Page Menu
Home
Software Heritage
Search
Configure Global Search
Log In
Files
F7123704
D8441.id30430.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Subscribers
None
D8441.id30430.diff
View Options
diff --git a/data/common/common.yaml b/data/common/common.yaml
--- a/data/common/common.yaml
+++ b/data/common/common.yaml
@@ -3346,16 +3346,22 @@
store:
port-http: 19193
port-grpc: 19093
+ compact:
+ port-http: 19293
mmca:
azure-storage-container: metrics-mmca-0
store:
port-http: 19194
port-grpc: 19094
+ compact:
+ port-http: 19294
archive-staging: # rancher cluster
azure-storage-container: metrics-sesi-rocquencourt-rancher-staging-0
store:
port-http: 19195
port-grpc: 19095
+ compact:
+ port-http: 19295
grafana::db::database: grafana
grafana::db::username: grafana
diff --git a/site-modules/profile/manifests/thanos/compact.pp b/site-modules/profile/manifests/thanos/compact.pp
new file mode 100644
--- /dev/null
+++ b/site-modules/profile/manifests/thanos/compact.pp
@@ -0,0 +1,48 @@
+# Thanos compact services (compaction and downscaling of historical metrics)
+class profile::thanos::compact {
+ include profile::thanos::base
+ include profile::thanos::objstore_configs
+
+ $internal_ip = ip_for_network(lookup('internal_network'))
+
+ $stores = lookup('thanos::stores')
+
+ $config_dir = $::profile::thanos::base::config_dir
+ $stores.each | $dataset_name, $service | {
+ $port_http = $service['compact']['port-http']
+ $http_address = "${internal_ip}:${port_http}"
+ $http_target = "${swh_hostname['internal_fqdn']}:${port_http}"
+
+ $service_name = "thanos-compact@${dataset_name}"
+ $unit_name = "${service_name}.service"
+
+ ::systemd::dropin_file {"${service_name}/parameters.conf":
+ ensure => present,
+ unit => $unit_name,
+ filename => 'parameters.conf',
+ content => template('profile/thanos/compact-parameters.conf.erb'),
+ notify => Service[$service_name],
+ }
+
+ service {$service_name:
+ ensure => 'running',
+ enable => true,
+ tag => ['thanos-compact', "thanos-objstore-${dataset_name}"],
+ }
+
+ ::profile::prometheus::export_scrape_config {"thanos-compact-${http_target}":
+ target => $http_target,
+ job => 'thanos_compact',
+ labels => {
+ dataset_name => $dataset_name,
+ },
+ }
+ }
+
+ # Uses: $config_dir, $cert_paths
+ systemd::unit_file {'thanos-compact@.service':
+ ensure => present,
+ content => template('profile/thanos/compact@.service.erb'),
+ require => Class['profile::thanos::base'],
+ } ~> Service <| tag == 'thanos-compact' |>
+}
diff --git a/site-modules/profile/templates/thanos/compact-parameters.conf.erb b/site-modules/profile/templates/thanos/compact-parameters.conf.erb
new file mode 100644
--- /dev/null
+++ b/site-modules/profile/templates/thanos/compact-parameters.conf.erb
@@ -0,0 +1,4 @@
+# Managed by puppet (class profile::thanos::compact) - modifications will be overwritten
+
+[Service]
+Environment=HTTP_ADDRESS=<%= @http_address %>
diff --git a/site-modules/profile/templates/thanos/compact@.service.erb b/site-modules/profile/templates/thanos/compact@.service.erb
new file mode 100644
--- /dev/null
+++ b/site-modules/profile/templates/thanos/compact@.service.erb
@@ -0,0 +1,47 @@
+# File managed by puppet (class profile::thanos::compact)
+# Manual changes will be overwritten
+
+[Unit]
+Description=Thanos compact instance %i
+
+[Service]
+Environment=HTTP_ADDRESS=
+Restart=on-failure
+User=prometheus
+
+ExecStart=/opt/thanos/current/thanos compact \
+ --data-dir $CACHE_DIRECTORY \
+ --objstore.config-file <%= @config_dir %>/objstore-%i.yml \
+ --wait \
+ --wait-interval=5m \
+ --http-address $HTTP_ADDRESS
+ExecReload=/bin/kill -HUP $MAINPID
+TimeoutStopSec=20s
+SendSIGKILL=no
+CacheDirectory=thanos/scratch/compact-%i
+
+# systemd hardening-options
+AmbientCapabilities=
+CapabilityBoundingSet=
+DeviceAllow=/dev/null rw
+DevicePolicy=strict
+LimitMEMLOCK=0
+LimitNOFILE=8192
+LockPersonality=true
+MemoryDenyWriteExecute=true
+NoNewPrivileges=true
+PrivateDevices=true
+PrivateTmp=true
+PrivateUsers=true
+ProtectControlGroups=true
+ProtectHome=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectSystem=full
+RemoveIPC=true
+RestrictNamespaces=true
+RestrictRealtime=true
+SystemCallArchitectures=native
+
+[Install]
+WantedBy=multi-user.target
diff --git a/site-modules/role/manifests/swh_thanos.pp b/site-modules/role/manifests/swh_thanos.pp
--- a/site-modules/role/manifests/swh_thanos.pp
+++ b/site-modules/role/manifests/swh_thanos.pp
@@ -2,4 +2,5 @@
class role::swh_thanos inherits role::swh_base {
include profile::thanos::query
include profile::thanos::store
+ include profile::thanos::compact
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Dec 19 2024, 8:56 PM (11 w, 4 d ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3221186
Attached To
D8441: Add configuration for thanos compact
Event Timeline
Log In to Comment