Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update JMX Exporter, add AWS ELB keepalive settings #118

Merged
merged 5 commits into from
May 9, 2024
Merged

Update JMX Exporter, add AWS ELB keepalive settings #118

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
319287d
Update JMX exporter to 1.1.0
hammerhead May 3, 2024
0a5435c
Align settings
hammerhead May 3, 2024
f33216a
Add network-related settings for potential AWS ELB connection issues
hammerhead May 9, 2024
2f69af7
Update dependencies
hammerhead May 9, 2024
0995a71
Make test script dynamic
hammerhead May 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 16 additions & 16 deletions aws/.terraform.lock.hcl
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion aws/.tflint.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
plugin "aws" {
enabled = true
version = "0.30.0"
version = "0.31.0"
source = "github.com/terraform-linters/tflint-ruleset-aws"
}

Expand Down
24 changes: 16 additions & 8 deletions aws/scripts/cloud-init-cratedb-rpm.tftpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ yum_repos:
enabled: true
gpgcheck: true
gpgkey: https://cdn.crate.io/downloads/yum/RPM-GPG-KEY-crate
type: rpm-md
autorefresh: true
name: CrateDB stable releases

packages:
Expand Down Expand Up @@ -81,31 +83,37 @@ write_files:
path: /etc/crate/crate.yml
permissions: "0755"
- content: |
# Maximum locked memory size. Set to "unlimited" if you use the
# bootstrap.mlockall option in crate.yml. You must also set
# CRATE_HEAP_SIZE.
MAX_LOCKED_MEMORY=unlimited

# Recommended memory settings for production:
# - assign half of the OS memory to CrateDB
# (e.g. 26g, stay below ~30G to benefit from CompressedOops)
# - disable swapping my setting bootstrap.mlockall in crate.yml
# Heap Size (defaults to 256m min, 1g max)
CRATE_HEAP_SIZE=${crate_heap_size}g

# Additional Java OPTS
CRATE_JAVA_OPTS="-javaagent:/usr/share/crate/crate-jmx-exporter-1.0.0.jar=8080"
# Additional Java options
CRATE_JAVA_OPTS="-javaagent:/usr/share/crate/crate-jmx-exporter-1.1.0.jar=8080"
owner: root:root
path: /etc/default/crate
permissions: "0755"
- content: |
# Certain load balancers (i.e. AWS NLB) terminate idle connections.
# We set explicit TCP keepalives so that this does not happen.
# https://github.com/crate/crate-operator/commit/383c5f4795e58fe1a61fab0cfdfba4e294953f9f
net.ipv4.tcp_keepalive_time = 120
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 6
owner: root:root
path: /etc/sysctl.d/90-crate-net.conf
permissions: "0644"

runcmd:
- sysctl -p /etc/sysctl.d/90-crate-net.conf
- openssl pkcs12 -export -in /etc/crate/certificate.pem -inkey /etc/crate/private_key.pem -certfile /etc/crate/certificate.pem -out /etc/crate/keystore.p12 -passout pass:changeit
- rm /etc/crate/certificate.pem && rm /etc/crate/private_key.pem
- dnf install -y crate
- chown -R crate:crate /opt/data /etc/crate
- chmod 700 /opt/data
- curl --output-dir /usr/share/crate -O https://repo1.maven.org/maven2/io/crate/crate-jmx-exporter/1.0.0/crate-jmx-exporter-1.0.0.jar
- curl --output-dir /usr/share/crate -O https://repo1.maven.org/maven2/io/crate/crate-jmx-exporter/1.1.0/crate-jmx-exporter-1.1.0.jar
- systemctl enable crate
- systemctl start crate
- bash /opt/deployment/user_provisioning.sh "${crate_protocol}" "${crate_user}" "${crate_pass}" && rm -f /opt/deployment/user_provisioning.sh
Expand Down
25 changes: 16 additions & 9 deletions aws/scripts/cloud-init-cratedb-tar.tftpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,20 +79,15 @@ write_files:
path: /etc/sysctl.d/crate.conf
permissions: "0755"
- content: |
# Maximum locked memory size. Set to "unlimited" if you use the
# bootstrap.mlockall option in crate.yml. You must also set
# CRATE_HEAP_SIZE.
MAX_LOCKED_MEMORY=unlimited

# Recommended memory settings for production:
# - assign half of the OS memory to CrateDB
# (e.g. 26g, stay below ~30G to benefit from CompressedOops)
# - disable swapping my setting bootstrap.mlockall in crate.yml
# Heap Size (defaults to 256m min, 1g max)
CRATE_HEAP_SIZE=${crate_heap_size}g

# Additional Java OPTS
CRATE_JAVA_OPTS="-javaagent:/opt/crate/crate-jmx-exporter-1.0.0.jar=8080"
# Additional Java options
CRATE_JAVA_OPTS="-javaagent:/opt/crate/crate-jmx-exporter-1.1.0.jar=8080"
owner: root:root
path: /etc/default/crate
permissions: "0755"
Expand Down Expand Up @@ -145,8 +140,21 @@ write_files:
owner: root:root
path: /usr/lib/systemd/system/crate.service
permissions: "0444"
- content: |
vm.max_map_count = 262144

# Certain load balancers (i.e. AWS NLB) terminate idle connections.
# We set explicit TCP keepalives so that this does not happen.
# https://github.com/crate/crate-operator/commit/383c5f4795e58fe1a61fab0cfdfba4e294953f9f
net.ipv4.tcp_keepalive_time = 120
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 6
owner: root:root
path: /etc/sysctl.d/90-crate-net.conf
permissions: "0644"

runcmd:
- sysctl -p /etc/sysctl.d/90-crate-net.conf
- groupadd -r crate
- useradd -r -g crate -d /opt/crate -s /sbin/nologin -c "Dude, it's a storage!" crate
- chown -R crate:crate /opt/data
Expand All @@ -157,9 +165,8 @@ runcmd:
- tar -xf crate-*.tar.gz
- mv -n crate-*/* /opt/crate
- mv crate-*/config/log4j2.properties /opt/crate/config
- curl --output-dir /opt/crate -O https://repo1.maven.org/maven2/io/crate/crate-jmx-exporter/1.0.0/crate-jmx-exporter-1.0.0.jar
- curl --output-dir /opt/crate -O https://repo1.maven.org/maven2/io/crate/crate-jmx-exporter/1.1.0/crate-jmx-exporter-1.1.0.jar
- chown -R crate:crate /opt/crate
- sysctl -w vm.max_map_count=262144
- systemctl daemon-reload
- systemctl enable crate
- systemctl start crate
Expand Down
32 changes: 16 additions & 16 deletions test/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@ require (
)

require (
cloud.google.com/go v0.112.2 // indirect
cloud.google.com/go/auth v0.3.0 // indirect
cloud.google.com/go v0.113.0 // indirect
cloud.google.com/go/auth v0.4.0 // indirect
cloud.google.com/go/auth/oauth2adapt v0.2.2 // indirect
cloud.google.com/go/compute/metadata v0.3.0 // indirect
cloud.google.com/go/iam v1.1.8 // indirect
cloud.google.com/go/storage v1.40.0 // indirect
github.com/agext/levenshtein v1.2.3 // indirect
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
github.com/aws/aws-sdk-go v1.52.0 // indirect
github.com/aws/aws-sdk-go v1.52.5 // indirect
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
Expand All @@ -27,7 +27,7 @@ require (
github.com/google/s2a-go v0.1.7 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
github.com/googleapis/gax-go/v2 v2.12.3 // indirect
github.com/googleapis/gax-go/v2 v2.12.4 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-getter v1.7.4 // indirect
Expand All @@ -44,7 +44,7 @@ require (
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/tmccombs/hcl2json v0.6.2 // indirect
github.com/tmccombs/hcl2json v0.6.3 // indirect
github.com/ulikunitz/xz v0.5.12 // indirect
github.com/zclconf/go-cty v1.14.4 // indirect
go.opencensus.io v0.24.0 // indirect
Expand All @@ -53,20 +53,20 @@ require (
go.opentelemetry.io/otel v1.26.0 // indirect
go.opentelemetry.io/otel/metric v1.26.0 // indirect
go.opentelemetry.io/otel/trace v1.26.0 // indirect
golang.org/x/crypto v0.22.0 // indirect
golang.org/x/crypto v0.23.0 // indirect
golang.org/x/mod v0.17.0 // indirect
golang.org/x/net v0.24.0 // indirect
golang.org/x/oauth2 v0.19.0 // indirect
golang.org/x/net v0.25.0 // indirect
golang.org/x/oauth2 v0.20.0 // indirect
golang.org/x/sync v0.7.0 // indirect
golang.org/x/sys v0.19.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/sys v0.20.0 // indirect
golang.org/x/text v0.15.0 // indirect
golang.org/x/time v0.5.0 // indirect
golang.org/x/tools v0.20.0 // indirect
google.golang.org/api v0.177.0 // indirect
google.golang.org/genproto v0.0.0-20240429193739-8cf5692501f6 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240429193739-8cf5692501f6 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6 // indirect
golang.org/x/tools v0.21.0 // indirect
google.golang.org/api v0.178.0 // indirect
google.golang.org/genproto v0.0.0-20240506185236-b8a5c65736ae // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240506185236-b8a5c65736ae // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240506185236-b8a5c65736ae // indirect
google.golang.org/grpc v1.63.2 // indirect
google.golang.org/protobuf v1.34.0 // indirect
google.golang.org/protobuf v1.34.1 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
Loading