CSI - Make an Org

Most of the information on this site is intended for our customers' consumption. We do have some process notes intended to guide CSI technical staff through the environments' implementation. In general, these notes assume familiarity with our back-end processes and are not as "user friendly" as we hope to make the rest of the site.
We include these docs here so that they are available in the off chance that they might prove of interest.

Creating A New Organization

Create an brand new org in Foreman – you will need:

  • The Wolftech prefix used by the group
  • The “official” name/description of the group.
  • The Unity username of at least one admin
  • If they wish to use their own control repo or not

If the group doesn’t have an existing Wolftech prefix, we can “make one up” but keep a record as at some point we may have to register these with the AD technical group.

In all Cases

  • Logon to build.oit.ncsu.edu and become root
  • Run the neworg script to create the new org. The name of the new organization should match what is found in the Wolftech AD.
    # cd /root/foreman-scripts
    # ./neworg.sh $ORGNAME
    

NOTE: The neworg.sh script is stored in GitHub and is copied to build.oit.ncsu.edu by Puppet (role puppet_master).

If the group has an existing Control repo

They will need to add the following to the settings on their repo:

  • The service account oit.r10k.svc should be added as a collaborator with read access.
  • Add the following web hook:
setting value
payload url http://pm00.oit.ncsu.edu:8088/payload
content type application/json
which? just the push event
active checked

Now, on pm00.oit.ncsu.edu (an all Puppet Masters), edit the /etc/puppetlabs/r10k/r10k.yaml file and add the groups repo.

  :pci:
    basedir: /etc/puppetlabs/code/environments
    remote: git@github.ncsu.edu:/pcipuppet/pcipem_control.git
    prefix: true
  :$orgname:
      basedir: /etc/puppetlabs/code/environments
      prefix: true    
      remote: git@github.ncsu.edu:/...

If the group dosn’t have a Control repo

  • Create a GitHub team named $orgname_admins in the oit-csi organization on github.ncsu.edu
  • Populate this group with the Unity ids of the admins for the group.
  • Create a repo, named $orgname_puppet under the oit-csi organization in github.ncsu.edu, and add the team created above as collaborators with admin access to said repo
  • You do not need to apply git hooks or assign a service account, as this is all handled in the oit-csi organization.

Login to pm00.oit.ncsu.edu

Run the /root/foreman/newrepo.sh script, as follows

sudo -i
cd
./newrepo.sh $orgname "git@github.ncsu.edu:oit-csi/${orgname_puppet}.git"

Replace $orgname with the Foreman organization name,.

Now, on pm00.oit.ncsu.edu, edit the /etc/puppetlabs/r10k/r10k.yaml file and add the groups repo.

  :pci:
    basedir: /etc/puppetlabs/code/environments
    remote: git@github.ncsu.edu:/pcipuppet/pcipem_control.git
    prefix: true
  :$orgname:
      basedir: /etc/puppetlabs/code/environments
      prefix: true    
      remote: git@github.ncsu.edu:oit-csi/${orgname_puppet}.git

Now complete the process by creating users and assigning them the appropriate rights.

Tags:
Edit me