Switch from supervisor to systemd for process mgmt

thegreenwebfoundation · May 8, 2024 · a888b9a · a888b9a
1 parent 74ca2e3
commit a888b9a
Show file tree

Hide file tree

Showing 17 changed files with 136 additions and 189 deletions.
diff --git a/ansible/_add_system_dependencies.yml b/ansible/_add_system_dependencies.yml
@@ -64,7 +64,6 @@
       - python3.11-venv
       - python3.11-dev
       - python-is-python3
-      # - supervisor
     state: present
     update_cache: true
   become: true

diff --git a/ansible/_set_up_process_mgmt.yml b/ansible/_set_up_process_mgmt.yml
@@ -1,7 +1,7 @@
 ---
 # shared steps for provisioning boxes, deploying and controlling
 # how web workers and queue workers are scaled
-- name: Set up script for running workers and gunicorn, via supervisor in project
+- name: Set up script for running workers and web app, via systemd in project
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
@@ -19,10 +19,10 @@
       }
   become: true
   tags:
-    - supervisor
+    - systemd
     - config
 
-- name: Set up supervisor entries for workers and web
+- name: Set up systemd entries for workers and web app
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
@@ -31,14 +31,14 @@
     mode: "0755"
   loop:
     - {
-        src: "supervisor.gunicorn.conf.j2",
-        dest: "/etc/supervisor/conf.d/{{ supervisor_gunicorn_app }}.conf",
+        src: "systemd.web-app.service.j2",
+        dest: "/etc/systemd/system/{{ service_gunicorn_app }}.service",
       }
     - {
-        src: "supervisor.worker.conf.j2",
-        dest: "/etc/supervisor/conf.d/{{ supervisor_worker_job }}.conf",
+        src: "systemd.worker.service.j2",
+        dest: "/etc/systemd/system/{{ service_worker_job }}.service",
       }
   become: true
   tags:
-    - supervisor
+    - systemd
     - config
diff --git a/ansible/deploy-workers.yml b/ansible/deploy-workers.yml
@@ -26,12 +26,11 @@
     # handled in source control, but if the front end will not build in deployment, this
     # is a workaround
     update_front_end_deps: true
-    # For triggering restarts with supervisor
-    supervisor_restart: true
-    supervisor_user: "deploy"
-    supervisor_gunicorn_app: "admin_web"
-    supervisor_worker_job: "admin_worker"
-
+    # For triggering restarts with systemd
+    service_restart: true
+    service_user: "deploy"
+    service_gunicorn_app: "admin_web"
+    service_worker_job: "admin_worker"
 
     # See "dramatiq_threads" and "dramatiq_processes"
     # in the inventory
@@ -53,42 +52,52 @@
 
     - name: Assemble assets and related files
       ansible.builtin.include_tasks: "_assemble_deploy_assets.yml"
-      when:
-        compile_assets is true
+      when: compile_assets is true
 
-    - name: Set up script for running workers and gunicorn, via supervisor
+    - name: Set up script for running workers and gunicorn, via systemd
       ansible.builtin.template:
         src: "{{ item.src }}"
         dest: "{{ item.dest }}"
         owner: deploy
         group: deploy
         mode: "0755"
       loop:
-        - { src: "run_worker.sh.j2", dest: "{{ project_root }}/current/run_worker.sh" }
-        - { src: "run_gunicorn.sh.j2", dest: "{{ project_root }}/current/run_gunicorn.sh" }
+        - {
+            src: "run_worker.sh.j2",
+            dest: "{{ project_root }}/current/run_worker.sh",
+          }
+        - {
+            src: "run_gunicorn.sh.j2",
+            dest: "{{ project_root }}/current/run_gunicorn.sh",
+          }
       become: true
       tags:
-        - supervisor
+        - systemd
 
+- name: Set up systemd entries for workers and web app
+  ansible.builtin.template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    owner: deploy
+    group: deploy
+    mode: "0755"
+  loop:
+    - {
+        src: "systemd.web-app.service.j2",
+        dest: "/etc/systemd/system/{{ service_gunicorn_app }}.service",
+      }
+    - {
+        src: "systemd.worker.service.j2",
+        dest: "/etc/systemd/system/{{ service_worker_job }}.service",
+      }
+  become: true
+  tags:
+    - systemd
+    - config
 
-    - name: Set up supervisor entries for workers and web
-      ansible.builtin.template:
-        src: "{{ item.src }}"
-        dest: "{{ item.dest }}"
-        owner: deploy
-        group: deploy
-        mode: "0755"
-      loop:
-        - { src: "supervisor.gunicorn.conf.j2", dest: "/etc/supervisor/conf.d/{{ tgwf_domain_name }}_web.conf" }
-        - { src: "supervisor.worker.conf.j2", dest: "/etc/supervisor/conf.d/{{ tgwf_domain_name }}_worker.conf" }
-      become: true
-      tags:
-        - supervisor
-
-
-    - name: Trigger restart for worker with supervisor
-      ansible.builtin.supervisorctl:
-        name: "{{ supervisor_worker_job }}:"
-        state: restarted
-      become: true
-      when: supervisor_restart is true
+- name: Trigger restart for worker with systemd
+  ansible.builtin.service:
+    name: "{{ service_worker_job }}:"
+    state: restarted
+  become: true
+  when: service_restart is true
diff --git a/ansible/deploy.yml b/ansible/deploy.yml
@@ -32,8 +32,8 @@
     # create new dotenv file in shared directory (use when adding new env vars)
     update_dotenv: false
 
-    supervisor_restart: true
-    supervisor_user: "deploy"
+    service_restart: true
+    service_user: "deploy"
 
     # flag for deciding to compile assets or not
     # this is the slowest deploy step
@@ -67,19 +67,20 @@
       when: update_dotenv is true
       tags: [dotenv]
 
-    - name: Set up process management with supervisor
+    - name: Set up process management with systemd
       ansible.builtin.include_tasks: "_set_up_process_mgmt.yml"
       tags:
-        - supervisor
+        - systemd
+        - systemd
 
-    - name: Trigger restart for app with supervisor
-      ansible.builtin.supervisorctl:
-        name: "{{ supervisor_gunicorn_app }}"
+    - name: Trigger restart for app with systemd
+      ansible.builtin.service:
+        name: "{{ service_gunicorn_app }}"
         state: restarted
       become: true
-      when: supervisor_restart is true
+      when: service_restart is true
       tags:
-        - supervisor
+        - systemd
 
     - name: Reload nginx
       ansible.builtin.service:

diff --git a/ansible/inventories/prod.yml b/ansible/inventories/prod.yml
@@ -43,9 +43,9 @@ all:
     project_root: "/var/www/{{ tgwf_domain_name }}.thegreenwebfoundation.org"
     project_deploy_branch: "master"
     ansible_user: "deploy"
-    supervisor_user: "deploy"
-    supervisor_gunicorn_app: "web_{{ tgwf_stage }}"
-    supervisor_worker_job: "worker_{{ tgwf_stage }}"
+    service_user: "deploy"
+    service_gunicorn_app: "web_{{ tgwf_stage }}"
+    service_worker_job: "worker_{{ tgwf_stage }}"
     gunicorn_port: 9000
 
   # you can set child groups too

diff --git a/ansible/inventories/staging.yml b/ansible/inventories/staging.yml
@@ -16,8 +16,8 @@ all:
     project_root: "/var/www/{{ tgwf_domain_name }}.thegreenwebfoundation.org"
     project_deploy_branch: "staging"
     ansible_user: "deploy"
-    supervisor_gunicorn_app: "web_{{ tgwf_stage }}"
-    supervisor_worker_job: "worker_{{ tgwf_stage }}"
+    service_gunicorn_app: "web_{{ tgwf_stage }}"
+    service_worker_job: "worker_{{ tgwf_stage }}"
 
   # you can set child groups too
   children:

diff --git a/ansible/scale_processes.yml b/ansible/scale_processes.yml
@@ -14,15 +14,15 @@
     preferred_state: started
 
   tasks:
-    - name: Set up process management with supervisor
+    - name: Set up process management with systemd
       ansible.builtin.include_tasks: "_set_up_process_mgmt.yml"
       tags:
-        - supervisor
+        - systemd
 
-    - name: Update django apps using supervisor
-      ansible.builtin.supervisorctl:
-        name: "{{ supervisor_gunicorn_app }}:"
+    - name: Update django apps using systemd
+      ansible.builtin.service:
+        name: "{{ service_gunicorn_app }}:"
         state: "{{ preferred_state }}"
       become: true
       tags:
-        - supervisor
+        - systemd
diff --git a/ansible/templates/nginx.conf.j2 b/ansible/templates/nginx.conf.j2
diff --git a/ansible/templates/run_gunicorn.sh.j2 b/ansible/templates/run_gunicorn.sh.j2
@@ -1,8 +1,11 @@
-# supervisor can only control processes it started itself.
-# So we need to use exec to replace the parent shell script process
-# that calls gunicorn
-source .venv/bin/activate
-exec dotenv run -- gunicorn greenweb.wsgi \
+#! /usr/bin/bash
+# {{ ansible_managed }}
+# Last run: {{ template_run_date }}
+
+
+# calling `exec` here means that systemd sends a KILL command to gunicorn when stopping or restarting
+# allowing for a graceful shutdown or reboot
+exec {{ project_root }}/current/.venv/bin/gunicorn greenweb.wsgi \
     --bind {{ internal_ip }}:{{ gunicorn_port }} \
     --timeout 300 \
     --config gunicorn.conf.py \

diff --git a/ansible/templates/run_worker.sh.j2 b/ansible/templates/run_worker.sh.j2
@@ -1,8 +1,11 @@
-# supervisor can only control processes it started itself.
-# So we need to use exec to replace the parent shell script process
-# that calls manage.py
-source .venv/bin/activate
-exec dotenv run -- ./manage.py rundramatiq \
+#! /usr/bin/bash
+
+# {{ ansible_managed }}
+# Last run: {{ template_run_date }}
+
+# calling `exec` here means that systemd sends a KILL command to dramatiq when stopping or restarting
+# allowing for a graceful shutdown or reboot
+exec {{ project_root }}/current/.venv/bin/python ./manage.py rundramatiq \
     --threads {{ dramatiq_threads }} \
     --processes {{ dramatiq_processes }} \
     --queues default
diff --git a/ansible/templates/supervisor.gunicorn.conf.j2 b/ansible/templates/supervisor.gunicorn.conf.j2
diff --git a/ansible/templates/supervisor.worker.conf.j2 b/ansible/templates/supervisor.worker.conf.j2