From 52ae9cf9911f847b2bd76bce8c9a31492f4f78fa Mon Sep 17 00:00:00 2001 From: Michael Vasseur <14887731+vmcj@users.noreply.github.com> Date: Sun, 1 Sep 2024 22:40:00 +0200 Subject: [PATCH] Split for WF setups For the world finals we both test with an online and an onprem instance. We sometimes even manage an online server for the bigger contests together with a server which has no internet access. This also demonstrates to others using this how to setup something like even if we always only use 1 group on the location. --- provision-contest/ansible/domserver.yml | 2 +- .../group_vars/{all => online}/.gitignore | 0 .../ansible/group_vars/online/all.yml.example | 1 + .../group_vars/online/secret.yml.example | 1 + .../ansible/group_vars/onprem/.gitignore | 2 + .../{all => onprem}/all.yml.example | 0 .../{all => onprem}/secret.yml.example | 0 provision-contest/ansible/hosts.example | 22 +++++ provision-contest/ansible/judgehost.yml | 2 +- .../roles/grafana/templates/prometheus.yml.j2 | 96 ++++++++++--------- 10 files changed, 79 insertions(+), 47 deletions(-) rename provision-contest/ansible/group_vars/{all => online}/.gitignore (100%) create mode 120000 provision-contest/ansible/group_vars/online/all.yml.example create mode 120000 provision-contest/ansible/group_vars/online/secret.yml.example create mode 100644 provision-contest/ansible/group_vars/onprem/.gitignore rename provision-contest/ansible/group_vars/{all => onprem}/all.yml.example (100%) rename provision-contest/ansible/group_vars/{all => onprem}/secret.yml.example (100%) diff --git a/provision-contest/ansible/domserver.yml b/provision-contest/ansible/domserver.yml index deadce15..923cdc6a 100644 --- a/provision-contest/ansible/domserver.yml +++ b/provision-contest/ansible/domserver.yml @@ -13,7 +13,7 @@ - python3-netaddr - name: Setup domserver - hosts: domserver + hosts: domserver,online-domserver vars: host_type: domserver become: true diff --git a/provision-contest/ansible/group_vars/all/.gitignore b/provision-contest/ansible/group_vars/online/.gitignore similarity index 100% rename from provision-contest/ansible/group_vars/all/.gitignore rename to provision-contest/ansible/group_vars/online/.gitignore diff --git a/provision-contest/ansible/group_vars/online/all.yml.example b/provision-contest/ansible/group_vars/online/all.yml.example new file mode 120000 index 00000000..cb36e6fe --- /dev/null +++ b/provision-contest/ansible/group_vars/online/all.yml.example @@ -0,0 +1 @@ +../onprem/all.yml.example \ No newline at end of file diff --git a/provision-contest/ansible/group_vars/online/secret.yml.example b/provision-contest/ansible/group_vars/online/secret.yml.example new file mode 120000 index 00000000..66dd4b02 --- /dev/null +++ b/provision-contest/ansible/group_vars/online/secret.yml.example @@ -0,0 +1 @@ +../onprem/secret.yml.example \ No newline at end of file diff --git a/provision-contest/ansible/group_vars/onprem/.gitignore b/provision-contest/ansible/group_vars/onprem/.gitignore new file mode 100644 index 00000000..c35135b1 --- /dev/null +++ b/provision-contest/ansible/group_vars/onprem/.gitignore @@ -0,0 +1,2 @@ +/secret.yml +/all.yml diff --git a/provision-contest/ansible/group_vars/all/all.yml.example b/provision-contest/ansible/group_vars/onprem/all.yml.example similarity index 100% rename from provision-contest/ansible/group_vars/all/all.yml.example rename to provision-contest/ansible/group_vars/onprem/all.yml.example diff --git a/provision-contest/ansible/group_vars/all/secret.yml.example b/provision-contest/ansible/group_vars/onprem/secret.yml.example similarity index 100% rename from provision-contest/ansible/group_vars/all/secret.yml.example rename to provision-contest/ansible/group_vars/onprem/secret.yml.example diff --git a/provision-contest/ansible/hosts.example b/provision-contest/ansible/hosts.example index 72409204..b0f9cddb 100644 --- a/provision-contest/ansible/hosts.example +++ b/provision-contest/ansible/hosts.example @@ -5,6 +5,22 @@ ansible_python_interpreter=/usr/bin/python3 # When moving clients for ad-hoc actions: # move them to their own group to keep hosts files on deployed machines in sync. +[onprem:children] +domserver +judgehost +cds +grafana +admin +presclient +presadmin +scoreboard +mgmt +autoanalyst + +[online:children] +online-domserver +online-judgehost + [domserver] domjudge-primary ansible_host=10.3.3.216 KEEPALIVED_PRIORITY=100 EFI_ORDER='0\,1\,3\,4' domjudge-backup ansible_host=10.3.3.217 KEEPALIVED_PRIORITY=99 EFI_ORDER='0\,1\,3\,4' @@ -63,3 +79,9 @@ domjudge-scoreboard ansible_host=10.2.2.229 domjudge-mgmg ansible_host=10.3.3.223 [autoanalyst] + +[online-domserver] +online-domserver ansible_host=192.168.255.255 + +[online-judgehost] +online-judgehost1 ansible_host=192.168.255.255 diff --git a/provision-contest/ansible/judgehost.yml b/provision-contest/ansible/judgehost.yml index 9ead6eaa..ae3e9c98 100644 --- a/provision-contest/ansible/judgehost.yml +++ b/provision-contest/ansible/judgehost.yml @@ -2,7 +2,7 @@ # This playbook installs the DOMjudge judgehosts - name: Setup judgehost - hosts: judgehost + hosts: judgehost,online-judgehost strategy: free vars: host_type: judgehost diff --git a/provision-contest/ansible/roles/grafana/templates/prometheus.yml.j2 b/provision-contest/ansible/roles/grafana/templates/prometheus.yml.j2 index 8246bf75..8352c07c 100644 --- a/provision-contest/ansible/roles/grafana/templates/prometheus.yml.j2 +++ b/provision-contest/ansible/roles/grafana/templates/prometheus.yml.j2 @@ -9,79 +9,86 @@ scrape_configs: - job_name: 'prometheus' static_configs: - targets: ['localhost:9090'] - - job_name: 'db' +{% for group_prefix in GROUP_PREFIXES %} +{% if groups[group_prefix+"judgehost"][0] is defined %} + - job_name: node_judgehost basic_auth: username: "prometheus" - password: "{{ PROMETHEUS_PASS }}" + password: "{{ hostvars[groups[group_prefix+"judgehost"][0]]['PROMETHEUS_PASS'] }}" tls_config: insecure_skip_verify: true scheme: https static_configs: - targets: -{% for host in groups["domserver"] %} - - {{ hostvars[host].ansible_host }}:9104 +{% for host in groups[group_prefix+"judgehost"] %} + - {{ hostvars[host].ansible_host }}:9100 {% endfor %} - - job_name: node_domserver +{% endif %} +{% if groups["domserver"][0] is defined %} + - job_name: {{ group_prefix ~ domjudge }} basic_auth: - username: "prometheus" - password: "{{ PROMETHEUS_PASS }}" + username: admin + password: {{ ADMIN_PASSWORD }} + metrics_path: /api/v4/metrics/prometheus + scheme: https tls_config: insecure_skip_verify: true - scheme: https static_configs: - targets: -{% for host in groups["domserver"] %} - - {{ hostvars[host].ansible_host }}:9100 +{% for host in groups[group_prefix+"domserver"] %} + - {{ hostvars[host].ansible_host }} {% endfor %} - - job_name: node_judgehost + - job_name: {{ group_prefix ~ 'db' }} basic_auth: username: "prometheus" - password: "{{ PROMETHEUS_PASS }}" + password: "{{ hostvars[groups[group_prefix+"domserver"][0]]['PROMETHEUS_PASS'] }}" tls_config: insecure_skip_verify: true scheme: https static_configs: - targets: -{% for host in groups["judgehost"] %} - - {{ hostvars[host].ansible_host }}:9100 +{% for host in groups[group_prefix+"domserver"] %} + - {{ hostvars[host].ansible_host }}:9104 {% endfor %} - - job_name: node_grafana + - job_name: {{ group_prefix ~ 'node_domserver' }} basic_auth: username: "prometheus" - password: "{{ PROMETHEUS_PASS }}" + password: "{{ hostvars[groups[group_prefix+"domserver"][0]]['PROMETHEUS_PASS'] }}" tls_config: insecure_skip_verify: true scheme: https static_configs: - targets: -{% for host in groups["grafana"] %} +{% for host in groups["domserver"] %} - {{ hostvars[host].ansible_host }}:9100 {% endfor %} - - job_name: node_mgmt + - job_name: {{ group_prefix ~ 'web_nginx_domserver' }} basic_auth: username: "prometheus" - password: "{{ PROMETHEUS_PASS }}" + password: "{{ hostvars[groups[group_prefix+"domserver"][0]]['PROMETHEUS_PASS'] }}" tls_config: insecure_skip_verify: true scheme: https static_configs: - targets: -{% for host in groups["mgmt"] %} - - {{ hostvars[host].ansible_host }}:9100 +{% for host in groups[group_prefix+"domserver"] %} + - {{ hostvars[host].ansible_host }}:9113 {% endfor %} - - job_name: node_scoreboard + - job_name: {{ group_prefix ~ 'web_fpm_domserver' }} basic_auth: username: "prometheus" - password: "{{ PROMETHEUS_PASS }}" + password: "{{ hostvars[groups[group_prefix+"domserver"][0]]['PROMETHEUS_PASS'] }}" tls_config: insecure_skip_verify: true scheme: https static_configs: - targets: -{% for host in groups["scoreboard"] %} - - {{ hostvars[host].ansible_host }}:9100 +{% for host in groups[group_prefix+"domserver"] %} + - {{ hostvars[host].ansible_host }}:9253 {% endfor %} - - job_name: node_cds +{% endif %} +{% endfor %} + - job_name: node_grafana basic_auth: username: "prometheus" password: "{{ PROMETHEUS_PASS }}" @@ -90,23 +97,22 @@ scrape_configs: scheme: https static_configs: - targets: -{% for host in groups["cds"] %} +{% for host in groups["grafana"] %} - {{ hostvars[host].ansible_host }}:9100 {% endfor %} - - job_name: domjudge + - job_name: node_mgmt basic_auth: - username: admin - password: {{ ADMIN_PASSWORD }} - metrics_path: /api/v4/metrics/prometheus - scheme: https + username: "prometheus" + password: "{{ PROMETHEUS_PASS }}" tls_config: insecure_skip_verify: true + scheme: https static_configs: - targets: -{% for host in groups["domserver"] %} - - {{ hostvars[host].ansible_host }} +{% for host in groups["mgmt"] %} + - {{ hostvars[host].ansible_host }}:9100 {% endfor %} - - job_name: 'web_nginx_cds' + - job_name: node_scoreboard basic_auth: username: "prometheus" password: "{{ PROMETHEUS_PASS }}" @@ -115,10 +121,10 @@ scrape_configs: scheme: https static_configs: - targets: -{% for host in groups["cds"] %} - - {{ hostvars[host].ansible_host }}:9113 +{% for host in groups["scoreboard"] %} + - {{ hostvars[host].ansible_host }}:9100 {% endfor %} - - job_name: 'web_nginx_scoreboard' + - job_name: node_cds basic_auth: username: "prometheus" password: "{{ PROMETHEUS_PASS }}" @@ -127,10 +133,10 @@ scrape_configs: scheme: https static_configs: - targets: -{% for host in groups["scoreboard"] %} - - {{ hostvars[host].ansible_host }}:9113 +{% for host in groups["cds"] %} + - {{ hostvars[host].ansible_host }}:9100 {% endfor %} - - job_name: 'web_nginx_domserver' + - job_name: 'web_nginx_cds' basic_auth: username: "prometheus" password: "{{ PROMETHEUS_PASS }}" @@ -139,10 +145,10 @@ scrape_configs: scheme: https static_configs: - targets: -{% for host in groups["domserver"] %} +{% for host in groups["cds"] %} - {{ hostvars[host].ansible_host }}:9113 {% endfor %} - - job_name: 'web_fpm_domserver' + - job_name: 'web_nginx_scoreboard' basic_auth: username: "prometheus" password: "{{ PROMETHEUS_PASS }}" @@ -151,6 +157,6 @@ scrape_configs: scheme: https static_configs: - targets: -{% for host in groups["domserver"] %} - - {{ hostvars[host].ansible_host }}:9253 +{% for host in groups["scoreboard"] %} + - {{ hostvars[host].ansible_host }}:9113 {% endfor %}