GithubHelp home page GithubHelp logo

minisv's Introduction

minisv (mini supervisor)

Service starter, easy start multiply services (for example in one docker container or using systemd on regular system) with possibility to (gracefull) restart them via http. Gracefull restart is used for services supporting SO_REUSERPORT: new instance will started, waited X seconds to be sure that everything is ok and only then SIGTERM will be send to old one; if old one will not exit in Y time than SIGKILL also sent.

It's also possible to run "one-time" actions like a repository pull one webhook and so on (need to have oneTime setted to true).

In last version it's possible to pass data on standart input of "one-time" tasks (using POST method), for example, for creating configs before adding new tasks.

Possibility to "rotate" logs using HUP signal, using logreload variable in config or rotate command via http. Using logdate it's possible to add current date/time as log file name sufix (using class golang format). This affects only permanent task, not oneTime.

Also is possible to add/remove tasks online via HTTP-requests.

For restarting, sending signals and task add/remove next http schema used:

  • GET http://[addr]:[port]/ (return basic status on all tasks)
  • GET http://[addr]:[port]/[taskname]/[stop|restart|term|hup|kill|run|rotate]
  • POST http://[addr]:[port]/[taskname]/run (run one-time task with data on standart input)
  • POST http://[addr]:[port]/[taskname] (with json description of task as http body)
  • DELETE http://[addr]:[port]/[taskname]

for example:

curl -d '{"command": "/bin/sleep","args": ["1800"],"workdir": "/home"}' -H "Content-Type: application/json" -X 'POST' 'http://127.0.0.1:3443/sleep1800'
curl -i 'http://127.0.0.1:3443/sleep1800/kill'
curl -i 'http://127.0.0.1:3443/sleep1800/restart'
curl -X 'DELETE' 'http://127.0.0.1:3443/sleep3'
curl -i 'http://127.0.0.1:3443/pull/run'
curl -i -X 'POST' -d '@/tmp/image.jpeg' 'http://127.0.0.1:3443/imgsave/run'

Example Dockerfile for use with minisv:

FROM ubuntu:16.04
MAINTAINER somebody@service

RUN apt-get update && apt-get install -y nginx-light redis-server
RUN mkdir -p /var/log/nginx /var/log/minisv /opt

COPY minisv /opt
COPY minisv.json /opt

EXPOSE 80 443 3443 6379
ENTRYPOINT ["/opt/minisv"]

while minisv.json contains

{
    "logdir": "/var/log/minisv",
    "logfileprefix": "container1-",
    "logreopen": "1h",
    "logsuffixdate": "20060102.150405",
    "logdate": "2006/01/02 15:04:05",
    "tasks": {
        "redis": {
            "command": "/usr/bin/redis-server",
            "args": ["--port", "6379"],
            "workdir": "/tmp",
            "wait": 60,
            "restartPause":1,
            "startTime": 10
        },
        "nginx": {
            "command": "/usr/sbin/nginx",
            "args": ["-g", "daemon off;"],
            "wait": 60,
            "restartPause":0,
            "startTime": 3
        },
        "pull": {
            "command": "/usr/bin/git",
            "args": ["pull", "-f"],
            "workdir": "/home/www/example.com",
            "oneTime": true
        }
    },
    "http": {
        "address": "127.0.0.1",
        "port": 3443
    }
}

starting with

docker run -v '/var/log/minisv:/var/log/minisv' 'container1'

using different logfileprefix prevents mixing of logs from different containers

commands description:

  • stop - stop task until restart or run command
  • restart - start after stop OR graceful restart if running (start new instance, wait if not crashed and then terminate old one), not for ontime tasks
  • term - send SIGTERM to process
  • hup - send SIGHUP to process
  • kill - send SIGKILL to process
  • run - run onetime task
  • rotate - close log and reopen (with different name while logsuffixdate is used), not for onetime tasks
  • status - return current process status

HTTPS & Auth

if no user, password and certificate parameters are specified in config minisv will work with plain HTTP and no authentification (suitable for listening on localhost and no access of third people to server).

If user and password (bcrypted hash) specified in http session http-basic auth is on.

"http": {
        "address": "0.0.0.0",
        "port": 3443,
        "user": "admin",
        "password": "$2a$14$ajq8Q7fbtA0QvXpdCq7Jcuy.Rx1h/L4J60Otx.gyNLbAYctGMJ9tK"
    }

For more security it's possible to turn on HTTPS:

"http": {
        "address": "0.0.0.0",
        "port": 3443,
        "user": "admin",
        "password": "$2a$14$ajq8Q7fbtA0QvXpdCq7Jcuy.Rx1h/L4J60Otx.gyNLbAYctGMJ9tK",
        "servercert": "server.crt",
        "serverkey": "server.key"
    }

And as most-secure it's possible to turn on verifing of client certificate:

"http": {
        "address": "0.0.0.0",
        "port": 3443,
        "user": "admin",
        "password": "$2a$14$ajq8Q7fbtA0QvXpdCq7Jcuy.Rx1h/L4J60Otx.gyNLbAYctGMJ9tK",
        "servercert": "server.crt",
        "serverkey": "server.key",
        "clientcert": "client.crt"
    }

and yes, it's true - it's possible combinate https-client-auth with http-basic-auth in the same time and both will be required at once.

Resource limits

it's possible to set global limits (like calling ulimit just before minisv) by setting individual options on limits array like this:

{
    "logdir": "/var/log/minisv",
    "limits": [
        {
            "type": "nofile",
            "cur":  2048,
            "max":  4096
        },
        {
            "type": "nproc",
            "cur":  16384,
            "max":  16384
        }
    ],
    "tasks": {
        ......
    }
}

minisv's People

Contributors

kanocz avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar

minisv's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.