Puppet Class: role::xhgui::app

Defined in:
modules/role/manifests/xhgui/app.pp

Overview

Class: role::xhgui::app

This class provisions XHGui with Apache and PHP and assumes no other web services use Apaache on the same host. It is being replaced by role::webperf::xhgui.


XHGUI is a MongoDB-backed PHP webapp for viewing and analyzing PHP profiling data.

Note that indexes on the MongoDB database on the target system need to be declared manually. The indexes (and commands to create them) are:

use xhprof;
# Retain profiles for 30 days:
db.results.ensureIndex( { 'meta.SERVER.REQUEST_TIME' : -1 },
                        { expireAfterSeconds: 2592000 } );
db.results.ensureIndex( { 'meta.SERVER.REQUEST_TIME' : -1 } );
db.results.ensureIndex( { 'profile.main().wt' : -1 } );
db.results.ensureIndex( { 'profile.main().mu' : -1 } );
db.results.ensureIndex( { 'profile.main().cpu' : -1 } );
db.results.ensureIndex( { 'meta.url' : 1 } );


26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# File 'modules/role/manifests/xhgui/app.pp', line 26

class role::xhgui::app {

    if os_version('debian == buster') {
        $mongo_driver='php-mongodb'
        $httpd_php='php7.3'
        $httpd_php_module='libapache2-mod-php'
        $php_ini='/etc/php/7.3/apache2/php.ini'
        base::service_auto_restart { 'apache2': }
    } elsif os_version('debian == stretch') {
        $mongo_driver='php-mongodb'
        $httpd_php='php7.0'
        $httpd_php_module='libapache2-mod-php'
        $php_ini='/etc/php/7.0/apache2/php.ini'
        base::service_auto_restart { 'apache2': }
    } else {
        $mongo_driver='php5-mongo'
        $httpd_php='php5'
        $httpd_php_module='libapache2-mod-php5'
        $php_ini='/etc/php5/apache2/php.ini'
    }

    class { '::httpd':
        modules    => ['authnz_ldap', $httpd_php, 'rewrite'],
        extra_pkgs => [$mongo_driver, $httpd_php_module],
    }

    include ::profile::standard
    include ::profile::base::firewall
    include ::mongodb
    include ::passwords::ldap::production

    $auth_ldap = {
        name          => 'nda/ops/wmf',
        bind_dn       => 'cn=proxyagent,ou=profile,dc=wikimedia,dc=org',
        bind_password => $passwords::ldap::production::proxypass,
        url           => 'ldaps://ldap-ro.eqiad.wikimedia.org ldap-ro.codfw.wikimedia.org/ou=people,dc=wikimedia,dc=org?cn',
        groups        => [
            'cn=ops,ou=groups,dc=wikimedia,dc=org',
            'cn=nda,ou=groups,dc=wikimedia,dc=org',
            'cn=wmf,ou=groups,dc=wikimedia,dc=org',
        ],
    }

    system::role { 'xhgui::app': }

    file_line { 'set_php_memory_limit':
        path   => $php_ini,
        match  => '^;?memory_limit\s*=',
        line   => 'memory_limit = 512M',
        notify => Class['::httpd'],
    }

    file_line { 'enable_php_opcache':
        line   => 'opcache.enable=1',
        match  => '^;?opcache.enable\s*\=',
        path   => $php_ini,
        notify => Class['::httpd'],
    }

    ferm::service { 'xhgui_mongodb':
        port   => 27017,
        proto  => 'tcp',
        srange => '$DOMAIN_NETWORKS',
    }

    ferm::service { 'xhgui_http':
        port   => 80,
        proto  => 'tcp',
        srange => '$DOMAIN_NETWORKS',
    }

    $webroot_dir = '/srv/xhgui/webroot'

    git::clone { 'operations/software/xhgui':
        ensure    => 'present',
        directory => '/srv/xhgui',
        branch    => 'wmf_deploy',
    }
    -> file { '/srv/xhgui/cache':
        ensure => directory,
        owner  => 'www-data',
        group  => 'www-data',
        mode   => '0755',
    }
    -> httpd::site { 'xhgui_apache_site':
        content => template('profile/webperf/xhgui/httpd.conf.erb'),
    }

    rsync::quickdatacopy { 'srv-mongod':
        ensure              => present,
        auto_sync           => false,
        source_host         => 'tungsten.eqiad.wmnet',
        dest_host           => 'xhgui2001.codfw.wmnet',
        module_path         => '/srv/mongod',
        server_uses_stunnel => true,
    }
}