Move grafana on a dedicated server behind the admin RP
- use the swh postgresql profile to manage the datase
- install grafana, the plugin and the generated dashboard with puppet
- use the rp1 reverse proxy to expose the service
Related to T3817
Paths
| Differential D6871 Authored by vsellier on Dec 22 2021, 7:39 PM.
Details
Summary Move grafana on a dedicated server behind the admin RP
Related to T3817 Test Plan This diff doesn't not impact the current grafana instance. diff origin/production/pergamon.softwareheritage.org current/pergamon.softwareheritage.org ******************************************* File[/etc/bind/keys/local-update] => parameters => content => @@ -2,4 +2,4 @@ key local-update { algorithm hmac-sha256; - secret "<redacted>"; + secret "<redacted>"; }; ******************************************* File[/etc/bind/rndc.key] => parameters => content => @@ -2,4 +2,4 @@ key rndc-key { algorithm hmac-md5; - secret "<redacted>"; + secret "<redacted>"; }; ******************************************* *** End octocatalog-diff on pergamon.softwareheritage.org
Diff Detail
Event Timelinevsellier created this revision. Harbormaster completed remote builds in B25780: Diff 24913.Dec 22 2021, 7:40 PM2021-12-22 19:40:00 (UTC+1) vsellier retitled this revision from Move grafana on a dedicated server behind the admin RP
**WIP**
TODO:
- add auto generated dashboard
- install the grafana-piechart-panel plugin to Move grafana on a dedicated server behind the admin RP.Dec 22 2021, 7:41 PM2021-12-22 19:41:17 (UTC+1) Harbormaster completed remote builds in B25782: Diff 24916.Dec 23 2021, 12:12 PM2021-12-23 12:12:40 (UTC+1) Harbormaster completed remote builds in B25783: Diff 24917.Dec 23 2021, 2:52 PM2021-12-23 14:52:21 (UTC+1) vsellier edited the summary of this revision. (Show Details)Dec 23 2021, 2:53 PM2021-12-23 14:53:17 (UTC+1) Harbormaster completed remote builds in B25784: Diff 24918.Dec 23 2021, 3:00 PM2021-12-23 15:00:55 (UTC+1) Comment Actions Why the duplication of profile::grafana into profile::grafana::backend? Do we really need the "swh postgresql" stuff for this very basic database? I find it much harder to follow than just having the existing two postgresql resources in profile::grafana. Alternatively we should consider centralizing the postgresql databases used for admin stuff (we already have one for hedgedoc, one for netbox, and potentially the one for sentry) into a single dedicated host (on which we would be able to do more proper backups and monitoring).
Harbormaster completed remote builds in B25786: Diff 24920.Jan 3 2022, 9:40 AM2022-01-03 09:40:12 (UTC+1) ardumont mentioned this in T3833: Dedicate one admin host to centralize administration dbs.Jan 4 2022, 4:58 PM2022-01-04 16:58:15 (UTC+1) Comment Actions
I've opened T3833 for this good remark. Comment Actions
Harbormaster completed remote builds in B25840: Diff 24969.Jan 6 2022, 2:42 PM2022-01-06 14:42:14 (UTC+1) Comment Actions lgtm one question inline about the pg version. Also, in your vagrant tryouts, did you try to mount back the dump out of pergamon in the newly created grafana db?
This revision is now accepted and ready to land.Jan 6 2022, 3:28 PM2022-01-06 15:28:33 (UTC+1) Comment Actions thanks for the validation, I have some pending changes in progress and to reply to the olasd's remarks so I change the status to planned changes Regarding the backup restoration in vagrant, yes I have successfully restored it locally, everything was good (except the data of the graphes because grafana request my empty local prometheus) Comment Actions
This revision is now accepted and ready to land.Jan 7 2022, 9:47 AM2022-01-07 09:47:33 (UTC+1) Harbormaster completed remote builds in B25859: Diff 24989.Jan 7 2022, 9:47 AM2022-01-07 09:47:35 (UTC+1) Harbormaster completed remote builds in B25860: Diff 24990.Jan 7 2022, 9:47 AM2022-01-07 09:47:50 (UTC+1) Comment Actions
Harbormaster completed remote builds in B25871: Diff 25001.Jan 7 2022, 4:17 PM2022-01-07 16:17:48 (UTC+1) Harbormaster completed remote builds in B25872: Diff 25002.Jan 7 2022, 4:22 PM2022-01-07 16:22:34 (UTC+1) Comment Actions
The goal was to let the initial profile untouched during the migration and to clearly identify the public reverse_proxy is not installed by this part
Nope you are right, it was clearly overkill Harbormaster completed remote builds in B26021: Diff 25154.Jan 13 2022, 6:08 PM2022-01-13 18:08:21 (UTC+1) Comment Actions
Harbormaster completed remote builds in B26023: Diff 25156.Jan 13 2022, 8:20 PM2022-01-13 20:20:39 (UTC+1) This revision is now accepted and ready to land.Jan 14 2022, 10:26 AM2022-01-14 10:26:02 (UTC+1) Harbormaster completed remote builds in B26025: Diff 25159.Jan 14 2022, 10:26 AM2022-01-14 10:26:19 (UTC+1) vsellier edited the test plan for this revision. (Show Details)Jan 14 2022, 10:29 AM2022-01-14 10:29:16 (UTC+1) Closed by commit rSPSITE8aa49be10300: Move grafana on a dedicated server behind the admin RP (authored by vsellier). · Explain WhyJan 14 2022, 10:41 AM2022-01-14 10:41:40 (UTC+1) This revision was automatically updated to reflect the committed changes.
Revision Contents
Diff 24969 data/deployments/admin/common.yaml
data/hostname/grafana0.internal.admin.swh.network.yaml
data/subnets/vagrant.yaml
manifests/site.pp
|
visit_statuses