Refs #29144 - Use systemd socket activation #814
Conversation
| } | ||
|
|
||
| systemd::dropin_file { 'foreman-service': | ||
| filename => 'installer.conf', |
There was a problem hiding this comment.
Was curious why we call this installer.conf ?
There was a problem hiding this comment.
We already did this before, but since you can't define systemd::dropin_file twice with 'installer.conf' I had to be explicit. This creates /etc/systemd/system/foreman.service.d/installer.conf and I thought this was the most logical name for it. systemctl cat foreman shows you how it would look like:
# /usr/lib/systemd/system/foreman.service
[Unit]
Description=Foreman
Documentation=https://theforeman.org
After=network.target remote-fs.target nss-lookup.target
Requires=foreman.socket
[Service]
Type=simple
User=foreman
TimeoutSec=300
WorkingDirectory=/usr/share/foreman
ExecStart=/usr/share/foreman/bin/rails server --environment $FOREMAN_ENV --port $FOREMAN_PORT --binding $FOREMAN_BIND
Environment=FOREMAN_ENV=production FOREMAN_PORT=3000 FOREMAN_BIND=0.0.0.0
SyslogIdentifier=foreman
[Install]
WantedBy=multi-user.target
# /etc/systemd/system/foreman.service.d/installer.conf
[Service]
User=foreman
Environment=FOREMAN_ENV=production
Environment=FOREMAN_HOME=/usr/share/foreman
Environment=FOREMAN_BIND=127.0.0.1
Environment=FOREMAN_PORT=3000
Environment=FOREMAN_PUMA_THREADS_MIN=0
Environment=FOREMAN_PUMA_THREADS_MAX=16
Environment=FOREMAN_PUMA_WORKERS=2
ekohl
force-pushed
the
29144-systemd-socket-activation
branch
from
92fe8e5
to
6e2cc5e
Compare
|
I've updated it to reuse |
|
Looks like a linting error |
|
voxpupuli/puppet-lint-unquoted_string-check#4 is the lint issue. |
|
Hrmm, can we work around it for now? |
|
voxpupuli/puppet-lint-unquoted_string-check#9 is the bugfix. Working on releasing a fix for it. |
|
Restarted the failed tests now that the new version is out. |
|
tests fail 💔 |
When using systemd socket activation, it's important that the ListenSocket matches what Puma binds on. Otherwise it may fail. This happens when is configured on [::]:3000 (dual stack) and Puma on 0.0.0.0:3000. Puma will then attempt to bind and fail because the port is already in use. The service bind is now made explicit because systemd's ListenSocket=3000 binds on :: where Puma by default binds on 0.0.0.0:3000. This is IPv4-only, but is what was done prior to this as well. Apache is configured dual stack and the recommended deployment.
ekohl
force-pushed
the
29144-systemd-socket-activation
branch
from
6e2cc5e
to
281f196
Compare
|
I wonder why https://travis-ci.org/github/theforeman/puppet-foreman/builds/666888226 is not in the status checks |
|
Seems Travis might be having a rough time |
|
💚 now |
|
I'm not entirely sure if this is breaking or not. I think it still works on Foreman 2.0 since we don't manage |
The commit bd02fbd reverted commit 0b244f5. theforeman/puppet-foreman#814 fixed the race condition of systemctl start foreman returning immediately before the service was up.
The commit bd02fbd reverted commit 0b244f5. theforeman/puppet-foreman#814 fixed the race condition of systemctl start foreman returning immediately before the service was up.
The commit bd02fbd reverted commit 0b244f5. theforeman/puppet-foreman#814 fixed the race condition of systemctl start foreman returning immediately before the service was up.
The commit bd02fbd reverted commit 0b244f5. theforeman/puppet-foreman#814 fixed the race condition of systemctl start foreman returning immediately before the service was up.
When using systemd socket activation, it's important that the ListenSocket matches what Puma binds on. Otherwise it may fail. This happens when is configured on [::]:3000 (dual stack) and Puma on 0.0.0.0:3000. Puma will then attempt to bind and fail because the port is already in use.
The service bind is now made explicit because systemd's ListenSocket=3000 binds on :: where Puma by default binds on 0.0.0.0:3000. This is IPv4-only, but is what was done prior to this as well. Apache is configured dual stack and the recommended deployment.
Note this depends on theforeman/foreman#7536 and theforeman/foreman-packaging#4894 (deb) / theforeman/foreman-packaging#4895 (rpm).