Update docs and script for installing win machines
I have tried to install new windows machine for buildkite and updated some scrips and docs on along the way. - Updated base image for k8s agent installation as it gave a warning that previous version was old. - Now buildkite secret is configured in a powershell script along with tags (and possible other parameters). - Split "windows_agent_start.ps1" to "..jenkins" and "..buildkite" as some parameters are different. - Created a "windows-development" machine in GCP stat can be resumed to build docker images / expriment.
# escape=`
# use windows server core image
ARG agent_windows_version
FROM gcr.io/llvm-premerge-checks/agent-windows:${agent_windows_version}
# install buildkite agent as described in the documentation
# https://buildkite.com/docs/agent/v3/windows
# Supply your agent token via the arguement "-token <mytoken" when building the image
ARG token
COPY start_agent.ps1 C:\scripts\
# escape=`
# use windows server core image
ARG agent_windows_version=latest
FROM gcr.io/llvm-premerge-checks/agent-windows-vs2019:${agent_windows_version}
COPY start_agent.ps1 C:\scripts\
CMD "powershell C:\scripts\start_agent.ps1"
$Env:buildkiteAgentToken = [IO.File]::ReadAllText("C:\credentials\buildkite-token.txt")
#Set-ExecutionPolicy Bypass -Scope Process -Force
iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/buildkite/agent/master/install.ps1'))
# use the name of the host machine as name for the agent in buildkite
C:\buildkite-agent\bin\buildkite-agent.exe start --tags "os=windows"
# Install Buildkite agent.
iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/buildkite/agent/master/install.ps1'))
C:\buildkite-agent\bin\buildkite-agent.exe start
## Creating docker containers on Windows
If you want to build/update/test docker container for Windows, you need to do this on a Windows machine. Here are the instructions to set up such a machine on GCP.
If you want to build/update/test docker container for Windows, you need to do this on a Windows machine.
**Note**: There is an existing *windows-development* machine that you can resume and use for development. Please stop it after use.
Here are the instructions to set up such a machine on GCP.
1. Pick a GCP Windows image with Desktop Support.
* pick a "persistent SSD" as boot Disk. This is much faster
* Add a "local scratch SSD" and use it as you workspace. This is much faster.
* (optionally) add a "local scratch SSD" and use it as you workspace. This will make builds faster, but you **will not be able to stop** this instance and will have to kill and re-create it again.
* make sure that you give enough permissions in "Identity and API access" to be able to e.g. push new docker images to GCR.
1. Format the local SSD partition and use it as workspace.
1. install [Chocolately](https://chocolatey.org/docs/installation):
iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
1. Install git: `choco install -y git`
iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
1. Install development tools: `choco install -y git googlechrome vscode`
1. (optionally) If you want to be able to push changes to github, you need to set up your github SSH keys and user name:
git config --global user.name <your name>
git config --global user.email <your email>
1. Install [Docker Enterprise](https://docs.docker.com/ee/docker-ee/windows/docker-ee/) and reboot:
Install-Module DockerMsftProvider -Force
Install-Package Docker -ProviderName DockerMsftProvider -Force
1. *optional:* install apps to help you work in the machine:
choco install -y googlechrome vscode
1. Log out of the machine and log back in.
1. Repeat until success:
1. Start "Docker Desktop" and let it install it's dependencies.
Then reboot manually, when the error message pops up.
1. If you have trouble with the machine name: try to shorten it to 16 chars.
Install-Module DockerMsftProvider -Force
Install-Package Docker -ProviderName DockerMsftProvider -Force
1. Configure the Docker credentials for GCP:
gcloud components install docker-credential-gcr
docker-credential-gcr configure-docker
gcloud init # set options according to ./k8s_config here
gcloud components install docker-credential-gcr
docker-credential-gcr configure-docker
1. To build and run the current agent run:
git clone https://github.com/google/llvm-premerge-checks
cd llvm-premerge-checks\containers
powershell .\build_run.ps1 agent-windows-jenkins
1. If you want to be able to push changes to github, you need to set up your github SSH keys and user name:
git config --global user.name <your name>
git config --global user.email <your email>
To push push a new container run in `containers`:
powershell .\build_deploy.ps1 <container-folder>
cd c:\
git clone https://github.com/google/llvm-premerge-checks
cd llvm-premerge-checks\containers
.\build_deploy.ps1 agent-windows-buildkite # or agent-windows-jenkins
c:\llvm-premerge-check\scripts\windows_agent_start_buildkite.ps1 # or windows_agent_start_jenkins.ps1
## Spawning a new windows agent
1. Go to the [GCP page](https://pantheon.corp.google.com/compute/instances?project=llvm-premerge-checks&instancessize=50) and pick a new number for the agent.
1. Run `kubernetes/windows_agent_create.sh agent-windows-<number>`
1. Go to the [GCP page](https://pantheon.corp.google.com/compute/instances?project=llvm-premerge-checks&instancessize=50) again
1. login to the new machine via RDP (you probably need to set the i).
1. In the RDP session: run these commands in the CMD window to bootstrap the Windows machine:
Invoke-WebRequest -uri 'https://raw.githubusercontent.com/google/llvm-premerge-checks/master/scripts/windows_agent_bootstrap.ps1' -OutFile windows_agent_bootstrap.ps1
1. Ignore the pop-up to format the new disk.
1. Wait for the machine to reboot, then copy the credendials from `windows-agent-2` in `c:\credentials` to the new machine to `c:\credentials`. You can do that by mounting a folder of your host machine via RDP into the Windows VMs.
1: Copy the credientals to `C:\credentials` from another Windows agent.
1. Run this script to start the container:
Invoke-WebRequest -uri 'https://raw.githubusercontent.com/google/llvm-premerge-checks/master/scripts/windows_agent_start.ps1' -OutFile windows_agent_start.ps1
.\windows_agent_start.ps1 jenkins
1. login to the new machine via RDP (you will need a RDP client, e.g. Chrome app).
1. In the RDP session: run these commands in the CMD window under Administrator to bootstrap the Windows machine:
Invoke-WebRequest -uri 'https://raw.githubusercontent.com/google/llvm-premerge-checks/master/scripts/windows_agent_bootstrap.ps1' -OutFile windows_agent_bootstrap.ps1
Ignore the pop-up to format the new disk andw wait for the machine to reboot.
1. Create `c:\credentials` folder with the agent credentials:
For *Buildkite* add file `buildkite-env.ps1`:
$Env:buildkiteAgentToken = "secret-token"
$Env:BUILDKITE_AGENT_TAGS = "queue=premerge;os=windows"
For *Jenkins*: `build-agent-results_key.json` to access cloud storage copy from one of the existing machines.
1. Start the container `C:\llvm-premerge-checks\scripts\windows_agent_start_[buildkite|jenkins].ps1 `
## Testing scripts locally
--zone="${GCP_ZONE}" \
--machine-type=n1-standard-16 \
--local-ssd=device-name=local-ssd-0 \
--image=windows-server-2019-dc-v20191210 \
--image=windows-server-2019-dc-for-containers-v20200512 \
--image-project=windows-cloud \
# Copyright 2019 Google LLC
# Licensed under the the Apache License v2.0 with LLVM Exceptions (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# https://llvm.org/LICENSE.txt
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
# 1st stage of the installation process.
# This script only needs to be run once per machine.
Write-Host "Initializing local SSD..."
New-Variable -Name diskid -Value (Get-Disk -FriendlyName "Google EphemeralDisk").Number
#New-Variable -Name diskid -Value (Get-Disk -FriendlyName "NVMe nvme_card").Number
# TODO: check if machine has an SSD
# TODO: only do this, if SSD is not yet partioned and formatted
Initialize-Disk -Number $diskid
New-Partition -DiskNumber $diskid -UseMaximumSize -AssignDriveLetter
Format-Volume -DriveLetter D
Write-Host "install chocolately as package manager..."
iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
choco feature disable --name showDownloadProgress
choco install -y git
# move docker folder to SSD to get better IO performance
New-Item -Path "D:\" -Name "Docker" -ItemType "directory"
cmd /C "mklink /j C:\ProgramData\Docker D:\docker"
# create folder for credentials
New-Item -Path "C:\" -Name "credentials" -ItemType "directory"
# install Docker
Install-PackageProvider -Name NuGet -Force
Install-Module -Name DockerMsftProvider -Repository PSGallery -Force
Install-Package -Name docker -ProviderName DockerMsftProvider -Force
sc.exe config docker start=delayed-auto
# install gcloud and authenticate access to gcr.io registry
# TODO: find a better way to install the Google Cloud SDK, avoid ingoring the checksum
choco install -y gcloudsdk --ignore-checksums
# exclude drive d from Virus scans, to get better performance
Add-MpPreference -ExclusionPath “D:\”
# Reboot
Restart-Computer -Force
# Copyright 2019 Google LLC
# Licensed under the the Apache License v2.0 with LLVM Exceptions (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# https://llvm.org/LICENSE.txt
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
# 1st stage of the installation process.
# This script only needs to be run once per machine.
Write-Host "Initializing local SSD..."
New-Variable -Name diskid -Value (Get-Disk -FriendlyName "Google EphemeralDisk").Number
#New-Variable -Name diskid -Value (Get-Disk -FriendlyName "NVMe nvme_card").Number
# TODO: check if machine has an SSD
# TODO: only do this, if SSD is not yet partioned and formatted
Initialize-Disk -Number $diskid
New-Partition -DiskNumber $diskid -UseMaximumSize -AssignDriveLetter
Format-Volume -DriveLetter D
Write-Host "install chocolately as package manager..."
iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))
choco feature disable --name showDownloadProgress
choco install -y git
# move docker folder to SSD to get better IO performance
New-Item -Path "D:\" -Name "Docker" -ItemType "directory"
cmd /C "mklink /j C:\ProgramData\Docker D:\docker"
# create folder for credentials
New-Item -Path "C:\" -Name "credentials" -ItemType "directory"
# install Docker
Install-PackageProvider -Name NuGet -Force
Install-Module -Name DockerMsftProvider -Repository PSGallery -Force
Install-Package -Name docker -ProviderName DockerMsftProvider -Force
sc.exe config docker start=delayed-auto
# install gcloud and authenticate access to gcr.io registry
# TODO: find a better way to install the Google Cloud SDK, avoid ingoring the checksum
choco install -y gcloudsdk --ignore-checksums
# exclude drive d from Virus scans, to get better performance
Add-MpPreference -ExclusionPath “D:\”
# clone scripts repo (this one)
git clone https://github.com/google/llvm-premerge-checks.git "c:\llvm-premerge-checks"
# Reboot
Restart-Computer -Force
# Copyright 2019 Google LLC
# Licensed under the the Apache License v2.0 with LLVM Exceptions (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# https://llvm.org/LICENSE.txt
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
# Pull and start the Docker container for a Windows agent.
# To setup a Windows agent see docs/playbooks.md
[string]$version = "latest",
[switch]$testing = $false
Write-Output "Authenticating docker..."
Write-Output "y`n" | gcloud auth configure-docker
Write-Output "Pulling new image..."
docker pull ${IMAGE}
Write-Output "Stopping old container..."
docker stop ${NAME}
docker rm ${NAME}
Write-Output "Starting container..."
if (${testing}) {
docker run -it `
-v D:\:C:\ws `
-v C:\credentials:C:\credentials `
-e BUILDKITE_AGENT_NAME=$env:computername `
--restart unless-stopped `
--name ${NAME} `
${IMAGE} powershell
} else {
docker run -d `
-v D:\:C:\ws `
-v C:\credentials:C:\credentials `
-e BUILDKITE_AGENT_NAME=$env:computername `
--restart unless-stopped `
--name ${NAME} `
# Copyright 2019 Google LLC
# Licensed under the the Apache License v2.0 with LLVM Exceptions (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# https://llvm.org/LICENSE.txt
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
# Pull and start the Docker container for a Windows agent.
# To setup a Windows agent see docs/playbooks.md
# TODO: add parameter to bootstrap buildkite or jenkins
[ValidateSet("buildkite", "jenkins")]
[switch]$testing = $false
Write-Output "Authenticating docker..."
Write-Output "y`n" | gcloud auth configure-docker
Write-Output "Pulling new image..."
docker pull ${IMAGE}
Write-Output "Stopping old container..."
docker stop ${NAME}
docker rm ${NAME}
Write-Output "Starting container..."
if (${testing}) {
docker run -it `
-v D:\:C:\ws `
-v C:\credentials:C:\credentials `
-e PARENT_HOSTNAME=$env:computername `
--restart unless-stopped `
--name ${NAME} `
${IMAGE} powershell
} else {
docker run -d `
-v D:\:C:\ws `
-v C:\credentials:C:\credentials `
-e PARENT_HOSTNAME=$env:computername `
--restart unless-stopped `
--name ${NAME} `
# Copyright 2019 Google LLC
# Licensed under the the Apache License v2.0 with LLVM Exceptions (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# https://llvm.org/LICENSE.txt
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
# Pull and start the Docker container for a Windows agent.
# To setup a Windows agent see docs/playbooks.md
[string]$version = "latest",
[switch]$testing = $false
Write-Output "Authenticating docker..."
Write-Output "y`n" | gcloud auth configure-docker
Write-Output "Pulling new image..."
docker pull ${IMAGE}
Write-Output "Stopping old container..."
docker stop ${NAME}
docker rm ${NAME}
Write-Output "Starting container..."
if (${testing}) {
docker run -it `
-v D:\:C:\ws `
-v C:\credentials:C:\credentials `
-e PARENT_HOSTNAME=$env:computername `
--restart unless-stopped `
--name ${NAME} `
${IMAGE} powershell
} else {
docker run -d `
-v D:\:C:\ws `
-v C:\credentials:C:\credentials `
-e PARENT_HOSTNAME=$env:computername `
--restart unless-stopped `
--name ${NAME} `
Reference in a new issue