diff --git a/docker/heka/Dockerfile.j2 b/docker/heka/Dockerfile.j2 new file mode 100644 index 0000000000..8ce52f4e58 --- /dev/null +++ b/docker/heka/Dockerfile.j2 @@ -0,0 +1,26 @@ +FROM {{ namespace }}/{{ image_prefix }}base:{{ tag }} +MAINTAINER {{ maintainer }} + +{% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %} + +RUN yum -y install https://github.com/mozilla-services/heka/releases/download/v0.10.0/heka-0_10_0-linux-amd64.rpm \ + && useradd heka + +{% elif base_distro in ['ubuntu'] %} + +RUN curl --location https://github.com/mozilla-services/heka/releases/download/v0.10.0/heka_0.10.0_amd64.deb -o heka_0.10.0_amd64.deb \ + && dpkg -i heka_0.10.0_amd64.deb \ + && rm -f heka_0.10.0_amd64.deb + +{% endif %} + +COPY heka_sudoers /etc/sudoers.d/heka_sudoers +COPY extend_start.sh /usr/local/bin/kolla_extend_start + +RUN usermod -a -G kolla heka \ + && chmod 755 /usr/local/bin/kolla_extend_start \ + && chown -R heka: /usr/share/heka + +{{ include_footer }} + +USER heka diff --git a/docker/heka/extend_start.sh b/docker/heka/extend_start.sh new file mode 100644 index 0000000000..6e0b2b68c2 --- /dev/null +++ b/docker/heka/extend_start.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +# Give processes executed with the "kolla" group the permission to create files +# and sub-directories in the /var/log/kolla directory. +# +# Also set the setgid permission on the /var/log/kolla directory so that new +# files and sub-directories in that directory inherit its group id ("kolla"). +if [[ $(stat -c %U:%G /var/log/kolla) != "heka:kolla" ]]; then + sudo chown heka:kolla /var/log/kolla +fi +if [[ $(stat -c %a /var/log/kolla) != "2775" ]]; then + sudo chmod 2775 /var/log/kolla +fi + +# Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases +# of the KOLLA_BOOTSTRAP variable being set, including empty. +if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then + exit 0 +fi + +# /var/cache/hekad is what the Heka daemon will use for persistent storage +# through process restarts, so make "heka" the user of that directory. +if [[ $(stat -c %U:%G /var/cache/hekad) != "heka:heka" ]]; then + sudo chown heka: /var/cache/hekad +fi + +# Give hekad the permission to create the "log" Unix socket file in the +# /var/lib/kolla/heka directory. +if [[ $(stat -c %U:%G /var/lib/kolla/heka) != "heka:kolla" ]]; then + sudo chown heka:kolla /var/lib/kolla/heka +fi + +# The Heka daemon will create the /var/lib/kolla/heka/log Unix socket file, so +# make sure it's not present or the Heka daemon will fail when starting. +if [[ -e "/var/lib/kolla/heka/log" ]]; then + rm -rf /var/lib/kolla/heka/log +fi diff --git a/docker/heka/heka_sudoers b/docker/heka/heka_sudoers new file mode 100644 index 0000000000..b42b22e752 --- /dev/null +++ b/docker/heka/heka_sudoers @@ -0,0 +1,4 @@ +%kolla ALL=(root) NOPASSWD: /bin/chown heka\:kolla /var/log/kolla, /usr/bin/chown heka\:kolla /var/log/kolla +%kolla ALL=(root) NOPASSWD: /bin/chmod 2775 /var/log/kolla, /usr/bin/chmod 2775 /var/log/kolla +%kolla ALL=(root) NOPASSWD: /bin/chown heka\: /var/cache/hekad, /usr/bin/chown heka\: /var/cache/hekad +%kolla ALL=(root) NOPASSWD: /bin/chown heka\:kolla /var/lib/kolla/heka, /usr/bin/chown heka\:kolla /var/lib/kolla/heka diff --git a/kolla/common/config.py b/kolla/common/config.py index b43163ccd1..5b0a1dc5f7 100644 --- a/kolla/common/config.py +++ b/kolla/common/config.py @@ -27,7 +27,8 @@ _PROFILE_OPTS = [ cfg.ListOpt('infra', default=['ceph', 'mariadb', 'haproxy', 'keepalived', 'kolla-toolbox', 'memcached', - 'mongodb', 'openvswitch', 'rabbitmq', 'rsyslog'], + 'mongodb', 'openvswitch', 'rabbitmq', 'rsyslog', + 'heka'], help='Infra images'), cfg.ListOpt('main', default=['cinder', 'ceilometer', 'glance', 'heat', @@ -42,12 +43,12 @@ _PROFILE_OPTS = [ default=['kolla-toolbox', 'glance', 'haproxy', 'heat', 'horizon', 'keepalived', 'keystone', 'memcached', 'mariadb', 'neutron', 'nova', - 'openvswitch', 'rabbitmq', 'rsyslog'], + 'openvswitch', 'rabbitmq', 'rsyslog', 'heka'], help='Default images'), cfg.ListOpt('gate', default=['glance', 'haproxy', 'keepalived', 'keystone', 'kolla-toolbox', 'mariadb', 'memcached', 'neutron', - 'nova', 'openvswitch', 'rabbitmq', 'rsyslog'], + 'nova', 'openvswitch', 'rabbitmq', 'rsyslog', 'heka'], help='Gate images'), cfg.ListOpt('mesos', default=['chronos', 'marathon', 'mesos-master', 'mesos-slave',