Add option for barbican API container to log to stdout/stderr

This adds the option to get the barbican API container to log to stdout.
The option is disabled by default. If enabled, It also adds a sidecar
container that reads the apache access logs.

bp logging-stdout-rsyslog
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>

Change-Id: Ia06fee2826062330a4377ca5fda7e3ba68534af6
This commit is contained in:
Ade Lee 2017-10-31 12:15:18 -04:00 committed by Juan Antonio Osorio Robles
parent f7c0619f1b
commit 3d510d7700
5 changed files with 134 additions and 23 deletions

View File

@ -66,6 +66,10 @@ resources:
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
BarbicanApiLogging:
type: OS::TripleO::Services::Logging::BarbicanApi
outputs:
role_data:
description: Role data for the Barbican API role.
@ -74,6 +78,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [BarbicanApiBase, role_data, config_settings]
- get_attr: [BarbicanApiLogging, config_settings]
- apache::default_vhost: false
logging_source: {get_attr: [BarbicanApiBase, role_data, logging_source]}
logging_groups: {get_attr: [BarbicanApiBase, role_data, logging_groups]}
@ -99,27 +104,30 @@ outputs:
docker_config:
# db sync runs before permissions set by kolla_config
step_2:
barbican_init_logs:
image: &barbican_api_image {get_param: DockerBarbicanApiImage}
privileged: false
user: root
volumes:
- /var/log/containers/barbican:/var/log/barbican
command: ['/bin/bash', '-c', 'chown -R barbican:barbican /var/log/barbican']
get_attr: [BarbicanApiLogging, docker_config, step_2]
step_3:
barbican_api_db_sync:
start_order: 0
image: *barbican_api_image
image: &barbican_api_image {get_param: DockerBarbicanApiImage}
net: host
detach: false
user: root
volumes: &barbican_api_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [BarbicanApiLogging, volumes]}
-
- /var/lib/config-data/barbican/etc/barbican/:/etc/barbican/:ro
- /var/log/containers/barbican:/var/log/barbican
command: "/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '/usr/bin/barbican-manage db upgrade'"
command:
# NOTE(jaosorior): When providing extra arguments, we need to make sure that they're part
# of the bash -c invocation, so we include them in the quoted db sync command. Hence the
# final single quote that's part of the list_join.
list_join:
- ' '
- - "/usr/bin/bootstrap_host_exec barbican_api su barbican -s /bin/bash -c '/usr/bin/barbican-manage"
- {get_attr: [BarbicanApiLogging, cmd_extra_args]}
- "db upgrade"
- "'"
step_4:
barbican_api:
image: *barbican_api_image
@ -130,9 +138,9 @@ outputs:
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [BarbicanApiLogging, volumes]}
-
- /var/lib/kolla/config_files/barbican_api.json:/var/lib/kolla/config_files/config.json:ro
- /var/log/containers/barbican:/var/log/barbican
- /var/lib/config-data/puppet-generated/barbican/:/var/lib/kolla/config_files/src:ro
-
if:
@ -146,18 +154,7 @@ outputs:
- ''
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: create persistent logs directory
file:
path: /var/log/containers/barbican
state: directory
- name: barbican logs readme
copy:
dest: /var/log/barbican/readme.txt
content: |
Log files from barbican containers can be found under
/var/log/containers/barbican.
ignore_errors: true
host_prep_tasks: {get_attr: [BarbicanApiLogging, host_prep_tasks]}
upgrade_tasks:
- name: Stop and disable barbican_api service
tags: step2

View File

@ -0,0 +1,48 @@
heat_template_version: pike
description: >
OpenStack containerized Barbican API service
parameters:
DockerBarbicanApiImage:
description: image
type: string
outputs:
cmd_extra_args:
description: Extra command line arguments for running the service in the container.
value: ''
config_settings:
description: Extra hieradata needed to log to files in the host.
value: null
volumes:
description: The volumes needed to log to files in the host.
value: &barbican_api_volumes
- /var/log/containers/barbican:/var/log/barbican
- /var/log/containers/httpd/barbican-api:/var/log/httpd
docker_config:
description: Extra containers needed for logging to files in the host.
value:
step_2:
barbican_init_log:
image: {get_param: DockerBarbicanApiImage}
user: root
volumes: *barbican_api_volumes
command: ['/bin/bash', '-c', 'chown -R barbican:barbican /var/log/barbican']
host_prep_tasks:
description: Extra ansible tasks needed for logging to files in the host.
value:
- name: create persistent logs directory
file:
path: "{{ item }}"
state: directory
with_items:
- /var/log/containers/barbican
- /var/log/containers/httpd/barbican-api
- name: barbican logs readme
copy:
dest: /var/log/barbican/readme.txt
content: |
Log files from barbican containers can be found under
/var/log/containers/barbican.
ignore_errors: true

View File

@ -0,0 +1,64 @@
heat_template_version: pike
description: >
OpenStack containerized Barbican service
parameters:
DockerBarbicanApiImage:
description: image
type: string
outputs:
cmd_extra_args:
description: Extra command line arguments for running the service in the container.
value: "--log-dir= --log-file="
config_settings:
description: Extra hieradata needed to log to stdout.
value:
barbican::wsgi::apache::access_log_file: /var/log/httpd/access.log
barbican::wsgi::apache::error_log_file: /var/log/httpd/error_log
docker_config:
description: Extra containers needed for logging to stdout or a sidecar container.
value:
step_2:
barbican_api_apache_error_logs:
start_order: 1
image: {get_param: DockerBarbicanApiImage}
user: root
privileged: false
restart: always
healthcheck:
test: '[ -p /var/log/httpd/error_log ]'
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done']
volumes:
- BarbicanApiLogs:/var/log/
barbican_api_apache_access_logs:
start_order: 1
image: {get_param: DockerBarbicanApiImage}
user: root
privileged: false
restart: always
healthcheck:
test: '[ -p /var/log/httpd/access.log ]'
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done']
volumes:
- BarbicanApiLogs:/var/log/
barbican_api_logs:
start_order: 2
image: {get_param: DockerBarbicanApiImage}
user: barbican
privileged: false
restart: always
healthcheck:
test: '[ -p /var/log/barbican/main.log ]'
command: ['/bin/bash', '-c', 'mkdir -p /var/log/barbican && rm -f /var/log/barbican/main.log && mkfifo /var/log/barbican/main.log && while true; do cat /var/log/barbican/main.log; done']
volumes:
- BarbicanApiLogs:/var/log/
volumes:
description: The volumes needed to log to stdout or a sidecar container.
value:
- BarbicanApiLogs:/var/log/
host_prep_tasks:
description: Extra ansible tasks needed for logging to files in the host.
value: null

View File

@ -1,5 +1,6 @@
resource_registry:
OS::TripleO::Services::Logging::BarbicanApi: ../docker/services/logging/stdout/barbican-api.yaml
OS::TripleO::Services::Logging::GlanceApi: ../docker/services/logging/stdout/glance-api.yaml
OS::TripleO::Services::Logging::HeatApi: ../docker/services/logging/stdout/heat-api.yaml
OS::TripleO::Services::Logging::HeatApiCfn: ../docker/services/logging/stdout/heat-api-cfn.yaml

View File

@ -303,6 +303,7 @@ resource_registry:
OS::TripleO::Services::SkydiveAnalyzer: OS::Heat::None
# Logging
OS::TripleO::Services::Logging::BarbicanApi: docker/services/logging/files/barbican-api.yaml
OS::TripleO::Services::Logging::GlanceApi: docker/services/logging/files/glance-api.yaml
OS::TripleO::Services::Logging::HeatApi: docker/services/logging/files/heat-api.yaml
OS::TripleO::Services::Logging::HeatApiCfn: docker/services/logging/files/heat-api-cfn.yaml