We’re using the New Relic rubyagent gem to monitor a rails 6.0 app, deployed on AWS ECS using RDS Serverless PGSQL as a database. However, the DB does not show up under external services or databases in New Relic. I'd like to monitor for slow transactions using New Relic's features around that. Any suggestion what is happening here?
config/newrelic.yml:
common: &default_settings
license_key: <%= ENV['NEWRELIC_LICENSE_KEY'] %>
agent_enabled: auto
app_name: my_app
monitor_mode: true
developer_mode: false
log_level: info
attributes:
include: job.sidekiq.args.*
browser_monitoring:
auto_instrument: false
audit_log:
enabled: false
transaction_tracer:
enabled: true
transaction_threshold: apdex_f
record_sql: raw
stack_trace_threshold: 0.500
explain_enabled: false
error_collector:
enabled: true
capture_source: true
ignore_errors: "ActionController::RoutingError,Sinatra::NotFound,ActiveRecord::RecordNotFound,CGI::Session::CookieStore::TamperedWithCookie,ActionController::UnknownAction,AbstractController::ActionNotFound,Mongoid::Errors::DocumentNotFound,Sinatra::NotFound,Sidekiq::Limiter::OverLimit"
development:
<<: *default_settings
monitor_mode: false
developer_mode: true
test:
<<: *default_settings
monitor_mode: false
production:
<<: *default_settings
monitor_mode: true
The New Relic Ruby agent and all the agents New Relic puts out there (background information I'm a 7 year New Relic employee who is a Product Manager for the APM UI but not the agent itself) have instrumentation built into them that if you query databases using specific libraries that the Ruby Agent supports, we track and time those interactions and in the case of Databases trace slow SQL, request explain plans etc.
https://docs.newrelic.com/docs/apm/agents/ruby-agent/getting-started/ruby-agent-requirements-supported-frameworks/#databases
The Ruby agent has a number of libraries it supports for Database interaction. Pull enhanced instance details when using specific versions
https://docs.newrelic.com/docs/apm/agents/ruby-agent/getting-started/ruby-agent-requirements-supported-frameworks/#instance_details
and for external HTTP requests (that aren't instrumented database requests that use these libraries
https://docs.newrelic.com/docs/apm/agents/ruby-agent/getting-started/ruby-agent-requirements-supported-frameworks/#http_clients
We show in the Externals section. This might help clarify why it's not appearing as expected. My best guess is you're using a library that NR currently doesn't instrument.
If I'm wrong and it's listed. Absolutely file a support ticket for our Tech Support team to investigate and if it's not listed, you can talk to your sales person if you're working for a company paying for NR to file a feature request to suggest support for such a library that you are using.
Also New Relic open sources our agents these days so if you wanted to write instrumentation for your preferred library and submit it you can find the agent code here
https://github.com/newrelic/newrelic-ruby-agent
Hope that's helpful
Related
Title is self explanatory. I simply downloaded the flexible-hello-world app and deployed it without (almost) a single modification - I deployed it to a service called some-service using this app.yaml
# Copyright 2017, Google, Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# [START gae_flex_quickstart_yaml]
runtime: nodejs
env: flex
service: some-service
# This sample incurs costs to run on the App Engine flexible environment.
# The settings below are to reduce costs during testing and are not appropriate
# for production use. For more information, see:
# https://cloud.google.com/appengine/docs/flexible/nodejs/configuring-your-app-with-app-yaml
manual_scaling:
instances: 1
resources:
cpu: 1
memory_gb: 0.5
disk_size_gb: 10
# [END gae_flex_quickstart_yaml]
I have a billing account enabled for my project.
It hangs at this line:
...
7104cb4c0c814fa53787009 size: 2385
Finished Step #1
PUSH
DONE
--------------------------------------------------------------------------------------------------------------------------------------------------------------
Updating service [some-service] (this may take several minutes)...⠹
When I go to the app engine console I see it has deployed and can access the URL here: https://some-service-dot-ashored-cloud-dv.uk.r.appspot.com/
But the 502 never goes away.
Help!
EDIT:
Some more information, while it is still hung on the deploy command, I run this in another terminal:
gcloud app instances list --service some-service
and I get:
SERVICE VERSION ID VM_STATUS DEBUG_MODE
some-service 20201119t184828 aef-some--service-20201119t184828-fr7n TERMINATED
EDIT 2:
When I try to ssh to it I get more weirdness:
gcloud app instances ssh aef-some--service-20201119t184828-fr7n --service some-service --version 20201119t184828
WARNING: This instance is serving live application traffic. Any changes made could
result in downtime or unintended consequences.
Do you want to continue (Y/n)?
Sending public key to instance [apps/ashored-cloud-dv/services/some-service/versions/20201119t184828/instances/aef-some--service-20201119t184828-fr7n].
Waiting for operation [apps/ashored-cloud-dv/operations/9de7b298-f4e9-47a7-8a8e-11411e649d50] to complete...done.
ERROR: gcloud crashed (TypeError): can only concatenate str (not "NoneType") to str
EDIT 2:
glcloud --version output:
Google Cloud SDK 319.0.0
bq 2.0.62
cloud-build-local
core 2020.11.13
gsutil 4.55
tl;dr; permissions
I removed the editor permission from my default app engine service account as recommended in the IAM dashboard.
Nowhere in the docs (that I could find) does it tell you what permissions are needed to deploy a app engine flexible service.
Turns out, you need:
Logs Writer
Storage Object Viewer
Without Storage Object Viewer you'll get an error on deployment telling you the exact issue. Without Logs Writer you will not get an error, but the service will never come up.
What a long 10 days...
EDIT: I was wrong, it says here in the docs what permissions you need.
I asked Google Support to file an internal bug that the correct error message is not being returned if you do not have Logs Writer
I am running a cloud build trigger on a cloudbuid.yaml file in which I build a docker container and then deploy it to cloud run. The error stacktrace is as follows:
API [sql-component.googleapis.com] not enabled on project
The problem is that I have enabled both SQL and SQL Admin APIs in both projects (one for the cloud build and one for the database), which was confirmed in the console and in gcloud.
Here is the yaml code for the step I am referring to:
- name: 'gcr.io/cloud-builders/gcloud'
args: [
'beta',
'run',
'deploy',
'MY_NAME',
'--image', 'gcr.io/MY_PROJECT/MY_IMAGE',
'--region', 'MY_REGION',
'--platform', 'managed',
'--set-cloudsql-instances', 'MY_CONNECTION_NAME',
'--set-env-vars', 'NODE_ENV=production,INSTANCE_CONNECTION_NAME=MY_CONNECTION_NAME,SQL_USER=MY_USER,SQL_PASSWORD=MY_PASSWORD,SQL_NAME=MY_SCHEMA,TOPIC_NAME=MY_TOPIC'
]
Any suggestions?
Thanks.
P.S.: As per Eespinola suggestion, I checked and confirmed I am running Google Cloud SDK 254.0.0.
P.S. 2: I have also tried to create a project from scratch but ended up with the same results.
Ok so as per the same thread eespinola posted (see above), the Cloud Build gcloud step will be updated according to Cloud SDK 254.0.0 update in a near future (the actual date may or may not be posted in the same thread in the future). Until then, the alternative is to use the YAML file without the --add-cloudsql-instances flag and add it manually in the UI (I still have not tried this but it should work as per Google's development team).
I'm trying to figure out the correct way to architect a solution to automatically configure new Rails App servers.
I've looked at the chef-rails cookbook and it seems a little verbose. In our case we always deploy Nginx a certain way, always perform backups a certain way, etc, so much of the configuration would be redundant from one node definition to the next.
My goal is to be able to create a new Rails App server by defining just the following information.
wh_webhead "test_app" do
ssl :enable
backups :enable
passenger :enable
ruby_version 2.0.0
db_type :mysql
db_user "testuser"
db_pass "3207496r9w6"
nagios_ssl_string_match "login"
end
Then I would like Chef to perform the following actions:
Create user accounts
Setup box and install
Install Nginx w/wildcard SSL cert
Configure log rotation
Setup firewall rules to allow traffic to ports 80 and 443
Install Passenger and RVM with Ruby 2.0.0
Create Rails app dirs following template (e.g. /opt/local/test_app)
Create new database on MySQL server, grant access, and setup firewall rules
Create firewall rules for Nagios and configure Nagios to monitor:
port 80 for redirection to port 443
port 443 for HTTP 200 status
port 443 for the text "login"
Configure backups for app dir (e.g. /opt/local/test_app)
I'm already using the community cookbooks for Nginx, Nagios, Ufw, etc and have created recipes in a custom cookbook to configure Mysql and Nginx. There's just a lot of duplicate code from one app's Nginx/Mysql cookbook to the next.
What I'm struggling with is where to use Cookbooks, Recipes, LWRPs and Definitions to properly abstract this.
Should I put the default configuration for Nginx and Mysql in Definitions and then use those in recipes or create custom wrapper cookbooks with the defaults?
First, take a look at the application_ruby and artifact cookbook, both of which can automate these workflows for you.
I specifically enjoy using the artifact cookbook, as it provides a lot of flexibility, but the application_ruby cookbook has built-in support for Passenger, Unicorn and other tools you'd normally find in a Rails application requirements.
As for your question regarding Cookbooks, Recipes, LWRPs and Definitions I would definitely look at #sethvargo's answer at https://stackoverflow.com/a/21733093/747032. It provides a good guide on what to use when, from an employee at Opscode (now called Chef (the company)), and someone who is constantly involved in the Chef community and thus has excellent knowledge on this topic.
As far as my advice (which I'll keep concise):
Use LWRP's to wrap a lot of resources that are always called together, for example, we use an "AWS EBS" LWRP, to create, mount and format new EBS'.
Use recipes to call on all your LWRP's (both custom and public) and resources.
Don't use definitions, they are really deprecated by LWRP's in my opinion.
If I understand correctly the standard git deploy implementation with capistrano v3 deploys the same repository on all roles. I have a more difficult app that has several types of servers and each type has its own code base with its own repository. My database server for example does not need to deploy any code.
How do I tackle such a problem in capistrano v3?
Should I write my own deployment tasks for each of the roles?
How do I tackle such a problem in capistrano v3?
All servers get the code, as in certain environments the code is needed to perform some actions. For example in a typical setup the web server needs your static assets, the app server needs your code to serve the app, and the db server needs your code to run migrations.
If that's not true in your environment and you don't want the code on the servers in some roles, you could easily send a pull request to add the no_release feature back from Cap2 in to Cap3.
You can of course take the .rake files out of the Gem, and load those in your Capfile, which is a perfectly valid way to use the tool, and modify them for your own needs.
The general approach is that if you don't need code on your DB server, for example, why is it listed in your deployment file?
I can confirm you can use no_release: true to disable a server from deploying the repository code.
I needed to do this so I could specifically run a restart task for a different server.
Be sure to give your server a role so that you can target it. There is a handy function called release_roles() you can use to target servers that have your repository code.
Then you can separate any tasks (like my restart) to be independent from the deploy procedure.
For Example:
server '10.10.10.10', port: 22, user: 'deploy', roles: %w{web app db assets}
server '10.10.10.20', port: 22, user: 'deploy', roles: %w{frontend}, no_release: true
namespace :nginx do
desc 'Reloading PHP will clear OpCache. Remove Nginx Cache files to force regeneration.'
task :reload do
on roles(:frontend) do
execute "sudo /usr/sbin/service php7.1-fpm reload"
execute "sudo /usr/bin/find /var/run/nginx-cache -type f -delete"
end
end
end
after 'deploy:finished', 'nginx:reload'
after 'deploy:rollback', 'nginx:reload'
# Example of a task for release_roles() only
desc 'Update composer'
task :update do
on release_roles(:all) do
execute "cd #{release_path} && composer update"
end
end
before 'deploy:publishing', 'composer:update'
I can think of many scenarios where this would come in handy.
FYI, this link has more useful examples:
https://capistranorb.com/documentation/advanced-features/property-filtering/
Hope a few people in here are familiar with JCAPS.
Coming from pure j2ee world, it is difficult to digest the deployment model that JCPAS offers.
While creating deployment profile, we need to map the resources (such as jdbc, webservice connector) to external systems. External systems are predefined with the target server ip, port, db name, credentials etc(in case of jdbc). So the problem is an EAR built for test environment can not be deployed to production environment.
In simpler applications we could store database/credentials etc on to property files and hence EAR built for UAT could be deployed to Production with out any change.
Is there a similar strategy available for JCAPS by which EARs built against an environment can be promoted to another seamlessly?
In JCAPS the Deployment Profile (DP) is still a generic layer;
1) as developper you configure your (dev) properties in the Connectivity Map (CM) and the Environment External Application (EA) inbound and outbound properties;
2) then you extract the configuration into a file :asadmin extract-caps-application-configuration myear.ear
3) and upload this file to your testing/prod Glassfish: asadmin import-caps-configuration --host %HOST% --port %PORT% --user admin --passwordfile ...\passwordfile caps-config
4) in Glassfish\Common Task\CAPS\Env and CM Override you adjust the properties according to the environment! (and restart the ear)
5) enjoy JCAPS efficiency [optional]
all this process is summarized in Application Configuration - JCAPS 6 screencast
After a few days of research, I could find relevant info at:
http://wikis.sun.com/download/attachments/38767325/JavaCAPS6+Application+Configuration.pdf?version=1&modificationDate=1225463856000 and http://wikis.sun.com/display/JavaCAPS/Application+Configuration and http://wikis.sun.com/display/JavaCAPS/Application+Configuration+Lab.
Posting here just in case anyone stumbles up on this page as a search result.