вторник, 3 июля 2018 г.

Install Sentry on CentOS 7

Source

This article covers how to install and configure Sentry error tracking software on CentOS 7 system. Assuming you’ve already installed epel repository, if you haven’t you can do it by just typing yum install epel-release. Let’s start installation!
1) As always, we’ll up-to-date system first. If you want, you can reboot your host after doing that.
yum update -y
2) Install pre-requisites that we’ll use for all softwares.
yum install wget python-setuptools.noarch python2-pip.noarch python-devel.x86_64 libxslt.x86_64 libxslt-devel.x86_64 libxml2 libxml2-devel.x86_64 libzip libzip-devel libffi.x86_64 libffi-devel.x86_64 openssl-libs.x86_64 libpqxx libpqxx-devel libyaml libyaml-devel libjpeg libjpeg-devel libpng libpng12 libpng12-devel libpng-devel net-tools gcc gcc-c++ -y
3) Sentry uses Postgresql as database server. Install and initialize Postgresql as follows.
Installing:
yum install postgresql-server.x86_64 postgresql-contrib
Initialize, add to start up and start database:
postgresql-setup initdb
systemctl enable postgresql.service
systemctl start postgresql.service
4) Redis is used for caching and KV storage in Sentry. Install and start it.
yum install redis
systemctl enable redis.service
systemctl start redis.service
5) Install supervisor in this step. We’ll use it to control Sentry and its processes.
yum install supervisor
systemctl enable supervisord.service
we don’t start it now because we’ll to add some config to supervisor, after that we’ll start it.
6) We installed pip already, let’s upgrade it.
pip install --upgrade pip
7) Install virtualenv to create isolated python environment to install Sentry with pip.
pip install -U virtualenv
8) Add Sentry user. We’ll use this account during sentry installation.
useradd sentry
9) Create database and add user to postgres to store Sentry data.
su - postgres
psql template1
create user sentry with password 'type_your_password';
alter user sentry with superuser;
create database sentrydb with owner sentry;
\q
exit
10) Switch to sentry user.
su - sentry
11) Create an environment.
virtualenv /home/sentry/sentry_app
12) To run commands in current shell environment, use source.
source /home/sentry/sentry_app/bin/activate
13) We are finally in the Sentry installation step. Installing Sentry by pip as follows.
pip install -U sentry
14) Initialize Sentry.
/home/sentry/sentry_app/bin/sentry init
15) Update the following two files according to the information provided during the installation process.
/home/sentry/.sentry/sentry.conf.py
/home/sentry/.sentry/config.yml
After updating the first file, it should look like this:
DATABASES = {
'default': {
'ENGINE': 'sentry.db.postgres',
'NAME': 'sentrydb',
'USER': 'sentry',
'PASSWORD': 'your_password',
'HOST': '127.0.0.1',
'PORT': '5432',
'AUTOCOMMIT': True,
'ATOMIC_REQUESTS': False,
}
}
the second file:
redis.clusters:
default:
hosts:
0:
host: 127.0.0.1
port: 6379
Note: please review the other settings in these two files.
16) Update pg_hba.conf file (it locates in /var/lib/pgsql/data/pg_hba.conf) as follows and restart postgres.

# TYPE  DATABASE        USER            ADDRESS                 METHOD

local    all             postgres                                peer

# "local" is for Unix domain socket connections only
local    all             all                                     peer
# IPv4 local connections:
host     all             all             127.0.0.1/32            md5
# IPv6 local connections:
host     all             all             ::1/128                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local   replication     postgres                                peer
#host    replication     postgres        127.0.0.1/32            ident
#host    replication     postgres        ::1/128                 ident
Restart postgres:
systemctl restart postgresql.service
17) Run upgrade command. Installation will ask you to type your email address in this step. Type and don’t forget to make it superuser.
/home/sentry/sentry_app/bin/sentry upgrade
exit
18) Make following change in /etc/supervisord.conf file at “[include]” section.
files = supervisord.d/*.conf
and then locate to /etc/supervisord.d path. Create a file named sentry.conf and edit it as follows.
[program:sentry-web]
directory=/home/sentry/sentry_app/
environment=SENTRY_CONF="/home/sentry/.sentry"
command=/home/sentry/sentry_app/bin/sentry --config=/home/sentry/.sentry run web
autostart=true
autorestart=true
redirect_stderr=true
user=sentry
stdout_logfile=syslog
stderr_logfile=syslog

[program:sentry-worker]
directory=/home/sentry/sentry_app/
environment=SENTRY_CONF="/home/sentry/.sentry"
command=/home/sentry/sentry_app/bin/sentry --config=/home/sentry/.sentry run worker
autostart=true
autorestart=true
redirect_stderr=true
user=sentry
stdout_logfile=syslog
stderr_logfile=syslog
startsecs=1
startretries=3
stopsignal=TERM
stopwaitsecs=10
stopasgroup=false
killasgroup=true

[program:sentry-cron]
directory=/home/sentry/sentry_app/
environment=SENTRY_CONF="/home/sentry/.sentry"
command=/home/sentry/sentry_app/bin/sentry --config=/home/sentry/.sentry run cron
autostart=true
autorestart=true
redirect_stderr=true
user=sentry
stdout_logfile=syslog
stderr_logfile=syslog
start the supervisor after all these operations:
systemctl start supervisord.service
18) Now we’ve completed all the steps necessary to install the program. Let’s open web browser and type Sentry address.
http://your_ip_address:9000
Fill in all the fields you need and your Sentry is ready!
Additional Steps:
If you want you can use Nginx, here is config for Https connection.
ssl.conf file:

server {
 listen     80;
 return     301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name yoursentry.com;

    ssl_certificate                 /etc/nginx/ssl/yoursentry.crt;
    ssl_certificate_key             /etc/nginx/ssl/yoursentry.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:128m;
    ssl_session_timeout 10m;


    location / {

    proxy_pass         http://sentry;
    proxy_set_header   Host                 $http_host;
    proxy_set_header   X-Forwarded-Proto    $scheme;
    proxy_set_header   X-Forwarded-For      $remote_addr;
    proxy_redirect     off;

    # keepalive + raven.js is a disaster
    keepalive_timeout 30;

    proxy_read_timeout 10s;
    proxy_send_timeout 10s;
    send_timeout 10s;
    resolver_timeout 10s;
    client_body_timeout 10s;

    # buffer larger messages
    client_max_body_size 10m;
    client_body_buffer_size 100k;

    add_header Strict-Transport-Security "max-age=31536000";
    }

  }

upstream sentry {
        keepalive 1024;
        server 0.0.0.0:9000 max_fails=2 fail_timeout=10m;
}

Автор: на
Ярлыки: ,

Комментариев нет:

Отправить комментарий

Примечание. Отправлять комментарии могут только участники этого блога.

Подписаться на: Комментарии к сообщению (Atom)