From ace5e0d7785525fb515e3f92585376517d263a5d Mon Sep 17 00:00:00 2001 From: SoLetsDev <74216496+SoLetsDev@users.noreply.github.com> Date: Wed, 25 Oct 2023 15:00:45 -0700 Subject: [PATCH 1/2] adding in rate limit annotations to backend.dc.yaml --- tools/openshift/backend.dc.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/openshift/backend.dc.yaml b/tools/openshift/backend.dc.yaml index 3317538c..8a4aa6eb 100644 --- a/tools/openshift/backend.dc.yaml +++ b/tools/openshift/backend.dc.yaml @@ -155,6 +155,10 @@ objects: kind: Route metadata: annotations: + haproxy.router.openshift.io/rate-limit-connections: 'true' + haproxy.router.openshift.io/rate-limit-connections.concurrent-tcp: '10' + haproxy.router.openshift.io/rate-limit-connections.rate-http: '50' + haproxy.router.openshift.io/timeout: 120s openshift.io/host.generated: 'true' labels: app: "${APP_NAME}-${BRANCH}" From 644475a4b7d8f430754bb89c7820fa3edab5f917 Mon Sep 17 00:00:00 2001 From: SoLetsDev <74216496+SoLetsDev@users.noreply.github.com> Date: Thu, 26 Oct 2023 09:36:06 -0700 Subject: [PATCH 2/2] hotfix - increasing CPU and Memory request in Production backend. Reverted change to frontend cpu/memory requirements. Changed logging for printPdf to aid debugging --- .../workflows/deploy-to-openshift-backend-prod.yml | 4 ++-- .../deploy-to-openshift-frontend-prod.yml | 4 ++-- backend/src/components/application.js | 14 +++++++------- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/deploy-to-openshift-backend-prod.yml b/.github/workflows/deploy-to-openshift-backend-prod.yml index 2e7e5694..1970973c 100644 --- a/.github/workflows/deploy-to-openshift-backend-prod.yml +++ b/.github/workflows/deploy-to-openshift-backend-prod.yml @@ -34,9 +34,9 @@ env: MIN_REPLICAS: "3" MAX_REPLICAS: "5" MIN_CPU: "50m" - MAX_CPU: "100m" + MAX_CPU: "250m" MIN_MEM: "200Mi" - MAX_MEM: "250Mi" + MAX_MEM: "700Mi" # SITE_URL should have no scheme or port. It will be prepended with https:// HOST_ROUTE: ${{ secrets.SITE_URL }} CA_CERT: ${{ secrets.CA_CERT }} diff --git a/.github/workflows/deploy-to-openshift-frontend-prod.yml b/.github/workflows/deploy-to-openshift-frontend-prod.yml index e90f20fa..0f592c18 100644 --- a/.github/workflows/deploy-to-openshift-frontend-prod.yml +++ b/.github/workflows/deploy-to-openshift-frontend-prod.yml @@ -33,9 +33,9 @@ env: MIN_REPLICAS: "3" MAX_REPLICAS: "5" MIN_CPU: "50m" - MAX_CPU: "250m" + MAX_CPU: "100m" MIN_MEM: "200Mi" - MAX_MEM: "700Mi" + MAX_MEM: "250Mi" # SITE_URL should have no scheme or port. It will be prepended with https:// HOST_ROUTE: ${{ secrets.SITE_URL }} CA_CERT: ${{ secrets.CA_CERT }} diff --git a/backend/src/components/application.js b/backend/src/components/application.js index 02d1f27b..2dbe8719 100644 --- a/backend/src/components/application.js +++ b/backend/src/components/application.js @@ -434,9 +434,9 @@ async function submitApplication(req, res) { async function printPdf(req, numOfRetries = 0) { let url = `${req.headers.referer}/printable`; - log.verbose('printPdf :: user is',req.session?.passport?.user?.displayName); + log.info('printPdf :: user is',req.session?.passport?.user?.displayName); log.verbose('printPdf :: correlationId is', req.session.correlationID); - log.verbose('printPdf :: applicationId is', req.params.applicationId); + log.info('printPdf :: applicationId is', req.params.applicationId); log.verbose('printPdf :: url path is', url); const browser = await puppeteer.launch({ @@ -451,7 +451,7 @@ async function printPdf(req, numOfRetries = 0) { }); //to debug locally add {headless: false, devtools: true} in options <-make sure they are boolean and not string try { - log.verbose('printPdf :: starting new page'); + log.info('printPdf :: starting new page'); const page = await browser.newPage(); await page.setRequestInterception(true); @@ -463,14 +463,14 @@ async function printPdf(req, numOfRetries = 0) { request.continue({ headers }); }); - log.verbose('printPdf :: starting page load'); + log.info('printPdf :: starting page load'); await page.goto(url, {waitUntil: 'networkidle0'}); await page.waitForSelector('#signatureTextField', {visible: true}); - log.verbose('printPdf :: page loaded starting pdf creation'); + log.info('printPdf :: page loaded starting pdf creation'); const pdfBuffer = await page.pdf({displayHeaderFooter: false, printBackground: true, timeout: 300000, width: 1280}); - log.verbose('printPdf :: pdf buffer created starting compression'); + log.info('printPdf :: pdf buffer created starting compression'); const compressedPdfBuffer = await compress(pdfBuffer, {gsModulePath: process.env.GHOSTSCRIPT_PATH}); //this is set in dockerfile to fix ghostscript error on deploy - log.verbose('printPdf :: compression completed for applicationId', req.params.applicationId); + log.info('printPdf :: compression completed for applicationId', req.params.applicationId); await browser.close(); let payload;