From 08a0f535503c9d709b2d9375a7f17f9841d01d0d Mon Sep 17 00:00:00 2001
From: Kevin Carter <kevin.carter@rackspace.com>
Date: Mon, 26 Oct 2015 12:59:17 -0500
Subject: [PATCH] Added logging for haproxy to rsyslog

The change adds logging for haproxy on localhost through the use
of rsyslog which is now a dependency. The logs will be stored in
/var/log/haproxy which will later be indexed and shipped to the
logging server. The change makes it possible to debug issues with
haproxy using specific log files instead of having to go digging
through syslog.

Change-Id: Id942ce159ea45703259f7aff0e5a85780a83370b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
---
 playbooks/haproxy-install.yml                 | 33 +++++++++++++++
 .../roles/haproxy_server/defaults/main.yml    |  1 +
 .../haproxy_server/files/haproxy-logging.cfg  |  6 +++
 .../roles/haproxy_server/handlers/main.yml    |  7 ++++
 .../tasks/haproxy_post_install.yml            | 10 +++++
 .../tasks/haproxy_pre_install.yml             | 41 +++++++++++++++++++
 playbooks/roles/haproxy_server/tasks/main.yml |  2 +
 7 files changed, 100 insertions(+)
 create mode 100644 playbooks/roles/haproxy_server/files/haproxy-logging.cfg
 create mode 100644 playbooks/roles/haproxy_server/tasks/haproxy_pre_install.yml

diff --git a/playbooks/haproxy-install.yml b/playbooks/haproxy-install.yml
index 95f4b86b39..183a50d0ed 100644
--- a/playbooks/haproxy-install.yml
+++ b/playbooks/haproxy-install.yml
@@ -46,6 +46,26 @@
       when: internal_lb_vip_address == external_lb_vip_address
       tags:
         - haproxy-service-config
+    - name: Create log dir
+      file:
+        path: "{{ item.path }}"
+        state: directory
+      with_items:
+        - { path: "/openstack/log/{{ inventory_hostname }}-haproxy" }
+      when: is_metal | bool
+      tags:
+        - haproxy-logs
+    - name: Create log aggregation links
+      file:
+        src: "{{ item.src }}"
+        dest: "{{ item.dest }}"
+        state: "{{ item.state }}"
+        force: "yes"
+      with_items:
+        - { src: "/openstack/log/{{ inventory_hostname }}-haproxy", dest: "/var/log/haproxy", state: "link" }
+      when: is_metal | bool
+      tags:
+        - haproxy-logs
   post_tasks:
     - name: Add keystone internal endpoint config
       include: roles/haproxy_server/tasks/haproxy_service_config.yml
@@ -65,8 +85,21 @@
               haproxy_backend_options: "{{ (keystone_ssl_internal | bool) | ternary(haproxy_backend_options_https, haproxy_backend_options_http) }}"
       tags:
         - haproxy-service-config
+    - name: Remove legacy haproxy logging file
+      file:
+        dest: "/etc/rsyslog.d/haproxy.conf"
+        state: "absent"
+      tags:
+        - haproxy-service-config
   roles:
     - { role: "haproxy_server", tags: [ "haproxy-server" ] }
+    - role: "rsyslog_client"
+      rsyslog_client_log_rotate_file: haproxy_log_rotate
+      rsyslog_client_log_dir: "/var/log/haproxy"
+      rsyslog_client_config_name: "99-haproxy-rsyslog-client.conf"
+      tags:
+        - "haproxy-rsyslog-client"
+        - "rsyslog-client"
   vars_files:
     - vars/configs/haproxy_config.yml
   vars:
diff --git a/playbooks/roles/haproxy_server/defaults/main.yml b/playbooks/roles/haproxy_server/defaults/main.yml
index 8966039959..4a7e28d881 100644
--- a/playbooks/roles/haproxy_server/defaults/main.yml
+++ b/playbooks/roles/haproxy_server/defaults/main.yml
@@ -36,6 +36,7 @@ haproxy_pre_apt_packages:
 haproxy_apt_packages:
   - haproxy
   - hatop
+  - rsyslog  # Used for local logging
   - vim-haproxy
 
 ## Haproxy Configuration
diff --git a/playbooks/roles/haproxy_server/files/haproxy-logging.cfg b/playbooks/roles/haproxy_server/files/haproxy-logging.cfg
new file mode 100644
index 0000000000..0d38670519
--- /dev/null
+++ b/playbooks/roles/haproxy_server/files/haproxy-logging.cfg
@@ -0,0 +1,6 @@
+$ModLoad imudp
+$UDPServerRun 514
+$template Haproxy,"%msg%\n"
+local0.=info    -/var/log/haproxy/haproxy.log
+local1.notice   -/var/log/haproxy/haproxy-status.log
+local0.* ~
diff --git a/playbooks/roles/haproxy_server/handlers/main.yml b/playbooks/roles/haproxy_server/handlers/main.yml
index 765b4d33bf..56aca1bd3a 100644
--- a/playbooks/roles/haproxy_server/handlers/main.yml
+++ b/playbooks/roles/haproxy_server/handlers/main.yml
@@ -24,3 +24,10 @@
     state: "restarted"
     pattern: "haproxy"
     enabled: "yes"
+
+- name: Restart rsyslog
+  service:
+    name: "rsyslog"
+    state: "restarted"
+    pattern: "rsyslog"
+    enabled: "yes"
diff --git a/playbooks/roles/haproxy_server/tasks/haproxy_post_install.yml b/playbooks/roles/haproxy_server/tasks/haproxy_post_install.yml
index 5105021aa7..d5d740af2a 100644
--- a/playbooks/roles/haproxy_server/tasks/haproxy_post_install.yml
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_post_install.yml
@@ -31,4 +31,14 @@
   tags:
     - haproxy-base-config
 
+- name: Drop haproxy logging config
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/rsyslog.d/99-haproxy-local-logging.conf"
+  with_items:
+    - haproxy-logging.cfg
+  notify: Restart rsyslog
+  tags:
+    - haproxy-base-config
+
 - include: haproxy_service_config.yml
diff --git a/playbooks/roles/haproxy_server/tasks/haproxy_pre_install.yml b/playbooks/roles/haproxy_server/tasks/haproxy_pre_install.yml
new file mode 100644
index 0000000000..adea927896
--- /dev/null
+++ b/playbooks/roles/haproxy_server/tasks/haproxy_pre_install.yml
@@ -0,0 +1,41 @@
+---
+# Copyright 2015, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Test for log directory or link
+  shell: |
+    if [ -h "/var/log/haproxy"  ]; then
+      chown -h syslog:adm "/var/log/haproxy"
+      chown -R syslog:adm "$(readlink /var/log/haproxy)"
+    else
+      exit 1
+    fi
+  register: log_dir
+  failed_when: false
+  changed_when: log_dir.rc != 0
+  tags:
+    - haproxy-dirs
+    - haproxy-logs
+
+- name: Create haproxy log dir
+  file:
+    path: "{{ item.path }}"
+    state: directory
+    mode: "{{ item.mode|default('0755') }}"
+  with_items:
+    - { path: "/var/log/haproxy" }
+  when: log_dir.rc != 0
+  tags:
+    - haproxy-dirs
+    - haproxy-logs
diff --git a/playbooks/roles/haproxy_server/tasks/main.yml b/playbooks/roles/haproxy_server/tasks/main.yml
index e019fe7f66..3b00de4c21 100644
--- a/playbooks/roles/haproxy_server/tasks/main.yml
+++ b/playbooks/roles/haproxy_server/tasks/main.yml
@@ -13,6 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- include: haproxy_pre_install.yml
+
 - include: haproxy_add_ppa_repo.yml
   when: haproxy_ssl | bool