[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-grid5k] 76/141: modify nginx settings
|
From: |
gnunet |
|
Subject: |
[taler-grid5k] 76/141: modify nginx settings |
|
Date: |
Thu, 18 Nov 2021 14:50:17 +0100 |
This is an automated email from the git hooks/post-receive script.
marco-boss pushed a commit to branch master
in repository grid5k.
commit 6d72dd6f87f78887abcc67337fe50497245d7a43
Author: Boss Marco <bossm8@bfh.ch>
AuthorDate: Thu Oct 28 16:05:54 2021 +0200
modify nginx settings
---
configs/etc/nginx/nginx.conf | 62 ++++++++++++++++++++++++++++
configs/usr/lib/systemd/system/nginx.service | 31 ++++++++++++++
experiment/env | 17 ++++----
experiment/scripts/database.sh | 2 +-
experiment/scripts/proxy.sh | 11 +++++
experiment/scripts/wallet.sh | 4 +-
experiment/taler-perf-any.rspec | 33 ++++++++++-----
image/taler-debian11.yaml | 27 ++++++++----
screenshot.sh | 50 ----------------------
9 files changed, 158 insertions(+), 79 deletions(-)
diff --git a/configs/etc/nginx/nginx.conf b/configs/etc/nginx/nginx.conf
new file mode 100644
index 0000000..88861cf
--- /dev/null
+++ b/configs/etc/nginx/nginx.conf
@@ -0,0 +1,62 @@
+user www-data;
+worker_processes auto;
+worker_rlimit_nofile 500000;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+ worker_connections 10000;
+ # multi_accept on;
+}
+
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ types_hash_max_size 2048;
+ # server_tokens off;
+
+ # server_names_hash_bucket_size 64;
+ # server_name_in_redirect off;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref:
POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Logging Settings
+ ##
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ ##
+ # Gzip Settings
+ ##
+
+ gzip on;
+
+ # gzip_vary on;
+ # gzip_proxied any;
+ # gzip_comp_level 6;
+ # gzip_buffers 16 8k;
+ # gzip_http_version 1.1;
+ # gzip_types text/plain text/css application/json
application/javascript text/xml application/xml application/xml+rss
text/javascript;
+
+ ##
+ # Virtual Host Configs
+ ##
+
+ include /etc/nginx/conf.d/*.conf;
+ include /etc/nginx/sites-enabled/*;
+}
diff --git a/configs/usr/lib/systemd/system/nginx.service
b/configs/usr/lib/systemd/system/nginx.service
new file mode 100644
index 0000000..9355ee0
--- /dev/null
+++ b/configs/usr/lib/systemd/system/nginx.service
@@ -0,0 +1,31 @@
+# Stop dance for nginx
+# =======================
+#
+# ExecStop sends SIGSTOP (graceful stop) to the nginx process.
+# If, after 5s (--retry QUIT/5) nginx is still running, systemd takes control
+# and sends SIGTERM (fast shutdown) to the main process.
+# After another 5s (TimeoutStopSec=5), and if nginx is alive, systemd sends
+# SIGKILL to all the remaining processes in the process group (KillMode=mixed).
+#
+# nginx signals reference doc:
+# http://nginx.org/en/docs/control.html
+#
+[Unit]
+Description=A high performance web server and a reverse proxy server
+Documentation=man:nginx(8)
+After=network.target nss-lookup.target
+
+[Service]
+Type=forking
+PIDFile=/run/nginx.pid
+ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
+ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
+ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
+ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile
/run/nginx.pid
+TimeoutStopSec=5
+KillMode=mixed
+LimitNOFILE=500000
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/experiment/env b/experiment/env
index 48cc72b..6f6f42c 100755
--- a/experiment/env
+++ b/experiment/env
@@ -1,20 +1,21 @@
-BANK_HOSTS=nova-*.*
+ BANK_HOSTS=nova-*.*
DATABASE_HOSTS=gros-*.*
EXCHANGE_HOSTS=grcinq-*.*
MERCHANT_HOSTS=grvingt-*.*
-MONITOR_HOSTS=econome-*.*
-PROXY_HOSTS=grappe-*.*
-WALLET_HOSTS=uvb-*.*
+ MONITOR_HOSTS=econome-*.*
+ PROXY_HOSTS=grappe-*.*
+ WALLET_HOSTS=uvb-*.*
DNS_HOST=taler.net
DNS_ZONE=perf.taler
-BANK_DOMAIN=bank.perf.taler
+ BANK_DOMAIN=bank.perf.taler
DATABASE_DOMAIN=db.perf.taler
EXCHANGE_DOMAIN=exch.perf.taler
MERCHANT_DOMAIN=merch.perf.taler
-MONITOR_DOMAIN=monitor.perf.taler
-PROXY_DOMAIN=proxy.perf.taler
+ MONITOR_DOMAIN=monitor.perf.taler
+ PROXY_DOMAIN=proxy.perf.taler
+
# Wallet domain is also needed for cleardns.sh
WALLET_DOMAIN=wallet-x.perf.taler
@@ -31,7 +32,7 @@ DB_PASSWORD=
NUM_WALLET_HOSTS=3
# Number of wallets to run in parallel per host
-# If left empty, number of cpu cores is used
+# If left empty, 2 times number of cpu cores is used
NUM_WALLET_PROCESSES=64
# Number of exchange processes to run
diff --git a/experiment/scripts/database.sh b/experiment/scripts/database.sh
index 9926774..2879781 100755
--- a/experiment/scripts/database.sh
+++ b/experiment/scripts/database.sh
@@ -13,7 +13,7 @@ echo "
listen_addresses='*'
log_destination=syslog
syslog_ident='taler-database'
-log_min_duration_statement=1000
+log_min_duration_statement=600
shared_preload_libraries='pg_stat_statements,auto_explain'
" >> /etc/postgresql/13/main/postgresql.conf
diff --git a/experiment/scripts/proxy.sh b/experiment/scripts/proxy.sh
index bbe49d4..f85270d 100755
--- a/experiment/scripts/proxy.sh
+++ b/experiment/scripts/proxy.sh
@@ -20,6 +20,17 @@ sed -i -e '/module(load="imudp")/s/^#//g' \
systemctl restart rsyslog
+echo "
+fs.file-max=50000
+" >> /etc/sysctl.conf
+
+echo "
+www-data soft nofile unlimited
+www-data hard nofile unlimited
+" >> /etc/security/limits.conf
+
+sysctl -p
+
# Nginx does not start until the destination server is reachable - wait here
# nginx: [emerg] host not found in upstream "exch.perf.taler" ...
wait_for_keys "${EXCHANGE_DOMAIN}"
diff --git a/experiment/scripts/wallet.sh b/experiment/scripts/wallet.sh
index d0e3335..e2210fc 100755
--- a/experiment/scripts/wallet.sh
+++ b/experiment/scripts/wallet.sh
@@ -10,6 +10,8 @@ fi
wait_for_keys "${PROXY_DOMAIN}"
-NUM_PROCESSES=${NUM_WALLET_PROCESSES:-$(lscpu | grep "^CPU(s):" | awk '{print
$2}')}
+sleep 5
+
+NUM_PROCESSES=${NUM_WALLET_PROCESSES:-$(echo "2 * $(lscpu | grep "^CPU(s):" |
awk '{print $2}')" | bc)}
parallel --ungroup -j ${NUM_PROCESSES} ~/scripts/test1.sh ::: $(seq
${NUM_PROCESSES})
diff --git a/experiment/taler-perf-any.rspec b/experiment/taler-perf-any.rspec
index 6691043..35ab5f9 100644
--- a/experiment/taler-perf-any.rspec
+++ b/experiment/taler-perf-any.rspec
@@ -1,10 +1,10 @@
<?xml version='1.0'?>
-<rspec xmlns="http://www.geni.net/resources/rspec/3"; type="request"
generated_by="jFed RSpec Editor" generated="2021-10-25T22:37:21.510+02:00"
xmlns:emulab="http://www.protogeni.net/resources/rspec/ext/emulab/1";
xmlns:delay="http://www.protogeni.net/resources/rspec/ext/delay/1";
xmlns:jfed-command="http://jfed.iminds.be/rspec/ext/jfed-command/1";
xmlns:client="http://www.protogeni.net/resources/rspec/ext/client/1";
xmlns:jfed-ssh-keys="http://jfed.iminds.be/rspec/ext/jfed-ssh-keys/1"; xmlns:
[...]
+<rspec xmlns="http://www.geni.net/resources/rspec/3"; type="request"
generated_by="jFed RSpec Editor" generated="2021-10-28T08:10:25.191+02:00"
xmlns:emulab="http://www.protogeni.net/resources/rspec/ext/emulab/1";
xmlns:delay="http://www.protogeni.net/resources/rspec/ext/delay/1";
xmlns:jfed-command="http://jfed.iminds.be/rspec/ext/jfed-command/1";
xmlns:client="http://www.protogeni.net/resources/rspec/ext/client/1";
xmlns:jfed-ssh-keys="http://jfed.iminds.be/rspec/ext/jfed-ssh-keys/1"; xmlns:
[...]
<node client_id="DB" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
<sliver_type name="raw-pc">
<disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
</sliver_type>
- <hardware_type name="chiclet-lille"/>
+ <hardware_type name="dahu-grenoble"/>
<location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="681.0"
y="200.5"/>
</node>
<node client_id="Exchange" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
@@ -18,14 +18,13 @@
<sliver_type name="raw-pc">
<disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
</sliver_type>
- <hardware_type name="grvingt-nancy"/>
<location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="633.5"
y="449.5"/>
</node>
<node client_id="Bank" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
<sliver_type name="raw-pc">
<disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
</sliver_type>
- <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="849.0"
y="194.5"/>
+ <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="835.0"
y="197.5"/>
</node>
<node client_id="Proxy" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
<sliver_type name="raw-pc">
@@ -44,14 +43,12 @@
<sliver_type name="raw-pc">
<disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
</sliver_type>
- <hardware_type name="grvingt-nancy"/>
<location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="766.5"
y="450.5"/>
</node>
<node client_id="Wallet-2" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
<sliver_type name="raw-pc">
<disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
</sliver_type>
- <hardware_type name="grvingt-nancy"/>
<location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="908.5"
y="451.5"/>
</node>
<node client_id="Merchant" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
@@ -64,14 +61,30 @@
<sliver_type name="raw-pc">
<disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
</sliver_type>
- <hardware_type name="grvingt-nancy"/>
- <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="685.5"
y="492.5"/>
+ <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="639.5"
y="485.5"/>
</node>
<node client_id="Wallet-4" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
<sliver_type name="raw-pc">
<disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
</sliver_type>
- <hardware_type name="grvingt-nancy"/>
- <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="840.0"
y="491.5"/>
+ <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="766.5"
y="483.5"/>
+ </node>
+ <node client_id="Wallet-5" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
+ <sliver_type name="raw-pc">
+ <disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
+ </sliver_type>
+ <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="907.0"
y="484.5"/>
+ </node>
+ <node client_id="Wallet-6" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
+ <sliver_type name="raw-pc">
+ <disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
+ </sliver_type>
+ <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="691.0"
y="520.5"/>
+ </node>
+ <node client_id="Wallet-7" exclusive="true"
component_manager_id="urn:publicid:IDN+am.grid5000.fr+authority+am">
+ <sliver_type name="raw-pc">
+ <disk_image
name="http://public.lille.grid5000.fr/~bfhch01/taler-debian11.dsc"/>
+ </sliver_type>
+ <location xmlns="http://jfed.iminds.be/rspec/ext/jfed/1"; x="822.0"
y="520.5"/>
</node>
</rspec>
\ No newline at end of file
diff --git a/image/taler-debian11.yaml b/image/taler-debian11.yaml
index 6f0650c..f6cd883 100644
--- a/image/taler-debian11.yaml
+++ b/image/taler-debian11.yaml
@@ -38,9 +38,10 @@ global:
# g5k_kernel_params: ""
## Environment visibility
# g5k_visibility: "shared"
- taler_packages: "nginx postgresql-13 postgresql-contrib curl jq
taler-exchange taler-auditor taler-merchant taler-exchange-offline
taler-wallet-cli sudo git zile dnsutils libtalerexchange-dev
prometheus-postgres-exporter prometheus-nginx-exporter net-tools netcat
parallel nodejs"
+ taler_build_packages: "recutils autoconf uncrustify autopoint libtool
python3-pip libgcrypt20-dev libjansson-dev libcurl4-gnutls-dev libsodium-dev
libidn2-dev libunistring-dev libmicrohttpd-dev libsqlite3-dev valgrind
postgresql libpq-dev texinfo gdb nginx postgresql-contrib curl jq make npm zip
python3-distutils"
+ taler_packages: "nginx postgresql-13 postgresql-contrib curl jq bc sudo git
zile dnsutils prometheus-postgres-exporter prometheus-nginx-exporter net-tools
netcat parallel nodejs"
taler_packages_no_recommends: "prometheus prometheus-node-exporter"
- other_packages_no_clean: "$${taler_packages}
$${taler_packages_no_recommends}"
+ other_packages_no_clean: "$${taler_packages}
$${taler_packages_no_recommends} $${taler_build_packages}"
taler_disable_services: "nginx postgresql prometheus
prometheus-postgres-exporter prometheus-nginx-exporter prometheus-node-exporter"
taler_loki_version: "v2.3.0"
@@ -61,21 +62,29 @@ setup:
- install:
- packages:
- exec_in: |
- echo "deb https://deb.taler.net/apt/debian bullseye main" >
/etc/apt/sources.list.d/taler.list
+ echo "deb https://deb.taler.net/apt-nightly/debian bullseye main" >
/etc/apt/sources.list.d/taler.list
wget -O - https://taler.net/taler-systems.gpg.key | apt-key add -
apt-get update
apt-upgrade
- apt-get install -y $${taler_packages}
+ apt-get install -y $${taler_packages} $${taler_build_packages}
apt-get install -y --no-install-recommends
$${taler_packages_no_recommends}
- - build_wallet:
+ - build_taler:
- exec_in: |
+ # GNUNet
+ git clone https://git.gnunet.org/git/gnunet.git
+ cd gnunet && ./bootstrap && ./configure --enable-logging=verbose &&
make && make install
+ ldconfig
+
+ # Exchange
+ git clone https://git.taler.net/exchange.git
+ cd exchange && ./bootstrap && ./configure --enable-logging=verbose &&
make && make install
+ ldconfig
+
+ # Wallet
git clone https://git.taler.net/wallet-core.git
cd wallet-core && git checkout benchmark
- # these packages will be deleted in the final image
- apt install -y --no-install-recommends npm zip python3-distutils make
npm install -g pnpm
- pnpm install
- ./bootstrap && ./configure && make install
+ cd wallet-core && ./bootstrap && ./configure && make install
- loki-promtail:
- exec_in: |
apt-get install -y unzip curl
diff --git a/screenshot.sh b/screenshot.sh
deleted file mode 100755
index d02369b..0000000
--- a/screenshot.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/bash
-set -x
-
-API_KEY=eyJrIjoidkJsRzZzb2I3R2VWdTVBWWRiUURmeFdGUGpqS240YTgiLCJuIjoidGFsZXItcGVyZm9ybWFuY2UtYWRtaW4iLCJpZCI6MX0=
-
-AUTH_HEADER="Authorization: Bearer ${API_KEY}"
-
-BASE_URL="https://147.87.255.221:3000";
-
-RENDER=/render/d-solo
-
-DASHBOARDS=$(\
- curl -X GET \
- -k \
- -H "${AUTH_HEADER}" \
- -H "Content-Type: application/json" \
- -H "Accept: application/json" \
- "${BASE_URL}/api/search?tag=performance" \
- | jq -r '.[] | .url'
-)
-
-for DASH in $DASHBOARDS; do
-
- DUID=$(echo "$DASH" | cut -d "/" -f 3)
-
- readarray -t PANELS < <(\
- curl -X GET \
- -k \
- -H "${AUTH_HEADER}" \
- -H "Accept: application/json" \
- "${BASE_URL}/api/dashboards/uid/${DUID}" \
- | jq | tee /dev/tty | jq -c '.dashboard.panels[]'
- )
-
- ENDPOINT=$(echo "$DASH" | sed "s\/d/\/d-solo/\g")
- DASH_NAME=$(echo "$DASH" | cut -d "/" -f 4)
-
- for PANEL in "${PANELS[@]}"; do
- NAME=$(jq -r '.title' <<< "${PANEL}" | tr 'A-Z' 'a-z' | tr -cs 'a-z0-9\n'
'-')
- ID=$(jq '.id' <<< "${PANEL}")
- curl -X GET \
- -k \
- -H "${AUTH_HEADER}" \
- -H "Accept: application/json" \
- --output "${DASH_NAME}-${NAME}.png" \
- "${BASE_URL}/render${ENDPOINT}?orgId=1&panelId=${ID}&theme=light"
- done
-
-done
-
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-grid5k] 128/141: add sanitizer and disable optimizer, (continued)
- [taler-grid5k] 128/141: add sanitizer and disable optimizer, gnunet, 2021/11/18
- [taler-grid5k] 100/141: update docker README, gnunet, 2021/11/18
- [taler-grid5k] 130/141: update image, gnunet, 2021/11/18
- [taler-grid5k] 134/141: resolved does not work, switch back, gnunet, 2021/11/18
- [taler-grid5k] 123/141: update per stream limit in loki, gnunet, 2021/11/18
- [taler-grid5k] 113/141: tune postgres config, gnunet, 2021/11/18
- [taler-grid5k] 101/141: update merchant config, gnunet, 2021/11/18
- [taler-grid5k] 111/141: move expect to top for pipeline to fail if not successful, gnunet, 2021/11/18
- [taler-grid5k] 125/141: change permissions, gnunet, 2021/11/18
- [taler-grid5k] 74/141: install nodejs permanently, gnunet, 2021/11/18
- [taler-grid5k] 76/141: modify nginx settings,
gnunet <=
- [taler-grid5k] 141/141: Node setup complete - multiple projects because of allocation bug in jFed, gnunet, 2021/11/18
- [taler-grid5k] 122/141: remove directories of taler after install, gnunet, 2021/11/18
- [taler-grid5k] 121/141: cut log size of proxy, gnunet, 2021/11/18
- [taler-grid5k] 109/141: update loki version, gnunet, 2021/11/18
- [taler-grid5k] 91/141: change ts in proxy logs, gnunet, 2021/11/18
- [taler-grid5k] 84/141: set envfile in netdelay service, gnunet, 2021/11/18
- [taler-grid5k] 92/141: update loki config, gnunet, 2021/11/18
- [taler-grid5k] 131/141: fix image, gnunet, 2021/11/18
- [taler-grid5k] 81/141: build from source working with dist, gnunet, 2021/11/18
- [taler-grid5k] 136/141: fix account, gnunet, 2021/11/18