diff --git a/manifests/wsgi/apache_api.pp b/manifests/wsgi/apache_api.pp index 03c3f83d5..dbb964c1d 100644 --- a/manifests/wsgi/apache_api.pp +++ b/manifests/wsgi/apache_api.pp @@ -74,6 +74,14 @@ # The log file name for the virtualhost. # Optional. Defaults to undef. # +# [*access_log_pipe*] +# Specifies a pipe where Apache sends access logs for the virtualhost. +# Optional. Defaults to undef. +# +# [*access_log_syslog*] +# Sends the virtualhost access log messages to syslog. +# Optional. Defaults to undef. +# # [*access_log_format*] # The log format for the virtualhost. # Optional. Defaults to undef. @@ -82,6 +90,14 @@ # The error log file name for the virtualhost. # Optional. Defaults to undef. # +# [*error_log_pipe*] +# Specifies a pipe where Apache sends error logs for the virtualhost. +# Optional. Defaults to undef. +# +# [*error_log_syslog*] +# Sends the virtualhost error log messages to syslog. +# Optional. Defaults to undef. +# # [*custom_wsgi_process_options*] # (optional) gives you the opportunity to add custom process options or to # overwrite the default options for the WSGI main process. @@ -131,8 +147,12 @@ class nova::wsgi::apache_api ( $threads = 1, $priority = 10, $access_log_file = undef, + $access_log_pipe = undef, + $access_log_syslog = undef, $access_log_format = undef, $error_log_file = undef, + $error_log_pipe = undef, + $error_log_syslog = undef, $custom_wsgi_process_options = {}, $headers = undef, $request_headers = undef, @@ -174,8 +194,12 @@ class nova::wsgi::apache_api ( request_headers => $request_headers, custom_wsgi_process_options => $custom_wsgi_process_options, access_log_file => $access_log_file, + access_log_pipe => $access_log_pipe, + access_log_syslog => $access_log_syslog, access_log_format => $access_log_format, error_log_file => $error_log_file, + error_log_pipe => $error_log_pipe, + error_log_syslog => $error_log_syslog, } } diff --git a/manifests/wsgi/apache_metadata.pp b/manifests/wsgi/apache_metadata.pp index 53ceec52a..d0f175242 100644 --- a/manifests/wsgi/apache_metadata.pp +++ b/manifests/wsgi/apache_metadata.pp @@ -60,6 +60,14 @@ # The log file name for the virtualhost. # Optional. Defaults to undef. # +# [*access_log_pipe*] +# Specifies a pipe where Apache sends access logs for the virtualhost. +# Optional. Defaults to undef. +# +# [*access_log_syslog*] +# Sends the virtualhost access log messages to syslog. +# Optional. Defaults to undef. +# # [*access_log_format*] # The log format for the virtualhost. # Optional. Defaults to undef. @@ -68,6 +76,14 @@ # The error log file name for the virtualhost. # Optional. Defaults to undef. # +# [*error_log_pipe*] +# Specifies a pipe where Apache sends error logs for the virtualhost. +# Optional. Defaults to undef. +# +# [*error_log_syslog*] +# Sends the virtualhost error log messages to syslog. +# Optional. Defaults to undef. +# # [*custom_wsgi_process_options*] # (optional) gives you the opportunity to add custom process options or to # overwrite the default options for the WSGI main process. @@ -118,8 +134,12 @@ class nova::wsgi::apache_metadata ( $priority = 10, $ensure_package = 'present', $access_log_file = undef, + $access_log_pipe = undef, + $access_log_syslog = undef, $access_log_format = undef, $error_log_file = undef, + $error_log_pipe = undef, + $error_log_syslog = undef, $custom_wsgi_process_options = {}, $headers = undef, $request_headers = undef, @@ -169,8 +189,12 @@ class nova::wsgi::apache_metadata ( request_headers => $request_headers, custom_wsgi_process_options => $custom_wsgi_process_options, access_log_file => $access_log_file, + access_log_pipe => $access_log_pipe, + access_log_syslog => $access_log_syslog, access_log_format => $access_log_format, error_log_file => $error_log_file, + error_log_pipe => $error_log_pipe, + error_log_syslog => $error_log_syslog, } } diff --git a/releasenotes/notes/httpd-logs-piped-syslog-ecd9fdbb8811c5ce.yaml b/releasenotes/notes/httpd-logs-piped-syslog-ecd9fdbb8811c5ce.yaml new file mode 100644 index 000000000..07cadc9e6 --- /dev/null +++ b/releasenotes/notes/httpd-logs-piped-syslog-ecd9fdbb8811c5ce.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Added parameters for advanced configuration of httpd access and error log + destinations including piped logging and syslog (see `mod_syslog`). Note + that mod_syslog requires Apache2 >= 2.5.0. diff --git a/spec/classes/nova_wsgi_apache_api_spec.rb b/spec/classes/nova_wsgi_apache_api_spec.rb index a72fe24d0..2b7ff922d 100644 --- a/spec/classes/nova_wsgi_apache_api_spec.rb +++ b/spec/classes/nova_wsgi_apache_api_spec.rb @@ -33,8 +33,12 @@ describe 'nova::wsgi::apache_api' do :request_headers => nil, :custom_wsgi_process_options => {}, :access_log_file => nil, + :access_log_pipe => nil, + :access_log_syslog => nil, :access_log_format => nil, :error_log_file => nil, + :error_log_pipe => nil, + :error_log_syslog => nil, )} end @@ -63,9 +67,6 @@ describe 'nova::wsgi::apache_api' do }, :headers => ['set X-XSS-Protection "1; mode=block"'], :request_headers => ['set Content-Type "application/json"'], - :access_log_file => '/var/log/httpd/access_log', - :access_log_format => 'some format', - :error_log_file => '/var/log/httpd/error_log' } end @@ -92,9 +93,6 @@ describe 'nova::wsgi::apache_api' do :custom_wsgi_process_options => { 'python_path' => '/my/python/path', }, - :access_log_file => '/var/log/httpd/access_log', - :access_log_format => 'some format', - :error_log_file => '/var/log/httpd/error_log' )} end @@ -107,6 +105,119 @@ describe 'nova::wsgi::apache_api' do it { should raise_error(Puppet::Error, /nova::api class must be declared in composition layer./) } end + context 'with custom access logging' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::api': + service_name => 'httpd', + }" + end + + let :params do + { + :access_log_format => 'foo', + :access_log_syslog => 'syslog:local0', + :error_log_syslog => 'syslog:local1', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_api_wsgi').with( + :access_log_format => params[:access_log_format], + :access_log_syslog => params[:access_log_syslog], + :error_log_syslog => params[:error_log_syslog], + )} + end + + context 'with access_log_file' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::api': + service_name => 'httpd', + }" + end + + let :params do + { + :access_log_file => '/path/to/file', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_api_wsgi').with( + :access_log_file => params[:access_log_file], + )} + end + + context 'with access_log_pipe' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::api': + service_name => 'httpd', + }" + end + + let :params do + { + :access_log_pipe => 'pipe', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_api_wsgi').with( + :access_log_pipe => params[:access_log_pipe], + )} + end + + context 'with error_log_file' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::api': + service_name => 'httpd', + }" + end + + let :params do + { + :error_log_file => '/path/to/file', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_api_wsgi').with( + :error_log_file => params[:error_log_file], + )} + end + + context 'with error_log_pipe' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::api': + service_name => 'httpd', + }" + end + + let :params do + { + :error_log_pipe => 'pipe', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_api_wsgi').with( + :error_log_pipe => params[:error_log_pipe], + )} + end end on_supported_os({ diff --git a/spec/classes/nova_wsgi_apache_metadata_spec.rb b/spec/classes/nova_wsgi_apache_metadata_spec.rb index 5fd4a4acd..5ef6b144f 100644 --- a/spec/classes/nova_wsgi_apache_metadata_spec.rb +++ b/spec/classes/nova_wsgi_apache_metadata_spec.rb @@ -31,8 +31,12 @@ describe 'nova::wsgi::apache_metadata' do :request_headers => nil, :custom_wsgi_process_options => {}, :access_log_file => nil, + :access_log_pipe => nil, + :access_log_syslog => nil, :access_log_format => nil, :error_log_file => nil, + :error_log_pipe => nil, + :error_log_syslog => nil, )} end @@ -59,9 +63,6 @@ describe 'nova::wsgi::apache_metadata' do }, :headers => ['set X-XSS-Protection "1; mode=block"'], :request_headers => ['set Content-Type "application/json"'], - :access_log_file => '/var/log/httpd/access_log', - :access_log_format => 'some format', - :error_log_file => '/var/log/httpd/error_log' } end @@ -88,9 +89,6 @@ describe 'nova::wsgi::apache_metadata' do :custom_wsgi_process_options => { 'python_path' => '/my/python/path', }, - :access_log_file => '/var/log/httpd/access_log', - :access_log_format => 'some format', - :error_log_file => '/var/log/httpd/error_log' )} end @@ -103,6 +101,109 @@ describe 'nova::wsgi::apache_metadata' do it { should raise_error(Puppet::Error, /nova::metadata class must be declared in composition layer./) } end + context 'with custom access logging' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::metadata': }" + end + + let :params do + { + :access_log_format => 'foo', + :access_log_syslog => 'syslog:local0', + :error_log_syslog => 'syslog:local1', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_metadata_wsgi').with( + :access_log_format => params[:access_log_format], + :access_log_syslog => params[:access_log_syslog], + :error_log_syslog => params[:error_log_syslog], + )} + end + + context 'with access_log_file' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::metadata': }" + end + + let :params do + { + :access_log_file => '/path/to/file', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_metadata_wsgi').with( + :access_log_file => params[:access_log_file], + )} + end + + context 'with access_log_pipe' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::metadata': }" + end + + let :params do + { + :access_log_pipe => 'pipe', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_metadata_wsgi').with( + :access_log_pipe => params[:access_log_pipe], + )} + end + + context 'with error_log_file' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::metadata': }" + end + + let :params do + { + :error_log_file => '/path/to/file', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_metadata_wsgi').with( + :error_log_file => params[:error_log_file], + )} + end + + context 'with error_log_pipe' do + let :pre_condition do + "include nova + class { 'nova::keystone::authtoken': + password => 'secrete', + } + class { 'nova::metadata': }" + end + + let :params do + { + :error_log_pipe => 'pipe', + } + end + + it { should contain_openstacklib__wsgi__apache('nova_metadata_wsgi').with( + :error_log_pipe => params[:error_log_pipe], + )} + end end on_supported_os({