Make log socket available to chrooted filesystem

Had an issue where HAProxy logs could not be found. The /dev/log socket was not available to the chrooted filesystem. We need to mount the socket and persist it. Change-Id: I2a1ce48f90c5f85b1238842f17ad2c9708333629
2019-11-29 16:48:22 +00:00 · 2019-11-29 16:48:22 +00:00 · 38f7ec04bc
parent 33f5f8be59
commit 38f7ec04bc
2 changed files with 29 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -123,3 +123,7 @@ haproxy_maxconn: 4096
 #  maxaccept: 64
 #  ssl_cachesize: 20000
 #  ssl_lifetime: 300
+
+# Make the log socket available to the chrooted filesystem
+haproxy_log_socket: "/dev/log"
+haproxy_log_mount_point: "/var/lib/haproxy/dev/log"
--- a/tasks/haproxy_post_install.yml
+++ b/tasks/haproxy_post_install.yml
@ -48,3 +48,28 @@
 - include_tasks: haproxy_service_config.yml
  tags:
    - haproxy-service-config
+
+- name: Create log directory if it does not exist
+  file:
+    path: "{{ haproxy_log_mount_point | dirname }}"
+    state: directory
+    mode: '0755'
+    owner: 'haproxy'
+    group: 'haproxy'
+
+#NOTE(jrosser) The next task fails on Centos7 without this,
+#an empty directory rather than a file is made and the bind mount fails
+- name: Ensure empty file is availble to bind mount log socket
+  file:
+    state: touch
+    path: "{{ haproxy_log_mount_point }}"
+    access_time: preserve
+    modification_time: preserve
+
+- name: Make log socket available to chrooted filesystem
+  mount:
+    src: "{{ haproxy_log_socket }}"
+    path: "{{ haproxy_log_mount_point }}"
+    opts: bind
+    state: mounted
+    fstype: none