usr/bin/fish
Let's create the buildbot user and set a system password for it.
useradd -m -s /usr/bin/fish buildbot
passwd buildbot
The ability to establish SSH connections from the server on the Edge to the container is key for the upcoming Ansible automation. There is an Ansible connection driver for Linux containers with limited capabilities. The default Ansible connection driver through SSH is much more robust and powerful.
You can perform this step now or in future, when you make up your mind to give the automated solutions for system and application maintanence a try.
In order to complete this stage you need to perform the following commands in the container run by the server on the Edge.
apt update && apt install openssh-server
vi /etc/ssh/sshd_config
Add the following line to the file.
PermitRootLogin yes
systemctl enable ssh
systemctl start ssh
Run the following commands on your server on the Edge, i.e. outside of the container.
Run ssh-keygen only if you haven't generated SSH private and public keys on the server on the Edge. Otherwise use the already existing pair.
ssh-keygen
incus ls | grep <CONTAINER_NAME>
Make a note of the IPV4 value <IP_ADDRESS__CONTAINER>.
ssh-copy-id root@<IP_ADDRESS__CONTAINER>
Pass the password for the root user in the container as prompted.
From here on SSH connection as the
rootuser will be possible from the server on the Edge to the container. Containers are not visible and accessible to any other network devices.
Run the following commands on your server on the Edge.
incus exec <CONTAINER_NAME> fish
Let's harden the setup of the ssh server running in the container by disabling the password for logging in with root.
vi /etc/ssh/sshd_config
Delete the line PermitRootLogin yes.
Append the line PermitRootLogin prohibit-password.
systemctl restart ssh
You should have a fully functional Linux container named
<CONTAINER_NAME>that also has a non-administrative userbuildbot. In addition, the server on the Edge listens for SSH connections with therootuser. You know all login credentials.
If you are not already within the container, run the following command on your server on the Edge to log in as
root.
incus exec <CONTAINER_NAME> fish
apt update && apt install python3-pip pipx \
build-essential git python3-dev libssl-dev \
libffi-dev
sudo -u buildbot pipx install buildbot-worker
sudo -u buildbot pipx install --include-deps setuptools-trial
mkdir /opt/bb
chown buildbot:buildbot /opt/bb
cd /opt/bb
sudo -u buildbot /home/buildbot/.local/bin/buildbot-worker \
create-worker \
worker-1 \
<IP_ADDRESS__MAIN_BUILDBOT_SERVER> \
example-worker \
pass
This command will generate the file
/opt/bb/worker-1/buildbot.tacand will populate it with all the data. You can edit this file and amend the default credentials used for logging in with the Buildbot Main Server. If you decide to go this way, don't forget to amend the correspodning values in the Python pipeline on the Buildbot Main Server.
If you are not already within the container, run the following command on your server on the Edge to log in as
root.
incus exec <CONTAINER_NAME> fish
vi /etc/systemd/system/bb-worker-1.service
Add the following content to /etc/systemd/system/bb-worker-1.service. Make sure that all paths match the setup in your container.
[Unit]
Description=Buildbot worker service
After=network.target
[Service]
Type=forking
ExecStart=/home/buildbot/.local/bin/buildbot-worker start /opt/bb/worker-1
Restart=always
User=buildbot
WorkingDirectory=/opt/bb/worker-1
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable bb-worker-1
systemctl start bb-worker-1
systemctl status bb-worker-1
If the service starts successfully, you should be able to use your Buildbot setup for automating any CI/CD flow.
Navigate to your Buildbot Main Server in a web browser and
At least the first step - related to cloning a git repository on the Buildbot Worker - will succeed. This means that you should be ready to implement your own CI/CD pipelines.
bb-main-1 systemd service there.