root: add docker-native healthcheck for web and celery

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-10-05 20:45:18 +02:00
parent c47ab4f1fc
commit aee58c8d53
3 changed files with 19 additions and 4 deletions

View file

@ -80,8 +80,12 @@ COPY ./lifecycle/ /lifecycle
COPY --from=builder /work/authentik /authentik-proxy
USER authentik
ENV TMPDIR /dev/shm/
ENV PYTHONUNBUFFERED 1
ENV prometheus_multiproc_dir /dev/shm/
ENV PATH "/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/lifecycle"
HEALTHCHECK --interval=30s --timeout=30s --start-period=60s --retries=3 CMD [ "/lifecycle/ak healthcheck" ]
ENTRYPOINT [ "/lifecycle/ak" ]

View file

@ -59,14 +59,14 @@ class MetricsView(View):
class LiveView(View):
"""View for liveness probe, always returns Http 201"""
"""View for liveness probe, always returns Http 204"""
def dispatch(self, request: HttpRequest) -> HttpResponse:
return HttpResponse(status=201)
return HttpResponse(status=204)
class ReadyView(View):
"""View for readiness probe, always returns Http 201, unless sql or redis is down"""
"""View for readiness probe, always returns Http 204, unless sql or redis is down"""
def dispatch(self, request: HttpRequest) -> HttpResponse:
try:
@ -79,4 +79,4 @@ class ReadyView(View):
redis_conn.ping()
except RedisError:
return HttpResponse(status=503)
return HttpResponse(status=201)
return HttpResponse(status=204)

View file

@ -26,10 +26,14 @@ function check_if_root {
chpst -u authentik:$GROUP env HOME=/authentik $1
}
MODE_FILE="/tmp/authentik-mode"
if [[ "$1" == "server" ]]; then
echo "server" > $MODE_FILE
python -m lifecycle.migrate
/authentik-proxy
elif [[ "$1" == "worker" ]]; then
echo "worker" > $MODE_FILE
check_if_root "celery -A authentik.root.celery worker --autoscale 3,1 -E -B -s /tmp/celerybeat-schedule -Q authentik,authentik_scheduled,authentik_events"
elif [[ "$1" == "backup" ]]; then
python -m manage dbbackup --clean
@ -42,6 +46,13 @@ elif [[ "$1" == "test" ]]; then
touch /unittest.xml
chown authentik:authentik /unittest.xml
check_if_root "python -m manage test authentik"
elif [[ "$1" == "healthcheck" ]]; then
mode=$(cat $MODE_FILE)
if [[ $mode == "server "]]; then
curl --user-agent "authentik Healthcheck" -I http://localhost:9000/-/health/ready/
elif [[ $mode == "worker" ]]; then
celery -A authentik.root.celery inspect ping -d celery@$HOSTNAME
fi
else
python -m manage "$@"
fi