From 6036f5a1b7f648cbd84dd4f698811d8aa0e2dd50 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Tue, 6 Dec 2022 14:41:53 +0100 Subject: [PATCH] deploy tricot metrics on production --- cluster/prod/app/core/deploy/core.hcl | 12 ++++++++++-- cluster/prod/app/telemetry/config/prometheus.yml | 10 ++++++++++ .../staging/app/frontend/deploy/frontend-tricot.hcl | 6 +++--- doc/ports | 1 + 4 files changed, 24 insertions(+), 5 deletions(-) diff --git a/cluster/prod/app/core/deploy/core.hcl b/cluster/prod/app/core/deploy/core.hcl index 43966b7..c1331f3 100644 --- a/cluster/prod/app/core/deploy/core.hcl +++ b/cluster/prod/app/core/deploy/core.hcl @@ -75,13 +75,14 @@ EOH network { port "http_port" { static = 80 } port "https_port" { static = 443 } + port "metrics_port" { static = 9334 } } task "server" { driver = "docker" config { - image = "lxpz/amd64_tricot:42" + image = "lxpz/amd64_tricot:44" network_mode = "host" readonly_rootfs = true ports = [ "http_port", "https_port" ] @@ -91,7 +92,7 @@ EOH } resources { - cpu = 500 + cpu = 1000 memory = 200 memory_max = 500 } @@ -129,6 +130,7 @@ TRICOT_CONSUL_CLIENT_CERT=/etc/tricot/consul-client.crt TRICOT_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key TRICOT_HTTP_BIND_ADDR=[::]:80 TRICOT_HTTPS_BIND_ADDR=[::]:443 +TRICOT_METRICS_BIND_ADDR=[::]:9334 RUST_LOG=tricot=debug EOH destination = "secrets/env" @@ -148,6 +150,12 @@ EOH tags = [ "(diplonat (tcp_port 443))", "${meta.site}" ] address_mode = "host" } + + service { + name = "tricot-metrics" + port = "metrics_port" + address_mode = "host" + } } } diff --git a/cluster/prod/app/telemetry/config/prometheus.yml b/cluster/prod/app/telemetry/config/prometheus.yml index a52b64d..6525513 100644 --- a/cluster/prod/app/telemetry/config/prometheus.yml +++ b/cluster/prod/app/telemetry/config/prometheus.yml @@ -16,6 +16,16 @@ scrape_configs: cert_file: /etc/prometheus/consul-client.crt key_file: /etc/prometheus/consul-client.key + - job_name: 'tricot' + consul_sd_configs: + - server: 'https://localhost:8501' + services: + - 'tricot-metrics' + tls_config: + ca_file: /etc/prometheus/consul.crt + cert_file: /etc/prometheus/consul-client.crt + key_file: /etc/prometheus/consul-client.key + - job_name: 'garage' authorization: type: Bearer diff --git a/cluster/staging/app/frontend/deploy/frontend-tricot.hcl b/cluster/staging/app/frontend/deploy/frontend-tricot.hcl index ae46d4a..9a1eedd 100644 --- a/cluster/staging/app/frontend/deploy/frontend-tricot.hcl +++ b/cluster/staging/app/frontend/deploy/frontend-tricot.hcl @@ -12,7 +12,7 @@ job "frontend" { network { port "http_port" { static = 80 } port "https_port" { static = 443 } - port "metrics_port" { static = 8334 } + port "metrics_port" { static = 9334 } } task "server" { @@ -20,7 +20,7 @@ job "frontend" { config { packages = [ - "git+https://git.deuxfleurs.fr/Deuxfleurs/tricot.git?ref=main&rev=ba5bf133f61c3a56728c2ab73e11abf47ef8348c" + "git+https://git.deuxfleurs.fr/Deuxfleurs/tricot.git?ref=main&rev=8d1162f20694d5d8551879e7ba9b34c817f0caed" ] command = "tricot" # cap_add = [ "net_bind_service" ] # this doesn't work for whatever reason, so we need to put user = "root" instead @@ -65,7 +65,7 @@ TRICOT_CONSUL_CLIENT_CERT=/etc/tricot/consul-client.crt TRICOT_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key TRICOT_HTTP_BIND_ADDR=[::]:80 TRICOT_HTTPS_BIND_ADDR=[::]:443 -TRICOT_METRICS_BIND_ADDR=[::]:8334 +TRICOT_METRICS_BIND_ADDR=[::]:9334 RUST_LOG=tricot=debug EOH destination = "secrets/env" diff --git a/doc/ports b/doc/ports index 17fd3d0..c8c88dd 100644 --- a/doc/ports +++ b/doc/ports @@ -46,4 +46,5 @@ ports so that we can avoid conflicts when adding services. 8999 opendkim 9090 prometheus 9100 node_exporter +9334 tricot metrics 9991 guichet