Merge pull request #203 from cloudnativedaysjp/update/sentry-vm-specs

Remove cloud-init verification vm and Update sepc of sentry vm

Author: shukawam

o11y_infra/stg/disks.tf

@@ -1,18 +1,3 @@
-resource "sakuracloud_disk" "ci_boot" {
-  name              = "ci-boot"
-  source_archive_id = data.sakuracloud_archive.ubuntu2404.id
-  plan              = "ssd"
-  connector         = "virtio"
-  size              = 20
-}
-
-resource "sakuracloud_disk" "ci_docker_volume" {
-  name      = "ci-docker-volume"
-  plan      = "ssd"
-  connector = "virtio"
-  size      = 20
-}
-
 resource "sakuracloud_disk" "sentry_boot" {
   name              = "sentry-boot-stg"
   source_archive_id = data.sakuracloud_archive.ubuntu2404.id
@@ -25,22 +10,7 @@ resource "sakuracloud_disk" "sentry_docker_volume" {
   name      = "sentry-docker-volume-stg"
   plan      = "ssd"
   connector = "virtio"
-  size      = 100
-}
-
-resource "sakuracloud_disk" "sentry_redis_boot" {
-  name              = "sentry-redis-boot-stg"
-  source_archive_id = data.sakuracloud_archive.ubuntu2404.id
-  plan              = "ssd"
-  connector         = "virtio"
-  size              = 100
-}
-
-resource "sakuracloud_disk" "sentry_redis_docker_volume" {
-  name      = "sentry-redis-docker-volume-stg"
-  plan      = "ssd"
-  connector = "virtio"
-  size      = 100
+  size      = 250
 }
 
 resource "sakuracloud_disk" "prometheus_boot" {

o11y_infra/stg/servers.tf

@@ -1,39 +1,10 @@
-resource "sakuracloud_server" "ci" {
-  name = "ci"
-  disks = [
-    sakuracloud_disk.ci_boot.id,
-    sakuracloud_disk.ci_docker_volume.id,
-  ]
-  core        = 1
-  memory      = 1
-  description = "Cloud init testing"
-  tags        = ["app=ci", "stage=staging"]
-
-  network_interface {
-    upstream         = "shared"
-    packet_filter_id = sakuracloud_packet_filter.sentry.id
-  }
-
-  network_interface {
-    upstream = data.sakuracloud_switch.o11y.id
-  }
-
-  user_data = templatefile("./template/o11y-init.yaml", {
-    vm_password           = random_password.password.result,
-    hostname              = "ci"
-    secondary_ip          = "192.168.2.200",
-    mackerel_api_key      = var.mackerel_api_key
-  })
-}
-
 resource "sakuracloud_server" "sentry" {
   name = "sentry-stg"
   disks = [
     sakuracloud_disk.sentry_boot.id,
     sakuracloud_disk.sentry_docker_volume.id,
   ]
-  # TODO: scale down cpu and memory resource
-  core        = 20
+  core        = 8
   memory      = 32
   description = "Sentry server for staging"
   tags        = ["app=sentry", "stage=staging", "starred"]
@@ -48,38 +19,17 @@ resource "sakuracloud_server" "sentry" {
   }
 
   user_data = templatefile("./template/sentry-init.yaml", {
-    vm_password           = random_password.password.result,
-    hostname              = "sentry-stg"
-    secondary_ip          = "192.168.1.200",
+    vm_password      = random_password.password.result,
+    hostname         = "sentry-stg"
+    secondary_ip     = "192.168.1.200",
+    mackerel_api_key = var.mackerel_api_key
   })
-}
-
-resource "sakuracloud_server" "sentry_redis" {
-  name = "sentry-redis-stg"
-  disks = [
-    sakuracloud_disk.sentry_redis_boot.id,
-    sakuracloud_disk.sentry_redis_docker_volume.id
-  ]
-  # TODO: scale down cpu and memory resource
-  core        = 4
-  memory      = 16
-  description = "Sentry Redis server for staging"
-  tags        = ["app=redis", "stage=staging", "starred"]
-
-  network_interface {
-    upstream         = "shared"
-    packet_filter_id = sakuracloud_packet_filter.sentry_redis.id
-  }
 
-  network_interface {
-    upstream = data.sakuracloud_switch.o11y.id
+  lifecycle {
+    ignore_changes = [
+      user_data,
+    ]
   }
-
-  user_data = templatefile("./template/sentry-init.yaml", {
-    vm_password           = random_password.password.result,
-    hostname              = "sentry-redis-stg",
-    secondary_ip          = "192.168.1.201",
-  })
 }
 
 resource "sakuracloud_server" "prometheus" {
@@ -106,6 +56,7 @@ resource "sakuracloud_server" "prometheus" {
     vm_password           = random_password.password.result,
     hostname              = "prometheus-stg",
     secondary_ip          = "192.168.1.202",
+    mackerel_api_key      = var.mackerel_api_key
   })
 
   lifecycle {
@@ -139,6 +90,7 @@ resource "sakuracloud_server" "loki" {
     vm_password           = random_password.password.result,
     hostname              = "loki-stg",
     secondary_ip          = "192.168.1.203",
+    mackerel_api_key      = var.mackerel_api_key
   })
 
   lifecycle {
@@ -172,6 +124,7 @@ resource "sakuracloud_server" "grafana" {
     vm_password           = random_password.password.result,
     hostname              = "grafana-stg",
     secondary_ip          = "192.168.1.204",
+    mackerel_api_key      = var.mackerel_api_key
   })
 
   lifecycle {

o11y_infra/stg/template/sentry-init.yaml

@@ -1,36 +1,36 @@
 #cloud-config
 fqdn: ${hostname}
 chpasswd:
-    expire: false
-    users:
-      - name: ubuntu
-        password: ${vm_password}
-        type: text
+  expire: false
+  users:
+    - name: ubuntu
+      password: ${vm_password}
+      type: text
 users:
   - default
   - name: ubuntu
     gecos: Local
     lock_passwd: false
     groups: sudo, users, admin
     shell: /bin/bash
-    sudo: ['ALL=(ALL) NOPASSWD:ALL']
+    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
     ssh_import_id:
-    - gh:jacopen
-    - gh:inductor
-    - gh:b1gb4by
-    - gh:ureuzy
-    - gh:shukawam
-    - gh:ryusuketesaki
+      - gh:jacopen
+      - gh:inductor
+      - gh:b1gb4by
+      - gh:ureuzy
+      - gh:shukawam
+      - gh:ne-sachirou
 system_info:
   default_user:
     name: default-user
     lock_passwd: false
     sudo: ["ALL=(ALL) NOPASSWD:ALL"]
-ssh_pwauth: yes
+ssh_pwauth: no
 random_seed:
-    file: /dev/urandom
-    command: ["pollinate", "-r", "-s", "https://entropy.ubuntu.com"]
-    command_required: true
+  file: /dev/urandom
+  command: ["pollinate", "-r", "-s", "https://entropy.ubuntu.com"]
+  command_required: true
 package_upgrade: true
 packages:
   - curl
@@ -41,7 +41,30 @@ packages:
   - lsb-release
   - ca-certificates
   - dstat
+write_files:
+  - path: /etc/netplan/51-secondary-nic.yaml
+    permissions: "0644"
+    content: |
+      network:
+        version: 2
+        ethernets:
+          ens4:
+            dhcp4: false
+            addresses: [${secondary_ip}/24]
+disk_setup:
+  /dev/vdb:
+    table_type: "gpt"
+    layout: true
+    overwrite: false
+fs_setup:
+  - label: docker-data
+    filesystem: ext4
+    device: /dev/vdb
+mounts:
+  - ["/dev/vdb", "/var/lib/docker", "ext4", "defaults", "0", "2"]
 runcmd:
+  - sudo netplan apply
+  - sudo mkdir -p /var/lib/docker
   - sudo install -m 0755 -d /etc/apt/keyrings
   - sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
   - sudo chmod a+r /etc/apt/keyrings/docker.asc
@@ -54,13 +77,6 @@ runcmd:
   - sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
   - sudo groupadd docker
   - sudo usermod -aG docker ubuntu
-  - |
-    cat - << EOF | sudo tee /etc/netplan/51-secondary-nic.yaml
-    network:
-        ethernets:
-            ens4:
-                dhcp4: false
-                addresses: [${secondary_ip}/24]
-        version: 2
-    EOF
-  - sudo netplan apply
+  - docker plugin install grafana/loki-docker-driver:2.9.2 --alias loki --grant-all-permissions
+  - wget -q -O - https://mackerel.io/file/script/setup-all-apt-v2.sh | MACKEREL_APIKEY=${mackerel_api_key} sh
+  - sudo systemctl start mackerel-agent