From 5e15c6c2173b01be43a7b05112edf98b70dd0573 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D8=A7=D9=85=DB=8C=D8=B1=D8=AD=D8=B3=DB=8C=D9=86=20=D9=85?= =?UTF-8?q?=D9=82=DB=8C=D8=B3=D9=87?= Date: Thu, 11 Aug 2022 21:43:52 +0430 Subject: [PATCH] update stacks --- playbooks/server/addDomainAndEncrypt.yml | 36 ++++++-- playbooks/server/freeUpSpaces.yml | 8 ++ playbooks/server/hosts | 13 +-- port-range | 15 ++- stacks/lvl3/stack.yml | 18 +++- stacks/lvl5/elasticsearch/stack.yml | 98 ++++++++++++++++++++ stacks/lvl5/glitchtip/stack.yml | 113 +++++++++++++++++++++++ 7 files changed, 281 insertions(+), 20 deletions(-) create mode 100644 playbooks/server/freeUpSpaces.yml create mode 100644 stacks/lvl5/elasticsearch/stack.yml create mode 100644 stacks/lvl5/glitchtip/stack.yml diff --git a/playbooks/server/addDomainAndEncrypt.yml b/playbooks/server/addDomainAndEncrypt.yml index cf16931..77292a6 100644 --- a/playbooks/server/addDomainAndEncrypt.yml +++ b/playbooks/server/addDomainAndEncrypt.yml @@ -8,9 +8,17 @@ src: template/nginx-server-block.j2 dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf with_items: - - server_name: payment.igarson.app + - server_name: watchdogs.of.galaxy.igarson.app server_config: "" - service_port: 8018 + service_port: 9001 + conf_file: base.conf + - server_name: storm.of.galaxy.igarson.app + server_config: "" + service_port: 9002 + conf_file: base.conf + - server_name: eyes.of.galaxy.igarson.app + server_config: "" + service_port: 9003 conf_file: base.conf @@ -20,9 +28,17 @@ cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }} rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf with_items: - - server_name: payment.igarson.app + - server_name: watchdogs.of.galaxy.igarson.app server_config: "" - service_port: 8018 + service_port: 9001 + conf_file: base.conf + - server_name: storm.of.galaxy.igarson.app + server_config: "" + service_port: 9002 + conf_file: base.conf + - server_name: eyes.of.galaxy.igarson.app + server_config: "" + service_port: 9003 conf_file: base.conf @@ -31,9 +47,17 @@ shell: | certbot --nginx -d {{item.server_name}} -n --redirect with_items: - - server_name: payment.igarson.app + - server_name: watchdogs.of.galaxy.igarson.app server_config: "" - service_port: 8018 + service_port: 9001 + conf_file: base.conf + - server_name: storm.of.galaxy.igarson.app + server_config: "" + service_port: 9002 + conf_file: base.conf + - server_name: eyes.of.galaxy.igarson.app + server_config: "" + service_port: 9003 conf_file: base.conf - name: Reload nginx to activate specified site diff --git a/playbooks/server/freeUpSpaces.yml b/playbooks/server/freeUpSpaces.yml new file mode 100644 index 0000000..2c4224d --- /dev/null +++ b/playbooks/server/freeUpSpaces.yml @@ -0,0 +1,8 @@ +--- +- name: fetch important folder and files + hosts: supermaster + become: true + tasks: + - name: delete dangling images docker + shell: | + docker rmi $(docker images --filter "dangling=true" -q --no-trunc) \ No newline at end of file diff --git a/playbooks/server/hosts b/playbooks/server/hosts index 9dcc6d7..8fbe1d2 100644 --- a/playbooks/server/hosts +++ b/playbooks/server/hosts @@ -10,10 +10,11 @@ ff02::3 ip6-allhosts 87.107.132.77 masterold 87.107.132.78 workerold -192.168.1.6 master1 -192.168.1.73 worker1 -192.168.1.254 worker2 -192.168.1.254 worker3 - -31.7.74.79 master1ip +192.168.1.6 master1local +192.168.1.73 worker1local +192.168.1.190 worker2local +192.168.1.228 worker3local +192.168.1.123 monitoringlocal +31.7.74.79 master1 +31.7.74.118 worker1 diff --git a/port-range b/port-range index e885610..9582a33 100644 --- a/port-range +++ b/port-range @@ -24,10 +24,17 @@ 9000-x + {3000} = monitoring { 3000 grafana - 9090 promateus - 9093 alertmanager - 9094 unsee - 9095 posthog + 9001 glitchtip + 9002 elastic + 9003 kibana } + +redis databases = { + 0 => ls, + 1 => api, + 7 => next website + 8 => gc + 10 => watcher +} mailbox 9999 \ No newline at end of file diff --git a/stacks/lvl3/stack.yml b/stacks/lvl3/stack.yml index 32bd50c..8b5f5f5 100644 --- a/stacks/lvl3/stack.yml +++ b/stacks/lvl3/stack.yml @@ -82,7 +82,7 @@ services: source: /volume/ig target: /target/storage - type: bind - source: /data/backup + source: /volume/backup target: /target/backup - type: bind source: /volume/config/core/application-prod.properties @@ -145,7 +145,6 @@ services: networks: - mother - yaus: image: registry.vnfco.ir/ig/yaus:latest environment: @@ -178,6 +177,7 @@ services: - "8016:8000" networks: - mother + gc: image: registry.vnfco.ir/ig/gc:latest @@ -217,12 +217,21 @@ services: - "8017:3000" networks: - mother - + pay: image: registry.vnfco.ir/ig/pay:latest environment: - TZ=Asia/Tehran volumes: + - type: bind + source: /volume/config/pay/.env + target: /.env + - type: bind + source: /volume/pay/logs/logs.log + target: logs.log + - type: bind + source: /volume/pay/logs/http.log + target: http.log - type: bind source: /etc/localtime target: /etc/localtime @@ -243,7 +252,7 @@ services: resources: limits: cpus: '0.5' - memory: 50m + memory: 100m replicas: 1 mode: replicated placement: @@ -259,3 +268,4 @@ services: + diff --git a/stacks/lvl5/elasticsearch/stack.yml b/stacks/lvl5/elasticsearch/stack.yml new file mode 100644 index 0000000..2ac20db --- /dev/null +++ b/stacks/lvl5/elasticsearch/stack.yml @@ -0,0 +1,98 @@ +version: "3.7" + +networks: + mother: + external: true + +x-master-opts: &master + ES_JAVA_OPTS: "-Xmx256m -Xms256m" + discovery.seed_resolver.timeout: 60s + discovery.seed_hosts: es-master-1,es-master-2,es-master-3 + cluster.initial_master_nodes: es-master-1,es-master-2,es-master-3 + cluster.name: "es-cluster" + network.host: 0.0.0.0 + node.master: "true" + node.data: "false" + node.ingest: "false" + TZ: Asia/Tehran + + + +services: + es-master-1: + image: registry.vnfco.ir/library/bitnami/elasticsearch:latest + environment: + <<: *master + node.name: "es-master-1" + volumes: + - /data/es/1:/bitnami/elasticsearch/data + deploy: + placement: + constraints: [node.labels.app == monitoring] + mode: "replicated" + replicas: 1 + resources: + limits: + memory: 750m + ports: + - 9002:9200 + networks: + - mother + + es-master-2: + image: registry.vnfco.ir/library/bitnami/elasticsearch:latest + environment: + <<: *master + node.name: "es-master-2" + volumes: + - /data/es/2:/bitnami/elasticsearch/data + deploy: + placement: + constraints: [node.labels.app == monitoring] + mode: "replicated" + replicas: 1 + resources: + limits: + memory: 750m + networks: + - mother + + es-master-3: + image: registry.vnfco.ir/library/bitnami/elasticsearch:latest + environment: + <<: *master + node.name: "es-master-3" + volumes: + - /data/es/3:/bitnami/elasticsearch/data + deploy: + placement: + constraints: [node.labels.app == monitoring] + mode: "replicated" + replicas: 1 + resources: + limits: + memory: 750m + networks: + - mother + + kibana: + image: registry.vnfco.ir/library/bitnami/kibana + volumes: + - /data/kibana:/bitnami/kibana + deploy: + placement: + constraints: [node.labels.app == monitoring] + mode: "replicated" + replicas: 1 + resources: + limits: + memory: 250m + environment: + - KIBANA_ELASTICSEARCH_URL=es-master-1 + - SERVER_NAME=kibana + - TZ=Asia/Tehran + ports: + - "9003:5601" + networks: + - mother + \ No newline at end of file diff --git a/stacks/lvl5/glitchtip/stack.yml b/stacks/lvl5/glitchtip/stack.yml new file mode 100644 index 0000000..310295a --- /dev/null +++ b/stacks/lvl5/glitchtip/stack.yml @@ -0,0 +1,113 @@ +version: "3.4" + +networks: + mother: + external: true + + +services: + watcher_web: + image: registry.vnfco.ir/library/glitchtip/glitchtip + deploy: + update_config: + parallelism: 1 + delay: 10s + order: start-first + restart_policy: + condition: any + delay: 5s + window: 120s + resources: + limits: + cpus: '1' + memory: 1G + replicas: 1 + mode: replicated + placement: + constraints: + - node.labels.app == monitoring + ports: + - "9001:9001" + environment: + TZ: Asia/Tehran + DATABASE_URL: postgres://watcherAgent:ZXlZeEhTVjFQdFFjZWd4NFg3dTlvbktnaWIxb25VZU05eldSTDY5SkFsU1pDbTF3dzFqaTFPbHZhY3h1UFJhWQpPOVVTOWgvY1pua2Q1SCtjYy9KN25nPT0K@pg-0:5432/watcherDB + SECRET_KEY: 8efcb7bc910b4b53c5666eee4878e961dd2b31cb4fd39f06895b627d9533d4e7 + PORT: 9001 + EMAIL_URL: smtps://watcher:22102210aA%40@mail.vnfco.ir:465 + GLITCHTIP_DOMAIN: https://watchdogs.of.galaxy.igarson.app + DEFAULT_FROM_EMAIL: watcher@vnfco.ir + CELERY_WORKER_CONCURRENCY: 10 + REDIS_URL: redis://:Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD%2Bq74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q%2BbEK9CqAu3y2Zu4xkVyzyYKdFMT696IB%2FSS1M7rvZKw7NBYT99lGCpj1edk%2B6hRpK%2FQy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN%2F1gLJd%2FuTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw%2FP8REEL0KDyZ9khilU%2FXvzSgzp%2Bv5i9hmUdKO3B8r%2BY4keUZyaKz2VxCHSGAuqWSCpe%2Bdo1qQ%3D%3D@redismaster:6379/10 + networks: + - mother + + + + + + watcher_worker: + image: registry.vnfco.ir/library/glitchtip/glitchtip + command: ./bin/run-celery-with-beat.sh + deploy: + update_config: + parallelism: 1 + delay: 10s + order: start-first + restart_policy: + condition: on-failure + delay: 5s + window: 120s + resources: + limits: + cpus: '1' + memory: 1G + replicas: 1 + mode: replicated + placement: + constraints: + - node.labels.app == monitoring + environment: + TZ: Asia/Tehran + DATABASE_URL: postgres://watcherAgent:ZXlZeEhTVjFQdFFjZWd4NFg3dTlvbktnaWIxb25VZU05eldSTDY5SkFsU1pDbTF3dzFqaTFPbHZhY3h1UFJhWQpPOVVTOWgvY1pua2Q1SCtjYy9KN25nPT0K@pg-0:5432/watcherDB + SECRET_KEY: 8efcb7bc910b4b53c5666eee4878e961dd2b31cb4fd39f06895b627d9533d4e7 + PORT: 9001 + EMAIL_URL: smtps://watcher:22102210aA%40@mail.vnfco.ir:465 + GLITCHTIP_DOMAIN: https://watchdogs.of.galaxy.igarson.app + DEFAULT_FROM_EMAIL: watcher@vnfco.ir + CELERY_WORKER_CONCURRENCY: 10 + REDIS_URL: redis://:Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD%2Bq74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q%2BbEK9CqAu3y2Zu4xkVyzyYKdFMT696IB%2FSS1M7rvZKw7NBYT99lGCpj1edk%2B6hRpK%2FQy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN%2F1gLJd%2FuTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw%2FP8REEL0KDyZ9khilU%2FXvzSgzp%2Bv5i9hmUdKO3B8r%2BY4keUZyaKz2VxCHSGAuqWSCpe%2Bdo1qQ%3D%3D@redismaster:6379/10 + networks: + - mother + + watcher_migrate: + image: registry.vnfco.ir/library/glitchtip/glitchtip + command: "./manage.py migrate" + deploy: + update_config: + parallelism: 1 + delay: 10s + order: start-first + restart_policy: + condition: on-failure + delay: 5s + window: 120s + resources: + limits: + cpus: '0.5' + memory: 100m + replicas: 1 + mode: replicated + placement: + constraints: + - node.labels.app == monitoring + environment: + DATABASE_URL: postgres://watcherAgent:ZXlZeEhTVjFQdFFjZWd4NFg3dTlvbktnaWIxb25VZU05eldSTDY5SkFsU1pDbTF3dzFqaTFPbHZhY3h1UFJhWQpPOVVTOWgvY1pua2Q1SCtjYy9KN25nPT0K@pg-0:5432/watcherDB + SECRET_KEY: 8efcb7bc910b4b53c5666eee4878e961dd2b31cb4fd39f06895b627d9533d4e7 + PORT: 9001 + EMAIL_URL: smtps://watcher:22102210aA%40@mail.vnfco.ir:465 + GLITCHTIP_DOMAIN: https://watchdogs.of.galaxy.igarson.app + DEFAULT_FROM_EMAIL: watcher@vnfco.ir + CELERY_WORKER_CONCURRENCY: 10 + REDIS_URL: redis://:Mf7VXwbaJQuMRd1sETVl79A7URUTyiEFwctGk3RhD%2Bq74DmKDzc2SztYEZ2YynLZI8xuq7b9gNz2e7g2MNfU9sP8q%2BbEK9CqAu3y2Zu4xkVyzyYKdFMT696IB%2FSS1M7rvZKw7NBYT99lGCpj1edk%2B6hRpK%2FQy2pfiVo29VKEgSXnkeJaM9nMJQ3wxN%2F1gLJd%2FuTGGf85nZWhUTEIdK58lJPSXLU55VqcaksahJHlg2oz5P5FNXWRPCnSC7obJ4OtkuHNw%2FP8REEL0KDyZ9khilU%2FXvzSgzp%2Bv5i9hmUdKO3B8r%2BY4keUZyaKz2VxCHSGAuqWSCpe%2Bdo1qQ%3D%3D@redismaster:6379/10 + networks: + - mother