Introduce nova virtlogd wrapper
When nova_virtlogd container gets restarted the instance console auth
files will not be reopened again by virtlogd. As a result either
instances need to be restarted or live migrated to a different compute
node to get new console logs messages logged again.
Usually on receipt of SIGUSR1, virtlogd will re-exec() its binary,
while maintaining all current logs and clients. This allows for live
upgrades of the virtlogd service on non containerized environments
where updates just by doing an RPM update.
To reduce the likelihood in a containerized environment virtlogd
should only be restarted on manual request, or on compute node reboot.
It should not be restarted on a minor update without migration off
instances.
This introduces a nova_virtlogd_wrapper container and virtlogd wrapper
script, to only restart virtlogd on either manual or compute node
restart.
With NovaEnableVirtlogdContainerWrapper the virtlogd wrapper can be
disabled.
Co-Authored-By: Rajesh Tailor <ratailor@redhat.com>
Closes-Bug: #1838272
Depends-On: https://review.opendev.org/c/openstack/puppet-tripleo/+/795148
Change-Id: Ib1fd2fb89899b40b3ce2574af067006f566ef2ea
(cherry picked from commit 49415d04b2
)
This commit is contained in:
parent
3eb3f8b9ff
commit
0a690e5191
|
@ -281,6 +281,22 @@ parameters:
|
||||||
default: "/var/lib/tripleo-config/ceph"
|
default: "/var/lib/tripleo-config/ceph"
|
||||||
description: |
|
description: |
|
||||||
The path where the Ceph Cluster config files are stored on the host.
|
The path where the Ceph Cluster config files are stored on the host.
|
||||||
|
NovaEnableVirtlogdContainerWrapper:
|
||||||
|
description: Generate a virtlogd wrapper script so that virtlogd launches
|
||||||
|
in a separate container and won't get restarted e.g. on minor
|
||||||
|
updates.
|
||||||
|
type: boolean
|
||||||
|
default: true
|
||||||
|
VirtlogdWrapperDebug:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
description: Controls debugging for the wrapper scripts.
|
||||||
|
DeployIdentifier:
|
||||||
|
default: ''
|
||||||
|
type: string
|
||||||
|
description: >
|
||||||
|
Setting this to a unique value will re-run any deployment tasks which
|
||||||
|
perform configuration on a Heat stack-update.
|
||||||
RbdDiskCachemodes:
|
RbdDiskCachemodes:
|
||||||
type: comma_delimited_list
|
type: comma_delimited_list
|
||||||
default: ['network=writeback']
|
default: ['network=writeback']
|
||||||
|
@ -363,6 +379,9 @@ conditions:
|
||||||
key_size_qemu_client_override_unset: {equals: [{get_param: QemuClientCertificateKeySize}, '']}
|
key_size_qemu_client_override_unset: {equals: [{get_param: QemuClientCertificateKeySize}, '']}
|
||||||
key_size_qemu_server_override_unset: {equals: [{get_param: QemuServerCertificateKeySize}, '']}
|
key_size_qemu_server_override_unset: {equals: [{get_param: QemuServerCertificateKeySize}, '']}
|
||||||
|
|
||||||
|
virtlogd_wrapper_enabled: {equals: [{get_param: NovaEnableVirtlogdContainerWrapper}, true]}
|
||||||
|
service_debug_unset: {equals : [{get_param: VirtlogdWrapperDebug}, false]}
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
RoleParametersValue:
|
RoleParametersValue:
|
||||||
type: OS::Heat::Value
|
type: OS::Heat::Value
|
||||||
|
@ -416,6 +435,15 @@ outputs:
|
||||||
- get_attr: [NovaLibvirtLogging, config_settings]
|
- get_attr: [NovaLibvirtLogging, config_settings]
|
||||||
# we include ::nova::compute::libvirt::services in nova/libvirt profile
|
# we include ::nova::compute::libvirt::services in nova/libvirt profile
|
||||||
- nova::compute::libvirt::manage_libvirt_services: false
|
- nova::compute::libvirt::manage_libvirt_services: false
|
||||||
|
tripleo::profile::base::nova::virtlogd_wrapper::enable_wrapper: {get_param: NovaEnableVirtlogdContainerWrapper}
|
||||||
|
# don't think this is a good place as /var/lib/nova can also be shared storage
|
||||||
|
tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_process_wrapper: '/var/lib/container-config-scripts/virtlogd_wrapper'
|
||||||
|
tripleo::profile::base::nova::virtlogd_wrapper::virtlogd_image: {get_param: ContainerNovaLibvirtImage}
|
||||||
|
tripleo::profile::base::nova::virtlogd_wrapper::debug:
|
||||||
|
if:
|
||||||
|
- service_debug_unset
|
||||||
|
- {get_attr: [NovaBase, role_data, config_settings, 'nova::logging::debug']}
|
||||||
|
- {get_param: VirtlogdWrapperDebug}
|
||||||
# we manage migration in nova common puppet profile
|
# we manage migration in nova common puppet profile
|
||||||
nova::compute::libvirt::migration_support: false
|
nova::compute::libvirt::migration_support: false
|
||||||
nova::compute::rbd::libvirt_images_rbd_ceph_conf:
|
nova::compute::rbd::libvirt_images_rbd_ceph_conf:
|
||||||
|
@ -545,7 +573,13 @@ outputs:
|
||||||
default_user: {get_param: CephClientUserName}
|
default_user: {get_param: CephClientUserName}
|
||||||
multiconfig: {get_param: CinderRbdMultiConfig}
|
multiconfig: {get_param: CinderRbdMultiConfig}
|
||||||
/var/lib/kolla/config_files/nova_virtlogd.json:
|
/var/lib/kolla/config_files/nova_virtlogd.json:
|
||||||
command: /usr/sbin/virtlogd --config /etc/libvirt/virtlogd.conf
|
# IF virtlogd_wrapper_enabled run the wrapper script
|
||||||
|
# if not use current command
|
||||||
|
command:
|
||||||
|
if:
|
||||||
|
- virtlogd_wrapper_enabled
|
||||||
|
- /usr/local/bin/virtlogd_wrapper
|
||||||
|
- /usr/sbin/virtlogd --config /etc/libvirt/virtlogd.conf
|
||||||
config_files:
|
config_files:
|
||||||
- source: "/var/lib/kolla/config_files/src/*"
|
- source: "/var/lib/kolla/config_files/src/*"
|
||||||
dest: "/"
|
dest: "/"
|
||||||
|
@ -573,15 +607,41 @@ outputs:
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
content: { get_file: ../../container_config_scripts/nova_libvirt_init_secret.sh }
|
content: { get_file: ../../container_config_scripts/nova_libvirt_init_secret.sh }
|
||||||
docker_config:
|
docker_config:
|
||||||
|
step_2:
|
||||||
|
create_virtlogd_wrapper:
|
||||||
|
start_order: 1
|
||||||
|
detach: false
|
||||||
|
net: host
|
||||||
|
pid: host
|
||||||
|
user: root
|
||||||
|
command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
|
||||||
|
list_concat:
|
||||||
|
-
|
||||||
|
- '/container_puppet_apply.sh'
|
||||||
|
- '4'
|
||||||
|
- 'file'
|
||||||
|
- 'include ::tripleo::profile::base::nova::virtlogd_wrapper'
|
||||||
|
image: {get_param: ContainerNovaLibvirtImage}
|
||||||
|
volumes:
|
||||||
|
list_concat:
|
||||||
|
- {get_attr: [ContainersCommon, container_puppet_apply_volumes]}
|
||||||
|
-
|
||||||
|
- /var/lib/container-config-scripts:/var/lib/container-config-scripts:shared,z
|
||||||
|
environment:
|
||||||
|
# NOTE: this should force this container to re-run on each
|
||||||
|
# update (scale-out, etc.)
|
||||||
|
TRIPLEO_DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
|
||||||
step_3:
|
step_3:
|
||||||
nova_virtlogd:
|
map_merge:
|
||||||
|
- if:
|
||||||
|
- virtlogd_wrapper_enabled
|
||||||
|
- nova_virtlogd_wrapper: &virtlog_container_config
|
||||||
start_order: 0
|
start_order: 0
|
||||||
image: {get_param: ContainerNovaLibvirtImage}
|
image: {get_param: ContainerNovaLibvirtImage}
|
||||||
ulimit: {get_param: ContainerNovaLibvirtUlimit}
|
ulimit: {get_param: ContainerNovaLibvirtUlimit}
|
||||||
net: host
|
net: host
|
||||||
pid: host
|
pid: host
|
||||||
security_opt:
|
security_opt: label=disable
|
||||||
- label=disable
|
|
||||||
privileged: true
|
privileged: true
|
||||||
restart: always
|
restart: always
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
@ -602,9 +662,16 @@ outputs:
|
||||||
- /etc/libvirt/qemu:/etc/libvirt/qemu:ro
|
- /etc/libvirt/qemu:/etc/libvirt/qemu:ro
|
||||||
- /var/log/libvirt/qemu:/var/log/libvirt/qemu
|
- /var/log/libvirt/qemu:/var/log/libvirt/qemu
|
||||||
- /var/lib/nova:/var/lib/nova:shared
|
- /var/lib/nova:/var/lib/nova:shared
|
||||||
|
-
|
||||||
|
if:
|
||||||
|
- virtlogd_wrapper_enabled
|
||||||
|
-
|
||||||
|
- /var/lib/container-config-scripts/virtlogd_wrapper:/usr/local/bin/virtlogd_wrapper:ro
|
||||||
|
- null
|
||||||
environment:
|
environment:
|
||||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||||
nova_libvirt:
|
- nova_virtlogd: *virtlog_container_config
|
||||||
|
- nova_libvirt:
|
||||||
start_order: 1
|
start_order: 1
|
||||||
image: {get_param: ContainerNovaLibvirtImage}
|
image: {get_param: ContainerNovaLibvirtImage}
|
||||||
ulimit: {get_param: ContainerNovaLibvirtUlimit}
|
ulimit: {get_param: ContainerNovaLibvirtUlimit}
|
||||||
|
@ -618,6 +685,10 @@ outputs:
|
||||||
- label=filetype:container_share_t
|
- label=filetype:container_share_t
|
||||||
restart: always
|
restart: always
|
||||||
depends_on:
|
depends_on:
|
||||||
|
-
|
||||||
|
if:
|
||||||
|
- virtlogd_wrapper_enabled
|
||||||
|
- tripleo_nova_virtlogd_wrapper.service
|
||||||
- tripleo_nova_virtlogd.service
|
- tripleo_nova_virtlogd.service
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: '/openstack/healthcheck libvirtd'
|
test: '/openstack/healthcheck libvirtd'
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
When nova_virtlogd container gets restarted the instance console auth files
|
||||||
|
will not be reopened again by virtlogd. As a result either instances need
|
||||||
|
to be restarted or live migrated to a different compute node to get new
|
||||||
|
console logs messages logged again.
|
||||||
|
Usually on receipt of SIGUSR1, virtlogd will re-exec() its binary, while
|
||||||
|
maintaining all current logs and clients. This allows for live upgrades of
|
||||||
|
the virtlogd service on non containerized environments where updates just
|
||||||
|
by doing an RPM update.
|
||||||
|
To reduce the likelihood in a containerized environment virtlogd should
|
||||||
|
only be restarted on manual request, or on compute node reboot. It should
|
||||||
|
not be restarted on a minor update without migration off instances.
|
||||||
|
This introduces a nova_virtlogd_wrapper container and virtlogd wrapper
|
||||||
|
script, to only restart virtlogd on either manual or compute node restart.
|
||||||
|
|
Loading…
Reference in New Issue