Merge "Use community fluentd packages for CentOS/RHEL/Oraclelinux"

2017-08-20 21:16:43 +00:00 · 2017-08-20 21:16:43 +00:00 · ac059f8563
commit ac059f8563
parent 4ad7896e5c 0003282253
4 changed files with 57 additions and 8 deletions
--- a/docker/fluentd/Dockerfile.j2
+++ b/docker/fluentd/Dockerfile.j2
@ -5,27 +5,48 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build

 {% import "macros.j2" as macros with context %}

-{{ macros.configure_user(name='td-agent', groups='mysql') }}
-
 {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}

+    {{ macros.configure_user(name='fluentd', groups='mysql') }}
+# TODO:remove hostname package as it should be installed by the
+# fluentd dependencies.
+# hostname package is installed by default on CentOS/RHEL but not on
+# oraclelinux.
+
    {% set fluentd_packages = [
+        'fluentd',
        'gcc-c++',
+        'hostname',
        'make',
-        'td-agent'
+        'ruby-devel'
    ] %}

 {% elif base_distro in ['debian', 'ubuntu'] %}
-
+    {{ macros.configure_user(name='td-agent', groups='mysql') }}
    {% set fluentd_packages = [
        'g++',
        'make',
        'td-agent'
    ] %}
+
 {% endif %}

 {{ macros.install_packages(fluentd_packages | customizable("packages")) }}

+{% block fluentd_plugins_install %}
+
+{% if base_distro in  ['centos', 'oraclelinux', 'rhel'] %}
+COPY rpm_fluentd_sudoers /etc/sudoers.d/kolla_fluentd_sudoers
+COPY extend_start.sh /usr/local/bin/kolla_extend_start
+
+RUN ulimit -n 65536 \
+    && gem install --minimal-deps activesupport:4.2.9 fluent-plugin-parser fluent-plugin-kubernetes_metadata_filter fluent-plugin-elasticsearch fluent-plugin-grep fluent-plugin-grok-parser:0.3.1 fluent-plugin-rewrite-tag-filter \
+    && chmod -R 440 /etc/sudoers.d/kolla_fluentd_sudoers  \
+    && chmod 755 /usr/local/bin/kolla_extend_start \
+    && mkdir -p /var/run/fluentd \
+    && chown -R fluentd: /etc/fluentd /var/run/fluentd
+
+{% elif base_distro in ['debian', 'ubuntu'] %}
 # NOTE: We use fluentd version is v12.0 so fluent-plugin-grok-parse version should < 1.0.0.
 # https://github.com/fluent/fluent-plugin-grok-parser
 RUN ulimit -n 65536 \
@ -40,7 +61,15 @@ RUN chmod 440 /etc/sudoers.d/kolla_fluentd_sudoers \
    && chmod 755 /usr/local/bin/kolla_extend_start \
    && chown -R td-agent: /etc/td-agent

+{% endif %}
+
+{% endblock %}
+
 {% block fluentd_footer %}{% endblock %}
 {% block footer %}{% endblock %}

+{% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
+USER fluentd
+{% elif base_distro in ['debian', 'ubuntu'] %}
 USER td-agent
+{% endif %}
--- a/docker/fluentd/extend_start.sh
+++ b/docker/fluentd/extend_start.sh
@ -5,12 +5,24 @@
 #
 # Also set the setgid permission on the /var/log/kolla directory so that new
 # files and sub-directories in that directory inherit its group id ("kolla").
-if [[ $(stat -c %U:%G /var/log/kolla) != "td-agent:kolla" ]]; then
-    sudo chown td-agent:kolla /var/log/kolla
+
+if [[ "${KOLLA_BASE_DISTRO}" =~ debian|ubuntu ]]; then
+    USERGROUP="td-agent:kolla"
+    FLUENTD="td-agent"
+else
+    USERGROUP="fluentd:kolla"
+    FLUENTD="fluentd"
+fi
+
+if [ ! -d /var/log/kolla ]; then
+    mkdir -p /var/log/kolla
+fi
+if [[ $(stat -c %U:%G /var/log/kolla) != "${USERGROUP}" ]]; then
+    sudo chown ${USERGROUP} /var/log/kolla
 fi
 if [[ $(stat -c %a /var/log/kolla) != "2775" ]]; then
    sudo chmod 2775 /var/log/kolla
 fi
-if [[ $(stat -c %U:%G /var/lib/td-agent) != "td-agent:kolla" ]]; then
-    sudo chown td-agent:kolla /var/lib/td-agent
+if [[ $(stat -c %U:%G /var/lib/${FLUENTD}) != "${USERGROUP}" ]]; then
+    sudo chown ${USERGROUP} /var/lib/${FLUENTD}
 fi
--- a/docker/fluentd/rpm_fluentd_sudoers
+++ b/docker/fluentd/rpm_fluentd_sudoers
@ -0,0 +1,4 @@
+%kolla ALL=(root) NOPASSWD: /bin/chown fluentd\:kolla /var/log/kolla, /usr/bin/chown fluentd\:kolla /var/log/kolla
+%kolla ALL=(root) NOPASSWD: /bin/chown fluentd\:kolla /var/lib/fluentd, /usr/bin/chown fluentd\:kolla /var/lib/fluentd
+%kolla ALL=(root) NOPASSWD: /bin/chmod 2775 /var/log/kolla, /usr/bin/chmod 2775 /var/log/kolla
+%kolla ALL=(root) NOPASSWD: /bin/chmod 2775 /var/lib/fluentd, /usr/bin/chmod 2775 /var/lib/fluentd
--- a/kolla/common/config.py
+++ b/kolla/common/config.py
@ -931,6 +931,10 @@ USERS = {
        'uid': 42473,  # unused user, but we need the group for socket access
        'gid': 42473,
    },
+    'fluentd-user': {
+        'uid': 42474,
+        'gid': 42474,
+    }
 }