From a61fc935f80bbde63c53ae21ee9956f5333185c2 Mon Sep 17 00:00:00 2001 From: Rishabh Singh Date: Wed, 3 May 2023 10:54:50 -0700 Subject: [PATCH] Add option to use 50 percent memory as heap (#23) Signed-off-by: Rishabh Singh (cherry picked from commit d3b12a8774835f1a6fdf41d2ea00b8e9fb7f8b8e) --- README.md | 53 ++++++++++++++++++------------------ lib/infra/infra-stack.ts | 28 ++++++++++++++++++- lib/os-cluster-entrypoint.ts | 6 ++++ 3 files changed, 60 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index c7397c092f9..79d77f5486c 100644 --- a/README.md +++ b/README.md @@ -32,32 +32,33 @@ There are two stacks that get deployed: In order to deploy both the stacks the user needs to provide a set of required and optional parameters listed below: -| Name | Type | Description | -|-----------------------------------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| distVersion (required) | string | The OpenSearch distribution version (released/un-released) the user wants to deploy | -| securityDisabled (required) | boolean | Enable or disable security plugin | -| minDistribution (required) | boolean | Is it the minimal OpenSearch distribution with no security and plugins | -| distributionUrl (required) | string | OpenSearch tar distribution url | -| cpuArch (required) | string | CPU platform for EC2, could be either `x64` or `arm64` | -| singleNodeCluster (required) | boolean | Set `true` for single-node cluster else `false` for multi-node | -| serverAccessType (required) | string | Restrict server access based on ip address (ipv4/ipv6), prefix list and/or security group. See [Restricting Server Access](#restricting-server-access) for more details. | -| restrictServerAccessTo (required) | string | The value for `serverAccessType`, e.g., 10.10.10.10/32, pl-12345, sg-12345. See [Restricting Server Access](#restricting-server-access) for more details. | -| dashboardsUrl (Optional) | string | OpenSearch Dashboards tar distribution url | -| vpcId (Optional) | string | Re-use existing vpc, provide vpc id | -| securityGroupId (Optional) | boolean | Re-use existing security group, provide security group id | -| cidr (Optional) | string | User provided CIDR block for new Vpc, default is `10.0.0.0/16` | -| managerNodeCount (Optional) | integer | Number of cluster manager nodes, default is 3 | -| dataNodeCount (Optional) | integer | Number of data nodes, default is 2 | -| clientNodeCount (Optional) | integer | Number of dedicated client nodes, default is 0 | -| ingestNodeCount (Optional) | integer | Number of dedicated ingest nodes, default is 0 | -| mlNodeCount (Optional) | integer | Number of dedicated machine learning nodes, default is 0 | -| jvmSysProps (Optional) | string | A comma-separated list of key=value pairs that will be added to `jvm.options` as JVM system properties. | -| suffix (Optional) | string | An optional string identifier to be concatenated with infra stack name. | -| region (Optional) | string | User provided aws region | -| account (Optional) | string | User provided aws account | -| dataNodeStorage (Optional) | string | User provided ebs block storage size, defaults to 100Gb | -| mlNodeStorage (Optional) | string | User provided ebs block storage size, defaults to 100Gb | - +| Name | Type | Description | +|-----------------------------------|:--------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| distVersion (required) | string | The OpenSearch distribution version (released/un-released) the user wants to deploy | +| securityDisabled (required) | boolean | Enable or disable security plugin | +| minDistribution (required) | boolean | Is it the minimal OpenSearch distribution with no security and plugins | +| distributionUrl (required) | string | OpenSearch tar distribution url | +| cpuArch (required) | string | CPU platform for EC2, could be either `x64` or `arm64` | +| singleNodeCluster (required) | boolean | Set `true` for single-node cluster else `false` for multi-node | +| serverAccessType (required) | string | Restrict server access based on ip address (ipv4/ipv6), prefix list and/or security group. See [Restricting Server Access](#restricting-server-access) for more details. | +| restrictServerAccessTo (required) | string | The value for `serverAccessType`, e.g., 10.10.10.10/32, pl-12345, sg-12345. See [Restricting Server Access](#restricting-server-access) for more details. | +| dashboardsUrl (Optional) | string | OpenSearch Dashboards tar distribution url | +| vpcId (Optional) | string | Re-use existing vpc, provide vpc id | +| securityGroupId (Optional) | boolean | Re-use existing security group, provide security group id | +| cidr (Optional) | string | User provided CIDR block for new Vpc, default is `10.0.0.0/16` | +| managerNodeCount (Optional) | integer | Number of cluster manager nodes, default is 3 | +| dataNodeCount (Optional) | integer | Number of data nodes, default is 2 | +| clientNodeCount (Optional) | integer | Number of dedicated client nodes, default is 0 | +| ingestNodeCount (Optional) | integer | Number of dedicated ingest nodes, default is 0 | +| mlNodeCount (Optional) | integer | Number of dedicated machine learning nodes, default is 0 | +| jvmSysProps (Optional) | string | A comma-separated list of key=value pairs that will be added to `jvm.options` as JVM system properties. | +| additionalConfig (Optional) | string | Additional opensearch.yml config parameters passed as JSON. e.g., `--context additionalConfig='{"plugins.security.nodes_dn": ["CN=*.example.com, OU=SSL, O=Test, L=Test, C=DE", "CN=node.other.com, OU=SSL, O=Test, L=Test, C=DE"], "plugins.security.nodes_dn_dynamic_config_enabled": false}'` | +| suffix (Optional) | string | An optional string identifier to be concatenated with infra stack name. | +| region (Optional) | string | User provided aws region | +| account (Optional) | string | User provided aws account | +| dataNodeStorage (Optional) | string | User provided ebs block storage size, defaults to 100Gb | +| mlNodeStorage (Optional) | string | User provided ebs block storage size, defaults to 100Gb | +| use50PercentHeap (Optional) | boolean | Boolean flag to use 50% of physical memory as heap. Default is 1GB. e.g., `--context use50PercentHeap=true` | * Before starting this step, ensure that your AWS CLI is correctly configured with access credentials. * Also ensure that you're running these commands in the current directory diff --git a/lib/infra/infra-stack.ts b/lib/infra/infra-stack.ts index 61576198620..3350cae586b 100644 --- a/lib/infra/infra-stack.ts +++ b/lib/infra/infra-stack.ts @@ -53,7 +53,9 @@ export interface infraProps extends StackProps{ readonly mlNodeCount: number, readonly dataNodeStorage: number, readonly mlNodeStorage: number, - readonly jvmSysPropsString?: string + readonly jvmSysPropsString?: string, + readonly additionalConfig?: string, + readonly use50PercentHeap: boolean, } export class InfraStack extends Stack { @@ -467,6 +469,30 @@ export class InfraStack extends Stack { })); } + // Check if JVM Heap Memory is set. Default is 1G in the jvm.options file + // @ts-ignore + if (props.use50PercentHeap) { + cfnInitConfig.push(InitCommand.shellCommand(`set -ex; cd opensearch; + totalMem=\`expr $(free -g | awk '/^Mem:/{print $2}') + 1\`; + heapSizeInGb=\`expr $totalMem / 2\`; + if [ $heapSizeInGb -lt 32 ];then minHeap="-Xms"$heapSizeInGb"g";maxHeap="-Xmx"$heapSizeInGb"g";else minHeap="-Xms32g";maxHeap="-Xmx32g";fi + sed -i -e "s/^-Xms[0-9a-z]*$/$minHeap/g" config/jvm.options; + sed -i -e "s/^-Xmx[0-9a-z]*$/$maxHeap/g" config/jvm.options;`, { + cwd: '/home/ec2-user', + ignoreErrors: false, + })); + } + + // @ts-ignore + if (props.additionalConfig.toString() !== 'undefined') { + // @ts-ignore + cfnInitConfig.push(InitCommand.shellCommand(`set -ex; cd opensearch; echo "${props.additionalConfig}">>config/opensearch.yml`, + { + cwd: '/home/ec2-user', + ignoreErrors: false, + })); + } + // final run command based on whether the distribution type is min or bundle if (props.minDistribution) { // using (stackProps.minDistribution) condition is not working when false value is being sent cfnInitConfig.push(InitCommand.shellCommand('set -ex;cd opensearch; sudo -u ec2-user nohup ./bin/opensearch >> install.log 2>&1 &', diff --git a/lib/os-cluster-entrypoint.ts b/lib/os-cluster-entrypoint.ts index ff831ebb1bc..88bf245cd2c 100644 --- a/lib/os-cluster-entrypoint.ts +++ b/lib/os-cluster-entrypoint.ts @@ -35,6 +35,7 @@ export class OsClusterEntrypoint { let infraStackName: string; let dataNodeStorage: number; let mlNodeStorage: number; + let ymlConfig: string = 'undefined'; const vpcId: string = scope.node.tryGetContext('vpcId'); const securityGroupId = scope.node.tryGetContext('securityGroupId'); @@ -136,6 +137,9 @@ export class OsClusterEntrypoint { const suffix = `${scope.node.tryGetContext('suffix')}`; + const use50heap = `${scope.node.tryGetContext('use50PercentHeap')}`; + const use50PercentHeap = use50heap === 'true'; + const network = new NetworkStack(scope, 'opensearch-network-stack', { cidrBlock: cidrRange, maxAzs: 3, @@ -179,6 +183,8 @@ export class OsClusterEntrypoint { dataNodeStorage, mlNodeStorage, jvmSysPropsString: jvmSysProps, + additionalConfig: ymlConfig, + use50PercentHeap, ...props, });