diff --git a/.env b/.env index 5688114306..2239b6f6ac 100644 --- a/.env +++ b/.env @@ -22,3 +22,7 @@ HEALTHCHECK_RETRIES=10 POSTGRES_MAX_CONNECTIONS=100 # Set SETUP_JS_SDK_ASSETS to 1 to enable the setup of JS SDK assets # SETUP_JS_SDK_ASSETS=1 +# Storage size for node store in Garage +# If you need to change this after first install, you'd need to change the Garage layout +# See https://garagehq.deuxfleurs.fr/documentation/quick-start/#creating-a-cluster-layout +GARAGE_STORAGE_SIZE=100G diff --git a/docker-compose.yml b/docker-compose.yml index 9d8ee5a9e4..96f6476b8b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,6 +34,8 @@ x-sentry-defaults: &sentry_defaults <<: *depends_on-default smtp: <<: *depends_on-default + garage: + <<: *depends_on-default snuba-api: <<: *depends_on-default symbolicator: @@ -139,6 +141,7 @@ services: kafka: <<: *restart_policy image: "confluentinc/cp-kafka:7.6.1" + user: root environment: # https://docs.confluent.io/platform/current/installation/docker/config-reference.html#cp-kakfa-example KAFKA_PROCESS_ROLES: "broker,controller" @@ -207,6 +210,19 @@ services: interval: 10s timeout: 10s retries: 30 + garage: + image: dxflrs/garage:v1.0.1 + volumes: + - type: bind + read_only: true + source: ./garage.toml + target: /etc/garage.toml + - "sentry-garage:/var/lib/garage/" + healthcheck: + test: ["CMD", "/garage", "status"] + interval: 10s + timeout: 2s + retries: 2 snuba-api: <<: *snuba_defaults # Kafka consumer responsible for feeding events into Clickhouse @@ -540,3 +556,4 @@ volumes: sentry-kafka-log: sentry-smtp-log: sentry-clickhouse-log: + sentry-garage: diff --git a/garage.toml b/garage.toml new file mode 100644 index 0000000000..d86df63e76 --- /dev/null +++ b/garage.toml @@ -0,0 +1,19 @@ +metadata_dir = "/var/lib/garage/meta" +data_dir = "/var/lib/garage/data" +db_engine = "sqlite" + +replication_factor = 1 +# idk why rcp_ is needed without replication but ok +rpc_bind_addr = "[::]:3901" +rpc_public_addr = "0.0.0.0:3901" +# This secret will not ever be used as we are in a single node setup +# so this static value is OK. Don't forget to change it if you ever +# decide to use garage in a multi-node setup. +rpc_secret = "28f2fc651d4f280cea95e166f9113fe589039f9711d6c4f461872c1c5aaf7dec" + +# Setting 0 chooses the default which is 3 for now +compression_level = 0 + +[s3_api] +s3_region = "garage" +api_bind_addr = "[::]:3900" diff --git a/install.sh b/install.sh index 23726ce97f..1c0ab94ef1 100755 --- a/install.sh +++ b/install.sh @@ -31,6 +31,7 @@ source install/ensure-relay-credentials.sh source install/generate-secret-key.sh source install/update-docker-images.sh source install/build-docker-images.sh +source install/bootstrap-garage.sh source install/bootstrap-snuba.sh source install/upgrade-postgres.sh source install/set-up-and-migrate-database.sh diff --git a/install/bootstrap-garage.sh b/install/bootstrap-garage.sh new file mode 100644 index 0000000000..568675ed01 --- /dev/null +++ b/install/bootstrap-garage.sh @@ -0,0 +1,37 @@ +echo "${_group}Bootstrapping garage (node store)..." + +$dc up --wait garage postgres +garage="$dc exec garage /garage" + +if [[ $($garage bucket list | tail -1 | awk '{print $1}') != 'nodestore' ]]; then + node_id=$($garage status | tail -1 | awk '{print $1}') + $garage layout assign -z local -c $GARAGE_STORAGE_SIZE "$node_id" + $garage layout apply --version 1 + + # Only touch if no existing nodestore config is found + if ! grep -q "SENTRY_NODESTORE" $SENTRY_CONFIG_PY; then + nodestore_config=$(sed -n '/SENTRY_NODESTORE/,/[}]/{p}' sentry/sentry.conf.example.py) + if [[ $($dc exec postgres psql -qAt -U postgres -c "select exists (select * from nodestore_node limit 1)") = "f" ]]; then + nodestore_config=$(echo -e "$nodestore_config" | sed '$s/\}/ "read_through": True,\n "delete_through": True,\n\}/') + fi + echo "$nodestore_config" >>$SENTRY_CONFIG_PY + fi + + $garage bucket create nodestore + key_info=$($garage key create nodestore-key | head -3 | tail -2) + echo "$key_info" + key_id=$(echo "$key_info" | head -1 | awk '{print $3}') + key_secret=$(echo "$key_info" | tail -1 | awk '{print $3}') + + $garage bucket allow --read --write --owner nodestore --key nodestore-key + + if grep -q "" $SENTRY_CONFIG_PY; then + sed -i -e "s//$key_id/" $SENTRY_CONFIG_PY + sed -i -e "s//$key_secret/" $SENTRY_CONFIG_PY + echo "Set Garage keys for SENTRY_NODESTORE_OPTIONS in $SENTRY_CONFIG_PY" + fi +else + echo "Node store already exists, skipping..." +fi + +echo "${_endgroup}" diff --git a/sentry/Dockerfile b/sentry/Dockerfile index 557046f143..40398a773f 100644 --- a/sentry/Dockerfile +++ b/sentry/Dockerfile @@ -1,13 +1,15 @@ ARG SENTRY_IMAGE FROM ${SENTRY_IMAGE} +RUN pip install https://github.com/stayallive/sentry-nodestore-s3/archive/main.zip + COPY . /usr/src/sentry RUN if [ -s /usr/src/sentry/enhance-image.sh ]; then \ /usr/src/sentry/enhance-image.sh; \ -fi + fi RUN if [ -s /usr/src/sentry/requirements.txt ]; then \ echo "sentry/requirements.txt is deprecated, use sentry/enhance-image.sh - see https://develop.sentry.dev/self-hosted/#enhance-sentry-image"; \ pip install -r /usr/src/sentry/requirements.txt; \ -fi + fi diff --git a/sentry/sentry.conf.example.py b/sentry/sentry.conf.example.py index 98e7a6c0fb..77d1007e93 100644 --- a/sentry/sentry.conf.example.py +++ b/sentry/sentry.conf.example.py @@ -84,6 +84,21 @@ def get_internal_network(): # See https://develop.sentry.dev/self-hosted/experimental/errors-only/ SENTRY_SELF_HOSTED_ERRORS_ONLY = env("COMPOSE_PROFILES") != "feature-complete" +############## +# Node Store # +############## + +SENTRY_NODESTORE = "sentry_nodestore_s3.S3PassthroughDjangoNodeStorage" +SENTRY_NODESTORE_OPTIONS = { + "compression": False, # we have compression enabled in Garage itself + "endpoint_url": "http://garage:3900", + "bucket_path": "nodestore", + "bucket_name": "nodestore", + "region_name": "garage", + "aws_access_key_id": "", + "aws_secret_access_key": "", +} + ######### # Redis # #########