Skip to content

Commit

Permalink
fix: deployment
Browse files Browse the repository at this point in the history
  • Loading branch information
@mhf-ir
mhf-ir committed Dec 7, 2022
1 parent 490186b commit a426ef3
Show file tree
Hide file tree
Showing 8 changed files with 48 additions and 44 deletions.
7 changes: 5 additions & 2 deletions clickhouse-cluster/create.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,11 @@ sed -i "s+__GRAFANA_PASSWORD__+$GRAFANA_PASSWORD+g" $MANEGMENT_PATH/.env
sed -i "s+__ASM_CH_NODE1_IP__+$ASM_CH_NODE1_IP+g" $MANEGMENT_PATH/.env
sed -i "s+__ASM_CH_NODE2_IP__+$ASM_CH_NODE2_IP+g" $MANEGMENT_PATH/.env
sed -i "s+__ASM_CH_NODE3_IP__+$ASM_CH_NODE3_IP+g" $MANEGMENT_PATH/.env
sed -i "s+__ASM_COLLECTOR_HOSTNAME__+$ASM_COLLECTOR_HOSTNAME+g" $MANEGMENT_PATH/.env

for i in $(seq 1 3); do
NODE_PATH=$CURRENT_DIR/ready/node$i/aasaam-analytics
NODE_PATH=$CURRENT_DIR/ready/node$i
mkdir -p $NODE_PATH

__NODE_ID__=$i
__OTHER_NODE_1__="2"
Expand All @@ -89,7 +91,7 @@ for i in $(seq 1 3); do
__OTHER_NODE_2__="1"
fi

mkdir -p $NODE_PATH

cp -rf $CURRENT_DIR/template/node/* $NODE_PATH/
cp -f $PROJECT_DIR/cert/{ca.pem,dhparam.pem,client-fullchain.pem,client-key.pem,server-fullchain.pem,server-key.pem} $NODE_PATH/clickhouse/cert/
cp -f $PROJECT_DIR/cert/{ca.pem,dhparam.pem,client-fullchain.pem,client-key.pem} $NODE_PATH/collector/cert/
Expand All @@ -112,6 +114,7 @@ for i in $(seq 1 3); do


# collector
sed -i "s+__NODE_ID__+$i+g" $NODE_PATH/collector/.env
sed -i "s+__CLICKHOUSE_PASSWORD__+$CLICKHOUSE_PASSWORD+g" $NODE_PATH/collector/.env
sed -i "s+__ASM_CH_NODE1_IP__+$ASM_CH_NODE1_IP+g" $NODE_PATH/collector/.env
sed -i "s+__ASM_CH_NODE2_IP__+$ASM_CH_NODE2_IP+g" $NODE_PATH/collector/.env
Expand Down
1 change: 1 addition & 0 deletions clickhouse-cluster/template/management/.env
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ ASM_COLLECTOR_API_KEY=__ASM_COLLECTOR_API_KEY__
ASM_CLICKHOUSE_SERVERS=https://default:[email protected]:8443/analytics,https://default:[email protected]:8443/analytics,https://default:[email protected]:8443/analytics
ASM_PUBLIC_BASE_URL=/
ASM_FRONT_CP_PATH=_cp
ASM_COLLECTOR_SERVER_HOST=__ASM_COLLECTOR_HOSTNAME__

# nginx
ASM_NGINX_WORKER_PROCESSES=auto
Expand Down
10 changes: 3 additions & 7 deletions clickhouse-cluster/template/management/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,14 +54,15 @@ services:
- 0.0.0.0:80:80
- 0.0.0.0:443:443
volumes:
- ./cert:/cert:ro
- ./nginx/nginx.conf:/etc/nginx/templates/default.conf.template:ro
- ./public-cert:/cert:ro
env_file:
- ./.env

logging:
driver: "journald"
options:
tag: "container:APP=analytics-clickhouse TYPE=nginx NODE_ID=${ASM_CH_CURRENT_NODE_ID}"
tag: "container:APP=analytics-clickhouse TYPE=nginx"

###########
# Grafana #
Expand Down Expand Up @@ -91,11 +92,6 @@ services:
env_file:
- ./.env

volumes:
- ./cert/ca.pem:/cert/ca.pem:ro
- ./cert/client-fullchain.pem:/cert/client-fullchain.pem:ro
- ./cert/client-key.pem:/cert/client-key.pem:ro

extra_hosts:
- "ch1.${ASM_CH_DOMAIN}:${ASM_CH_NODE1_IP}"
- "ch2.${ASM_CH_DOMAIN}:${ASM_CH_NODE2_IP}"
Expand Down
65 changes: 32 additions & 33 deletions clickhouse-cluster/template/management/nginx/nginx.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,28 +14,7 @@ http {

include /etc/nginx/common-http.conf;

proxy_cache_path /nginx-tmpfs
levels=1:2
keys_zone=PROXY_CACHE:1m
use_temp_path=off
max_size=${ASM_NGINX_TMPFS_CACHE_SIZE_MB}m
inactive=30m;

map $status $loggable {
~^[45] 1;
default 0;
}

server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2 default_server;

log_format http_jsonlog_extra escape=json '{"ip":"$remote_addr",'
log_format http_jsonlog_extra escape=json '{"ip":"$remote_addr",'

'"time_iso8601":"$time_iso8601",'

Expand Down Expand Up @@ -65,11 +44,37 @@ http {

'"status":$status}';

proxy_cache_path /nginx-tmpfs
levels=1:2
keys_zone=PROXY_CACHE:1m
use_temp_path=off
max_size=${ASM_NGINX_TMPFS_CACHE_SIZE_MB}m
inactive=30m;

map $status $loggable {
~^[45] 1;
default 0;
}

map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}

server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl http2 default_server;

${ASM_NGX_ACCESS_LOG_COMMENT} access_log /dev/stdout http_jsonlog_extra if=$loggable;

ssl_certificate /cert/fullchan.pem;
ssl_certificate /cert/fullchain.pem;
ssl_certificate_key /cert/privkey.pem;
ssl_trusted_certificate /cert/ca.pem;
ssl_trusted_certificate /cert/chain.pem;
ssl_dhparam /cert/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:AnalyticsManagement:10m;
Expand Down Expand Up @@ -122,14 +127,11 @@ http {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;

proxy_pass http://${ASM_UPSTREAM_MAGEMENT};
proxy_pass http://analytic-backend:3001;
}

# proxy grafana
location /grafana/ {
auth_basic "Restricted grafana";
auth_basic_user_file /grafana.htpasswd;

rewrite ^/grafana/(.*) /$1 break;

proxy_set_header Upgrade $http_upgrade;
Expand All @@ -141,14 +143,11 @@ http {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Authorization "";
proxy_pass http://${ASM_NGX_EXTRA_GRAFANA};
proxy_pass http://analytic-grafana:3000;
}

# proxy grafana live websocket connections.
location /grafana/api/live/ {
auth_basic "Restricted grafana";
auth_basic_user_file /grafana.htpasswd;

rewrite ^/grafana/(.*) /$1 break;

proxy_http_version 1.1;
Expand All @@ -164,7 +163,7 @@ http {

proxy_set_header Authorization "";

proxy_pass http://${ASM_UPSTREAM_GRAFANA};
proxy_pass http://analytic-grafana:3000;
}
}
}
Empty file added clickhouse-cluster/template/management/public-cert/.gitkeep
View file
Empty file.
7 changes: 6 additions & 1 deletion clickhouse-cluster/template/node/collector/.env
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,19 @@ ASM_CH_NODE1_IP=__ASM_CH_NODE1_IP__
ASM_CH_NODE2_IP=__ASM_CH_NODE2_IP__
ASM_CH_NODE3_IP=__ASM_CH_NODE3_IP__
ASM_CH_DOMAIN=analytics-clickhouse.net.private
ASM_CH_CURRENT_NODE_ID=__NODE_ID__

# collector
ASM_ANALYTICS_COLLECTOR_COLLECTOR_URL=https://__ASM_COLLECTOR_HOSTNAME__
ASM_ANALYTICS_COLLECTOR_LOG_LEVEL=warn
ASM_ANALYTICS_COLLECTOR_CLICKHOUSE_SERVERS=ch1.analytics-clickhouse.net.private,ch2.analytics-clickhouse.net.private,ch3.analytics-clickhouse.net.private
ASM_ANALYTICS_COLLECTOR_CLICKHOUSE_SERVERS=ch1.analytics-clickhouse.net.private:9440,ch2.analytics-clickhouse.net.private:9440,ch3.analytics-clickhouse.net.private:9440
ASM_ANALYTICS_COLLECTOR_CLICKHOUSE_PASSWORD=__CLICKHOUSE_PASSWORD__
ASM_ANALYTICS_COLLECTOR_MANAGEMENT_PROJECTS_ENDPOINT="https://__ASM_MANEGMENT_HOSTNAME__/api/open-api/collector/project-list?t=__ASM_COLLECTOR_API_KEY__"

# increase worker connection
ASM_NGX_EXTRA_WORKER_RLIMIT_NOFILE=102400
ASM_NGX_EXTRA_WORKER_CONNECTIONS=8192

#########
# debug #
#########
Expand Down
2 changes: 1 addition & 1 deletion clickhouse-cluster/template/node/collector/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ services:
container_name: analytics-collector-nginx
hostname: analytics-collector-nginx
depends_on:
- analytics-collector
- analytics-collector-producer
ports:
- 0.0.0.0:80:80
- 0.0.0.0:443:443
Expand Down
0 main_producerr.go → main_producer.go
View file
File renamed without changes.

0 comments on commit a426ef3

Please sign in to comment.