avniproject / avni-infra Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
License: Other
Freshdesk ticket: https://avni.freshdesk.com/a/tickets/3050
APF users use reports on a day-to-day basis and hence affecting their daily work.
https://preset.io/blog/apache-superset-4-0-release-notes/
https://preset.io/blog/superset-3-0-release-notes/
https://avni.freshdesk.com/a/tickets/3762
Note: Metabase and RWB prod db are in different AWS accounts
As a metabase user of rwb in reporting.avniproject.org, I should be able to query the avni gramin database.
One option to do this is to make the db public and add security groups for metabase to be able to contact it.
Avg response time
from newrelic - we already have this for Avni. Looks like currently the notification is linked to only vinay's mail id. Try to make it to send notification to product team.Message from AWS support:
By default, when you send messages to recipients in India, Amazon SNS uses International Long Distance Operator (ILDO) connections to transmit those messages. The price for sending messages using ILDO connections is higher than the price for sending messages through local routes. The price for sending messages using local routes is shown on the Amazon SNS Worldwide SMS Pricing page here: https://aws.amazon.com/sns/sms-pricing/
Looks like you used a shared routes to send SMS messages to India.
Lastly, you should consider making use of local routes by following our documentation on registering their own senderIDs:
[+] https://docs.aws.amazon.com/sns/latest/dg/sns-register-entity-and-template.html
Changes to integration service have been made for Goonj integration service. These need to be deployed to production
service openchs restart doesn't work
We have 2 classic load balancers and 4 application load balancers.
A single application load balancer should be sufficient for our needs - we can route based on the request URL.
Frequently we face issues where we forgot to merge the branches of some repos etc.,, or we merge only with master and not to all branches belonging to later releases. Currently to remember this and do it is complex.
Automate to avoid human errors. Also the merge conflicts might be less considering the merge will be done on an ongoing basis.
Reporting Database are spread across different RDS instances.
We would like to consolidate all the Reporting DB into one RDS, the PROD RDS, to optimize our resource utilization and simplify Network Access.
Like available for RWB - not sure if worth the effort - based on how soon they move to gov infra
Modify CircelCI deploys to be done using AWS Roles and AWS OIDC Context. We do not want to make use of openchs-infra.pem file for circle-ci config deploys anymore.
Refer to the way we have done this for RWB Staging and Prod environments deploy in avni-server.
https://github.com/avniproject/avni-server/blob/master/.circleci/config.yml
Sample role config:
RWB_STAGING_deploy:
docker:
- image: cimg/deploy:2023.09-node
working_directory: ~/
steps:
- aws-cli/setup:
role_arn: "arn:aws:iam::730335671779:role/avni_circleci_instance_connect"
region: "ap-south-1"
- setup_server_access:
instance-id: "i-00b50ac6e8413fdca"
availability-zone: "ap-south-1b"
- deploy_ansible:
env: "rwb-staging"
Sample Context config:
- RWB_STAGING_deploy:
context:
- RWB_AWS_OIDC
- non-prod-deploy
requires:
- RWB_STAGING_approve
Migrate Superset persistence from sqlLite to Postgres DB on Prod RDS.
Options to migrate:
We are still paying on-demand prices for AWS resources though we have always-on systems.
Reserved instances give 20-30% savings. There are options to make zero upfront payment for 1 year which are convertible to other resource classes and can give us quick easy savings. Resources across the same resource class type can share any reservations we setup i.e. if we setup a t3.medium RI, it will get applied to any t3 resource we have.. it doesn't necessarily tie to a t3.medium resource.
In-order to handle the above considerations, we should seriously consider using Docker Containers and Kubernetes clusters along with some auth layer rework of Avni
Total - 63days
Optimize resource utilization (EC2, LBs, Network and RDS) for RWB.
Perform analysis on cost saving as well as rsource utilization optimizations that could be done
Submit recommendations with information on
We'll review the recommendations and provide approval for specific changes
Implement approved changes. Perform any other follow-up activity needed, which was identified during analysis.
Setup Pre-launch Report correctly for Avni app
https://play.google.com/console/about/pre-launchreports/
Current the urls called from media web app are like - https://int-prod.avniproject.org/etl/media/search?page=1&size=10
, but this could be changed to https://app.avniproject.org/etl/media/search?page=1&size=10
.
Check with Himesh with there is any issue if we make this change.
RDS T2 instances will be EOL in April 2024.
reportingdb is still on t2 and needs to changed to a new instance type.
Jasper server becomes unresponsive every few weeks currently. Rebooting/restarting the service usually fixes the issue. Automate this so downtime is during non business hours and no manual processing is required.
Acceptance criteria:
Add a cron job to reboot the server daily / weekly during the early morning hours IST.
Handle log-file config for avni-server.
Currently we redirect all logs to server.log without logFileRotation and maxSize limit.
This has adverse impact for int-service and etl-service deploys as well.
We should let each appserver handle log for itself.
Setup latest version of superset to use Docker Container based setup for easy upgrades.
Currently in infra codebase - we are not clearing the old logs and hence logs will keep on getting accumulated. Good to clear the logs older than 3 months.
Reference doc: https://docs.spring.io/spring-boot/docs/2.1.13.RELEASE/reference/html/boot-features-logging.html
We need to get a generic SERVER_OPTS and errorOut log redirects
/usr/bin/java $APP_SERVER_OPTS -jar /opt/avni_server/.jar >> /var/log//error.log
The affected RDS instances are below
proddb02, proddb02-read, superset-db. - all are having "rds-ca-2019" as their Certificate Authority which is getting expired on August 22, 2024 and we need to update the Certificate Authority to make the DB healthy and security is upto date.
The changes we need to make is Modify the Certificate Authority to "rds-ca-rsa2048-g1(default)" which expires on May 20, 2061.
Suggestion:
rules-server, avni-media are run using pm2. If the instance on which these are running gets restarted, these services need to be configured to be restarted too.
Impacted sevices:
Environments:
Context:
When we were using gp2 disks for the database, the only cost effective way to get additional IOPS was to bump up the disk size as a result of which we have 300GB database but our usage is less than 10GB. Now that we have moved to gp3, IOPS is not tied to disk size and we can lower the database size.
The DB backups also contribute to the cost impact of this storage size.
RDS does not offer an easy way (from the console) to do this and this will require a custom solution. Refer for methods
Currently, the letsEncrypt certs are in a different folder than the place where we have the Minio certs folder "/etc/minio/ssl".
We need to add a deploy-hook to certbot to copy the renewed certs to "/etc/minio/ssl".
Total: 8d * 2(Ramp-up, Misc tasks, bugs/issues) = 20d => 4 weeks - High Level estimate
To run rules on the data uploaded via CSV. For RWB, work orders are uploaded via CSV. Though currently there are no rules, it is better to get it setup.
Upgrade Avni Prod master Database instance type to t3.medium.
Also choose Reserved-instance with 1 yea tenure.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.