openstack/kolla
Code Issues Proposed changes

Merge "Use community fluentd packages for CentOS/RHEL/Oraclelinux"

Browse Source
This commit is contained in:
Jenkins 2017-08-20 21:16:43 +00:00 committed by Gerrit Code Review
commit ac059f8563
4 changed files with 57 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
docker/fluentd/Dockerfile.j2
View File

@ -5,27 +5,48 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
{% import "macros.j2" as macros with context %} {% import "macros.j2" as macros with context %}
{{ macros.configure_user(name='td-agent', groups='mysql') }}
{% if base_distro in ['centos', 'oraclelinux', 'rhel'] %} {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
{{ macros.configure_user(name='fluentd', groups='mysql') }}
# TODO:remove hostname package as it should be installed by the
# fluentd dependencies.
# hostname package is installed by default on CentOS/RHEL but not on
# oraclelinux.
{% set fluentd_packages = [ {% set fluentd_packages = [
'fluentd',
'gcc-c++', 'gcc-c++',
'hostname',
'make', 'make',
'td-agent' 'ruby-devel'
] %} ] %}
{% elif base_distro in ['debian', 'ubuntu'] %} {% elif base_distro in ['debian', 'ubuntu'] %}
{{ macros.configure_user(name='td-agent', groups='mysql') }}
{% set fluentd_packages = [ {% set fluentd_packages = [
'g++', 'g++',
'make', 'make',
'td-agent' 'td-agent'
] %} ] %}
{% endif %} {% endif %}
{{ macros.install_packages(fluentd_packages | customizable("packages")) }} {{ macros.install_packages(fluentd_packages | customizable("packages")) }}
{% block fluentd_plugins_install %}
{% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
COPY rpm_fluentd_sudoers /etc/sudoers.d/kolla_fluentd_sudoers
COPY extend_start.sh /usr/local/bin/kolla_extend_start
RUN ulimit -n 65536 \
&& gem install --minimal-deps activesupport:4.2.9 fluent-plugin-parser fluent-plugin-kubernetes_metadata_filter fluent-plugin-elasticsearch fluent-plugin-grep fluent-plugin-grok-parser:0.3.1 fluent-plugin-rewrite-tag-filter \
&& chmod -R 440 /etc/sudoers.d/kolla_fluentd_sudoers \
&& chmod 755 /usr/local/bin/kolla_extend_start \
&& mkdir -p /var/run/fluentd \
&& chown -R fluentd: /etc/fluentd /var/run/fluentd
{% elif base_distro in ['debian', 'ubuntu'] %}
# NOTE: We use fluentd version is v12.0 so fluent-plugin-grok-parse version should < 1.0.0. # NOTE: We use fluentd version is v12.0 so fluent-plugin-grok-parse version should < 1.0.0.
# https://github.com/fluent/fluent-plugin-grok-parser # https://github.com/fluent/fluent-plugin-grok-parser
RUN ulimit -n 65536 \ RUN ulimit -n 65536 \
@ -40,7 +61,15 @@ RUN chmod 440 /etc/sudoers.d/kolla_fluentd_sudoers \
&& chmod 755 /usr/local/bin/kolla_extend_start \ && chmod 755 /usr/local/bin/kolla_extend_start \
&& chown -R td-agent: /etc/td-agent && chown -R td-agent: /etc/td-agent
{% endif %}
{% endblock %}
{% block fluentd_footer %}{% endblock %} {% block fluentd_footer %}{% endblock %}
{% block footer %}{% endblock %} {% block footer %}{% endblock %}
{% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
USER fluentd
{% elif base_distro in ['debian', 'ubuntu'] %}
USER td-agent USER td-agent
{% endif %}

20
docker/fluentd/extend_start.sh
View File

@ -5,12 +5,24 @@
# #
# Also set the setgid permission on the /var/log/kolla directory so that new # Also set the setgid permission on the /var/log/kolla directory so that new
# files and sub-directories in that directory inherit its group id ("kolla"). # files and sub-directories in that directory inherit its group id ("kolla").
if [[ $(stat -c %U:%G /var/log/kolla) != "td-agent:kolla" ]]; then
sudo chown td-agent:kolla /var/log/kolla if [[ "${KOLLA_BASE_DISTRO}" =~ debian|ubuntu ]]; then
USERGROUP="td-agent:kolla"
FLUENTD="td-agent"
else
USERGROUP="fluentd:kolla"
FLUENTD="fluentd"
fi
if [ ! -d /var/log/kolla ]; then
mkdir -p /var/log/kolla
fi
if [[ $(stat -c %U:%G /var/log/kolla) != "${USERGROUP}" ]]; then
sudo chown ${USERGROUP} /var/log/kolla
fi fi
if [[ $(stat -c %a /var/log/kolla) != "2775" ]]; then if [[ $(stat -c %a /var/log/kolla) != "2775" ]]; then
sudo chmod 2775 /var/log/kolla sudo chmod 2775 /var/log/kolla
fi fi
if [[ $(stat -c %U:%G /var/lib/td-agent) != "td-agent:kolla" ]]; then if [[ $(stat -c %U:%G /var/lib/${FLUENTD}) != "${USERGROUP}" ]]; then
sudo chown td-agent:kolla /var/lib/td-agent sudo chown ${USERGROUP} /var/lib/${FLUENTD}
fi fi

4
docker/fluentd/rpm_fluentd_sudoers Normal file
View File

@ -0,0 +1,4 @@
%kolla ALL=(root) NOPASSWD: /bin/chown fluentd\:kolla /var/log/kolla, /usr/bin/chown fluentd\:kolla /var/log/kolla
%kolla ALL=(root) NOPASSWD: /bin/chown fluentd\:kolla /var/lib/fluentd, /usr/bin/chown fluentd\:kolla /var/lib/fluentd
%kolla ALL=(root) NOPASSWD: /bin/chmod 2775 /var/log/kolla, /usr/bin/chmod 2775 /var/log/kolla
%kolla ALL=(root) NOPASSWD: /bin/chmod 2775 /var/lib/fluentd, /usr/bin/chmod 2775 /var/lib/fluentd

4
kolla/common/config.py
View File

@ -931,6 +931,10 @@ USERS = {
'uid': 42473, # unused user, but we need the group for socket access 'uid': 42473, # unused user, but we need the group for socket access
'gid': 42473, 'gid': 42473,
}, },
'fluentd-user': {
'uid': 42474,
'gid': 42474,
}
} }