Browse Source

Add sponson install config and re-jig deployment settings

develop
Sam Black 4 years ago
parent
commit
303b8b6b78
17 changed files with 219 additions and 70 deletions
  1. +0
    -61
      deployment/nginx.conf
  2. +3
    -6
      deployment/sponson/gunicorn.py
  3. +79
    -0
      deployment/sponson/nginx.conf
  4. +10
    -0
      deployment/sponson/rq_settings.conf
  5. +15
    -0
      deployment/sponson/systemd/vowel-rq_all@.service
  6. +15
    -0
      deployment/sponson/systemd/vowel-rq_high@.service
  7. +15
    -0
      deployment/sponson/systemd/vowel-rq_scheduler.service
  8. +20
    -0
      deployment/sponson/systemd/vowel-runtime.service
  9. +3
    -3
      deployment/vagrant/bootstrap.sh
  10. +0
    -0
      deployment/vagrant/rq_settings.conf
  11. +0
    -0
      deployment/vagrant/systemd/vowel-dev_runtime.service
  12. +0
    -0
      deployment/vagrant/systemd/vowel-rq_all@.service
  13. +0
    -0
      deployment/vagrant/systemd/vowel-rq_high@.service
  14. +0
    -0
      deployment/vagrant/systemd/vowel-rq_scheduler.service
  15. +0
    -0
      deployment/vagrant/systemd/vowel-runtime.service
  16. +0
    -0
      deployment/vagrant/systemd/vowel.slice
  17. +59
    -0
      vowel.yaml

+ 0
- 61
deployment/nginx.conf View File

@ -1,61 +0,0 @@
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream app_server {
server 127.0.0.1:8008 fail_timeout=0;
}
server {
listen 80;
server_name vowel.lapwing.org;
location / {
rewrite ^ https://$server_name$request_uri permanent;
}
}
server {
listen 443 ssl;
server_name vowel.lapwing.org;
client_max_body_size 4G;
access_log /var/log/nginx/vowel_lapwing_org.log;
location /static/ {
root /home/vowel/vowel/vowel;
}
location /favicon.ico {
alias /home/vowel/vowel/vowel/static/favicon.ico;
}
# Consonant please Carol.
location / {
proxy_pass http://app_server;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /socket.io {
proxy_pass http://app_server/socket.io;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}

deployment/gunicorn.py → deployment/sponson/gunicorn.py View File

@ -2,15 +2,12 @@
#
# gunicorn configuration file
# import multiprocessing
# Don't include the PID file path here
# as it is setup in the systemd file.
bind = "127.0.0.1:8008"
# Flask-SocketIO doesn't work with multiple workers
# workers = multiprocessing.cpu_count() * 2 + 1
workers = 1
workers = 2
worker_class = "eventlet"
daemon = False
chdir = "/home/vowel/vowel/"
chdir = "/srv/vowel/"
preload_app = True

+ 79
- 0
deployment/sponson/nginx.conf View File

@ -0,0 +1,79 @@
user nginx;
worker_processes auto;
error_log syslog:server=unix:/dev/log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log syslog:server=unix:/dev/log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
upstream app_server {
server 127.0.0.1:8008 fail_timeout=0;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
server_name vowel.lapwing.org;
client_max_body_size 4G;
location /static/ {
root /srv/vowel/vowel;
}
location /favicon.ico {
alias /srv/vowel/vowel/static/img/favicon.ico;
}
location /socket.io {
proxy_pass http://app_server/socket.io;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
location / {
proxy_pass http://app_server;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}

+ 10
- 0
deployment/sponson/rq_settings.conf View File

@ -0,0 +1,10 @@
# coding=utf8
#
# Python-RQ settings file
# This is referenced in the systemd unit file,
# if you need local overrides,
# copy it to the instance directory
# and edit it there.
RQ_REDIS_URL="redis://redis.sponson.lan:6379/8"
SENTRY_DSN=""

+ 15
- 0
deployment/sponson/systemd/vowel-rq_all@.service View File

@ -0,0 +1,15 @@
[Unit]
Description=Vowel RQ All queues worker
[Service]
User=vowel
Group=vowel
WorkingDirectory=/srv/vowel
EnvironmentFile=/srv/vowel/deployment/sponson/rq_settings.conf
EnvironmentFile=-/srv/vowel/instance/rq_settings.conf
ExecStart=/usr/bin/rqworker -n all_%i high default low
Restart=on-failure
PrivateTmp=true
[Install]
WantedBy=multi-user.target

+ 15
- 0
deployment/sponson/systemd/vowel-rq_high@.service View File

@ -0,0 +1,15 @@
[Unit]
Description=Vowel RQ High queue worker
[Service]
User=vowel
Group=vowel
WorkingDirectory=/srv/vowel
EnvironmentFile=/srv/vowel/deployment/sponson/rq_settings.conf
EnvironmentFile=-/srv/vowel/instance/rq_settings.conf
ExecStart=/usr/bin/rqworker -n high_%i high
Restart=on-failure
PrivateTmp=true
[Install]
WantedBy=multi-user.target

+ 15
- 0
deployment/sponson/systemd/vowel-rq_scheduler.service View File

@ -0,0 +1,15 @@
[Unit]
Description=Vowel RQ scheduler worker
[Service]
User=vowel
Group=vowel
WorkingDirectory=/srv/vowel
EnvironmentFile=/srv/vowel/deployment/sponson/rq_settings.conf
EnvironmentFile=-/srv/vowel/instance/rq_settings.conf
ExecStart=/usr/bin/rqscheduler
Restart=on-failure
PrivateTmp=true
[Install]
WantedBy=multi-user.target

+ 20
- 0
deployment/sponson/systemd/vowel-runtime.service View File

@ -0,0 +1,20 @@
[Unit]
Description=Vowel runtime gunicorn daemon
After=network.target
[Service]
PIDFile=/run/gunicorn/pid
User=vowel
Group=nginx
WorkingDirectory=/srv/vowel
EnvironmentFile=-/srv/vowel/instance/vowel_production.conf
# Define the PID here rather than the config file to keep it all neat.
ExecStart=/usr/bin/gunicorn --pid /run/gunicorn/pid -c /srv/vowel/deployment/sponson/gunicorn.py vowel.wsgi:app
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
Restart=on-failure
PrivateTmp=true
CPUShares=768
[Install]
WantedBy=multi-user.target

+ 3
- 3
deployment/vagrant/bootstrap.sh View File

@ -72,7 +72,7 @@ chown -R vowel:nginx /home/vowel/vowel
echo "Adding deployment configs"
install -v -d -g vowel -o vowel /home/vowel/vowel/deployment
install -v -d -g vowel -o vowel /home/vowel/vowel/instance
install -v -g vowel -o vowel /vagrant/deployment/rq_settings.conf /home/vowel/vowel/deployment/rq_settings.conf
install -v -g vowel -o vowel /vagrant/deployment/vagrant/rq_settings.conf /home/vowel/vowel/deployment/rq_settings.conf
install -v -g vowel -o vowel /vagrant/deployment/vagrant/gunicorn.py /home/vowel/vowel/deployment/gunicorn.py
install -v -g vowel -o vowel /vagrant/deployment/vagrant/config.py /home/vowel/vowel/instance/config.py
install -v -g vowel -o vowel /vagrant/deployment/vagrant/dev_config.py /home/vowel/vowel/instance/dev_config.py
@ -90,9 +90,9 @@ systemd-tmpfiles --create /etc/tmpfiles.d/vowel-gunicorn.conf
# Install systemd files
echo "Installing systemd files"
install -g root -o root /vagrant/deployment/systemd/vowel.slice /etc/systemd/system/vowel.slice
install -g root -o root /vagrant/deployment/vagrant/systemd/vowel.slice /etc/systemd/system/vowel.slice
for sdfile in "rq_all@" "rq_scheduler" "runtime" "dev_runtime"; do
install -g root -o root "/vagrant/deployment/systemd/vowel-${sdfile}.service" "/etc/systemd/system/vowel-${sdfile}.service"
install -g root -o root "/vagrant/deployment/vagrant/systemd/vowel-${sdfile}.service" "/etc/systemd/system/vowel-${sdfile}.service"
done
echo "Reload systemd"

deployment/rq_settings.conf → deployment/vagrant/rq_settings.conf View File


deployment/systemd/vowel-dev_runtime.service → deployment/vagrant/systemd/vowel-dev_runtime.service View File


deployment/systemd/vowel-rq_all@.service → deployment/vagrant/systemd/vowel-rq_all@.service View File


deployment/systemd/vowel-rq_high@.service → deployment/vagrant/systemd/vowel-rq_high@.service View File


deployment/systemd/vowel-rq_scheduler.service → deployment/vagrant/systemd/vowel-rq_scheduler.service View File


deployment/systemd/vowel-runtime.service → deployment/vagrant/systemd/vowel-runtime.service View File


deployment/systemd/vowel.slice → deployment/vagrant/systemd/vowel.slice View File


+ 59
- 0
vowel.yaml View File

@ -0,0 +1,59 @@
image:
name: lapwing.org/fedora23/vowel
version: 0.2.0
srcimage: lapwing.org/fedora23/flask
build:
- copy:
src: ../vowel
dest: /srv/vowel
chmod: 0755
- run:
command: chcon -R -t httpd_sys_content_t /srv/vowel/vowel/static/
- run:
command: adduser -d /srv/vowel -s /bin/nologin -G nginx vowel
fail: False
- run:
command: chown -R vowel:nginx /srv/vowel
- run:
command: pip3 install -r /srv/vowel/requirements.txt
- copy:
src: deployment/sponson/systemd/vowel-rq_scheduler.service
dest: /etc/systemd/system
owner: 0
group: 0
- copy:
src: deployment/sponson/systemd/vowel-rq_all@.service
dest: /etc/systemd/system
owner: 0
group: 0
- copy:
src: deployment/sponson/systemd/vowel-rq_high@.service
dest: /etc/systemd/system
owner: 0
group: 0
- copy:
src: deployment/sponson/systemd/vowel-runtime.service
dest: /etc/systemd/system
owner: 0
group: 0
- copy:
src: deployment/tmpfiles.d/vowel-gunicorn.conf
dest: /etc/tmpfiles.d
owner: 0
group: 0
- copy:
src: deployment/sponson/nginx.conf
dest: /etc/nginx/nginx.conf
systemctl:
enable:
- vowel-runtime
- vowel-rq_scheduler
- vowel-rq_high@1
- vowel-rq_all@1
container:
limits:
ram: 768
maintainer:
name: Sam Black
email: samwwwblack@lapwing.org
url: https://samwwwblack.lapwing.org

Loading…
Cancel
Save