The app needs to run a binary (service) with root permission and avoid asking privilege at each start but only at install.
To do so, at first start the app will set-up the service on launchd.
The problem is how to remove that service when the app bundle is deleted ?
Can the launchd service self delete if it detects the app is removed?
EDIT:
The app bundle can be removed even if the service is running and its binary being within the bundle. So far the implementation is that the service will periodically check for the existence of its own path and in case it is no longer valide, it removes itself from launchctl
Related
I built the project to binary file and deployed it to server before. and start it with nohup. But if I updated my code and rebuild my program. I must to kill the process first, then updated the file and start again.
My problem is:
The app must be down with at least few seconds.
I must update file manually (login the server, kill process, replace file, and then start it)
Is there anyway to hot update the program, something like PHP? I just need update my code to server by git (or svn or others way). then the server will rebuild app and graceful restart it.
Usually you run more than one instance of your web application behind a reversed proxy, eg nginx, or any other load balancer. If the few second downtime is an issue for you then you need to have a HA setup anyway. And in such setup you can do a rolling update, where you are replacing instances one by one.
Quick googling will let you find instructions how to do the deployment eg: https://www.digitalocean.com/community/tutorials/how-to-deploy-a-go-web-application-using-nginx-on-ubuntu-18-04
I have a tomcat application which I deploy by placing the new my-project.war file into the /var/lib/tomcat8/webapps/ directory on my server (via scp).
Every time I do this, the new copy is live a few seconds later. The only problem is that it drops all the sessions.
All the documentation I can find tells me that Tomcat should restore the sessions by default. This does seem to be the case when I restart the Tomcat service, but not when I redeploy...
Can anyone tell me whats going on here? I don't fully understand why it works to deploy this way in the first place.
The default session manager - StandardManager saves the sessions in <tomcat-home>/work/<app-name>/SESSIONS.ser. When you stop tomcat, the sessions are serialized into that file. When you start it - they are loaded from it.
But when you re-deploy your applications two things happen:
Tomcat un-deploys the old app and deletes the <tomcat-home>/work/<app-name>/ folder, thus removes the saved sessions
Tomcat deploys the new app and creates a new folder
Or in two words - tomcat deletes the saved sessions on un-deploy. I guess this is because:
the re-deploy is implemented as undeploy -> deploy. I.e. the 'undeploy' step does not know if a new version of the app will be deployed, so it makes sure to properly clean up after itself.
it's better from security perspective
I want to create a user in Heroku and want to give specific permission to this user to certain folder.
I've logged into heroku bash but I'm not able to create a user. It's giving me permission denied error. sudo also not working. I can't install anything in it.
Organisation admin user also not able to create a user.
Heroku will not allow you to do that.
Running heroku run bash is not the same as connecting to an SSH server.
When you build a new version of your application, Heroku will create a new container (much like Docker. It's LXC). Any instance of your application will run that container.
When you run a bash instance, a new instance of that container is created. You are not running on the same server as your app serves requests on.
That means the only moment when disk changes can be performed is at build time. So even if you could create users in a bash instance, those wouldn't be persisted accross instances.
Heroku will not let you create new linux users at build time anyway.
The only solution to access your app's code in a bash session is to run a one-off dyno. If you need to script that, you can use the platform api to boot a new dyno.
As for adding access, you can use the access:add command (also available as an api endpoint).
All users will be able to access all of your code though. You cannot restrict per folder.
My application hang up. Because of that I wanted to delete the application but it's not possible. OpenShift just shows me: "Unable to perform action on app object. Another operation is already running" when I want to delete the application from the web interface.
Unable to perform action on app object. Another operation is already running.
When I check the status of my application then it is unknown. It shows "unknown" for my Tomcat server and also for my database server.
What can I do now to get my app back to live?
It looks like your error is caused by intermittent API failures on OpenShift, so there is nothing that you can do (except you work for OpenShift).
You can check the OpenShift Online Status Page to see whether the API errors are still present. To receive the latest status updates you can also follow OpenShift Operations on Twitter or join this IRC Channel: #openshift on irc.freenode.net.
I think the problem will be resolved quickly.
This may be caused by Tomcat running out of memory. Try rhc app force-stop -a [your_app] in the rhc command line tools. This should kill all running threads in your app even if it's out of memory. Then, if you want to restart the app, use rhc app start.
Source: https://help.openshift.com/hc/en-us/articles/202399040-How-to-restart-an-application-
I have an AMI which has configured with production code setup.I am using Nginx + unicorn as server setup.
The problem I am facing is, whenever traffic goes up I need to boot the instance log in to instance and do a git pull,bundle update and also precompile the assets.Which is time consuming.So I want to avoid all this process.
Now I want to go with a script/process where I can automate whole deployment process, like git pull, bundle update and precompile as soon as I boot a new instance from this AMI.
Is there any best way process to get this done ? Any help would be appreciated.
You can place your code in /etc/rc.local (commands in this file will be executed when server will be loaded).
But the best way is using (capistrano). You need to add require "capistrano/bundler" to your deploy.rb file, and bundle update will be runned automatically. For more information you can read this article: https://semaphoreapp.com/blog/2013/11/26/capistrano-3-upgrade-guide.html
An alternative approach is to deploy your app to a separate EBS volume (you can still mount this inside /var/www/application or wherever it currently is)
After deploying you create an EBS snapshot of this volume. When you create a new instance, you tell ec2 to create a new volume for your instance from the snapshot, so the instance will start with the latest gems/code already installed (I find bundle install can take several minutes). All your startup script needs to do is to mount the volume (or if you have added it to the fstab when you make the ami then you don't even need to do that). I much prefer scaling operations like this to have no dependencies (eg what would you do if github or rubygems have an outage just when you need to deploy)
You can even take this a step further by using amazon's autoscaling service. In a nutshell you create a launch configuration where you specify the ami, instance type, volume snapshots etc. Then you control the group size either manually (through the web console or the api) according to a fixed schedule or based on cloudwatch metrics. Amazon will create or destroy instances as needed, using the information in your launch configuration.