Re-enable netproxy monitoring + pin sidecar build version (#214)#365
Re-enable netproxy monitoring + pin sidecar build version (#214)#365Svaag wants to merge 1 commit into
Conversation
Part of the x402 Hyrule Network Proxy live rollout (#214). Reverses the temporary monitoring disable from #288 now that the rollout is proceeding, and stamps the deployed binary with its pinned version. - prometheus: restore the two scrape targets #288 removed — the netproxy node_exporter target ([2a0c:b641:b50:2::e0]:9100) in the node-infra job and the hyrule-network-proxy sidecar metrics job ([...:e0]:8451). The existing HyruleNetworkProxyDown tripwire re-activates once the job's up series exists. - role: build the sidecar with -ldflags injecting hyrule_network_proxy_version so /v1/health and startup logs report the deployed SHA (matches the CI build). - docs/network-flows: netproxy is no longer "not live"; scrape targets are enabled and go green once the VM is provisioned and the sidecar applied. Rollout ordering: apply this to mon only AFTER the netproxy VM is reachable and the sidecar is up, otherwise HyruleNetworkProxyDown fires on an absent target. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
PR Reviewer Guide 🔍Here are some key observations to aid the review process:
|
PR Code Suggestions ✨Explore these optional code suggestions:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 203da3ee89
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - "[2a0c:b641:b50:2::b0]:9100" # log | ||
| - "[2a0c:b641:b50:2::c0]:9100" # vault | ||
| - "[2a0c:b641:b50:2::d0]:9100" # ci (privileged runner) | ||
| - "[2a0c:b641:b50:2::e0]:9100" # netproxy |
There was a problem hiding this comment.
Install node_exporter before scraping netproxy
When the rollout follows the documented network-proxy apply path, this target is not guaranteed to come up: ansible/playbooks/network-proxy.yml only runs the hyrule_network_proxy role, and that role's package list installs the sidecar dependencies but not prometheus-node-exporter. Re-enabling this scrape therefore makes NodeExporterDown fire for netproxy unless a separate monitoring apply has already run; either install/enable node_exporter in this rollout or make that prerequisite part of the automated ordering.
Useful? React with 👍 / 👎.
Part of the x402 Hyrule Network Proxy live rollout (#214). Reverses the temporary monitoring disable from #288 and stamps the deployed binary with its pinned version.
Changes
configs/mon/prometheus.yml:node_exporter([2a0c:b641:b50:2::e0]:9100) in thenode-infrajob.hyrule-network-proxysidecar metrics job ([...:e0]:8451).The existing
HyruleNetworkProxyDowntripwire (prometheus-rules/noc-tripwire.yml) re-activates automatically once the job'supseries exists — no rule change needed.hyrule_network_proxyrole now builds with-ldflags "-X …/internal/version.Version={{ hyrule_network_proxy_version }}", so/v1/healthand startup logs report the deployed SHA (matches the sidecar CI build in Finish sidecar polish and wire CI auto-promotion (#214) hyrule-network-proxy#1).docs/network-flows.mdno longer says netproxy is "not live"; scrape targets are enabled and go green once the VM is up.Apply the Prometheus change to
mononly after the netproxy VM is reachable and the sidecar is up (rollout step 5), otherwiseHyruleNetworkProxyDownfires on an absent target.configs/mon/prometheus.ymlis not auto-applied (manualsystemctl reload prometheus/ mon apply per repo convention), so merging this is inert until that step. Recommend merging as part of the live rollout, not ahead of it.Validation
tests/iac: 84 passed, 190 subtests passed.scripts/ci/deploy-preflight.sh --repo-only: pass.ansible-playbook playbooks/network-proxy.yml --syntax-check: pass.prometheus.ymlparses;hyrule-network-proxyjob present (13 jobs total).🤖 Generated with Claude Code