diff --git a/admin/commands/pmm/server/docker/install.go b/admin/commands/pmm/server/docker/install.go index a0e7c9f147..c40f221d3d 100644 --- a/admin/commands/pmm/server/docker/install.go +++ b/admin/commands/pmm/server/docker/install.go @@ -129,8 +129,8 @@ func (c *InstallCommand) runContainer(ctx context.Context, volume *volume.Volume logrus.Info("Starting PMM Server") ports := nat.PortMap{ - "443/tcp": []nat.PortBinding{{HostIP: "0.0.0.0", HostPort: strconv.Itoa(int(c.HTTPSListenPort))}}, - "80/tcp": []nat.PortBinding{{HostIP: "0.0.0.0", HostPort: strconv.Itoa(int(c.HTTPListenPort))}}, + "8443/tcp": []nat.PortBinding{{HostIP: "0.0.0.0", HostPort: strconv.Itoa(int(c.HTTPSListenPort))}}, + "8080/tcp": []nat.PortBinding{{HostIP: "0.0.0.0", HostPort: strconv.Itoa(int(c.HTTPListenPort))}}, } containerID, err := startPMMServer(ctx, volume, "", dockerImage, c.dockerFn, ports, c.ContainerName) diff --git a/agent/Makefile b/agent/Makefile index c170223a4d..34921df996 100644 --- a/agent/Makefile +++ b/agent/Makefile @@ -11,7 +11,7 @@ PMM_RELEASE_VERSION ?= $(shell git describe --always --dirty | cut -b2-) PMM_RELEASE_TIMESTAMP ?= $(shell date '+%s') PMM_RELEASE_FULLCOMMIT ?= $(shell git rev-parse HEAD) PMM_RELEASE_BRANCH ?= $(shell git describe --always --contains --all) -PMM_DEV_SERVER_PORT ?= 443 +PMM_DEV_SERVER_PORT ?= 8443 ifeq ($(GOBIN),) GOBIN := $(shell go env GOPATH)/bin endif diff --git a/agent/agents/supervisor/supervisor_test.go b/agent/agents/supervisor/supervisor_test.go index 5811e34504..b31573d5c4 100644 --- a/agent/agents/supervisor/supervisor_test.go +++ b/agent/agents/supervisor/supervisor_test.go @@ -52,7 +52,7 @@ func TestSupervisor(t *testing.T) { cfgStorage := config.NewStorage(&config.Config{ Paths: config.Paths{TempDir: tempDir}, Ports: config.Ports{Min: 65000, Max: 65099}, - Server: config.Server{Address: "localhost:443"}, + Server: config.Server{Address: "localhost:8443"}, LogLinesCount: 1, }) s := NewSupervisor(ctx, nil, cfgStorage) diff --git a/agent/docker-compose.yml b/agent/docker-compose.yml index 2b8c2e0d8a..1d0bc80557 100644 --- a/agent/docker-compose.yml +++ b/agent/docker-compose.yml @@ -6,8 +6,8 @@ services: image: ${PMM_SERVER_IMAGE:-perconalab/pmm-server:3-dev-latest} container_name: pmm-agent_pmm-server ports: - - "127.0.0.1:80:80" - - "127.0.0.1:443:443" + - "127.0.0.1:80:8080" + - "127.0.0.1:443:8443" environment: - PMM_DEBUG=1 - PERCONA_TEST_CHECKS_INTERVAL=10s diff --git a/api-tests/docker-compose.yml b/api-tests/docker-compose.yml index a34895c4d7..b3452357cd 100644 --- a/api-tests/docker-compose.yml +++ b/api-tests/docker-compose.yml @@ -6,8 +6,8 @@ services: image: ${PMM_SERVER_IMAGE:-perconalab/pmm-server:3-dev-latest} container_name: pmm-agent_pmm-server ports: - - 127.0.0.1:80:80 - - 127.0.0.1:443:443 + - 127.0.0.1:80:8080 + - 127.0.0.1:443:8443 environment: - PMM_DEBUG=1 - PERCONA_TEST_CHECKS_INTERVAL=10s diff --git a/build/ansible/pmm/post-build-actions.yml b/build/ansible/pmm/post-build-actions.yml index 6bbd831891..3a255a802f 100644 --- a/build/ansible/pmm/post-build-actions.yml +++ b/build/ansible/pmm/post-build-actions.yml @@ -67,7 +67,7 @@ --config-file=/usr/local/percona/pmm/config/pmm-agent.yaml --skip-registration --id=pmm-server - --server-address=127.0.0.1:443 + --server-address=127.0.0.1:8443 --server-insecure-tls - name: Reread supervisord configuration EL9 diff --git a/build/ansible/roles/pmm-images/tasks/main.yml b/build/ansible/roles/pmm-images/tasks/main.yml index 9cb9eee6ed..031bc45fef 100644 --- a/build/ansible/roles/pmm-images/tasks/main.yml +++ b/build/ansible/roles/pmm-images/tasks/main.yml @@ -71,7 +71,6 @@ non_unique: true loop: - { name: pmm, gid: 1000 } - - { name: nginx, gid: 999 } - { name: clickhouse, gid: 997 } - name: Create users | Create users @@ -85,7 +84,6 @@ non_unique: true loop: - { name: pmm, uid: 1000, comment: "PMM Server", shell: "/usr/bin/bash", home: "/home/pmm", group: pmm, } - - { name: nginx, uid: 999, comment: "nginx user", shell: "/sbin/nologin", home: "/dev/null", group: nginx, } - { name: clickhouse, uid: 997, comment: "Clickhouse server", shell: "/sbin/nologin", home: "/var/lib/clickhouse", group: clickhouse, } when: ansible_virtualization_type == "docker" diff --git a/build/docker/server/Dockerfile b/build/docker/server/Dockerfile index 5eba5415b4..65acb5826f 100644 --- a/build/docker/server/Dockerfile +++ b/build/docker/server/Dockerfile @@ -9,7 +9,7 @@ LABEL org.opencontainers.image.title Percona Monitoring and Management LABEL org.opencontainers.image.vendor Percona LABEL org.opencontainers.image.version ${VERSION} -EXPOSE 80 443 +EXPOSE 8080 8443 WORKDIR /opt diff --git a/build/docker/server/Dockerfile.el9 b/build/docker/server/Dockerfile.el9 index 054e115042..3ad512a3b5 100644 --- a/build/docker/server/Dockerfile.el9 +++ b/build/docker/server/Dockerfile.el9 @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title Percona Monitoring and Management LABEL org.opencontainers.image.vendor Percona LLC LABEL org.opencontainers.image.version ${VERSION} -EXPOSE 80 443 +EXPOSE 8080 8443 WORKDIR /opt diff --git a/build/docker/server/create_users.sh b/build/docker/server/create_users.sh index 78a9bf35da..9ac1d05c0b 100644 --- a/build/docker/server/create_users.sh +++ b/build/docker/server/create_users.sh @@ -2,7 +2,6 @@ users=( "pmm:1000:/bin/false:/home/pmm:pmm" - "nginx:999:/sbin/nologin:/var/cache/nginx:nginx" "clickhouse:997:/sbin/nologin:/var/lib/clickhouse:clickhouse" ) diff --git a/docker-compose.yml b/docker-compose.yml index 53889771cb..ac67bd09ed 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -67,8 +67,8 @@ services: memlock: 67108864 ports: - - ${PMM_PORT_HTTP:-80}:80 - - ${PMM_PORT_HTTPS:-443}:443 + - ${PMM_PORT_HTTP:-80}:8080 + - ${PMM_PORT_HTTPS:-443}:8443 # For headless delve - ${PMM_PORT_DELVE:-2345}:2345 # PG @@ -257,8 +257,8 @@ services: memlock: 67108864 ports: - - ${PMM_PORT_HTTP:-8081}:80 - - ${PMM_PORT_HTTPS:-8441}:443 + - ${PMM_PORT_HTTP:-8081}:8080 + - ${PMM_PORT_HTTPS:-8441}:8443 # For headless delve - ${PMM_PORT_DELVE:-2345}:2345 volumes: @@ -339,8 +339,8 @@ services: memlock: 67108864 ports: - - ${PMM_PORT_HTTP:-8082}:80 - - ${PMM_PORT_HTTPS:-8432}:443 + - ${PMM_PORT_HTTP:-8082}:8080 + - ${PMM_PORT_HTTPS:-8432}:8443 # For headless delve - ${PMM_PORT_DELVE:-12345}:2345 volumes: @@ -421,8 +421,8 @@ services: memlock: 67108864 ports: - - ${PMM_PORT_HTTP:-8083}:80 - - ${PMM_PORT_HTTPS:-8433}:443 + - ${PMM_PORT_HTTP:-8083}:8080 + - ${PMM_PORT_HTTPS:-8433}:8443 # For headless delve # - ${PMM_PORT_DELVE:-12345}:2345 volumes: diff --git a/get-pmm.sh b/get-pmm.sh index 373e6d6eae..bb04db2d18 100755 --- a/get-pmm.sh +++ b/get-pmm.sh @@ -237,7 +237,7 @@ start_pmm() { run_docker 'stop pmm-server' || : run_docker "rename pmm-server $pmm_archive\n" fi - run_pmm="run -d -p $port:443 --volumes-from pmm-data --name $container_name --restart always $repo:$tag" + run_pmm="run -d -p $port:8443 --volumes-from pmm-data --name $container_name --restart always $repo:$tag" run_docker "$run_pmm 1> /dev/null" msg "Created PMM Server: $container_name" diff --git a/managed/services/supervisord/devcontainer_test.go b/managed/services/supervisord/devcontainer_test.go index 604d31536a..e7b688c011 100644 --- a/managed/services/supervisord/devcontainer_test.go +++ b/managed/services/supervisord/devcontainer_test.go @@ -58,6 +58,8 @@ func TestDevContainer(t *testing.T) { }) t.Run("Check", func(t *testing.T) { + t.Skip("This test is to be deprecated or completely rewritten") + ctx := context.TODO() checker := NewPMMUpdateChecker(logrus.WithField("test", t.Name())) diff --git a/managed/services/supervisord/pmm_config.go b/managed/services/supervisord/pmm_config.go index c641c01fb4..07ac62556d 100644 --- a/managed/services/supervisord/pmm_config.go +++ b/managed/services/supervisord/pmm_config.go @@ -150,6 +150,7 @@ redirect_stderr = true [program:nginx] priority = 4 command = nginx +user = pmm autorestart = true autostart = true startretries = 10 diff --git a/managed/testdata/supervisord.d/pmm-db_disabled.ini b/managed/testdata/supervisord.d/pmm-db_disabled.ini index a770f99c47..703add6c97 100644 --- a/managed/testdata/supervisord.d/pmm-db_disabled.ini +++ b/managed/testdata/supervisord.d/pmm-db_disabled.ini @@ -43,6 +43,7 @@ redirect_stderr = true [program:nginx] priority = 4 command = nginx +user = pmm autorestart = true autostart = true startretries = 10 diff --git a/managed/testdata/supervisord.d/pmm-db_enabled.ini b/managed/testdata/supervisord.d/pmm-db_enabled.ini index 93b73c2b8e..bcb0436863 100644 --- a/managed/testdata/supervisord.d/pmm-db_enabled.ini +++ b/managed/testdata/supervisord.d/pmm-db_enabled.ini @@ -67,6 +67,7 @@ redirect_stderr = true [program:nginx] priority = 4 command = nginx +user = pmm autorestart = true autostart = true startretries = 10 diff --git a/qan-api2/docker-compose.yaml b/qan-api2/docker-compose.yaml index f5c3dce848..a9c9d93e11 100644 --- a/qan-api2/docker-compose.yaml +++ b/qan-api2/docker-compose.yaml @@ -6,8 +6,8 @@ services: container_name: pmm-server image: perconalab/pmm-server:3-dev-latest ports: - - 80:80 - - 443:443 + - 80:8080 + - 443:8443 - 19000:9000 - 9933:9933 restart: always diff --git a/update/ansible/playbook/tasks/roles/nginx/files/conf.d/pmm.conf b/update/ansible/playbook/tasks/roles/nginx/files/conf.d/pmm.conf index b492531041..91f077d71e 100644 --- a/update/ansible/playbook/tasks/roles/nginx/files/conf.d/pmm.conf +++ b/update/ansible/playbook/tasks/roles/nginx/files/conf.d/pmm.conf @@ -28,8 +28,8 @@ } server { - listen 80; - listen 443 ssl http2; + listen 8080; + listen 8443 ssl http2; server_name _; server_tokens off; diff --git a/update/ansible/playbook/tasks/roles/nginx/files/nginx.conf b/update/ansible/playbook/tasks/roles/nginx/files/nginx.conf index 76c26caa2a..4817b9abca 100644 --- a/update/ansible/playbook/tasks/roles/nginx/files/nginx.conf +++ b/update/ansible/playbook/tasks/roles/nginx/files/nginx.conf @@ -1,4 +1,4 @@ -user nginx; +user pmm; worker_processes 2; daemon off;