From a9586b3c99c59c733ce94b62637dcb4dded3b881 Mon Sep 17 00:00:00 2001 From: James Cotter <35706755+jac@users.noreply.github.com> Date: Wed, 1 May 2024 14:00:03 +0100 Subject: [PATCH] msp-ops: architecture diagrams (#8919) this handbook is still the source of truth for msp-ops pages --- This PR adds architecture diagrams generated per environment for each service https://github.com/sourcegraph/sourcegraph/pull/62213 --------- Co-authored-by: jac --- .../managed-services/build-tracker-prod.svg | 113 +++++++++++++++ .../managed-services/build-tracker.md | 10 +- .../managed-services/cloud-ops-dev.svg | 114 +++++++++++++++ .../managed-services/cloud-ops-prod.svg | 114 +++++++++++++++ .../engineering/managed-services/cloud-ops.md | 14 +- .../managed-services/cloud-relay-prod.svg | 103 ++++++++++++++ .../managed-services/cloud-relay.md | 10 +- .../managed-services/cody-analytics-dev.svg | 102 ++++++++++++++ .../managed-services/cody-analytics-prod.svg | 103 ++++++++++++++ .../managed-services/cody-analytics.md | 14 +- .../managed-services/entitler-prod.svg | 103 ++++++++++++++ .../engineering/managed-services/entitler.md | 10 +- .../managed-services/gatekeeper-prod.svg | 97 +++++++++++++ .../managed-services/gatekeeper.md | 10 +- .../engineering/managed-services/index.md | 4 +- .../managed-services/msp-testbed-robert.svg | 125 +++++++++++++++++ .../managed-services/msp-testbed-test.svg | 126 +++++++++++++++++ .../managed-services/msp-testbed.md | 14 +- .../managed-services/pings-prod.svg | 101 ++++++++++++++ .../engineering/managed-services/pings.md | 10 +- .../managed-services/releaseregistry-dev.svg | 121 ++++++++++++++++ .../managed-services/releaseregistry-prod.svg | 122 ++++++++++++++++ .../managed-services/releaseregistry.md | 43 ++++-- .../engineering/managed-services/sams-dev.svg | 129 +++++++++++++++++ .../managed-services/sams-prod.svg | 131 ++++++++++++++++++ .../engineering/managed-services/sams.md | 14 +- .../sourcegraph-accounts-dev.svg | 126 +++++++++++++++++ .../sourcegraph-accounts-prod.svg | 128 +++++++++++++++++ .../managed-services/sourcegraph-accounts.md | 14 +- .../support-integration-prod.svg | 103 ++++++++++++++ .../managed-services/support-integration.md | 10 +- .../telemetry-gateway-dev.svg | 101 ++++++++++++++ .../telemetry-gateway-prod.svg | 101 ++++++++++++++ .../managed-services/telemetry-gateway.md | 14 +- 34 files changed, 2404 insertions(+), 50 deletions(-) create mode 100644 content/departments/engineering/managed-services/build-tracker-prod.svg create mode 100644 content/departments/engineering/managed-services/cloud-ops-dev.svg create mode 100644 content/departments/engineering/managed-services/cloud-ops-prod.svg create mode 100644 content/departments/engineering/managed-services/cloud-relay-prod.svg create mode 100644 content/departments/engineering/managed-services/cody-analytics-dev.svg create mode 100644 content/departments/engineering/managed-services/cody-analytics-prod.svg create mode 100644 content/departments/engineering/managed-services/entitler-prod.svg create mode 100644 content/departments/engineering/managed-services/gatekeeper-prod.svg create mode 100644 content/departments/engineering/managed-services/msp-testbed-robert.svg create mode 100644 content/departments/engineering/managed-services/msp-testbed-test.svg create mode 100644 content/departments/engineering/managed-services/pings-prod.svg create mode 100644 content/departments/engineering/managed-services/releaseregistry-dev.svg create mode 100644 content/departments/engineering/managed-services/releaseregistry-prod.svg create mode 100644 content/departments/engineering/managed-services/sams-dev.svg create mode 100644 content/departments/engineering/managed-services/sams-prod.svg create mode 100644 content/departments/engineering/managed-services/sourcegraph-accounts-dev.svg create mode 100644 content/departments/engineering/managed-services/sourcegraph-accounts-prod.svg create mode 100644 content/departments/engineering/managed-services/support-integration-prod.svg create mode 100644 content/departments/engineering/managed-services/telemetry-gateway-dev.svg create mode 100644 content/departments/engineering/managed-services/telemetry-gateway-prod.svg diff --git a/content/departments/engineering/managed-services/build-tracker-prod.svg b/content/departments/engineering/managed-services/build-tracker-prod.svg new file mode 100644 index 000000000000..575c78d95a0f --- /dev/null +++ b/content/departments/engineering/managed-services/build-tracker-prod.svg @@ -0,0 +1,113 @@ +Cloud Run ServiceSentryMonitoringCloud TraceRedisVPC NetworkApplication Load BalancerExternal IP AddressCloudflareInternet private networkingprivate networking + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/build-tracker.md b/content/departments/engineering/managed-services/build-tracker.md index 4a909ee92863..d4de466f2a00 100644 --- a/content/departments/engineering/managed-services/build-tracker.md +++ b/content/departments/engineering/managed-services/build-tracker.md @@ -3,8 +3,8 @@ This document describes operational guidance for Build Tracker infrastructure. @@ -83,6 +83,10 @@ sg msp logs build-tracker prod | -------- | --------------------------------------------------------------------------------------------------------------------------- | | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=build-tracker-prod-59bf) | +#### prod Architecture Diagram + +![Architecture Diagram](./build-tracker-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/build-tracker/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/build-tracker/service.yaml), and `sg msp generate build-tracker prod` generates the required infrastructure configuration for this environment in Terraform. @@ -108,7 +112,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view build-tracker prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/cloud-ops-dev.svg b/content/departments/engineering/managed-services/cloud-ops-dev.svg new file mode 100644 index 000000000000..a995d4693b7e --- /dev/null +++ b/content/departments/engineering/managed-services/cloud-ops-dev.svg @@ -0,0 +1,114 @@ +Cloud Run ServiceSentryMonitoringCloud TraceRedisVPC NetworkExternal IP AddressCloudflareInternetApplication Load BalancerCloud Armor private networkingprivate networking + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/cloud-ops-prod.svg b/content/departments/engineering/managed-services/cloud-ops-prod.svg new file mode 100644 index 000000000000..a995d4693b7e --- /dev/null +++ b/content/departments/engineering/managed-services/cloud-ops-prod.svg @@ -0,0 +1,114 @@ +Cloud Run ServiceSentryMonitoringCloud TraceRedisVPC NetworkExternal IP AddressCloudflareInternetApplication Load BalancerCloud Armor private networkingprivate networking + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/cloud-ops.md b/content/departments/engineering/managed-services/cloud-ops.md index 42843b329bc0..1f0352239a91 100644 --- a/content/departments/engineering/managed-services/cloud-ops.md +++ b/content/departments/engineering/managed-services/cloud-ops.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cloud Ops Dashboard infrastructure. @@ -74,6 +74,10 @@ sg msp logs cloud-ops prod | -------- | ----------------------------------------------------------------------------------------------------------------------- | | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=cloud-ops-prod-dd32) | +#### prod Architecture Diagram + +![Architecture Diagram](./cloud-ops-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/cloud-ops/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/cloud-ops/service.yaml), and `sg msp generate cloud-ops prod` generates the required infrastructure configuration for this environment in Terraform. @@ -145,6 +149,10 @@ sg msp logs cloud-ops dev | -------- | ---------------------------------------------------------------------------------------------------------------------- | | Console | [Memorystore Redis instances](https://console.cloud.google.com/memorystore/redis/instances?project=cloud-ops-dev-caff) | +#### dev Architecture Diagram + +![Architecture Diagram](./cloud-ops-dev.svg) + #### dev Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/cloud-ops/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/cloud-ops/service.yaml), and `sg msp generate cloud-ops dev` generates the required infrastructure configuration for this environment in Terraform. @@ -170,7 +178,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view cloud-ops dev ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/cloud-relay-prod.svg b/content/departments/engineering/managed-services/cloud-relay-prod.svg new file mode 100644 index 000000000000..61b2d7495bae --- /dev/null +++ b/content/departments/engineering/managed-services/cloud-relay-prod.svg @@ -0,0 +1,103 @@ +Cloud Run ServiceSentryMonitoringCloud TraceExternal IP AddressCloudflareInternetApplication Load BalancerCloud Armor + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/cloud-relay.md b/content/departments/engineering/managed-services/cloud-relay.md index 44e2bd4e8643..704d74e2ee58 100644 --- a/content/departments/engineering/managed-services/cloud-relay.md +++ b/content/departments/engineering/managed-services/cloud-relay.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cloud Relay infrastructure. @@ -68,6 +68,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs cloud-relay prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./cloud-relay-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/cloud-relay/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/cloud-relay/service.yaml), and `sg msp generate cloud-relay prod` generates the required infrastructure configuration for this environment in Terraform. @@ -93,7 +97,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view cloud-relay prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/cody-analytics-dev.svg b/content/departments/engineering/managed-services/cody-analytics-dev.svg new file mode 100644 index 000000000000..fd424423bb8b --- /dev/null +++ b/content/departments/engineering/managed-services/cody-analytics-dev.svg @@ -0,0 +1,102 @@ +Cloud Run ServiceSentryMonitoringCloud TraceApplication Load BalancerExternal IP AddressCloudflareInternet + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/cody-analytics-prod.svg b/content/departments/engineering/managed-services/cody-analytics-prod.svg new file mode 100644 index 000000000000..61b2d7495bae --- /dev/null +++ b/content/departments/engineering/managed-services/cody-analytics-prod.svg @@ -0,0 +1,103 @@ +Cloud Run ServiceSentryMonitoringCloud TraceExternal IP AddressCloudflareInternetApplication Load BalancerCloud Armor + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/cody-analytics.md b/content/departments/engineering/managed-services/cody-analytics.md index eae91d702ed8..29540970adb0 100644 --- a/content/departments/engineering/managed-services/cody-analytics.md +++ b/content/departments/engineering/managed-services/cody-analytics.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cody Analytics infrastructure. @@ -68,6 +68,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs cody-analytics dev ``` +#### dev Architecture Diagram + +![Architecture Diagram](./cody-analytics-dev.svg) + #### dev Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/cody-analytics/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/cody-analytics/service.yaml), and `sg msp generate cody-analytics dev` generates the required infrastructure configuration for this environment in Terraform. @@ -133,6 +137,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs cody-analytics prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./cody-analytics-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/cody-analytics/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/cody-analytics/service.yaml), and `sg msp generate cody-analytics prod` generates the required infrastructure configuration for this environment in Terraform. @@ -158,7 +166,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view cody-analytics prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/entitler-prod.svg b/content/departments/engineering/managed-services/entitler-prod.svg new file mode 100644 index 000000000000..61b2d7495bae --- /dev/null +++ b/content/departments/engineering/managed-services/entitler-prod.svg @@ -0,0 +1,103 @@ +Cloud Run ServiceSentryMonitoringCloud TraceExternal IP AddressCloudflareInternetApplication Load BalancerCloud Armor + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/entitler.md b/content/departments/engineering/managed-services/entitler.md index 95c88dba4a31..320f9998af96 100644 --- a/content/departments/engineering/managed-services/entitler.md +++ b/content/departments/engineering/managed-services/entitler.md @@ -3,8 +3,8 @@ This document describes operational guidance for Entitler infrastructure. @@ -68,6 +68,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs entitler prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./entitler-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/entitler/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/entitler/service.yaml), and `sg msp generate entitler prod` generates the required infrastructure configuration for this environment in Terraform. @@ -93,7 +97,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view entitler prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/gatekeeper-prod.svg b/content/departments/engineering/managed-services/gatekeeper-prod.svg new file mode 100644 index 000000000000..90fd24422fe1 --- /dev/null +++ b/content/departments/engineering/managed-services/gatekeeper-prod.svg @@ -0,0 +1,97 @@ +Cloud Run JobSentryMonitoring + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/gatekeeper.md b/content/departments/engineering/managed-services/gatekeeper.md index d8ccb1ae3b24..99ddb0de69e6 100644 --- a/content/departments/engineering/managed-services/gatekeeper.md +++ b/content/departments/engineering/managed-services/gatekeeper.md @@ -3,8 +3,8 @@ This document describes operational guidance for Cody Gatekeeper infrastructure. @@ -66,6 +66,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs gatekeeper prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./gatekeeper-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/gatekeeper/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/gatekeeper/service.yaml), and `sg msp generate gatekeeper prod` generates the required infrastructure configuration for this environment in Terraform. @@ -91,7 +95,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view gatekeeper prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/index.md b/content/departments/engineering/managed-services/index.md index 3f3307dd6cdd..01eb55ff97a0 100644 --- a/content/departments/engineering/managed-services/index.md +++ b/content/departments/engineering/managed-services/index.md @@ -3,8 +3,8 @@ These pages contain generated operational guidance for the infrastructure of the 13 [Managed Services Platform (MSP)](../teams/core-services/managed-services/platform.md) services (across 20 environments) currently in operation at Sourcegraph. diff --git a/content/departments/engineering/managed-services/msp-testbed-robert.svg b/content/departments/engineering/managed-services/msp-testbed-robert.svg new file mode 100644 index 000000000000..16e968c90855 --- /dev/null +++ b/content/departments/engineering/managed-services/msp-testbed-robert.svg @@ -0,0 +1,125 @@ +Cloud Run ServiceSentryMonitoringCloud TraceRedisVPC NetworkBigQueryCloud SQL (Postgres)Application Load BalancerExternal IP AddressCloudflareInternetexampleprimary private networkingprivate networkingprivate networking + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/msp-testbed-test.svg b/content/departments/engineering/managed-services/msp-testbed-test.svg new file mode 100644 index 000000000000..9229ce71350f --- /dev/null +++ b/content/departments/engineering/managed-services/msp-testbed-test.svg @@ -0,0 +1,126 @@ +Cloud Run ServiceSentryMonitoringCloud TraceRedisVPC NetworkBigQueryCloud SQL (Postgres)External IP AddressCloudflareInternetexampleprimaryApplication Load BalancerCloud Armor private networkingprivate networkingprivate networking + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/msp-testbed.md b/content/departments/engineering/managed-services/msp-testbed.md index 94b7a9203378..56489b3c246f 100644 --- a/content/departments/engineering/managed-services/msp-testbed.md +++ b/content/departments/engineering/managed-services/msp-testbed.md @@ -3,8 +3,8 @@ This document describes operational guidance for MSP Testbed infrastructure. @@ -120,6 +120,10 @@ sg msp pg connect -write-access msp-testbed test | Dataset ID | `msp_testbed` | | Tables | [`example`](https://github.com/sourcegraph/managed-services/blob/main/services/msp-testbed/example.bigquerytable.json) | +#### test Architecture Diagram + +![Architecture Diagram](./msp-testbed-test.svg) + #### test Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/msp-testbed/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/msp-testbed/service.yaml), and `sg msp generate msp-testbed test` generates the required infrastructure configuration for this environment in Terraform. @@ -219,6 +223,10 @@ sg msp pg connect -write-access msp-testbed robert | Dataset ID | `msp_testbed` | | Tables | [`example`](https://github.com/sourcegraph/managed-services/blob/main/services/msp-testbed/example.bigquerytable.json) | +#### robert Architecture Diagram + +![Architecture Diagram](./msp-testbed-robert.svg) + #### robert Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/msp-testbed/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/msp-testbed/service.yaml), and `sg msp generate msp-testbed robert` generates the required infrastructure configuration for this environment in Terraform. @@ -244,7 +252,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view msp-testbed robert ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/pings-prod.svg b/content/departments/engineering/managed-services/pings-prod.svg new file mode 100644 index 000000000000..88601332f54d --- /dev/null +++ b/content/departments/engineering/managed-services/pings-prod.svg @@ -0,0 +1,101 @@ +Cloud Run ServiceSentryMonitoringCloud TraceApplication Load BalancerExternal IP AddressInternet + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/pings.md b/content/departments/engineering/managed-services/pings.md index 591b4bf7c425..9bc68f2921b4 100644 --- a/content/departments/engineering/managed-services/pings.md +++ b/content/departments/engineering/managed-services/pings.md @@ -3,8 +3,8 @@ This document describes operational guidance for Pings Service infrastructure. @@ -76,6 +76,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs pings prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./pings-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/pings/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/pings/service.yaml), and `sg msp generate pings prod` generates the required infrastructure configuration for this environment in Terraform. @@ -101,7 +105,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view pings prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/releaseregistry-dev.svg b/content/departments/engineering/managed-services/releaseregistry-dev.svg new file mode 100644 index 000000000000..a83335c97e0c --- /dev/null +++ b/content/departments/engineering/managed-services/releaseregistry-dev.svg @@ -0,0 +1,121 @@ +Cloud Run ServiceSentryMonitoringCloud TraceCloud SQL (Postgres)VPC NetworkApplication Load BalancerExternal IP AddressCloudflareInternetreleaseregistry private networkingprivate networking + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/releaseregistry-prod.svg b/content/departments/engineering/managed-services/releaseregistry-prod.svg new file mode 100644 index 000000000000..874a015ec120 --- /dev/null +++ b/content/departments/engineering/managed-services/releaseregistry-prod.svg @@ -0,0 +1,122 @@ +Cloud Run ServiceSentryMonitoringCloud TraceCloud SQL (Postgres)VPC NetworkExternal IP AddressCloudflareInternetreleaseregistryApplication Load BalancerCloud Armor private networkingprivate networking + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/releaseregistry.md b/content/departments/engineering/managed-services/releaseregistry.md index 3e82117edb9d..60b7106aa226 100644 --- a/content/departments/engineering/managed-services/releaseregistry.md +++ b/content/departments/engineering/managed-services/releaseregistry.md @@ -3,8 +3,8 @@ This document describes operational guidance for Release Registry infrastructure. @@ -26,6 +26,17 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] | Docker image | `us.gcr.io/sourcegraph-dev/releaseregistry` | | Source code | [`github.com/sourcegraph/releaseregistry` - `.`](https://github.com/sourcegraph/releaseregistry/tree/HEAD/.) | +## Rollouts + +| PROPERTY | DETAILS | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Delivery pipeline | [`releaseregistry-us-central1-rollout`](https://console.cloud.google.com/deploy/delivery-pipelines/us-central1/releaseregistry-us-central1-rollout?project=releaseregistry-prod-5421) | +| Stages | [dev](#dev) -> [prod](#prod) | + +Changes to Release Registry are continuously delivered to the first stage ([dev](#dev)) of the delivery pipeline. + +Promotion of a release to the next stage in the pipeline must be done manually using the GCP Delivery pipeline UI. + ## Environments ### prod @@ -33,8 +44,8 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] | PROPERTY | DETAILS | | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | Project ID | [`releaseregistry-prod-5421`](https://console.cloud.google.com/run?project=releaseregistry-prod-5421) | -| Category | **test** | -| Deployment type | `manual` | +| Category | **internal** | +| Deployment type | `rollout` | | Resources | [prod PostgreSQL instance](#prod-postgresql-instance) | | Slack notifications | [#alerts-releaseregistry-prod](https://sourcegraph.slack.com/archives/alerts-releaseregistry-prod) | | Alert policies | [GCP Monitoring alert policies list](https://console.cloud.google.com/monitoring/alerting/policies?project=releaseregistry-prod-5421), [Dashboard](https://console.cloud.google.com/monitoring/dashboards?pageState=%28%22dashboards%22%3A%28%22t%22%3A%22All%22%29%2C%22dashboardList%22%3A%28%22f%22%3A%22%255B%257B_22k_22_3A_22Type_22_2C_22t_22_3A10_2C_22v_22_3A_22_5C_22Custom_5C_22_22_2C_22s_22_3Atrue_2C_22i_22_3A_22category_22%257D%255D%22%29%29&project=releaseregistry-prod-5421) | @@ -42,12 +53,12 @@ If you need assistance with MSP infrastructure, reach out to the [Core Services] | Domain | [releaseregistry.sourcegraph.com](https://releaseregistry.sourcegraph.com) | | Cloudflare WAF | ✅ | -MSP infrastructure access needs to be requested using Entitle for time-bound privileges. Test environments may have less stringent requirements. +MSP infrastructure access needs to be requested using Entitle for time-bound privileges. -| ACCESS | ENTITLE REQUEST TEMPLATE | -| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| GCP project read access | [Read-only Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZGY3NWJkNWMtYmUxOC00MjhmLWEzNjYtYzlhYTU1MGIwODIzIiwidGhyb3VnaCI6ImRmNzViZDVjLWJlMTgtNDI4Zi1hMzY2LWM5YWE1NTBiMDgyMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | -| GCP project write access | [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | +| ACCESS | ENTITLE REQUEST TEMPLATE | +| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| GCP project read access | [Read-only Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiNzg0M2MxYWYtYzU2MS00ZDMyLWE3ZTAtYjZkNjY0NDM4MzAzIiwidGhyb3VnaCI6Ijc4NDNjMWFmLWM1NjEtNGQzMi1hN2UwLWI2ZDY2NDQzODMwMyIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | +| GCP project write access | [Write access Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) | For Terraform Cloud access, see [prod Terraform Cloud](#prod-terraform-cloud). @@ -76,7 +87,7 @@ sg msp logs releaseregistry prod | Databases | `releaseregistry` | > [!NOTE] -> The [Write access Entitle request for the 'Engineering Projects' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjIxNjAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiYzJkMTUwOGEtMGQ0ZS00MjA1LWFiZWUtOGY1ODg1ZGY3ZDE4IiwidGhyb3VnaCI6ImMyZDE1MDhhLTBkNGUtNDIwNS1hYmVlLThmNTg4NWRmN2QxOCIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) is required for BOTH read-only and write access to the database. +> The [Write access Entitle request for the 'Internal Services' folder](https://app.entitle.io/request?data=eyJkdXJhdGlvbiI6IjEwODAwIiwianVzdGlmaWNhdGlvbiI6IkVOVEVSIEpVU1RJRklDQVRJT04gSEVSRSIsInJvbGVJZHMiOlt7ImlkIjoiZTEyYTJkZDktYzY1ZC00YzM0LTlmNDgtMzYzNTNkZmY0MDkyIiwidGhyb3VnaCI6ImUxMmEyZGQ5LWM2NWQtNGMzNC05ZjQ4LTM2MzUzZGZmNDA5MiIsInR5cGUiOiJyb2xlIn1dfQ%3D%3D) is required for BOTH read-only and write access to the database. To connect to the PostgreSQL instance in this environment, use `sg msp` in the [`sourcegraph/managed-services`](https://github.com/sourcegraph/managed-services) repository: @@ -88,6 +99,10 @@ sg msp pg connect releaseregistry prod sg msp pg connect -write-access releaseregistry prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./releaseregistry-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/releaseregistry/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/releaseregistry/service.yaml), and `sg msp generate releaseregistry prod` generates the required infrastructure configuration for this environment in Terraform. @@ -119,7 +134,7 @@ sg msp tfc view releaseregistry prod | ------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Project ID | [`releaseregistry-dev-6bac`](https://console.cloud.google.com/run?project=releaseregistry-dev-6bac) | | Category | **test** | -| Deployment type | `subscription` | +| Deployment type | `rollout` | | Resources | [dev PostgreSQL instance](#dev-postgresql-instance) | | Slack notifications | [#alerts-releaseregistry-dev](https://sourcegraph.slack.com/archives/alerts-releaseregistry-dev) | | Alert policies | [GCP Monitoring alert policies list](https://console.cloud.google.com/monitoring/alerting/policies?project=releaseregistry-dev-6bac), [Dashboard](https://console.cloud.google.com/monitoring/dashboards?pageState=%28%22dashboards%22%3A%28%22t%22%3A%22All%22%29%2C%22dashboardList%22%3A%28%22f%22%3A%22%255B%257B_22k_22_3A_22Type_22_2C_22t_22_3A10_2C_22v_22_3A_22_5C_22Custom_5C_22_22_2C_22s_22_3Atrue_2C_22i_22_3A_22category_22%257D%255D%22%29%29&project=releaseregistry-dev-6bac) | @@ -173,6 +188,10 @@ sg msp pg connect releaseregistry dev sg msp pg connect -write-access releaseregistry dev ``` +#### dev Architecture Diagram + +![Architecture Diagram](./releaseregistry-dev.svg) + #### dev Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/releaseregistry/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/releaseregistry/service.yaml), and `sg msp generate releaseregistry dev` generates the required infrastructure configuration for this environment in Terraform. @@ -198,7 +217,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view releaseregistry dev ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/sams-dev.svg b/content/departments/engineering/managed-services/sams-dev.svg new file mode 100644 index 000000000000..8cac32b5d7db --- /dev/null +++ b/content/departments/engineering/managed-services/sams-dev.svg @@ -0,0 +1,129 @@ +Cloud Run ServiceSentryMonitoringCloud TraceRedisVPC NetworkBigQueryCloud SQL (Postgres)Application Load BalancerExternal IP AddressCloudflareInternetuser_emailseventscody_eventssubscription_eventsaccountscody_management private networkingprivate networkingprivate networking + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/sams-prod.svg b/content/departments/engineering/managed-services/sams-prod.svg new file mode 100644 index 000000000000..084659493a4a --- /dev/null +++ b/content/departments/engineering/managed-services/sams-prod.svg @@ -0,0 +1,131 @@ +Cloud Run ServiceSentryMonitoringOpsgenieCloud TraceRedisVPC NetworkBigQueryCloud SQL (Postgres)External IP AddressCloudflareInternetuser_emailseventscody_eventssubscription_eventsaccountscody_managementApplication Load BalancerCloud Armor private networkingprivate networkingprivate networking + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/sams.md b/content/departments/engineering/managed-services/sams.md index 1de512df8ae8..3274d73630b5 100644 --- a/content/departments/engineering/managed-services/sams.md +++ b/content/departments/engineering/managed-services/sams.md @@ -3,8 +3,8 @@ This document describes operational guidance for Self-Serve Cody infrastructure. @@ -113,6 +113,10 @@ sg msp pg connect -write-access sams dev | Dataset ID | `sams` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/events.bigquerytable.json), [`cody_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/cody_events.bigquerytable.json), [`subscription_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/subscription_events.bigquerytable.json) | +#### dev Architecture Diagram + +![Architecture Diagram](./sams-dev.svg) + #### dev Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/sams/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/service.yaml), and `sg msp generate sams dev` generates the required infrastructure configuration for this environment in Terraform. @@ -212,6 +216,10 @@ sg msp pg connect -write-access sams prod | Dataset ID | `sams` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/events.bigquerytable.json), [`cody_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/cody_events.bigquerytable.json), [`subscription_events`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/subscription_events.bigquerytable.json) | +#### prod Architecture Diagram + +![Architecture Diagram](./sams-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/sams/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/sams/service.yaml), and `sg msp generate sams prod` generates the required infrastructure configuration for this environment in Terraform. @@ -237,7 +245,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view sams prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/sourcegraph-accounts-dev.svg b/content/departments/engineering/managed-services/sourcegraph-accounts-dev.svg new file mode 100644 index 000000000000..d30163d34bde --- /dev/null +++ b/content/departments/engineering/managed-services/sourcegraph-accounts-dev.svg @@ -0,0 +1,126 @@ +Cloud Run ServiceSentryMonitoringCloud TraceRedisVPC NetworkBigQueryCloud SQL (Postgres)Application Load BalancerExternal IP AddressCloudflareInternetuser_emailseventsaccounts private networkingprivate networkingprivate networking + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/sourcegraph-accounts-prod.svg b/content/departments/engineering/managed-services/sourcegraph-accounts-prod.svg new file mode 100644 index 000000000000..532829c56c53 --- /dev/null +++ b/content/departments/engineering/managed-services/sourcegraph-accounts-prod.svg @@ -0,0 +1,128 @@ +Cloud Run ServiceSentryMonitoringOpsgenieCloud TraceRedisVPC NetworkBigQueryCloud SQL (Postgres)External IP AddressCloudflareInternetuser_emailseventsaccountsApplication Load BalancerCloud Armor private networkingprivate networkingprivate networking + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/sourcegraph-accounts.md b/content/departments/engineering/managed-services/sourcegraph-accounts.md index 880efeca5627..5080dded4bc2 100644 --- a/content/departments/engineering/managed-services/sourcegraph-accounts.md +++ b/content/departments/engineering/managed-services/sourcegraph-accounts.md @@ -3,8 +3,8 @@ This document describes operational guidance for Sourcegraph Accounts infrastructure. @@ -161,6 +161,10 @@ sg msp pg connect -write-access sourcegraph-accounts dev | Dataset ID | `sourcegraph_accounts` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/events.bigquerytable.json) | +#### dev Architecture Diagram + +![Architecture Diagram](./sourcegraph-accounts-dev.svg) + #### dev Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/sourcegraph-accounts/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/service.yaml), and `sg msp generate sourcegraph-accounts dev` generates the required infrastructure configuration for this environment in Terraform. @@ -260,6 +264,10 @@ sg msp pg connect -write-access sourcegraph-accounts prod | Dataset ID | `sourcegraph_accounts` | | Tables | [`user_emails`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/user_emails.bigquerytable.json), [`events`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/events.bigquerytable.json) | +#### prod Architecture Diagram + +![Architecture Diagram](./sourcegraph-accounts-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/sourcegraph-accounts/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/sourcegraph-accounts/service.yaml), and `sg msp generate sourcegraph-accounts prod` generates the required infrastructure configuration for this environment in Terraform. @@ -285,7 +293,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view sourcegraph-accounts prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/support-integration-prod.svg b/content/departments/engineering/managed-services/support-integration-prod.svg new file mode 100644 index 000000000000..61b2d7495bae --- /dev/null +++ b/content/departments/engineering/managed-services/support-integration-prod.svg @@ -0,0 +1,103 @@ +Cloud Run ServiceSentryMonitoringCloud TraceExternal IP AddressCloudflareInternetApplication Load BalancerCloud Armor + + + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/support-integration.md b/content/departments/engineering/managed-services/support-integration.md index dd990ba8e8de..d9e5865ea0a3 100644 --- a/content/departments/engineering/managed-services/support-integration.md +++ b/content/departments/engineering/managed-services/support-integration.md @@ -3,8 +3,8 @@ This document describes operational guidance for Support Integration infrastructure. @@ -68,6 +68,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs support-integration prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./support-integration-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/support-integration/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/support-integration/service.yaml), and `sg msp generate support-integration prod` generates the required infrastructure configuration for this environment in Terraform. @@ -93,7 +97,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view support-integration prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments. diff --git a/content/departments/engineering/managed-services/telemetry-gateway-dev.svg b/content/departments/engineering/managed-services/telemetry-gateway-dev.svg new file mode 100644 index 000000000000..88601332f54d --- /dev/null +++ b/content/departments/engineering/managed-services/telemetry-gateway-dev.svg @@ -0,0 +1,101 @@ +Cloud Run ServiceSentryMonitoringCloud TraceApplication Load BalancerExternal IP AddressInternet + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/telemetry-gateway-prod.svg b/content/departments/engineering/managed-services/telemetry-gateway-prod.svg new file mode 100644 index 000000000000..88601332f54d --- /dev/null +++ b/content/departments/engineering/managed-services/telemetry-gateway-prod.svg @@ -0,0 +1,101 @@ +Cloud Run ServiceSentryMonitoringCloud TraceApplication Load BalancerExternal IP AddressInternet + + + + + + + + + \ No newline at end of file diff --git a/content/departments/engineering/managed-services/telemetry-gateway.md b/content/departments/engineering/managed-services/telemetry-gateway.md index 667f88b44d1e..5840083369ef 100644 --- a/content/departments/engineering/managed-services/telemetry-gateway.md +++ b/content/departments/engineering/managed-services/telemetry-gateway.md @@ -3,8 +3,8 @@ This document describes operational guidance for Telemetry Gateway infrastructure. @@ -115,6 +115,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs telemetry-gateway dev ``` +#### dev Architecture Diagram + +![Architecture Diagram](./telemetry-gateway-dev.svg) + #### dev Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/telemetry-gateway/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/telemetry-gateway/service.yaml), and `sg msp generate telemetry-gateway dev` generates the required infrastructure configuration for this environment in Terraform. @@ -179,6 +183,10 @@ You can also use `sg msp` to quickly open a link to your service logs: sg msp logs telemetry-gateway prod ``` +#### prod Architecture Diagram + +![Architecture Diagram](./telemetry-gateway-prod.svg) + #### prod Terraform Cloud This service's configuration is defined in [`sourcegraph/managed-services/services/telemetry-gateway/service.yaml`](https://github.com/sourcegraph/managed-services/blob/main/services/telemetry-gateway/service.yaml), and `sg msp generate telemetry-gateway prod` generates the required infrastructure configuration for this environment in Terraform. @@ -204,7 +212,7 @@ The Terraform Cloud workspaces for this service environment are [grouped under t sg msp tfc view telemetry-gateway prod ``` -### Alert Policies +## Alert Policies The following alert policies are defined for each of this service's environments.