Skip to content

Commit 593d74b

Browse files
author
Yuriy Bezsonov
committed
WIP: refactoring - fix jvm
1 parent 30475c1 commit 593d74b

4 files changed

Lines changed: 99 additions & 54 deletions

File tree

infrastructure/cdk/src/main/java/com/unicorn/UnicornStoreStack.java

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,9 +33,8 @@ public class UnicornStoreStack extends Stack {
3333
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/app.sh"
3434
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/eks.sh"
3535
36-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring.sh"
37-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/thread-dump-lambda/build-and-deploy.sh"
38-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring-jvm.sh"
36+
# sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring.sh"
37+
# sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring-jvm.sh"
3938
""";
4039

4140
private final String buildspec = """

infrastructure/cfn/unicornstore-stack.yaml

Lines changed: 50 additions & 51 deletions
Original file line numberDiff line numberDiff line change
@@ -492,7 +492,7 @@ Resources:
492492
UnicornStoreIdeIdeLogGroup7A5EFA50:
493493
Type: AWS::Logs::LogGroup
494494
Properties:
495-
LogGroupName: unicornstore-ide-bootstrap-log-20250725-203717
495+
LogGroupName: unicornstore-ide-bootstrap-log-20250727-102705
496496
RetentionInDays: 7
497497
UpdateReplacePolicy: Retain
498498
DeletionPolicy: Retain
@@ -907,9 +907,9 @@ Resources:
907907
description: Bootstrap IDE
908908
parameters:
909909
BootstrapScript:
910-
type: String
911-
description: (Optional) Custom bootstrap script to run.
912910
default: ""
911+
description: (Optional) Custom bootstrap script to run.
912+
type: String
913913
mainSteps:
914914
- inputs:
915915
runCommand:
@@ -1174,30 +1174,14 @@ Resources:
11741174
Fn::GetAtt:
11751175
- UnicornStoreIdeIdeRole81A2CEAA
11761176
- Arn
1177-
splashUrl: ""
1178-
instanceIamRoleName:
1179-
Ref: UnicornStoreIdeIdeRole81A2CEAA
1180-
codeServerVersion: 4.101.2
1181-
customBootstrapScript: |
1182-
date
1183-
1184-
echo '=== Clone Git repository ===
1185-
'
1186-
sudo -H -u ec2-user bash -c "git clone https://github.com/aws-samples/java-on-aws ~/java-on-aws/"
1187-
sudo -H -u ec2-user bash -c "cd ~/java-on-aws && git checkout bedrock-tda"
1188-
1189-
echo '=== Setup IDE ===
1190-
'
1191-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/ide.sh"
1192-
1193-
echo '=== Additional Setup ===
1194-
'
1195-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/app.sh"
1196-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/eks.sh"
1197-
1198-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring.sh"
1199-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/thread-dump-lambda/build-and-deploy.sh"
1200-
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring-jvm.sh"
1177+
readmeUrl: ""
1178+
waitConditionHandleUrl:
1179+
Ref: UnicornStoreIdeIdeBootstrapWaitConditionHandle3D9B67F1
1180+
extensions: vscjava.vscode-java-pack,ms-kubernetes-tools.vscode-kubernetes-tools,ms-azuretools.vscode-docker
1181+
domain: ""
1182+
installGitea: echo bootstrapGitea was not provided
1183+
terminalOnStartup: "true"
1184+
environmentContentsZip: ""
12011185
passwordName:
12021186
Fn::Join:
12031187
- "-"
@@ -1237,14 +1221,29 @@ Resources:
12371221
- Fn::Split:
12381222
- ":"
12391223
- Ref: UnicornStoreIdeIdePasswordSecret514252E2
1240-
environmentContentsZip: ""
1241-
terminalOnStartup: "true"
1242-
installGitea: echo bootstrapGitea was not provided
1243-
domain: ""
1244-
extensions: vscjava.vscode-java-pack,ms-kubernetes-tools.vscode-kubernetes-tools,ms-azuretools.vscode-docker
1245-
waitConditionHandleUrl:
1246-
Ref: UnicornStoreIdeIdeBootstrapWaitConditionHandle3D9B67F1
1247-
readmeUrl: ""
1224+
customBootstrapScript: |
1225+
date
1226+
1227+
echo '=== Clone Git repository ===
1228+
'
1229+
sudo -H -u ec2-user bash -c "git clone https://github.com/aws-samples/java-on-aws ~/java-on-aws/"
1230+
sudo -H -u ec2-user bash -c "cd ~/java-on-aws && git checkout bedrock-tda"
1231+
1232+
echo '=== Setup IDE ===
1233+
'
1234+
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/ide.sh"
1235+
1236+
echo '=== Additional Setup ===
1237+
'
1238+
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/app.sh"
1239+
sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/eks.sh"
1240+
1241+
# sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring.sh"
1242+
# sudo -H -i -u ec2-user bash -c "~/java-on-aws/infrastructure/scripts/setup/monitoring-jvm.sh"
1243+
codeServerVersion: 4.101.2
1244+
instanceIamRoleName:
1245+
Ref: UnicornStoreIdeIdeRole81A2CEAA
1246+
splashUrl: ""
12481247
name: IdeBootstrapFunction
12491248
action: aws:runShellScript
12501249
DocumentFormat: YAML
@@ -1384,10 +1383,10 @@ Resources:
13841383
- Arn
13851384
InstanceId:
13861385
Ref: UnicornStoreIdeIdeEC2Instance5F393FC5
1387-
SsmDocument:
1388-
Ref: UnicornStoreIdeIdeBootstrapDocumentE330810B
13891386
LogGroupName:
13901387
Ref: UnicornStoreIdeIdeLogGroup7A5EFA50
1388+
SsmDocument:
1389+
Ref: UnicornStoreIdeIdeBootstrapDocumentE330810B
13911390
UpdateReplacePolicy: Delete
13921391
DeletionPolicy: Delete
13931392
UnicornStoreEksClusterEKSClusterRole0A87A100:
@@ -1748,7 +1747,7 @@ Resources:
17481747
- Ref: AWS::AccountId
17491748
- "-"
17501749
- Ref: AWS::Region
1751-
- "-20250725203718"
1750+
- "-20250727102705"
17521751
PublicAccessBlockConfiguration:
17531752
BlockPublicAcls: true
17541753
BlockPublicPolicy: true
@@ -2381,12 +2380,12 @@ Resources:
23812380
Environment:
23822381
Variables:
23832382
S3_THREAD_DUMPS_PREFIX: thread-dumps/
2384-
EKS_CLUSTER_NAME: unicorn-store
2383+
APP_LABEL: unicorn-store-spring
2384+
KUBERNETES_AUTH_TYPE: aws
2385+
K8S_NAMESPACE: unicorn-store-spring
23852386
S3_BUCKET_NAME:
23862387
Ref: InfrastructureCoreWorkshopBucketB6510E67
2387-
K8S_NAMESPACE: unicorn-store-spring
2388-
KUBERNETES_AUTH_TYPE: aws
2389-
APP_LABEL: unicorn-store-spring
2388+
EKS_CLUSTER_NAME: unicorn-store
23902389
FunctionName: unicornstore-thread-dump-lambda
23912390
Handler: index.lambda_handler
23922391
MemorySize: 512
@@ -2776,6 +2775,9 @@ Resources:
27762775
Fn::GetAtt:
27772776
- UnicornStoreDatabaseSetupDatabaseSetupFunction83636DD9
27782777
- Arn
2778+
SqlStatements: |-
2779+
CREATE TABLE IF NOT EXISTS unicorns(id TEXT DEFAULT gen_random_uuid() PRIMARY KEY, name TEXT, age TEXT, size TEXT, type TEXT);
2780+
CREATE EXTENSION IF NOT EXISTS vector;
27792781
SecretName:
27802782
Fn::Join:
27812783
- "-"
@@ -2806,9 +2808,6 @@ Resources:
28062808
- Fn::Split:
28072809
- ":"
28082810
- Ref: InfrastructureCorepostgresB0D0C6BB
2809-
SqlStatements: |-
2810-
CREATE TABLE IF NOT EXISTS unicorns(id TEXT DEFAULT gen_random_uuid() PRIMARY KEY, name TEXT, age TEXT, size TEXT, type TEXT);
2811-
CREATE EXTENSION IF NOT EXISTS vector;
28122811
DependsOn:
28132812
- InfrastructureCoreUnicornStoreDatabaseF56884BA
28142813
- InfrastructureCoreUnicornStoreDatabaseSubnets55C412B8
@@ -2876,6 +2875,9 @@ Resources:
28762875
- - "{{resolve:secretsmanager:"
28772876
- Ref: InfrastructureCorepostgresB0D0C6BB
28782877
- :SecretString:password::}}
2878+
JAVA_TOOL_OPTIONS: -XX:+TieredCompilation -XX:TieredStopAtLevel=1
2879+
AWS_SERVERLESS_JAVA_CONTAINER_INIT_GRACE_TIME: "500"
2880+
SPRING_DATASOURCE_HIKARI_maximumPoolSize: "1"
28792881
SPRING_DATASOURCE_URL:
28802882
Fn::Join:
28812883
- ""
@@ -2884,9 +2886,6 @@ Resources:
28842886
- InfrastructureCoreUnicornStoreDatabaseF56884BA
28852887
- Endpoint.Address
28862888
- :5432/unicorns
2887-
SPRING_DATASOURCE_HIKARI_maximumPoolSize: "1"
2888-
AWS_SERVERLESS_JAVA_CONTAINER_INIT_GRACE_TIME: "500"
2889-
JAVA_TOOL_OPTIONS: -XX:+TieredCompilation -XX:TieredStopAtLevel=1
28902889
FunctionName: unicorn-store-spring
28912890
Handler: com.unicorn.store.StreamLambdaHandler::handleRequest
28922891
MemorySize: 2048
@@ -3573,12 +3572,12 @@ Resources:
35733572
Description: Build complete
35743573
EventPattern:
35753574
detail:
3576-
project-name:
3577-
- Ref: UnicornStoreCodeBuildCodeBuildProjectAF799FF7
35783575
build-status:
35793576
- SUCCEEDED
35803577
- FAILED
35813578
- STOPPED
3579+
project-name:
3580+
- Ref: UnicornStoreCodeBuildCodeBuildProjectAF799FF7
35823581
detail-type:
35833582
- CodeBuild Build State Change
35843583
source:
@@ -3612,11 +3611,11 @@ Resources:
36123611
- Arn
36133612
ProjectName:
36143613
Ref: UnicornStoreCodeBuildCodeBuildProjectAF799FF7
3615-
ContentHash: fd70d4491df3a6a44292446f6b364c8a
36163614
CodeBuildIamRoleArn:
36173615
Fn::GetAtt:
36183616
- UnicornStoreCodeBuildCodeBuildRoleB9CE0DE7
36193617
- Arn
3618+
ContentHash: fd70d4491df3a6a44292446f6b364c8a
36203619
DependsOn:
36213620
- UnicornStoreCodeBuildBuildCompleteRuleAllowEventRuleunicornstorestackUnicornStoreCodeBuildReportBuildFunction6189FCDE5C03542B
36223621
- UnicornStoreCodeBuildBuildCompleteRule7E287561

infrastructure/scripts/setup/monitoring-jvm.sh

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -279,3 +279,32 @@ fi
279279
ALERT_RESPONSE=$(curl -s -X POST -H "Content-Type: application/json" \
280280
-u "$GRAFANA_USER:$GRAFANA_PASSWORD" \
281281
-d "$ALERT_PAYLOAD" \
282+
"$GRAFANA_URL/api/v1/provisioning/alert-rules")
283+
284+
log "✅ Alert rule created"
285+
286+
# Ensure notification policy routes to our contact point
287+
log "🔧 Configuring notification policy..."
288+
POLICY_PAYLOAD="{
289+
\"receiver\": \"$CONTACT_POINT_NAME\",
290+
\"group_by\": [\"alertname\"],
291+
\"group_wait\": \"30s\",
292+
\"group_interval\": \"5m\",
293+
\"repeat_interval\": \"1h\"
294+
}"
295+
296+
POLICY_RESPONSE=$(curl -s -X PUT -H "Content-Type: application/json" \
297+
-u "$GRAFANA_USER:$GRAFANA_PASSWORD" \
298+
-d "$POLICY_PAYLOAD" \
299+
"$GRAFANA_URL/api/v1/provisioning/policies")
300+
301+
if echo "$POLICY_RESPONSE" | grep -q "policies updated"; then
302+
log "✅ Notification policy configured"
303+
else
304+
log "❌ Notification policy configuration failed:"
305+
echo "$POLICY_RESPONSE"
306+
fi
307+
log "✅ JVM monitoring setup complete"
308+
log "🌍 Grafana: $GRAFANA_URL"
309+
log "📊 Dashboard shows jvm_threads_live_threads from both EKS and ECS"
310+
log "🚨 Alert triggers Lambda thread dump when threads > $THREAD_THRESHOLD, stops when threads < $THREAD_THRESHOLD"

infrastructure/scripts/setup/monitoring.sh

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,24 @@ helm upgrade --install prometheus prometheus-community/prometheus \
6161
--namespace "$NAMESPACE" \
6262
--values "$VALUES_FILE"
6363

64+
# Wait for Prometheus to be ready
65+
log "⏳ Waiting for Prometheus to be ready..."
66+
kubectl wait --for=condition=available --timeout=300s deployment/prometheus-server -n "$NAMESPACE"
67+
68+
# Verify Prometheus is responding
69+
kubectl port-forward -n "$NAMESPACE" svc/prometheus-server 9090:80 &
70+
PF_PID=$!
71+
sleep 5
72+
if curl -s http://localhost:9090/-/healthy > /dev/null 2>&1; then
73+
log "✅ Prometheus is healthy"
74+
else
75+
log "❌ Prometheus health check failed"
76+
kubectl logs -n "$NAMESPACE" deployment/prometheus-server -c prometheus-server --tail=10
77+
kill $PF_PID 2>/dev/null
78+
exit 1
79+
fi
80+
kill $PF_PID 2>/dev/null
81+
6482
# Grafana values
6583
cat > "$GRAFANA_VALUES_FILE" <<EOF
6684
admin:

0 commit comments

Comments
 (0)