*: decrease frequency of background tasks, smear tasks based on name and fqdn
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2159
This commit is contained in:
parent
1328c3e62c
commit
1a1434bfda
|
@ -1,10 +1,12 @@
|
||||||
"""authentik admin settings"""
|
"""authentik admin settings"""
|
||||||
from celery.schedules import crontab
|
from celery.schedules import crontab
|
||||||
|
|
||||||
|
from authentik.lib.utils.time import fqdn_rand
|
||||||
|
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"admin_latest_version": {
|
"admin_latest_version": {
|
||||||
"task": "authentik.admin.tasks.update_latest_version",
|
"task": "authentik.admin.tasks.update_latest_version",
|
||||||
"schedule": crontab(minute="*/60"), # Run every hour
|
"schedule": crontab(minute=fqdn_rand("admin_latest_version", 60), hour="*"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
"""Crypto task Settings"""
|
"""Crypto task Settings"""
|
||||||
from celery.schedules import crontab
|
from celery.schedules import crontab
|
||||||
|
|
||||||
|
from authentik.lib.utils.time import fqdn_rand
|
||||||
|
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"crypto_certificate_discovery": {
|
"crypto_certificate_discovery": {
|
||||||
"task": "authentik.crypto.tasks.certificate_discovery",
|
"task": "authentik.crypto.tasks.certificate_discovery",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute=fqdn_rand("crypto_certificate_discovery", 60), hour="*"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,10 @@
|
||||||
"""Time utilities"""
|
"""Time utilities"""
|
||||||
import datetime
|
import datetime
|
||||||
|
from hashlib import sha256
|
||||||
|
from random import randrange, seed
|
||||||
|
from socket import getfqdn
|
||||||
|
|
||||||
|
from celery.schedules import crontab
|
||||||
from django.core.exceptions import ValidationError
|
from django.core.exceptions import ValidationError
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
|
|
||||||
|
@ -38,3 +42,12 @@ def timedelta_from_string(expr: str) -> datetime.timedelta:
|
||||||
if len(kwargs) < 1:
|
if len(kwargs) < 1:
|
||||||
raise ValueError("No valid keys to pass to timedelta")
|
raise ValueError("No valid keys to pass to timedelta")
|
||||||
return datetime.timedelta(**kwargs)
|
return datetime.timedelta(**kwargs)
|
||||||
|
|
||||||
|
|
||||||
|
def fqdn_rand(task: str, max: int) -> int:
|
||||||
|
"""Get a random number within max based on the FQDN and task name"""
|
||||||
|
entropy = f"{getfqdn()}:{task}"
|
||||||
|
hasher = sha256()
|
||||||
|
hasher.update(entropy.encode("utf-8"))
|
||||||
|
seed(hasher.hexdigest())
|
||||||
|
return randrange(0, max) # nosec
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
"""managed Settings"""
|
"""managed Settings"""
|
||||||
from celery.schedules import crontab
|
from celery.schedules import crontab
|
||||||
|
|
||||||
|
from authentik.lib.utils.time import fqdn_rand
|
||||||
|
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"managed_reconcile": {
|
"managed_reconcile": {
|
||||||
"task": "authentik.managed.tasks.managed_reconcile",
|
"task": "authentik.managed.tasks.managed_reconcile",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute=fqdn_rand("managed_reconcile", 60), hour="*/4"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,25 +1,27 @@
|
||||||
"""Outposts Settings"""
|
"""Outposts Settings"""
|
||||||
from celery.schedules import crontab
|
from celery.schedules import crontab
|
||||||
|
|
||||||
|
from authentik.lib.utils.time import fqdn_rand
|
||||||
|
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"outposts_controller": {
|
"outposts_controller": {
|
||||||
"task": "authentik.outposts.tasks.outpost_controller_all",
|
"task": "authentik.outposts.tasks.outpost_controller_all",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute=fqdn_rand("outposts_controller", 60), hour="*/4"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
"outposts_service_connection_check": {
|
"outposts_service_connection_check": {
|
||||||
"task": "authentik.outposts.tasks.outpost_service_connection_monitor",
|
"task": "authentik.outposts.tasks.outpost_service_connection_monitor",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute="3-59/15"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
"outpost_token_ensurer": {
|
"outpost_token_ensurer": {
|
||||||
"task": "authentik.outposts.tasks.outpost_token_ensurer",
|
"task": "authentik.outposts.tasks.outpost_token_ensurer",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute=fqdn_rand("outpost_token_ensurer", 60), hour="*/8"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
"outpost_local_connection": {
|
"outpost_local_connection": {
|
||||||
"task": "authentik.outposts.tasks.outpost_local_connection",
|
"task": "authentik.outposts.tasks.outpost_local_connection",
|
||||||
"schedule": crontab(minute="*/60"),
|
"schedule": crontab(minute=fqdn_rand("outpost_local_connection", 60), hour="*/8"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,7 @@ from celery.schedules import crontab
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"policies_reputation_save": {
|
"policies_reputation_save": {
|
||||||
"task": "authentik.policies.reputation.tasks.save_reputation",
|
"task": "authentik.policies.reputation.tasks.save_reputation",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute="1-59/5"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -337,17 +337,12 @@ CELERY_WORKER_MAX_TASKS_PER_CHILD = 50
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"clean_expired_models": {
|
"clean_expired_models": {
|
||||||
"task": "authentik.core.tasks.clean_expired_models",
|
"task": "authentik.core.tasks.clean_expired_models",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute="2-59/5"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
|
||||||
},
|
|
||||||
"db_backup": {
|
|
||||||
"task": "authentik.core.tasks.backup_database",
|
|
||||||
"schedule": crontab(hour="*/24", minute=0),
|
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
"user_cleanup": {
|
"user_cleanup": {
|
||||||
"task": "authentik.core.tasks.clean_temporary_users",
|
"task": "authentik.core.tasks.clean_temporary_users",
|
||||||
"schedule": crontab(minute="*/5"),
|
"schedule": crontab(minute="9-59/5"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
"""LDAP Settings"""
|
"""LDAP Settings"""
|
||||||
from celery.schedules import crontab
|
from celery.schedules import crontab
|
||||||
|
|
||||||
|
from authentik.lib.utils.time import fqdn_rand
|
||||||
|
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"sources_ldap_sync": {
|
"sources_ldap_sync": {
|
||||||
"task": "authentik.sources.ldap.tasks.ldap_sync_all",
|
"task": "authentik.sources.ldap.tasks.ldap_sync_all",
|
||||||
"schedule": crontab(minute="*/120"), # Run every other hour
|
"schedule": crontab(minute=fqdn_rand("sources_ldap_sync", 60), hour="*/2"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
"""Plex source settings"""
|
"""Plex source settings"""
|
||||||
from celery.schedules import crontab
|
from celery.schedules import crontab
|
||||||
|
|
||||||
|
from authentik.lib.utils.time import fqdn_rand
|
||||||
|
|
||||||
CELERY_BEAT_SCHEDULE = {
|
CELERY_BEAT_SCHEDULE = {
|
||||||
"check_plex_token": {
|
"check_plex_token": {
|
||||||
"task": "authentik.sources.plex.tasks.check_plex_token_all",
|
"task": "authentik.sources.plex.tasks.check_plex_token_all",
|
||||||
"schedule": crontab(minute="31", hour="*/3"),
|
"schedule": crontab(minute=fqdn_rand("check_plex_token", 60), hour="*/3"),
|
||||||
"options": {"queue": "authentik_scheduled"},
|
"options": {"queue": "authentik_scheduled"},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue