diff --git a/deployment/haproxy/haproxy-container-puppet.yaml b/deployment/haproxy/haproxy-container-puppet.yaml index f208c25dc0..6c34fd9007 100644 --- a/deployment/haproxy/haproxy-container-puppet.yaml +++ b/deployment/haproxy/haproxy-container-puppet.yaml @@ -286,6 +286,31 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS deploy_steps_tasks: + - name: Configure rsyslog for HAproxy container + when: step|int == 1 + block: + - name: Check if rsyslog exists + shell: systemctl is-active rsyslog + register: rsyslog_config + - when: + - rsyslog_config is changed + - rsyslog_config.rc == 0 + block: + - name: Forward logging to haproxy.log file + blockinfile: + content: | + if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log + & stop + create: yes + path: /etc/rsyslog.d/openstack-haproxy.conf + vars: + facility: {get_param: HAProxySyslogFacility} + register: logconfig + - name: restart rsyslog service after logging conf change + service: + name: rsyslog + state: restarted + when: logconfig is changed - name: Run puppet on the host to apply IPtables rules when: step|int == 1 shell: | @@ -340,28 +365,6 @@ outputs: tripleo_delegate_to: "{{ groups['haproxy'] | default([]) }}" host_prep_tasks: - {get_attr: [HAProxyPublicTLS, role_data, host_prep_tasks]} - - name: Check if rsyslog exists - shell: systemctl is-active rsyslog - register: rsyslog_config - - when: - - rsyslog_config is changed - - rsyslog_config.rc == 0 - block: - - name: Forward logging to haproxy.log file - blockinfile: - content: | - if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log - & stop - create: yes - path: /etc/rsyslog.d/openstack-haproxy.conf - vars: - facility: {get_param: HAProxySyslogFacility} - register: logconfig - - name: restart rsyslog service after logging conf change - service: - name: rsyslog - state: restarted - when: logconfig is changed - name: create persistent directories file: path: "{{ item.path }}" diff --git a/deployment/haproxy/haproxy-pacemaker-puppet.yaml b/deployment/haproxy/haproxy-pacemaker-puppet.yaml index 55aec20f25..1585102098 100644 --- a/deployment/haproxy/haproxy-pacemaker-puppet.yaml +++ b/deployment/haproxy/haproxy-pacemaker-puppet.yaml @@ -290,28 +290,13 @@ outputs: - {get_param: DeployIdentifier} host_prep_tasks: - {get_attr: [HAProxyBase, role_data, host_prep_tasks]} - - name: Check if rsyslog exists - shell: systemctl is-active rsyslog - register: rsyslog_config - - when: - - rsyslog_config is changed - - rsyslog_config.rc == 0 - block: - - name: Forward logging to haproxy.log file - blockinfile: - content: | - if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log - & stop - create: yes - path: /etc/rsyslog.d/openstack-haproxy.conf - vars: - facility: {get_param: HAProxySyslogFacility} - register: logconfig - - name: restart rsyslog service after logging conf change - service: - name: rsyslog - state: restarted - when: logconfig is changed + - name: haproxy logs readme + copy: + dest: /var/log/haproxy/readme.txt + content: | + Log files from the haproxy containers can be found under + /var/log/containers/haproxy. + ignore_errors: true - name: create persistent directories file: path: "{{ item.path }}" @@ -321,16 +306,34 @@ outputs: - { 'path': /var/log/containers/haproxy, 'setype': var_log_t } - { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t } - { 'path': /var/log/haproxy, 'setype': svirt_sandbox_file_t } - - name: haproxy logs readme - copy: - dest: /var/log/haproxy/readme.txt - content: | - Log files from the haproxy containers can be found under - /var/log/containers/haproxy. - ignore_errors: true metadata_settings: {get_attr: [HAProxyBase, role_data, metadata_settings]} deploy_steps_tasks: + - name: Configure rsyslog for HAproxy container managed by Pacemaker + when: step|int == 1 + block: + - name: Check if rsyslog exists + shell: systemctl is-active rsyslog + register: rsyslog_config + - when: + - rsyslog_config is changed + - rsyslog_config.rc == 0 + block: + - name: Forward logging to haproxy.log file + blockinfile: + content: | + if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log + & stop + create: yes + path: /etc/rsyslog.d/openstack-haproxy.conf + vars: + facility: {get_param: HAProxySyslogFacility} + register: logconfig + - name: restart rsyslog service after logging conf change + service: + name: rsyslog + state: restarted + when: logconfig is changed - name: HAproxy tag container image for pacemaker when: step|int == 1 import_role: diff --git a/deployment/logging/rsyslog-baremetal-ansible.yaml b/deployment/logging/rsyslog-baremetal-ansible.yaml new file mode 100644 index 0000000000..a40b6a3cfb --- /dev/null +++ b/deployment/logging/rsyslog-baremetal-ansible.yaml @@ -0,0 +1,57 @@ +heat_template_version: rocky + +description: > + Install and start rsyslog. + +parameters: + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + +outputs: + role_data: + description: Role data for the TripleO rsyslog service. + value: + service_name: rsyslog_baremetal_ansible + config_settings: {} + deploy_steps_tasks: [] + docker_config: {} + kolla_config: {} + puppet_config: + config_volume: '' + step_config: '' + config_image: '' + host_prep_tasks: + - name: Ensure rsyslog is installed + package: + name: rsyslog + state: installed + - name: Ensure rsyslog is enabled and started + systemd: + state: started + name: rsyslog + enabled: true + diff --git a/deployment/swift/swift-proxy-container-puppet.yaml b/deployment/swift/swift-proxy-container-puppet.yaml index 60e4716dd1..b5ce232d3e 100644 --- a/deployment/swift/swift-proxy-container-puppet.yaml +++ b/deployment/swift/swift-proxy-container-puppet.yaml @@ -465,26 +465,30 @@ outputs: - { 'path': /srv/node, 'setype': svirt_sandbox_file_t } - { 'path': /var/log/swift, 'setype': svirt_sandbox_file_t } - { 'path': /var/log/containers/swift, 'setype': svirt_sandbox_file_t } - - name: Check if rsyslog exists - shell: systemctl list-unit-files --type=service | grep -q rsyslog - register: rsyslog_config - failed_when: rsyslog_config.rc == 2 - - block: - - name: Forward logging to swift.log file - copy: - content: | - # Fix for https://bugs.launchpad.net/tripleo/+bug/1776180 - local2.* /var/log/containers/swift/swift.log - & stop - dest: /etc/rsyslog.d/openstack-swift.conf - register: logconfig - - name: Restart rsyslogd service after logging conf change - service: name=rsyslog state=restarted + deploy_steps_tasks: + - name: Configure rsyslog for swift-proxy + when: step|int == 1 + block: + - name: Check if rsyslog exists + shell: systemctl list-unit-files --type=service | grep -q rsyslog + register: rsyslog_config + failed_when: rsyslog_config.rc == 2 + - block: + - name: Forward logging to swift.log file + copy: + content: | + # Fix for https://bugs.launchpad.net/tripleo/+bug/1776180 + local2.* /var/log/containers/swift/swift.log + & stop + dest: /etc/rsyslog.d/openstack-swift.conf + register: logconfig + - name: Restart rsyslogd service after logging conf change + service: name=rsyslog state=restarted + when: + - logconfig is changed when: - - logconfig is changed - when: - - rsyslog_config is changed - - rsyslog_config.rc == 0 + - rsyslog_config is changed + - rsyslog_config.rc == 0 update_tasks: - name: Check swift containers log folder/symlink exists stat: diff --git a/deployment/swift/swift-storage-container-puppet.yaml b/deployment/swift/swift-storage-container-puppet.yaml index dc5303e5be..c4893f35ca 100644 --- a/deployment/swift/swift-storage-container-puppet.yaml +++ b/deployment/swift/swift-storage-container-puppet.yaml @@ -606,26 +606,6 @@ outputs: Log files from swift containers can be found under /var/log/containers/swift and /var/log/containers/httpd/swift-*. ignore_errors: true - - name: Check if rsyslog exists - shell: systemctl list-unit-files --type=service | grep -q rsyslog - register: rsyslog_config - failed_when: rsyslog_config.rc == 2 - - block: - - name: Forward logging to swift.log file - copy: - content: | - # Fix for https://bugs.launchpad.net/tripleo/+bug/1776180 - local2.* /var/log/containers/swift/swift.log - & stop - dest: /etc/rsyslog.d/openstack-swift.conf - register: logconfig - - name: Restart rsyslogd service after logging conf change - service: name=rsyslog state=restarted - when: - - logconfig is changed - when: - - rsyslog_config is changed - - rsyslog_config.rc == 0 - name: Set fact for SwiftRawDisks set_fact: swift_raw_disks: {get_param: SwiftRawDisks} @@ -645,6 +625,30 @@ outputs: state: mounted with_items: "{{ swift_raw_disks }}" when: swift_raw_disks + deploy_steps_tasks: + - name: Configure rsyslog for swift-storage + when: step|int == 1 + block: + - name: Check if rsyslog exists + shell: systemctl list-unit-files --type=service | grep -q rsyslog + register: rsyslog_config + failed_when: rsyslog_config.rc == 2 + - block: + - name: Forward logging to swift.log file + copy: + content: | + # Fix for https://bugs.launchpad.net/tripleo/+bug/1776180 + local2.* /var/log/containers/swift/swift.log + & stop + dest: /etc/rsyslog.d/openstack-swift.conf + register: logconfig + - name: Restart rsyslogd service after logging conf change + service: name=rsyslog state=restarted + when: + - logconfig is changed + when: + - rsyslog_config is changed + - rsyslog_config.rc == 0 update_tasks: - name: Ensure rsyncd pid file is absent file: diff --git a/environments/standalone/standalone-tripleo.yaml b/environments/standalone/standalone-tripleo.yaml index cd1bdac51c..75aef09462 100644 --- a/environments/standalone/standalone-tripleo.yaml +++ b/environments/standalone/standalone-tripleo.yaml @@ -115,6 +115,7 @@ resource_registry: OS::TripleO::Services::PankoApi: OS::Heat::None OS::TripleO::Services::Podman: ../../deployment/podman/podman-baremetal-ansible.yaml OS::TripleO::Services::Redis: OS::Heat::None + OS::TripleO::Services::Rsyslog: ../../deployment/logging/rsyslog-baremetal-ansible.yaml OS::TripleO::Services::SELinux: ../../deployment/selinux/selinux-baremetal-puppet.yaml OS::TripleO::Services::SaharaApi: OS::Heat::None OS::TripleO::Services::SaharaEngine: OS::Heat::None diff --git a/environments/undercloud.yaml b/environments/undercloud.yaml index c13aa2fe71..6d42ff4fef 100644 --- a/environments/undercloud.yaml +++ b/environments/undercloud.yaml @@ -58,6 +58,9 @@ resource_registry: # This line will drop in Stein when it becomes the default. OS::TripleO::Services::Podman: ../deployment/podman/podman-baremetal-ansible.yaml + # https://bugs.launchpad.net/tripleo/+bug/1850562 + OS::TripleO::Services::Rsyslog: ../deployment/logging/rsyslog-baremetal-ansible.yaml + # Undercloud HA services OS::TripleO::Services::HAproxy: OS::Heat::None OS::TripleO::Services::Keepalived: OS::Heat::None diff --git a/releasenotes/notes/rsyslog-5dc93db5eb8fc953.yaml b/releasenotes/notes/rsyslog-5dc93db5eb8fc953.yaml new file mode 100644 index 0000000000..52d5a7b9ed --- /dev/null +++ b/releasenotes/notes/rsyslog-5dc93db5eb8fc953.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + On undercloud and standalone, install rsyslog on the host by default. + See https://bugs.launchpad.net/tripleo/+bug/1850562 diff --git a/roles/Undercloud.yaml b/roles/Undercloud.yaml index cc2498aaac..560c5660d4 100644 --- a/roles/Undercloud.yaml +++ b/roles/Undercloud.yaml @@ -81,6 +81,7 @@ - OS::TripleO::Services::Podman - OS::TripleO::Services::Redis - OS::TripleO::Services::Rhsm + - OS::TripleO::Services::Rsyslog - OS::TripleO::Services::SELinux - OS::TripleO::Services::Sshd - OS::TripleO::Services::SwiftProxy diff --git a/roles_data_undercloud.yaml b/roles_data_undercloud.yaml index 52e3895e42..5fce147faf 100644 --- a/roles_data_undercloud.yaml +++ b/roles_data_undercloud.yaml @@ -84,6 +84,7 @@ - OS::TripleO::Services::Podman - OS::TripleO::Services::Redis - OS::TripleO::Services::Rhsm + - OS::TripleO::Services::Rsyslog - OS::TripleO::Services::SELinux - OS::TripleO::Services::Sshd - OS::TripleO::Services::SwiftProxy diff --git a/sample-env-generator/standalone.yaml b/sample-env-generator/standalone.yaml index f7cfe90f0e..36841ad636 100644 --- a/sample-env-generator/standalone.yaml +++ b/sample-env-generator/standalone.yaml @@ -141,6 +141,8 @@ environments: OS::TripleO::Services::PankoApi: OS::Heat::None # Redis OS::TripleO::Services::Redis: OS::Heat::None + # Rsyslog + OS::TripleO::Services::Rsyslog: ../../deployment/logging/rsyslog-baremetal-ansible.yaml # Sahara OS::TripleO::Services::SaharaApi: OS::Heat::None OS::TripleO::Services::SaharaEngine: OS::Heat::None