openstack
/
fuel-library
Code Issues Proposed changes

Revert "Moving rsyslog to librarian" 

This reverts commit 949bd5831d.

Change-Id: I042ee40c2b33dff376101e78145f02199a56dfdf
Related-Bug: #1505180
Related-Bug: #1504596
This commit is contained in:
Alex Schultz 2015-10-12 13:18:25 +00:00 committed by Matthew Mosesohn
parent 949bd5831d
commit ba2a601daf
26 changed files with 680 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
deployment/.gitignore vendored
View File

@ -16,7 +16,6 @@ puppet/sysctl
puppet/staging
puppet/vcsrepo
puppet/postgresql
puppet/rsyslog
puppet/openstacklib
puppet/keystone
puppet/neutron

5
deployment/Puppetfile
View File

@ -91,11 +91,6 @@ mod 'postgresql',
:git => 'https://review.fuel-infra.org/p/puppet-modules/puppetlabs-postgresql.git',
:ref => '4.0.0'
# Pull in saz-rsyslog
mod 'rsyslog',
:git => 'https://review.fuel-infra.org/p/puppet-modules/puppet-rsyslog.git',
:ref => 'v3.5.1'
# Pull in puppet-openstacklib
mod 'openstacklib',
:git => 'https://review.fuel-infra.org/p/puppet-modules/puppet-openstacklib.git',

28
deployment/puppet/nailgun/examples/rsyslog-only.pp
View File

@ -5,34 +5,26 @@ Class['docker::container'] ->
Class['rsyslog::server'] ->
Class['openstack::logrotate']
class { '::docker::container': }
class {'docker::container': }
# We do not supply these packages for our fuel master so we need to set them
# to false so the module does not attempt to install it.
class { '::rsyslog':
relp_package_name => false,
gnutls_package_name => false,
mysql_package_name => false,
pgsql_package_name => false,
}
class { '::rsyslog::server':
class {"::rsyslog::server":
enable_tcp => true,
enable_udp => true,
enable_relp => false,
server_dir => '/var/log/',
port => 514,
high_precision_timestamps => true,
}
::rsyslog::snippet{ '00-disable-EscapeControlCharactersOnReceive':
content => '$EscapeControlCharactersOnReceive off'
}
# Fuel specific config for logging parse formats used for /var/log/remote
$show_timezone = true
::rsyslog::snippet { '30-remote-log':
content => template('openstack/30-server-remote-log.conf.erb'),
$logconf = "${::rsyslog::params::rsyslog_d}30-remote-log.conf"
file { $logconf :
content => template('openstack/30-server-remote-log.conf.erb'),
require => Class['::rsyslog::server'],
owner => root,
group => $::rsyslog::params::run_group,
mode => 0640,
notify => Class["::rsyslog::service"],
}
class { '::openstack::logrotate':

2
deployment/puppet/openstack/.fixtures.yml
View File

@ -32,10 +32,10 @@ fixtures:
'sahara':
repo: 'https://review.fuel-infra.org/puppet-modules/puppet-sahara.git'
branch: '7.0.0-mos-rc1'
'rsyslog': 'https://github.com/saz/puppet-rsyslog.git'
symlinks:
'openstack': "#{source_dir}"
'osnailyfacter': "#{source_dir}/../osnailyfacter"
'l23network': "#{source_dir}/../l23network"
'rsyslog': "#{source_dir}/../rsyslog"
'mysql': "#{source_dir}/../mysql"
'murano': "#{source_dir}/../murano"

308
deployment/puppet/openstack/manifests/logging.pp
View File

@ -1,92 +1,22 @@
# == Class: openstack::logging
# Class for rsyslog server/client logging
#
# This class is for configuring rsyslog server/client logging
#
# === Parameters
#
# [*role*]
# (optional) log server or client
# Defaults to 'client'
#
# [*log_remote*]
# (optional) send logs to remote server(s). Can be used with local logging.
# Defaults to true.
#
# [*log_local*]
# (optional) local logging. Can be used with remote logging.
# Defaults to false.
#
# [*log_auth_local*]
# (optional) auth logging. Can be used with remote logging.
# Defaults to false.
#
# [*rotation*]
# (optional) logrotate option for rotation period - daily, weekly, monthly,
# yearly.
# Defaults to 'daily'.
#
# [*keep*]
# (optional) logrotate option for number or rotated log files to keep.
# Defaults to '7'.
#
# [*minsize*]
# (optional) rotate log files periodically only if bigger than this value
# Defaults to '10M'.
#
# [*maxsize*]
# (optional) force rotate if this value has been exceeded
# Defaults to '100M'.
#
# [*rservers*]
# (optional) array of hashes which represents remote logging servers for
# client role.
# Defaults to [{'remote_type' => 'udp', 'server' => 'master', 'port' =>'514'},]
#
# [*port*]
# (optional) port to use by server role for remote logging.
# Defaults to 514.
#
# [*proto*]
# (optional) tcp/udp/both proto(s) for remote log server role.
# Defaults to 'udp'.
#
# [*show_timezone*]
# (optional) if enabled, high_precision_timestamps (date-rfc3339) with GMT
# would be used
# for logging. Default is false (date-rfc3164), examples:
# date-rfc3339: 2010-12-05T02:21:41.889482+01:00,
# date-rfc3164: Dec 5 02:21:13,
# Defaults to false.
#
# [*virtual*]
# (optional) if node is virtual, fix for udp checksums should be applied
# Defaults to false.
#
# [*rabbit_log_level*]
# assign syslog log level for all rabbit messages which are not an ERROR
# (rabbit does not support syslog, imfile is used for log capturing)
# Defaults to 'NOTICE'.
#
# [*production*]
# (optional)
# Defaults to 'prod'.
#
# [*escapenewline*]
# (optional) If set to true, rsyslog will be configured with
# EscapeControlCharactersOnReceive = on. This directive instructs rsyslogd to
# replace control characters during reception of the message. The intent is
# to provide a way to stop non-printable messages from entering the syslog
# system as whole. If this option is turned on, all control-characters are
# converted to a 3-digit octal number and be prefixed with the
# parser.controlCharacterEscapePrefix character (being '#' by default). For
# example, if the BEL character (ctrl-g) is included in the message, it would
# be converted to "#007". To be compatible to sysklogd, this option must be
# turned on.
# Defaults to false.
#
# [*debug*]
# (optional)
# Defaults to false.
# [role] log server or client
# [log_remote] send logs to remote server(s). Can be used with local logging.
# [log_local], [log_auth_local] local & auth logging. Can be used with remote logging.
# [rotation] logrotate option for rotation period - daily, weekly, monthly, yearly.
# [keep] logrotate option for number or rotated log files to keep.
# [minsize] rotate log files periodically only if bigger than this value
# [maxsize] force rotate if this value has been exceeded
# [rservers] array of hashes which represents remote logging servers for client role.
# [port] port to use by server role for remote logging.
# [proto] tcp/udp/both proto(s) for remote log server role.
# [show_timezone] if enabled, high_precision_timestamps (date-rfc3339) with GMT would be used
# for logging. Default is false (date-rfc3164), examples:
# date-rfc3339: 2010-12-05T02:21:41.889482+01:00,
# date-rfc3164: Dec 5 02:21:13,
# [virtual] if node is virtual, fix for udp checksums should be applied
# [rabbit_log_level] assign syslog log level for all rabbit messages which are not an ERROR
# (rabbit does not support syslog, imfile is used for log capturing)
#
class openstack::logging (
$role = 'client',
@ -97,7 +27,7 @@ class openstack::logging (
$keep = '7',
$minsize = '10M',
$maxsize = '100M',
$rservers = [{'remote_type'=>'udp', 'server'=>'master', 'port'=>'514'},], # lint:ignore:80chars
$rservers = [{'remote_type'=>'udp', 'server'=>'master', 'port'=>'514'},],
$port = '514',
$proto = 'udp',
$show_timezone = false,
@ -114,48 +44,57 @@ class openstack::logging (
# Fix for udp checksums should be applied if running on virtual node
if $virtual {
class { '::openstack::checksum_udp' : port => $port }
class { "openstack::checksum_udp" : port => $port }
}
include ::rsyslog::params
# Set access and notifications for rsyslog client
File {
owner => $::rsyslog::params::run_user,
group => $::rsyslog::params::run_group,
mode => 0640,
notify => Class["::rsyslog::service"],
}
# Configure syslog roles
if $role == 'client' {
if $rservers == undef {
fail('Please provide a valid $rservers configuration')
} else {
$rservers_real = [{'remote_type'=>$remote_type, 'server'=>$server, 'port'=>$port}]
}
else {
$rservers_real = $rservers
}
# Configure logging templates for rsyslog client side
# Rabbitmq does not support syslogging, use imfile
::rsyslog::imfile { '04-rabbitmq' :
file_name => "/var/log/rabbitmq/rabbit@${::hostname}.log",
file_tag => 'rabbitmq',
file_facility => 'syslog',
::rsyslog::imfile { "04-rabbitmq" :
file_name => "/var/log/rabbitmq/rabbit@${hostname}.log",
file_tag => "rabbitmq",
file_facility => "syslog",
file_severity => $rabbit_log_level,
}
::rsyslog::imfile { '04-rabbitmq-sasl' :
file_name => "/var/log/rabbitmq/rabbit@${::hostname}-sasl.log",
file_tag => 'rabbitmq-sasl',
file_facility => 'syslog',
::rsyslog::imfile { "04-rabbitmq-sasl" :
file_name => "/var/log/rabbitmq/rabbit@${hostname}-sasl.log",
file_tag => "rabbitmq-sasl",
file_facility => "syslog",
file_severity => $rabbit_log_level,
}
::rsyslog::imfile { '04-rabbitmq-startup_err' :
file_name => '/var/log/rabbitmq/startup_err',
file_tag => 'rabbitmq-startup_err',
file_facility => 'syslog',
file_severity => 'ERROR',
::rsyslog::imfile { "04-rabbitmq-startup_err" :
file_name => "/var/log/rabbitmq/startup_err",
file_tag => "rabbitmq-startup_err",
file_facility => "syslog",
file_severity => "ERROR",
}
::rsyslog::imfile { '04-rabbitmq-shutdown_err' :
file_name => '/var/log/rabbitmq/shutdown_err',
file_tag => 'rabbitmq-shutdown_err',
file_facility => 'syslog',
file_severity => 'ERROR',
::rsyslog::imfile { "04-rabbitmq-shutdown_err" :
file_name => "/var/log/rabbitmq/shutdown_err",
file_tag => "rabbitmq-shutdown_err",
file_facility => "syslog",
file_severity => "ERROR",
}
::rsyslog::imfile { '05-apache2-error':
@ -208,118 +147,124 @@ class openstack::logging (
}
# mco does not support syslog also, hence use imfile
::rsyslog::imfile { '61-mco_agent_debug' :
file_name => '/var/log/mcollective.log',
file_tag => 'mcollective',
file_facility => 'daemon',
file_severity => 'DEBUG',
::rsyslog::imfile { "61-mco_agent_debug" :
file_name => "/var/log/mcollective.log",
file_tag => "mcollective",
file_facility => "daemon",
file_severity => "DEBUG",
}
# OS syslog configs for rsyslog client
::rsyslog::snippet { '10-nova':
file { "${::rsyslog::params::rsyslog_d}10-nova.conf":
ensure => present,
content => template("${module_name}/10-nova.conf.erb"),
}
::rsyslog::snippet { '20-keystone':
file { "${::rsyslog::params::rsyslog_d}20-keystone.conf":
ensure => present,
content => template("${module_name}/20-keystone.conf.erb"),
}
::rsyslog::snippet { '30-cinder':
file { "${::rsyslog::params::rsyslog_d}30-cinder.conf":
ensure => present,
content => template("${module_name}/30-cinder.conf.erb"),
}
::rsyslog::snippet { '40-glance':
file { "${::rsyslog::params::rsyslog_d}40-glance.conf":
ensure => present,
content => template("${module_name}/40-glance.conf.erb"),
}
::rsyslog::snippet { '50-neutron':
file { "${::rsyslog::params::rsyslog_d}50-neutron.conf":
ensure => present,
content => template("${module_name}/50-neutron.conf.erb"),
}
::rsyslog::snippet { '51-ceilometer':
file { "${::rsyslog::params::rsyslog_d}51-ceilometer.conf":
ensure => present,
content => template("${module_name}/51-ceilometer.conf.erb"),
}
::rsyslog::snippet { '52-sahara':
content => template("${module_name}/52-sahara.conf.erb"),
}
::rsyslog::snippet { '53-murano':
file { "${::rsyslog::params::rsyslog_d}53-murano.conf":
ensure => present,
content => template("${module_name}/53-murano.conf.erb"),
}
::rsyslog::snippet { '54-heat':
file { "${::rsyslog::params::rsyslog_d}54-heat.conf":
ensure => present,
content => template("${module_name}/54-heat.conf.erb"),
}
::rsyslog::snippet { '02-ha':
content => template("${module_name}/02-ha.conf.erb"),
file { "${::rsyslog::params::rsyslog_d}52-sahara.conf":
ensure => present,
content => template("${module_name}/52-sahara.conf.erb"),
}
::rsyslog::snippet { '03-dashboard':
file { "${::rsyslog::params::rsyslog_d}02-ha.conf":
ensure => present,
content => template("${module_name}/02-ha.conf.erb"),
}
file { "${::rsyslog::params::rsyslog_d}03-dashboard.conf":
ensure => present,
content => template("${module_name}/03-dashboard.conf.erb"),
}
::rsyslog::snippet { '04-mysql':
file { "${::rsyslog::params::rsyslog_d}04-mysql.conf":
ensure => present,
content => template("${module_name}/04-mysql.conf.erb"),
}
::rsyslog::snippet { '60-puppet-apply':
file { "${::rsyslog::params::rsyslog_d}60-puppet-apply.conf":
content => template("${module_name}/60-puppet-apply.conf.erb"),
}
::rsyslog::snippet { '61-mco-nailgun-agent':
file { "${::rsyslog::params::rsyslog_d}61-mco-nailgun-agent.conf":
content => template("${module_name}/61-mco-nailgun-agent.conf.erb"),
}
::rsyslog::snippet { '62-mongod':
file { "${::rsyslog::params::rsyslog_d}62-mongod.conf":
content => template("${module_name}/62-mongod.conf.erb"),
}
::rsyslog::snippet { '80-swift':
content => template("${module_name}/80-swift.conf.erb"),
file { "${rsyslog::params::rsyslog_d}80-swift.conf":
content => template("openstack/80-swift.conf.erb"),
}
# Custom settings for rsyslog client to define remote logging and local
# options
::rsyslog::snippet { '90-local':
# Custom settings for rsyslog client to define remote logging and local options
file { "${::rsyslog::params::rsyslog_d}90-local.conf":
content => template("${module_name}/90-local.conf.erb"),
}
::rsyslog::snippet { '00-remote':
content => template("${module_name}/00-remote.conf.erb"),
file { "${::rsyslog::params::rsyslog_d}00-remote.conf":
content => template("${module_name}/00-remote.conf.erb"),
}
class { '::rsyslog::client':
log_remote => $log_remote,
log_local => $log_local,
log_auth_local => $log_auth_local,
}
unless $escapenewline {
::rsyslog::snippet{ '00-disable-EscapeControlCharactersOnReceive':
content => '$EscapeControlCharactersOnReceive off'
}
class { "::rsyslog::client":
log_remote => $log_remote,
log_local => $log_local,
log_auth_local => $log_auth_local,
escapenewline => $escapenewline,
}
} else { # server
if $proto == 'both' {
firewall { "${port} udp rsyslog":
port => $port,
proto => 'udp',
action => 'accept',
firewall { "$port udp rsyslog":
port => $port,
proto => 'udp',
action => 'accept',
}
firewall { "${port} tcp rsyslog":
port => $port,
proto => 'tcp',
action => 'accept',
firewall { "$port tcp rsyslog":
port => $port,
proto => 'tcp',
action => 'accept',
}
} else {
firewall { "${port} ${proto} rsyslog":
port => $port,
proto => $proto,
action => 'accept',
firewall { "$port $proto rsyslog":
port => $port,
proto => $proto,
action => 'accept',
}
}
@ -331,32 +276,31 @@ class openstack::logging (
$enable_udp = $proto ? { 'udp' => true, 'both' => true, default => true }
}
class { '::rsyslog::server':
enable_tcp => $enable_tcp,
enable_udp => $enable_udp,
server_dir => '/var/log/',
high_precision_timestamps => $show_timezone,
port => $port,
}
::rsyslog::snippet{ '00-disable-EscapeControlCharactersOnReceive':
content => '$EscapeControlCharactersOnReceive off'
class {"::rsyslog::server":
enable_tcp => $enable_tcp,
enable_udp => $enable_udp,
server_dir => '/var/log/',
high_precision_timestamps => $show_timezone,
port => $port,
}
# Fuel specific config for logging parse formats used for /var/log/remote
::rsyslog::snippet { '30-remote-log':
$logconf = "${::rsyslog::params::rsyslog_d}30-remote-log.conf"
file { $logconf :
content => template("${module_name}/30-server-remote-log.conf.erb"),
require => Class['::rsyslog::server'],
}
}
# Configure log rotation
class { '::openstack::logrotate':
role => $role,
rotation => $rotation,
keep => $keep,
minsize => $minsize,
maxsize => $maxsize,
debug => $debug,
class {"::openstack::logrotate":
role => $role,
rotation => $rotation,
keep => $keep,
minsize => $minsize,
maxsize => $maxsize,
debug => $debug,
}
# Deprecated stuff handling section
@ -367,7 +311,6 @@ class openstack::logging (
# Ensure all OS services logging reconfiguration for deleted log_configs
# (log_config was deprecated and should be removed from existing configs)
# lint:ignore:80chars
Ceilometer_config <| title == 'DEFAULT/log_config' |> { ensure => absent }
Cinder_config <| title == 'DEFAULT/log_config' |> { ensure => absent }
Glance_api_config <| title == 'DEFAULT/log_config' |> { ensure => absent }
@ -381,7 +324,6 @@ class openstack::logging (
Nova_config <| title == 'DEFAULT/log_config' |> { ensure => absent }
Sahara_config <| title == 'DEFAULT/log_config' |> { ensure => absent }
Murano_config <| title == 'DEFAULT/log_config' |> { ensure => absent }
# lint:endignore
#TODO(bogdando) if 4.1.1 -> 5.0 upgrade will be supported later
# remove all existing rsyslog::imfile templates for Openstack

13
deployment/puppet/openstack/spec/classes/openstack_logging_spec.rb
View File

@ -72,9 +72,9 @@ describe 'openstack::logging' do
should contain_class('rsyslog::client').with(
:log_remote => p[:log_remote],
:log_local => p[:log_local],
:log_auth_local => p[:log_auth_local]
:log_auth_local => p[:log_auth_local],
:escapenewline => p[:escapenewline]
)
should contain_rsyslog__snippet('00-disable-EscapeControlCharactersOnReceive')
end
end
@ -99,7 +99,6 @@ describe 'openstack::logging' do
:maxsize => p[:maxsize],
:debug => p[:debug]
)
should contain_rsyslog__snippet('00-disable-EscapeControlCharactersOnReceive')
end
end
context 'with virtual = true' do
@ -116,9 +115,7 @@ describe 'openstack::logging' do
let :facts do
{ :osfamily => 'Debian',
:operatingsystem => 'Debian',
:hostname => 'hostname.example.com',
:rsyslog_version => '7.4.4',
}
:hostname => 'hostname.example.com', }
end
it_configures 'logging configuration'
@ -128,9 +125,7 @@ describe 'openstack::logging' do
let :facts do
{ :osfamily => 'RedHat',
:operatingsystem => 'RedHat',
:hostname => 'hostname.example.com',
:rsyslog_version => '5.8.10',
}
:hostname => 'hostname.example.com', }
end
it_configures 'logging configuration'

23
deployment/puppet/rsyslog/.project Normal file
View File

@ -0,0 +1,23 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>rsyslog</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.cloudsmith.geppetto.pp.dsl.ui.modulefileBuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.xtext.ui.shared.xtextBuilder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.cloudsmith.geppetto.pp.dsl.ui.puppetNature</nature>
<nature>org.eclipse.xtext.ui.shared.xtextNature</nature>
</natures>
</projectDescription>

8
deployment/puppet/rsyslog/Modulefile Normal file
View File

@ -0,0 +1,8 @@
name 'saz-rsyslog'
version '1.1.4'
source 'UNKNOWN'
author 'saz'
license 'Apache License, Version 2.0'
summary 'UNKNOWN'
description 'Manage rsyslog client and server via Puppet'
project_page 'https://github.com/saz/puppet-rsyslog'

80
deployment/puppet/rsyslog/README.md Normal file
View File

@ -0,0 +1,80 @@
# puppet-rsyslog
================
Manage rsyslog client and server via Puppet
## REQUIREMENTS
* Puppet >=2.6 if using parameterized classes
* Currently supports Ubuntu >=11.04 & Debian running rsyslog >=4.5
## USAGE
### Client
#### Using default values
```
class { 'rsyslog::client': }
```
#### Variables and default values
```
class { 'rsyslog::client':
log_remote => true,
remote_type => 'tcp',
log_local => false,
log_auth_local => false,
custom_config => undef,
server => 'log',
port => '514',
}
```
### Server
#### Using default values
```
class { 'rsyslog::server': }
```
#### Variables and default values
```
class { 'rsyslog::server':
enable_tcp => true,
enable_udp => true,
server_dir => '/srv/log/',
custom_config => undef,
high_precision_timestamps => false,
}
```
Both can be installed at the same time.
## PARAMETERS
The following lists all the class parameters this module accepts.
RSYSLOG::SERVER CLASS PARAMETERS VALUES DESCRIPTION
--------------------------------------------------------------
enable_tcp true,false Enable TCP listener. Defaults to true.
enable_udp true,false Enable UDP listener. Defaults to true.
server_dir STRING Folder where logs will be stored on the server. Defaults to '/srv/log/'
custom_config STRING Specify your own template to use for server config. Defaults to undef. Example usage: custom_config => 'rsyslog/my_config.erb'
high_precision_timestamps true,false Whether or not to use high precision timestamps.
RSYSLOG::CLIENT CLASS PARAMETERS VALUES DESCRIPTION
--------------------------------------------------------------
log_remote true,false Log Remotely. Defaults to true.
remote_type 'tcp','udp' Which protocol to use when logging remotely. Defaults to 'tcp'.
log_local true,false Log locally. Defualts to false.
log_auth_local true,false Just log auth facility locally. Defaults to false.
custom_config STRING Specify your own template to use for client config. Defaults to undef. Example usage: custom_config => 'rsyslog/my_config.erb
server STRING Rsyslog server to log to. Will be used in the client configuration file.
### Other notes
Due to a missing feature in current RELP versions (InputRELPServerBindRuleset option),
remote logging is using TCP. You can switch between TCP and UDP. As soon as there is
a new RELP version which supports setting Rulesets, I will add support for relp back.

11
deployment/puppet/rsyslog/examples/site.pp Normal file
View File

@ -0,0 +1,11 @@
# Configure and run rsyslogd server
class {"::rsyslog::server":
enable_tcp => true,
enable_udp => true,
server_dir => '/var/log/',
port => 514,
high_precision_timestamps => true,
virtual => str2bool($::is_virtual),
}

39
deployment/puppet/rsyslog/manifests/client.pp Normal file
View File

@ -0,0 +1,39 @@
#
#
#
class rsyslog::client (
$log_remote = true,
$remote_type = 'tcp',
$log_local = false,
$log_auth_local = false,
$custom_config = undef,
$server = 'log',
$escapenewline = false,
) inherits rsyslog {
$content_real = $custom_config ? {
'' => template("${module_name}/01-client.conf.erb"),
default => template($custom_config),
}
File {
owner => root,
group => $rsyslog::params::run_group,
mode => 0640,
notify => Class["rsyslog::service"],
}
file { $rsyslog::params::rsyslog_d:
purge => true,
recurse => true,
force => true,
ensure => directory,
}
file { $rsyslog::params::client_conf:
ensure => present,
content => $content_real,
require => File[$rsyslog::params::rsyslog_d],
}
}

30
deployment/puppet/rsyslog/manifests/config.pp Normal file
View File

@ -0,0 +1,30 @@
class rsyslog::config {
# assumes rsyslog packages installed at BM or included in distro
File {
owner => root,
group => $rsyslog::params::run_group,
mode => 0640,
# To avoid dependency loops for custom runstages
#require => Class["rsyslog::install"],
notify => Class["rsyslog::service"],
}
file { $rsyslog::params::rsyslog_conf:
ensure => file,
content => template("${module_name}/rsyslog.conf.erb"),
}
file { '/var/lib/rsyslog' :
ensure => directory,
path => $::rsyslog::params::rsyslog_queues_dir,
}
file { $rsyslog::params::rsyslog_default:
ensure => file,
content => template("${module_name}/rsyslog_default.erb"),
}
file { $rsyslog::params::spool_dir:
ensure => directory,
}
}

20
deployment/puppet/rsyslog/manifests/imfile.pp Normal file
View File

@ -0,0 +1,20 @@
#
define rsyslog::imfile(
$file_name,
$file_tag,
$file_facility,
$polling_interval = 10,
$file_severity = 'notice',
$run_file_monitor = true
) {
include rsyslog::params
file { "${rsyslog::params::rsyslog_d}${name}.conf":
ensure => file,
owner => 'root',
group => $rsyslog::params::run_group,
content => template('rsyslog/imfile.erb'),
#require => Class['rsyslog::install'],
notify => Class['rsyslog::service'],
}
}

3
deployment/puppet/rsyslog/manifests/init.pp Normal file
View File

@ -0,0 +1,3 @@
class rsyslog {
include rsyslog::params, rsyslog::install, rsyslog::config, rsyslog::service
}

18
deployment/puppet/rsyslog/manifests/install.pp Normal file
View File

@ -0,0 +1,18 @@
class rsyslog::install {
if $rsyslog::params::rsyslog_package_name {
package { $rsyslog::params::rsyslog_package_name:
ensure => $rsyslog::params::package_status,
}
}
if $rsyslog::params::relp_package_name {
package { $rsyslog::params::relp_package_name:
ensure => $rsyslog::params::package_status
}
}
if $rsyslog::params::additional_packages {
package { $rsyslog::params::additional_packages:
ensure => $rsyslog::params::package_status
}
}
}

69
deployment/puppet/rsyslog/manifests/params.pp Normal file
View File

@ -0,0 +1,69 @@
class rsyslog::params {
case $::operatingsystem {
/(?i)(ubuntu|debian)/: {
$rsyslog_package_name = 'rsyslog'
#FIXME(bogdando) enable relp package back once we include it into
# the ISO, and if Fuel would start to use any of RELP features
#$relp_package_name = 'rsyslog-relp'
$relp_package_name = false
$additional_packages = ['anacron', 'cron']
$package_status = 'installed'
$rsyslog_d = '/etc/rsyslog.d/'
$rsyslog_conf = '/etc/rsyslog.conf'
$rsyslog_queues_dir = '/var/lib/rsyslog'
$rsyslog_default = '/etc/default/rsyslog'
$run_user = 'syslog'
$run_group = 'syslog'
$log_user = 'syslog'
$log_group = 'syslog'
$spool_dir = '/var/spool/rsyslog/'
$service_name = 'rsyslog'
$client_conf = "${rsyslog_d}client.conf"
$server_conf = "${rsyslog_d}server.conf"
}
/(?i)(redhat|centos)/: {
$rsyslog_package_name = 'rsyslog'
#FIXME(bogdando) enable relp package back once we include it into
# the ISO, and if Fuel would start to use any of RELP features
#$relp_package_name = 'rsyslog-relp'
$relp_package_name = false
$additional_packages = ['cronie-anacron','crontabs']
$package_status = 'installed'
$rsyslog_d = '/etc/rsyslog.d/'
$rsyslog_conf = '/etc/rsyslog.conf'
$rsyslog_queues_dir = '/var/lib/rsyslog'
$rsyslog_default = '/etc/default/rsyslog'
$run_user = 'root'
$run_group = 'root'
$log_user = 'root'
$log_group = 'adm'
$spool_dir = '/var/spool/rsyslog/'
$service_name = 'rsyslog'
$client_conf = "${rsyslog_d}client.conf"
$server_conf = "${rsyslog_d}server.conf"
}
/(?i)freebsd/: {
$rsyslog_package_name = 'rsyslog5'
$relp_package_name = 'rsyslog5-relp'
$package_status = 'present'
$rsyslog_d = '/etc/syslog.d/'
$rsyslog_conf = '/etc/syslog.conf'
$rsyslog_queues_dir = '/var/lib/rsyslog'
$rsyslog_default = '/etc/defaults/syslogd'
$run_user = 'root'
$run_group = 'wheel'
$log_user = 'root'
$log_group = 'wheel'
$spool_dir = '/var/spool/syslog/'
$service_name = 'syslogd'
$client_conf = "${rsyslog_d}client.conf"
$server_conf = "${rsyslog_d}server.conf"
}
default: {
fail("Unsupported platform: ${::operatingsystem}")
}
}
}

37
deployment/puppet/rsyslog/manifests/server.pp Normal file
View File

@ -0,0 +1,37 @@
#
#
#
class rsyslog::server (
$enable_tcp = true,
$enable_udp = true,
$server_dir = '/srv/log/',
$custom_config = undef,
$high_precision_timestamps = false,
$escapenewline = false,
$port = '514',
) inherits rsyslog {
File {
owner => root,
group => $rsyslog::params::run_group,
mode => 0640,
require => Class["rsyslog::config"],
notify => Class["rsyslog::service"],
}
file { $rsyslog::params::rsyslog_d:
purge => true,
recurse => true,
force => true,
ensure => directory,
}
file { $rsyslog::params::server_conf:
ensure => present,
content => $custom_config ? {
'' => template("${module_name}/00-server.conf.erb"),
default => template($custom_config),
},
}
}

7
deployment/puppet/rsyslog/manifests/service.pp Normal file
View File

@ -0,0 +1,7 @@
class rsyslog::service {
service { $rsyslog::params::service_name:
ensure => running,
enable => true,
require => Class["rsyslog::config"],
}
}

6
deployment/puppet/rsyslog/spec/spec.opts Normal file
View File

@ -0,0 +1,6 @@
--format
s
--colour
--loadby
mtime
--backtrace

18
deployment/puppet/rsyslog/spec/spec_helper.rb Normal file
View File

@ -0,0 +1,18 @@
require 'pathname'
dir = Pathname.new(__FILE__).parent
$LOAD_PATH.unshift(dir, dir + 'lib', dir + '../lib')
require 'mocha'
require 'puppet'
gem 'rspec', '=1.2.9'
require 'spec/autorun'
Spec::Runner.configure do |config|
config.mock_with :mocha
end
# We need this because the RAL uses 'should' as a method. This
# allows us the same behaviour but with a different method name.
class Object
alias :must :should
end

96
deployment/puppet/rsyslog/templates/00-server.conf.erb Normal file
View File

@ -0,0 +1,96 @@
# File is managed by puppet
<% if scope.lookupvar('rsyslog::server::enable_udp') -%>
# Load UDP module
$ModLoad imudp
$UDPServerRun <%= scope.lookupvar('rsyslog::server::port') %>
<% end -%>
<% if scope.lookupvar('rsyslog::server::enable_tcp') -%>
# Load TCP module
$ModLoad imtcp
$InputTCPServerRun <%= scope.lookupvar('rsyslog::server::port') %>
<% end -%>
<% unless scope.lookupvar('rsyslog::server::escapenewline') -%>
$EscapeControlCharactersOnReceive off
<% end -%>
#
# Disk-Assisted Memory Queues, async writes, no escape chars
#
$OMFileASyncWriting on
$MainMsgQueueType LinkedList
$WorkDirectory <%= scope.lookupvar('rsyslog::params::spool_dir') %>
$MainMsgQueueFileName mainmsgqueue
$MainMsgQueueSaveOnShutdown on
$MainMsgQueueDequeueSlowdown 1000
$MainMsgQueueWorkerThreads 2
$MainMsgQueueDequeueBatchSize 128
$ActionQueueType LinkedList
$WorkDirectory <%= scope.lookupvar('rsyslog::params::spool_dir') %>
$ActionQueueFileName acsdbq
$ActionQueueMaxDiskSpace 1g
$ActionQueueSaveOnShutdown on
$ActionQueueLowWaterMark 2000
$ActionQueueHighWaterMark 8000
$ActionQueueSize 1000000 # Reserve 500Mb memory, each queue element is 512b
$ActionQueueDiscardMark 950000 # If the queue looks like filling, start discarding to not block ssh/login/etc.
$ActionQueueDiscardSeverity 0 # When in discarding mode discard everything.
$ActionQueueTimeoutEnqueue 0 # When in discarding mode do not enable throttling.
$ActionQueueDequeueSlowdown 1000
$ActionQueueWorkerThreads 2
$ActionQueueDequeueBatchSize 128
$ActionResumeRetryCount -1
$SystemLogRateLimitInterval 0 # disable rate limits for rsyslog
<% unless scope.lookupvar('rsyslog::server::high_precision_timestamps') -%>
#
# Use traditional timestamp format date-rfc3164 (Dec 5 02:21:13).
# To enable high precision timestamps date-rfc3339 (2010-12-05T02:21:41.889482+01:00), comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
<% end -%>
# Templates
#$Template dynAuthLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/auth.log"
#$Template dynSyslog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/syslog"
#$Template dynCronLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/cron.log"
#$Template dynDaemonLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/daemon.log"
#$Template dynKernLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/kern.log"
#$Template dynUserLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/user.log"
#$Template dynMailLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/mail.log"
#$Template dynDebug,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/debug"
#$Template dynMessages,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>%source:R,ERE,1,DFLT:([A-Za-z-]*)--end%/messages"
$Template dynAuthLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>auth.log"
$Template dynSyslog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>syslog"
$Template dynCronLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>cron.log"
$Template dynDaemonLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>daemon.log"
$Template dynKernLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>kern.log"
$Template dynUserLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>user.log"
$Template dynMailLog,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>mail.log"
$Template dynDebug,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>debug"
$Template dynMessages,"<%= scope.lookupvar('rsyslog::server::server_dir') -%>messages"
# Rules
# Skip duplicates - all common debug, info, notice, warn go to
# debug & messages files respectively; others should go to syslog
auth,authpriv.* ?dynAuthLog
*.error;auth,authpriv.none,mail.none,cron.none -?dynSyslog
cron.* ?dynCronLog
daemon.* -?dynDaemonLog
# Do not send info to kern.log - it duplicates messages
kern.*;kern.!=info -?dynKernLog
mail.* -?dynMailLog
user.* -?dynUserLog
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -?dynDebug
*.=info;*.=notice;*.=warn;\
auth.none,authpriv.none;\
cron.none,daemon.none;\
mail.none,news.none -?dynMessages

22
deployment/puppet/rsyslog/templates/01-client.conf.erb Normal file
View File

@ -0,0 +1,22 @@
# file is managed by puppet
<% unless scope.lookupvar('rsyslog::client::escapenewline') -%>
$EscapeControlCharactersOnReceive off
<% end -%>
# Load UDP module, required since Openstack Juno (#1385295)
$ModLoad imudp
$UDPServerRun 514
#
# Disk-Assisted Memory Queues, async writes, no escape chars
#
$OMFileASyncWriting on
$MainMsgQueueType LinkedList
$WorkDirectory <%= scope.lookupvar('rsyslog::params::spool_dir') %>
$MainMsgQueueFileName mainmsgqueue
$MainMsgQueueSaveOnShutdown on
$MainMsgQueueDequeueSlowdown 1000
$MainMsgQueueWorkerThreads 2
$MainMsgQueueDequeueBatchSize 128
$SystemLogRateLimitInterval 0 # disable rate limits for rsyslog

13
deployment/puppet/rsyslog/templates/imfile.erb Normal file
View File

@ -0,0 +1,13 @@
# file is managed by puppet
$ModLoad imfile
$InputFileName <%= @file_name %>
$InputFileTag <%= @file_tag %>
$InputFileStateFile state-<%= @name %>
$InputFileSeverity <%= @file_severity %>
$InputFileFacility <%= @file_facility %>
$InputFilePollInterval <%= @polling_interval %>
<% if @run_file_monitor == true -%>
$InputRunFileMonitor
<% end -%>

32
deployment/puppet/rsyslog/templates/rsyslog.conf.erb Normal file
View File

@ -0,0 +1,32 @@
# file is managed by puppet
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support (previously done by rklogd)
#$ModLoad immark # provides --MARK-- message capability
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Set the default permissions for all log files.
#
$FileOwner <%= scope.lookupvar('rsyslog::params::log_user') %>
$FileGroup <%= scope.lookupvar('rsyslog::params::log_group') %>
$FileCreateMode 0640
$DirCreateMode 0755
$umask 0000
$PrivDropToUser <%= scope.lookupvar('rsyslog::params::run_user') %>
$PrivDropToGroup <%= scope.lookupvar('rsyslog::params::run_group') %>
$MaxMessageSize 32k
#
# Include all config files in <%= scope.lookupvar('rsyslog::params::rsyslog_d') %>
#
$IncludeConfig <%= scope.lookupvar('rsyslog::params::rsyslog_d') -%>*.conf

7
deployment/puppet/rsyslog/templates/rsyslog.erb Normal file
View File

@ -0,0 +1,7 @@
# file is managed by puppet
# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
SYSLOGD_OPTIONS="-c 5 -x"

1
deployment/puppet/rsyslog/tests/init.pp Normal file
View File

@ -0,0 +1 @@
include rsyslog