openstack/puppet-tripleo
Code Issues Proposed changes

Rework GDPR compliant logrotate config

Browse Source 
Set the logrotate maxage parameter to purge_after_days
as well.

Rework additional retention rules of files in
/var/log/containers in the containerized logrotate
postrotate script. The rules are based on any of the
listed criteria met:

* time of last access of contents (atime) exceeds
purge_after_days,
* time of last modification of contents (mtime) exceeds
purge_after_days,
* time of last modification of the inode (metadata, ctime)
exceeds purge_after_days.

Forcibly purge expired files with each containerized
logrotate run triggered via cron. Note that the files creation
time (the Birth attribute) is not taken into account as it
cannot be accessed normally by system operators (depends on FS
type). Retention policies based on the creation time must
be managed elsewhere.

Related-Bug: #1771543

Change-Id: I9afa22f7dd344a29747206b286520a76d70d704b
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
This commit is contained in:
Bogdan Dobrelya 2018-05-22 14:53:27 +02:00 committed by Alex Schultz
parent b2d7cab5f1
commit 5a58ca5d32
3 changed files with 46 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
manifests/profile/base/logging/logrotate.pp
View File

@ -50,6 +50,14 @@
# [*user*]
# (optional) Defaults to 'root'. Configures cron job for logrotate.
#
# [*delaycompress*]
# (optional) Defaults to True.
# Configures the logrotate delaycompress parameter.
#
# [*compress*]
# (optional) Defaults to True.
# Configures the logrotate compress parameter.
#
# [*maxsize*]
# (optional) Defaults to '10M'.
# Configures the logrotate maxsize parameter.
@ -73,14 +81,6 @@
# DEPRECATED: (optional) Defaults to '10M'.
# Configures the logrotate size parameter.
#
# [*delaycompress*]
# (optional) Defaults to True.
# Configures the logrotate delaycompress parameter.
#
# [*compress*]
# (optional) Defaults to True.
# Configures the logrotate compress parameter.
#
class tripleo::profile::base::logging::logrotate (
$step = Integer(hiera('step')),
$ensure = present,
@ -91,24 +91,21 @@ class tripleo::profile::base::logging::logrotate (
$weekday = '*',
Integer $maxdelay = 90,
$user = 'root',
$delaycompress = true,
$compress = true,
$rotation = 'daily',
$maxsize = '10M',
$rotate = 14,
$purge_after_days = 14,
# DEPRECATED PARAMETERS
$size = undef,
$delaycompress = false,
$compress = true,
) {
if $step >= 4 {
if (! $compress or $delaycompress or $size != undef) {
warning('Size and delaycompress are DISABLED to enforce GDPR.')
if ($size != undef) {
warning('The size parameter is DISABLED to enforce GDPR.')
warning('Size configures maxsize instead of size.')
warning('Compress cannot be delayed or turned off.')
$maxsize = pick($size, $maxsize)
$compress = true
$delaycompress = false
}
if $maxdelay == 0 {
$sleep = ''

34
releasenotes/notes/logrotate-containers-purge-56143a979ba80b51.yaml
View File

@ -6,21 +6,33 @@ upgrade:
triggered via cron, if the rotated logs have been kept longer
than `purge_after_days` (defaults to a 14 days).
Containerized logrotate now always compresses the rotated
/var/log/containers logs and this can no longer be delayed
with delaycompress. Size parameter does not honor time-based
The logrotate maxage parameter is set to `purge_after_days`
as well.
The size parameter does not honor time-based
constraints and is disabled as not GDPR compliant. From now on,
it configures maxsize instead. Minsize is set to a 1 byte to
put all /var/log/containers logs under the containerized
logrotate control.
New param `rotation` additionally allows to alter logrotate
rotation interval, like 'hourly' or 'weekly'.
security:
- |
Forcibly purge rotated /var/log/containers logs after
`purge_after_days` (defaults to a 14 days). New param `rotation`
additionally allows to alter logrotate rotation interval.
Defaults to a 'daily'. Make sure to adjust `purge_after_days` as
needed.
Retention rules of files in /var/log/containers additionally
defined in the containerized logrotate postrotate script and
based on any of the listed criteria met:
Any files in /var/log/containers, if not managed by
the containerized logrotate, will be purged forcibly with each
containerized logrotate run triggered via cron.
* time of last access of contents (atime) exceeds
`purge_after_days`,
* time of last modification of contents (mtime) exceeds
`purge_after_days`,
* time of last modification of the inode (metadata, ctime)
exceeds `purge_after_days`.
Expired files will be purged forcibly with each containerized
logrotate run triggered via cron. Note that the files creation
time (the Birth attribute) is not taken into account as it
cannot be accessed normally by system operators (depends on FS
type). Retention policies based on the creation time must
be managed elsewhere.

18
templates/logrotate/containers_logrotate.conf.erb
View File

@ -1,6 +1,7 @@
/var/log/containers/*/*log /var/log/containers/*/*/*log {
<%= @rotation %>
rotate <%= @rotate %>
maxage <%= @purge_after_days %>
# minsize 1 is required for GDPR compliance, all files in
# /var/log/containers not managed with logrotate will be purged!
minsize 1
@ -9,17 +10,20 @@
maxsize <%= @maxsize %>
missingok
notifempty
# Do not use delaycompress as it's not compatible with the postrotate script.
# Compress always is required for the postrotate script compatibility.
<%- if @delaycompress %>
delaycompress
<%- end %>
<%- if @compress %>
compress
<%- end %>
sharedscripts
postrotate
/usr/bin/find /var/log/containers -type f \
\( -mtime +<%= @purge_after_days %> -or \
-atime +<%= @purge_after_days %> -or \
-ctime +<%= @purge_after_days %> \) -exec rm -f {} \;;
/sbin/lsof -nPs +L1 +D /var/log 2>&1|\
awk '/\S+\s+[0-9]+\s.*\/var\/log\/.*\(deleted\)/ {print $2}' |\
/bin/xargs -n1 -r -t kill -HUP;
/usr/bin/find /var/log/containers -type f \
\( -not -name "*.gz" -and -not -name "*.[0-9]*" \) -exec rm -f {} \;;
/usr/bin/find /var/log/containers -type f \
-mtime +<%= @purge_after_days %> -exec rm -f {} \;
/bin/xargs -n1 -r -t kill -HUP
endscript
}