Skip to content

512. Setting up Python Rules Service

This section provides steps for setting up a Foretify Manager service that runs Python Rules scripts in a selected workspace on demand. (See Python Rules for Triage for a detailed explanation.)

512.1 Setting up Python Rules Service with RabbitMQ

Foretify Manager communicates with the python rules service via RabbitMQ - an event-based, message-queue service. For configuring a RabbitMQ broker, refer to Integrating with RabbitMQ.

512.2 Python Rules Service configuration

Python Rules Service requires you to configure its connection to RabbitMQ using the following arguments:

  • config_file_path: absolute filepath of the configuration file
  • rabbitmq_host: broker hostname (default is localhost)
  • rabbitmq_port: broker listening port number (default is 5672)
  • rabbitmq_user: authorized username for the broker (default is guest)
  • rabbitmq_pass: user's password (default is guest)
  • rabbitmq_vhost: The virtual host name (must match spring.rabbitmq.virtual-host in Foretify Manager's application.properties) (default is /)
  • temp_path: path where tdocs directories are temporarily stored when applying python rules (default is /tmp)
  • log_file_path: path were service's log files are stored (default is /var/log/foretellix/python_rules.log)
  • rabbitmq_https: use SSL-enabled connection with the broker (default is False)
  • ca_certificate: path to CA certificate (.pem), required when the secured broker's certificate is self-signed
  • certificate: path to self-signed certificate (.pem), required when the secured broker has mTLS enabled
  • private_key: path to private key (.pem), required when the secured broker has mTLS enabled
  • workers_count: amount of worker instances (threads) that process and apply requests (default is 3)

Configuring the above arguments can be done either with a configuration file (see example below), or by specifying the command line arguments.

When an argument is provided in both the command line and the configuration file, the value specified in the command line takes precedence.

512.2.1 Configuration file example

The following example shows a typical config.properties file used by the service:

config.properties - configuration file for Python Rules Service
[settings]
rabbitmq_host=localhost
rabbitmq_port=5672
rabbitmq_user=guest
rabbitmq_pass=guest
rabbitmq_vhost=/
temp_path=/tmp
log_file_path=/var/log/foretellix/python_rules.log
#rabbitmq_https=True
#ca_certificate=
#certificate=
#private_key=
  • The default config.properties is located in <installation-folder>/config/python_rules_service/*

512.3 Running Python Rules Service

The python_rules_service executable is located in <installation-folder>/server/bin/

  1. Create a file named python-rules.service and save it in /etc/systemd/system/:
Shell command: create a python-rules.service file
[Unit]
Description=Python Rules Service Daemon
After=fmanager.service

[Service]
ExecStart=<path-to-python-rules-service-executable> --config_file_path=<path-to-config-file>
Restart=always
RestartSec=30
  1. Run the service:
Shell command: run python rules service
systemctl start python-rules.service

512.3.1 Run Python Rules Service using Amazon MQ

Python Rules Service and Foretify Manager also support connecting to an Amazon MQ broker. To integrate Foretify Manager first, see Integrating with Amazon MQ for details.

  1. Set the configuration file:

    config.properties - configuration file for python rules service using Amazon MQ broker
    [settings]
rabbitmq_host=<amazon-broker-id>.mq.<region>.amazonaws.com
rabbitmq_port=5671
rabbitmq_user=<user>
rabbitmq_pass=<password>
rabbitmq_vhost=/
temp_path=/tmp
log_file_path=/var/log/foretellix/python_rules.log
rabbitmq_https=True
#ca_certificate=
#certificate=
#private_key=

  2. Run the python rules service with the updated configuration file.

512.4 Run Dockerized Python Rules Service

512.4.1 Prerequisites

Configuration files should be located in <path-to-Dockerfile>/config/python_rules_service/.

  1. Set the configuration file:

    config.properties - configuration file for python rules service using Amazon MQ broker
    [settings]
rabbitmq_host=localhost
rabbitmq_port=5672
rabbitmq_user=guest
rabbitmq_pass=guest
rabbitmq_vhost=/
temp_path=/tmp
log_file_path=/var/log/foretellix/python_rules.log
#rabbitmq_https=True
#ca_certificate=/app/ca_certificate.pem
#certificate=/app/certificate.pem
#private_key=/app/private_key.pem

  2. Create a Docker image for the service, using the create_image.sh script located in <installation-folder>/docker/python_rules_service:

Shell command: create the Python Rules Service Docker image
chmod +x create_image.sh
./create_image.sh

512.4.2 Run the Python Rules Service Docker image

Run a single service instance by executing docker run:

Shell command: start the dockerized Python Rules Service
docker run -d -it -v /var/log/foretellix/python_rules.log:/var/log/foretellix/python_rules.log python-rules-service
  • Ensure that the python_rules.log file is created before starting the container.
  • If needed, specify the network configuration between Docker containers. For example, if RabbitMQ is dockerized and running on the same PC, add --network="host" to the command above.

512.4.3 Running multiple Python Rules Service instances

The Python Rules Service processes 'apply python rules' requests sequentially. This means that at any given time, a single service can only process a number of requests lower than or equal to the configured workers_count.

RabbitMQ enforces a 1-hour timeout for each request to be fetched by a worker. ** A request not picked up within this period, will result in a timed out error**.

Foretify Manager supports running multiple instances of the Python Rules Service. To distribute the workload evenly, several instances should be deployed.

Deploying several dockerized Python Rules Service instances can be done by running multiple Docker containers of the same image.