a9c1bc3518
Right now the default stunnel.conf log level is set at 'notice' which, when we deploy redis, fills up the logs with the following messages: May 09 14:18:36 controller-1.redhat.local dockerd-current[19810]: 2018.05.09 14:18:36 LOG5[1:139972682520320]: connect_blocking: connected 127.0.0.1:6379 May 09 14:18:36 controller-1.redhat.local dockerd-current[19810]: 2018.05.09 14:18:36 LOG5[1:139972682520320]: Service [redis] connected remote server from 127.0.0.1:60412 May 09 14:18:36 controller-1.redhat.local stunnel[41495]: LOG5[1:139972682409728]: Service [redis] accepted connection from 172.17.1.21:60770 May 09 14:18:36 controller-1.redhat.local dockerd-current[19810]: 2018.05.09 14:18:36 LOG5[1:139972682409728]: Service [redis] accepted connection from 172.17.1.21:60770 May 09 14:18:36 controller-1.redhat.local stunnel[41495]: LOG5[1:139972682409728]: connect_blocking: connected 127.0.0.1:6379 May 09 14:18:36 controller-1.redhat.local dockerd-current[19810]: 2018.05.09 14:18:36 LOG5[1:139972682409728]: connect_blocking: connected 127.0.0.1:6379 May 09 14:18:36 controller-1.redhat.local stunnel[41495]: LOG5[1:139972682409728]: Service [redis] connected remote server from 127.0.0.1:60418 May 09 14:18:36 controller-1.redhat.local dockerd-current[19810]: 2018.05.09 14:18:36 LOG5[1:139972682409728]: Service [redis] connected remote server from 127.0.0.1:60418 Those messages are from the haproxy healthceck. Let's move the default debug config to warning which will ignore the above errors. Closes-Bug: #1770180 Change-Id: I93bd0048e85864fa9e62dc38c3575ec7b48e5df5
66 lines
1.8 KiB
Puppet
66 lines
1.8 KiB
Puppet
# Copyright 2017 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
# == Class: tripleo::stunnel
|
|
#
|
|
# Installs and starts stunnel
|
|
#
|
|
# [*manage_service*]
|
|
# (Optional) Whether we'll be managing the stunnel service or not.
|
|
# Defaults to true
|
|
#
|
|
# [*service_ensure*]
|
|
# (Optional) Ensure the service be running or stopped
|
|
# Defaults to 'running'
|
|
#
|
|
# [*foreground*]
|
|
# (Optional) Sets the configuration for stunnel to run the process in
|
|
# the foreground. This is useful when trying to run stunnel in a
|
|
# container.
|
|
# Defaults to 'no'
|
|
#
|
|
# [*debug*]
|
|
# (Optional) Sets the debug level in stunnel.conf
|
|
# Defaults to '4' which translates to 'warning'.
|
|
#
|
|
class tripleo::stunnel (
|
|
$manage_service = true,
|
|
$service_ensure = 'running',
|
|
$foreground = 'no',
|
|
$debug = 'warning',
|
|
){
|
|
package { 'stunnel':
|
|
ensure => 'present'
|
|
}
|
|
|
|
concat { '/etc/stunnel/stunnel.conf':
|
|
ensure => present,
|
|
}
|
|
concat::fragment { 'stunnel-foreground':
|
|
target => '/etc/stunnel/stunnel.conf',
|
|
order => '10-foreground-config',
|
|
content => template('tripleo/stunnel/foreground.erb'),
|
|
}
|
|
if $manage_service {
|
|
Concat['/etc/stunnel/stunnel.conf'] ~> Service['stunnel']
|
|
|
|
include ::tripleo::stunnel::systemd_unit
|
|
|
|
service { 'stunnel':
|
|
ensure => $service_ensure
|
|
}
|
|
}
|
|
}
|