Merge "Add log gearman role"

ansible/playbooks/service-loggearman.yml

@@ -0,0 +1,6 @@
+---
+- name: Configure log-gearman-client and log-gearman-worker tools
+  hosts: logscraper01.openstack.org
+  become: true
+  roles:
+    - loggearman

ansible/roles/loggearman/README.rst

@@ -0,0 +1,32 @@
+Openstack Log Processor Tools
+=============================
+
+The goal of this role is to setup and configure service related
+to `log-gearman-client` and `log-gearman-worker` scripts, that
+were ported to this project repository from `puppet-log_processor repository
+<https://opendev.org/opendev/puppet-log_processor/src/branch/master/files>`__.
+
+Configuration
+-------------
+
+The role is automatically deploying services:
+
+* log-gearman-client
+* log-gearman-worker
+
+inside the container.
+
+Example playbook setup
+----------------------
+
+.. code-block:: yaml
+
+   - name: Configure loggearman tool
+     hosts: localhost
+     become: true
+     vars:
+       source_url: https://localhost
+       output_hosts: mylogstashhost.com
+       log_cert_verify: True
+     roles:
+       - loggearman

ansible/roles/loggearman/defaults/main.yml

@@ -0,0 +1,27 @@
+---
+loggearman_user: loggearman
+loggearman_group: loggearman
+
+loggearman_dir: /etc/loggearman
+loggearman_log_dir: /var/log/loggearman
+
+container_images:
+  # FIXME: Move image to dedicated repository on Docker hub.
+  loggearman: quay.rdoproject.org/software-factory/loggearman:latest
+
+# Gearman client
+source_url: ""
+zmq_publishers: []
+subunit_files: []
+source_files: []
+
+# Gearman worker
+gearman_host: 0.0.0.0
+gearman_port: 4731
+output_host: logstash.example.com
+output_port: 9999
+output_mode: tcp
+crm114_script: ""
+crm114_data: ""
+log_ca_certs: ""
+log_cert_verify: True

ansible/roles/loggearman/handlers/main.yml

@@ -0,0 +1,14 @@
+---
+- name: restart loggearman client
+  service:
+    name: loggearman-client
+    state: restarted
+    daemon-reload: true
+    enabled: true
+
+- name: restart loggearman worker
+  service:
+    name: loggearman-worker
+    state: restarted
+    daemon-reload: true
+    enabled: true

ansible/roles/loggearman/tasks/main.yml

@@ -0,0 +1,59 @@
+---
+- name: Create decidated group
+  group:
+    name: "{{ loggearman_group }}"
+    state: present
+
+- name: Create dedicated user
+  user:
+    name: "{{ loggearman_user }}"
+    state: present
+    comment: "Dedicated user for loggearman"
+    group: "{{ loggearman_group }}"
+    shell: "/sbin/nologin"
+    create_home: false
+
+- name: Create dedicated directories
+  file:
+    path: "{{ item }}"
+    state: directory
+    owner: "{{ loggearman_user }}"
+    group: "{{ loggearman_group }}"
+  loop:
+    - "{{ loggearman_dir }}"
+    - "{{ loggearman_log_dir }}"
+
+- name: Init log files
+  file:
+    path: "{{ loggearman_log_dir }}/{{ item }}.log"
+    state: touch
+    owner: "{{ loggearman_user }}"
+    group: "{{ loggearman_group }}"
+    mode: "0666"
+  loop:
+    - client
+    - worker
+
+- name: Ensure container software is installed
+  package:
+    name: podman
+    state: present
+
+- name: Pull image
+  shell: "podman pull {{ container_images['loggearman'] }}"
+
+- name: Create configuration files
+  template:
+    src: "{{ item }}.yml.j2"
+    dest: "{{ loggearman_dir }}/{{ item }}.yml"
+  loop:
+    - client
+    - worker
+  notify:
+    - restart loggearman {{ item }}
+
+- name: Configure loggearman service
+  include_tasks: service.yml
+  loop:
+    - client
+    - worker

ansible/roles/loggearman/tasks/service.yml

@@ -0,0 +1,17 @@
+---
+- name: Generate podman-loggearman-{{ item }} script
+  template:
+    src: loggearman.sh.j2
+    dest: "/usr/local/bin/podman-loggearman-{{ item }}"
+    mode: '0755'
+  notify:
+    - restart loggearman {{ item }}
+
+- name: Generate systemd unit loggearman-{{ item }}
+  template:
+    src: loggearman.service.j2
+    dest: "/etc/systemd/system/loggearman-{{ item }}.service"
+    owner: root
+    group: root
+  notify:
+    - restart loggearman {{ item }}

ansible/roles/loggearman/templates/client.yml.j2

@@ -0,0 +1,5 @@
+---
+source-url: {{ source_url }}
+zmq-publishers: {{ zmq_publishers }}
+subunit-files: {{ subunit_files }}
+source-files: {{ source_files }}

ansible/roles/loggearman/templates/loggearman.service.j2

@@ -0,0 +1,16 @@
+[Unit]
+Description=loggearman {{ item }} service
+After=syslog.target network.target
+StartLimitInterval=20
+StartLimitBurst=5
+
+[Service]
+Type=simple
+SyslogIdentifier=loggearman-{{ item }}
+ExecStart=/usr/local/bin/podman-loggearman-{{ item }}
+ExecStop=/usr/bin/podman stop loggearman-{{ item }}
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target

ansible/roles/loggearman/templates/loggearman.sh.j2

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# MANAGED BY ANSIBLE
+/usr/bin/podman run \
+    --network host \
+    --rm \
+    --name loggearman-{{ item }} \
+    --volume {{ loggearman_dir }}:{{ loggearman_dir }}:Z \
+    --volume {{ loggearman_log_dir }}:{{ loggearman_log_dir }}:z \
+    {{ container_images['loggearman'] }} \
+    log-gearman-{{ item }} \
+    -c {{ loggearman_dir }}/{{ item }}.yml \
+    --foreground \
+    -d {{ loggearman_log_dir }}/{{ item }}.log

ansible/roles/loggearman/templates/worker.yml.j2

@@ -0,0 +1,16 @@
+---
+gearman-host: {{ gearman_host }}
+gearman-port: {{ gearman_port }}
+output-host: {{ output_host }}
+output-port: {{ output_port }}
+output-mode: {{ output_mode }}
+log-cert-verify: {{ log_cert_verify }}
+{% if crm114_script %}
+crm114-script: {{ crm114_script }}
+{% endif %}
+{% if crm114_data %}
+crm114-data: {{ crm114_data }}
+{% endif %}
+{% if log_ca_certs %}
+log-ca-certs: {{ log_ca_certs }}
+{% endif %}