__netbox_gunicorn: extract gunicorn setup from __netbox

Because someone *want* to use something other than just gunicorn, it was
extracted to a own type. Because gunicorn is a bit deep in the netbox
installation process, it's a bit harder to isolate it.

`__netbox_uwsgi` will come, too.
This commit is contained in:
matze 2020-08-26 20:01:23 +02:00
parent eaf639790b
commit e0a1b4f663
12 changed files with 168 additions and 16 deletions

View file

@ -35,6 +35,7 @@ rm -r '$install_dir'
cp -r '$src/netbox' '$install_dir'
mkdir '$install_dir/cdist'
cp '$src/requirements.txt' /opt/netbox/ # backup dependency info
cp \$tmpdir/configuration.py '$install_dir/netbox/configuration.py'
cp \$tmpdir/ldap_config.py '$install_dir/netbox/ldap_config.py'
@ -43,7 +44,9 @@ cp \$tmpdir/ldap_config.py '$install_dir/netbox/ldap_config.py'
virtualenv -p python3 /opt/netbox/venv
# Install python dependencies.
/opt/netbox/venv/bin/pip3 install -r "\$tmpdir/$src/requirements.txt"
# avoid gunicorn, because it will be done in an other type
grep -v "^gunicorn==" "\$tmpdir/$src/requirements.txt" \
| xargs /opt/netbox/venv/bin/pip3 install
EOF
if [ -f "$__object/parameter/ldap-server" ]; then
@ -94,8 +97,7 @@ fi
# check for changes
if [ "$changes" = "yes" ]; then
cat << EOF
# Restart services.
service netbox restart
# Restart service.
service netbox-rq restart
EOF
fi

View file

@ -204,13 +204,7 @@ $SECRET_KEY
SECRET
# Upload systemd units and gunicorn configuration.
for unit in netbox netbox-rq; do
__systemd_unit $unit.service \
--source "$__type/files/$unit.service" \
--enablement-state enabled
done
# Python worker configuration.
require="__user/netbox" __file /opt/netbox/gunicorn.py \
--mode 644 --source "$__type/files/gunicorn.py"
# Upload systemd unit for worker service
__systemd_unit netbox-rq.service \
--source "$__type/files/netbox-rq.service" \
--enablement-state enabled

View file

@ -0,0 +1,4 @@
#!/bin/sh -e
# print version if available
/opt/netbox/venv/bin/pip3 show gunicorn | awk '/Version:/{print $2}'

View file

@ -0,0 +1,3 @@
#!/bin/sh -e
awk -v FS="==" '$1 ~ /gunicorn/{print $2}' /opt/netbox/requirements.txt

View file

@ -1,9 +1,23 @@
#!/bin/sh -e
# Generates gunicorn config
# see https://docs.gunicorn.org/en/stable/settings.html
# fix missing $__explorer
# see https://code.ungleich.ch/ungleich-public/cdist/-/issues/834
__explorer="$__global/explorer"
# size workes by cpu
cores="$(cat "$__explorer/cpu_cores")"
cat << EOF
# The IP address (typically localhost) and port that the Netbox WSGI process should listen on
bind = '127.0.0.1:8001'
bind = [$HOST ]
# Number of gunicorn workers to spawn. This should typically be 2n+1, where
# n is the number of CPU cores present.
workers = 3
workers = $(( 2*cores + 1 ))
# Number of threads per worker process
threads = 3
@ -14,3 +28,4 @@ timeout = 120
# The maximum number of requests a worker can handle before being respawned
max_requests = 5000
max_requests_jitter = 500
EOF

View file

@ -1,5 +1,5 @@
[Unit]
Description=NetBox WSGI Service
Description=NetBox Gunicorn WSGI Service
Documentation=https://netbox.readthedocs.io/en/stable/
After=network-online.target
Wants=network-online.target
@ -19,4 +19,5 @@ RestartSec=30
PrivateTmp=true
[Install]
Alias=netbox.service
WantedBy=multi-user.target

View file

@ -0,0 +1,36 @@
#!/bin/sh -e
curr_installed="$(cat "$__object/explorer/installed")"
should_installed="$(cat "$__object/explorer/should_installed")"
# gunicorn version change
if [ "$curr_installed" != "$should_installed" ]; then
# (re)installing gunicorn
echo "/opt/netbox/venv/bin/pip3 install 'gunicorn==$should_installed'"
do_restart=yes
printf "updated %s to %s\n" "$curr_installed" "$should_installed" \
>> "$__messages_out"
fi
# configuration changes
if grep -q "^__file/opt/netbox/gunicorn.py:" "$__messages_in"; then
do_restart=yes
printf "configuration\n" >> "$__messages_out"
fi
# application
if grep -q "^__netbox:" "$__messages_in"; then
do_restart=yes
# no message cause it should be obvious
fi
# restart gunicorn
if [ "$do_restart"]; then
cat << EOF
# Restart service
service gunicorn-netbox restart
EOF
echo restarted >> "$__messages_out"
fi

View file

@ -0,0 +1,75 @@
cdist-type__netbox_uwsgi(7)
===========================
NAME
----
cdist-type__netbox_gunicorn - run netbox with gunicorn
DESCRIPTION
-----------
This space intentionally left blank.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
bind-to
The hosts the gunicorn socket should be bind to. Formats are `IP`,
`IP:PORT`, `unix:PATH` and `fd://FD`. Parameter can be set a multiple
times. Defaults to ``127.0.0.1:8001``.
BOOLEAN PARAMETERS
------------------
None.
MESSAGES
--------
updated $old to $new
The version of the gunicorn software was updated from `$old` to `$new`.
configuration
Configuration for gunicorn changed.
In both cases, and at messages from the `__netbox` type, it restarts the
service to using the up-to-date version.
EXAMPLES
--------
.. code-block:: sh
# simple
__netbox $args
require="__netbox" __netbox_gunicorn
# with arguments
__netbox $args
require="__netbox" __netbox_gunicorn \
--bind-to 0.0.0.0:8001 \
--bind-to 1.2.3.4:5678
SEE ALSO
--------
:strong:`__netbox`\ (7)
AUTHORS
-------
Matthias Stecher <matthiasstecher@gmx.de>
COPYING
-------
Copyright \(C) 2020 Matthias Stecher. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

20
type/__netbox_gunicorn/manifest Executable file
View file

@ -0,0 +1,20 @@
#!/bin/sh -e
HOST=""
while read -r host; do
HOST="$HOST '$host',"
done < "$__object/parameter/bind-to"
export HOST
# process template
mkdir "$__object/files"
"$__type/files/gunicorn.py.sh" > "$__object/files/gunicorn.py"
# gunicorn config file
__file /opt/netbox/gunicorn.py \
--mode 644 --source "$__object/files/gunicorn.py"
# install service file
__systemd_unit gunicorn-netbox.service \
--source "$__type/files/netbox.service" \
--enablement-state enabled --restart

View file

@ -0,0 +1 @@
127.0.0.1:8001

View file

@ -0,0 +1 @@
bind-to

View file