Merge pull request #887 from mkllnk/datadog

Uninstall Datadog agent
openfoodfoundation · Aug 16, 2023 · bd78c30 · bd78c30
2 parents 0986ee1 + 12d332b
commit bd78c30
Show file tree

Hide file tree

Showing 19 changed files with 36 additions and 314 deletions.
diff --git a/inventory/host_vars/_example.com/secrets.example.yml b/inventory/host_vars/_example.com/secrets.example.yml
@@ -52,12 +52,6 @@ smtp_password:
 # Skylight's API key. This enables performance instrumentation through Skylight. See https://github.com/openfoodfoundation/openfoodnetwork/pull/2070 for details.
 #skylight_authentication: ""
 
-# Datadog monitoring. See
-# https://github.com/openfoodfoundation/ofn-install/issues/287 for details.
-# Note we have a single OFN account where all servers send their metrics to.
-#
-# datadog_key: 'API_key_for_the_OFN_account'
-
 # Bugsnag collects all errors and notifies you.
 # https://github.com/openfoodfoundation/ofn-install/wiki/Issue-reporting
 #
@@ -68,22 +62,14 @@ smtp_password:
 # Generate a strong password with this command: `openssl rand -hex 128`.
 #
 # You can add one or multiple entries using the lists (with dashes), then run
-# the `db_integrations.yml` playbook on the target server. Then, provision the
-# server for the changes on the datadog agent to take place.
+# the `db_integrations.yml` playbook on the target server.
 #
 # To disable an integration, change the `state` key from `present` to: `absent`,
 # remove the custom_* entries, then run the db_integrations.yml playbook again.
 
 #db_integrations:
 #  - { user: zapier, state: present, password: incredibly_strong_password_goes_here }
 
-# For Datadog you will need the following:
-#
-#datadog_db_password: secure_password_goes_here
-#
-#db_integrations:
-#  - { user: datadog, state: present, password: "{{ datadog_db_password }}" }
-
 # For using a geocoding service other than Google you will need:
 #geocoder_api_key: pk.xxxx
 #geocoder_service: mapbox

diff --git a/inventory/host_vars/coopcircuits.fr/config.yml b/inventory/host_vars/coopcircuits.fr/config.yml
@@ -26,8 +26,5 @@ custom_hba_entries:
   - "{{ custom_hba_n8n }}"
   - { type: hostssl, database: "{{ db }}", user: zapier, address: '54.86.9.50/32', auth_method: md5 }
 
-enable_nginx_logging: true
-enable_rails_apm: "true" # has to be explicitly defined as a string due to some datadog bug
-
 attachment_path: "home/openfoodnetwork/apps/openfoodnetwork/current/public/spree/products/:id/:style/:basename.:extension"
 attachment_url: ofn-prod.s3.us-east-1.amazonaws.com
diff --git a/inventory/host_vars/openfoodnetwork.org.au/config.yml b/inventory/host_vars/openfoodnetwork.org.au/config.yml
@@ -31,8 +31,6 @@ custom_hba_entries:
   - { type: hostssl, database: "{{ db }}", user: zapier, address: '54.86.9.50/32', auth_method: md5 }
   - { type: hostssl, database: "{{ db }}", user: zapier, address: '167.99.89.242/32', auth_method: md5 } # for metabase (data.openfoodnetwork.org.au)
 
-enable_rails_apm: "false" # has to be explicitly defined as a string due to some datadog bug
-
 # Images settings
 attachment_path: "public/images/spree/products/:id/:style/:basename.:extension"
 attachment_url: ofn_production.s3.us-east-1.amazonaws.com
diff --git a/inventory/host_vars/openfoodnetwork.org.uk/config.yml b/inventory/host_vars/openfoodnetwork.org.uk/config.yml
@@ -18,7 +18,4 @@ custom_hba_entries:
   - "{{ custom_hba_n8n }}"
   - { type: hostssl, database: "{{ db }}", user: zapier, address: '54.86.9.50/32', auth_method: md5 }
 
-enable_nginx_logging: true
-enable_rails_apm: "false" # has to be explicitly defined as a string due to some datadog bug
-
 attachment_url: ofn-uk-production.s3.us-east-1.amazonaws.com
diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml
@@ -44,22 +44,6 @@
           username: "ansible executed by {{ lookup('env','USER') }}"
         when: inventory_hostname not in groups['local']
 
-      - name: Notify datadog
-        uri:
-          url: "https://api.datadoghq.com/api/v1/events?api_key={{ datadog_key }}"
-          method: POST
-          body:
-            title: "Deployed"
-            text: "Successful deployment of {{ git_version }} on host: {{ inventory_hostname }} ({{ host_id | default(ansible_limit) }})"
-            host: "{{ inventory_hostname }}"
-            tags:
-              - "deployed"
-          body_format: json
-          status_code: 202
-          headers:
-            Content-Type: "application/json"
-        when: datadog_key is defined and inventory_hostname not in groups['local']
-
       rescue:
         - name: Notify slack of deployment failure
           slack:

diff --git a/playbooks/deploy_with_maintenance.yml b/playbooks/deploy_with_maintenance.yml
@@ -61,22 +61,6 @@
           username: "ansible executed by {{ lookup('env','USER') }}"
         when: inventory_hostname not in groups['local']
 
-      - name: Notify datadog
-        uri:
-          url: "https://api.datadoghq.com/api/v1/events?api_key={{ datadog_key }}"
-          method: POST
-          body:
-            title: "Deployed"
-            text: "Successful deployment on host: {{ inventory_hostname }} ({{ host_id | default(ansible_limit) }})"
-            host: "{{ inventory_hostname }}"
-            tags:
-              - "deployed"
-          body_format: json
-          status_code: 202
-          headers:
-            Content-Type: "application/json"
-        when: datadog_key is defined and inventory_hostname not in groups['local']
-
       rescue:
         - name: Notify slack of deployment failure
           slack:

diff --git a/playbooks/provision.yml b/playbooks/provision.yml
@@ -124,19 +124,3 @@
         channel: "#devops-notifications"
         username: "ansible executed by {{ lookup('env','USER') }}"
       when: inventory_hostname not in groups['local']
-
-    - name: notify datadog
-      uri:
-        url: "https://api.datadoghq.com/api/v1/events?api_key={{ datadog_key }}"
-        method: POST
-        body:
-          title: "Provisioned"
-          text: "Provisioned host: {{ inventory_hostname }} ({{ host_id | default(ansible_limit) }})"
-          host: "{{ inventory_hostname }}"
-          tags:
-            - "provisioned"
-        body_format: json
-        status_code: 202
-        headers:
-          Content-Type: "application/json"
-      when: datadog_key is defined and inventory_hostname not in groups['local']
diff --git a/roles/app/templates/application.yml.j2 b/roles/app/templates/application.yml.j2
@@ -21,10 +21,6 @@ GOOGLE_MAPS_API_KEY: {{ google_maps_api_key }}
 ADMIN_EMAIL: {{ admin_email }}
 ADMIN_PASSWORD: {{ admin_password }}
 
-{% if enable_rails_apm is defined %}
-DATADOG_RAILS_APM: {{ enable_rails_apm }}
-{% endif %}
-
 {% if s3_access_key is defined %}
 S3_ACCESS_KEY: {{ s3_access_key }}
 {% endif %}

diff --git a/roles/app/templates/env.j2 b/roles/app/templates/env.j2
@@ -18,10 +18,6 @@ GOOGLE_MAPS_API_KEY="{{ google_maps_api_key }}"
 ADMIN_EMAIL="{{ admin_email }}"
 ADMIN_PASSWORD="{{ admin_password }}"
 
-{% if enable_rails_apm is defined %}
-DATADOG_RAILS_APM="{{ enable_rails_apm }}"
-{% endif %}
-
 {% if s3_access_key is defined %}
 S3_ACCESS_KEY="{{ s3_access_key }}"
 {% endif %}

diff --git a/roles/datadog/handlers/main.yml b/roles/datadog/handlers/main.yml
diff --git a/roles/datadog/tasks/main.yml b/roles/datadog/tasks/main.yml
@@ -11,24 +11,22 @@
     line: "deb https://apt.datadoghq.com/ stable 6"
     state: absent
 
-- name: configure datadog agent
-  include_role:
-    name: Datadog.datadog
-  vars:
-    datadog_api_key: "{{ datadog_key }}"
-    datadog_config:
-      hostname: "{{ inventory_hostname }}"
-      tags:
-        - "env:{{ rails_env }}"
-        - "host-id:{{ host_id | default(ansible_limit) }}"
-      logs_enabled: false
-      apm_config:
-        enabled: false
-    datadog_config_ex:
-      trace.config:
-        env: "{{ rails_env }}"
-    datadog_enabled: false
-  when: datadog_key is defined
+- name: remove current apt source
+  file:
+    path: "/etc/apt/sources.list.d/ansible_datadog_7.list"
+    state: absent
+
+- name: remove datadog package
+  apt:
+    name: datadog-agent
+    state: absent
+    autoremove: yes
+
+- name: remove datadog keys package
+  apt:
+    name: datadog-signing-keys
+    state: absent
+    autoremove: yes
 
 - name: set up postgres stats collection
   import_tasks: pg_stats.yml
@@ -37,9 +35,3 @@
 - name: set up nginx stats collection
   import_tasks: nginx_stats.yml
   when: datadog_key is defined
-
-- name: disable datadog agent
-  service:
-    name: datadog-agent
-    state: stopped
-  when: disable_datadog is defined
diff --git a/roles/datadog/tasks/nginx_stats.yml b/roles/datadog/tasks/nginx_stats.yml
@@ -1,28 +1,14 @@
 ---
-- name: enable nginx stub_status
-  template:
-    src: status.conf.j2
-    dest: /etc/nginx/conf.d/status.conf
-    mode: 0644
-    owner: root
-    group: 'www-data'
+- name: remove nginx stub_status
+  file:
+    path: /etc/nginx/conf.d/status.conf
+    state: absent
   become: yes
   notify:
     - reload nginx
-    - restart datadog-agent
 
-- name: add datadog agent to adm group
-  user:
-    name: 'dd-agent'
-    groups: adm
-    append: yes
-
-- name: enable datadog nginx integration
-  template:
-    src: dd-nginx.j2
-    dest: /etc/datadog-agent/conf.d/nginx.d/conf.yaml
-    owner: 'dd-agent'
-    group: 'dd-agent'
-    mode: 0644
+- name: remove datadog nginx integration
+  file:
+    path: /etc/datadog-agent/conf.d/nginx.d/conf.yaml
+    state: absent
   become: true
-  notify: restart datadog-agent
diff --git a/roles/datadog/tasks/pg_stats.yml b/roles/datadog/tasks/pg_stats.yml
@@ -1,116 +1,32 @@
 ---
-- name: add postgres stats configuration
-  template:
-    src: stats.conf.j2
-    dest: "{{ postgresql_config_path }}/conf.d/stats.conf"
-    owner: postgres
-    group: postgres
-    mode: 0640
-  become: yes
-  notify: restart postgres
-
-- name: add postgres logging configuration
-  template:
-    src: logging.conf.j2
-    dest: "{{ postgresql_config_path }}/conf.d/logging.conf"
-    owner: postgres
-    group: postgres
-    mode: 0640
+- name: remove postgres stats configuration
+  file:
+    path: "{{ postgresql_config_path }}/conf.d/stats.conf"
+    state: absent
   become: yes
   notify: restart postgres
-  when: enable_postgres_logging is defined
 
 - name: remove postgres logging configuration
   file:
     dest: "{{ postgresql_config_path }}/conf.d/logging.conf"
     state: absent
   become: yes
   notify: restart postgres
-  when: enable_postgres_logging is undefined
 
-- name: get relations in openfoodnetwork's database
-  command: "psql {{ db }} -tAc \"SELECT c.relname AS table_name
-    FROM pg_catalog.pg_class c
-    LEFT JOIN pg_catalog.pg_namespace n ON (n.oid = c.relnamespace)
-    WHERE c.relkind IN ('r','v','m','p')
-      AND c.relpersistence <> 't'
-      AND c.relname NOT IN ('pg_stat_statements')
-      AND n.nspname NOT IN ('pg_catalog','pg_toast','information_schema');\""
-  become: yes
-  become_user: postgres
-  register: openfoodnetwork_relations
-  changed_when: False
-
-- name: enable datadog postgres integration
-  template:
-    src: dd-postgres.j2
+- name: remove datadog postgres integration
+  file:
     dest: /etc/datadog-agent/conf.d/postgres.d/conf.yaml
-    owner: 'dd-agent'
-    group: 'dd-agent'
-    mode: 0644
+    state: absent
   become: true
-  when: datadog_db_password is defined
-  notify: restart datadog-agent
-
-- name: add datadog agent to postgres group
-  user:
-    name: 'dd-agent'
-    groups: postgres
-    append: yes
-  when: datadog_db_password is defined and enable_datadog_logging is defined
-
-- name: check datadog db_integration exists
-  command: psql -tAc "SELECT 1 FROM pg_roles WHERE rolname='datadog'"
-  become: yes
-  become_user: postgres
-  register: integration_exists
-  changed_when: False
-
-- name: report db_integration status
-  fail:
-    msg: "The database role `datadog` has not been created. Add it via the `db_integrations` playbook."
-  when: integration_exists.stdout != '1'
-
-- name: check pg_stat_activity function
-  command: "psql {{ db }} -c \"SELECT * FROM pg_catalog.pg_proc WHERE proname = 'pg_stat_activity';\""
-  become: yes
-  become_user: postgres
-  register: pg_stat_activity_exist
-  changed_when: False
-
-- name: add pg_stat_activity function
-  command: "psql {{ db }} -c \
-            'CREATE FUNCTION pg_stat_activity() RETURNS SETOF pg_catalog.pg_stat_activity AS $$
-              SELECT * from pg_catalog.pg_stat_activity;
-            $$ LANGUAGE sql VOLATILE SECURITY DEFINER;'"
-  become: yes
-  become_user: postgres
-  when: pg_stat_activity_exist.stdout.find('0 rows') != -1
-  notify: restart postgres
-
-- name: check pg_stat_activity_dd view
-  command: "psql {{ db }} -c \"SELECT * FROM pg_catalog.pg_views WHERE viewname = 'pg_stat_activity_dd';\""
-  become: yes
-  become_user: postgres
-  register: pg_stat_activity_dd_exist
-  changed_when: False
 
-- name: add pg_stat_activity_dd view
-  command: "psql {{ db }} -c 'CREATE VIEW pg_stat_activity_dd AS SELECT * FROM pg_stat_activity();'"
+- name: remove pg_stat_activity_dd view
+  command: "psql {{ db }} -c 'DROP VIEW IF EXISTS pg_stat_activity_dd;'"
   become: yes
   become_user: postgres
-  when: pg_stat_activity_dd_exist.stdout.find('0 rows') != -1
   notify: restart postgres
 
-- name: grant SELECT on pg_stat_activity_dd to Datadog
-  postgresql_privs:
-    database: "{{ db }}"
-    state: present
-    privs: SELECT
-    type: table
-    objs: pg_stat_activity_dd
-    roles: datadog
-    grant_option: no
+- name: remove pg_stat_activity function
+  command: "psql {{ db }} -c 'DROP FUNCTION IF EXISTS pg_stat_activity();'"
   become: yes
   become_user: postgres
   notify: restart postgres
diff --git a/roles/datadog/templates/dd-memcached.j2 b/roles/datadog/templates/dd-memcached.j2