From 4f415fb50076867d2323524fe1b3556d09ce4853 Mon Sep 17 00:00:00 2001 From: bizwings Date: Thu, 25 Jun 2026 17:11:35 +0800 Subject: [PATCH] fix(sidecar-v2): incorporate review feedback - P0/P1 fixes P0 fixes: - Admin API Bearer Token auth middleware - Encryption key missing -> CRITICAL log + sys.exit(1) - Prometheus metrics endpoint (:9191) - requirements.txt + Dockerfile + docker-compose.yml + systemd + nginx P1 fixes: - Dead code removed from _refresh_cooldowns() - Stream detection fixed (text/event-stream only) - Emergency passthrough (10% RPM retry before 503) - Active health probing for backends - SQLite daily backup loop with retention - Chart.js CDN fallback - Key rotation SOP document - JSON log format support - Deploy files: systemd unit + nginx config BIZ-52 review re-entry Co-authored-by: multica-agent --- services/nvidia_sidecar/Dockerfile | 46 ++ services/nvidia_sidecar/dashboard.html | 2 + .../nvidia_sidecar/deploy/SOP-key-rotation.md | 90 ++++ .../deploy/nginx-sidecar-v2.conf | 56 +++ .../nvidia_sidecar/deploy/sidecar-v2.service | 23 + services/nvidia_sidecar/docker-compose.yml | 26 ++ services/nvidia_sidecar/proxy.py | 75 +++- services/nvidia_sidecar/requirements.txt | 7 + services/nvidia_sidecar/server.py | 398 ++++++++++++++---- 9 files changed, 630 insertions(+), 93 deletions(-) create mode 100644 services/nvidia_sidecar/Dockerfile create mode 100644 services/nvidia_sidecar/deploy/SOP-key-rotation.md create mode 100644 services/nvidia_sidecar/deploy/nginx-sidecar-v2.conf create mode 100644 services/nvidia_sidecar/deploy/sidecar-v2.service create mode 100644 services/nvidia_sidecar/docker-compose.yml create mode 100644 services/nvidia_sidecar/requirements.txt diff --git a/services/nvidia_sidecar/Dockerfile b/services/nvidia_sidecar/Dockerfile new file mode 100644 index 0000000..e1b3d5f --- /dev/null +++ b/services/nvidia_sidecar/Dockerfile @@ -0,0 +1,46 @@ +# Sidecar V2 — Multi-Pool Provider Proxy +FROM python:3.12-slim AS builder + +WORKDIR /app + +# Install dependencies +COPY requirements.txt . +RUN pip install --no-cache-dir --upgrade pip && \ + pip install --no-cache-dir -r requirements.txt + +# Copy application code +COPY config.py crypto.py main.py server.py proxy.py router.py \ + pool_manager.py cooldown_manager.py rate_limiter.py __init__.py \ + dashboard.html ./ +COPY storage/ ./storage/ + +# Create data directory +RUN mkdir -p /app/data /app/data/backups + +FROM python:3.12-slim + +WORKDIR /app + +# Copy built artifacts +COPY --from=builder /usr/local/lib/python3.12/site-packages /usr/local/lib/python3.12/site-packages +COPY --from=builder /app /app + +# Environment +ENV SIDECAR_HOST=0.0.0.0 +ENV SIDECAR_PORT=9190 +ENV SIDECAR_METRICS_PORT=9191 +ENV SIDECAR_DB_PATH=/app/data/sidecar_v2.db +ENV SIDECAR_BACKUP_DIR=/app/data/backups +ENV SIDECAR_ENCRYPTION_KEY= +ENV SIDECAR_ADMIN_TOKEN= +ENV LOG_FORMAT=json +ENV PYTHONUNBUFFERED=1 + +EXPOSE 9190 9191 + +VOLUME ["/app/data"] + +HEALTHCHECK --interval=30s --timeout=5s --retries=3 \ + CMD python3 -c "import urllib.request; urllib.request.urlopen('http://localhost:9190/health')" || exit 1 + +ENTRYPOINT ["python3", "main.py"] \ No newline at end of file diff --git a/services/nvidia_sidecar/dashboard.html b/services/nvidia_sidecar/dashboard.html index 410f84a..a426085 100644 --- a/services/nvidia_sidecar/dashboard.html +++ b/services/nvidia_sidecar/dashboard.html @@ -5,6 +5,8 @@ Sidecar V2 — Provider Pool Dashboard + +