installation: suite de la mise-au-propre
This commit is contained in:
parent
5e7eb08a12
commit
abeff3a6fa
229
installation.md
229
installation.md
|
@ -135,8 +135,7 @@ Ajoutons aussi les dépôts Entr'ouvert et RabbitMQ par la création de
|
|||
Ajoutons les clés correspondantes :
|
||||
|
||||
wget -O- https://deb.entrouvert.org/entrouvert.gpg | apt-key add -
|
||||
wget -O- https://www.rabbitmq.com/rabbitmq-release-signing-key.asc |
|
||||
apt-key add -
|
||||
wget -O- https://www.rabbitmq.com/rabbitmq-release-signing-key.asc | apt-key add -
|
||||
apt update
|
||||
|
||||
Pricisons les paquets qu'on veut tirer de jessie-backports en éditant
|
||||
|
@ -367,67 +366,41 @@ sensible à la résolution DNS (présence de la machine locale dans
|
|||
|
||||
Vérifier que le service tourne :
|
||||
|
||||
\# service rabbitmq-server status
|
||||
service rabbitmq-server status
|
||||
|
||||
● rabbitmq-server.service - RabbitMQ broker
|
||||
● rabbitmq-server.service - RabbitMQ broker
|
||||
|
||||
Loaded: loaded (/lib/systemd/system/rabbitmq-server.service; enabled)
|
||||
Loaded: loaded (/lib/systemd/system/rabbitmq-server.service; enabled)
|
||||
Active: active (running) since lun. 2017-07-17 10:09:57 CEST; 4 days
|
||||
ago
|
||||
Main PID: 580 (beam.smp)
|
||||
Status: "Initialized"
|
||||
|
||||
Active: active (running) since lun. 2017-07-17 10:09:57 CEST; 4 days
|
||||
ago
|
||||
|
||||
Main PID: 580 (beam.smp)
|
||||
|
||||
Status: "Initialized"
|
||||
|
||||
CGroup: /system.slice/rabbitmq-server.service
|
||||
|
||||
├─ 580 /usr/lib/erlang/erts-6.2/bin/beam.smp -W w -A 64 -P 1048576 -t
|
||||
5000000 -stbt db -zdbbl 32000 -K true -- -root /usr/lib/erlang -progname
|
||||
erl -- -home...
|
||||
|
||||
├─ 897 /usr/lib/erlang/erts-6.2/bin/epmd -daemon
|
||||
|
||||
├─1780 inet\_gethost 4
|
||||
|
||||
└─1781 inet\_gethost 4
|
||||
CGroup: /system.slice/rabbitmq-server.service
|
||||
├─ 580 /usr/lib/erlang/erts-6.2/bin/beam.smp -W w -A 64 -P 1048576 -t
|
||||
5000000 -stbt db -zdbbl 32000 -K true -- -root /usr/lib/erlang -progname
|
||||
erl -- -home...
|
||||
├─ 897 /usr/lib/erlang/erts-6.2/bin/epmd -daemon
|
||||
├─1780 inet\_gethost 4
|
||||
└─1781 inet\_gethost 4
|
||||
|
||||
Et absence d'erreur dans les logs, qui doivent ressembler à :
|
||||
|
||||
\# journalctl -u rabbitmq-server.service
|
||||
$journalctl -u rabbitmq-server.service
|
||||
|
||||
-- Logs begin at lun. 2017-07-17 10:09:46 CEST, end at ven. 2017-07-21
|
||||
19:55:37 CEST. --
|
||||
-- Logs begin at lun. 2017-07-17 10:09:46 CEST, end at ven. 2017-07-21 19:55:37 CEST. --
|
||||
|
||||
juil. 17 10:09:50 web1-preprod systemd\[1\]: Starting RabbitMQ broker...
|
||||
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: RabbitMQ 3.6.10.
|
||||
Copyright (C) 2007-2017 Pivotal Software, Inc.
|
||||
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\# \#\#
|
||||
Licensed under the MPL. See http://www.rabbitmq.com/
|
||||
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\# \#\#
|
||||
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]:
|
||||
\#\#\#\#\#\#\#\#\#\# Logs: /var/log/rabbitmq/rabbit@web1-preprod.log
|
||||
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\#\#\#\#\# \#\#
|
||||
/var/log/rabbitmq/rabbit@web1-preprod-sasl.log
|
||||
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]:
|
||||
\#\#\#\#\#\#\#\#\#\#
|
||||
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: Starting
|
||||
broker...
|
||||
|
||||
juil. 17 10:09:57 web1-preprod rabbitmq-server\[580\]: systemd unit for
|
||||
activation check: "rabbitmq-server.service"
|
||||
|
||||
juil. 17 10:09:57 web1-preprod systemd\[1\]: Started RabbitMQ broker.
|
||||
|
||||
juil. 17 10:09:57 web1-preprod rabbitmq-server\[580\]: completed with 0
|
||||
plugins.
|
||||
juil. 17 10:09:50 web1-preprod systemd\[1\]: Starting RabbitMQ broker...
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: RabbitMQ 3.6.10. Copyright (C) 2007-2017 Pivotal Software, Inc.
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\# \#\# Licensed under the MPL. See http://www.rabbitmq.com/
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\# \#\#
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\#\#\#\#\#\#\#\#\# Logs: /var/log/rabbitmq/rabbit@web1-preprod.log
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\#\#\#\#\# \#\# /var/log/rabbitmq/rabbit@web1-preprod-sasl.log
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: \#\#\#\#\#\#\#\#\#\#
|
||||
juil. 17 10:09:54 web1-preprod rabbitmq-server\[580\]: Starting broker...
|
||||
juil. 17 10:09:57 web1-preprod rabbitmq-server\[580\]: systemd unit for activation check: "rabbitmq-server.service"
|
||||
juil. 17 10:09:57 web1-preprod systemd\[1\]: Started RabbitMQ broker.
|
||||
juil. 17 10:09:57 web1-preprod rabbitmq-server\[580\]: completed with 0 plugins.
|
||||
|
||||
(Note : bien sûr, ce n'est pas un composant créé par Entr'ouvert, c'est
|
||||
<https://www.rabbitmq.com/>)
|
||||
|
@ -440,115 +413,72 @@ donnée :
|
|||
L'accès à la base de données de Combo se décrit dans
|
||||
*/etc/combo/settings.d/\*.py* :
|
||||
|
||||
\# contenu de /etc/combo/settings.d/settings.py
|
||||
# contenu de /etc/combo/settings.d/settings.py
|
||||
|
||||
DATABASES\['default'\]\['NAME'\] = 'combo'
|
||||
|
||||
DATABASES\['default'\]\['USER'\] = 'combo'
|
||||
|
||||
DATABASES\['default'\]\['PASSWORD'\] =
|
||||
'indiquer-ici-le-mot-de-passe-pour-combo'
|
||||
|
||||
DATABASES\['default'\]\['HOST'\] = 'sql-prod'
|
||||
|
||||
DATABASES\['default'\]\['PORT'\] = '5432'
|
||||
DATABASES\['default'\]\['NAME'\] = 'combo'
|
||||
DATABASES\['default'\]\['USER'\] = 'combo'
|
||||
DATABASES\['default'\]\['PASSWORD'\] = 'indiquer-ici-le-mot-de-passe-pour-combo'
|
||||
DATABASES\['default'\]\['HOST'\] = 'sql-prod'
|
||||
DATABASES\['default'\]\['PORT'\] = '5432'
|
||||
|
||||
Toujours dans */etc/combo/settings.d/macollectivite.py*,
|
||||
nous configurons l'envoi des traces d'erreur par l'ajout de ces lignes
|
||||
en fin de fichier :
|
||||
|
||||
ADMINS = (('Admin EO',
|
||||
'admin+prod.macollectivite.combo@entrouvert.com'),)
|
||||
|
||||
EMAIL\_SUBJECT\_PREFIX = '\[prod macollectivite combo\] '
|
||||
|
||||
SERVER\_EMAIL =
|
||||
['admin+prod.](mailto:'admin+prod.maville.combo@entrouvert.com)macollectivite[.combo@entrouvert.com](mailto:'admin+prod.maville.combo@entrouvert.com)'
|
||||
ADMINS = (('Admin EO', 'admin+prod.macollectivite.combo@entrouvert.com'),)
|
||||
EMAIL\_SUBJECT\_PREFIX = '\[prod macollectivite combo\] '
|
||||
SERVER\_EMAIL = ['admin+prod.](mailto:'admin+prod.maville.combo@entrouvert.com)macollectivite[.combo@entrouvert.com](mailto:'admin+prod.maville.combo@entrouvert.com)'
|
||||
|
||||
On installe ensuite le logiciel *combo* en (indiquant qu'il ne faut pas
|
||||
suivre la recommandation d'installer PostgreSQL) :
|
||||
|
||||
\# apt install combo postgresql-
|
||||
apt install combo postgresql-
|
||||
|
||||
Vérification avec *service combo status* :
|
||||
|
||||
\# service combo status -l
|
||||
service combo status -l
|
||||
|
||||
● combo.service - Combo
|
||||
● combo.service - Combo
|
||||
|
||||
Loaded: loaded (/lib/systemd/system/combo.service; enabled)
|
||||
Loaded: loaded (/lib/systemd/system/combo.service; enabled)
|
||||
Drop-In: /etc/systemd/system/combo.service.d
|
||||
└─wait-for-mnt-data.conf
|
||||
Active: active (running) since jeu. 2017-07-20 23:33:44 CEST; 19h ago
|
||||
Main PID: 16324 (gunicorn)
|
||||
|
||||
Drop-In: /etc/systemd/system/combo.service.d
|
||||
|
||||
└─wait-for-mnt-data.conf
|
||||
|
||||
Active: active (running) since jeu. 2017-07-20 23:33:44 CEST; 19h ago
|
||||
|
||||
Main PID: 16324 (gunicorn)
|
||||
|
||||
CGroup: /system.slice/combo.service
|
||||
|
||||
├─16324 /usr/bin/python /usr/bin/gunicorn --bind
|
||||
unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30
|
||||
--name combo combo.wsgi:application
|
||||
|
||||
├─16335 /usr/bin/python /usr/bin/gunicorn --bind
|
||||
unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30
|
||||
--name combo combo.wsgi:application
|
||||
|
||||
├─16336 /usr/bin/python /usr/bin/gunicorn --bind
|
||||
unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30
|
||||
--name combo combo.wsgi:application
|
||||
|
||||
├─16337 /usr/bin/python /usr/bin/gunicorn --bind
|
||||
unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30
|
||||
--name combo combo.wsgi:application
|
||||
|
||||
├─16342 /usr/bin/python /usr/bin/gunicorn --bind
|
||||
unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30
|
||||
--name combo combo.wsgi:application
|
||||
|
||||
└─16347 /usr/bin/python /usr/bin/gunicorn --bind
|
||||
unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30
|
||||
--name combo combo.wsgi:application
|
||||
CGroup: /system.slice/combo.service
|
||||
├─16324 /usr/bin/python /usr/bin/gunicorn --bind unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30 --name combo combo.wsgi:application
|
||||
├─16335 /usr/bin/python /usr/bin/gunicorn --bind unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30 --name combo combo.wsgi:application
|
||||
├─16336 /usr/bin/python /usr/bin/gunicorn --bind unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30
|
||||
├─16337 /usr/bin/python /usr/bin/gunicorn --bind unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30 --name combo combo.wsgi:application
|
||||
├─16342 /usr/bin/python /usr/bin/gunicorn --bind unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30 --name combo combo.wsgi:application
|
||||
└─16347 /usr/bin/python /usr/bin/gunicorn --bind unix:/run/combo/combo.sock --worker-class=sync --workers 5 --timeout=30 --name combo combo.wsgi:application
|
||||
|
||||
### Installation Passerelle
|
||||
|
||||
La procédure est la même que pour Combo
|
||||
|
||||
L'accès à la base de données de Passerelle se décrit dans
|
||||
*/etc/passerelle/settings.d/\*.py* :
|
||||
L'accès à la base de données de Passerelle se décrit dans */etc/passerelle/settings.d/\*.py* :
|
||||
|
||||
\# extrait de /etc/passerelle/settings.d/macollectivite.py
|
||||
# extrait de /etc/passerelle/settings.d/macollectivite.py
|
||||
|
||||
DATABASES\['default'\]\['NAME'\] = 'passerelle'
|
||||
DATABASES\['default'\]\['NAME'\] = 'passerelle'
|
||||
DATABASES\['default'\]\['USER'\] = 'passerelle'
|
||||
DATABASES\['default'\]\['PASSWORD'\] = 'indiquer-ici-le-mot-de-passe-pour-passerelle'
|
||||
DATABASES\['default'\]\['HOST'\] = 'sql-prod'
|
||||
DATABASES\['default'\]\['PORT'\] = '5432'
|
||||
|
||||
DATABASES\['default'\]\['USER'\] = 'passerelle'
|
||||
|
||||
DATABASES\['default'\]\['PASSWORD'\] =
|
||||
'indiquer-ici-le-mot-de-passe-pour-passerelle'
|
||||
|
||||
DATABASES\['default'\]\['HOST'\] = 'sql-prod'
|
||||
|
||||
DATABASES\['default'\]\['PORT'\] = '5432'
|
||||
|
||||
Toujours dans
|
||||
*/etc/passerelle/settings.d/macollectivite.py*,
|
||||
Toujours dans */etc/passerelle/settings.d/macollectivite.py*,
|
||||
configuration pour l'envoi des traces d'erreur par l'ajout de ces lignes
|
||||
en fin de fichier :
|
||||
|
||||
ADMINS = (('Admin EO',
|
||||
'admin+prod.macollectivite.passerelle@entrouvert.com'),)
|
||||
|
||||
EMAIL\_SUBJECT\_PREFIX = '\[prod macollectivite
|
||||
passerelle\] '
|
||||
|
||||
SERVER\_EMAIL =
|
||||
'admin+prod.macollectivite.passerelle@entrouvert.com'
|
||||
ADMINS = (('Admin EO', 'admin+prod.macollectivite.passerelle@entrouvert.com'),)
|
||||
EMAIL\_SUBJECT\_PREFIX = '\[prod macollectivite passerelle\] '
|
||||
SERVER\_EMAIL = 'admin+prod.macollectivite.passerelle@entrouvert.com'
|
||||
|
||||
Nous pouvons ensuite installer le composant :
|
||||
|
||||
\# apt install passerelle postgresql-
|
||||
apt install passerelle postgresql-
|
||||
|
||||
Et vérification avec *service passerelle status* qui doit montrer
|
||||
«active (running)»
|
||||
|
@ -589,36 +519,27 @@ autres composants.
|
|||
|
||||
Installation :
|
||||
|
||||
\# apt install hobo-agent
|
||||
apt install hobo-agent
|
||||
|
||||
Ce démon est piloté par supervisor, ce dernier a parfois du mal à se
|
||||
lancer dès la première installation. On remet donc tout à plat avec :
|
||||
|
||||
\# service supervisor stop
|
||||
|
||||
\# service supervisor start
|
||||
service supervisor stop
|
||||
service supervisor start
|
||||
|
||||
Et on vérifie que hobo-agent est bien lancé par supervisor :
|
||||
|
||||
\# service supervisor status
|
||||
service supervisor status
|
||||
|
||||
● supervisor.service - LSB: Start/stop supervisor
|
||||
● supervisor.service - LSB: Start/stop supervisor
|
||||
|
||||
Loaded: loaded (/etc/init.d/supervisor)
|
||||
Loaded: loaded (/etc/init.d/supervisor)
|
||||
Active: active (running) since lun. 2017-07-17 10:09:52 CEST; 4 days ago
|
||||
CGroup: /system.slice/supervisor.service
|
||||
|
||||
Active: active (running) since lun. 2017-07-17 10:09:52 CEST; 4 days
|
||||
ago
|
||||
|
||||
CGroup: /system.slice/supervisor.service
|
||||
|
||||
├─1065 /usr/bin/python /usr/bin/supervisord -c
|
||||
/etc/supervisor/supervisord.conf
|
||||
|
||||
├─1208 python2.7 /usr/bin/celery worker --hostname=agent.%h
|
||||
--app=hobo.agent.worker --loglevel=INFO --concurrency=1
|
||||
|
||||
└─1494 python2.7 /usr/bin/celery worker --hostname=agent.%h
|
||||
--app=hobo.agent.worker --loglevel=INFO --concurrency=1
|
||||
├─1065 /usr/bin/python /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
|
||||
├─1208 python2.7 /usr/bin/celery worker --hostname=agent.%h --app=hobo.agent.worker --loglevel=INFO --concurrency=1
|
||||
└─1494 python2.7 /usr/bin/celery worker --hostname=agent.%h --app=hobo.agent.worker --loglevel=INFO --concurrency=1
|
||||
|
||||
### Installation Authentic
|
||||
|
||||
|
|
Loading…
Reference in New Issue