Add option for barbican API container to log to stdout/stderr
This adds the option to get the barbican API container to log to stdout. The option is disabled by default. If enabled, It also adds a sidecar container that reads the apache access logs. bp logging-stdout-rsyslog Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Change-Id: Ia06fee2826062330a4377ca5fda7e3ba68534af6
This commit is contained in:
parent
f7c0619f1b
commit
3d510d7700
|
@ -66,6 +66,10 @@ resources:
|
||||||
RoleName: {get_param: RoleName}
|
RoleName: {get_param: RoleName}
|
||||||
RoleParameters: {get_param: RoleParameters}
|
RoleParameters: {get_param: RoleParameters}
|
||||||
|
|
||||||
|
BarbicanApiLogging:
|
||||||
|
type: OS::TripleO::Services::Logging::BarbicanApi
|
||||||
|
|
||||||
|
|
||||||
outputs:
|
outputs:
|
||||||
role_data:
|
role_data:
|
||||||
description: Role data for the Barbican API role.
|
description: Role data for the Barbican API role.
|
||||||
|
@ -74,6 +78,7 @@ outputs:
|
||||||
config_settings:
|
config_settings:
|
||||||
map_merge:
|
map_merge:
|
||||||
- get_attr: [BarbicanApiBase, role_data, config_settings]
|
- get_attr: [BarbicanApiBase, role_data, config_settings]
|
||||||
|
- get_attr: [BarbicanApiLogging, config_settings]
|
||||||
- apache::default_vhost: false
|
- apache::default_vhost: false
|
||||||
logging_source: {get_attr: [BarbicanApiBase, role_data, logging_source]}
|
logging_source: {get_attr: [BarbicanApiBase, role_data, logging_source]}
|
||||||
logging_groups: {get_attr: [BarbicanApiBase, role_data, logging_groups]}
|
logging_groups: {get_attr: [BarbicanApiBase, role_data, logging_groups]}
|
||||||
|
@ -99,27 +104,30 @@ outputs:
|
||||||
docker_config:
|
docker_config:
|
||||||
# db sync runs before permissions set by kolla_config
|
# db sync runs before permissions set by kolla_config
|
||||||
step_2:
|
step_2:
|
||||||
barbican_init_logs:
|
get_attr: [BarbicanApiLogging, docker_config, step_2]
|
||||||
image: &barbican_api_image {get_param: DockerBarbicanApiImage}
|
|
||||||
privileged: false
|
|
||||||
user: root
|
|
||||||
volumes:
|
|
||||||
- /var/log/containers/barbican:/var/log/barbican
|
|
||||||
command: ['/bin/bash', '-c', 'chown -R barbican:barbican /var/log/barbican']
|
|
||||||
step_3:
|
step_3:
|
||||||
barbican_api_db_sync:
|
barbican_api_db_sync:
|
||||||
start_order: 0
|
start_order: 0
|
||||||
image: *barbican_api_image
|
image: &barbican_api_image {get_param: DockerBarbicanApiImage}
|
||||||
net: host
|
net: host
|
||||||
detach: false
|
detach: false
|
||||||
user: root
|
user: root
|
||||||
volumes: &barbican_api_volumes
|
volumes: &barbican_api_volumes
|
||||||
list_concat:
|
list_concat:
|
||||||
- {get_attr: [ContainersCommon, volumes]}
|
- {get_attr: [ContainersCommon, volumes]}
|
||||||
|
- {get_attr: [BarbicanApiLogging, volumes]}
|
||||||
-
|
-
|
||||||
- /var/lib/config-data/barbican/etc/barbican/:/etc/barbican/:ro
|
- /var/lib/config-data/barbican/etc/barbican/:/etc/barbican/:ro
|
||||||
- /var/log/containers/barbican:/var/log/barbican
|
command:
|
||||||
command: "/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '/usr/bin/barbican-manage db upgrade'"
|
# NOTE(jaosorior): When providing extra arguments, we need to make sure that they're part
|
||||||
|
# of the bash -c invocation, so we include them in the quoted db sync command. Hence the
|
||||||
|
# final single quote that's part of the list_join.
|
||||||
|
list_join:
|
||||||
|
- ' '
|
||||||
|
- - "/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '/usr/bin/barbican-manage"
|
||||||
|
- {get_attr: [BarbicanApiLogging, cmd_extra_args]}
|
||||||
|
- "db upgrade"
|
||||||
|
- "'"
|
||||||
step_4:
|
step_4:
|
||||||
barbican_api:
|
barbican_api:
|
||||||
image: *barbican_api_image
|
image: *barbican_api_image
|
||||||
|
@ -130,9 +138,9 @@ outputs:
|
||||||
volumes:
|
volumes:
|
||||||
list_concat:
|
list_concat:
|
||||||
- {get_attr: [ContainersCommon, volumes]}
|
- {get_attr: [ContainersCommon, volumes]}
|
||||||
|
- {get_attr: [BarbicanApiLogging, volumes]}
|
||||||
-
|
-
|
||||||
- /var/lib/kolla/config_files/barbican_api.json:/var/lib/kolla/config_files/config.json:ro
|
- /var/lib/kolla/config_files/barbican_api.json:/var/lib/kolla/config_files/config.json:ro
|
||||||
- /var/log/containers/barbican:/var/log/barbican
|
|
||||||
- /var/lib/config-data/puppet-generated/barbican/:/var/lib/kolla/config_files/src:ro
|
- /var/lib/config-data/puppet-generated/barbican/:/var/lib/kolla/config_files/src:ro
|
||||||
-
|
-
|
||||||
if:
|
if:
|
||||||
|
@ -146,18 +154,7 @@ outputs:
|
||||||
- ''
|
- ''
|
||||||
environment:
|
environment:
|
||||||
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
||||||
host_prep_tasks:
|
host_prep_tasks: {get_attr: [BarbicanApiLogging, host_prep_tasks]}
|
||||||
- name: create persistent logs directory
|
|
||||||
file:
|
|
||||||
path: /var/log/containers/barbican
|
|
||||||
state: directory
|
|
||||||
- name: barbican logs readme
|
|
||||||
copy:
|
|
||||||
dest: /var/log/barbican/readme.txt
|
|
||||||
content: |
|
|
||||||
Log files from barbican containers can be found under
|
|
||||||
/var/log/containers/barbican.
|
|
||||||
ignore_errors: true
|
|
||||||
upgrade_tasks:
|
upgrade_tasks:
|
||||||
- name: Stop and disable barbican_api service
|
- name: Stop and disable barbican_api service
|
||||||
tags: step2
|
tags: step2
|
||||||
|
|
|
@ -0,0 +1,48 @@
|
||||||
|
heat_template_version: pike
|
||||||
|
|
||||||
|
description: >
|
||||||
|
OpenStack containerized Barbican API service
|
||||||
|
|
||||||
|
parameters:
|
||||||
|
DockerBarbicanApiImage:
|
||||||
|
description: image
|
||||||
|
type: string
|
||||||
|
|
||||||
|
outputs:
|
||||||
|
cmd_extra_args:
|
||||||
|
description: Extra command line arguments for running the service in the container.
|
||||||
|
value: ''
|
||||||
|
config_settings:
|
||||||
|
description: Extra hieradata needed to log to files in the host.
|
||||||
|
value: null
|
||||||
|
volumes:
|
||||||
|
description: The volumes needed to log to files in the host.
|
||||||
|
value: &barbican_api_volumes
|
||||||
|
- /var/log/containers/barbican:/var/log/barbican
|
||||||
|
- /var/log/containers/httpd/barbican-api:/var/log/httpd
|
||||||
|
docker_config:
|
||||||
|
description: Extra containers needed for logging to files in the host.
|
||||||
|
value:
|
||||||
|
step_2:
|
||||||
|
barbican_init_log:
|
||||||
|
image: {get_param: DockerBarbicanApiImage}
|
||||||
|
user: root
|
||||||
|
volumes: *barbican_api_volumes
|
||||||
|
command: ['/bin/bash', '-c', 'chown -R barbican:barbican /var/log/barbican']
|
||||||
|
host_prep_tasks:
|
||||||
|
description: Extra ansible tasks needed for logging to files in the host.
|
||||||
|
value:
|
||||||
|
- name: create persistent logs directory
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- /var/log/containers/barbican
|
||||||
|
- /var/log/containers/httpd/barbican-api
|
||||||
|
- name: barbican logs readme
|
||||||
|
copy:
|
||||||
|
dest: /var/log/barbican/readme.txt
|
||||||
|
content: |
|
||||||
|
Log files from barbican containers can be found under
|
||||||
|
/var/log/containers/barbican.
|
||||||
|
ignore_errors: true
|
|
@ -0,0 +1,64 @@
|
||||||
|
heat_template_version: pike
|
||||||
|
|
||||||
|
description: >
|
||||||
|
OpenStack containerized Barbican service
|
||||||
|
|
||||||
|
parameters:
|
||||||
|
DockerBarbicanApiImage:
|
||||||
|
description: image
|
||||||
|
type: string
|
||||||
|
|
||||||
|
outputs:
|
||||||
|
cmd_extra_args:
|
||||||
|
description: Extra command line arguments for running the service in the container.
|
||||||
|
value: "--log-dir= --log-file="
|
||||||
|
config_settings:
|
||||||
|
description: Extra hieradata needed to log to stdout.
|
||||||
|
value:
|
||||||
|
barbican::wsgi::apache::access_log_file: /var/log/httpd/access.log
|
||||||
|
barbican::wsgi::apache::error_log_file: /var/log/httpd/error_log
|
||||||
|
docker_config:
|
||||||
|
description: Extra containers needed for logging to stdout or a sidecar container.
|
||||||
|
value:
|
||||||
|
step_2:
|
||||||
|
barbican_api_apache_error_logs:
|
||||||
|
start_order: 1
|
||||||
|
image: {get_param: DockerBarbicanApiImage}
|
||||||
|
user: root
|
||||||
|
privileged: false
|
||||||
|
restart: always
|
||||||
|
healthcheck:
|
||||||
|
test: '[ -p /var/log/httpd/error_log ]'
|
||||||
|
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done']
|
||||||
|
volumes:
|
||||||
|
- BarbicanApiLogs:/var/log/
|
||||||
|
barbican_api_apache_access_logs:
|
||||||
|
start_order: 1
|
||||||
|
image: {get_param: DockerBarbicanApiImage}
|
||||||
|
user: root
|
||||||
|
privileged: false
|
||||||
|
restart: always
|
||||||
|
healthcheck:
|
||||||
|
test: '[ -p /var/log/httpd/access.log ]'
|
||||||
|
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done']
|
||||||
|
volumes:
|
||||||
|
- BarbicanApiLogs:/var/log/
|
||||||
|
barbican_api_logs:
|
||||||
|
start_order: 2
|
||||||
|
image: {get_param: DockerBarbicanApiImage}
|
||||||
|
user: barbican
|
||||||
|
privileged: false
|
||||||
|
restart: always
|
||||||
|
healthcheck:
|
||||||
|
test: '[ -p /var/log/barbican/main.log ]'
|
||||||
|
command: ['/bin/bash', '-c', 'mkdir -p /var/log/barbican && rm -f /var/log/barbican/main.log && mkfifo /var/log/barbican/main.log && while true; do cat /var/log/barbican/main.log; done']
|
||||||
|
volumes:
|
||||||
|
- BarbicanApiLogs:/var/log/
|
||||||
|
volumes:
|
||||||
|
description: The volumes needed to log to stdout or a sidecar container.
|
||||||
|
value:
|
||||||
|
- BarbicanApiLogs:/var/log/
|
||||||
|
host_prep_tasks:
|
||||||
|
description: Extra ansible tasks needed for logging to files in the host.
|
||||||
|
value: null
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
resource_registry:
|
resource_registry:
|
||||||
|
|
||||||
|
OS::TripleO::Services::Logging::BarbicanApi: ../docker/services/logging/stdout/barbican-api.yaml
|
||||||
OS::TripleO::Services::Logging::GlanceApi: ../docker/services/logging/stdout/glance-api.yaml
|
OS::TripleO::Services::Logging::GlanceApi: ../docker/services/logging/stdout/glance-api.yaml
|
||||||
OS::TripleO::Services::Logging::HeatApi: ../docker/services/logging/stdout/heat-api.yaml
|
OS::TripleO::Services::Logging::HeatApi: ../docker/services/logging/stdout/heat-api.yaml
|
||||||
OS::TripleO::Services::Logging::HeatApiCfn: ../docker/services/logging/stdout/heat-api-cfn.yaml
|
OS::TripleO::Services::Logging::HeatApiCfn: ../docker/services/logging/stdout/heat-api-cfn.yaml
|
||||||
|
|
|
@ -303,6 +303,7 @@ resource_registry:
|
||||||
OS::TripleO::Services::SkydiveAnalyzer: OS::Heat::None
|
OS::TripleO::Services::SkydiveAnalyzer: OS::Heat::None
|
||||||
|
|
||||||
# Logging
|
# Logging
|
||||||
|
OS::TripleO::Services::Logging::BarbicanApi: docker/services/logging/files/barbican-api.yaml
|
||||||
OS::TripleO::Services::Logging::GlanceApi: docker/services/logging/files/glance-api.yaml
|
OS::TripleO::Services::Logging::GlanceApi: docker/services/logging/files/glance-api.yaml
|
||||||
OS::TripleO::Services::Logging::HeatApi: docker/services/logging/files/heat-api.yaml
|
OS::TripleO::Services::Logging::HeatApi: docker/services/logging/files/heat-api.yaml
|
||||||
OS::TripleO::Services::Logging::HeatApiCfn: docker/services/logging/files/heat-api-cfn.yaml
|
OS::TripleO::Services::Logging::HeatApiCfn: docker/services/logging/files/heat-api-cfn.yaml
|
||||||
|
|
Loading…
Reference in New Issue