scala
diff --git a/‎automationPending.md
Lines changed: 0 additions & 2 deletions b/‎automationPending.md
Lines changed: 0 additions & 2 deletions
diff --git a/‎doc/adding-nodes.md
Lines changed: 0 additions & 84 deletions b/‎doc/adding-nodes.md
Lines changed: 0 additions & 84 deletions
diff --git a/‎doc/client-setup.md
Lines changed: 25 additions & 84 deletions b/‎doc/client-setup.md
Lines changed: 25 additions & 84 deletions
diff --git a/‎doc/design.md
Lines changed: 3 additions & 4 deletions b/‎doc/design.md
Lines changed: 3 additions & 4 deletions
@@ -50,8 +50,6 @@ uid                  Scala Project <scala-internals@googlegroups.com>
 sub   2048R/202D3646 2013-04-30 [expires: 2019-05-16]
 ```
 
-### How to automate
-Update chef vault "worker-publish" / "gnupg" items "pubring-base64", "secring-base64" with new content, as found on the worker.
 
 ## Alternate JDK installation
 
 
@@ -9,65 +9,6 @@ instructions would work on Linux as well, with minor changes.)
 One-time setup instructions for the CI infrastructure _as a whole_
 are in a separate document, [genesis.md](genesis.md).
 
-## Install chef and knife clients
-
-```
-brew cask install chefdk
-eval "$(chef shell-init zsh)" # set up gem environment
-gem install knife-ec2 knife-windows knife-github-cookbooks chef-vault
-```
-
-tips/troubleshooting:
-
-* you might choose to `gem install --user-install` instead so only your
-  own `~/.gem` directory is affected (and so you don't need `sudo`)
-* if you're on Mac OS X 10.11, make sure you are using ChefDK 0.8.0
-  or higher, so as not to run afoul of
-  https://github.com/chef/chef-dk/issues/419
-* if `gem install` gives an error message about unsatisfiable
-  constraints on the version of the chef-config gem, add `-f`
-  to force-ignore the problem `¯\_(ツ)_/¯` and cross your fingers
-  that nothing goes wrong as a result
-
-## Get credentials for the typesafe-scala chef.io organization
-
-Join chef.io (https://manage.chef.io/signup), and ask on Slack to be invited to the typesafe-scala org.
-
-For the CLI to work, you need:
-```
-export CHEF_ORG="typesafe-scala"
-```
-
-If your username on chef.io does not match the local username on your machine, you also need
-```
-export CHEF_USER="[username]"
-```
-
-## Get your public key added
-
-Open a pull request, modeled on https://github.com/scala/scala-jenkins-infra/pull/106,
-to add your own ssh public key (not an Amazon-provided key; a personal key of your
-own) to `attributes/pubkeys.rb`, so you can use your key to ssh to the various servers.
-
-## Set up directories
-
-```
-mkdir -p ~/git/cookbooks
-cd ~/git/cookbooks
-git init .
-git commit --allow-empty -m "Initial"
-git config core.autocrlf false
-hub clone scala/scala-jenkins-infra
-cd scala-jenkins-infra
-ln -sh ~/git/cookbooks $PWD/.chef/
-mkdir .chef/config
-```
-
-(The `core.autocrlf` thing may be needed to prevent "fatal: CRLF would be replaced by LF" errors when cloning cookbook repos, depending on your global git config.)
-
-You can then generate and download your private key on https://manage.chef.io/organizations/typesafe-scala/users. Put it in `~/git/cookbooks/scala-jenkins-infra/.chef/config/$CHEF_USER.pem`. Then you can use knife without further config. See `.chef/knife.rb` for key locations.
-
-Test if knife works correctly by running `knife cookbook list`.
 
 ## Hosts and SSH config
 
@@ -98,22 +39,40 @@ it's only ssh-able from jenkins-master itself; see below.)
 Add the following to your `~/.ssh/config`:
 
 ```
-Host jenkins-master
+Host jenkins-worker-publish
+  IdentityFile /Users/adriaan/.ssh/ansible.pem
   User admin
 
 Host jenkins-worker-behemoth-1
-  User ubuntu
+  IdentityFile /Users/adriaan/.ssh/ansible.pem
+  User admin
 
 Host jenkins-worker-behemoth-2
-  User ubuntu
+  IdentityFile /Users/adriaan/.ssh/ansible.pem
+  User admin
 
-Host jenkins-worker-ubuntu-publish
-  User ubuntu
+Host jenkins-worker-behemoth-3
+  IdentityFile /Users/adriaan/.ssh/ansible.pem
+  User admin
+
+Host jenkins-master
+  IdentityFile /Users/adriaan/.ssh/ansible.pem
+  User admin
 
 Host scabot
   HostName jenkins-master
-  IdentityFile $PWD/.chef/scabot.pem
   User scabot
+
+Host jenkins-worker-windows-publish
+  HostName 172.31.0.178
+  IdentityFile ~/.ssh/scala-jenkins.pem
+  User jenkins
+  ProxyCommand ssh -q -W %h:%p jenkins-master
+
+Host influxdb
+  HostName 172.31.0.100
+  User ubuntu
+  ProxyCommand ssh -q -W %h:%p jenkins-master
 ```
 
 Verify that you can actually ssh to the various machines.
@@ -186,25 +145,7 @@ ssh'ing to jenkins-master first.  From jenkins-master, do:
 which should get you to a Cygwin prompt.  (If it doesn't work, maybe
 you forgot to bring the Windows node online first?)
 
-Missing key?  If you find that `~/.ssh/jenkins_id_rsa` isn't
-present on jenkins-master, you can recreate it as follows.
-The keypair is stored in our Chef vault (as provided by the chef-vault
-cookbook) as `scala-jenkins-keypair`.  Here's how to retrieve it:
-
-    knife vault show --format json master scala-jenkins-keypair \
-      | jq -r .private_key > jenkins_id_rsa
-    knife vault show --format json master scala-jenkins-keypair \
-      | jq -r .public_key  > jenkins_id_rsa.pub
-
-From there, you can `scp` it up to `~/.ssh` on jenkins-master.
-
-If you get "master/scala-jenkins-keypair is not encrypted with your
-public key", that means you must ask one of the existing vault admins
-to do e.g.
-
-    knife vault update master scala-jenkins-keypair \
-      -A adriaan,tisue,lrytz \
-      --search 'name:jenkins-master
+Keys are stored using ansible vault.
 
 ### Remote access (graphical)
 
 
@@ -3,7 +3,7 @@ in overview.md. some pieces may be only historical now)
 
 # Design for scala-ci.typesafe.com
 
-Jenkins on EC2, configured using chef
+Jenkins on EC2, configured using ansible (not documented since it happened in a rush when moving away from chef...)
 
 * centered around GitHub & future move to Travis CI
    * no nightly builds (not supported on Travis) -- run integration on every merge
@@ -16,11 +16,10 @@ Jenkins on EC2, configured using chef
    * job-specific params incorporated into job title
 * use jenkins strictly as a job scheduler/dashboard
    *  archive logs, builds elsewhere
-   *  configuration is handled by chef
+   *  configuration is handled by ansible
 * the jenkins server/workers are considered stateless & opaque
-   * infrastructure is fully defined by chef cookbook
+   * infrastructure is fully defined in ansible config
    * worker nodes have home directory mounted on device that is wiped on reboot (ephemeral storage on EC2)
-   * chef-client runs on boot, and every 30 minutes
    * as little information as possible in jenkins job config: standardize common stuff & extract logic to scripts
 * use maven to store and communicate compiled artifacts
    * every commit has artifacts on our artifactory, use them for running test suite downstream, git bisect,...