694241ad77
This started with me wondering why gerritbot was putting all its output into /var/log/syslog -- it turns out Xenial docker is configured to use journalctl (which forwards to syslog) and Bionic onwards uses json-file. Both are sub-optimial; but particularly the json-file because we lose the logs when the container dies. This proposes moving to a more standard model of having the containers log to syslog and redirecting that to files on disk. Install a rsyslog configuration to capture "docker-*" program names and put them into logfiles in /var/log/containers. Also install rotation for these files. In an initial group of docker-compose files, setup logging to syslog which should then be captured into these files. Add some basic testing. If this works OK, I think we can standardise our docker-compose files like this to caputure the logs the same everywhere. Change-Id: I940a5b05057e832e2efad79d9a2ed5325020ed0c
64 lines
2.4 KiB
Python
64 lines
2.4 KiB
Python
# Copyright 2018 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
testinfra_hosts = ['gitea99.opendev.org']
|
|
|
|
|
|
def test_gitea_listening(host):
|
|
gitea_https = host.socket("tcp://0.0.0.0:3000")
|
|
assert gitea_https.is_listening
|
|
gitea_http = host.socket("tcp://0.0.0.0:3080")
|
|
assert gitea_http.is_listening
|
|
gitea_ssh = host.socket("tcp://0.0.0.0:222")
|
|
assert gitea_ssh.is_listening
|
|
gitea_proxy = host.socket("tcp://0.0.0.0:3081")
|
|
assert gitea_proxy.is_listening
|
|
|
|
def test_ulimit(host):
|
|
cmd = host.run("docker exec gitea-docker_gitea-web_1 prlimit")
|
|
expected = ("STACK max stack size "
|
|
"16777216 9223372036854775807 bytes")
|
|
assert expected in cmd.stdout.split('\n')
|
|
|
|
def test_robots(host):
|
|
cmd = host.run('curl --insecure '
|
|
'--resolve gitea99.opendev.org:3000:127.0.0.1 '
|
|
'https://gitea99.opendev.org:3000/robots.txt')
|
|
assert 'Disallow: /' in cmd.stdout
|
|
|
|
def test_proxy(host):
|
|
cmd = host.run('curl --insecure '
|
|
'--resolve gitea99.opendev.org:3081:127.0.0.1 '
|
|
'https://gitea99.opendev.org:3081/')
|
|
assert 'Git with a cup of tea' in cmd.stdout
|
|
|
|
def test_proxy_ua_blacklist(host):
|
|
cmd = host.run('curl --insecure -A '
|
|
'" Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; TencentTraveler 4.0)" '
|
|
'--resolve gitea99.opendev.org:3081:127.0.0.1 '
|
|
'https://gitea99.opendev.org:3081/')
|
|
assert '403 Forbidden' in cmd.stdout
|
|
|
|
def test_ondisk_logs(host):
|
|
mariadb_log = host.file('/var/log/containers/docker-mariadb.log')
|
|
assert mariadb_log.exists
|
|
|
|
gitea_log = host.file('/var/log/containers/docker-gitea.log')
|
|
assert gitea_log.exists
|
|
|
|
gitea_ssh_log = host.file('/var/log/containers/docker-gitea-ssh.log')
|
|
assert gitea_ssh_log.exists
|
|
assert gitea_ssh_log.contains("Server listening on :: port 222.")
|