Ensure we get dedicated logging file for HAProxy

With the current configuration, HAProxy logs are in the host journal.
This isn't really friendly when you want to debug issues with this service.

This patches ensures HAProxy logs are in a dedicated file, using the syslog
facility set in its configuration.

Closes-Bug: #1814880
Depends-On: I8fee040287940188f6bc6bc35bdbdaf6c234cbfd
Change-Id: Ia615ac07d0c559deb65e307bb6254127e989794d
(cherry picked from commit 0576e26234)
This commit is contained in:
Cédric Jeanneret 2018-11-28 13:56:13 +01:00 committed by Damien Ciabrini
parent 851b1e94ac
commit 31ab969ed9
6 changed files with 95 additions and 3 deletions

View File

@ -8,6 +8,14 @@
when: step == "1"
become: true
block:
- name: Create and ensure setype for /var/log/containers directory
file:
path: /var/log/containers
state: directory
setype: var_log_t
selevel: s0
tags:
- host_config
- name: Create /var/lib/tripleo-config directory
file: path=/var/lib/tripleo-config state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true

View File

@ -40,6 +40,10 @@ parameters:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
SSLCertificate:
default: ''
description: >
@ -110,6 +114,8 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
HAProxySyslogFacility: {get_param: HAProxySyslogFacility}
HAProxyLogging:
type: OS::TripleO::Services::Logging::HAProxy
@ -248,13 +254,33 @@ outputs:
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: Check if rsyslog exists
shell: systemctl is-active rsyslog
register: rsyslog_config
- when: rsyslog_config.rc == 0
block:
- name: Forward logging to haproxy.log file
blockinfile:
content: |
if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log
& stop
create: yes
path: /etc/rsyslog.d/openstack-haproxy.conf
vars:
facility: {get_param: HAProxySyslogFacility}
register: logconfig
- name: restart rsyslog service after logging conf change
service:
name: rsyslog
state: restarted
when: logconfig is changed
- name: create persistent directories
file:
path: "{{ item.path }}"
state: directory
setype: "{{ item.setype }}"
with_items:
- { 'path': /var/log/containers/haproxy, 'setype': svirt_sandbox_file_t }
- { 'path': /var/log/containers/haproxy, 'setype': var_log_t }
- { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t }
- { 'path': /var/log/haproxy, 'setype': svirt_sandbox_file_t }
- name: haproxy logs readme

View File

@ -67,6 +67,14 @@ parameters:
HAProxyInternalTLSKeysDirectory:
default: '/etc/pki/tls/private/haproxy'
type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
ConfigDebug:
default: false
description: Whether to run config management (e.g. Puppet) in debug mode.
@ -109,6 +117,8 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
HAProxySyslogFacility: {get_param: HAProxySyslogFacility}
outputs:
role_data:
@ -279,12 +289,41 @@ outputs:
- - 'TRIPLEO_DEPLOY_IDENTIFIER='
- {get_param: DeployIdentifier}
host_prep_tasks:
- name: Check if rsyslog exists
shell: systemctl is-active rsyslog
register: rsyslog_config
- when: rsyslog_config.rc == 0
block:
- name: Forward logging to haproxy.log file
blockinfile:
content: |
if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log
& stop
create: yes
path: /etc/rsyslog.d/openstack-haproxy.conf
vars:
facility: {get_param: HAProxySyslogFacility}
register: logconfig
- name: restart rsyslog service after logging conf change
service:
name: rsyslog
state: restarted
when: logconfig is changed
- name: create persistent directories
file:
path: "{{ item }}"
path: "{{ item.path }}"
state: directory
setype: "{{ item.setype }}"
with_items:
- /var/lib/haproxy
- { 'path': /var/log/containers/haproxy, 'setype': var_log_t }
- { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t }
- name: haproxy logs readme
copy:
dest: /var/log/haproxy/readme.txt
content: |
Log files from the haproxy containers can be found under
/var/log/containers/haproxy.
ignore_errors: true
metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings]
update_tasks:

View File

@ -46,6 +46,10 @@ parameters:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
HAProxyStatsEnabled:
default: true
description: Whether or not to enable the HAProxy stats interface.
@ -129,6 +133,7 @@ outputs:
'107 haproxy stats':
dport: 1993
tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
tripleo::haproxy::haproxy_log_facility: {get_param: HAProxySyslogFacility}
tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
tripleo::haproxy::redis_password: {get_param: RedisPassword}

View File

@ -30,6 +30,14 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
resources:
LoadbalancerServiceBase:
@ -53,6 +61,8 @@ outputs:
- get_attr: [LoadbalancerServiceBase, role_data, config_settings]
- tripleo::haproxy::haproxy_service_manage: false
tripleo::haproxy::mysql_clustercheck: true
tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
tripleo::haproxy::haproxy_log_facility: {get_param: HAProxySyslogFacility}
step_config: |
include ::tripleo::profile::pacemaker::haproxy
metadata_settings:

View File

@ -0,0 +1,4 @@
---
features:
- Allow to output HAProxy in a dedicated file
- Adds new HAProxySyslogFacility param