feat(services): add runtime metrics exporter (#1619)

* feat(runtime-exporter): init * optimize dockerfile * chore * chore * chore * chore * chore * chore * refactor * chore * chore * chore * chore * chore * chore * chore * add ServiceMonitor to runtime-exporter build * test * fix * chore --------- Co-authored-by: lim <lim@example.com>
labring · Nov 7, 2023 · 44c29bd · 44c29bd
1 parent 09c9daf
commit 44c29bd
Show file tree

Hide file tree

Showing 18 changed files with 3,881 additions and 6 deletions.
diff --git a/.github/workflows/dockerize-runtime-exporter.yml b/.github/workflows/dockerize-runtime-exporter.yml
@@ -0,0 +1,76 @@
+name: dockerize-runtime-exporter
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - "services/runtime-exporter/**"
+      - ".github/workflows/dockerize-runtime-exporter.yml"
+      - "!**/*.md"
+      - "!services/runtime-exporter/package-lock.json"
+
+concurrency:
+  group: dockerize-runtime-exporter-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  dockerize-runtime-exporter:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            ghcr.io/${{ github.repository_owner }}/runtime-exporter
+            docker.io/${{ secrets.DOCKER_USERNAME }}/runtime-exporter
+          # https://github.com/docker/metadata-action#typesemver
+          tags: |
+            type=raw,value=latest,enable=true
+            type=sha,enable=true,format=short
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Login to Github Container Hub
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: ./services/runtime-exporter
+          file: ./services/runtime-exporter/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64, linux/arm64
+
+  trigger-workflow-build-cluster-image:
+    needs: [dockerize-runtime-exporter]
+    runs-on: ubuntu-latest
+    steps:
+      - name: trigger cluster image workflow
+        uses: peter-evans/repository-dispatch@v2
+        with:
+          event-type: docker_build_success
+          client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}", "version": "latest"}'
diff --git a/build/charts/laf-server/templates/_helpers.tpl b/build/charts/laf-server/templates/_helpers.tpl
@@ -54,6 +54,18 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 
+{{/*
+Common labels
+*/}}
+{{- define "runtime-exporter.labels" -}}
+helm.sh/chart: {{ include "laf-server.chart" . }}
+{{ include "runtime-exporter.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
 {{/*
 Selector labels
 */}}
@@ -70,6 +82,14 @@ app.kubernetes.io/name: log-server
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
+{{/*
+Selector labels
+*/}}
+{{- define "runtime-exporter.selectorLabels" -}}
+app.kubernetes.io/name: runtime-exporter
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
 {{/*
 Create the name of the service account to use
 */}}

diff --git a/build/charts/laf-server/templates/rumtime-exporter.yaml b/build/charts/laf-server/templates/rumtime-exporter.yaml
@@ -0,0 +1,76 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    {{- include "runtime-exporter.labels" . | nindent 4 }}
+  name: runtime-exporter
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      {{- include "runtime-exporter.selectorLabels" . | nindent 6 }}
+  template:
+    metadata: 
+      labels:
+        {{- include "runtime-exporter.selectorLabels" . | nindent 8 }}
+    spec:
+      automountServiceAccountToken: {{ .Values.serviceAccount.create }}
+      serviceAccountName: {{ include "laf-server.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - image: docker.io/lafyun/runtime-exporter:latest
+          imagePullPolicy: Always
+          name: runtime-exporter
+          ports:
+            - name: http
+              containerPort: 2342
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: http 
+          env:
+            - name: API_SECRET
+              value: {{ .Values.default_region.runtime_exporter_secret | quote }}
+            - name: NAMESPACE
+              value: {{ .Release.Namespace | quote }}
+--- 
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    {{- include "runtime-exporter.labels" . | nindent 4 }}
+  name: runtime-exporter
+spec:
+  ports:
+    - name: http
+      port: 2342
+      protocol: TCP
+      targetPort: http 
+  selector:
+    {{- include "runtime-exporter.selectorLabels" . | nindent 4 }}
+
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    namespace: {{ .Release.Namespace }}
+    release: prometheus
+  name: runtime-exporter
+spec:
+  endpoints:
+    - interval: 60s
+      path: "/runtime/metrics/{{ .Values.default_region.runtime_exporter_secret}}"
+      scrapeTimeout: 10s
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      {{- include "runtime-exporter.labels" . | nindent 6 }}
diff --git a/build/charts/laf-server/values.yaml b/build/charts/laf-server/values.yaml
@@ -28,6 +28,8 @@ default_region:
   log_server_url: ""
   log_server_secret: ""
   log_server_database_url: ""
+  # runtime-exporter
+  runtime_exporter_secret: ""
   # prometheus
   prometheus_url: ""
 jwt:

diff --git a/build/start.sh b/build/start.sh
@@ -1,4 +1,3 @@
-
 echo "DOMAIN: $DOMAIN"
 
 # check $DOMAIN is available
@@ -13,9 +12,8 @@ fi
 EXTERNAL_HTTP_SCHEMA=${EXTERNAL_HTTP_SCHEMA:-https}
 INTERNAL_HTTP_SCHEMA=${INTERNAL_HTTP_SCHEMA:-http}
 
-
 NAMESPACE=${NAMESPACE:-laf-system}
-PASSWD_OR_SECRET=$(tr -cd 'a-z0-9' </dev/urandom |head -c32)
+PASSWD_OR_SECRET=$(tr -cd 'a-z0-9' </dev/urandom | head -c32)
 
 ENABLE_MONITOR=${ENABLE_MONITOR:-true}
 
@@ -36,13 +34,12 @@ helm install mongodb -n ${NAMESPACE} \
     --set storage.size=${DB_PV_SIZE:-5Gi} \
     ./charts/mongodb
 
-
 ## 3. install prometheus
 PROMETHEUS_URL=http://prometheus-operated.${NAMESPACE}.svc.cluster.local:9090
 if [ "$ENABLE_MONITOR" = "true" ]; then
     sed -e "s/\$NAMESPACE/$NAMESPACE/g" \
         -e "s/\$PROMETHEUS_PV_SIZE/${PROMETHEUS_PV_SIZE:-20Gi}/g" \
-        prometheus-helm.yaml > prometheus-helm-with-values.yaml
+        prometheus-helm.yaml >prometheus-helm-with-values.yaml
 
     helm install prometheus --version 48.3.3 -n ${NAMESPACE} \
         -f ./prometheus-helm-with-values.yaml \
@@ -79,6 +76,7 @@ SERVER_JWT_SECRET=$PASSWD_OR_SECRET
 LOG_SERVER_URL="http://log-server.${NAMESPACE}.svc.cluster.local:5060"
 LOG_SERVER_DATABASE_URL="mongodb://${DB_USERNAME:-admin}:${PASSWD_OR_SECRET}@mongodb-0.mongo.${NAMESPACE}.svc.cluster.local:27017/function-logs?authSource=admin&replicaSet=rs0&w=majority"
 LOG_SERVER_SECRET=$PASSWD_OR_SECRET
+RUNTIME_EXPORTER_SECRET=$PASSWD_OR_SECRET
 helm install server -n ${NAMESPACE} \
     --set databaseUrl=${DATABASE_URL} \
     --set meteringDatabaseUrl=${METERING_DATABASE_URL} \
@@ -98,8 +96,9 @@ helm install server -n ${NAMESPACE} \
     --set default_region.tls.enabled=false \
     --set default_region.log_server_url=${LOG_SERVER_URL} \
     --set default_region.log_server_secret=${LOG_SERVER_SECRET} \
+    --set default_region.runtime_exporter_secret=${RUNTIME_EXPORTER_SECRET} \
     --set default_region.log_server_database_url=${LOG_SERVER_DATABASE_URL} \
-    $( [ "$ENABLE_MONITOR" = "true" ] && echo "--set default_region.prometheus_url=${PROMETHEUS_URL}" ) \
+    $([ "$ENABLE_MONITOR" = "true" ] && echo "--set default_region.prometheus_url=${PROMETHEUS_URL}") \
     ./charts/laf-server
 
 ## 6. install metering service

diff --git a/services/runtime-exporter/.dockerignore b/services/runtime-exporter/.dockerignore
@@ -0,0 +1,3 @@
+dist
+node_modules
+.env
diff --git a/services/runtime-exporter/.gitignore b/services/runtime-exporter/.gitignore
@@ -0,0 +1,4 @@
+dist
+node_modules
+.env
+tsconfig.build.json
diff --git a/services/runtime-exporter/.prettierrc b/services/runtime-exporter/.prettierrc
@@ -0,0 +1,5 @@
+{
+  "singleQuote": true,
+  "trailingComma": "all",
+  "semi": false
+}
diff --git a/services/runtime-exporter/Dockerfile b/services/runtime-exporter/Dockerfile
@@ -0,0 +1,39 @@
+# Stage 1: Build
+FROM node:18-slim AS build
+
+WORKDIR /app
+
+# Utilize cache mechanism, only execute npm install when dependency files change
+COPY package*.json ./
+RUN npm install
+
+# Copy other files and directories
+COPY . .
+
+# Build the application
+RUN npm run build
+
+# Stage 2: Set up production environment
+FROM node:18-slim AS production
+
+# Set environment variables
+ENV LOG_LEVEL=debug
+ENV NODE_ENV=production
+
+WORKDIR /app
+
+# Copy build artifacts from build stage
+COPY --from=build /app/dist ./dist
+# Copy production dependencies, omitting development dependencies
+COPY --from=build /app/node_modules ./node_modules
+COPY --from=build /app/package*.json ./
+
+# Set non-root user for better security
+RUN chown -R node:node /app/
+USER node
+
+# Expose application port
+EXPOSE 2342
+
+# Start the application
+CMD [ "npm", "run", "start" ]