recipe-maintainers/cc-ci-orchestrator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

orchestrator-migration: Phase A COMPLETE (cc-ci-orchestrator VM up + ssh) + reboot #3 log

Browse Source 
Phase A done before the Pi's reboot #3 (commit was interrupted): the loops VM
cc-ci-orchestrator is on the tailnet (100.116.55.106) and ssh-able; TS-key
finding recorded (VM-creator .test.env key revoked; cc-ci .testenv key valid +
persisted). REBOOTS.md carries the auto-logged 2026-05-30 17:03 reboot
(cc-ci-loops.service auto-recovered the loops at phase 2; swapfile persisted).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-05-30 17:07:02 +01:00
parent 742a08b677
commit e7f05ceffe
2 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cc-ci-plan/REBOOTS.md
View File

@ -13,3 +13,4 @@ lines below to see how often it's happening.
- 2026-05-28 (~20:02 BST) — reboot (backfilled from memory; uptime showed 5 min at 20:07). Loops
manually relaunched at phase 2; this is what prompted adding `cc-ci-loops.service` +
auto-logging. Auto-logging is live from the next reboot onward.
- 2026-05-30 17:03:05 BST — reboot detected; loops auto-started by systemd (resuming phase index 6). boot_id=f565f752-0463-42db-b787-9e0db35a5e3f

22
cc-ci-plan/plan-orchestrator-migration.md
View File

@ -11,12 +11,22 @@ relocating this orchestrator session there too.
into a non-event. It also consolidates the orchestrator next to the infra it manages.
**Status:** IN PROGRESS (operator go-ahead 2026-05-30 — the Pi is OOM-thrashing/slow).
**Phase A under way:** VM `cc-ci-orchestrator` (**2 GB / 2 vCPU / 30 GB**, `incus-base-vm`) CREATED via
the Incus API + started 2026-05-30; cloud-init → `nixos-rebuild boot` → reboot → tailnet join in
progress. Remaining Phase-A items: (i) add the orchestrator's `cc-ci-root` pubkey via `incus exec`
(create-time cloud-init only authorized the 2 TF-default keys), (ii) confirm tailnet + ssh, (iii)
write the reproducible Terraform project `projects/cc-ci-orchestrator/` for the record (created via
API this time — note the drift). Then Phase B (the `cc-ci-orchestrator` NixOS-config git repo).
**Phase A ✅ COMPLETE (2026-05-30):** VM `cc-ci-orchestrator` (**2 GB / 2 vCPU / 30 GB**,
`incus-base-vm`, NixOS 24.11) created via the Incus API + booted; **on the tailnet at
`100.116.55.106`**; **ssh works** (`ssh cc-ci-orchestrator` through the :1055 proxy — `cc-ci-root`
pubkey added via `incus exec`). Reproducible Terraform record at
`incus-terraform-nix-vm-creator/projects/cc-ci-orchestrator/` (note: this instance was API-created, so
TF drift — see PROVENANCE.txt).
- **TS-key finding:** the VM-creator's `.test.env` reusable key is **REVOKED** ("API key does not
exist"). The **`/srv/cc-ci/.testenv` `TS_AUTH_KEY` is valid** — used it to join, and persisted it into
the VM's `/etc/ts-auth-key`. So the plan's "operator provides a fresh TS key" item is **resolved** (no
new key needed); housekeeping: revoke/rotate the dead key in `.test.env`.
- **Sizing watch:** 2 GB ≈ 1.7 GiB usable; fine idle (284 MiB) but tight for 3 concurrent claude
sessions (Pi OOM lesson). Phase B will declare a **swapfile**; bump to 4 GB pre-cutover if needed.
**Next — Phase B:** the `cc-ci-orchestrator` NixOS-config git repo (SOCKS proxy + loop-supervisor boot
service + claude CLI + sops secrets). Then C (stage workspace), claude auth (operator), D/E (cutover).
---