major updates to include monitoring

2026-01-25 02:08:27 +00:00 · 2020-11-01 19:50:16 -05:00
parent 3bbc469dae
commit 770531d6fd
18 changed files with 15333 additions and 92 deletions
--- a/terraform/jambonz-devtest/feature-server.ecosystem.config.js.tmpl
+++ b/terraform/jambonz-devtest/feature-server.ecosystem.config.js.tmpl
@@ -1,8 +1,4 @@
 #!/bin/bash
-ENABLE_DATADOG_METRICS=0
-if [ "${DATADOG_API_KEY}" ] ; then
-  ENABLE_DATADOG_METRICS=1
-fi

 echo "running jambonz user data script"

@@ -29,8 +25,12 @@ module.exports = {
      AWS_ACCESS_KEY_ID: '${AWS_ACCESS_KEY_ID}',
      AWS_SECRET_ACCESS_KEY: '${AWS_SECRET_ACCESS_KEY}',
      AWS_REGION: '${AWS_REGION}',
+      ENABLE_METRICS: 1,
+      STATS_HOST: '127.0.0.1',
+      STATS_PORT: 8125,
+      STATS_PROTOCOL: 'udp',
+      STATS_TELEGRAF: 1,
      AWS_SNS_TOPIC_ARM: '${AWS_SNS_TOPIC_ARN}',
-      ENABLE_DATADOG_METRICS: $ENABLE_DATADOG_METRICS,
      JAMBONES_NETWORK_CIDR: '${VPC_CIDR}',
      JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
      JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
@@ -62,22 +62,8 @@ sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemd -
 sudo -u admin bash -c "pm2 save"
 sudo systemctl enable pm2-admin.service

-# install datadog if a datadog api key was provided
-if [ "${DATADOG_API_KEY}" ] ; then
-  echo "installing datadog.."
-
-  sed -i -e 's@^api_key:.*@'"api_key: ${DATADOG_API_KEY}"'@g' /etc/datadog-agent/datadog.yaml
-  sed -i -e 's@^# site:.*@'"site: ${DATADOG_SITE}"'@g' /etc/datadog-agent/datadog.yaml
-  sed -i -e 's@^# log_level:.*@log_level: warning@g' /etc/datadog-agent/datadog.yaml
-
-  tee -a /etc/datadog-agent/datadog.yaml > /dev/null <<EOT
-tags:
-  env_name:${DATADOG_ENV_NAME}
-  role:fs
-EOT
-
-  systemctl enable datadog-agent
-  systemctl restart datadog-agent
-fi
+# configure telegraph to send to the monitoring server
+sudo sed -i -e "s/influxdb:8086/${MONITORING_SERVER_IP}:8086/g"  /etc/telegraf/telegraf.conf
+sudo systemctl restart telegraf

 echo "user data script completed"
--- a/terraform/jambonz-devtest/feature-server.tf
+++ b/terraform/jambonz-devtest/feature-server.tf
@@ -56,7 +56,7 @@ data "aws_ami" "jambonz-feature-server" {
 # create a launch configuration
 resource "aws_launch_configuration" "jambonz-feature-server" {
  image_id                    = data.aws_ami.jambonz-feature-server.id
-  instance_type               = var.ec2_instance_type
+  instance_type               = var.ec2_instance_type_fs
  associate_public_ip_address = true
  security_groups             = [aws_security_group.allow_jambonz_feature_server.id]
  key_name                    = var.key_name
@@ -72,14 +72,15 @@ resource "aws_launch_configuration" "jambonz-feature-server" {
    AWS_REGION              = var.region
    AWS_SNS_TOPIC_ARN       = aws_sns_topic.jambonz_sns_topic.arn
    GCP_CREDENTIALS         = file("${path.module}/credentials/gcp.json")
-    DATADOG_API_KEY         = var.datadog_api_key
-    DATADOG_SITE            = var.datadog_site
-    DATADOG_ENV_NAME         = var.datadog_env_name
+    MONITORING_SERVER_IP    = aws_instance.jambonz-monitoring-server.private_ip
  })

  lifecycle {
    create_before_destroy = true
  }
+
+  depends_on = [aws_instance.jambonz-monitoring-server]
+
 }

 # create a placement group to spread feature server instances
--- a/terraform/jambonz-devtest/install_postgresql.sh
+++ b/terraform/jambonz-devtest/install_postgresql.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+if [ "$1" != "yes" ]; then return;  fi
+
+DB_USER=$2
+DB_PASS=$3
+
+wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O- | sudo apt-key add -
+sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/postgresql.list'
+sudo apt-get update
+sudo apt-get install -y postgresql-12
+sudo systemctl daemon-reload
+sudo systemctl enable postgresql
+sudo systemctl restart postgresql
+
+sudo -u postgres psql -c "CREATE DATABASE homer_config;"
+sudo -u postgres psql -c "CREATE DATABASE homer_data;"
+sudo -u postgres psql -c "CREATE ROLE ${DB_USER} WITH SUPERUSER LOGIN PASSWORD '$DB_PASS';"
+sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE homer_config to ${DB_USER};"
+sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE homer_data to ${DB_USER};"
+
+
--- a/terraform/jambonz-devtest/monitoring.tf
+++ b/terraform/jambonz-devtest/monitoring.tf
@@ -0,0 +1,20 @@
+# Create monitoring instance
+data "aws_ami" "jambonz-monitoring-server" {
+  most_recent      = true
+  name_regex       = "^jambonz-monitoring-server"
+  owners           = ["376029039784"]
+}
+
+resource "aws_instance" "jambonz-monitoring-server" {
+  ami                    = data.aws_ami.jambonz-monitoring-server.id
+  instance_type          = var.ec2_instance_type_monitoring
+  key_name               = var.key_name
+  vpc_security_group_ids = [aws_security_group.allow_jambonz_monitoring.id]
+  subnet_id              = local.my_subnet_ids[0]
+  associate_public_ip_address = true
+  monitoring             = true
+
+  tags = {
+    Name = "${var.prefix}-monitoring-server"  
+  }
+}
--- a/terraform/jambonz-devtest/network.tf
+++ b/terraform/jambonz-devtest/network.tf
@@ -281,3 +281,76 @@ resource "aws_security_group" "allow_jambonz_sbc_sip_rtp" {
 }


+# create a security group for the monitoring server
+resource "aws_security_group" "allow_jambonz_monitoring" {
+  name        = "allow_jambonz_monitoring"
+  description = "Allow traffic to jambonz monitoring server"
+  vpc_id      = aws_vpc.jambonz.id
+
+  ingress {
+    description = "ssh"
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    description = "grafana"
+    from_port   = 3000
+    to_port     = 3000
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    description = "influxdb"
+    from_port   = 8086
+    to_port     = 8086
+    protocol    = "tcp"
+    cidr_blocks = [aws_vpc.jambonz.cidr_block]
+  }
+
+  ingress {
+    description = "influxdb backup"
+    from_port   = 8088
+    to_port     = 8088
+    protocol    = "tcp"
+    cidr_blocks = [aws_vpc.jambonz.cidr_block]
+  }
+
+  ingress {
+    description = "homer webapp"
+    from_port   = 9080
+    to_port     = 9080
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    description = "homer HEP"
+    from_port   = 9060
+    to_port     = 9060
+    protocol    = "udp"
+    cidr_blocks = [aws_vpc.jambonz.cidr_block]
+  }
+
+  ingress {
+    description = "Node-RED"
+    from_port   = 1880
+    to_port     = 1880
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags = {
+    Name = "allow_${var.prefix}_sbc_sip"
+  }
+}
--- a/terraform/jambonz-devtest/sbc-sip-rtp-server.ecosystem.config.js.tmpl
+++ b/terraform/jambonz-devtest/sbc-sip-rtp-server.ecosystem.config.js.tmpl
@@ -1,12 +1,14 @@
 #!/bin/bash
 PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`
-ENABLE_DATADOG_METRICS=0
-if [ "${DATADOG_API_KEY}" ] ; then
-  ENABLE_DATADOG_METRICS=1
-fi

 echo "running jambonz user data script"

+# seed database
+mysql -h ${JAMBONES_MYSQL_HOST} -u admin -D jambones -p${JAMBONES_MYSQL_PASSWORD} < /home/admin/apps/jambonz-api-server/db/jambones-sql.sql
+mysql -h ${JAMBONES_MYSQL_HOST} -u admin -D jambones -p${JAMBONES_MYSQL_PASSWORD} < /home/admin/apps/jambonz-api-server/db/create-admin-token.sql
+mysql -h ${JAMBONES_MYSQL_HOST} -u admin -D jambones -p${JAMBONES_MYSQL_PASSWORD} < /home/admin/apps/jambonz-api-server/db/create-default-account.sql
+JAMBONES_MYSQL_HOST=${JAMBONES_MYSQL_HOST} JAMBONES_MYSQL_USER=admin JAMBONES_MYSQL_PASSWORD=${JAMBONES_MYSQL_PASSWORD} JAMBONES_MYSQL_DATABASE=jambones /home/admin/apps/jambonz-api-server/db/reset_admin_password.js
+
 # jambonz webapp
 echo "building webapp.."
 echo "REACT_APP_API_BASE_URL=http://$PUBLIC_IP:3000/v1" > /home/admin/apps/jambonz-webapp/.env.local
@@ -42,6 +44,11 @@ module.exports = {
      JAMBONES_LOGLEVEL: 'info',
      JAMBONE_API_VERSION: 'v1',
      JAMBONES_CLUSTER_ID: '${JAMBONES_CLUSTER_ID}',
+      ENABLE_METRICS: 1,
+      STATS_HOST: '127.0.0.1',
+      STATS_PORT: 8125,
+      STATS_PROTOCOL: 'udp',
+      STATS_TELEGRAF: 1,
      HTTP_PORT:  3000
 		},
  },
@@ -63,6 +70,11 @@ module.exports = {
      JAMBONES_INBOUND_ROUTE: '127.0.0.1:4002',
      JAMBONES_OUTBOUND_ROUTE: '127.0.0.1:4003',
      JAMBONZ_TAGGED_INBOUND: 1,
+      ENABLE_METRICS: 1,
+      STATS_HOST: '127.0.0.1',
+      STATS_PORT: 8125,
+      STATS_PROTOCOL: 'udp',
+      STATS_TELEGRAF: 1,
      JAMBONES_NETWORK_CIDR: '${VPC_CIDR}'
 		}
  },
@@ -80,7 +92,6 @@ module.exports = {
    max_memory_restart: '1G',
    env: {
      NODE_ENV: 'production',
-      ENABLE_DATADOG_METRICS: $ENABLE_DATADOG_METRICS,
      JAMBONES_LOGLEVEL: 'info',
      DRACHTIO_HOST: '127.0.0.1',
      DRACHTIO_PORT: 9022,
@@ -92,6 +103,11 @@ module.exports = {
      JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
      JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
      JAMBONES_REDIS_PORT: 6379,
+      ENABLE_METRICS: 1,
+      STATS_HOST: '127.0.0.1',
+      STATS_PORT: 8125,
+      STATS_PROTOCOL: 'udp',
+      STATS_TELEGRAF: 1
 		}
  },
  {
@@ -109,7 +125,6 @@ module.exports = {
    env: {
      NODE_ENV: 'production',
      JAMBONES_LOGLEVEL: 'info',
-      ENABLE_DATADOG_METRICS: $ENABLE_DATADOG_METRICS,
      DRACHTIO_HOST: '127.0.0.1',
      DRACHTIO_PORT: 9022,
      DRACHTIO_SECRET: 'cymru',
@@ -121,6 +136,11 @@ module.exports = {
      JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
      JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
      JAMBONES_REDIS_PORT: 6379,
+      ENABLE_METRICS: 1,
+      STATS_HOST: '127.0.0.1',
+      STATS_PORT: 8125,
+      STATS_PROTOCOL: 'udp',
+      STATS_TELEGRAF: 1,
      MS_TEAMS_FQDN: '${MS_TEAMS_FQDN}'
 		}
  },
@@ -139,7 +159,6 @@ module.exports = {
    env: {
      NODE_ENV: 'production',
      JAMBONES_LOGLEVEL: 'info',
-      ENABLE_DATADOG_METRICS: $ENABLE_DATADOG_METRICS,
      DRACHTIO_HOST: '127.0.0.1',
      DRACHTIO_PORT: 9022,
      DRACHTIO_SECRET: 'cymru',
@@ -152,6 +171,11 @@ module.exports = {
      JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
      JAMBONES_REDIS_PORT: 6379,
      JAMBONES_CLUSTER_ID: '${JAMBONES_CLUSTER_ID}',
+      ENABLE_METRICS: 1,
+      STATS_HOST: '127.0.0.1',
+      STATS_PORT: 8125,
+      STATS_PROTOCOL: 'udp',
+      STATS_TELEGRAF: 1,
      MS_TEAMS_SIP_PROXY_IPS: '52.114.148.0, 52.114.132.46, 52.114.75.24, 52.114.76.76, 52.114.7.24, 52.114.14.70'
 		}
  },
@@ -171,23 +195,16 @@ sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemd -
 sudo -u admin bash -c "pm2 save"
 sudo systemctl enable pm2-admin.service

-# install datadog if a datadog api key was provided
-if [ "${DATADOG_API_KEY}" ] ; then
-  echo "installing datadog.."
+# configure telegraph to send to the monitoring server
+sudo sed -i -e "s/influxdb:8086/${MONITORING_SERVER_IP}:8086/g"  /etc/telegraf/telegraf.conf
+sudo systemctl restart telegraf

-  sed -i -e 's@^api_key:.*@'"api_key: ${DATADOG_API_KEY}"'@g' /etc/datadog-agent/datadog.yaml
-  sed -i -e 's@^# site:.*@'"site: ${DATADOG_SITE}"'@g' /etc/datadog-agent/datadog.yaml
-  sed -i -e 's@^# log_level:.*@log_level: warn@g' /etc/datadog-agent/datadog.yaml
+# point drachtio server and rtpengine to the HEP endpoint on the monitoring server
+sudo sed -i -e "s/--address 0.0.0.0 --port 9022/--address 0.0.0.0 --port 9022 --homer ${MONITORING_SERVER_IP}:9060 --homer-id 10/g"  /etc/systemd/system/drachtio.service
+sudo sed -i -e "s/--delete-delay 0/--delete-delay 0 --homer=${MONITORING_SERVER_IP}:9060 --homer-protocol=udp --homer-id=11/g"  /etc/systemd/system/rtpengine.service

-  tee -a /etc/datadog-agent/datadog.yaml > /dev/null <<EOT
-tags:
-  env_name:${DATADOG_ENV_NAME}
-  role:sbc
-EOT
-
-  systemctl enable datadog-agent
-  systemctl restart datadog-agent
-  
-fi
+sudo systemctl daemon-reload
+sudo sytemctl restart drachtio
+sudo sytemctl restart rtpengine

 echo "user data script completed"
--- a/terraform/jambonz-devtest/sbc.tf
+++ b/terraform/jambonz-devtest/sbc.tf
@@ -14,7 +14,7 @@ resource "aws_instance" "jambonz-sbc-sip-rtp-server" {
  count          = length(var.jambonz_sbc_sip_rtp_private_ips)

  ami                    = data.aws_ami.jambonz-sbc-sip-rtp.id
-  instance_type          = var.ec2_instance_type
+  instance_type          = var.ec2_instance_type_sbc
  private_ip             = var.jambonz_sbc_sip_rtp_private_ips[count.index]
  subnet_id              = local.my_subnet_ids[count.index]
  vpc_security_group_ids = [aws_security_group.allow_jambonz_sbc_sip_rtp.id]
@@ -27,42 +27,15 @@ resource "aws_instance" "jambonz-sbc-sip-rtp-server" {
    JAMBONES_MYSQL_PASSWORD = aws_rds_cluster.jambonz.master_password
    JAMBONES_REDIS_HOST     = aws_elasticache_cluster.jambonz.cache_nodes.0.address
    MS_TEAMS_FQDN           = var.ms_teams_fqdn
-    JAMBONES_CLUSTER_ID     = var.cluster_id,
-    DATADOG_API_KEY         = var.datadog_api_key,
-    DATADOG_SITE            = var.datadog_site,
-    DATADOG_ENV_NAME        = var.datadog_env_name
+    JAMBONES_CLUSTER_ID     = var.cluster_id
+    MONITORING_SERVER_IP    = aws_instance.jambonz-monitoring-server.private_ip
  })
  key_name               = var.key_name
  monitoring             = true

-  depends_on = [aws_internet_gateway.jambonz, aws_elasticache_cluster.jambonz, aws_rds_cluster.jambonz]
+  depends_on = [aws_internet_gateway.jambonz, aws_instance.jambonz-monitoring-server, aws_elasticache_cluster.jambonz, aws_rds_cluster.jambonz]

  tags = {
    Name = "${var.prefix}-sbc-sip-rtp-server"  
  }
 }
-
-
-# seed the database, from the SBC server
-resource "null_resource" "seed" {
-
-  # Bootstrap script can run on any instance of the cluster
-  # So we just choose the first in this case
-  connection {
-    type      = "ssh"
-    user      = "admin"
-    private_key = file("${var.ssh_key_path}")
-    host      = element(aws_eip.jambonz-sbc-sip-rtp.*.public_ip, 0)
-  }
-
-  provisioner "remote-exec" {
-    inline = [
-      "mysql -h ${aws_rds_cluster.jambonz.endpoint} -u admin -D jambones -pJambonzR0ck$ < /home/admin/apps/jambonz-api-server/db/jambones-sql.sql",
-      "mysql -h ${aws_rds_cluster.jambonz.endpoint} -u admin -D jambones -pJambonzR0ck$ < /home/admin/apps/jambonz-api-server/db/create-admin-token.sql",
-      "mysql -h ${aws_rds_cluster.jambonz.endpoint} -u admin -D jambones -pJambonzR0ck$ < /home/admin/apps/jambonz-api-server/db/create-default-account.sql",
-      "JAMBONES_MYSQL_HOST=${aws_rds_cluster.jambonz.endpoint} JAMBONES_MYSQL_USER=admin JAMBONES_MYSQL_PASSWORD=JambonzR0ck$ JAMBONES_MYSQL_DATABASE=jambones /home/admin/apps/jambonz-api-server/db/reset_admin_password.js"
-    ]
-  }
-
-  depends_on = [aws_rds_cluster.jambonz, aws_instance.jambonz-sbc-sip-rtp-server, aws_eip.jambonz-sbc-sip-rtp]
-}
--- a/terraform/jambonz-devtest/variables.tf
+++ b/terraform/jambonz-devtest/variables.tf
@@ -21,17 +21,25 @@ variable "jambonz_sbc_sip_rtp_private_ips" {
  type = list(string)
  default = ["172.31.32.10"]
 }
-variable "ec2_instance_type" {
-  description = "the EC2 instance type to use for the jambonz server"
-  default = "t2.medium"
+variable "ec2_instance_type_sbc" {
+  description = "the EC2 instance type to use for the SBC"
+  default = "t3.medium"
+}
+variable "ec2_instance_type_fs" {
+  description = "the EC2 instance type to use for the Feature server"
+  default = "t3.medium"
+}
+variable "ec2_instance_type_monitoring" {
+  description = "the EC2 instance type to use for the monitoring server"
+  default = "t3.medium"
 }
 variable "key_name" {
  description = "name of an aws keypair that you have downloaded and wish to use to access the jambonz instance via ssh"
-  default = "aws-drachtio-us-west-1"
+  default = "your-key"
 }
 variable "ssh_key_path" {
  description = "path to your aws keypair on your local machine"
-  default = "~/aws/aws-drachtio-us-west-1.pem"
+  default = "path-to-key.pem"
 }
 variable "aws_access_key_id_runtime" {
  description = "AWS access key jambonz will use to access AWS Polly TTS"
@@ -53,7 +61,6 @@ variable "cluster_id" {
  description = "short cluster identifier"
  default = "jb"
 }
-
 variable "datadog_api_key" {
  description = "datadog api key - only supply if you wish to install datadog monitoring"
  default = "your dd key"