Windows build machine
THESE INSTRUCTIONS ARE OUTDATED. New and improved instructions can be found here.
Gitlab runners for Windows can be virtualized or installed directly on iron. Although virtual machines on FreeBSD jails have been observed to have dismal performance, the provisioning of such a VM is still documented here in case we need it at some point. The installation of Windows on non-virtual machines (or on VMs based on technology other than FreeBSD jails) is not documented on this page.
The installation of any Windows CI runner machine (whether virtual or physical) requires Windows to be installed and Remote Desktop to be enabled: Windows Explorer -> right-click "This PC" -> select "Properties" from the drop-down menu -> click "Remote settings" -> under "Remote Desktop", select "Allow remote connections to this computer" -> confirm. Test whether the machine is accessible by connecting to the machine, either by DNS name or by IP address.
Either continue with Virtual machine installation or, if installing a non-virtual runner, with the Install and configure
section (below).
Virtual machine installation
To create a new virtualized Gitlab runner for Windows builds, start by selecting a FreeBSD machine to host the (new) Windows VM. SSH into that machine and su
to gain root access.
Create Virtual Machine
Create a template file with settings for Windows VMs:
cd /vm/.templates
cat > windows.conf
Copy and paste the following text into the file (i.e. into your SSH session):
uefi="yes"
cpu=3
memory=3G
xhci_mouse="yes"
network0_type="virtio-net"
network0_switch="public"
disk0_type="ahci-hd"
disk0_name="disk0"
disk0_dev="sparse-zvol"
graphics="yes"
graphics_wait="yes"
Save the file by pressing Ctrl+D
. If you're connecting from a Windows client, verify that it has correct line endings: file windows.conf
should say something like ASCII text
, without reporting with CRLF line terminators
. Once the file is OK, create the VM using the name win
and a 100 Gb (virtual) hard disk:
vm create -t windows -s 100G win
Install Windows
Determine the HTTP URL of an ISO image containing the Windows version (preferably 64-bit) you want to install. You might want to use one provided by C&CZ. Then retrieve the image (replacing the URL by the one you're using):
vm iso http://install.science.ru.nl/science/MS%20Windows/10/1803/SW_DVD5_Win_Pro_Ent_Edu_N_10_1803_64BIT_English_-2_MLF_X21-79647.iso
Mount the image in the VM (replacing the disc image name by the one you just downloaded):
vm install win SW_DVD5_Win_Pro_Ent_Edu_N_10_1803_64BIT_English_-2_MLF_X21-79647.iso
The machine and/or Windows installation will be suspended until you connect to the VM's console. Use TightVNC Viewer to connect to the-host-machine:5900
. The Windows installer will prompt you to press a key to boot from the mounted ISO. Press that key! Then complete the Windows installation wizard. Skip the network configuration for now, since we'll (need to) install a different (virtual) network card later.
The VM will reboot several times during the installation process, causing the (Tight)VNC connection to be closed. Reconnect every time until you're presented with the Windows desktop.
Finalize Windows and VM configuration
Use TightVNC to shut down the VM and open an SSH console into the host machine. Download and mount the disc image that will allow you to install the "virtio" network drivers:
vm iso https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso
vm install win virtio-win.iso
Reconnect to the VM using (Tight)VNC. (The machine may complain about not being able to boot from CD-ROM. Ignore this and wait for Windows to be started.) Log on.
Open Device Manager. (Windows Explorer -> right-click "This PC" -> select "Manage" from the drop-down menu -> Select "Device Manager" in the tree view.) It will have an "Ethernet Controller" that Windows warns about (yellow triangle). Open (double-click) this device and click the "Update Driver..." button. Select "Browse my computer for driver software", locate directory "D:\NetKVM" and select the subdirectory appropriate for your operating system (e.g. "w10" for Windows 10) and architecture (e.g. "amd64" for 64-bit Windows). Complete the wizard to install the driver. The VM will connect to the network and Windows will prompt whether to allow network discovery. Do not allow this.
Determine the machine's IP address, either in a Windows-y way or by executing ipconfig /all
from a command prompt. Take note of this IP address, since you'll need it later to connect over RDP.
Allow Remote Desktop access to the machine. (Windows Explorer -> right-click "This PC" -> select "Properties" from the drop-down menu -> click "Remote settings" -> under "Remote Desktop", select "Allow remote connections to this computer" -> confirm.) Test whether the machine is accessible by connecting to the VM's IP address.
Once Remote Desktop is set up and working, shut down the VM one last time, SSH into the host machine and
- Edit file
/vm/win/win.conf
: - Remove setting
graphics_wait="yes"
to allow the machine to boot without waiting for a (VNC) client connection. - Remove setting
graphics="yes"
to disallow further (Tight)VNC connections to the machine. - Edit file
/etc/rc.conf
: - Add the name of your VM
win
to the space-delimited value ofvm_list
to have the VM started automatically when the host machine starts. E.g. if the setting readsvm_list="coreos"
, change it tovm_list="coreos win"
. - Restart the VM:
vm start win
.
Your VM is now ready to install and configure.
Install and configure
Connect to the machine using a Remote Desktop client. Install
- Prometheus node exporter according to the installation procedure.
-
Ensure you configure the exporter to listen on port
9100
(since other ports won't be accessible due to firewalling). -
Gitlab runner according to the documented installation procedure. During Gitlab runner's registration process:
- when prompted for the tags, do not copy them from existing Windows CI runners just yet to prevent CI jobs from being scheduled on this runner right away. Instead specify a (single) unique tag so the new runner's functioning can be tested from a branch (see below).
- when prompted for the executor, specify
shell
. - ensure that the
gitlab-runner
service runs under a local user account (i.e. notLocal System
) with administrative privileges (i.e. not aDefault user
). - ensure that
gitlab-runner
's user account is allowed to create symbolic links.
New build servers should be provisioned using Chocolatey and Conan. The installation of legacy runners is also still documented.
Provisioned runner based on Chocolatey/Conan
The installation of Windows CI runners is mostly scripted in a batch file provided from the pep/ops
repository. The script currently requires two pieces of software to be installed by hand:
- Gitlab runner must be installed as described above. Ensure that the runner uses PowerShell for CI job execution. Newer software versions will default to this, but if you're using an older version of the software (not recommended), ensure that your
config.toml
specifiesshell = "powershell"
. - Git must be installed as documented for development boxes.
Further installation is scripted in a batch file provided from the pep/ops
repository. Either run the batch file manually on your new machine, or wait for the machine's first CI job to invoke the script and provision the machine for you.
Really PEPpy DevOps wizards will want to automate the installation of Git and Gitlab runner as well. So please include those installations in the provisioning script and update this documentation accordingly.
Continue with the Test
section (below).
Legacy (manually installed) runner
This section describes how Windows CI runners should be installed for our legacy CI code, which was based on Windows (batch file/cmd.exe
) scripting. Virtual machines Windows10Builder
and Windows10Builder_5
have been installed this way. Follow these instructions only if you need CI builds for a branch that hasn't been migrated to builds based on Chocolatey/Conan and PowerShell yet.
Newer Gitlab runner software versions will default to using PowerShell, but our legacy CI code is based on Windows batch files. If you're using an newer version of the software, ensure that your config.toml
specifies shell = "cmd"
. Note that Gitlab has deprecated the use of the cmd
shell, so really new versions may refuse to accept this configuration.
Install and configure the build server as if it were a Windows dev box, but
- when editing settings, be sure to apply your changes to the entire machine (as opposed to only your user account): open Windows Explorer -> right-click
This PC
-> chooseProperties
from the drop-down menu -> click linkAdvanced system settings
-> click button "Environment Variables...` -> use the bottom half of the screen. - you may choose to skip
- installation of any software not used to build PEP Assessor.
- installation of any software used in local development, such as GUI frontends for command line utilities.
- configuration for local development, such as paths required for debugging.
Install the following additional software (which is required on CI build servers but not dev boxes):
- QT Installer Framework 3.0, to be selected during installation of QT.
- sed for Windows.
- The Windows Installer XML (WiX) toolset which, at the time of writing, requires the .NET Framework 3.5, which can be installed as an optional feature in Windows 10.
Edit environment variables (for all users):
- Ensure that the following command line utilities are in the path (for all users):
- MSBuild. E.g. you'd add
C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\MSBuild\15.0\Bin
to the path when using Visual Studio 2017 installed to its default location. - sed. E.g. you'd add
C:\Program Files (x86)\GnuWin32\bin
to the path when sed is installed to its default location. - Define environment variable
BOOST_LIBRARYDIR
to the directory where the Boost libraries for your toolchain are installed, e.g.C:\local\boost_1_68_0\lib64-msvc-14.1
for Boost 1.68.0 for Visual Studio 2017 installed to its default location.
Confirm when you're done editing environment variables. Continue with the Test
section (below).
Test
To ensure updated settings are picked up during the build, restart the gitlab runner service:
- either from the "Services" administrative tool,
- or from the command line:
net stop gitlab-runner
followed bynet start gitlab-runner
.
Both methods require administrative privileges.
Create a git branch of master. Within your branch, edit the .gitlab_ci.yml
file so that
- the Windows build step is performed for commits on your (feature) branch.
- the Windows build step requires the tag you assigned to the new gitlab runner.
- other build steps are skipped (since we don't want to wait for those).
Commit the changes and push them to gitlab. The CI pipeline for your feature branch should perform the Windows build on the new runner. (If not, check the tag settings for the runner and the job.) Fix any issues that come up until the new runner successfully completes the Windows build.
Download the artifacts produced by your runner and compare them (using a diff utility) to the artifacts produced by another runner. Fix any significant discrepancies. Repeat until you're satisfied that your runner produces artifacts the same way that other runners do.
Do not merge your test/feature branch back to master
. Instead delete it, both locally and from gitlab. Then enable job scheduling on your new machine.
Enable CI job scheduling
Once the Windows runner can successfully perform the Windows build step(s) in your branch, allow it to pick jobs from other branches by editing the runner's registration in gitlab:
- Expand the
Runners
heading. - Locate the new runner: it'll have the name you entered during the registration process.
- Remove the temporary test tag you added earlier.
- Add the tags required for the Windows build step, as defined in the
.gitlab_ci.yml
file.
Your runner is now ready to pick jobs for CI pipelines. Test one final time:
- Pause all other Windows runners in gitlab.
- Run a
master
or other pipeline. It should be picked up by your new runner. (If not, check the tag settings for the runner and the job.) Fix any issues that come up. Once successful: - Resume the Windows runners you paused.
Monitor the build server
Add the newly commissioned server to the central Prometheus server configuration file to have it monitored. If you followed the installation instructions, it should be running (and accessible) on port 9100
. (By default the node exporter exposes itself on port 9182
, which will be inaccessible due to firewalling.)