Use OS::TripleO::Services::Logging::NovaLibvirt to configure libvirt logging

Use OS::TripleO::Services::Logging::NovaLibvirt resource to configure
logging in libvirt, so that we can gather logging configuration
into deployments/logging.

Change-Id: I6db952002b6d5f3d2efa65498db520526614d96b

deployment/logging/files/nova-libvirt.yaml

@@ -0,0 +1,48 @@
+heat_template_version: rocky
+
+description: >
+  OpenStack containerized Nova libvirt service
+
+parameters:
+  LibvirtLogLevel:
+    default: 3
+    description: Defines log level in libvirt to filter log output.
+                 See https://libvirt.org/logging.html to find its detail.
+    type: number
+    constraints:
+      - range: { min: 1, max: 4 }
+
+outputs:
+  config_settings:
+    description: Extra hieradata needed to log to files in the host.
+    value:
+      nova::compute::libvirt::log_outputs:
+        str_replace:
+          template:
+            'LEVEL:file:/var/log/libvirt/libvirtd.log'
+          params:
+            LEVEL: {get_param: LibvirtLogLevel}
+  volumes:
+    description: The volumes needed to log to files in the host.
+    value:
+      - /var/log/containers/libvirt:/var/log/libvirt:z
+  docker_config:
+    description: Extra containers needed for logging to file in the host.
+    value: null
+  host_prep_tasks:
+    description: Extra ansible tasks needed for logging to files in the host.
+    value:
+      - name: create persistent directories
+        file:
+          path: "{{ item.path }}"
+          setype: "{{ item.setype }}"
+          state: directory
+        with_items:
+          - { 'path': /var/log/containers/libvirt, 'setype': svirt_sandbox_file_t }
+      - name: libvirt logs readme
+        copy:
+          dest: /var/log/libvirt/readme.txt
+          content: |
+            Log files from libvirt containers can be found under
+            /var/log/containers/libvirt.
+        ignore_errors: true

deployment/logging/stdout/nova-libvirt.yaml

@@ -3,11 +3,25 @@ heat_template_version: rocky
 description: >
   OpenStack containerized Nova libvirt service
 
+parameters:
+  LibvirtLogLevel:
+    default: 3
+    description: Defines log level in libvirt to filter log output.
+                 See https://libvirt.org/logging.html to find its detail.
+    type: number
+    constraints:
+      - range: { min: 1, max: 4 }
+
 outputs:
   config_settings:
     description: Extra hieradata needed to log to stdout.
     value:
-      nova::compute::libvirt::log_outputs: '3:stderr'
+      nova::compute::libvirt::log_outputs:
+        str_replace:
+          template:
+            'LEVEL:stderr'
+          params:
+            LEVEL: {get_param: LibvirtLogLevel}
   docker_config:
     description: Extra containers needed for logging to stdout or a sidecar container.
     value: null
@@ -15,5 +29,5 @@ outputs:
     description: The volumes needed to log to stdout or a sidecar container.
     value: null
   host_prep_tasks:
-    description: Extra ansible tasks needed for logging to files in the host.
+    description: Extra ansible tasks needed for logging to stdout or a sidecar container.
     value: null

deployment/nova/nova-libvirt-container-puppet.yaml

@@ -212,11 +212,6 @@ parameters:
     type: boolean
     tags:
       - role_specific
-  LibvirtLogOutputs:
-    description: Defines how log outputs are sent, as described in
-                 https://libvirt.org/logging.html .
-    type: string
-    default: '3:file:/var/log/libvirt/libvirtd.log'
   LibvirtLogFilters:
     description: Defines a filter to select a different logging level
                  for a given category log outputs, as specified in
@@ -398,7 +393,6 @@ outputs:
                    "%{hiera('$NETWORK')}"
                  params:
                    $NETWORK: {get_param: [ServiceNetMap, NovaLibvirtNetwork]}
-            nova::compute::libvirt::log_outputs: {get_param: LibvirtLogOutputs}
             nova::compute::libvirt::log_filters: {get_param: LibvirtLogFilters}
             rbd_persistent_storage: {get_param: CinderEnableRbdBackend}
             tripleo::nova_libvirt::firewall_rules:
@@ -690,6 +684,7 @@ outputs:
             volumes:
               list_concat:
                 - {get_attr: [ContainersCommon, volumes]}
+                - {get_attr: [NovaLibvirtLogging, volumes]}
                 -
                   - /var/lib/kolla/config_files/nova_libvirt.json:/var/lib/kolla/config_files/config.json:ro
                   - /var/lib/config-data/puppet-generated/nova_libvirt/:/var/lib/kolla/config_files/src:ro
@@ -701,7 +696,6 @@ outputs:
                   - /etc/libvirt:/etc/libvirt
                   - /var/run/libvirt:/var/run/libvirt:shared,z
                   - /var/lib/libvirt:/var/lib/libvirt:shared,z
-                  - /var/log/containers/libvirt:/var/log/libvirt:z
                   - /var/log/libvirt/qemu:/var/log/libvirt/qemu:ro
                   - /var/lib/vhost_sockets:/var/lib/vhost_sockets:z
                 # podman fails to relable if nova_nfs_enabled where we have
@@ -823,72 +817,73 @@ outputs:
                 msg: nova-libvirt isn't working (healtcheck failed)
               when: nova_libvirt_healthcheck_state.status.ExecMainStatus != '0'
       host_prep_tasks:
-        - name: create libvirt persistent data directories
+        list_concat:
-          file:
+          - {get_attr: [NovaLibvirtLogging, host_prep_tasks]}
-            path: "{{ item.path }}"
+          - - name: create libvirt persistent data directories
-            state: directory
+              file:
-            setype: "{{ item.setype }}"
+                path: "{{ item.path }}"
-          with_items:
+                state: directory
-            - { 'path': /etc/libvirt, 'setype': svirt_sandbox_file_t }
+                setype: "{{ item.setype }}"
-            - { 'path': /etc/libvirt/secrets, 'setype': svirt_sandbox_file_t }
+              with_items:
-            - { 'path': /etc/libvirt/qemu, 'setype': svirt_sandbox_file_t }
+                - { 'path': /etc/libvirt, 'setype': svirt_sandbox_file_t }
-            - { 'path': /var/lib/libvirt, 'setype': svirt_sandbox_file_t }
+                - { 'path': /etc/libvirt/secrets, 'setype': svirt_sandbox_file_t }
-            - { 'path': /var/lib/nova, 'setype': svirt_sandbox_file_t }
+                - { 'path': /etc/libvirt/qemu, 'setype': svirt_sandbox_file_t }
-            - { 'path': /var/log/containers/libvirt, 'setype': svirt_sandbox_file_t }
+                - { 'path': /var/lib/libvirt, 'setype': svirt_sandbox_file_t }
-            - { 'path': /var/run/libvirt, 'setype': virt_var_run_t }
+                - { 'path': /var/lib/nova, 'setype': svirt_sandbox_file_t }
-            - { 'path': /var/log/libvirt, 'setype': svirt_sandbox_file_t }
+                - { 'path': /var/run/libvirt, 'setype': virt_var_run_t }
-            - { 'path': /var/log/libvirt/qemu, 'setype': svirt_sandbox_file_t }
+                - { 'path': /var/log/libvirt, 'setype': svirt_sandbox_file_t }
-        # qemu user on host will be cretaed by libvirt package install, ensure
+                - { 'path': /var/log/libvirt/qemu, 'setype': svirt_sandbox_file_t }
-        # the qemu user created with same uid/gid as like libvirt package.
+            # qemu user on host will be cretaed by libvirt package install, ensure
-        # These specific values are required since ovs is running on host.
+            # the qemu user created with same uid/gid as like libvirt package.
-        # Once ovs with DPDK is containerized, we could modify this uid/gid
+            # These specific values are required since ovs is running on host.
-        # to match with kolla config values.
+            # Once ovs with DPDK is containerized, we could modify this uid/gid
-        - name: ensure qemu group is present on the host
+            # to match with kolla config values.
-          group:
+            - name: ensure qemu group is present on the host
-            name: qemu
+              group:
-            gid: 107
+                name: qemu
-            state: present
+                gid: 107
-        - name: ensure qemu user is present on the host
+                state: present
-          user:
+            - name: ensure qemu user is present on the host
-            name: qemu
+              user:
-            uid: 107
+                name: qemu
-            group: qemu
+                uid: 107
-            state: present
+                group: qemu
-            shell: /sbin/nologin
+                state: present
-            comment: qemu user
+                shell: /sbin/nologin
-        - name: create directory for vhost-user sockets with qemu ownership
+                comment: qemu user
-          file:
+            - name: create directory for vhost-user sockets with qemu ownership
-            path: /var/lib/vhost_sockets
+              file:
-            state: directory
+                path: /var/lib/vhost_sockets
-            owner: qemu
+                state: directory
-            group: {get_attr: [RoleParametersValue, value, vhostuser_socket_group]}
+                owner: qemu
-            setype: virt_cache_t
+                group: {get_attr: [RoleParametersValue, value, vhostuser_socket_group]}
-            seuser: system_u
+                setype: virt_cache_t
-        - name: ensure ceph configurations exist
+                seuser: system_u
-          file:
+            - name: ensure ceph configurations exist
-            path: /etc/ceph
+              file:
-            state: directory
+                path: /etc/ceph
-        - name: check if libvirt is installed
+                state: directory
-          command: /usr/bin/rpm -q libvirt-daemon
+            - name: check if libvirt is installed
-          failed_when: false
+              command: /usr/bin/rpm -q libvirt-daemon
-          register: libvirt_installed
+              failed_when: false
-          check_mode: no
+              register: libvirt_installed
-        - name: make sure libvirt services are disabled and masked
+              check_mode: no
-          service:
+            - name: make sure libvirt services are disabled and masked
-            name: "{{ item }}"
+              service:
-            state: stopped
+                name: "{{ item }}"
-            enabled: no
+                state: stopped
-            masked: yes
+                enabled: no
-            daemon_reload: yes
+                masked: yes
-          with_items:
+                daemon_reload: yes
-            - libvirtd.service
+              with_items:
-            - virtlogd.socket
+                - libvirtd.service
-          when: libvirt_installed.rc == 0
+                - virtlogd.socket
-        - name: ensure /var/run/libvirt is present upon reboot
+              when: libvirt_installed.rc == 0
-          copy:
+            - name: ensure /var/run/libvirt is present upon reboot
-            dest: /etc/tmpfiles.d/var-run-libvirt.conf
+              copy:
-            content: |
+                dest: /etc/tmpfiles.d/var-run-libvirt.conf
-              d /var/run/libvirt 0755 root root - -
+                content: |
+                  d /var/run/libvirt 0755 root root - -
       metadata_settings:
         list_concat:
           - if:

overcloud-resource-registry-puppet.j2.yaml

@@ -348,7 +348,7 @@ resource_registry:
   OS::TripleO::Services::Logging::NovaApi: deployment/logging/files/nova-api.yaml
   OS::TripleO::Services::Logging::NovaMetadata: deployment/logging/files/nova-metadata.yaml
   OS::TripleO::Services::Logging::NovaCommon: deployment/logging/files/nova-common.yaml
-  OS::TripleO::Services::Logging::NovaLibvirt: OS::Heat::None
+  OS::TripleO::Services::Logging::NovaLibvirt: deployment/logging/files/nova-libvirt.yaml
   OS::TripleO::Services::Logging::OpenDaylightApi: deployment/deprecated/opendaylight/opendaylight-api-container-puppet.yaml
   OS::TripleO::Services::Logging::PlacementApi: deployment/logging/files/placement-api.yaml
 

releasenotes/notes/nova_libvirtd_log_level-b1393b582360ad4f.yaml

@@ -0,0 +1,10 @@
+---
+features:
+  - |
+    LibvirtLogLevel is added to configure libvirt log level. This option
+    also works if environments/stdout-logging.yaml used to enable stdout
+    logging
+deprecations:
+  - |
+    LibvirtLogOutputs option was removed and now has no effect. Use
+    LivirtLogLevel to change log level in libvirt.