supervisor进程权限管理


异常现象

      supervisor进程权限管理

      541端口不能被启动监听,是因为普通用户只能启动大于1024端口。只有root用户才有权限启动1024以下的端口.

  supervisor修改启动用户

        这样把supervisor进程由普通用户变成root用户启动

        supervisor进程权限管理

supervisor进程权限管理

#Hansight Enterprise supervisor config file.

[unix_http_server]
file=/app/taishi/tmp/supervisor.sock   ; (the path to the socket file)
chown=admin                              ;

[inet_http_server]          ; inet (TCP) server disabled by default
port=*:9001                 ; (ip_address:port specifier, *:port for all iface)
;username=user              ; (default is no username (open server))
;password=123               ; (default is no password (open server)

[supervisord]
logfile=/app/taishi/logs/supervisord.log ; (main log file;default $CWD/supervisord.log)
logfile_maxbytes=50MB        ; (max main logfile bytes b4 rotation;default 50MB)
logfile_backups=10           ; (num of main logfile rotation backups;default 10)
loglevel=info                ; (log level;default info; others: debug,warn,trace)
pidfile=/app/taishi/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
nodaemon=false               ; (start in foreground if true;default false)
user=admin               ; (default is current user, required if root)
minfds=655350                ; (min. avail startup file descriptors;default 1024)
minprocs=655350              ; (min. avail process descriptors;default 200)
;umask=022                   ; (process file creation umask;default 022)
;user=hansight               ; (default is current user, required if root)
;identifier=supervisor       ; (supervisord identifier, default is 'supervisor')
;directory=/tmp              ; (default is not to cd during start)
;nocleanup=true              ; (don't clean up tempfiles at start;default false)
;childlogdir=/tmp            ; ('AUTO' child log dir, default $TEMP)
;environment=KEY="value"     ; (key value pairs to add to environment)
;strip_ansi=false            ; (strip ansi escape codes in logs; def. false)

[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]
serverurl=unix:///app/taishi/tmp/supervisor.sock ; use a unix:// URL  for a unix socket

[include]
files=/app/taishi/etc/supervisord/*.ini

普通用户
supervisor进程权限管理

#Hansight Enterprise supervisor config file.

[unix_http_server]
file=/app/taishi/supervisor.sock   ; (the path to the socket file)
chown=root                              ;

[inet_http_server]          ; inet (TCP) server disabled by default
port=*:9001                 ; (ip_address:port specifier, *:port for all iface)
;username=user              ; (default is no username (open server))
;password=123               ; (default is no password (open server)

[supervisord]
logfile=/app/taishi/logs/supervisord.log ; (main log file;default $CWD/supervisord.log)
logfile_maxbytes=50MB        ; (max main logfile bytes b4 rotation;default 50MB)
logfile_backups=10           ; (num of main logfile rotation backups;default 10)
loglevel=info                ; (log level;default info; others: debug,warn,trace)
pidfile=/app/taishi/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
nodaemon=false               ; (start in foreground if true;default false)
user=root               ; (default is current user, required if root)
minfds=655350                ; (min. avail startup file descriptors;default 1024)
minprocs=655350              ; (min. avail process descriptors;default 200)
;umask=022                   ; (process file creation umask;default 022)
;user=hansight               ; (default is current user, required if root)
;identifier=supervisor       ; (supervisord identifier, default is 'supervisor')
;directory=/tmp              ; (default is not to cd during start)
;nocleanup=true              ; (don't clean up tempfiles at start;default false)
;childlogdir=/tmp            ; ('AUTO' child log dir, default $TEMP)
;environment=KEY="value"     ; (key value pairs to add to environment)
;strip_ansi=false            ; (strip ansi escape codes in logs; def. false)

[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]
serverurl=unix:///app/taishi/supervisor.sock ; use a unix:// URL  for a unix socket

[include]
files=/app/taishi/etc/supervisord/*.ini

root用户

    supervisor进程权限管理

     supervisor直接启动而不传递相关参数就会启动失败

     supervisor进程权限管理

     只有supervisor进程本身由root启动,supervisor管理进程才能用root用户启动

    supervisor进程权限管理

   supervisor进程权限管理

   supervisor进程权限管理

   supervisor重启正常

   supervisor进程权限管理

   其他问题

     supervisor进程权限管理

原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/tech/aiops/280160.html

(0)
上一篇 2022年8月12日 19:12
下一篇 2022年8月12日 19:17

相关推荐

发表回复

登录后才能评论