opendev/system-config
Code Issues Proposed changes
dcec64c67b
system-config/playbooks/roles/gerrit/templates/docker-compose.yaml.j2

56 lines
1.6 KiB
Plaintext
Raw Normal View History

Use version 2 for docker-compose for review Also - update the test job to use xenial nodes, since that's what our gerrit servers are. docker-compose in xenial is too old for version 3 file format - but we didn't get an error in the test becuase we're running on bionic. Change-Id: I855c3df241932098c95de84cf9f92383b335702f
2020-03-17 13:02:20 -05:00
version: '2'
Clean up review comments Make image and volume list in compose file templated. Rename the gerrit-podman directory to not be based on tool. Make sure we run the job on changes to the playbooks. Update the job name - it's not just review-dev anymore. Change-Id: I0341fa95caff656a2176cc2026ec0ac8903fb24e
2019-10-30 08:37:55 +09:00
services:
gerrit: add mariadb_container option This adds a local mariadb container to the gerrit host to hold the accountPatchReviewDb database. This is inspired by a few things - since migration to NoteDB, there is only one table left where Gerrit records what files have been reviewed for a change. This logically scales with the number of reviews users are doing. Pulling the stats on this, we can see since the NoteDB upgrade this went from a very busy database (~300 queries/70 commits per second) to barely registering one hit per second : https://imgur.com/a/QGJV7Fw Thus separating the db to an external host for performance reasons is not a large concern any more. - emperically we've done a bad job in keeping the existing hosted db up-to-date; it's still running mysql 5.1 and we have been hit by bugs such as the one referenced in-line which silently drops backups. - The other gerrit option is to use an on-disk H2 database. This is certainly an option, however you need special tools to interact with it for migration, etc. and it's not safe to backup from files on disk (as opposed to mysqldump). Upstream advice is unclear, and varies between H2 being a performance bottleneck to this being ephemeral data that users don't care about. We know how to admin mariadb/mysql and this allows us to migrate and backup data, so seems like the best choice. - we have a pressing need to update the server to a new operating system. Running the db alongside the gerrit instance minimises fiddling we have to do manging connections to and migrating the hosted db systems. - related to that, we are tending towards more provider independence for control-plane servers. A hosted database product is not always provided, so this gives us more flexibility in moving things around. - the main concern here is memory usage. "docker stats" reports a quiescent container, freshly started on a 8GB host: gerrit-compose_mariadb_1 67.32MiB After loading a copy of the production table, and then dumping it back to a file the same container reports: gerrit-compose_mariadb_1 462.6MiB The existing remote mysql configuration path remains mostly the same. We move the gerrit startup into a script rather than a CMD so we can call it after a "wait for db" script in the mariadb_container case (this is the reccommeded way to enforce ordering [1]). Backups of the local container need different dump commands; backups are relocated to a new file and updated. Testing is converted to use this rather than a local H2 database. [1] https://docs.docker.com/compose/startup-order/ Change-Id: Iec981ef3c2e38889f91e9759e66295dbfb499c2e
2021-02-17 15:23:19 +11:00
mariadb:
Upgrade Gerrit's backend database to MariaDB 10.11 This change won't automatically perform the upgrade because we don't let ansible manage Gerrit's containers directly. But it will update the docker-compose file for us so that we can manually pull images, down, then up the containers again which will do the upgrade for us. This SQL database behind Gerrit only keeps tracks of which files users have reviewed so its importance is minimal. Getting it updated so we can bother even less about it is a good thing. Change-Id: I78b683770496bb3d8e97464ddedaf813780a2a4e
2024-04-23 15:18:29 -07:00
image: docker.io/library/mariadb:10.11
gerrit: add mariadb_container option This adds a local mariadb container to the gerrit host to hold the accountPatchReviewDb database. This is inspired by a few things - since migration to NoteDB, there is only one table left where Gerrit records what files have been reviewed for a change. This logically scales with the number of reviews users are doing. Pulling the stats on this, we can see since the NoteDB upgrade this went from a very busy database (~300 queries/70 commits per second) to barely registering one hit per second : https://imgur.com/a/QGJV7Fw Thus separating the db to an external host for performance reasons is not a large concern any more. - emperically we've done a bad job in keeping the existing hosted db up-to-date; it's still running mysql 5.1 and we have been hit by bugs such as the one referenced in-line which silently drops backups. - The other gerrit option is to use an on-disk H2 database. This is certainly an option, however you need special tools to interact with it for migration, etc. and it's not safe to backup from files on disk (as opposed to mysqldump). Upstream advice is unclear, and varies between H2 being a performance bottleneck to this being ephemeral data that users don't care about. We know how to admin mariadb/mysql and this allows us to migrate and backup data, so seems like the best choice. - we have a pressing need to update the server to a new operating system. Running the db alongside the gerrit instance minimises fiddling we have to do manging connections to and migrating the hosted db systems. - related to that, we are tending towards more provider independence for control-plane servers. A hosted database product is not always provided, so this gives us more flexibility in moving things around. - the main concern here is memory usage. "docker stats" reports a quiescent container, freshly started on a 8GB host: gerrit-compose_mariadb_1 67.32MiB After loading a copy of the production table, and then dumping it back to a file the same container reports: gerrit-compose_mariadb_1 462.6MiB The existing remote mysql configuration path remains mostly the same. We move the gerrit startup into a script rather than a CMD so we can call it after a "wait for db" script in the mariadb_container case (this is the reccommeded way to enforce ordering [1]). Backups of the local container need different dump commands; backups are relocated to a new file and updated. Testing is converted to use this rather than a local H2 database. [1] https://docs.docker.com/compose/startup-order/ Change-Id: Iec981ef3c2e38889f91e9759e66295dbfb499c2e
2021-02-17 15:23:19 +11:00
network_mode: host
environment:
MYSQL_ROOT_PASSWORD: "{{ gerrit_reviewdb_mariadb_password }}"
MYSQL_DATABASE: "{{ gerrit_reviewdb_mariadb_dbname }}"
MYSQL_USER: "{{ gerrit_reviewdb_mariadb_username }}"
MYSQL_PASSWORD: "{{ gerrit_reviewdb_mariadb_password }}"
Upgrade Gerrit's backend database to MariaDB 10.11 This change won't automatically perform the upgrade because we don't let ansible manage Gerrit's containers directly. But it will update the docker-compose file for us so that we can manually pull images, down, then up the containers again which will do the upgrade for us. This SQL database behind Gerrit only keeps tracks of which files users have reviewed so its importance is minimal. Getting it updated so we can bother even less about it is a good thing. Change-Id: I78b683770496bb3d8e97464ddedaf813780a2a4e
2024-04-23 15:18:29 -07:00
MARIADB_AUTO_UPGRADE: 1
gerrit: add mariadb_container option This adds a local mariadb container to the gerrit host to hold the accountPatchReviewDb database. This is inspired by a few things - since migration to NoteDB, there is only one table left where Gerrit records what files have been reviewed for a change. This logically scales with the number of reviews users are doing. Pulling the stats on this, we can see since the NoteDB upgrade this went from a very busy database (~300 queries/70 commits per second) to barely registering one hit per second : https://imgur.com/a/QGJV7Fw Thus separating the db to an external host for performance reasons is not a large concern any more. - emperically we've done a bad job in keeping the existing hosted db up-to-date; it's still running mysql 5.1 and we have been hit by bugs such as the one referenced in-line which silently drops backups. - The other gerrit option is to use an on-disk H2 database. This is certainly an option, however you need special tools to interact with it for migration, etc. and it's not safe to backup from files on disk (as opposed to mysqldump). Upstream advice is unclear, and varies between H2 being a performance bottleneck to this being ephemeral data that users don't care about. We know how to admin mariadb/mysql and this allows us to migrate and backup data, so seems like the best choice. - we have a pressing need to update the server to a new operating system. Running the db alongside the gerrit instance minimises fiddling we have to do manging connections to and migrating the hosted db systems. - related to that, we are tending towards more provider independence for control-plane servers. A hosted database product is not always provided, so this gives us more flexibility in moving things around. - the main concern here is memory usage. "docker stats" reports a quiescent container, freshly started on a 8GB host: gerrit-compose_mariadb_1 67.32MiB After loading a copy of the production table, and then dumping it back to a file the same container reports: gerrit-compose_mariadb_1 462.6MiB The existing remote mysql configuration path remains mostly the same. We move the gerrit startup into a script rather than a CMD so we can call it after a "wait for db" script in the mariadb_container case (this is the reccommeded way to enforce ordering [1]). Backups of the local container need different dump commands; backups are relocated to a new file and updated. Testing is converted to use this rather than a local H2 database. [1] https://docs.docker.com/compose/startup-order/ Change-Id: Iec981ef3c2e38889f91e9759e66295dbfb499c2e
2021-02-17 15:23:19 +11:00
volumes:
# NOTE(ianw) : mounted under /home/gerrit2 (rather than more
# usual /var/ in our configs) to keep everything together on the
# storage attached at /home/gerrit2 on the server.
- /home/gerrit2/reviewdb:/var/lib/mysql
logging:
driver: syslog
options:
tag: "docker-mariadb"
Clean up review comments Make image and volume list in compose file templated. Rename the gerrit-podman directory to not be based on tool. Make sure we run the job on changes to the playbooks. Update the job name - it's not just review-dev anymore. Change-Id: I0341fa95caff656a2176cc2026ec0ac8903fb24e
2019-10-30 08:37:55 +09:00
gerrit:
image: {{ gerrit_container_image }}
gerrit: add mariadb_container option This adds a local mariadb container to the gerrit host to hold the accountPatchReviewDb database. This is inspired by a few things - since migration to NoteDB, there is only one table left where Gerrit records what files have been reviewed for a change. This logically scales with the number of reviews users are doing. Pulling the stats on this, we can see since the NoteDB upgrade this went from a very busy database (~300 queries/70 commits per second) to barely registering one hit per second : https://imgur.com/a/QGJV7Fw Thus separating the db to an external host for performance reasons is not a large concern any more. - emperically we've done a bad job in keeping the existing hosted db up-to-date; it's still running mysql 5.1 and we have been hit by bugs such as the one referenced in-line which silently drops backups. - The other gerrit option is to use an on-disk H2 database. This is certainly an option, however you need special tools to interact with it for migration, etc. and it's not safe to backup from files on disk (as opposed to mysqldump). Upstream advice is unclear, and varies between H2 being a performance bottleneck to this being ephemeral data that users don't care about. We know how to admin mariadb/mysql and this allows us to migrate and backup data, so seems like the best choice. - we have a pressing need to update the server to a new operating system. Running the db alongside the gerrit instance minimises fiddling we have to do manging connections to and migrating the hosted db systems. - related to that, we are tending towards more provider independence for control-plane servers. A hosted database product is not always provided, so this gives us more flexibility in moving things around. - the main concern here is memory usage. "docker stats" reports a quiescent container, freshly started on a 8GB host: gerrit-compose_mariadb_1 67.32MiB After loading a copy of the production table, and then dumping it back to a file the same container reports: gerrit-compose_mariadb_1 462.6MiB The existing remote mysql configuration path remains mostly the same. We move the gerrit startup into a script rather than a CMD so we can call it after a "wait for db" script in the mariadb_container case (this is the reccommeded way to enforce ordering [1]). Backups of the local container need different dump commands; backups are relocated to a new file and updated. Testing is converted to use this rather than a local H2 database. [1] https://docs.docker.com/compose/startup-order/ Change-Id: Iec981ef3c2e38889f91e9759e66295dbfb499c2e
2021-02-17 15:23:19 +11:00
depends_on:
- mariadb
command: ["/wait-for-it.sh", "127.0.0.1:3306", "--", "/run-gerrit.sh"]
Clean up review comments Make image and volume list in compose file templated. Rename the gerrit-podman directory to not be based on tool. Make sure we run the job on changes to the playbooks. Update the job name - it's not just review-dev anymore. Change-Id: I0341fa95caff656a2176cc2026ec0ac8903fb24e
2019-10-30 08:37:55 +09:00
network_mode: host
user: gerrit
Use HUP to stop gerrit in docker-compose Also add a 5 minute stop grace period. This lines up with the init script we were using when this was a systemd managed service. Change-Id: I5a92bb214b96447008ad570e176adda13c4ca0cb
2020-04-10 09:29:54 -07:00
stop_signal: SIGHUP
stop_grace_period: 5m
Clean up review comments Make image and volume list in compose file templated. Rename the gerrit-podman directory to not be based on tool. Make sure we run the job on changes to the playbooks. Update the job name - it's not just review-dev anymore. Change-Id: I0341fa95caff656a2176cc2026ec0ac8903fb24e
2019-10-30 08:37:55 +09:00
volumes:
{% for volume in gerrit_container_volumes %}
- {{ volume }}
Add an use a utility service for gerrit commands We have a need to run ad-hoc commands with the various things mounted, such as the gerrit init, as well as our friends like manage-projects. Make a second "service" that doesn't do anything, but allows us to run "docker-compose run". Change-Id: Ic9bafe85b90af413c891b969273437be9df6a79f
2020-03-20 08:29:02 -05:00
{% endfor %}
Base 2.13 image on gerrit-base We install jeepyb and launchpadlib in gerrit-base. Those are important. We also need to add cgi for gitweb. The gerrit init command does two things that we don't actually want it to do at runtime. It extracts the plugins into the plugins dir, and it downloads the right database library. We can extract the plugins for it during image creation, and then we can also download the plugin it would have downloaded. We can also download the mysql library for it: https://gerrit.googlesource.com/gerrit/+/refs/heads/stable-2.13/gerrit-pgm/src/main/resources/com/google/gerrit/pgm/init/libraries.config Finally, we tell it to not download or expand anything during init, because we're running in a container and next time we run the process that dir isn't going to be there. Our gerrit integration tests don't depend on our gerrit image builds. Put in image depends between run-review and gerrit builds. We also need to depend directly on opendev-buildset-registry. Add java.security.egd setting to java invocation This tells java to be secure. https://stackoverflow.com/questions/58991966/what-java-security-egd-option-is-for Add support for setting heap limit properly The gerrit init script does this based on the value in container.javaOptions. We could, but then we'd have to run an entrypoint script. Instead, set the value via the JAVA_OPTIONS env var setting based on a value from ansible. Finally, make gerrit-master image build non-voting It looks like there might be a real issue, but debugging that is not important for us at this moment. Depends-On: https://review.opendev.org/714216 Change-Id: I01e94c10f470fb3c8ddfce7b0e201357e5050679
2020-03-20 09:41:23 -05:00
environment:
Add jvm gc logging to gerrit and traceability perms We are seeing java gc go crazy at times and aren't quite sure what is causing it. Add jvm gc logging to the gerrit process to help us identify what is happening. Additionally we add SYS_PTRACE to the container capabilities so that you can get heap dumps from the jvm. To get a heap dump you need to do roughyl: docker exec -u root -it gerritcontainerid jhsdb jmap --heap --pid $pid Change-Id: Ib4a5b84fda4eca73c7971c31ee74c3232eb733e4
2020-12-09 11:11:26 -08:00
JAVA_OPTIONS: >-
No lookups in Gerrit's log4j2 message formatting This is a safety net in case Gerrit or one of its plugins is using log4j2 in unsafe ways. Change-Id: I9d0a05fdad379a1e47f88cc6faa9425614f6515b
2021-12-10 20:07:36 +00:00
-Dlog4j2.formatMsgNoLookups=true
Add jvm gc logging to gerrit and traceability perms We are seeing java gc go crazy at times and aren't quite sure what is causing it. Add jvm gc logging to the gerrit process to help us identify what is happening. Additionally we add SYS_PTRACE to the container capabilities so that you can get heap dumps from the jvm. To get a heap dump you need to do roughyl: docker exec -u root -it gerritcontainerid jhsdb jmap --heap --pid $pid Change-Id: Ib4a5b84fda4eca73c7971c31ee74c3232eb733e4
2020-12-09 11:11:26 -08:00
{% if gerrit_heap_limit is defined %}
-Xmx{{ gerrit_heap_limit }}
Base 2.13 image on gerrit-base We install jeepyb and launchpadlib in gerrit-base. Those are important. We also need to add cgi for gitweb. The gerrit init command does two things that we don't actually want it to do at runtime. It extracts the plugins into the plugins dir, and it downloads the right database library. We can extract the plugins for it during image creation, and then we can also download the plugin it would have downloaded. We can also download the mysql library for it: https://gerrit.googlesource.com/gerrit/+/refs/heads/stable-2.13/gerrit-pgm/src/main/resources/com/google/gerrit/pgm/init/libraries.config Finally, we tell it to not download or expand anything during init, because we're running in a container and next time we run the process that dir isn't going to be there. Our gerrit integration tests don't depend on our gerrit image builds. Put in image depends between run-review and gerrit builds. We also need to depend directly on opendev-buildset-registry. Add java.security.egd setting to java invocation This tells java to be secure. https://stackoverflow.com/questions/58991966/what-java-security-egd-option-is-for Add support for setting heap limit properly The gerrit init script does this based on the value in container.javaOptions. We could, but then we'd have to run an entrypoint script. Instead, set the value via the JAVA_OPTIONS env var setting based on a value from ansible. Finally, make gerrit-master image build non-voting It looks like there might be a real issue, but debugging that is not important for us at this moment. Depends-On: https://review.opendev.org/714216 Change-Id: I01e94c10f470fb3c8ddfce7b0e201357e5050679
2020-03-20 09:41:23 -05:00
{% endif %}
Set ulimits for gerrit We set core size to 0 and number of files to twice the setting of core.packedGitOpenFiles. Make gerrit_packed_git_open_files a role variable so we can jinja the 2x transformation. Change-Id: I05dbfe1f091e7014c47b0f1ba79f99b51d1a6c30
2020-03-20 10:16:38 -05:00
ulimits:
core: 0
nofile: {{ gerrit_packed_git_open_files * 2 }}
Add jvm gc logging to gerrit and traceability perms We are seeing java gc go crazy at times and aren't quite sure what is causing it. Add jvm gc logging to the gerrit process to help us identify what is happening. Additionally we add SYS_PTRACE to the container capabilities so that you can get heap dumps from the jvm. To get a heap dump you need to do roughyl: docker exec -u root -it gerritcontainerid jhsdb jmap --heap --pid $pid Change-Id: Ib4a5b84fda4eca73c7971c31ee74c3232eb733e4
2020-12-09 11:11:26 -08:00
cap_add:
- SYS_PTRACE
Add an use a utility service for gerrit commands We have a need to run ad-hoc commands with the various things mounted, such as the gerrit init, as well as our friends like manage-projects. Make a second "service" that doesn't do anything, but allows us to run "docker-compose run". Change-Id: Ic9bafe85b90af413c891b969273437be9df6a79f
2020-03-20 08:29:02 -05:00
# Utility "service" to allow us to run ad-hoc commands
shell:
image: {{ gerrit_container_image }}
restart: 'no'
command: /bin/true
network_mode: host
user: gerrit
volumes:
{% for volume in gerrit_container_volumes %}
- {{ volume }}
Clean up review comments Make image and volume list in compose file templated. Rename the gerrit-podman directory to not be based on tool. Make sure we run the job on changes to the playbooks. Update the job name - it's not just review-dev anymore. Change-Id: I0341fa95caff656a2176cc2026ec0ac8903fb24e
2019-10-30 08:37:55 +09:00
{% endfor %}
Copy Permalink