Show More
@@ -1,14 +1,14 b'' | |||
|
1 | 1 | .. _apache-ws-ref: |
|
2 | 2 | |
|
3 | 3 | Apache HTTP Server Configuration |
|
4 | 4 | -------------------------------- |
|
5 | 5 | |
|
6 | 6 | To set up your Apache Web Server for optimal performance and security, use |
|
7 | 7 | the information in the following sections. |
|
8 | 8 | |
|
9 | 9 | .. toctree:: |
|
10 | 10 | |
|
11 | apache-conf-example | |
|
11 | 12 | apache-diffie-hellman |
|
12 | apache-conf-example | |
|
13 | 13 | apache-subdirectory |
|
14 | 14 | apache-wsgi-coding |
@@ -1,143 +1,146 b'' | |||
|
1 | 1 | Nginx Configuration Example |
|
2 | 2 | --------------------------- |
|
3 | 3 | |
|
4 | 4 | Use the following example to configure Nginx as a your web server. |
|
5 | 5 | |
|
6 | 6 | |
|
7 | 7 | .. code-block:: nginx |
|
8 | 8 | |
|
9 | 9 | ## rate limiter for certain pages to prevent brute force attacks |
|
10 |
limit_req_zone $binary_remote_addr zone= |
|
|
10 | limit_req_zone $binary_remote_addr zone=req_limit:10m rate=1r/s; | |
|
11 | 11 | |
|
12 | 12 | ## custom log format |
|
13 | 13 | log_format log_custom '$remote_addr - $remote_user [$time_local] ' |
|
14 | 14 | '"$request" $status $body_bytes_sent ' |
|
15 | 15 | '"$http_referer" "$http_user_agent" ' |
|
16 | 16 | '$request_time $upstream_response_time $pipe'; |
|
17 | 17 | |
|
18 | 18 | ## define upstream (local RhodeCode instance) to connect to |
|
19 | 19 | upstream rc { |
|
20 | 20 | # Url to running RhodeCode instance. |
|
21 | # This is shown as `- URL:` in output from rccontrol status. | |
|
21 | # This is shown as `- URL: <host>` in output from rccontrol status. | |
|
22 | 22 | server 127.0.0.1:10002; |
|
23 | 23 | |
|
24 | 24 | # add more instances for load balancing |
|
25 | 25 | # server 127.0.0.1:10003; |
|
26 | 26 | # server 127.0.0.1:10004; |
|
27 | 27 | } |
|
28 | 28 | |
|
29 | 29 | ## HTTP to HTTPS rewrite |
|
30 | 30 | server { |
|
31 | 31 | listen 80; |
|
32 | 32 | server_name rhodecode.myserver.com; |
|
33 | 33 | |
|
34 | 34 | if ($http_host = rhodecode.myserver.com) { |
|
35 | 35 | rewrite (.*) https://rhodecode.myserver.com$1 permanent; |
|
36 | 36 | } |
|
37 | 37 | } |
|
38 | 38 | |
|
39 | 39 | ## Optional gist alias server, for serving nicer GIST urls. |
|
40 | 40 | server { |
|
41 | 41 | listen 443; |
|
42 | 42 | server_name gist.myserver.com; |
|
43 | 43 | access_log /var/log/nginx/gist.access.log log_custom; |
|
44 | 44 | error_log /var/log/nginx/gist.error.log; |
|
45 | 45 | |
|
46 | 46 | ssl on; |
|
47 | 47 | ssl_certificate gist.rhodecode.myserver.com.crt; |
|
48 | 48 | ssl_certificate_key gist.rhodecode.myserver.com.key; |
|
49 | 49 | |
|
50 | 50 | ssl_session_timeout 5m; |
|
51 | 51 | |
|
52 | 52 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
|
53 | 53 | ssl_prefer_server_ciphers on; |
|
54 | 54 | ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; |
|
55 | 55 | |
|
56 | 56 | # strict http prevents from https -> http downgrade |
|
57 | 57 | add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; |
|
58 | 58 | |
|
59 | 59 | # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits |
|
60 | 60 | #ssl_dhparam /etc/nginx/ssl/dhparam.pem; |
|
61 | 61 | |
|
62 | 62 | rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1; |
|
63 | 63 | rewrite (.*) https://rhodecode.myserver.com/_admin/gists; |
|
64 | 64 | } |
|
65 | 65 | |
|
66 | 66 | |
|
67 | 67 | ## MAIN SSL enabled server |
|
68 | 68 | server { |
|
69 | 69 | listen 443 ssl; |
|
70 | 70 | server_name rhodecode.myserver.com; |
|
71 | 71 | |
|
72 | 72 | access_log /var/log/nginx/rhodecode.access.log log_custom; |
|
73 | 73 | error_log /var/log/nginx/rhodecode.error.log; |
|
74 | 74 | |
|
75 | 75 | ssl on; |
|
76 | 76 | ssl_certificate rhodecode.myserver.com.crt; |
|
77 | 77 | ssl_certificate_key rhodecode.myserver.com.key; |
|
78 | 78 | |
|
79 | 79 | ssl_session_timeout 5m; |
|
80 | 80 | |
|
81 | 81 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
|
82 | 82 | ssl_prefer_server_ciphers on; |
|
83 | 83 | ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; |
|
84 | 84 | |
|
85 | 85 | # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits |
|
86 | 86 | #ssl_dhparam /etc/nginx/ssl/dhparam.pem; |
|
87 | 87 | |
|
88 | # example of proxy.conf can be found in our docs. | |
|
88 | 89 | include /etc/nginx/proxy.conf; |
|
89 | 90 | |
|
90 | ## serve static files by Nginx, recommended for performance | |
|
91 | ## uncomment to serve static files by Nginx, recommended for performance | |
|
91 | 92 | # location /_static/rhodecode { |
|
92 | 93 | # gzip on; |
|
93 | 94 | # gzip_min_length 500; |
|
94 | 95 | # gzip_proxied any; |
|
95 | 96 | # gzip_comp_level 4; |
|
96 | 97 | # gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/json application/xml application/rss+xml font/truetype font/opentype application/vnd.ms-fontobject image/svg+xml; |
|
97 | 98 | # gzip_vary on; |
|
98 | 99 | # gzip_disable "msie6"; |
|
100 | # alias /path/to/.rccontrol/community-1/static; | |
|
99 | 101 | # alias /path/to/.rccontrol/enterprise-1/static; |
|
100 | 102 | # } |
|
101 | 103 | |
|
102 | 104 | ## channelstream websocket handling |
|
103 | 105 | location /_channelstream { |
|
104 | 106 | rewrite /_channelstream/(.*) /$1 break; |
|
105 | 107 | |
|
106 | 108 | proxy_pass http://127.0.0.1:9800; |
|
107 | 109 | |
|
108 | 110 | proxy_connect_timeout 10; |
|
109 | 111 | proxy_send_timeout 10m; |
|
110 | 112 | proxy_read_timeout 10m; |
|
111 | 113 | tcp_nodelay off; |
|
112 | 114 | proxy_set_header Host $host; |
|
113 | 115 | proxy_set_header X-Real-IP $remote_addr; |
|
114 | 116 | proxy_set_header X-Url-Scheme $scheme; |
|
115 | 117 | proxy_set_header X-Forwarded-Proto $scheme; |
|
116 | 118 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
117 | 119 | gzip off; |
|
118 | 120 | proxy_http_version 1.1; |
|
119 | 121 | proxy_set_header Upgrade $http_upgrade; |
|
120 | 122 | proxy_set_header Connection "upgrade"; |
|
121 | 123 | } |
|
122 | 124 | |
|
125 | ## rate limit this endpoint to prevent login page brute-force attacks | |
|
123 | 126 | location /_admin/login { |
|
124 | ## rate limit this endpoint | |
|
125 | limit_req zone=dl_limit burst=10 nodelay; | |
|
127 | limit_req zone=req_limit burst=10 nodelay; | |
|
126 | 128 | try_files $uri @rhode; |
|
127 | 129 | } |
|
128 | 130 | |
|
129 | 131 | location / { |
|
130 | 132 | try_files $uri @rhode; |
|
131 | 133 | } |
|
132 | 134 | |
|
133 | 135 | location @rhode { |
|
134 | 136 | proxy_pass http://rc; |
|
135 | 137 | } |
|
136 | 138 | |
|
137 | 139 | ## custom 502 error page. Will be displayed while RhodeCode server |
|
138 | 140 | ## is turned off |
|
139 | 141 | error_page 502 /502.html; |
|
140 | 142 | location = /502.html { |
|
143 | #root /path/to/.rccontrol/community-1/static; | |
|
141 | 144 | root /path/to/.rccontrol/enterprise-1/static; |
|
142 | 145 | } |
|
143 | 146 | } No newline at end of file |
@@ -1,14 +1,14 b'' | |||
|
1 | 1 | .. _nginx-ws-ref: |
|
2 | 2 | |
|
3 | 3 | Nginx HTTP Server Configuration |
|
4 | 4 | ------------------------------- |
|
5 | 5 | |
|
6 | 6 | To set up your Nginx Web Server for optimal performance and security, use |
|
7 | 7 | the information in the following sections. |
|
8 | 8 | |
|
9 | 9 | .. toctree:: |
|
10 | 10 | |
|
11 | nginx-config-example | |
|
11 | 12 | nginx-diffie-hellman |
|
12 |
nginx-conf |
|
|
13 | nginx-tuning | |
|
13 | nginx-proxy-conf | |
|
14 | 14 | nginx-url-prefix |
@@ -1,33 +1,34 b'' | |||
|
1 |
.. _nginx- |
|
|
1 | .. _nginx-proxy-conf: | |
|
2 | 2 | |
|
3 |
Nginx |
|
|
4 | ------------ | |
|
3 | Nginx Proxy Config | |
|
4 | ------------------ | |
|
5 | ||
|
5 | 6 | |
|
6 | 7 | Set the following properties in your ``/etc/nginx/proxy.conf`` so it does not |
|
7 | 8 | timeout during large pushes. |
|
8 | 9 | |
|
9 | 10 | .. code-block:: nginx |
|
10 | 11 | |
|
11 | 12 | proxy_redirect off; |
|
12 | 13 | proxy_set_header Host $http_host; |
|
13 | 14 | |
|
14 | 15 | ## needed for container auth |
|
15 | 16 | # proxy_set_header REMOTE_USER $remote_user; |
|
16 | 17 | # proxy_set_header X-Forwarded-User $remote_user; |
|
17 | 18 | |
|
18 | 19 | proxy_set_header X-Url-Scheme $scheme; |
|
19 | 20 | proxy_set_header X-Host $http_host; |
|
20 | 21 | proxy_set_header X-Real-IP $remote_addr; |
|
21 | 22 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
22 | 23 | proxy_set_header Proxy-host $proxy_host; |
|
23 | 24 | proxy_buffering off; |
|
24 | 25 | proxy_connect_timeout 7200; |
|
25 | 26 | proxy_send_timeout 7200; |
|
26 | 27 | proxy_read_timeout 7200; |
|
27 | 28 | proxy_buffers 8 32k; |
|
28 | 29 | # Set this to a larger number if you experience timeouts |
|
29 | 30 | client_max_body_size 1024m; |
|
30 | 31 | client_body_buffer_size 128k; |
|
31 | 32 | large_client_header_buffers 8 64k; |
|
32 | 33 | add_header X-Frame-Options SAMEORIGIN; |
|
33 | 34 | add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; |
@@ -1,14 +1,14 b'' | |||
|
1 | 1 | .. _hg-lrg-loc: |
|
2 | 2 | |
|
3 |
|
|
|
4 |
------------------------- |
|
|
3 | |hg| Large Files Location | |
|
4 | ------------------------- | |
|
5 | 5 | |
|
6 | 6 | |RCE| manages |hg| larges files from the following default location |
|
7 | 7 | :file:`/home/{user}/repos/.cache/largefiles`. If you wish to change this, use |
|
8 | 8 | the following steps: |
|
9 | 9 | |
|
10 | 10 | 1. Open :menuselection:`Admin --> Settings --> VCS` as super-admin. |
|
11 | 11 | |
|
12 | 12 | In section called `Mercurial Settings` you can change where the largefiles |
|
13 | 13 | objects should be stored. |
|
14 | 14 |
@@ -1,14 +1,14 b'' | |||
|
1 | 1 | .. _git-lfs-loc: |
|
2 | 2 | |
|
3 |
|
|
|
4 |
-------------------------- |
|
|
3 | |git| LFS storage Location | |
|
4 | -------------------------- | |
|
5 | 5 | |
|
6 | 6 | |RCE| manages |git| LFS files from the following default location |
|
7 | 7 | :file:`/home/{user}/repos/.cache/lfs_store`. If you wish to change this, use |
|
8 | 8 | the following steps: |
|
9 | 9 | |
|
10 | 10 | 1. Open :menuselection:`Admin --> Settings --> VCS` as super-admin. |
|
11 | 11 | |
|
12 | 12 | In section called `Git Settings` you can change where the LFS |
|
13 | 13 | objects should be stored. |
|
14 | 14 |
@@ -1,124 +1,126 b'' | |||
|
1 | 1 | .. _increase-gunicorn: |
|
2 | 2 | |
|
3 |
|
|
|
4 | ------------------------- | |
|
3 | Configure Gunicorn Workers | |
|
4 | -------------------------- | |
|
5 | 5 | |
|
6 | 6 | |
|
7 | |RCE| comes with `Gunicorn`_ packaged in its Nix environment. | |
|
8 | Gunicorn is a Python WSGI HTTP Server for UNIX. | |
|
7 | |RCE| comes with `Gunicorn`_ which is a Python WSGI HTTP Server for UNIX. | |
|
9 | 8 | |
|
10 | 9 | To improve |RCE| performance you can increase the number of `Gunicorn`_ workers. |
|
11 | This allows to handle more connections concurently, and provide better | |
|
10 | This allows to handle more connections concurrently, and provide better | |
|
12 | 11 | responsiveness and performance. |
|
13 | 12 | |
|
14 | 13 | By default during installation |RCC| tries to detect how many CPUs are |
|
15 | 14 | available in the system, and set the number workers based on that information. |
|
16 | 15 | However sometimes it's better to manually set the number of workers. |
|
17 | 16 | |
|
18 | 17 | To do this, use the following steps: |
|
19 | 18 | |
|
20 | 19 | 1. Open the :file:`home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file. |
|
21 |
2. In the ``[server:main]`` section, |
|
|
22 | ``workers`` using the following formula :math:`(2 * Cores) + 1`. | |
|
20 | 2. In the ``[server:main]`` section, change the number of Gunicorn | |
|
21 | ``workers`` using the following default formula :math:`(2 * Cores) + 1`. | |
|
22 | We however not recommend using more than 8-12 workers per server. It's better | |
|
23 | to start using the :ref:`scale-horizontal-cluster` in case that performance | |
|
24 | with 8-12 workers is not enough. | |
|
23 | 25 | |
|
24 | 26 | .. code-block:: ini |
|
25 | 27 | |
|
26 | 28 | use = egg:gunicorn#main |
|
27 | 29 | ## Sets the number of process workers. You must set `instance_id = *` |
|
28 | 30 | ## when this option is set to more than one worker, recommended |
|
29 | 31 | ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers |
|
30 | 32 | ## The `instance_id = *` must be set in the [app:main] section below |
|
31 | 33 | workers = 4 |
|
32 | 34 | ## process name |
|
33 | 35 | proc_name = rhodecode |
|
34 | 36 | ## type of worker class, one of sync, gevent |
|
35 | 37 | ## recommended for bigger setup is using of of other than sync one |
|
36 | 38 | worker_class = sync |
|
37 | 39 | ## The maximum number of simultaneous clients. Valid only for Gevent |
|
38 | 40 | #worker_connections = 10 |
|
39 | 41 | ## max number of requests that worker will handle before being gracefully |
|
40 | 42 | ## restarted, could prevent memory leaks |
|
41 | 43 | max_requests = 1000 |
|
42 | 44 | max_requests_jitter = 30 |
|
43 | 45 | ## amount of time a worker can spend with handling a request before it |
|
44 | 46 | ## gets killed and restarted. Set to 6hrs |
|
45 | 47 | timeout = 21600 |
|
46 | 48 | |
|
47 | 49 | 3. In the ``[app:main]`` section, set the ``instance_id`` property to ``*``. |
|
48 | 50 | |
|
49 | 51 | .. code-block:: ini |
|
50 | 52 | |
|
51 | 53 | # In the [app:main] section |
|
52 | 54 | [app:main] |
|
53 | 55 | # You must set `instance_id = *` |
|
54 | 56 | instance_id = * |
|
55 | 57 | |
|
56 | 58 | 4. Change the VCSServer workers too. Open the |
|
57 | 59 | :file:`home/{user}/.rccontrol/{instance-id}/vcsserver.ini` file. |
|
58 | 60 | |
|
59 | 61 | 5. In the ``[server:main]`` section, increase the number of Gunicorn |
|
60 | 62 | ``workers`` using the following formula :math:`(2 * Cores) + 1`. |
|
61 | 63 | |
|
62 | 64 | .. code-block:: ini |
|
63 | 65 | |
|
64 | 66 | ## run with gunicorn --log-config vcsserver.ini --paste vcsserver.ini |
|
65 | 67 | use = egg:gunicorn#main |
|
66 | 68 | ## Sets the number of process workers. Recommended |
|
67 | 69 | ## value is (2 * NUMBER_OF_CPUS + 1), eg 2CPU = 5 workers |
|
68 | 70 | workers = 4 |
|
69 | 71 | ## process name |
|
70 | 72 | proc_name = rhodecode_vcsserver |
|
71 | 73 | ## type of worker class, currently `sync` is the only option allowed. |
|
72 | 74 | worker_class = sync |
|
73 | 75 | ## The maximum number of simultaneous clients. Valid only for Gevent |
|
74 | 76 | #worker_connections = 10 |
|
75 | 77 | ## max number of requests that worker will handle before being gracefully |
|
76 | 78 | ## restarted, could prevent memory leaks |
|
77 | 79 | max_requests = 1000 |
|
78 | 80 | max_requests_jitter = 30 |
|
79 | 81 | ## amount of time a worker can spend with handling a request before it |
|
80 | 82 | ## gets killed and restarted. Set to 6hrs |
|
81 | 83 | timeout = 21600 |
|
82 | 84 | |
|
83 | 85 | 6. Save your changes. |
|
84 | 86 | 7. Restart your |RCE| instances, using the following command: |
|
85 | 87 | |
|
86 | 88 | .. code-block:: bash |
|
87 | 89 | |
|
88 | 90 | $ rccontrol restart '*' |
|
89 | 91 | |
|
90 | 92 | |
|
91 | 93 | Gunicorn Gevent Backend |
|
92 | 94 | ----------------------- |
|
93 | 95 | |
|
94 | 96 | Gevent is an asynchronous worker type for Gunicorn. It allows accepting multiple |
|
95 | 97 | connections on a single `Gunicorn`_ worker. This means you can handle 100s |
|
96 | 98 | of concurrent clones, or API calls using just few workers. A setting called |
|
97 | 99 | `worker_connections` defines on how many connections each worker can |
|
98 | 100 | handle using `Gevent`. |
|
99 | 101 | |
|
100 | 102 | |
|
101 | 103 | To enable `Gevent` on |RCE| do the following: |
|
102 | 104 | |
|
103 | 105 | |
|
104 | 106 | 1. Open the :file:`home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file. |
|
105 | 107 | 2. In the ``[server:main]`` section, change `worker_class` for Gunicorn. |
|
106 | 108 | |
|
107 | 109 | |
|
108 | 110 | .. code-block:: ini |
|
109 | 111 | |
|
110 | 112 | ## type of worker class, one of sync, gevent |
|
111 | 113 | ## recommended for bigger setup is using of of other than sync one |
|
112 | 114 | worker_class = gevent |
|
113 | 115 | ## The maximum number of simultaneous clients. Valid only for Gevent |
|
114 | 116 | worker_connections = 30 |
|
115 | 117 | |
|
116 | 118 | |
|
117 | 119 | .. note:: |
|
118 | 120 | |
|
119 | 121 | `Gevent` is currently only supported for Enterprise/Community instances. |
|
120 | 122 | VCSServer doesn't yet support gevent. |
|
121 | 123 | |
|
122 | 124 | |
|
123 | 125 | |
|
124 | 126 | .. _Gunicorn: http://gunicorn.org/ |
@@ -1,8 +1,8 b'' | |||
|
1 | 1 | .. _db-session-ref: |
|
2 | 2 | |
|
3 |
|
|
|
4 |
-------------------- |
|
|
3 | Database Performance | |
|
4 | -------------------- | |
|
5 | 5 | |
|
6 | 6 | For tuning PostgreSQL we recommend reading: http://www.revsys.com/writings/postgresql-performance.html |
|
7 | 7 | |
|
8 | 8 | For tuning MySQL we recommend reading: http://www.tecmint.com/mysql-mariadb-performance-tuning-and-optimization/ No newline at end of file |
@@ -1,22 +1,21 b'' | |||
|
1 | 1 | .. _rhodecode-tuning-ref: |
|
2 | 2 | |
|
3 | 3 | Tuning |RCE| |
|
4 | 4 | ============ |
|
5 | 5 | |
|
6 | 6 | To customize your |RCE| |version| installation for maximum performance you |
|
7 | 7 | may find some of the following methods useful. |
|
8 | 8 | |
|
9 | 9 | .. toctree:: |
|
10 | 10 | |
|
11 | 11 | tuning-gunicorn |
|
12 | 12 | tuning-vcs-memory-cache |
|
13 | 13 | tuning-user-sessions-performance |
|
14 | 14 | tuning-increase-db-performance |
|
15 | tuning-scale-horizontally | |
|
16 | tuning-increase-cache-size | |
|
15 | tuning-scale-horizontally-cluster | |
|
17 | 16 | tuning-mount-cache-memory |
|
18 | 17 | tuning-change-encoding |
|
19 | 18 | tuning-change-large-file-dir |
|
20 | 19 | tuning-change-lfs-dir |
|
21 | 20 | tuning-hg-auth-loop |
|
22 | 21 |
@@ -1,58 +1,383 b'' | |||
|
1 | .. _scale-horizontal: | |
|
1 | .. _scale-horizontal-cluster: | |
|
2 | ||
|
2 | 3 | |
|
3 | Scale Horizontally | |
|
4 | ------------------ | |
|
4 | Scale Horizontally / RhodeCode Cluster | |
|
5 | -------------------------------------- | |
|
5 | 6 | |
|
6 | 7 | |RCE| is built in a way it support horizontal scaling across multiple machines. |
|
7 |
There are t |
|
|
8 | There are three main pre-requisites for that: | |
|
8 | 9 | |
|
9 | - Shared storage that each machine can access. | |
|
10 | - Shared DB connection across machines. | |
|
10 | - Shared storage that each machine can access. Using NFS or other shared storage system. | |
|
11 | - Shared DB connection across machines. Using `MySQL`/`PostgreSQL` that each node can access. | |
|
12 | - |RCE| user sessions and caches need to use a shared storage (e.g `Redis`_/`Memcached`) | |
|
11 | 13 | |
|
12 | 14 | |
|
13 | 15 | Horizontal scaling means adding more machines or workers into your pool of |
|
14 | 16 | resources. Horizontally scaling |RCE| gives a huge performance increase, |
|
15 |
especially under large traffic scenarios with a high number of requests. |
|
|
16 | is very beneficial when |RCE| is serving many users simultaneously, | |
|
17 | especially under large traffic scenarios with a high number of requests. | |
|
18 | This is very beneficial when |RCE| is serving many users simultaneously, | |
|
17 | 19 | or if continuous integration servers are automatically pulling and pushing code. |
|
20 | It also adds High-Availability to your running system. | |
|
21 | ||
|
22 | ||
|
23 | Cluster Overview | |
|
24 | ^^^^^^^^^^^^^^^^ | |
|
25 | ||
|
26 | Below we'll present a configuration example that will use two separate nodes to serve | |
|
27 | |RCE| in a load-balanced environment. The 3rd node will act as a shared storage/cache | |
|
28 | and handle load-balancing. In addition 3rd node will be used as shared database instance. | |
|
29 | ||
|
30 | This setup can be used both in Docker based configuration or with individual | |
|
31 | physical/virtual machines. Using the 3rd node for Storage/Redis/PostgreSQL/Nginx is | |
|
32 | optional. All those components can be installed on one of the two nodes used for |RCE|. | |
|
33 | We'll use following naming for our nodes: | |
|
34 | ||
|
35 | - `rc-node-1` (NFS, DB, Cache node) | |
|
36 | - `rc-node-2` (Worker node1) | |
|
37 | - `rc-node-3` (Worker node2) | |
|
38 | ||
|
39 | Our shares NFS storage in the example is located on `/home/rcdev/storage` and | |
|
40 | it's RW accessible on **each** node. | |
|
41 | ||
|
42 | In this example we used certain recommended components, however many | |
|
43 | of those can be replaced by other, in case your organization already uses them, for example: | |
|
44 | ||
|
45 | - `MySQL`/`PostgreSQL`: Aren't replaceable and are the two only supported databases. | |
|
46 | - `Nginx`_ on `rc-node-1` can be replaced by: `Hardware Load Balancer (F5)`, `Apache`_, `HA-Proxy` etc. | |
|
47 | - `Nginx`_ on rc-node-2/3 acts as a reverse proxy and can be replaced by other HTTP server | |
|
48 | acting as reverse proxy such as `Apache`_. | |
|
49 | - `Redis`_ on `rc-node-1` can be replaced by: `Memcached` | |
|
50 | ||
|
51 | ||
|
52 | Here's an overview what components should be installed/setup on each server in our example: | |
|
53 | ||
|
54 | - **rc-node-1**: | |
|
55 | ||
|
56 | - main storage acting as NFS host. | |
|
57 | - `nginx` acting as a load-balancer. | |
|
58 | - `postgresql-server` used for database and sessions. | |
|
59 | - `redis-server` used for storing shared caches. | |
|
60 | - optionally `rabbitmq-server` for `Celery` if used. | |
|
61 | - optionally if `Celery` is used Enterprise/Community instance + VCSServer. | |
|
62 | - optionally mailserver that can be shared by other instances. | |
|
63 | - optionally channelstream server to handle live communication for all instances. | |
|
64 | ||
|
65 | ||
|
66 | - **rc-node-2/3**: | |
|
67 | ||
|
68 | - `nginx` acting as a reverse proxy to handle requests to |RCE|. | |
|
69 | - 1x RhodeCode Enterprise/Community instance. | |
|
70 | - 1x VCSServer instance. | |
|
71 | - optionally for testing connection: postgresql-client, redis-client (redis-tools). | |
|
72 | ||
|
73 | ||
|
74 | Before we start here are few assumptions that should be fulfilled: | |
|
75 | ||
|
76 | - make sure each node can access each other. | |
|
77 | - make sure `Redis`_/`MySQL`/`PostgreSQL`/`RabbitMQ`_ are running on `rc-node-1` | |
|
78 | - make sure both `rc-node-2`/`3` can access NFS storage with RW access | |
|
79 | - make sure rc-node-2/3 can access `Redis`_/`PostgreSQL`, `MySQL` database on `rc-node-1`. | |
|
80 | - make sure `Redis`_/Database/`RabbitMQ`_ are password protected and accessible only from rc-node-2/3. | |
|
81 | ||
|
18 | 82 | |
|
19 | 83 | |
|
20 | If you scale across different machines, each |RCM| instance | |
|
21 | needs to store its data on a shared disk, preferably together with your | |
|
22 | |repos|. This data directory contains template caches, a full text search index, | |
|
23 | and is used for task locking to ensure safety across multiple instances. | |
|
24 | To do this, set the following properties in the :file:`rhodecode.ini` file to | |
|
25 | set the shared location across all |RCM| instances. | |
|
84 | Setup rc-node-2/3 | |
|
85 | ^^^^^^^^^^^^^^^^^ | |
|
86 | ||
|
87 | Initially before `rc-node-1` we'll configure both nodes 2 and 3 to operate as standalone | |
|
88 | nodes with their own hostnames. Use a default installation settings, and use | |
|
89 | the default local addresses (127.0.0.1) to configure VCSServer and Community/Enterprise instances. | |
|
90 | All external connectivity will be handled by the reverse proxy (`Nginx`_ in our example). | |
|
91 | ||
|
92 | This way we can ensure each individual host works, | |
|
93 | accepts connections, or do some operations explicitly on chosen node. | |
|
94 | ||
|
95 | In addition this would allow use to explicitly direct certain traffic to a node, e.g | |
|
96 | CI server will only call directly `rc-node-3`. This should be done similar to normal | |
|
97 | installation so check out `Nginx`_/`Apache`_ configuration example to configure each host. | |
|
98 | Each one should already connect to shared database during installation. | |
|
99 | ||
|
100 | ||
|
101 | 1) Assuming our final url will be http://rc-node-1, Configure `instances_id`, `app.base_url` | |
|
102 | ||
|
103 | a) On **rc-node-2** find the following settings and edit :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` | |
|
104 | ||
|
105 | .. code-block:: ini | |
|
106 | ||
|
107 | ## required format is: *NAME- | |
|
108 | instance_id = *rc-node-2- | |
|
109 | app.base_url = http://rc-node-1 | |
|
110 | ||
|
111 | ||
|
112 | b) On **rc-node-3** find the following settings and edit :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` | |
|
113 | ||
|
114 | .. code-block:: ini | |
|
115 | ||
|
116 | ## required format is: *NAME- | |
|
117 | instance_id = *rc-node-3- | |
|
118 | app.base_url = http://rc-node-1 | |
|
119 | ||
|
120 | ||
|
121 | ||
|
122 | 2) Configure `User Session` to use a shared database. Example config that should be | |
|
123 | changed on both node 2 and 3. Edit :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` | |
|
124 | ||
|
125 | .. code-block:: ini | |
|
126 | ||
|
127 | #################################### | |
|
128 | ### BEAKER SESSION #### | |
|
129 | #################################### | |
|
130 | ||
|
131 | ## Disable the default `file` sessions | |
|
132 | #beaker.session.type = file | |
|
133 | #beaker.session.data_dir = %(here)s/data/sessions | |
|
134 | ||
|
135 | ## use shared db based session, fast, and allows easy management over logged in users | |
|
136 | beaker.session.type = ext:database | |
|
137 | beaker.session.table_name = db_session | |
|
138 | # use our rc-node-1 here | |
|
139 | beaker.session.sa.url = postgresql://postgres:qweqwe@rc-node-1/rhodecode | |
|
140 | beaker.session.sa.pool_recycle = 3600 | |
|
141 | beaker.session.sa.echo = false | |
|
142 | ||
|
143 | In addition make sure both instances use the same `session.secret` so users have | |
|
144 | persistent sessions across nodes. Please generate other one then in this example. | |
|
145 | ||
|
146 | .. code-block:: ini | |
|
147 | ||
|
148 | # use an unique generated long string | |
|
149 | beaker.session.secret = 70e116cae2274656ba7265fd860aebbd | |
|
150 | ||
|
151 | 3) Configure stored cached/archive cache to our shared NFS `rc-node-1` | |
|
26 | 152 | |
|
27 | 153 | .. code-block:: ini |
|
28 | 154 | |
|
29 | cache_dir = /shared/path/caches # set to shared location | |
|
30 | search.location = /shared/path/search_index # set to shared location | |
|
155 | # note the `_` prefix that allows using a directory without | |
|
156 | # remap and rescan checking for vcs inside it. | |
|
157 | cache_dir = /home/rcdev/storage/_cache_dir/data | |
|
158 | # note archive cache dir is disabled by default, however if you enable | |
|
159 | # it also needs to be shared | |
|
160 | #archive_cache_dir = /home/rcdev/storage/_tarball_cache_dir | |
|
161 | ||
|
162 | ||
|
163 | 4) Change cache backends to use `Redis`_ based caches. Below full example config | |
|
164 | that replaces default file-based cache to shared `Redis`_ with Distributed Lock. | |
|
165 | ||
|
166 | ||
|
167 | .. code-block:: ini | |
|
168 | ||
|
169 | ##################################### | |
|
170 | ### DOGPILE CACHE #### | |
|
171 | ##################################### | |
|
172 | ||
|
173 | ## `cache_perms` cache settings for permission tree, auth TTL. | |
|
174 | #rc_cache.cache_perms.backend = dogpile.cache.rc.file_namespace | |
|
175 | #rc_cache.cache_perms.expiration_time = 300 | |
|
176 | ||
|
177 | ## alternative `cache_perms` redis backend with distributed lock | |
|
178 | rc_cache.cache_perms.backend = dogpile.cache.rc.redis | |
|
179 | rc_cache.cache_perms.expiration_time = 300 | |
|
180 | ## redis_expiration_time needs to be greater then expiration_time | |
|
181 | rc_cache.cache_perms.arguments.redis_expiration_time = 7200 | |
|
182 | rc_cache.cache_perms.arguments.socket_timeout = 30 | |
|
183 | rc_cache.cache_perms.arguments.host = rc-node-1 | |
|
184 | rc_cache.cache_perms.arguments.password = qweqwe | |
|
185 | rc_cache.cache_perms.arguments.port = 6379 | |
|
186 | rc_cache.cache_perms.arguments.db = 0 | |
|
187 | rc_cache.cache_perms.arguments.distributed_lock = true | |
|
188 | ||
|
189 | ## `cache_repo` cache settings for FileTree, Readme, RSS FEEDS | |
|
190 | #rc_cache.cache_repo.backend = dogpile.cache.rc.file_namespace | |
|
191 | #rc_cache.cache_repo.expiration_time = 2592000 | |
|
192 | ||
|
193 | ## alternative `cache_repo` redis backend with distributed lock | |
|
194 | rc_cache.cache_repo.backend = dogpile.cache.rc.redis | |
|
195 | rc_cache.cache_repo.expiration_time = 2592000 | |
|
196 | ## redis_expiration_time needs to be greater then expiration_time | |
|
197 | rc_cache.cache_repo.arguments.redis_expiration_time = 2678400 | |
|
198 | rc_cache.cache_repo.arguments.socket_timeout = 30 | |
|
199 | rc_cache.cache_repo.arguments.host = rc-node-1 | |
|
200 | rc_cache.cache_repo.arguments.password = qweqwe | |
|
201 | rc_cache.cache_repo.arguments.port = 6379 | |
|
202 | rc_cache.cache_repo.arguments.db = 1 | |
|
203 | rc_cache.cache_repo.arguments.distributed_lock = true | |
|
204 | ||
|
205 | ## cache settings for SQL queries, this needs to use memory type backend | |
|
206 | rc_cache.sql_cache_short.backend = dogpile.cache.rc.memory_lru | |
|
207 | rc_cache.sql_cache_short.expiration_time = 30 | |
|
208 | ||
|
209 | ## `cache_repo_longterm` cache for repo object instances, this needs to use memory | |
|
210 | ## type backend as the objects kept are not pickle serializable | |
|
211 | rc_cache.cache_repo_longterm.backend = dogpile.cache.rc.memory_lru | |
|
212 | ## by default we use 96H, this is using invalidation on push anyway | |
|
213 | rc_cache.cache_repo_longterm.expiration_time = 345600 | |
|
214 | ## max items in LRU cache, reduce this number to save memory, and expire last used | |
|
215 | ## cached objects | |
|
216 | rc_cache.cache_repo_longterm.max_size = 10000 | |
|
217 | ||
|
218 | ||
|
219 | 4) Configure `Nginx`_ as reverse proxy on `rc-node-2/3`: | |
|
220 | Minimal `Nginx`_ config used: | |
|
221 | ||
|
31 | 222 | |
|
32 | #################################### | |
|
33 | ### BEAKER CACHE #### | |
|
34 | #################################### | |
|
35 | beaker.cache.data_dir = /shared/path/data # set to shared location | |
|
36 | beaker.cache.lock_dir = /shared/path/lock # set to shared location | |
|
223 | .. code-block:: nginx | |
|
224 | ||
|
225 | ## rate limiter for certain pages to prevent brute force attacks | |
|
226 | limit_req_zone $binary_remote_addr zone=req_limit:10m rate=1r/s; | |
|
227 | ||
|
228 | ## custom log format | |
|
229 | log_format log_custom '$remote_addr - $remote_user [$time_local] ' | |
|
230 | '"$request" $status $body_bytes_sent ' | |
|
231 | '"$http_referer" "$http_user_agent" ' | |
|
232 | '$request_time $upstream_response_time $pipe'; | |
|
233 | ||
|
234 | server { | |
|
235 | listen 80; | |
|
236 | server_name rc-node-2; | |
|
237 | #server_name rc-node-3; | |
|
238 | ||
|
239 | access_log /var/log/nginx/rhodecode.access.log log_custom; | |
|
240 | error_log /var/log/nginx/rhodecode.error.log; | |
|
241 | ||
|
242 | # example of proxy.conf can be found in our docs. | |
|
243 | include /etc/nginx/proxy.conf; | |
|
244 | ||
|
245 | ## serve static files by Nginx, recommended for performance | |
|
246 | location /_static/rhodecode { | |
|
247 | gzip on; | |
|
248 | gzip_min_length 500; | |
|
249 | gzip_proxied any; | |
|
250 | gzip_comp_level 4; | |
|
251 | gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/json application/xml application/rss+xml font/truetype font/opentype application/vnd.ms-fontobject image/svg+xml; | |
|
252 | gzip_vary on; | |
|
253 | gzip_disable "msie6"; | |
|
254 | #alias /home/rcdev/.rccontrol/community-1/static; | |
|
255 | alias /home/rcdev/.rccontrol/enterprise-1/static; | |
|
256 | } | |
|
257 | ||
|
258 | ||
|
259 | location /_admin/login { | |
|
260 | limit_req zone=req_limit burst=10 nodelay; | |
|
261 | try_files $uri @rhode; | |
|
262 | } | |
|
263 | ||
|
264 | location / { | |
|
265 | try_files $uri @rhode; | |
|
266 | } | |
|
267 | ||
|
268 | location @rhode { | |
|
269 | # Url to running RhodeCode instance. | |
|
270 | # This is shown as `- URL: <host>` in output from rccontrol status. | |
|
271 | proxy_pass http://127.0.0.1:10020; | |
|
272 | } | |
|
273 | ||
|
274 | ## custom 502 error page. Will be displayed while RhodeCode server | |
|
275 | ## is turned off | |
|
276 | error_page 502 /502.html; | |
|
277 | location = /502.html { | |
|
278 | #root /home/rcdev/.rccontrol/community-1/static; | |
|
279 | root /home/rcdev/.rccontrol/enterprise-1/static; | |
|
280 | } | |
|
281 | } | |
|
282 | ||
|
283 | ||
|
284 | 5) Optional: Full text search, in case you use `Whoosh` full text search we also need a | |
|
285 | shared storage for the index. In our example our NFS is mounted at `/home/rcdev/storage` | |
|
286 | which represents out storage so we can use the following: | |
|
287 | ||
|
288 | .. code-block:: ini | |
|
289 | ||
|
290 | # note the `_` prefix that allows using a directory without | |
|
291 | # remap and rescan checking for vcs inside it. | |
|
292 | search.location = /home/rcdev/storage/_index_data/index | |
|
37 | 293 | |
|
38 | 294 | |
|
39 | 295 | .. note:: |
|
40 | 296 | |
|
41 | If you use custom caches such as `beaker.cache.auth_plugins.` it's recommended | |
|
42 | to set it to the memcached/redis or database backend so it can be shared | |
|
43 | across machines. | |
|
297 | If you use ElasticSearch it's by default shared, and simply running ES node is | |
|
298 | by default cluster compatible. | |
|
299 | ||
|
300 | ||
|
301 | 6) Optional: If you intend to use mailing all instances need to use either a shared | |
|
302 | mailing node, or each will use individual local mailagent. Simply put node-1/2/3 needs | |
|
303 | to use same mailing configuration. | |
|
304 | ||
|
305 | ||
|
306 | ||
|
307 | Setup rc-node-1 | |
|
308 | ^^^^^^^^^^^^^^^ | |
|
44 | 309 | |
|
45 | 310 | |
|
46 | It is recommended to create another dedicated |RCE| instance to handle | |
|
47 | traffic from build farms or continuous integration servers. | |
|
311 | Configure `Nginx`_ as Load Balancer to rc-node-2/3. | |
|
312 | Minimal `Nginx`_ example below: | |
|
313 | ||
|
314 | .. code-block:: nginx | |
|
315 | ||
|
316 | ## define rc-cluster which contains a pool of our instances to connect to | |
|
317 | upstream rc-cluster { | |
|
318 | # rc-node-2/3 are stored in /etc/hosts with correct IP addresses | |
|
319 | server rc-node-2:80; | |
|
320 | server rc-node-3:80; | |
|
321 | } | |
|
322 | ||
|
323 | server { | |
|
324 | listen 80; | |
|
325 | server_name rc-node-1; | |
|
326 | ||
|
327 | location / { | |
|
328 | proxy_pass http://rc-cluster; | |
|
329 | } | |
|
330 | } | |
|
331 | ||
|
48 | 332 |
|
|
49 | 333 | .. note:: |
|
50 | 334 | |
|
51 | 335 | You should configure your load balancing accordingly. We recommend writing |
|
52 | 336 | load balancing rules that will separate regular user traffic from |
|
53 | automated process traffic like continuous servers or build bots. | |
|
337 | automated process traffic like continuous servers or build bots. Sticky sessions | |
|
338 | are not required. | |
|
339 | ||
|
340 | ||
|
341 | Show which instance handles a request | |
|
342 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
|
343 | ||
|
344 | You can easily check if load-balancing is working as expected. Visit our main node | |
|
345 | `rc-node-1` URL which at that point should already handle incoming requests and balance | |
|
346 | it across node-2/3. | |
|
347 | ||
|
348 | Add a special GET param `?showrcid=1` to show current instance handling your request. | |
|
349 | ||
|
350 | For example: visiting url `http://rc-node-1/?showrcid=1` will show, in the bottom | |
|
351 | of the screen` cluster instance info. | |
|
352 | e.g: `RhodeCode instance id: rc-node-3-rc-node-3-3246` | |
|
353 | which is generated from:: | |
|
354 | ||
|
355 | <NODE_HOSTNAME>-<INSTANCE_ID>-<WORKER_PID> | |
|
356 | ||
|
357 | ||
|
358 | Using Celery with cluster | |
|
359 | ^^^^^^^^^^^^^^^^^^^^^^^^^ | |
|
54 | 360 | |
|
55 | .. note:: | |
|
361 | ||
|
362 | If `Celery` is used we recommend setting also an instance of Enterprise/Community+VCSserver | |
|
363 | on the node that is running `RabbitMQ`_. Those instances will be used to executed async | |
|
364 | tasks on the `rc-node-1`. This is the most efficient setup. `Celery` usually | |
|
365 | handles tasks such as sending emails, forking repositories, importing | |
|
366 | repositories from external location etc. Using workers on instance that has | |
|
367 | the direct access to disks used by NFS as well as email server gives noticeable | |
|
368 | performance boost. Running local workers to the NFS storage results in faster | |
|
369 | execution of forking large repositories or sending lots of emails. | |
|
56 | 370 | |
|
57 | If Celery is used on each instance then you should run separate Celery | |
|
58 | instances, but the message broker should be the same for all of them. | |
|
371 | Those instances need to be configured in the same way as for other nodes. | |
|
372 | The instance in rc-node-1 can be added to the cluser, but we don't recommend doing it. | |
|
373 | For best results let it be isolated to only executing `Celery` tasks in the cluster setup. | |
|
374 | ||
|
375 | ||
|
376 | .. _Gunicorn: http://gunicorn.org/ | |
|
377 | .. _Whoosh: https://pypi.python.org/pypi/Whoosh/ | |
|
378 | .. _Elasticsearch: https://www.elastic.co/.. | |
|
379 | .. _RabbitMQ: http://www.rabbitmq.com/ | |
|
380 | .. _Nginx: http://nginx.io | |
|
381 | .. _Apache: http://nginx.io | |
|
382 | .. _Redis: http://redis.io | |
|
383 |
@@ -1,66 +1,67 b'' | |||
|
1 | 1 | .. _user-session-ref: |
|
2 | 2 | |
|
3 |
|
|
|
4 |
------------------------ |
|
|
3 | User Session Performance | |
|
4 | ------------------------ | |
|
5 | 5 | |
|
6 | 6 | The default file-based sessions are only suitable for smaller setups, or |
|
7 | 7 | instances that doesn't have a lot of users or traffic. |
|
8 | 8 | They are set as default option because it's setup-free solution. |
|
9 | 9 | |
|
10 | 10 | The most common issue of file based sessions are file limit errors which occur |
|
11 | 11 | if there are lots of session files. |
|
12 | 12 | |
|
13 | 13 | Therefore, in a large scale deployment, to give better performance, |
|
14 | 14 | scalability, and maintainability we recommend switching from file-based |
|
15 | 15 | sessions to database-based user sessions or Redis based sessions. |
|
16 | 16 | |
|
17 | 17 | To switch to database-based user sessions uncomment the following section in |
|
18 | 18 | your :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file. |
|
19 | 19 | |
|
20 | 20 | |
|
21 | 21 | .. code-block:: ini |
|
22 | 22 | |
|
23 | 23 | ## db based session, fast, and allows easy management over logged in users |
|
24 | 24 | beaker.session.type = ext:database |
|
25 | 25 | beaker.session.table_name = db_session |
|
26 | 26 | |
|
27 | # use just one of the following accoring to the type of database | |
|
27 | # use just one of the following according to the type of database | |
|
28 | 28 | beaker.session.sa.url = postgresql://postgres:secret@localhost/rhodecode |
|
29 | # or | |
|
29 | 30 | beaker.session.sa.url = mysql://root:secret@127.0.0.1/rhodecode |
|
30 | 31 | |
|
31 | 32 | beaker.session.sa.pool_recycle = 3600 |
|
32 | 33 | beaker.session.sa.echo = false |
|
33 | 34 | |
|
34 | 35 | |
|
35 | 36 | and make sure you comment out the file based sessions. |
|
36 | 37 | |
|
37 | 38 | .. code-block:: ini |
|
38 | 39 | |
|
39 | 40 | ## types are file, ext:memcached, ext:database, and memory (default). |
|
40 | 41 | #beaker.session.type = file |
|
41 | 42 | #beaker.session.data_dir = %(here)s/data/sessions/data |
|
42 | 43 | |
|
43 | 44 | |
|
44 | 45 | The `table_name` will be automatically created on specified database if it isn't yet existing. |
|
45 | 46 | Database specified in the `beaker.session.sa.url` can be the same that RhodeCode |
|
46 | 47 | uses, or if required it can be a different one. We recommend to use the same database. |
|
47 | 48 | |
|
48 | 49 | |
|
49 | 50 | |
|
50 | 51 | To switch to reds-based user sessions uncomment the following section in |
|
51 | 52 | your :file:`/home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file. |
|
52 | 53 | |
|
53 | 54 | .. code-block:: ini |
|
54 | 55 | |
|
55 | 56 | ## redis sessions |
|
56 | 57 | beaker.session.type = ext:redis |
|
57 | 58 | beaker.session.url = localhost:6379 |
|
58 | 59 | |
|
59 | 60 | |
|
60 | 61 | and make sure you comment out the file based sessions. |
|
61 | 62 | |
|
62 | 63 | .. code-block:: ini |
|
63 | 64 | |
|
64 | 65 | ## types are file, ext:memcached, ext:database, and memory (default). |
|
65 | 66 | #beaker.session.type = file |
|
66 | 67 | #beaker.session.data_dir = %(here)s/data/sessions/data No newline at end of file |
@@ -1,8 +1,8 b'' | |||
|
1 | 1 | .. _adjust-vcs-mem-cache: |
|
2 | 2 | |
|
3 |
|
|
|
4 |
---------------------- |
|
|
3 | VCSServer Memory Cache | |
|
4 | ---------------------- | |
|
5 | 5 | |
|
6 | 6 | The VCS Server mamory cache can be adjusted to work best with the resources |
|
7 | 7 | available to your |RCE| instance. If you find that memory resources are under |
|
8 | 8 | pressure, see the :ref:`vcs-server-maintain` section for details. |
|
1 | NO CONTENT: file was removed |
General Comments 0
You need to be logged in to leave comments.
Login now