diff --git a/ansible/deploy-fastpath.yml b/ansible/deploy-fastpath.yml index 4d3f5589..b9a8e502 100644 --- a/ansible/deploy-fastpath.yml +++ b/ansible/deploy-fastpath.yml @@ -4,6 +4,7 @@ - fastpath.dev.ooni.io - fastpath.prod.ooni.io - fastpath2.prod.ooni.io + - reuploaderfastpath.prod.ooni.io become: true roles: - role: bootstrap diff --git a/ansible/host_vars/reuploaderfastpath.prod.ooni.io/vars.yml b/ansible/host_vars/reuploaderfastpath.prod.ooni.io/vars.yml new file mode 100644 index 00000000..f1507236 --- /dev/null +++ b/ansible/host_vars/reuploaderfastpath.prod.ooni.io/vars.yml @@ -0,0 +1,6 @@ +s3_ooni_open_data_access_key: "{{ lookup('amazon.aws.aws_ssm', '/oonidevops/secrets/s3_ooni_open_data_access_key', profile='oonidevops_user_prod') }}" +clickhouse_url: "clickhouse://write:{{ lookup('amazon.aws.aws_ssm', '/oonidevops/secrets/clickhouse_write_password', profile='oonidevops_user_prod') }}@data1.htz-fsn.prod.ooni.nu/ooni" +bucket_name: "ooni-data-eu-fra" +# COLLECTOR ID SHOULD BE DIFFERENT BETWEEN EACH FASTPATH INSTANCE +collector_id: "5" +env: "prod" diff --git a/ansible/inventory b/ansible/inventory index 56fe49e2..9a878bf1 100644 --- a/ansible/inventory +++ b/ansible/inventory @@ -49,6 +49,7 @@ openvpn2.htz-fsn.prod.ooni.nu fastpath.dev.ooni.io fastpath.prod.ooni.io fastpath2.prod.ooni.io +reuploaderfastpath.prod.ooni.io anonc.dev.ooni.io jumphost.dev.ooni.io jumphost.prod.ooni.io diff --git a/ansible/roles/prometheus/templates/prometheus.yml b/ansible/roles/prometheus/templates/prometheus.yml index 22f3bb3f..ed675d0d 100755 --- a/ansible/roles/prometheus/templates/prometheus.yml +++ b/ansible/roles/prometheus/templates/prometheus.yml @@ -346,6 +346,7 @@ scrape_configs: - fastpath.dev.ooni.io:9102 - fastpath.prod.ooni.io:9102 - fastpath2.prod.ooni.io:9102 + - reuploaderfastpath.prod.ooni.io:9102 scrape_interval: 5s scheme: https relabel_configs: # Change the host to the proxy host with relabeling diff --git a/tf/environments/prod/main.tf b/tf/environments/prod/main.tf index c0d56f7d..ca9bd6c7 100644 --- a/tf/environments/prod/main.tf +++ b/tf/environments/prod/main.tf @@ -523,6 +523,8 @@ module "ooni_clickhouse_proxy" { "${module.ooni_fastpath.aws_instance_public_ip}/32"], ["${module.ooni_fastpath2.aws_instance_private_ip}/32", "${module.ooni_fastpath2.aws_instance_public_ip}/32"], + ["${module.ooni_reuploader_fastpath.aws_instance_private_ip}/32", + "${module.ooni_reuploader_fastpath.aws_instance_public_ip}/32"], ["${module.ooniapi_testlists.aws_instance_private_ip}/32", "${module.ooniapi_testlists.aws_instance_public_ip}/32"], ), @@ -1033,6 +1035,45 @@ resource "aws_route53_record" "fastpath2_alias" { ] } +# fastpath instance for reuploading reports to from the failed-measurements bucket +module "ooni_reuploader_fastpath" { + source = "../../modules/ooni_fastpath" + + stage = local.environment + + vpc_id = module.network.vpc_id + subnet_id = module.network.vpc_subnet_public[0].id + private_subnet_cidr = module.network.vpc_subnet_private[*].cidr_block + dns_zone_ooni_io = local.dns_zone_ooni_io + + key_name = module.adm_iam_roles.oonidevops_key_name + instance_type = "t3a.small" + + name = "reuploaderfastpath" + + sg_prefix = "oonirefp" + tg_prefix = "refp" + + disk_size = 20 + + monitoring_proxy_private_ip = module.ooni_monitoring_proxy.aws_instance_private_ip + monitoring_proxy_public_ip = module.ooni_monitoring_proxy.aws_instance_public_ip + + tags = local.tags +} + +resource "aws_route53_record" "reuploader_fastpath" { + zone_id = local.dns_zone_ooni_io + name = "reuploaderfastpath.${local.environment}.ooni.io" + type = "CNAME" + ttl = 300 + + records = [ + module.ooni_reuploader_fastpath.aws_instance_public_dns + ] +} + + module "fastpath_builder" { source = "../../modules/ooni_docker_build" trigger_tag = ""