The official LNT server hosted at lnt.llvm.org hasn’t been operational for some time and the previous owners at Google are no longer actively involved in maintaining it. The RISC-V backend contributors have been using an instance owned by Igalia as an alternative but they would prefer moving to the official instance, especially since there has been a renewed interest in LNT from other LLVM projects such as libc++. @lukel therefore proposed moving the official LNT server to a machine owned by the LLVM Foundation.
We discussed this proposal within the @infra-area-team and agreed to provide an AWS instance for the official LNT server which would be hosted at lnt.llvm.org. This is primarily the question of sovereignty, but since the expected cost is reasonable and there are a number of potential users across LLVM, we believe this is a worthwhile investment.
In terms of implementation, the @infra-area-team would prefer if the instance was managed using Terraform with the configuration files living in the llvm-zorg repository akin to the presubmit infrastructure. This makes the infrastructure more transparent and allows recreating the instance if needed in the future.
@petrhosek on behalf of the @infra-area-team.
7 Likes
Hi,
I implemented the above in https://github.com/llvm/llvm-lnt/pull/128, with a few minor differences. Namely, all of the Terraform configuration stuff is located in the llvm-lnt repository itself – this makes everything simpler and the setup is straightforward enough that we don’t benefit from shared code in llvm-zorg.
With that configuration, I was able to deploy a production LNT instance to my personal AWS account. The only things left to do from the Foundation side would be to follow the three steps outlined in https://github.com/llvm/llvm-lnt/blob/main/deployment/README.md:
- Set up secrets on Github to allow managing the instance via Github Actions
- Set up a S3 bucket to store the Terraform state
- Set up secrets in the AWS Secret Manager
Finally, we should point the DNS entry for lnt.llvm.org to the EC2 instance (IIUC this is normally done by allocating an Elastic IP (which is stable) within EC2 and pointing the DNS to that stable IP address).
Note that I’m happy to perform the above steps if given access, or to guide someone with the appropriate access. I do believe it would be really useful to provide limited access to the Foundation’s AWS account to some individuals that will administer the instance. For example, we will eventually want to add new DBs (to avoid storing everything in the same DB) and also perform cleanup tasks. I’d be happy to do that, but I would need SSH access to the instance.
Finally, since LNT hasn’t been in use for quite some time now, I’d like to keep lnt.llvm.org “experimental” for a bit until we can stabilize the instance. For example, it’s possible that we’ll need to perform changes to how the instance is deployed and I don’t know whether it will be realistic to promise data persistence at first. So I would suggest that for the first 1-2 months, we add a mention on lnt.llvm.org to explain that it is experimental and data might be lost. Once we are comfortable with the whole deployment setup, we can make it officially supported.
1 Like