Closed
Bug 1588863
Opened 5 years ago
Closed 5 years ago
Get websocktunnel and stateless DNS working in community-tc
Categories
(Taskcluster :: Operations and Service Requests, task)
Taskcluster
Operations and Service Requests
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dustin, Assigned: dustin)
References
Details
For websocktunnel:
- config the auth service
- config
assume:worker-pool:*with the relevant scope - config worker pools to cause generic-worker to use it (noting there are no g-w workers)
For stateless:
- config workers with public IPs
- make sure public IPs are passed from tc-worker-runner
- set up secrets with the stateless DNS secret
|
Assignee | |
Comment 1•5 years ago
|
||
workers appear to have public IPs already:
"networkInterfaces": [{
"accessConfigs": [{
"type": "ONE_TO_ONE_NAT"
}],
}],
|
|
Assignee | |
Comment 2•5 years ago
|
||
{"public-ipv4", "/instance/network-interfaces/0/access-configs/0/external-ip"},
so it looks like worker-runner is passing that along correctly
|
|
Assignee | |
Comment 3•5 years ago
|
||
I created https://community-tc.services.mozilla.com/secrets/worker-pool%3Aproj-taskcluster%2Fci containing the stateless DNS secret (and hostname, for good measure).
|
|
Assignee | |
Comment 4•5 years ago
|
||
I added an "allow-livelog-and-interactive" firewall rule allowing ingress to tcp 32768-65535 to all instances to the community-tc-workers GCP project. That's only necessary for docker-worker.
|
|
Assignee | |
Comment 5•5 years ago
|
||
And that did it for docker-worker! I think things are ready for generic-worker, too, but we don't have any yet.
|
|
Assignee | |
Comment 6•5 years ago
|
||
|
|
Assignee | |
Comment 7•5 years ago
|
||
We can open a new bug if there's some reason this doesn't work for g-w. The pieces are in place, so that would be a defect.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•