Skip to content
This repository has been archived by the owner on Jul 2, 2024. It is now read-only.

Commit

Permalink
msp: update generated pages
Browse files Browse the repository at this point in the history
  • Loading branch information
@bobheadxi
bobheadxi committed Jan 11, 2024
1 parent 07e08db commit 7292133
Show file tree
Hide file tree
Showing 9 changed files with 444 additions and 136 deletions.
64 changes: 49 additions & 15 deletions content/departments/engineering/managed-services/cloud-ops.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
<!--
Generated documentation; DO NOT EDIT. Regenerate using this command: 'sg msp operations generate-handbook-pages'
Last updated: 2024-01-11 18:09:55.856334 +0000 UTC
Generated from: https://github.com/sourcegraph/managed-services/tree/f37cdc8aea65e1197e2d814447ad65c30fccd75b
Last updated: 2024-01-11 23:32:32.139894 +0000 UTC
Generated from: https://github.com/sourcegraph/managed-services/tree/f8d4d7205ba81e75f01920f1034cb2f52e039ace
-->

This document describes operational guidance for Cloud Ops Dashboard infrastructure.
Expand All @@ -14,8 +14,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services]

## Service overview

| PROPERTY | DETAILS |
| ------------ | -------------------------------------------------------------------------------------------------------------------------- |
| PROPERTY | DETAILS |
|--------------|----------------------------------------------------------------------------------------------------------------------------|
| Service ID | [`cloud-ops`](https://github.com/sourcegraph/managed-services/blob/main/services/cloud-ops/service.yaml) |
| Owners | **cloud** |
| Service kind | Cloud Run service |
Expand All @@ -27,8 +27,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services]

### prod

| PROPERTY | DETAILS |
| -------------- | -------------------------------------------------------------------------------------------------- |
| PROPERTY | DETAILS |
|----------------|----------------------------------------------------------------------------------------------------|
| Project ID | [`cloud-ops-prod-dd32`](https://console.cloud.google.com/run?project=cloud-ops-prod-dd32) |
| Category | **internal** |
| Resources | [prod Redis](#prod-redis) |
Expand All @@ -37,22 +37,56 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services]
| Cloudflare WAF ||

MSP infrastructure access needs to be requested using Entitle for time-bound privileges.
Test environments have less stringent requirements.

| ACCESS | ENTITLE REQUEST TEMPLATE |
| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| ACCESS | ENTITLE REQUEST TEMPLATE |
|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| GCP project read access | [Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiNzg0M2MxYWYtYzU2MS00ZDMyLWE3ZTAtYjZkNjY0NDM4MzAzIiwidGhyb3VnaCI6Ijc4NDNjMWFmLWM1NjEtNGQzMi1hN2UwLWI2ZDY2NDQzODMwMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) |
| GCP project write access | [Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) |

For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud).

#### prod Cloud Run

| PROPERTY | DETAILS |
| -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Console | [Cloud Run service](https://console.cloud.google.com/run?project=cloud-ops-prod-dd32) |
| Logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=cloud-ops-prod-dd32) |
The Cloud Ops Dashboard prod service implementation is deployed on [Google Cloud Run](https://cloud.google.com/run).

| PROPERTY | DETAILS |
|--------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Console | [Cloud Run service](https://console.cloud.google.com/run?project=cloud-ops-prod-dd32) |
| Service logs | [GCP logging](https://console.cloud.google.com/logs/query;query=resource.type%20%3D%20%22cloud_run_revision%22%20-logName%3D~%22logs%2Frun.googleapis.com%252Frequests%22;summaryFields=jsonPayload%252FInstrumentationScope,jsonPayload%252FBody,jsonPayload%252FAttributes%252Ferror:false:32:end?project=cloud-ops-prod-dd32) |

You can also use `sg msp` to quickly open a link to your service logs:

```bash
sg msp logs cloud-ops prod
```

#### prod Redis

| PROPERTY | DETAILS |
| -------- | ----------------------------------------------------------------------------------------------------------------------- |
| PROPERTY | DETAILS |
|----------|-------------------------------------------------------------------------------------------------------------------------|
| Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=cloud-ops-prod-dd32) |

#### prod Terraform Cloud

This service's configuration is defined in [`sourcegraph/managed-services/services/cloud-ops/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/cloud-ops/service.yaml), and `sg msp generate cloud-ops prod` generates the required infrastructure configuration for this environment in Terraform.
Terraform Cloud (TFC) workspaces specific to each service then provisions the required infrastructure from this configuration.
You may want to check your service environment's TFC workspaces if a Terraform apply fails (reported via GitHub commit status checks in the [`sourcegraph/managed-services`](https://github.com/sourcegraph/managed-services) repository, or in #alerts-msp-tfc).

> [!NOTE]
> If you are looking for service logs, see the [prod Cloud Run](#prod-cloud-run) section instead. In general:
>
> - check service logs ([prod Cloud Run](#prod-cloud-run)) if your service has gone down or is misbehaving
> - check TFC workspaces for infrastructure provisioning or configuration issues
To access this environment's Terraform Cloud workspaces, you will need to [log in to Terraform Cloud](https://app.terraform.io/app/sourcegraph) and then [request Entitle access to membership in the "Managed Services Platform Operator" TFC team](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjM2MDAiLCJqdXN0aWZpY2F0aW9uIjoiSlVTVElGSUNBVElPTiBIRVJFIiwicm9sZUlkcyI6W3siaWQiOiJiMzg3MzJjYy04OTUyLTQ2Y2QtYmIxZS1lZjI2ODUwNzIyNmIiLCJ0aHJvdWdoIjoiYjM4NzMyY2MtODk1Mi00NmNkLWJiMWUtZWYyNjg1MDcyMjZiIiwidHlwZSI6InJvbGUifV19).
The "Managed Services Platform Operator" team has access to all MSP TFC workspaces.

> [!WARNING]
> You **must [log in to Terraform Cloud](https://app.terraform.io/app/sourcegraph) before making your Entitle request**.
> If you make your Entitle request, then log in, you will be removed from any team memberships granted through Entitle by Terraform Cloud's SSO implementation.
The Terraform Cloud workspaces for this service environment are [grouped under the `msp-cloud-ops-prod` tag](https://app.terraform.io/app/sourcegraph/workspaces?tag=msp-cloud-ops-prod), or you can use:

```bash
sg msp tfc view cloud-ops prod
```
Loading

0 comments on commit 7292133

Please sign in to comment.