It seems that ansible's restart runs a service stop and then start instead of the restart. On Ubuntu trusty (at least) it seems that if you run sudo service supervisord stop && sudo service supervisord start it will randomly fail as it's still stopping when it then attempts to start it. To that end, I'd like to add a configurable value to the notification's service sleep value (default of 0) so that if it is an issue on people's systems like mine, then we can work around it

Below is my console error output
fatal: [dev-ansible]: FAILED! => {"changed": false, "cmd": "/usr/bin/pip3 install supervisor", "msg": "stdout: Collecting supervisor\n Using cached supervisor-3.3.4.tar.gz\n Complete output from command python setup.py egg_info:\n Supervisor requires Python 2.4 or later but does not work on any version of Python 3. You are using version 3.5.2 (default, Nov 23 2017, 16:37:01)\n [GCC 5.4.0 20160609]. Please install using a supported version.\n \n ----------------------------------------\n\n:stderr: Command \"python setup.py egg_info\" failed with error code 1 in /tmp/pip-build-j2izozhx/supervisor/\nYou are using pip version 8.1.1, however version 9.0.1 is available.\nYou should consider upgrading via the 'pip install --upgrade pip' command.\n"}

Right now, the only check that is present is whether item.state != 'absent' and if it's the case, the configuration is added to conf.d.

This makes it impossible to remove a program once it has been added, by setting its state to 'absent' afterwards.

A simple command that deletes the files when item.state == 'absent' would remedy this.
Or is this like that by design?

Steps to reproduce the problem:

1 The node has OS with Python 3, but not Python 2: Ubuntu 18.04.2 LTS
2 In order to manage this node host variable is set: ansible_python_interpreter: "/usr/bin/python3"
3 Later there are tasks to install Python 2 and pip ( python-minimal and python-pip apt packages correspondingly )
4 Executing geerlingguy.supervisor role version 2.0.2 gives an error:

fatal: [xxxxx]: FAILED! => {"changed": false, "cmd": ["/usr/bin/pip3", "install", "supervisor"], "msg": "stdout: Collecting supervisor
  Downloading https://files.pythonhosted.org/packages/ba/65/92575a8757ed576beaee59251f64a3287bde82bdc03964b89df9e1d29e1b/supervisor-3.3.5.tar.gz (421kB)
    Complete output from command python setup.py egg_info:
    Supervisor requires Python 2.4 or later but does not work on any version of Python 3.  You are using version 3.6.7 (default, Oct 22 2018, 11:32:17)
    [GCC 8.2.0].  Please install using a supported version.

    ----------------------------------------

:stderr: Command \"python setup.py egg_info\" failed with error code 1 in /tmp/pip-build-d68v4b_q/supervisor/
"}

Reason: Ansible tries to use pip3 to install supervisor, but there is Python 2 with appropriate pip version should be used.

Solution: to introduce new variable to control pip execution.

@geerlingguy , please, see my new PR to fix this problem.

This would not only ensure that supervisorctl is actually working, it would test one of the two configurations for the http server (either unix socket or TCP port 'inet').

Right now I have a demo program in the supervisor_programs variable.

We can allow playbooks to either manage programs entirely on their own, or we can let playbooks set their own supervisor_programs value... but I don't think we should have one in by default in any case.

Not only does it cause 2 of my CPU cores to spike to 100% when it runs the current /bin/cat demo (might be something funky with the Docker daemon), it's also a pretty worthless example.

Instead, for tests, maybe we could install Apache or something like that, then manage it with a program entry.

Can you add support for fcgi-program?
Thank you very much!!

The config template writes out the [superverctl] serverul port using the templated variable supervisor_inet_http_server_port. The defaults/main.yml sets this as:

supervisor_inet_http_server_port: '*:9001'

The relevant template line in templates/supervisord.conf

serverurl = http://localhost:{{ supervisor_inet_http_server_port }}

If the default values are all accepted and the template is expanded, the config file is written as:

serverurl = http://localhost:*:9001

This is invalid, and the supervisorctl will complain with a rather obscure python socket error.

Looks like SUPERVISORCTL in the init files doesn't use the supervisorctl_bin_path template variable and instead relies on using hard-coded /usr/local/bin/ and /usr/bin/ respectively.

Fix would simply require using template variable {{ supervisorctl_bin_path }} in following locations

• For Debian
  

  ansible-role-supervisor/templates/supervisord.init-Debian.j2

  Line 32 in 0c7626e

  SUPERVISORCTL=/usr/bin/supervisorctl

• For RedHat
  

  ansible-role-supervisor/templates/supervisord.init-RedHat.j2

  Line 41 in 0c7626e

  supervisorctl=/usr/bin/supervisorctl

I use groups to start and stop related processes. I think I should be able to configure groups using this role. It can be configured like this:

- supervisor_groups:
    - name: 'django'
      programs:
        - 'gunicorn'
        - 'celery'

If you're interested, I can submit a PR.

Restart supervisor will restart all programs registred and maybe already running. It would be better to use the ansible supervisorctl module instead of service no ?

Without ansible, we should use 'reread' and 'update' options provided by supervisorctl command.

Ansible provide these commands through the supervisorctl module but maybe you don't use these because if the preview flag ?

I'll glad to talk about it :)

Changing supervisor_started or supervisor_enabled to false doesn't respectively stop and disable the service, as I would expect. Once you have ran the playbook with them set to true there is no way back.

The role only checks for true statements:

- name: Ensure Supervisor is started (if configured).
  service:
    name: supervisord
    state: started
  when: supervisor_started

- name: Ensure Supervisor is enabled at boot (if configured).
  service:
    name: supervisord
    enabled: true
  when: supervisor_enabled

I'd assume there would also a false scenario:

- name: Ensure Supervisor is stopped (if configured).
  service:
    name: supervisord
    state: stopped
  when: not supervisor_started

- name: Ensure Supervisor is disabled at boot (if configured).
  service:
    name: supervisord
    enabled: false
  when: not supervisor_enabled

What do you think?

Currently there's an issue with the version of setuptools that's installed by default on CentOS 6 minimal. During Travis CI tests (and confirmed locally), I get the following error:

TASK [role_under_test : Ensure Supervisor is started (if configured).] *********
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "Traceback (most recent call last):\n  File \"/usr/bin/supervisord\", line 5, in <module>\n    from pkg_resources import load_entry_point\n  File \"/usr/lib/python2.6/site-packages/pkg_resources.py\", line 2655, in <module>\n    working_set.require(__requires__)\n  File \"/usr/lib/python2.6/site-packages/pkg_resources.py\", line 648, in require\n    needed = self.resolve(parse_requirements(requirements))\n  File \"/usr/lib/python2.6/site-packages/pkg_resources.py\", line 546, in resolve\n    raise DistributionNotFound(req)\npkg_resources.DistributionNotFound: meld3>=0.6.5\n"}

Googling around, it looks like the issue is outlined here: Supervisor/meld3#23 — and in that thread, there's a comment with the suggested fix for CentOS/RHEL 6: Supervisor/meld3#23 (comment)

So, to get this role properly working on RHEL/CentOS 6, I need to figure out how to make sure setuptools is updated. For now, I'm going to disable the CentOS 6 test since I don't use it anywhere actively.

Who knows, maybe by the time I get around to this... CentOS 6 won't be supported anymore, ha! (Who am I kidding...)

With port like

 supervisor_inet_http_server_port: '127.0.0.1:9001'

It does not create the config correctly, thus when you go to check the status, it comes up with,

supervisorctl -c /etc/supervisor/supervisord.conf
error: <class 'socket.gaierror'>, [Errno -2] Name or service not known: file: /usr/lib64/python2.7/socket.py line: 553

The supervisor_bin_path changed in CentOS 8 to:
/usr/local/bin/supervisord

Guess this has something todo with my pip version (geerlingguy.pip)

#pip3 --version
pip 9.0.3 from /usr/lib/python3.6/site-packages (python 3.6)

There should a variable that specifies whether authentication should be added to the configuration file.

Is there any means of setting the chmod setting as described here? If not, can I submit a PR?

Currently, the defaults don't allow for supervisorctl to be run at all, since there's no configuration it can look towards to get at supervisord.

Setting supervisor_unix_http_server_enable to true by default means users will be able to use supervisorctl out of the box (though it's recommended you set a supervisor_password!).

Is there a reason to use a list in place of a dict to define supervisor_programs ?

You define it like this:

supervisor_programs:
    - name: 'apache'
        command: "{{ apache_start_command }}"
        state: present
        configuration: |
            autostart=true
            autorestart=true
            startretries=1
            startsecs=1
            redirect_stderr=true
            stderr_logfile=/var/log/apache-err.log
            stdout_logfile=/var/log/apache-out.log
            user=root
            killasgroup=true
            stopasgroup=true

Why not define it like this:

supervisor_programs:
    apache:
        command: "{{ apache_start_command }}"
        state: present
        autostart: true
        autorestart: true
        startretries: 1
        startsecs: 1
        redirect_stderr: true
        stderr_logfile: /var/log/apache-err.log
        stdout_logfile: /var/log/apache-out.log
        user: root
        killasgroup: true
        stopasgroup: true

It will simplify a little the programm conf template:

[program:{{ item.key }}]
{% for option, value in item.value.iteritems() %}
{{ option }} = {{ value }}
{% endfor %}

Maybe I miss something 😕

I've just executed this role targeting a fresh Ubuntu 18.04 node that already had a supervisor service installed.
After run this role I ended up with 2 services: supervisor and supervisord (installed by this role through pip3).

Questions:

1. Is there any reason/advantage to not use a distribution package that already runs as a system service and restart automatically?

2. Is it recommended to add a task to remove the existing service and keep only the one installed by this role?

3. Is this a bug? The output of supervisorctl reread changed:
   Before running this role:

supervisorctl reread
No config updates to processes

After running this role:

supervisorctl reread
error: <class 'socket.error'>, [Errno 2] No such file or directory: 
file: /usr/lib/python2.7/socket.py line: 228

Notice the error mentions python 2.7, but I don't have pip available on the target node, just pip3, and my ansible.cfg file has interpreter_python=/usr/bin/python3.

Not sure if it's a bug, so any help is appreciated.

Update: Error described on question 3 was fixed by re-running my playbook that uses this role.

If both supervisor_unix_http_server_enable and supervisor_inet_http_server_enable is set to false, configuration is not valid, because there is no [supervisorctl] section.

Error: .ini file does not include supervisorctl section
For help, use /bin/supervisorctl -h

When supervisor_inet_http_server_enable is true, serverurl is set with a hard-coded 'localhost' hostname and supervisor_inet_http_server_port as the port

serverurl = http://localhost:{{ supervisor_inet_http_server_port }}

The issue is that both of these are valid port values:

with hostname

[inet_http_server]
port = 127.0.0.1:9001

with wildcard

[inet_http_server]
port = *:9001

This causes the serverurl above to have an invalid value with no way of omitting/disabling/ignoring it.

serverurl = http://localhost:*:9001

I'd be happy to send a PR to address this, but am not sure what the intention of hard-coding this http://localhost:... prefix was.

I cannot run this role on Ubuntu 20.4 :

TASK [supervisor : Ensure Supervisor is installed.] ****************************
fatal: [snfreports-com]: FAILED! => {"changed": false, "msg": "Unable to find any of pip3 to use.  pip needs to be installed."}

I fixed it with:

- name: install pip3
  apt:
    name:
      - python3-pip
    state: present

- name: Ensure pip requirements exist on host are installed.
  pip:
    name:
      - setuptools
      - virtualenv
    state: present

- name: Ensure Supervisor is installed.
  pip:
    name: supervisor
    state: present
    version: "{{ supervisor_version | default(omit) }}"

I built this in an hour of free time tonight, and after the first few variables I decided to stop documenting them as I went... so I definitely need to add some docs around the http/unix server, username and password, etc.

The template for the supervisord.conf sets an invalid value in the [supervisorctl] section of the supervisord.conf.j2 template.

password = {SHA}{{ supervisor_password|hash('sha1') }}

The documentation for Supervisor config file format (http://supervisord.org/configuration.html#supervisorctl-section-settings) states that:

The password to pass to the supervisord server for use in authentication. This should be the cleartext version of password from the supervisord server configuration for the port or UNIX domain socket you’re attempting to access. This value cannot be passed as a SHA hash. Unlike other passwords specified in this file, it must be provided in cleartext.

As currently templated, the supverisorctl is unable to recognize the password provided at the command prompt after the role templates the config file.

On RedHat/CentOS systems there is a version of supervisord already provided in its repository. It would be great if this role allowed installation from the builtin repo instead.

As a side note it would probably be good to have installation be behind a variable instead of being part of main.

Something with the init script or something else seems to be causing the idempotence test to fail:

...
TASK [role_under_test : Copy Supervisor unit file into place (for systemd systems).] ***
skipping: [localhost]

TASK [role_under_test : Ensure Supervisor is started (if configured).] *********
changed: [localhost]

TASK [role_under_test : Ensure Supervisor is enabled at boot (if configured).] ***
ok: [localhost]

PLAY RECAP *********************************************************************
localhost                  : ok=12   changed=1    unreachable=0    failed=0   

Idempotence test: fail

So, maybe it's the init script returning the wrong exit code or something. Regardless, for the time being, I'm disabling the idempotence test only for Ubuntu 14.04 until I can figure it out a little better.

When setting the variable supervisor_version: latest if supervisor is already installed, it does not upgrade to tatest version.

Have given a Pull requests to resolve the issue.

If there is no pidfile option in /etc/supervisor/supervisord.conf init scripts for Debian and for RedHat are unable to control supervisor.

They try to find pid file at /var/run/supervisord.pid , but by default it located at $CWD/supervisord.pid ( see pidfile at http://supervisord.org/configuration.html#supervisord-section-values please )

Got problem
Another program is already listening on a port that one of our HTTP servers is configured to use
at Ubuntu 14.04 with Supervisor v 3.3 when trying to restart supervisor via

sudo service supervisord restart

Supervisor has been installed via your role so that is why I'm create this issue and going to make simple PR to fix that problem.