From 988cb786b77a0148a8bafbac57320f1ba5fa64f6 Mon Sep 17 00:00:00 2001
From: Temur Maisuradze <temur@grena.ge>
Date: Thu, 10 Dec 2020 18:12:18 +0400
Subject: [PATCH] supervisord on entrypoint and filebeat as dupervisord service

---
 roles/build/files/haproxysupervisord.conf   | 44 +++++++++++++++++++++
 roles/build/templates/cortex/Dockerfile.j2  |  5 ---
 roles/build/templates/haproxy/Dockerfile.j2 | 10 ++---
 roles/docker/tasks/haproxy.yml              |  1 -
 roles/haproxy/tasks/main.yml                |  9 ++++-
 5 files changed, 54 insertions(+), 15 deletions(-)
 create mode 100644 roles/build/files/haproxysupervisord.conf

diff --git a/roles/build/files/haproxysupervisord.conf b/roles/build/files/haproxysupervisord.conf
new file mode 100644
index 0000000..2738cf2
--- /dev/null
+++ b/roles/build/files/haproxysupervisord.conf
@@ -0,0 +1,44 @@
+[unix_http_server]
+file=/tmp/supervisor.sock
+
+[supervisord]
+pidfile=/tmp/supervisord.pid
+nodaemon=true
+logfile=/var/log/supervisor/supervisord.log
+logfile_maxbytes=10MB
+logfile_backups=10
+loglevel=info
+childlogdir=/var/log/supervisor/
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///tmp/supervisor.sock
+
+[program:haproxy]
+directory=/root
+user=root
+group=root
+command=/bin/bash -c '/usr/local/sbin/haproxy -f /usr/local/etc/haproxy/haproxy.cfg'
+autostart=false
+autorestart=true
+logfile_maxbytes=10MB
+stdout_logfile_backups = 0
+stderr_logfile_backups = 0
+stderr_logfile = /var/log/supervisor/haproxy_stderr.log
+stdout_logfile = /var/log/supervisor/haproxy_stdout.log
+
+
+[program:filebeat]
+directory=/opt/filebeat
+user=root
+group=root
+command=/bin/bash -c '/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml'
+autostart=false
+autorestart=true
+logfile_maxbytes=10MB
+stdout_logfile_backups = 0
+stderr_logfile_backups = 0
+stderr_logfile = /var/log/supervisor/filebeat_stderr.log
+stdout_logfile = /var/log/supervisor/filebeat_stdout.log
diff --git a/roles/build/templates/cortex/Dockerfile.j2 b/roles/build/templates/cortex/Dockerfile.j2
index 68ac1ed..76c6066 100644
--- a/roles/build/templates/cortex/Dockerfile.j2
+++ b/roles/build/templates/cortex/Dockerfile.j2
@@ -1,9 +1,6 @@
 FROM {{repo}}/openjdk:{{version}}{{suffix}}
 
 USER root
-#COPY thehive.repo /etc/yum.repos.d/thehive.repo
-#COPY supervisord.conf /etc/supervisord.conf
-#COPY start.sh /start.sh
 RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
     echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \
     echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \
@@ -29,5 +26,3 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
 EXPOSE 9001
 COPY cortexsupervisord.conf /etc/supervisord.conf
 ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
-#USER cortex
-# ENTRYPOINT ["/start.sh"]
diff --git a/roles/build/templates/haproxy/Dockerfile.j2 b/roles/build/templates/haproxy/Dockerfile.j2
index d9f84c4..a4d5e94 100644
--- a/roles/build/templates/haproxy/Dockerfile.j2
+++ b/roles/build/templates/haproxy/Dockerfile.j2
@@ -24,6 +24,7 @@ RUN \
   iptables \
   pcre2-devel \
   daemonize \
+  supervisor \
   pth-devel && \
   `# Install newest openssl...` \
   wget -O /tmp/openssl.tgz https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz && \
@@ -62,10 +63,5 @@ RUN \
   && cp -R /usr/src/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors \
   && rm -rf /usr/src/haproxy 
 
-ENTRYPOINT ["/bin/bash"]
-
-# https://www.haproxy.org/download/1.8/doc/management.txt
-# "4. Stopping and restarting HAProxy"
-# "when the SIGTERM signal is sent to the haproxy process, it immediately quits and all established connections are closed"
-# "graceful stop is triggered when the SIGUSR1 signal is sent to the haproxy process"
-STOPSIGNAL SIGUSR1
+COPY haproxysupervisord.conf /etc/supervisord.conf
+ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
diff --git a/roles/docker/tasks/haproxy.yml b/roles/docker/tasks/haproxy.yml
index 155398a..b018076 100644
--- a/roles/docker/tasks/haproxy.yml
+++ b/roles/docker/tasks/haproxy.yml
@@ -19,7 +19,6 @@
       - "6000-6099:6000-6099"
       - "9000:9000"
       - "9001:9001"
-    entrypoint: "/bin/bash"
     interactive: "yes"
   tags:
     - start
diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml
index dc70556..73debe1 100644
--- a/roles/haproxy/tasks/main.yml
+++ b/roles/haproxy/tasks/main.yml
@@ -58,12 +58,17 @@
     - start
 
 - name: Start haproxy
-  shell: "daemonize -c / -p /haproxy.pid /usr/local/sbin/haproxy -f /usr/local/etc/haproxy/haproxy.cfg"
+  shell: "supervisorctl start haproxy"
+  tags:
+    - start
+
+- name: Set Autostart for supervisord's services
+  shell: "sed -i 's/autostart=false/autostart=true/g' /etc/supervisord.conf"
   tags:
     - start
 
 - name: Stop haproxy
-  command: "pkill -SIGTERM -F /haproxy.pid"
+  command: "supervisorctl stop haproxy"
   tags:
     - stop
 
-- 
GitLab