DevOps: Difference between revisions
No edit summary |
|||
| (17 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
{{servers}} | |||
== Ansible == | == Ansible == | ||
Ansible is used for infrastructure deployment. More information about Noisebridge's use of Ansible can be found at [[Ansible]] and a quick overview of Ansible at [[Ansible/Quickstart]]. | Ansible is used for infrastructure deployment. More information about Noisebridge's use of Ansible can be found at [[Ansible]] and a quick overview of Ansible at [[Ansible/Quickstart]]. | ||
| Line 9: | Line 11: | ||
Caddy is a webserver with https on BY DEFAULT and it is VERY PROUD of this fact. | Caddy is a webserver with https on BY DEFAULT and it is VERY PROUD of this fact. | ||
The ansible playbook for caddy is | === Playbook Documentation === | ||
(e.g. how to deploy caddy with ansible, not how to use caddy) | |||
[https://github.com/antoiner77/caddy-ansible The ansible playbook for caddy] | |||
=== Caddy Configuration === | |||
[https://caddyserver.com/tutorial/caddyfile Tutorial/Primer] | |||
[https://caddyserver.com/docs/caddyfile Caddy configuration file documentation] | |||
[https://caddyserver.com/docs/cli cli interface, flags and stuff] | |||
=== Noisebridge configuration === | |||
The majority of entries in caddy.yml handle redirects from other noisebridte-ish domains like noisebridge.com to noisebridge.net. | |||
apps like mailman, pipermail with http[s] endpoints are also configured. | |||
==== Directives ==== | |||
A list of directives seen in noisebridge caddy ansible playbook and their definitions. | |||
; [https://caddyserver.com/docs/http.prometheus prometheus] : a metric reporting system. | |||
; [https://caddyserver.com/docs/gzip gzip] : serve sites from zipped archives | |||
; [https://caddyserver.com/docs/log log] : logging configuration | |||
; [https://caddyserver.com/docs/tls tls] : override https default intentionally | |||
; [https://caddyserver.com/docs/redir redir] : sends the client an HTTP redirect status code if the URL matches the specified pattern. It is also possible to make a redirect conditional. | |||
; [https://caddyserver.com/docs/root root] : specifies the root of the site. This is very useful, in fact required, if the root (/) directory of the website is not the same as where Caddy is being executed from. | |||
; [https://caddyserver.com/docs/index index] : sets the list of file names that are used as "index" files. When a directory path is requested instead of a specific file, the directory is checked for existing index files. The first matching file name is served. | |||
; [https://caddyserver.com/docs/header header] : manipulate response headers. | |||
; [https://caddyserver.com/docs/fastcgi fastcgi] : proxies requests to a FastCGI server. | |||
; [https://caddyserver.com/docs/rewrite rewrite] : request one resource but actually be served another without an HTTP redirect. Rewrites are invisible to the client. | |||
https:// | ==== Plugins ==== | ||
; [https://caddyserver.com/docs/http.cgi cgi] : generate dynamic content on your website by means of command line scripts | |||
== molecule == | == molecule == | ||
| Line 25: | Line 58: | ||
https://coredns.io/ | https://coredns.io/ | ||
Ansible houses files which contain Noisebridge's dns configuration. | |||
== Prometheus == | == Prometheus == | ||
System monitoring and time series database | System monitoring and time series database. | ||
https://prometheus.io/ | |||
=== Playbook configuration === | |||
[https://github.com/cloudalchemy/ansible-prometheus playbook configuration for prometheus] | |||
=== Noisebridge === | |||
Prometheus is configured to log metrics for various groups of services. As different groups are involved, there is prometheus config in different group_vars files. | |||
node, caddy, and coredns, smartpi | |||
Q: Why is the web_listen_address "127.0.0.1:9090" instead of "localhost:9090" as lower in the file? | |||
== mysql (percona) == | |||
[https://www.percona.com/ Percona] is a distribution of MySQL which includes features from MySQL Enterprise edition like availability, availability, security, etc. | |||
=== Ansible === | |||
As Percona is a mysql distribution, it makes use of the [https://github.com/geerlingguy/ansible-role-mysqlmysql ansible role]. | |||
=== Percona === | |||
the database name is noisebridge_mediawiki | |||
=== Noisebridge === | |||
Percona is used to serve noisebridge's mediawiki instance. | |||
== Grafana == | |||
[https://grafana.com/ Grafana] is a " tool for beautiful monitoring and metric analytics & dashboards for Graphite, InfluxDB & Prometheus & More" [https://github.com/grafana/grafana github] | |||
[https://github.com/ansiblebit/grafana playbook] | |||
The config in grafana.yml is specific to directories, hosts, databases, credentials and various authentications. | |||
== node exporter == | |||
A basic metrics exporter for prometheus | |||
[https://github.com/cloudalchemy/ansible-node-exporter playbook] | |||
[https://prometheus.io/docs/guides/node-exporter/] | |||
Latest revision as of 10:04, 21 December 2021
| Noisebridge | About | Visit | 272 | Manual | Contact | Guilds | Stuff | Events | Projects | Meetings | Donate | E |
| Resources | Where to find things | Storage | Network | AV | Audio | Library | Servers | Printers | Sustenance | Sources | E |
| Servers | DevOps | Pegasus | Unicorn | Shed | Brony | Secretaribot | lemp10 | V · T · E |
Ansible
[edit | edit source]Ansible is used for infrastructure deployment. More information about Noisebridge's use of Ansible can be found at Ansible and a quick overview of Ansible at Ansible/Quickstart.
https://github.com/noisebridge/ansible
Caddy
[edit | edit source]Caddy is a webserver with https on BY DEFAULT and it is VERY PROUD of this fact.
Playbook Documentation
[edit | edit source](e.g. how to deploy caddy with ansible, not how to use caddy)
The ansible playbook for caddy
Caddy Configuration
[edit | edit source]Caddy configuration file documentation
cli interface, flags and stuff
Noisebridge configuration
[edit | edit source]The majority of entries in caddy.yml handle redirects from other noisebridte-ish domains like noisebridge.com to noisebridge.net.
apps like mailman, pipermail with http[s] endpoints are also configured.
Directives
[edit | edit source]A list of directives seen in noisebridge caddy ansible playbook and their definitions.
- prometheus
- a metric reporting system.
- gzip
- serve sites from zipped archives
- log
- logging configuration
- tls
- override https default intentionally
- redir
- sends the client an HTTP redirect status code if the URL matches the specified pattern. It is also possible to make a redirect conditional.
- root
- specifies the root of the site. This is very useful, in fact required, if the root (/) directory of the website is not the same as where Caddy is being executed from.
- index
- sets the list of file names that are used as "index" files. When a directory path is requested instead of a specific file, the directory is checked for existing index files. The first matching file name is served.
- header
- manipulate response headers.
- fastcgi
- proxies requests to a FastCGI server.
- rewrite
- request one resource but actually be served another without an HTTP redirect. Rewrites are invisible to the client.
Plugins
[edit | edit source]- cgi
- generate dynamic content on your website by means of command line scripts
molecule
[edit | edit source]"Molecule aids in the development and testing of Ansible roles."
https://github.com/ansible/molecule
why are there two instances, default and alternate?
coredns
[edit | edit source]Ansible houses files which contain Noisebridge's dns configuration.
Prometheus
[edit | edit source]System monitoring and time series database.
Playbook configuration
[edit | edit source]playbook configuration for prometheus
Noisebridge
[edit | edit source]Prometheus is configured to log metrics for various groups of services. As different groups are involved, there is prometheus config in different group_vars files.
node, caddy, and coredns, smartpi
Q: Why is the web_listen_address "127.0.0.1:9090" instead of "localhost:9090" as lower in the file?
mysql (percona)
[edit | edit source]Percona is a distribution of MySQL which includes features from MySQL Enterprise edition like availability, availability, security, etc.
Ansible
[edit | edit source]As Percona is a mysql distribution, it makes use of the ansible role.
Percona
[edit | edit source]the database name is noisebridge_mediawiki
Noisebridge
[edit | edit source]Percona is used to serve noisebridge's mediawiki instance.
Grafana
[edit | edit source]Grafana is a " tool for beautiful monitoring and metric analytics & dashboards for Graphite, InfluxDB & Prometheus & More" github
The config in grafana.yml is specific to directories, hosts, databases, credentials and various authentications.
node exporter
[edit | edit source]A basic metrics exporter for prometheus