internal: use config system for workers/threads, document the settings (#3626)
use config system for workers/threads, document the settings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
1583d53e54
commit
b16a3d5697
|
@ -80,3 +80,8 @@ default_token_length: 128
|
||||||
impersonation: true
|
impersonation: true
|
||||||
|
|
||||||
blueprints_dir: /blueprints
|
blueprints_dir: /blueprints
|
||||||
|
|
||||||
|
web:
|
||||||
|
# No default here as it's set dynamically
|
||||||
|
# workers: 2
|
||||||
|
threads: 4
|
||||||
|
|
|
@ -42,7 +42,6 @@ services:
|
||||||
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
|
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
|
||||||
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
|
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
|
||||||
# AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
|
# AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
|
||||||
# WORKERS: 2
|
|
||||||
volumes:
|
volumes:
|
||||||
- ./media:/media
|
- ./media:/media
|
||||||
- ./custom-templates:/templates
|
- ./custom-templates:/templates
|
||||||
|
|
|
@ -87,8 +87,8 @@ if SERVICE_HOST_ENV_NAME in os.environ:
|
||||||
else:
|
else:
|
||||||
default_workers = max(cpu_count() * 0.25, 1) + 1 # Minimum of 2 workers
|
default_workers = max(cpu_count() * 0.25, 1) + 1 # Minimum of 2 workers
|
||||||
|
|
||||||
workers = int(os.environ.get("WORKERS", default_workers))
|
workers = int(CONFIG.y("web.workers", default_workers))
|
||||||
threads = int(os.environ.get("THREADS", 4))
|
threads = int(CONFIG.y("web.threads", 4))
|
||||||
|
|
||||||
# pylint: disable=unused-argument
|
# pylint: disable=unused-argument
|
||||||
def post_fork(server: "Arbiter", worker: DjangoUvicornWorker):
|
def post_fork(server: "Arbiter", worker: DjangoUvicornWorker):
|
||||||
|
|
|
@ -15,6 +15,16 @@ All of these variables can be set to values, but you can also use a URI-like for
|
||||||
- `env://<name>` Loads the value from the environment variable `<name>`. Fallback can be optionally set like `env://<name>?<default>`
|
- `env://<name>` Loads the value from the environment variable `<name>`. Fallback can be optionally set like `env://<name>?<default>`
|
||||||
- `file://<name>` Loads the value from the file `<name>`. Fallback can be optionally set like `file://<name>?<default>`
|
- `file://<name>` Loads the value from the file `<name>`. Fallback can be optionally set like `file://<name>?<default>`
|
||||||
|
|
||||||
|
## Checking settings
|
||||||
|
|
||||||
|
To check if your config has been applied correctly, you can run the following command to output the full config:
|
||||||
|
|
||||||
|
```
|
||||||
|
docker-compose run --rm worker dump_config
|
||||||
|
# Or for kubernetes
|
||||||
|
kubectl exec -it deployment/authentik-worker -c authentik -- ak dump_config
|
||||||
|
```
|
||||||
|
|
||||||
## PostgreSQL Settings
|
## PostgreSQL Settings
|
||||||
|
|
||||||
- `AUTHENTIK_POSTGRESQL__HOST`: Hostname of your PostgreSQL Server
|
- `AUTHENTIK_POSTGRESQL__HOST`: Hostname of your PostgreSQL Server
|
||||||
|
@ -233,12 +243,23 @@ Allows configuration of TLS Cliphers for LDAP connections used by LDAP sources.
|
||||||
|
|
||||||
Defaults to `null`.
|
Defaults to `null`.
|
||||||
|
|
||||||
## Debugging
|
### `AUTHENTIK_WEB__WORKERS`
|
||||||
|
|
||||||
To check if your config has been applied correctly, you can run the following command to output the full config:
|
:::info
|
||||||
|
Requires authentik 2022.9
|
||||||
|
:::
|
||||||
|
|
||||||
```
|
Configure how many gunicorn worker processes should be started (see https://docs.gunicorn.org/en/stable/design.html).
|
||||||
docker-compose run --rm worker dump_config
|
|
||||||
# Or for kubernetes
|
If running in Kubernetes, the default value is set to 2 and should in most cases not be changed, as scaling can be done with multiple pods running the web server.
|
||||||
kubectl exec -it deployment/authentik-worker -c authentik -- ak dump_config
|
Otherwise, authentik will use 1 worker for each 4 CPU cores + 1 as a value below 2 workers is not recommended.
|
||||||
```
|
|
||||||
|
### `AUTHENTIK_WEB__THREADS`
|
||||||
|
|
||||||
|
:::info
|
||||||
|
Requires authentik 2022.9
|
||||||
|
:::
|
||||||
|
|
||||||
|
Configure how many gunicorn threads a worker processes should have (see https://docs.gunicorn.org/en/stable/design.html).
|
||||||
|
|
||||||
|
Defaults to 4.
|
||||||
|
|
|
@ -3,6 +3,10 @@ title: Release 2022.9
|
||||||
slug: "2022.9"
|
slug: "2022.9"
|
||||||
---
|
---
|
||||||
|
|
||||||
|
## Breaking changes
|
||||||
|
|
||||||
|
- `WORKERS` environment variable has been renamed to match other config options, see [Configuration](../installation/configuration#authentik_web__workers)
|
||||||
|
|
||||||
## New features
|
## New features
|
||||||
|
|
||||||
- UI for Duo device Import
|
- UI for Duo device Import
|
||||||
|
|
|
@ -7,6 +7,7 @@ module.exports = {
|
||||||
{
|
{
|
||||||
type: "category",
|
type: "category",
|
||||||
label: "Installation",
|
label: "Installation",
|
||||||
|
collapsed: false,
|
||||||
link: {
|
link: {
|
||||||
type: "generated-index",
|
type: "generated-index",
|
||||||
title: "Installation",
|
title: "Installation",
|
||||||
|
|
Reference in a new issue