-
-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EPIC: New Machine requirement: Windows dockerBuild containers #3286
Comments
Please, assign this task to me. Thank you. |
Of the three options listed on the Microsoft website:
|
OK First phase done ...
This allows the machine to be accessible via ansible running on a remote machine :-) (Also, for my own notes, to debug powershell scripts use |
Playbook execution notes:
|
ansible can be run on the host to point at the container if you install cygwin which has infrastructure/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/logs/tasks/main.yml Line 14 in 4aa7788
Noting that WSL could probably be used too, but that requires a system with virtualization extension instructions to be available which is not the case on all systems. |
Latest attempt is with:
After ansible run is complete, run the commands shown in this article
After which it can be started again and used |
EDIT: This seems to be the temporary location where it is storing the entire image before it is committed and the machine ran out of space. Noting that outside that directory most of the docker data is stored in EDIT 2: The It did, however, hit an error |
This is unfortunate. The builds aren't working because it looks like the automatic shortname generation ( EDIT: Noting that https://github.com/adoptium/infrastructure/blob/master/ansible/playbooks/AdoptOpenJDK_Windows_Playbook/roles/shortNames/tasks/main.yml already has some explicit short name creation. |
Manually created a few of the shortnames that the configure step was objecting to and I have a JDK21u build complete in a container, so this seems feasible 👍🏻 |
Noting that we should look at doing this with the MS build tools installer which is suitable for use by Open Source projects. The jdk21u builds currently use:
Other references (this numbering is more confiusing that I realised - I thought we only had the '2022' vs '19.xx' versioning differences to worry about before today...)
|
Noting that we should look at doing this with the MS build tools installer which is suitable for use by Open Source projects. The jdk21u builds currently use:
Other references (this numbering is more confiusing that I realised - I thought we only had the '2022' vs '19.xx' versioning differences to worry about before today...)
|
Struggling with the GPG role at the moment which is called during the ANT role (I'm getting Other than that a two-phase dockerfile is looking quite promising. The first sets up WinRM (will only be invoked locally) and installs cygwin with git and ansible, then triggers a reboot to ensure the cygwin path takes effect. The second runs the playbooks as normal, although for now I've currently it running in multiple layers for performance of testing to allow the caching of each layer to take effect independently:
This is currently using the playbook branch at https://github.com/sxa/infrastructure/tree/sxa_allhosts which makes a few changes to support this execution. |
The above approach seemed to work yesterday now that the machine is rebooted after adding cygwin to the PATH and I had a system which was able to successfully build jdk21u using two dockerfiles (First to configure WinRM, the second to run the playbooks using the individual layers from the previous comment. Next steps as follows:
Noting that the image without VS2013 or 2017 is 99GB in size. |
Now fixed the path setting so that it only requires one dockerfile so we have something consistent with what we have on Linux now 👍🏻 It still currently requires a username/password for the authentication, but the password can be passed into the dockerfile with I haven't got it picking up the git_sha properly yet so that is currently hard-coded. Everything else is good enough to be able to run a jdk21u build on, but it's missing the compilers for some earlier versions (Will need those on the host and mapped in via Otherwise, here is the dockerfile Dockerfile.win2022v2.txt which uses the playbook changes from https://github.com/sxa/infrastructure/tree/windows_docker_fixes |
pipelines PR was merged yesterday so the code is in and this can now be used once we identify suitable systems which can run docker, bearing in mind that for the current docker tests you need to have jenkins running as an administrative user, which is not the case for our existing machines. |
New machines being tested:
The AMD machine completed a jdk21u build in a container from the command line in just under 3h so it is possible to build with 4GiB of RAM. It was slightly slower than the numbers from the B2ms systems in the earlier comment, but it's also a different CPU, plus those tests were done with the machine having been worked a bit from the start so may have been subject to bursting limits. Since the AMD one seems to work I will also look at loading up its 256GiB
|
I have got "static" containers running jenkins agents which are running on burstable machines to test the process with the ea pipelines this week. This will mean we can switch to/from this performance testing without modifying the pipelines (i.e. the new explicit docker support is not yet being enabled). A couple of notes on this:
[*] - Sample failure: https://ci.adoptium.net/job/build-scripts/job/release/job/create_installer_windows/1108/console
|
I've done a bit of rebasing to allow us to use the updated playbooks (Currently the dockerfile is still pointing at my original fork/branch of the infrastructure repo, which has resulted in it not having recent updates such as ant) I still have to have fixes for ant-contrib (The download isn't working - I have to pull it from a copy I've put in place) and #3828 is preventing parts of the playbook from completing too with the latest versions. |
Ref the WiX error above, I have done the following to try to allow it to run on the 8GiB Intel machine:
This means that right now the machine can technically run jobs from three different jenkins agents running on it:
The first two should not be enabled in parallel (same for the other similar machines) as this will overwhelm them. None of these agents are currently running as a service during this prototype phase. |
First pass with JDK8
With jdk21 (I'll kick off some runs and populate this table once adoptium/installer#1063 is merged):
[*] Weird failure is:
First 4 jobs section breakdownb-d-w22-2-intel#1273 8171M:
b-d-w22-1-amd#1267
b-d-w22-3-intel#1276 E5-2673v4
dh-w22-1 (sxa) #1277 8Gb 8370C+SSD
|
Noting that all -ea builds from this week were run int he static docker containers, and are therefore the first set to be built with machines that only have the MS VS2022 Build Tools installation which meet the requirement in adoptium/temurin-build#3787 |
Noting that the reproducible build test (special.system) failed when there was a
Fortunately with the devkit this is no longer required. |
I've provisioned another non-burstable spot-provisioned 2-core 8GiB system dockerhost-azure-win2022--intel to run some jdk8u
For reference, run from jdk21u on bd-4-intel is at https://ci.adoptium.net/job/Grinder/12001/ and took 7h46 |
Hi @sxa - I'm seeing an issue on dockerhost-azure-win2022-x64-3-intel:
This issue is preventing builds from working on that machine. |
Git clean continues to fail.
Examples: THE jdk 21 build didn't see this issue, but we did have rm failures.
@sxa - Is this the right place for these bug reports? Maybe you'd prefer separate issues? |
This is being discussed in slack. It's specific to the PR tester which is using |
The 32 bit one was a week ago. Maybe it's fixed now? |
We think we've got a solution to the above, which I've just tested. The scenario typically occurs when a job has been run on a dockerhost node without a docker_image specified, at which point some of the permissions within the workspace directory This PR in the pipelines repository seems to resolve it. |
Closing this since the builds are now happening in containers which are being pulled from the Azure registry. |
I need to request a new machine:
Please explain what this machine is needed for:
Running builds in an isolated way where we can achieve SLSA build level 3 compliance on Windows along with the other primary platforms. Ideally we'll be able to create windows-on-windows container images which we share and then download and run the builds in.
As background info:
So the tasks required would be:
-v
on linux) which are read+write in the container-v
and use that to build Temurin in the container on the mapped volume so that the output is visible on the host system.Once this level of analysis and expertise is gained it will likely make windows installer testing, or any other such activities simpler and give us more options moving forward.
Related for historic reference:
The text was updated successfully, but these errors were encountered: