You are browsing a read-only backup copy of Wikitech. The primary site can be found at wikitech.wikimedia.org

Help:MediaWiki-Vagrant in Cloud VPS: Difference between revisions

From Wikitech-static
Jump to navigation Jump to search
imported>BryanDavis
(→‎Setting up your instance with MediaWiki-Vagrant: Add step for applying role::labs::lvm::srv and warning not to do this on an m1.small instance)
imported>Andrew Bogott
Line 13: Line 13:
#** m1.medium or m1.large will be helpful if your wiki will host tens of thousands of pages or be used by more than 10 concurrent (simultaneous) users on a regular basis.
#** m1.medium or m1.large will be helpful if your wiki will host tens of thousands of pages or be used by more than 10 concurrent (simultaneous) users on a regular basis.
#* Choose or add security group that allows access on port 8080.
#* Choose or add security group that allows access on port 8080.
# Apply the role <code>role::labs::mediawiki_vagrant</code>. You can do this in Horizon's <code>Puppet</code> section. Choose the role from the list of preset Common puppet rules.
# Apply the role <code>role::labs::mediawiki_vagrant</code>. You can do this in Horizon's <code>Puppet</code> section.
#*This can be done for ''all'' instances in your project by using the "Project Puppet" tab.
#*This can be done for ''all'' instances in your project by using the "Project Puppet" tab.
#*It can be done for specific instances as identified with name prefix matching under the "Prefix Puppet" tab. See screenshot. [[File:HorizonPuppetPrefix-2018-05-07-14-13.png|thumb|Configuring Puppet role per instance instead of across all instances helps keep mistakes from spreading.]]
#*It can be done for specific instances as identified with name prefix matching under the "Prefix Puppet" tab. See screenshot. [[File:HorizonPuppetPrefix-2018-05-07-14-13.png|thumb|Configuring Puppet role per instance instead of across all instances helps keep mistakes from spreading.]]

Revision as of 20:16, 7 November 2019

MediaWiki-Vagrant logo

MediaWiki-Vagrant in Cloud VPS provisions a full MediaWiki stack by applying the role::labs::mediawiki_vagrant Puppet role to a Cloud VPS instance. This role will install Vagrant, LXC and MediaWiki-Vagrant on the target host. This combination allows using the full features of the MediaWiki-Vagrant stack including the custom Vagrant plugin on the Cloud VPS virtual machine.

Setting up your instance with MediaWiki-Vagrant

Launch instance part 1: fill out the name.
Launch instance part 2: select an image.
Launch instance part 3: choose a resource size.
Launch instance part 4: edit the instance just created.
  1. Ensure your project has a security group that allows access on port 8080, the default port for MediaWiki-Vagrant HTTP requests. The security group may be named "Web" or "web-server", or the "default" security group for your project may allow on port 8080.
  2. Create your instance
    • Choose the instance size:
      • m1.small is fine for 80% of wikis created in Cloud VPS.
      • m1.medium or m1.large will be helpful if your wiki will host tens of thousands of pages or be used by more than 10 concurrent (simultaneous) users on a regular basis.
    • Choose or add security group that allows access on port 8080.
  3. Apply the role role::labs::mediawiki_vagrant. You can do this in Horizon's Puppet section.
    • This can be done for all instances in your project by using the "Project Puppet" tab.
    • It can be done for specific instances as identified with name prefix matching under the "Prefix Puppet" tab. See screenshot.
      Configuring Puppet role per instance instead of across all instances helps keep mistakes from spreading.
  4. If you are using an m1.medium or m1.large instance size, apply role::labs::lvm::srv to provision the extra disk quota available to your instance as a volume that will be mounted at /srv.
    • Do not enable role::labs::lvm::srv on an m1.small instance. m1.small does not have enough unallocated disk quota to make a usable /srv volume for MediaWiki-Vagrant.
  5. ssh to your instance, and run sudo puppet agent --test --verbose to ensure that the latest Puppet changes have been applied.
  6. Log out and log back in (so that your shell will pick up the command alias from profile.d that will make the vagrant command run Vagrant as the mwvagrant shared user account). Note: skipping this step will cause problems!
  7. Change to the directory that MediaWiki-Vagrant has been pre-installed in: cd /srv/mediawiki-vagrant
  8. Start the LXC container and provision MediaWiki in it: vagrant up
    1. If you get a NFS error, run vagrant destroy -f && vagrant up;
    2. don't worry if you get the following error at the end of the process, the container will actually work:
    The SSH command responded with a non-zero exit status. Vagrant assumes that this means the command failed. The output for this command should be in the log above. Please read the output to determine what went wrong.
  9. Verify that the new wiki is accessible from the host: curl http://localhost:8080/wiki/Main_Page
    • If you get an error like "curl: (7) Failed to connect to localhost port 8080: Connection refused" you may need to run vagrant reload to restart the LXC container and trigger Vagrant to setup the proper port forwarding.
  10. Setup a proxy to port 8080 on your instance.
    Set up a proxy to Vagrant.
  11. If your chosen proxy name is not the same as the hostname of the Cloud VPS instance, you will need to override the default value for role::mediawiki::hostname by creating a config file at /srv/mediawiki-vagrant/puppet/hieradata/local.yaml with role::mediawiki::hostname: <your new proxy hostname>.wmflabs.org and apply the change using vagrant provision.
  12. Visit https://<your new proxy hostname>.wmflabs.org to see your new wiki
  13. Login to MediaWiki on your instance as user admin and password vagrant then use Special:ChangePassword to change the admin password to something other than the MediaWiki-Vagrant default.
Warning Caution: There are many default settings in MediaWiki-Vagrant that leave your wiki insecure, it is tuned primarily to be a local development environment.

Additional commands

Since you are using the full MediaWiki-Vagrant stack on your instance, the same commands that you are used to using for local MediaWiki-Vagrant development on your local machine apply.

Note you will need to be in the /srv/mediawiki-vagrant directory for these commands to work.

  1. vagrant roles list to see all roles that you can enable.
  2. vagrant roles enable <role> to enable a role.
  3. vagrant provision to apply role changes to your LXC container.
  4. vagrant ssh to open a command shell inside the LXC container.
  5. See MediaWiki-Vagrant for additional instructions and tips.

How do I...?

Most of your questions should be answered by reading the How do I....? section on the MediaWiki-Vagrant page. Since 99% of the code is re-used, most of your questions should be answered there.

Update MediaWiki-Vagrant to the latest version

Run git pull (as yourself) in the /srv/mediawiki-vagrant directory.

Note: if there have been changes to the mediawiki-vagrant ruby code (Vagrant plugin), you will need to force a Puppet run on the host computer using sudo -i puppet agent --test --verbose in order to update the Vagrant installation to use the newer plugin code.

Update the custom MediaWiki-Vagrant Vagrant plugin?

After updating /srv/mediawiki-vagrant via git pull you may receive an error from the vagrant command similar to "Message: RuntimeError: Your mediawiki-vagrant plugin isn't up-to-date. Please re-run `setup.sh`." If you try to follow this advice the setup.sh command will fail with a "Permission denied" error. This happens because the Vagrant environment is actually owned by the mwvagrant user and vagrant is a shell alias to a wrapper script that uses sudo.

The easiest way to update the installed version of the MediaWiki-Vagrant Vagrant plugin is by running Puppet on the host computer: sudo puppet agent --test --verbose. If you really want to update manually for some reason, this command should work: cd /srv/mediawiki-vagrant && sudo -u mwvagrant -n -- /usr/bin/env VAGRANT_HOME="/srv/vagrant-data" ./setup.sh

Update MediaWiki and other applications

The Vagrant command git-update intelligently upgrades most of the pieces of MediaWiki. 

$ cd /srv/mediawiki-vagrant
$ vagrant git-update

Edit MediaWiki and other git managed files

It's probably easiest to become user mwvagrant as that user owns most content that is managed by MediaWiki-Vagrant. 

$ sudo su mwvagrant
$ cd mediawiki
$ # Make temporary local changes, etc.
$ exit

Migrate from using role::labs::vagrant

The best way to do this is just to build a new VM with role::labs::mediawiki-vagrant following the instructions above and migrate your wiki content and configuration over to the new host using normal methods. See Manual:Moving_a_wiki for more instructions.

Note: role::labs::vagrant has been renamed role::deprecated::labsvagrant. To find hosts where it is still in use, see watroles.

Create new MediaWiki-Vagrant roles

Patch the mediawiki-vagrant repository, either on diffusion or github. See mw:MediaWiki-Vagrant for more details.

Test my puppet changes to Mediawiki-Vagrant

The best idea is for you to develop your patches in your local machine, push them to gerrit, pull them onto the Cloud VPS machine and test it there. This ensures that you don't have to put your private keys on the Cloud VPS instance.

  1. Submit a patchset to Mediawiki-Vagrant via Gerrit
  2. ssh to your Cloud VPS instance, and cd to /srv/mediawiki-vagrant
  3. Cherry-pick your patch from gerrit (you can copy paste the relevant git cherry-pick command from the gerrit page for your changeset)
  4. Run vagrant provision

Choose how big an instance to use

Consider that Vagrant runs several services by default, including MySql, HHVM and a Redis jobrunner. Especially if you plan to run heavy operations like unit testing big masses of code, to avoid swapdeath and/or OOM, choose the m1.medium or m1.large instances (4 and 8 GB RAM respectively).

Run a wikifarm

When using roles like centralauth and wikidata you will need to be able to access multiple wikis that are provisioned on a single Cloud VPS virtual machine. By default, role::labs::mediawiki_vagrant sets up its Apache2 configuration so that if you are running from a Cloud VPS instance named mycoolproject.eqiad.wmflabs then Apache will route requests for something-mycoolproject.wmflabs.org the same as MediaWiki-Vagrant would route something.wiki.local.wmftest.net. All you need to do to get access to these wikis is to follow the instructions at Help:Proxy to setup a proxy for the something-mycoolproject.wmflabs.org DNS hostname to your mycoolproject.eqiad.wmflabs instance.

If you want to change the base name of the wikifarm to something more meaningful for external users, you can customize the name by adding local hiera configuration data:

  • Make a /srv/mediawiki-vagrant/puppet/hieradata/local.yaml file containing a base name that will be common to all of the wikis in your farm:
mwv::tld: '-mycommonwikifarmname.wmflabs.org'
role::mediawiki::hostname: "mycommonwikifarmname.wmflabs.org"
mediawiki::multiwiki::base_domain: "-mycommonwikifarmname.wmflabs.org"
  • Enable role(s) that provide additional wikis (e.g. centralauth, wikidata)
  • Run vagrant provision to update the /etc/apache2/site-confs/devwiki/00-default.conf
  • Configure web proxies to route to your instance using hostnames like mywiki-mycommonwikifarmname.wmflabs.org
    • mywiki here would be the same name that precedes .wiki.local.wmftest.net when you are using MediaWiki-Vagrant on a laptop (e.g. "login", "centralauthtest", "wikidata", etc)
    • it can be handy to configure a proxy for bogus-mycommonwikifarmname.wmflabs.org so that you can visit the wiki via an invalid hostname (which will make it list all the valid ones)
  • Profit!

Access the MySQL database

When you install MediaWiki using MediaWiki-vagrant, it will install it an instance of MySQL server inside the vagrant virtual machine. To access the database, you should first connect to the virtual. To do that you should first go to the directory where the virtual machine is stored (typically /srv/mediawiki-vagrant) and run vagrant ssh to connect to the virtual machine. At this point, you can simply run mysql at the command prompt of that virtual machine to connect to the MySQL server.

SSH to the Vagrant box

While you can always just SSH into the Cloud VPS box and vagrant ssh from there, you can set up a convenient shortcut via SSH forwarding. To do that, run vagrant ssh-config, copy the file used as the argument of IdentityFile to you local machine, then add something like this to your local SSH config file in ~/.ssh/config: 

Host <WM Cloud box name>
  Hostname <WM Cloud  box name>.<WM Cloud project name>.eqiad.wmflabs
  User <your LDAP username>

Host <WM Cloud box name>-vagrant
  ProxyCommand ssh -q <WM Cloud box name> nc -q0 <HostName from vagrant ssh-config>
  User vagrant
  IdentityFile <full path to the identity file you copied>

Then you can use ssh <WM Cloud box name> to ssh to the host and ssh <WM Cloud box name>-vagrant to ssh to the guest. This also works around T196537 for X11 forwarding (when used with ssh -X).

Troubleshooting

"No usable default provider could be found for your system."

This usually means that the shell alias for vagrant has not been setup for the current shell. type -a vagrant is expected to return "vagrant is aliased to '/usr/local/bin/mwvagrant'". source /etc/profile.d/alias-vagrant.sh can be used to set the alias in the current shell or the user can log out and log back into the Cloud VPS host.

Error message: "A Vagrant environment or target machine is required to run this command."

mwvagrant@my-cool-vm:~$ vagrant ssh
A Vagrant environment or target machine is required to run this
command. Run `vagrant init` to create a new Vagrant environment. Or,
get an ID of a target machine from `vagrant global-status` to run
this command on. A final option is to change to a directory with a
Vagrantfile and to try again.

This error has two likely causes:

  • Your shell session does not have the necessary alias that remaps vagrant to /usr/local/bin/mwvagrant 
    mwvagrant@my-cool-vm:~$ type -a vagrant 
vagrant is aliased to `/usr/local/bin/mwvagrant'
vagrant is /usr/bin/vagrant
    • Solution: log out and log back into your Cloud VPS instance.
  • Your working directory is not /srv/mediawiki-vagrant or a subdirectory.
    • Solution: cd /srv/mediawiki-vagrant and then try your command again.

Server not found

If your chosen proxy name is not the same as the hostname of the Cloud VPS instance, you will need to override the default value for role::mediawiki::hostname by creating a config file at /srv/mediawiki-vagrant/puppet/hieradata/local.yaml with role::mediawiki::hostname: <your new proxy hostname>.wmflabs.org and apply the change using vagrant provision.

Choose your wiki limbo state

The error asks you to specify a valid host header and you see a list of wikis to choose from but clicking on the wiki doesn't work. You can usually fix this problem by restarting the apache service inside the LXC container using a command like vagrant ssh -- sudo service apache2 restart.

See also

Retrieved from "https://wikitech-static.wikimedia.org/w/index.php?title=Help:MediaWiki-Vagrant_in_Cloud_VPS&oldid=373666"