diff --git a/defaults/main.yml b/defaults/main.yml index 97960e7d..d9d5c2ab 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -31,6 +31,8 @@ neutron_package_state: "latest" ### Python code details ### +neutron_log_dir: "/var/log/neutron" + # Set the package install state for pip_package # Options are 'present' and 'latest' neutron_pip_package_state: "latest" @@ -100,7 +102,7 @@ neutron_dns_domain: "openstacklocal." # Dnsmasq doesn't work with config_template override, a deployer # should instead configure its own neutron_dhcp_config key/values neutron_dhcp_config: - log-facility: "/var/log/neutron/neutron-dnsmasq.log" + log-facility: "{{ neutron_log_dir }}/neutron-dnsmasq.log" # Set the neutron lbaasv2 user group, defaults from os specific vars neutron_lbaasv2_user_group: "{{ _neutron_lbaasv2_user_group }}" diff --git a/tasks/neutron_pre_install.yml b/tasks/neutron_pre_install.yml index ba79a245..5a65253f 100644 --- a/tasks/neutron_pre_install.yml +++ b/tasks/neutron_pre_install.yml @@ -51,9 +51,9 @@ - name: Test for log directory or link shell: | - if [ -h "/var/log/neutron" ]; then - chown -h {{ neutron_system_user_name }}:{{ neutron_system_group_name }} "/var/log/neutron" - chown -R {{ neutron_system_user_name }}:{{ neutron_system_group_name }} "$(readlink /var/log/neutron)" + if [ -h "{{ neutron_log_dir }}" ]; then + chown -h {{ neutron_system_user_name }}:{{ neutron_system_group_name }} "{{ neutron_log_dir }}" + chown -R {{ neutron_system_user_name }}:{{ neutron_system_group_name }} "$(readlink {{ neutron_log_dir }})" else exit 1 fi @@ -69,7 +69,7 @@ group: "{{ item.group|default(neutron_system_group_name) }}" mode: "{{ item.mode|default('0755') }}" with_items: - - { path: "/var/log/neutron" } + - { path: "{{ neutron_log_dir }}" } when: log_dir.rc != 0 - name: Drop sudoers file diff --git a/tasks/neutron_selinux.yml b/tasks/neutron_selinux.yml index 615d27f3..783ba326 100644 --- a/tasks/neutron_selinux.yml +++ b/tasks/neutron_selinux.yml @@ -56,3 +56,20 @@ file: path: "/tmp/osa-neutron-selinux/" state: absent + +- name: Stat neutron's log directory + stat: + path: "{{ neutron_log_dir }}" + register: neutron_log_dir_check + +- name: Set SELinux file contexts for neutron's log directory + sefcontext: + target: "{{ (neutron_log_dir_check.stat.islnk) | ternary(neutron_log_dir.stat.lnk_target, neutron_log_dir) }}(/.*)?" + setype: neutron_log_t + state: present + register: selinux_file_context_log_files + +- name: Apply updated SELinux contexts on neutron log directory + command: "restorecon -Rv {{ (neutron_log_dir_check.stat.islnk) | ternary(neutron_log_dir.stat.lnk_target, neutron_log_dir) }}" + when: + - selinux_file_context_log_files | changed diff --git a/templates/neutron-ha-tool.py.j2 b/templates/neutron-ha-tool.py.j2 index ce3ec4ab..56fc09f7 100644 --- a/templates/neutron-ha-tool.py.j2 +++ b/templates/neutron-ha-tool.py.j2 @@ -48,7 +48,7 @@ def load_local_logging(): user = os.getuid() home = os.path.expanduser('~') - log_dir = '/var/log/neutron' + log_dir = '{{ neutron_log_dir }}' filename = '%s.log' % LOG_NAME if user == 0: diff --git a/templates/neutron.conf.j2 b/templates/neutron.conf.j2 index 2cb3bfaf..a4f0e734 100644 --- a/templates/neutron.conf.j2 +++ b/templates/neutron.conf.j2 @@ -21,7 +21,7 @@ use_stderr = False debug = {{ debug }} fatal_deprecations = {{ neutron_fatal_deprecations }} -log_file = /var/log/neutron/neutron.log +log_file = {{ neutron_log_dir }}/neutron.log ## Rpc all executor_thread_pool_size = {{ neutron_rpc_thread_pool_size }} diff --git a/vars/main.yml b/vars/main.yml index 583e1caa..aa204f1c 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -378,7 +378,7 @@ neutron_services: service_conf_path: "{{ neutron_conf_dir }}" service_conf: dhcp_agent.ini service_rootwrap: rootwrap.d/dhcp.filters - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini --log-file=/var/log/neutron/neutron-dhcp-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini --log-file={{ neutron_log_dir }}/neutron-dhcp-agent.log" config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_dhcp_agent_init_overrides }}" @@ -390,7 +390,7 @@ neutron_services: service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/openvswitch_agent.ini service_rootwrap: rootwrap.d/openvswitch-plugin.filters - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini --log-file={{ neutron_log_dir }}/neutron-openvswitch-agent.log" config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_openvswitch_agent_init_overrides }}" @@ -402,7 +402,7 @@ neutron_services: service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/linuxbridge_agent.ini service_rootwrap: rootwrap.d/linuxbridge-plugin.filters - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini --log-file=/var/log/neutron/neutron-linuxbridge-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini --log-file={{ neutron_log_dir }}/neutron-linuxbridge-agent.log" config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_linuxbridge_agent_init_overrides }}" @@ -413,7 +413,7 @@ neutron_services: service_en: "{{ neutron_metadata | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: metadata_agent.ini - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini --log-file=/var/log/neutron/neutron-metadata-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini --log-file={{ neutron_log_dir }}/neutron-metadata-agent.log" config_overrides: "{{ neutron_metadata_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_metadata_agent_init_overrides }}" @@ -424,7 +424,7 @@ neutron_services: service_en: "{{ neutron_metering | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: metering_agent.ini - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini --log-file=/var/log/neutron/neutron-metering-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini --log-file={{ neutron_log_dir }}/neutron-metering-agent.log" config_overrides: "{{ neutron_metering_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_metering_agent_init_overrides }}" @@ -444,7 +444,7 @@ neutron_services: service_conf_path: "{{ neutron_conf_dir }}" service_conf: l3_agent.ini service_rootwrap: rootwrap.d/l3.filters - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/l3_agent.ini --log-file=/var/log/neutron/neutron-l3-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/l3_agent.ini --log-file={{ neutron_log_dir }}/neutron-l3-agent.log" config_overrides: "{{ neutron_l3_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_l3_agent_init_overrides }}" @@ -456,7 +456,7 @@ neutron_services: service_conf_path: "{{ neutron_conf_dir }}" service_conf: lbaas_agent.ini service_rootwrap: rootwrap.d/lbaas-haproxy.filters - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/lbaas_agent.ini --log-file=/var/log/neutron/neutron-lbaasv2-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/lbaas_agent.ini --log-file={{ neutron_log_dir }}/neutron-lbaasv2-agent.log" config_overrides: "{{ neutron_lbaas_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_lbaas_agent_init_overrides }}" @@ -467,7 +467,7 @@ neutron_services: service_en: "{{ neutron_bgp | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: bgp_dragent.ini - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini --log-file=/var/log/neutron/neutron-bgp-dragent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini --log-file={{ neutron_log_dir }}/neutron-bgp-dragent.log" config_overrides: "{{ neutron_bgp_dragent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_bgp_dragent_init_overrides }}" @@ -479,7 +479,7 @@ neutron_services: service_conf_path: "{{ neutron_conf_dir }}" service_conf: vpnaas_agent.ini service_rootwrap: rootwrap.d/vpnaas.filters - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/vpnaas_agent.ini --log-file=/var/log/neutron/neutron-vpn-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/vpnaas_agent.ini --log-file={{ neutron_log_dir }}/neutron-vpn-agent.log" config_overrides: "{{ neutron_vpnaas_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_vpn_agent_init_overrides }}" @@ -488,7 +488,7 @@ neutron_services: group: neutron_server service_name: neutron-server service_en: True - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} --log-file=/var/log/neutron/neutron-server.log {% if neutron_plugin_type == 'ml2.dragonflow' %}--config-file {{ neutron_conf_dir }}/dragonflow.ini{% endif %}" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} --log-file={{ neutron_log_dir }}/neutron-server.log {% if neutron_plugin_type == 'ml2.dragonflow' %}--config-file {{ neutron_conf_dir }}/dragonflow.ini{% endif %}" init_config_overrides: "{{ neutron_server_init_overrides }}" start_order: 1 calico-felix: @@ -523,7 +523,7 @@ neutron_services: service_en: "{{ 'ml2.sriov' in neutron_plugin_types }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/sriov_nic_agent.ini - config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini --log-file=/var/log/neutron/neutron-sriov-nic-agent.log" + config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini --log-file={{ neutron_log_dir }}/neutron-sriov-nic-agent.log" config_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_sriov_nic_agent_init_overrides }}"