diff --git a/site-modules/profile/manifests/swh/deploy/graph.pp b/site-modules/profile/manifests/swh/deploy/graph.pp index 081ef991..d75ff6de 100644 --- a/site-modules/profile/manifests/swh/deploy/graph.pp +++ b/site-modules/profile/manifests/swh/deploy/graph.pp @@ -1,153 +1,197 @@ # Deployment of graph (checks for now) # FIXME: Graph is currently managed manually and running through a venv. At some point, # adapt here to also install fully the graph from that manifest class profile::swh::deploy::graph { $packages = ['python3-venv'] package {$packages: ensure => 'present', } $user = lookup('swh::deploy::graph::user') $group = lookup('swh::deploy::graph::group') $sentry_dsn = lookup('swh::deploy::graph::sentry_dsn', Optional[String], 'first', undef) $sentry_environment = lookup('swh::deploy::graph::sentry_environment', Optional[String], 'first', undef) $sentry_swh_package = lookup('swh::deploy::graph::sentry_swh_package', Optional[String], 'first', undef) - $max_heap = lookup('swh::deploy::graph::grpc::max_heap') - $config_directory = lookup('swh::deploy::graph::conf_directory') - $config_file = "${config_directory}/graph.yml" - $config = { 'max_ram' => $max_heap } + file {$config_directory: + ensure => directory, + owner => 'root', + group => $group, + mode => '0650', + } - # install services from templates - $services = [ { # this matches the current status - 'name' => 'swh-graph-shm-mount', - 'status' => 'running', - 'enable' => false, - }, { - 'name' => 'swh-graph', - 'status' => 'running', - 'enable' => true, + $shm_path = '/dev/shm/swh-graph/default' + $compressed_graph_path = '/srv/softwareheritage/graph/latest/compressed' + $files_to_copy_to_shm = [ + 'graph.graph', + 'graph-transposed.graph', + ] + + $grpc_listen_host = lookup('swh::deploy::graph::grpc::listen::host') + $grpc_listen_port = lookup('swh::deploy::graph::grpc::listen::port') + + $grpc_local_address = $grpc_listen_host ? { + '0.0.0.0' => '127.0.0.1', + default => $grpc_listen_host, + } + + $grpc_config_file = "${config_directory}/grpc.yml" + $grpc_config = { + graph => { + max_ram => lookup('swh::deploy::graph::grpc::max_heap'), + } + } + + file {$grpc_config_file: + ensure => present, + owner => 'root', + group => $group, + mode => '0640', + content => inline_yaml($grpc_config), + notify => Service['swh-graph-grpc'], + } + + $http_listen_host = lookup('swh::deploy::graph::http::listen::host') + $http_listen_port = lookup('swh::deploy::graph::http::listen::port') + + $http_local_address = $http_listen_host ? { + '0.0.0.0' => '127.0.0.1', + default => $http_listen_host, + } + + $http_config_file = "${config_directory}/http.yml" + $http_config = { + graph => { + cls => remote, + url => "${grpc_local_address}:${grpc_listen_port}" + } + } + + file {$http_config_file: + ensure => present, + owner => 'root', + group => $group, + mode => '0640', + content => inline_yaml($http_config), + notify => Service['swh-graph-http'], } + + # install services from templates + $services = [ + { + name => 'swh-graph-shm-mount', + status => 'running', + enable => false, + }, + { + name => 'swh-graph-grpc', + status => 'running', + enable => true, + }, + { + name => 'swh-graph-http', + status => 'running', + enable => true, + }, ] + each($services) | $service | { $unit_name = "${service['name']}.service" # template uses: # $user # $group + # $_listen_port ::systemd::unit_file {$unit_name: ensure => present, content => template("profile/swh/deploy/graph/${unit_name}.erb"), mode => '0644', } ~> service {$service['name']: ensure => $service['status'], enable => $service['enable'], } } - file {$config_directory: - ensure => directory, - owner => 'root', - group => $group, - mode => '0650', + # Clean up monolithic service + service {'swh-graph': + ensure => stopped, + enable => false, + } -> ::systemd::unit_file {'swh-graph.service': + ensure => absent } - file {$config_file: - ensure => present, - owner => 'root', - group => $group, - mode => '0640', - content => inline_template("<%= @config.to_yaml %>\n"), - notify => Service['swh-graph'], - } - - $http_listen_host = lookup('swh::deploy::graph::http::listen::host') - $http_listen_port = lookup('swh::deploy::graph::http::listen::port') - - $grpc_listen_host = lookup('swh::deploy::graph::grpc::listen::host') - $grpc_listen_port = lookup('swh::deploy::graph::grpc::listen::port') - $http_check_string = 'graph API server' $icinga_checks_file = lookup('icinga2::exported_checks::filename') - $http_local_check_address = $http_listen_host ? { - '0.0.0.0' => '127.0.0.1', - default => $http_listen_host, - } - $grpc_local_check_address = $grpc_listen_host ? { - '0.0.0.0' => '127.0.0.1', - default => $grpc_listen_host, - } - # swh-graph.service exposes the main graph server. # Ensure the port is working ok through icinga checks - @@::icinga2::object::service {"swh-graph http api (local on ${::fqdn})": + ::icinga2::object::service {"swh-graph http api (local on ${::fqdn})": service_name => 'swh-graph http api (localhost)', import => ['generic-service'], host_name => $::fqdn, check_command => 'http', command_endpoint => $::fqdn, vars => { - http_address => $http_local_check_address, - http_vhost => $http_local_check_address, + http_address => $http_local_address, + http_vhost => $http_local_address, http_port => $http_listen_port, http_uri => '/', http_header => ['Accept: application/html'], http_string => $http_check_string, }, target => $icinga_checks_file, tag => 'icinga2::exported', } - @@::icinga2::object::service {"swh-graph grpc api (local on ${::fqdn})": + ::icinga2::object::service {"swh-graph grpc api (local on ${::fqdn})": service_name => 'swh-graph grpc api (localhost)', import => ['generic-service'], host_name => $::fqdn, check_command => 'tcp', command_endpoint => $::fqdn, vars => { tcp_port => $grpc_listen_port, - tcp_address => $grpc_local_check_address, + tcp_address => $grpc_local_address, }, target => $icinga_checks_file, tag => 'icinga2::exported', } if $http_listen_host != '127.0.0.1' { - @@::icinga2::object::service {"swh-graph http api (remote on ${::fqdn})": + ::icinga2::object::service {"swh-graph http api (remote on ${::fqdn})": service_name => 'swh-graph http api (remote)', import => ['generic-service'], host_name => $::fqdn, check_command => 'http', vars => { http_vhost => $::swh_hostname['internal_fqdn'], http_port => $http_listen_port, http_uri => '/', http_header => ['Accept: application/html'], http_string => $http_check_string, }, target => $icinga_checks_file, tag => 'icinga2::exported', } } if $grpc_listen_host != '127.0.0.1' { - @@::icinga2::object::service {"swh-graph grpc api (remote on ${::fqdn})": + ::icinga2::object::service {"swh-graph grpc api (remote on ${::fqdn})": service_name => 'swh-graph grpc api (remote)', import => ['generic-service'], host_name => $::fqdn, check_command => 'tcp', vars => { tcp_port => $grpc_listen_port, tcp_address => $::swh_hostname['internal_fqdn'], }, target => $icinga_checks_file, tag => 'icinga2::exported', } } } diff --git a/site-modules/profile/templates/swh/deploy/graph/swh-graph.service.erb b/site-modules/profile/templates/swh/deploy/graph/swh-graph-grpc.service.erb similarity index 72% copy from site-modules/profile/templates/swh/deploy/graph/swh-graph.service.erb copy to site-modules/profile/templates/swh/deploy/graph/swh-graph-grpc.service.erb index b4f44bb3..b07cf869 100644 --- a/site-modules/profile/templates/swh/deploy/graph/swh-graph.service.erb +++ b/site-modules/profile/templates/swh/deploy/graph/swh-graph-grpc.service.erb @@ -1,25 +1,29 @@ # Managed by puppet class profile::swh::deploy::graph # Changes will be overwritten [Unit] -Description=swh-graph HTTP server +Description=swh-graph gRPC server After=swh-graph-shm-mount.service Requires=swh-graph-shm-mount.service +ConditionPathIsDirectory=<%= @shm_path %> [Service] <%- if !@sentry_dsn.nil? and !@sentry_dsn.empty? -%> Environment=SWH_SENTRY_DSN=<%= @sentry_dsn %> <%- end -%> <%- if !@sentry_environment.nil? and !@sentry_environment.empty? -%> Environment=SWH_SENTRY_ENVIRONMENT=<%= @sentry_environment %> <%- end -%> <%- if !@sentry_swh_package.nil? and !@sentry_swh_package.empty? -%> Environment=SWH_MAIN_PACKAGE=<%= @sentry_swh_package %> <%- end -%> Type=simple User=<%= @user %> Group=<%= @group %> -ExecStart=/opt/swhgraph_venv/bin/swh graph -C <%= @config_file %> rpc-serve -g /dev/shm/swh-graph/default/graph +ExecStart=/opt/swhgraph_venv/bin/swh graph -C <%= @grpc_config_file %> grpc-serve -g <%= @shm_path %>/graph -p <%= @grpc_listen_port %> + +Restart=on-failure +RestartSec=5 [Install] WantedBy=multi-user.target diff --git a/site-modules/profile/templates/swh/deploy/graph/swh-graph.service.erb b/site-modules/profile/templates/swh/deploy/graph/swh-graph-http.service.erb similarity index 70% rename from site-modules/profile/templates/swh/deploy/graph/swh-graph.service.erb rename to site-modules/profile/templates/swh/deploy/graph/swh-graph-http.service.erb index b4f44bb3..15fb6794 100644 --- a/site-modules/profile/templates/swh/deploy/graph/swh-graph.service.erb +++ b/site-modules/profile/templates/swh/deploy/graph/swh-graph-http.service.erb @@ -1,25 +1,28 @@ # Managed by puppet class profile::swh::deploy::graph # Changes will be overwritten [Unit] Description=swh-graph HTTP server -After=swh-graph-shm-mount.service -Requires=swh-graph-shm-mount.service +After=swh-graph-graph-grpc.service +Requires=swh-graph-grpc.service [Service] <%- if !@sentry_dsn.nil? and !@sentry_dsn.empty? -%> Environment=SWH_SENTRY_DSN=<%= @sentry_dsn %> <%- end -%> <%- if !@sentry_environment.nil? and !@sentry_environment.empty? -%> Environment=SWH_SENTRY_ENVIRONMENT=<%= @sentry_environment %> <%- end -%> <%- if !@sentry_swh_package.nil? and !@sentry_swh_package.empty? -%> Environment=SWH_MAIN_PACKAGE=<%= @sentry_swh_package %> <%- end -%> Type=simple User=<%= @user %> Group=<%= @group %> -ExecStart=/opt/swhgraph_venv/bin/swh graph -C <%= @config_file %> rpc-serve -g /dev/shm/swh-graph/default/graph +ExecStart=/opt/swhgraph_venv/bin/swh graph -C <%= @http_config_file %> rpc-serve -g <%= @shm_path %>/graph -h <%= @http_listen_host %> -p <%= @http_listen_port %> + +Restart=on-failure +RestartSec=5 [Install] WantedBy=multi-user.target diff --git a/site-modules/profile/templates/swh/deploy/graph/swh-graph-shm-mount.service.erb b/site-modules/profile/templates/swh/deploy/graph/swh-graph-shm-mount.service.erb index 741cf635..79dbb307 100644 --- a/site-modules/profile/templates/swh/deploy/graph/swh-graph-shm-mount.service.erb +++ b/site-modules/profile/templates/swh/deploy/graph/swh-graph-shm-mount.service.erb @@ -1,19 +1,22 @@ # Managed by puppet class profile::swh::deploy::graph # Changes will be overwritten [Unit] Description=swh-graph RAM data cache in /dev/shm [Service] -Type=oneshot +Type=simple User=<%= @user %> Group=<%= @group %> -RemainAfterExit=yes -ExecStart=mkdir -p /dev/shm/swh-graph/default -ExecStart=sh -c "ln -s /srv/softwareheritage/graph/latest/compressed/* /dev/shm/swh-graph/default" -ExecStart=sh -c "cp --remove-destination /srv/softwareheritage/graph/latest/compressed/graph.graph /dev/shm/swh-graph/default" -ExecStart=sh -c "cp --remove-destination /srv/softwareheritage/graph/latest/compressed/graph-transposed.graph /dev/shm/swh-graph/default" -ExecStop=rm -rf /dev/shm/swh-graph/default +ExecStartPre=sh -c "[ -d <%= @shm_path %> ] || mkdir -p <%= @shm_path %>" +ExecStartPre=sh -c "[ -L <%= @shm_path %>/graph.stats ] || ln -sf <%= @compressed_graph_path %>/* <%= @shm_path %>" +<% @files_to_copy_to_shm.each do |file| -%> +ExecStartPre=sh -c "[ -f <%= @shm_path %>/<%= file %> ] || cp --remove-destination <%= @compressed_graph_path %>/<%= file %> <%= @shm_path %>" +<% end -%> +ExecStart=sh -c "set -e; while [ -f <%= @shm_path %>/graph.graph ]; do sleep 1; done; exit 1" + +Restart=on-failure +RestartSec=5 [Install] WantedBy=multi-user.target