From 9e03c1f6f2dac7f21cec8a8b5a010675b65ca055 Mon Sep 17 00:00:00 2001 From: Andrey Date: Fri, 23 Jan 2026 21:38:48 +0300 Subject: [PATCH] chore: optimize resource allocation and memory settings in Docker Compose - Added memory and CPU limits and reservations for Prometheus, Grafana, and Uptime Kuma services to enhance performance and resource management. - Updated Prometheus and Grafana configurations with new storage block duration settings for improved memory optimization. - Revised README to include additional commands for running specific services and restarting containers. --- README.md | 17 +++++++++++++---- docker-compose.yml | 31 +++++++++++++++++++++++++++++++ infra/ansible/playbook.yml | 14 ++++++++++++-- 3 files changed, 56 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 1793388..4224744 100644 --- a/README.md +++ b/README.md @@ -19,10 +19,6 @@ prod/ ## πŸš€ Быстрый запуск -### ⚠️ Π’Π°ΠΆΠ½ΠΎΠ΅ Π·Π°ΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅ -**Π£Π±Π΅Π΄ΠΈΡ‚Π΅ΡΡŒ, Ρ‡Ρ‚ΠΎ Π²Ρ‹ ΡƒΠ΄Π°Π»ΠΈΠ»ΠΈ Ρ„Π°ΠΉΠ» `docker-compose.yml` ΠΈΠ· ΠΏΠ°ΠΏΠΊΠΈ `bots/telegram-helper-bot/`** -для избСТания ΠΊΠΎΠ½Ρ„Π»ΠΈΠΊΡ‚ΠΎΠ² ΠΏΠΎΡ€Ρ‚ΠΎΠ². Π˜ΡΠΏΠΎΠ»ΡŒΠ·ΡƒΠΉΡ‚Π΅ Ρ‚ΠΎΠ»ΡŒΠΊΠΎ ΠΊΠΎΡ€Π½Π΅Π²ΠΎΠΉ `docker-compose.yml`. - ### 1. Настройка ΠΏΠ΅Ρ€Π΅ΠΌΠ΅Π½Π½Ρ‹Ρ… окруТСния Π‘ΠΊΠΎΠΏΠΈΡ€ΡƒΠΉΡ‚Π΅ шаблон ΠΈ настройтС ΠΏΠ΅Ρ€Π΅ΠΌΠ΅Π½Π½Ρ‹Π΅: @@ -57,12 +53,25 @@ GRAFANA_ADMIN_PASSWORD=admin docker-compose up -d ``` +### 2.1 Запуск Ρ‚ΠΎΠ»ΡŒΠΊΠΎ основного Π±ΠΎΡ‚Π° (с зависимостями). МоТно Π·Π°ΠΌΠ΅Π½ΠΈΡ‚ΡŒ Π½Π° AnonBot + +```bash +docker-compose up -d prometheus telegram-bot +``` + ### 3. ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° статуса ```bash docker-compose ps ``` + +### 4. ΠŸΠ΅Ρ€Π΅Π·Π°ΠΏΡƒΡΠΊ ΠΊΠΎΠ½Ρ‚Π΅ΠΉΠ½Π΅Ρ€Π° + +```bash +docker-compose down telegram-bot && docker-compose build --no-cache telegram-bot && docker-compose up -d telegram-bot +``` + ## πŸ“Š БСрвисы - **Prometheus** (ΠΏΠΎΡ€Ρ‚ 9090) - сбор ΠΌΠ΅Ρ‚Ρ€ΠΈΠΊ diff --git a/docker-compose.yml b/docker-compose.yml index fd0a551..73d5127 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,6 +13,9 @@ services: - '--storage.tsdb.retention.time=${PROMETHEUS_RETENTION_DAYS:-30}d' - '--web.enable-lifecycle' - '--web.external-url=https://${SERVER_IP}/prometheus/' + # ΠžΠΏΡ‚ΠΈΠΌΠΈΠ·Π°Ρ†ΠΈΡ памяти + - '--storage.tsdb.max-block-duration=2h' + - '--storage.tsdb.min-block-duration=2h' ports: - "9090:9090" volumes: @@ -26,6 +29,14 @@ services: interval: 30s timeout: 10s retries: 3 + deploy: + resources: + limits: + memory: 128M + cpus: '0.5' + reservations: + memory: 64M + cpus: '0.25' # Grafana Dashboard grafana: @@ -39,6 +50,10 @@ services: - GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource - GF_SERVER_ROOT_URL=https://${SERVER_IP}/grafana/ - GF_SERVER_SERVE_FROM_SUB_PATH=true + # ΠžΠΏΡ‚ΠΈΠΌΠΈΠ·Π°Ρ†ΠΈΡ памяти + - GF_DATABASE_MAX_IDLE_CONN=2 + - GF_DATABASE_MAX_OPEN_CONN=5 + - GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH=/etc/grafana/provisioning/dashboards/node-exporter-full-dashboard.json ports: - "3000:3000" volumes: @@ -53,6 +68,14 @@ services: interval: 30s timeout: 10s retries: 3 + deploy: + resources: + limits: + memory: 200M + cpus: '0.5' + reservations: + memory: 100M + cpus: '0.25' # Uptime Kuma Status Page uptime-kuma: @@ -73,6 +96,14 @@ services: timeout: 10s retries: 3 start_period: 40s + deploy: + resources: + limits: + memory: 150M + cpus: '0.5' + reservations: + memory: 80M + cpus: '0.25' # Alertmanager alertmanager: diff --git a/infra/ansible/playbook.yml b/infra/ansible/playbook.yml index e8e417f..6e884c6 100644 --- a/infra/ansible/playbook.yml +++ b/infra/ansible/playbook.yml @@ -34,7 +34,7 @@ known_hosts: path: ~/.ssh/known_hosts name: "{{ ansible_host }}" - key: "{{ lookup('pipe', 'ssh-keyscan -t rsa,ecdsa,ed25519 ' + ansible_host) }}" + key: "{{ lookup('pipe', 'ssh-keyscan -t rsa,ecdsa,ed25519 ' + ansible_host + ' 2>/dev/null') }}" state: present delegate_to: localhost run_once: true @@ -71,6 +71,8 @@ - certbot - python3-certbot-nginx - logrotate + - net-tools + - cron state: present - name: "[1/10] Π£ΡΡ‚Π°Π½ΠΎΠ²ΠΈΡ‚ΡŒ Python Π±ΠΈΠ±Π»ΠΈΠΎΡ‚Π΅ΠΊΠΈ для Ansible" @@ -233,9 +235,10 @@ var: node_exporter_status.stdout_lines - name: "[3/10] ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΈΡ‚ΡŒ, Ρ‡Ρ‚ΠΎ node_exporter ΡΠ»ΡƒΡˆΠ°Π΅Ρ‚ Π½Π° ΠΏΠΎΡ€Ρ‚Ρƒ 9100" - command: netstat -tulpn | grep 9100 + command: ss -tulpn | grep 9100 register: node_exporter_port changed_when: false + ignore_errors: yes - name: "[3/10] ΠŸΠΎΠΊΠ°Π·Π°Ρ‚ΡŒ ΠΈΠ½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡŽ ΠΎ ΠΏΠΎΡ€Ρ‚Π΅ 9100" debug: @@ -1126,6 +1129,7 @@ command: fail2ban-client status register: fail2ban_status changed_when: false + ignore_errors: yes - name: "[9/10] ΠŸΠΎΠΊΠ°Π·Π°Ρ‚ΡŒ статус Fail2ban" debug: @@ -1233,6 +1237,12 @@ enabled: yes state: started + - name: "[9.5/10] Π£ΡΡ‚Π°Π½ΠΎΠ²ΠΈΡ‚ΡŒ cron (Ссли Π½Π΅ установлСн)" + apt: + name: cron + state: present + when: ansible_pkg_mgr == "apt" + - name: "[9.5/10] ΠΠ°ΡΡ‚Ρ€ΠΎΠΈΡ‚ΡŒ cron для Π΅ΠΆΠ΅Π΄Π½Π΅Π²Π½ΠΎΠ³ΠΎ запуска logrotate" cron: name: "Logrotate daily"