- Change SSL to only be enabled via an environment variable. Nginx will be terminating SSL for the ER.

- Add the missing dependencies to the requirements.txt - Change the builder ports to non-standard locations - Add the /b1/socket and /b1/controller endpoints in nginx, to map to the build manager - Have the build manager start automatically.
2014-11-25 18:08:18 -05:00 · 2014-11-25 18:08:18 -05:00 · 9d675b51ed
commit 9d675b51ed
parent 04fc6d82a5
9 changed files with 45 additions and 6 deletions
--- a/Dockerfile.web
+++ b/Dockerfile.web
@ -48,6 +48,7 @@ ADD conf/init/nginx /etc/service/nginx
 ADD conf/init/diffsworker /etc/service/diffsworker
 ADD conf/init/notificationworker /etc/service/notificationworker
 ADD conf/init/buildlogsarchiver /etc/service/buildlogsarchiver
+ADD conf/init/buildmanager /etc/service/buildmanager

 # Download any external libs.
 RUN mkdir static/fonts static/ldn
--- a/buildman/builder.py
+++ b/buildman/builder.py
@ -26,10 +26,11 @@ def run_build_manager():

  LOGGER.debug('Starting build manager with lifecycle "%s"', build_manager_config[0])
  ssl_context = None
-  if os.path.exists('conf/stack/ssl.cert'):
+  if os.environ.get('SSL_CONFIG'):
    LOGGER.debug('Loading SSL cert and key')
    ssl_context = SSLContext()
-    ssl_context.load_cert_chain('conf/stack/ssl.cert', 'conf/stack/ssl.key')
+    ssl_context.load_cert_chain(os.environ.get('SSL_CONFIG') + '/ssl.cert',
+                                os.environ.get('SSL_CONFIG') + '/ssl.key')

  server = BuilderServer(app.config['SERVER_HOSTNAME'], dockerfile_build_queue, build_logs,
                         user_files, manager_klass)
--- a/buildman/server.py
+++ b/buildman/server.py
@ -21,8 +21,8 @@ TIMEOUT_PERIOD_MINUTES = 20
 JOB_TIMEOUT_SECONDS = 300
 MINIMUM_JOB_EXTENSION = timedelta(minutes=2)

-WEBSOCKET_PORT = 8080
-CONTROLLER_PORT = 8181
+WEBSOCKET_PORT = 8787
+CONTROLLER_PORT = 8686

 class BuildJobResult(object):
  """ Build job result enum """
@ -75,7 +75,8 @@ class BuilderServer(object):
    loop = trollius.get_event_loop()
    trollius.Task(self._initialize(loop, host, ssl))

-    LOGGER.debug('Starting server on port 8080, with controller on port 8181')
+    LOGGER.debug('Starting server on port %s, with controller on port %s', WEBSOCKET_PORT,
+                 CONTROLLER_PORT)
    try:
      loop.run_forever()
    except KeyboardInterrupt:
--- a/conf/http-base.conf
+++ b/conf/http-base.conf
@ -23,3 +23,11 @@ upstream verbs_app_server {
 upstream registry_app_server {
    server unix:/tmp/gunicorn_registry.sock fail_timeout=0;
 }
+
+upstream build_manager_controller_server {
+    server localhost:8686;
+}
+
+upstream build_manager_websocket_server {
+    server localhost:8787;
+}
--- a/conf/init/buildmanager/log/run
+++ b/conf/init/buildmanager/log/run
@ -0,0 +1,2 @@
+#!/bin/sh
+exec svlogd /var/log/buildmanager/
--- a/conf/init/buildmanager/run
+++ b/conf/init/buildmanager/run
@ -0,0 +1,8 @@
+#! /bin/bash
+
+echo 'Starting internal build manager'
+
+cd /
+venv/bin/python -m buildman.builder 2>&1
+
+echo 'Internal build manager exited'
--- a/conf/server-base.conf
+++ b/conf/server-base.conf
@ -24,7 +24,7 @@ location / {
 location /realtime {
    proxy_pass   http://web_app_server;
    proxy_buffering off;
-    proxy_request_buffering off;    
+    proxy_request_buffering off;
 }

 location /v1/ {
@ -59,4 +59,16 @@ location /v1/_ping {
    add_header X-Docker-Registry-Version 0.6.0;
    add_header X-Docker-Registry-Standalone 0;
    return 200 'true';
+}
+
+location ~ ^/b1/controller(/?)(.*) {
+    proxy_pass http://build_manager_controller_server/$2;
+    proxy_read_timeout 2000;
+}
+
+location ~ ^/b1/socket(/?)(.*) {
+    proxy_pass http://build_manager_websocket_server/$2;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
 }
--- a/requirements-nover.txt
+++ b/requirements-nover.txt
@ -1,3 +1,6 @@
+autobahn
+aiowsgi
+trollius
 peewee
 flask
 py-bcrypt
--- a/requirements.txt
+++ b/requirements.txt
@ -17,7 +17,9 @@ SQLAlchemy==0.9.7
 Werkzeug==0.9.6
 git+https://github.com/DevTable/aniso8601-fake.git
 git+https://github.com/DevTable/anunidecode.git
+aiowsgi==0.3
 alembic==0.6.7
+autobahn==0.9.3-3
 backports.ssl-match-hostname==3.4.0.2
 beautifulsoup4==4.3.2
 blinker==1.3
@ -51,6 +53,7 @@ reportlab==2.7
 requests==2.4.3
 six==1.8.0
 stripe==1.19.0
+trollius==1.0.3
 tzlocal==1.1.1
 websocket-client==0.18.0
 wsgiref==0.1.2