diff --git a/docker/services/aodh-api.yaml b/docker/services/aodh-api.yaml index 85fadac76c..b3f2f12fa2 100644 --- a/docker/services/aodh-api.yaml +++ b/docker/services/aodh-api.yaml @@ -155,13 +155,15 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/aodh - - /var/log/containers/httpd/aodh-api + - { 'path': /var/log/containers/aodh, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/aodh-api, setype: svirt_sandbox_file_t } + - { 'path': /var/log/aodh, setype: svirt_sandbox_file_t } - name: aodh logs readme copy: dest: /var/log/aodh/readme.txt diff --git a/docker/services/aodh-evaluator.yaml b/docker/services/aodh-evaluator.yaml index a680bc2d4f..d915f263dc 100644 --- a/docker/services/aodh-evaluator.yaml +++ b/docker/services/aodh-evaluator.yaml @@ -111,10 +111,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/aodh + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/aodh, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/aodh, 'setype': svirt_sandbox_file_t } - name: aodh logs readme copy: dest: /var/log/aodh/readme.txt diff --git a/docker/services/aodh-listener.yaml b/docker/services/aodh-listener.yaml index 62ec06b5f8..61f086fa98 100644 --- a/docker/services/aodh-listener.yaml +++ b/docker/services/aodh-listener.yaml @@ -118,10 +118,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/aodh + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/aodh, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/aodh, 'setype': svirt_sandbox_file_t } - name: aodh logs readme copy: dest: /var/log/aodh/readme.txt diff --git a/docker/services/aodh-notifier.yaml b/docker/services/aodh-notifier.yaml index e0ab74d61f..54357fe4c6 100644 --- a/docker/services/aodh-notifier.yaml +++ b/docker/services/aodh-notifier.yaml @@ -118,10 +118,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/aodh + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/aodh, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/aodh, 'setype': svirt_sandbox_file_t } - name: aodh logs readme copy: dest: /var/log/aodh/readme.txt diff --git a/docker/services/ceilometer-agent-central.yaml b/docker/services/ceilometer-agent-central.yaml index f5ffa8575f..94f14d3ada 100644 --- a/docker/services/ceilometer-agent-central.yaml +++ b/docker/services/ceilometer-agent-central.yaml @@ -139,10 +139,14 @@ outputs: - 'ceilometer_agent_central' - "su ceilometer -s /bin/bash -c 'for n in {1..10}; do /usr/bin/ceilometer-upgrade && exit 0 || sleep 30; done; exit 1'" host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/ceilometer + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/ceilometer, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/ceilometer, 'setype': svirt_sandbox_file_t } - name: ceilometer logs readme copy: dest: /var/log/ceilometer/readme.txt diff --git a/docker/services/ceilometer-agent-compute.yaml b/docker/services/ceilometer-agent-compute.yaml index 1b4b31f302..a0a90515fb 100644 --- a/docker/services/ceilometer-agent-compute.yaml +++ b/docker/services/ceilometer-agent-compute.yaml @@ -107,10 +107,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/ceilometer + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/ceilometer, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ceilometer, 'setype': svirt_sandbox_file_t } - name: ceilometer logs readme copy: dest: /var/log/ceilometer/readme.txt diff --git a/docker/services/ceilometer-agent-ipmi.yaml b/docker/services/ceilometer-agent-ipmi.yaml index 546d0f0b9e..a03e7b895f 100644 --- a/docker/services/ceilometer-agent-ipmi.yaml +++ b/docker/services/ceilometer-agent-ipmi.yaml @@ -118,10 +118,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/ceilometer + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/ceilometer, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ceilometer, 'setype': svirt_sandbox_file_t } - name: ceilometer logs readme copy: dest: /var/log/ceilometer/readme.txt diff --git a/docker/services/ceilometer-agent-notification.yaml b/docker/services/ceilometer-agent-notification.yaml index 837582326b..c3ddd000ef 100644 --- a/docker/services/ceilometer-agent-notification.yaml +++ b/docker/services/ceilometer-agent-notification.yaml @@ -135,10 +135,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/ceilometer + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/ceilometer, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ceilometer, 'setype': svirt_sandbox_file_t } - name: ceilometer logs readme copy: dest: /var/log/ceilometer/readme.txt diff --git a/docker/services/cinder-api.yaml b/docker/services/cinder-api.yaml index dc6f6c43d1..0fbea354df 100644 --- a/docker/services/cinder-api.yaml +++ b/docker/services/cinder-api.yaml @@ -211,13 +211,15 @@ outputs: metadata_settings: get_attr: [CinderBase, role_data, metadata_settings] host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/cinder - - /var/log/containers/httpd/cinder-api + - { 'path': /var/log/containers/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/cinder-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/cinder, 'setype': svirt_sandbox_file_t } - name: cinder logs readme copy: dest: /var/log/cinder/readme.txt diff --git a/docker/services/cinder-backup.yaml b/docker/services/cinder-backup.yaml index d9c24b8552..fc8ad7ffc6 100644 --- a/docker/services/cinder-backup.yaml +++ b/docker/services/cinder-backup.yaml @@ -166,11 +166,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/lib/cinder - - /var/log/containers/cinder + - { 'path': /var/lib/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/cinder, 'setype': svirt_sandbox_file_t } - name: cinder logs readme copy: dest: /var/log/cinder/readme.txt diff --git a/docker/services/cinder-common.yaml b/docker/services/cinder-common.yaml index 9b14127aba..49c4969279 100644 --- a/docker/services/cinder-common.yaml +++ b/docker/services/cinder-common.yaml @@ -60,11 +60,13 @@ outputs: value: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/cinder - - /var/lib/cinder + - { 'path': /var/log/containers/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/cinder, 'setype': svirt_sandbox_file_t } - name: cinder logs readme copy: dest: /var/log/cinder/readme.txt diff --git a/docker/services/cinder-scheduler.yaml b/docker/services/cinder-scheduler.yaml index a4a2ef3742..a9641791f0 100644 --- a/docker/services/cinder-scheduler.yaml +++ b/docker/services/cinder-scheduler.yaml @@ -138,10 +138,12 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/cinder + - { 'path': /var/log/containers/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/cinder, 'setype': svirt_sandbox_file_t } - name: cinder logs readme copy: dest: /var/log/cinder/readme.txt diff --git a/docker/services/congress.yaml b/docker/services/congress.yaml index 7cfb01d7a9..cf3751b566 100644 --- a/docker/services/congress.yaml +++ b/docker/services/congress.yaml @@ -136,10 +136,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/congress + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/congress, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/congress, 'setype': svirt_sandbox_file_t } - name: congress logs readme copy: dest: /var/log/congress/readme.txt diff --git a/docker/services/database/mongodb.yaml b/docker/services/database/mongodb.yaml index 89c804c729..ed955e0647 100644 --- a/docker/services/database/mongodb.yaml +++ b/docker/services/database/mongodb.yaml @@ -150,11 +150,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/mongodb - - /var/lib/mongodb + - { 'path': /var/log/mongodb, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/mongodb, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/mongodb, 'setype': svirt_sandbox_file_t } - name: mongodb logs readme copy: dest: /var/log/mongodb/readme.txt diff --git a/docker/services/database/mysql.yaml b/docker/services/database/mysql.yaml index 325c717a06..7d950f9bf0 100644 --- a/docker/services/database/mysql.yaml +++ b/docker/services/database/mysql.yaml @@ -233,11 +233,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/mysql - - /var/lib/mysql + - {'path': /var/log/containers/mysql, 'setype': 'svirt_sandbox_file_t'} + - {'path': /var/lib/mysql, 'setype': 'svirt_sandbox_file_t'} + - {'path': /var/log/mariadb, 'setype': 'svirt_sandbox_file_t'} - name: mysql logs readme copy: dest: /var/log/mariadb/readme.txt diff --git a/docker/services/database/redis.yaml b/docker/services/database/redis.yaml index 3b2fbefe73..69b53e3561 100644 --- a/docker/services/database/redis.yaml +++ b/docker/services/database/redis.yaml @@ -157,9 +157,11 @@ outputs: file: path: "{{ item }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/redis - - /var/run/redis + - { 'path': /var/log/containers/redis, 'setype': svirt_sandbox_file_t } + - { 'path': /var/run/redis, 'setype': container_var_run_t } + - { 'path': /var/log/redis, 'setype': svirt_sandbox_file_t } - name: redis logs readme copy: dest: /var/log/redis/readme.txt diff --git a/docker/services/designate-api.yaml b/docker/services/designate-api.yaml index e576bfd591..df4ee7a3c7 100644 --- a/docker/services/designate-api.yaml +++ b/docker/services/designate-api.yaml @@ -141,10 +141,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/designate + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/designate, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/designate, 'setype': svirt_sandbox_file_t } - name: designate logs readme copy: dest: /var/log/designate/readme.txt diff --git a/docker/services/designate-central.yaml b/docker/services/designate-central.yaml index e7d99f2908..562f8d1b47 100644 --- a/docker/services/designate-central.yaml +++ b/docker/services/designate-central.yaml @@ -159,10 +159,14 @@ outputs: - /var/log/containers/designate:/var/log/designate command: "/usr/bin/bootstrap_host_exec designate_central su designate -s /bin/bash -c '/bin/designate-manage pool update'" host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/designate + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/designate, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/designate, 'setype': svirt_sandbox_file_t } - name: designate logs readme copy: dest: /var/log/designate/readme.txt diff --git a/docker/services/designate-mdns.yaml b/docker/services/designate-mdns.yaml index 94b3782009..b5bc0d4490 100644 --- a/docker/services/designate-mdns.yaml +++ b/docker/services/designate-mdns.yaml @@ -121,10 +121,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/designate + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/designate, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/designate, 'setype': svirt_sandbox_file_t } - name: designate logs readme copy: dest: /var/log/designate/readme.txt diff --git a/docker/services/designate-producer.yaml b/docker/services/designate-producer.yaml index 3913311dee..68bd4f2cdd 100644 --- a/docker/services/designate-producer.yaml +++ b/docker/services/designate-producer.yaml @@ -122,10 +122,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/designate + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/designate, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/designate, 'setype': svirt_sandbox_file_t } - name: designate logs readme copy: dest: /var/log/designate/readme.txt diff --git a/docker/services/designate-sink.yaml b/docker/services/designate-sink.yaml index 2eab4ea479..568dd65611 100644 --- a/docker/services/designate-sink.yaml +++ b/docker/services/designate-sink.yaml @@ -122,10 +122,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/designate + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/designate, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/designate, 'setype': svirt_sandbox_file_t } - name: designate logs readme copy: dest: /var/log/designate/readme.txt diff --git a/docker/services/designate-worker.yaml b/docker/services/designate-worker.yaml index 1aa4b1e174..2f0864f603 100644 --- a/docker/services/designate-worker.yaml +++ b/docker/services/designate-worker.yaml @@ -163,10 +163,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/designate + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/designate, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/designate, 'setype': svirt_sandbox_file_t } - name: designate logs readme copy: dest: /var/log/designate/readme.txt diff --git a/docker/services/ec2-api.yaml b/docker/services/ec2-api.yaml index 797aef3903..e4fe8e30bc 100644 --- a/docker/services/ec2-api.yaml +++ b/docker/services/ec2-api.yaml @@ -199,13 +199,16 @@ outputs: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS - {} host_prep_tasks: - - name: create persistent log directories + - name: create persistent directories file: - path: /var/log/containers/{{ item }} + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - ec2_api - - ec2_api_metadata + - { 'path': /var/log/containers/ec2_api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/ec2_api_metadata, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ec2_api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ec2_api_metadata, 'setype': svirt_sandbox_file_t } - name: ec2_api logs readme copy: dest: /var/log/{{ item }}/readme.txt diff --git a/docker/services/fluentd.yaml b/docker/services/fluentd.yaml index 32d488cdb4..c784320174 100644 --- a/docker/services/fluentd.yaml +++ b/docker/services/fluentd.yaml @@ -105,10 +105,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory for fluentd + - name: create persistent directories file: - path: /var/log/containers/fluentd + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/fluentd, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/fluentd, 'setype': svirt_sandbox_file_t } - name: fluentd logs readme copy: dest: /var/log/fluentd/readme.txt diff --git a/docker/services/gnocchi-api.yaml b/docker/services/gnocchi-api.yaml index d729a43601..b2330be935 100644 --- a/docker/services/gnocchi-api.yaml +++ b/docker/services/gnocchi-api.yaml @@ -230,11 +230,13 @@ outputs: host_prep_tasks: - name: create persistent logs directory file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/gnocchi - - /var/log/containers/httpd/gnocchi-api + - { 'path': /var/log/containers/gnocchi, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/gnocchi-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/gnocchi, 'setype': svirt_sandbox_file_t } - name: gnocchi logs readme copy: dest: /var/log/gnocchi/readme.txt diff --git a/docker/services/gnocchi-metricd.yaml b/docker/services/gnocchi-metricd.yaml index ef4ed4440b..02711d1a24 100644 --- a/docker/services/gnocchi-metricd.yaml +++ b/docker/services/gnocchi-metricd.yaml @@ -139,10 +139,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/gnocchi + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/gnocchi, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/gnocchi, 'setype': svirt_sandbox_file_t } - name: gnocchi logs readme copy: dest: /var/log/gnocchi/readme.txt diff --git a/docker/services/gnocchi-statsd.yaml b/docker/services/gnocchi-statsd.yaml index 1c7f341da3..389e40e461 100644 --- a/docker/services/gnocchi-statsd.yaml +++ b/docker/services/gnocchi-statsd.yaml @@ -139,10 +139,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/gnocchi + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/gnocchi, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/gnocchi, 'setype': svirt_sandbox_file_t } - name: gnocchi logs readme copy: dest: /var/log/gnocchi/readme.txt diff --git a/docker/services/haproxy.yaml b/docker/services/haproxy.yaml index 92c5d426b8..b95e1bdd3a 100644 --- a/docker/services/haproxy.yaml +++ b/docker/services/haproxy.yaml @@ -295,11 +295,13 @@ outputs: - {get_attr: [HAProxyBase, role_data, host_prep_tasks]} - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/haproxy - - /var/lib/haproxy + - { 'path': /var/log/containers/haproxy, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/haproxy, 'setype': svirt_sandbox_file_t } - name: haproxy logs readme copy: dest: /var/log/haproxy/readme.txt diff --git a/docker/services/horizon.yaml b/docker/services/horizon.yaml index ae7e5ca565..a6183ba0e7 100644 --- a/docker/services/horizon.yaml +++ b/docker/services/horizon.yaml @@ -172,13 +172,15 @@ outputs: - ENABLE_ZAQAR=no - ENABLE_ZUN=no host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/horizon - - /var/log/containers/httpd/horizon + - { 'path': /var/log/containers/horizon, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/horizon, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/horizon, 'setype': svirt_sandbox_file_t } - name: horizon logs readme copy: dest: /var/log/horizon/readme.txt diff --git a/docker/services/ironic-api.yaml b/docker/services/ironic-api.yaml index c9ef9916fc..4b7214d7b0 100644 --- a/docker/services/ironic-api.yaml +++ b/docker/services/ironic-api.yaml @@ -140,13 +140,15 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/ironic - - /var/log/containers/httpd/ironic-api + - { 'path': /var/log/containers/ironic, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/ironic-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ironic, 'setype': svirt_sandbox_file_t } - name: ironic logs readme copy: dest: /var/log/ironic/readme.txt diff --git a/docker/services/ironic-conductor.yaml b/docker/services/ironic-conductor.yaml index 063204dc56..a4d43e63b2 100644 --- a/docker/services/ironic-conductor.yaml +++ b/docker/services/ironic-conductor.yaml @@ -198,11 +198,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/ironic - - /var/lib/ironic + - { 'path': /var/log/containers/ironic, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/ironic, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ironic, 'setype': svirt_sandbox_file_t } - name: ironic logs readme copy: dest: /var/log/ironic/readme.txt diff --git a/docker/services/ironic-inspector.yaml b/docker/services/ironic-inspector.yaml index be374d1e01..369821cb49 100644 --- a/docker/services/ironic-inspector.yaml +++ b/docker/services/ironic-inspector.yaml @@ -220,10 +220,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent ironic-inspector logs directory + - name: create persistent directories file: - path: /var/log/containers/ironic-inspector + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/ironic-inspector, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ironic-inspector, 'setype': svirt_sandbox_file_t } - name: ironic-inspector logs readme copy: dest: /var/log/ironic-inspector/readme.txt diff --git a/docker/services/ironic-pxe.yaml b/docker/services/ironic-pxe.yaml index 7f84d5e045..c0acc0c0fc 100644 --- a/docker/services/ironic-pxe.yaml +++ b/docker/services/ironic-pxe.yaml @@ -158,12 +158,14 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/lib/ironic - - /var/log/containers/ironic - - /var/log/containers/httpd/ironic-pxe + - { 'path': /var/lib/ironic, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/ironic, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/ironic-pxe, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/ironic, 'setype': svirt_sandbox_file_t } - name: ironic logs readme copy: dest: /var/log/ironic/readme.txt diff --git a/docker/services/keepalived.yaml b/docker/services/keepalived.yaml index 4314d0d5dc..0ff278f436 100644 --- a/docker/services/keepalived.yaml +++ b/docker/services/keepalived.yaml @@ -108,11 +108,15 @@ outputs: host_prep_tasks: - name: create persistent logs directory file: - path: /var/log/containers/keepalived + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/keepalived, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/keepalived, 'setype': svirt_sandbox_file_t } - name: keepalived logs readme copy: - dest: /var/log/keepalived-readme.txt + dest: /var/log/keepalived/readme.txt content: | Log files from keepalived containers can be found under /var/log/containers/keepalived. diff --git a/docker/services/logging/files/barbican-api.yaml b/docker/services/logging/files/barbican-api.yaml index 5bbb326ab4..7b81a03034 100644 --- a/docker/services/logging/files/barbican-api.yaml +++ b/docker/services/logging/files/barbican-api.yaml @@ -32,13 +32,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/barbican - - /var/log/containers/httpd/barbican-api + - { 'path': /var/log/containers/barbican, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/barbican-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/barbican, 'setype': svirt_sandbox_file_t } - name: barbican logs readme copy: dest: /var/log/barbican/readme.txt diff --git a/docker/services/logging/files/glance-api.yaml b/docker/services/logging/files/glance-api.yaml index cacb732373..67e1fe6756 100644 --- a/docker/services/logging/files/glance-api.yaml +++ b/docker/services/logging/files/glance-api.yaml @@ -32,10 +32,12 @@ outputs: value: - name: create persistent logs directory file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/glance + - { 'path': /var/log/containers/glance, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/glance, 'setype': svirt_sandbox_file_t } - name: glance logs readme copy: dest: /var/log/glance/readme.txt diff --git a/docker/services/logging/files/heat-api-cfn.yaml b/docker/services/logging/files/heat-api-cfn.yaml index b69c7f157a..fa9f4b3abf 100644 --- a/docker/services/logging/files/heat-api-cfn.yaml +++ b/docker/services/logging/files/heat-api-cfn.yaml @@ -19,13 +19,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/heat - - /var/log/containers/httpd/heat-api-cfn + - { 'path': /var/log/containers/heat, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/heat-api-cfn, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/heat, 'setype': svirt_sandbox_file_t } - name: heat logs readme copy: dest: /var/log/heat/readme.txt diff --git a/docker/services/logging/files/heat-api.yaml b/docker/services/logging/files/heat-api.yaml index 13e7763f3f..525ed7c816 100644 --- a/docker/services/logging/files/heat-api.yaml +++ b/docker/services/logging/files/heat-api.yaml @@ -19,13 +19,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/heat - - /var/log/containers/httpd/heat-api + - { 'path': /var/log/containers/heat, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/heat-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/heat, 'setype': svirt_sandbox_file_t } - name: heat logs readme copy: dest: /var/log/heat/readme.txt diff --git a/docker/services/logging/files/heat-engine.yaml b/docker/services/logging/files/heat-engine.yaml index 9d9ef45290..0705519ae5 100644 --- a/docker/services/logging/files/heat-engine.yaml +++ b/docker/services/logging/files/heat-engine.yaml @@ -33,10 +33,14 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/heat + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/heat, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/heat, 'setype': svirt_sandbox_file_t } - name: heat logs readme copy: dest: /var/log/heat/readme.txt diff --git a/docker/services/logging/files/keystone.yaml b/docker/services/logging/files/keystone.yaml index 32065e7518..71af2c8c8b 100644 --- a/docker/services/logging/files/keystone.yaml +++ b/docker/services/logging/files/keystone.yaml @@ -33,13 +33,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/keystone - - /var/log/containers/httpd/keystone + - { 'path': /var/log/containers/keystone, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/keystone, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/keystone, 'setype': svirt_sandbox_file_t } - name: keystone logs readme copy: dest: /var/log/keystone/readme.txt diff --git a/docker/services/logging/files/neutron-api.yaml b/docker/services/logging/files/neutron-api.yaml index b727460b11..3821942d79 100644 --- a/docker/services/logging/files/neutron-api.yaml +++ b/docker/services/logging/files/neutron-api.yaml @@ -41,13 +41,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/neutron - - /var/log/containers/httpd/neutron-api + - { 'path': /var/log/containers/neutron, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/neutron-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/neutron, 'setype': svirt_sandbox_file_t } - name: neutron logs readme copy: dest: /var/log/neutron/readme.txt diff --git a/docker/services/logging/files/neutron-common.yaml b/docker/services/logging/files/neutron-common.yaml index 5d2cd6e278..cac3d22837 100644 --- a/docker/services/logging/files/neutron-common.yaml +++ b/docker/services/logging/files/neutron-common.yaml @@ -30,12 +30,14 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/neutron + - { 'path': /var/log/containers/neutron, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/neutron, 'setype': svirt_sandbox_file_t } - name: neutron logs readme copy: dest: /var/log/neutron/readme.txt diff --git a/docker/services/logging/files/nova-api.yaml b/docker/services/logging/files/nova-api.yaml index 0076da93b7..e365ade6f0 100644 --- a/docker/services/logging/files/nova-api.yaml +++ b/docker/services/logging/files/nova-api.yaml @@ -31,13 +31,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/nova - - /var/log/containers/httpd/nova-api + - { 'path': /var/log/containers/nova, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/nova-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/nova, 'setype': svirt_sandbox_file_t } - name: nova logs readme copy: dest: /var/log/nova/readme.txt diff --git a/docker/services/logging/files/nova-common.yaml b/docker/services/logging/files/nova-common.yaml index ade8157a3e..df212a74a8 100644 --- a/docker/services/logging/files/nova-common.yaml +++ b/docker/services/logging/files/nova-common.yaml @@ -51,10 +51,14 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/nova + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory + with_items: + - { 'path': /var/log/containers/nova, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/nova, 'setype': svirt_sandbox_file_t } - name: nova logs readme copy: dest: /var/log/nova/readme.txt diff --git a/docker/services/logging/files/nova-metadata.yaml b/docker/services/logging/files/nova-metadata.yaml index ee7e2ac1ff..8ab6dc0886 100644 --- a/docker/services/logging/files/nova-metadata.yaml +++ b/docker/services/logging/files/nova-metadata.yaml @@ -30,13 +30,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/nova - - /var/log/containers/httpd/nova-metadata + - { 'path': /var/log/containers/nova, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/nova-metadata, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/nova, 'setype': svirt_sandbox_file_t } - name: nova logs readme copy: dest: /var/log/nova/readme.txt diff --git a/docker/services/logging/files/nova-placement.yaml b/docker/services/logging/files/nova-placement.yaml index 5f9f7f2f11..7ece7c5e73 100644 --- a/docker/services/logging/files/nova-placement.yaml +++ b/docker/services/logging/files/nova-placement.yaml @@ -30,13 +30,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/nova - - /var/log/containers/httpd/nova-placement + - { 'path': /var/log/containers/nova, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/nova-placement, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/nova, 'setype': svirt_sandbox_file_t } - name: nova logs readme copy: dest: /var/log/nova/readme.txt diff --git a/docker/services/logging/files/opendaylight-api.yaml b/docker/services/logging/files/opendaylight-api.yaml index d752802905..4bf8e0be16 100644 --- a/docker/services/logging/files/opendaylight-api.yaml +++ b/docker/services/logging/files/opendaylight-api.yaml @@ -17,16 +17,17 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/opendaylight/karaf/logs - - /var/log/opendaylight + - { 'path': /var/log/containers/opendaylight/karaf/logs, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/opendaylight, 'setype': svirt_sandbox_file_t } - name: opendaylight logs readme copy: dest: /var/log/opendaylight/readme.txt content: | Logs from OpenDaylight container can be found at /var/log/containers/opendaylight/karaf/logs/karaf.log - ignore_errors: true \ No newline at end of file + ignore_errors: true diff --git a/docker/services/logging/files/panko-api.yaml b/docker/services/logging/files/panko-api.yaml index ef2e13ede0..aa829b84da 100644 --- a/docker/services/logging/files/panko-api.yaml +++ b/docker/services/logging/files/panko-api.yaml @@ -32,13 +32,15 @@ outputs: host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/panko - - /var/log/containers/httpd/panko-api + - { 'path': /var/log/containers/panko, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/panko-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/panko, 'setype': svirt_sandbox_file_t } - name: panko logs readme copy: dest: /var/log/panko/readme.txt diff --git a/docker/services/manila-api.yaml b/docker/services/manila-api.yaml index bc56a0a4a7..c37019831a 100644 --- a/docker/services/manila-api.yaml +++ b/docker/services/manila-api.yaml @@ -124,13 +124,15 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: Create persistent manila logs directory + - name: Create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/manila - - /var/log/containers/httpd/manila-api + - { 'path': /var/log/containers/manila, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/manila-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/manila, 'setype': svirt_sandbox_file_t } - name: manila logs readme copy: dest: /var/log/manila/readme.txt diff --git a/docker/services/manila-scheduler.yaml b/docker/services/manila-scheduler.yaml index 7ae490fe73..16514d8eca 100644 --- a/docker/services/manila-scheduler.yaml +++ b/docker/services/manila-scheduler.yaml @@ -109,10 +109,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: Create persistent manila logs directory + - name: create persistent directories file: - path: /var/log/containers/manila + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/manila, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/manila, 'setype': svirt_sandbox_file_t } - name: manila logs readme copy: dest: /var/log/manila/readme.txt diff --git a/docker/services/manila-share.yaml b/docker/services/manila-share.yaml index cbd0ab2405..d81c138e2a 100644 --- a/docker/services/manila-share.yaml +++ b/docker/services/manila-share.yaml @@ -124,11 +124,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/manila - - /var/lib/manila + - { 'path': /var/log/containers/manila, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/manila, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/manila, 'setype': svirt_sandbox_file_t } - name: manila logs readme copy: dest: /var/log/manila/readme.txt diff --git a/docker/services/memcached.yaml b/docker/services/memcached.yaml index b0a084e6ca..bf3c785f7f 100644 --- a/docker/services/memcached.yaml +++ b/docker/services/memcached.yaml @@ -89,9 +89,16 @@ outputs: - /var/lib/config-data/memcached/etc/sysconfig/memcached:/etc/sysconfig/memcached:ro command: ['/bin/bash', '-c', 'source /etc/sysconfig/memcached; /usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS'] host_prep_tasks: + - name: create persistent directories + file: + path: "{{ item.path }}" + state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/memcached, 'setype': svirt_sandbox_file_t } - name: memcached logs readme copy: - dest: /var/log/memcached-readme.txt + dest: /var/log/memcached/readme.txt content: | Memcached container logs to stdout/stderr only. ignore_errors: true diff --git a/docker/services/messaging/notify-rabbitmq.yaml b/docker/services/messaging/notify-rabbitmq.yaml index efa4a2a51e..4b38b741cb 100644 --- a/docker/services/messaging/notify-rabbitmq.yaml +++ b/docker/services/messaging/notify-rabbitmq.yaml @@ -213,11 +213,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/rabbitmq - - /var/lib/rabbitmq + - { 'path': /var/log/containers/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/rabbitmq, 'setype': svirt_sandbox_file_t } - name: rabbitmq logs readme copy: dest: /var/log/rabbitmq/readme.txt diff --git a/docker/services/messaging/rpc-rabbitmq.yaml b/docker/services/messaging/rpc-rabbitmq.yaml index e25d03783e..db5edf6809 100644 --- a/docker/services/messaging/rpc-rabbitmq.yaml +++ b/docker/services/messaging/rpc-rabbitmq.yaml @@ -213,11 +213,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/rabbitmq - - /var/lib/rabbitmq + - { 'path': /var/log/containers/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/rabbitmq, 'setype': svirt_sandbox_file_t } - name: rabbitmq logs readme copy: dest: /var/log/rabbitmq/readme.txt diff --git a/docker/services/metrics/collectd.yaml b/docker/services/metrics/collectd.yaml index 99fec8aeb9..37eb1b2d92 100644 --- a/docker/services/metrics/collectd.yaml +++ b/docker/services/metrics/collectd.yaml @@ -116,10 +116,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/collectd + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/collectd, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/collectd, 'setype': svirt_sandbox_file_t } - name: collectd logs readme copy: dest: /var/log/collectd/readme.txt diff --git a/docker/services/mistral-api.yaml b/docker/services/mistral-api.yaml index e999ab763d..7045e16817 100644 --- a/docker/services/mistral-api.yaml +++ b/docker/services/mistral-api.yaml @@ -153,10 +153,14 @@ outputs: # the Mistral API image so that we get tripleo* actions command: "/usr/bin/bootstrap_host_exec mistral_api su mistral -s /bin/bash -c 'mistral-db-manage --config-file /etc/mistral/mistral.conf populate'" host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/mistral + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/mistral, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/mistral, 'setype': svirt_sandbox_file_t } - name: mistral logs readme copy: dest: /var/log/mistral/readme.txt diff --git a/docker/services/mistral-engine.yaml b/docker/services/mistral-engine.yaml index e4e2476351..55f561dd8d 100644 --- a/docker/services/mistral-engine.yaml +++ b/docker/services/mistral-engine.yaml @@ -123,10 +123,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/mistral + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/mistral, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/mistral, 'setype': svirt_sandbox_file_t } - name: mistral logs readme copy: dest: /var/log/mistral/readme.txt diff --git a/docker/services/mistral-event-engine.yaml b/docker/services/mistral-event-engine.yaml index 8ad23c8004..c9e79a471a 100644 --- a/docker/services/mistral-event-engine.yaml +++ b/docker/services/mistral-event-engine.yaml @@ -123,10 +123,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/mistral + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/mistral, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/mistral, 'setype': svirt_sandbox_file_t } - name: mistral logs readme copy: dest: /var/log/mistral/readme.txt diff --git a/docker/services/mistral-executor.yaml b/docker/services/mistral-executor.yaml index 2884e7cca8..57cf1a9799 100644 --- a/docker/services/mistral-executor.yaml +++ b/docker/services/mistral-executor.yaml @@ -166,10 +166,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/mistral + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/mistral, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/mistral, 'setype': svirt_sandbox_file_t } - name: mistral logs readme copy: dest: /var/log/mistral/readme.txt diff --git a/docker/services/nova-ironic.yaml b/docker/services/nova-ironic.yaml index 616828aff3..dab4320337 100644 --- a/docker/services/nova-ironic.yaml +++ b/docker/services/nova-ironic.yaml @@ -148,11 +148,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/nova - - /var/lib/nova + - { 'path': /var/log/containers/nova, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/nova, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/nova, 'setype': svirt_sandbox_file_t } - name: nova logs readme copy: dest: /var/log/nova/readme.txt diff --git a/docker/services/novajoin.yaml b/docker/services/novajoin.yaml index 58517ec92b..c832248373 100644 --- a/docker/services/novajoin.yaml +++ b/docker/services/novajoin.yaml @@ -210,6 +210,21 @@ outputs: set_fact: ipa_otp: {get_param: NovajoinIpaOtp} no_log: true + - name: create persistent directories + file: + path: "{{ item.path }}" + state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/novajoin, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/novajoin, 'setype': svirt_sandbox_file_t } + - name: novajoin logs readme + copy: + dest: /var/log/novajoin/readme.txt + content: | + Log files from novajoin containers can be found under + /var/log/containers/novajoin + ignore_errors: true - name: Enroll to FreeIPA command: ipa-client-install -U --password={{ ipa_otp }} args: diff --git a/docker/services/octavia-api.yaml b/docker/services/octavia-api.yaml index ddca019ad4..b227009696 100644 --- a/docker/services/octavia-api.yaml +++ b/docker/services/octavia-api.yaml @@ -209,13 +209,15 @@ outputs: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS - {} host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/octavia - - /var/log/containers/httpd/octavia-api + - { 'path': /var/log/containers/octavia, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/octavia-api, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/octavia, 'setype': svirt_sandbox_file_t } - name: octavia logs readme copy: dest: /var/log/octavia/readme.txt diff --git a/docker/services/octavia-health-manager.yaml b/docker/services/octavia-health-manager.yaml index 512b6f3111..d7ffa96e35 100644 --- a/docker/services/octavia-health-manager.yaml +++ b/docker/services/octavia-health-manager.yaml @@ -135,10 +135,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/octavia + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/octavia, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/octavia, 'setype': svirt_sandbox_file_t } - name: octavia logs readme copy: dest: /var/log/octavia/readme.txt diff --git a/docker/services/octavia-housekeeping.yaml b/docker/services/octavia-housekeeping.yaml index 8f5aac6bae..758c49ff2c 100644 --- a/docker/services/octavia-housekeeping.yaml +++ b/docker/services/octavia-housekeeping.yaml @@ -131,10 +131,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/octavia + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/octavia, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/octavia, 'setype': svirt_sandbox_file_t } - name: octavia logs readme copy: dest: /var/log/octavia/readme.txt diff --git a/docker/services/octavia-worker.yaml b/docker/services/octavia-worker.yaml index 2a6251e2b3..df557853d0 100644 --- a/docker/services/octavia-worker.yaml +++ b/docker/services/octavia-worker.yaml @@ -143,10 +143,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/octavia + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/octavia, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/octavia, 'setype': svirt_sandbox_file_t } - name: octavia logs readme copy: dest: /var/log/octavia/readme.txt diff --git a/docker/services/ovn-controller.yaml b/docker/services/ovn-controller.yaml index cd4ed03242..47be3fa847 100644 --- a/docker/services/ovn-controller.yaml +++ b/docker/services/ovn-controller.yaml @@ -128,10 +128,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/openvswitch + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/openvswitch, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/openvswitch, 'setype': svirt_sandbox_file_t } - name: openvswitch logs readme copy: dest: /var/log/openvswitch/readme.txt diff --git a/docker/services/ovn-dbs.yaml b/docker/services/ovn-dbs.yaml index 157e520542..eb4fa60858 100644 --- a/docker/services/ovn-dbs.yaml +++ b/docker/services/ovn-dbs.yaml @@ -194,11 +194,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/openvswitch - - /var/lib/openvswitch/ovn + - { 'path': /var/log/containers/openvswitch, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/openvswitch/ovn, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/openvswitch, 'setype': svirt_sandbox_file_t } - name: openvswitch logs readme copy: dest: /var/log/openvswitch/readme.txt diff --git a/docker/services/pacemaker/cinder-backup.yaml b/docker/services/pacemaker/cinder-backup.yaml index eca097a049..0d0c4ba430 100644 --- a/docker/services/pacemaker/cinder-backup.yaml +++ b/docker/services/pacemaker/cinder-backup.yaml @@ -246,11 +246,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/lib/cinder - - /var/log/containers/cinder + - { 'path': /var/log/containers/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/cinder, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/cinder, 'setype': svirt_sandbox_file_t } - name: cinder logs readme copy: dest: /var/log/cinder/readme.txt diff --git a/docker/services/pacemaker/database/mysql.yaml b/docker/services/pacemaker/database/mysql.yaml index 49642ded30..8abac326de 100644 --- a/docker/services/pacemaker/database/mysql.yaml +++ b/docker/services/pacemaker/database/mysql.yaml @@ -306,11 +306,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/log/containers/mysql - - /var/lib/mysql + - {'path': /var/log/containers/mysql, 'setype': 'svirt_sandbox_file_t'} + - {'path': /var/lib/mysql, 'setype': 'svirt_sandbox_file_t'} + - {'path': /var/log/mariadb, 'setype': 'svirt_sandbox_file_t'} - name: mysql logs readme copy: dest: /var/log/mariadb/readme.txt diff --git a/docker/services/pacemaker/database/redis.yaml b/docker/services/pacemaker/database/redis.yaml index 287cebcab1..4d3321708c 100644 --- a/docker/services/pacemaker/database/redis.yaml +++ b/docker/services/pacemaker/database/redis.yaml @@ -288,12 +288,14 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" with_items: - - /var/lib/redis - - /var/log/containers/redis - - /var/run/redis + - { 'path': /var/lib/redis, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/redis, 'setype': svirt_sandbox_file_t } + - { 'path': /var/run/redis, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/redis, 'setype': svirt_sandbox_file_t } - name: redis logs readme copy: dest: /var/log/redis/readme.txt diff --git a/docker/services/pacemaker/manila-share.yaml b/docker/services/pacemaker/manila-share.yaml index 69d2c190f4..d686c71dcf 100644 --- a/docker/services/pacemaker/manila-share.yaml +++ b/docker/services/pacemaker/manila-share.yaml @@ -213,11 +213,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/log/containers/manila - - /var/lib/manila + - { 'path': /var/log/containers/manila, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/manila, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/manila, 'setype': svirt_sandbox_file_t } - name: manila logs readme copy: dest: /var/log/manila/readme.txt diff --git a/docker/services/pacemaker/notify-rabbitmq.yaml b/docker/services/pacemaker/notify-rabbitmq.yaml index 325282da3c..8fb0fce11e 100644 --- a/docker/services/pacemaker/notify-rabbitmq.yaml +++ b/docker/services/pacemaker/notify-rabbitmq.yaml @@ -255,11 +255,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/lib/rabbitmq - - /var/log/containers/rabbitmq + - { 'path': /var/lib/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/rabbitmq, 'setype': svirt_sandbox_file_t } - name: rabbitmq logs readme copy: dest: /var/log/rabbitmq/readme.txt diff --git a/docker/services/pacemaker/ovn-dbs.yaml b/docker/services/pacemaker/ovn-dbs.yaml index 39a8b9e18b..fdc0a9602d 100644 --- a/docker/services/pacemaker/ovn-dbs.yaml +++ b/docker/services/pacemaker/ovn-dbs.yaml @@ -199,11 +199,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/log/containers/openvswitch - - /var/lib/openvswitch/ovn + - { 'path': /var/log/containers/openvswitch, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/openvswitch/ovn, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/openvswitch, 'setype': svirt_sandbox_file_t } - name: openvswitch logs readme copy: dest: /var/log/openvswitch/readme.txt diff --git a/docker/services/pacemaker/rabbitmq.yaml b/docker/services/pacemaker/rabbitmq.yaml index 18bc3cec47..6de7cc24d7 100644 --- a/docker/services/pacemaker/rabbitmq.yaml +++ b/docker/services/pacemaker/rabbitmq.yaml @@ -254,11 +254,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/lib/rabbitmq - - /var/log/containers/rabbitmq + - { 'path': /var/lib/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/rabbitmq, 'setype': svirt_sandbox_file_t } - name: rabbitmq logs readme copy: dest: /var/log/rabbitmq/readme.txt diff --git a/docker/services/pacemaker/rpc-rabbitmq.yaml b/docker/services/pacemaker/rpc-rabbitmq.yaml index 98d307a111..16b5d03be3 100644 --- a/docker/services/pacemaker/rpc-rabbitmq.yaml +++ b/docker/services/pacemaker/rpc-rabbitmq.yaml @@ -257,11 +257,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/lib/rabbitmq - - /var/log/containers/rabbitmq + - { 'path': /var/lib/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/rabbitmq, 'setype': svirt_sandbox_file_t } - name: rabbitmq logs readme copy: dest: /var/log/rabbitmq/readme.txt diff --git a/docker/services/qdrouterd.yaml b/docker/services/qdrouterd.yaml index d15fa01289..d3299f6db8 100644 --- a/docker/services/qdrouterd.yaml +++ b/docker/services/qdrouterd.yaml @@ -107,13 +107,15 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/log/containers/qdrouterd - - /var/lib/qdrouterd + - { 'path': /var/log/containers/qdrouterd, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/qdrouterd, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/qdrouterd, 'setype': svirt_sandbox_file_t } - name: qrouterd logs readme copy: dest: /var/log/qrouterd/readme.txt diff --git a/docker/services/rabbitmq.yaml b/docker/services/rabbitmq.yaml index 4d3c027cfe..7e0785e876 100644 --- a/docker/services/rabbitmq.yaml +++ b/docker/services/rabbitmq.yaml @@ -212,11 +212,13 @@ outputs: host_prep_tasks: - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/log/containers/rabbitmq - - /var/lib/rabbitmq + - { 'path': /var/log/containers/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/rabbitmq, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/rabbitmq, 'setype': svirt_sandbox_file_t } - name: rabbitmq logs readme copy: dest: /var/log/rabbitmq/readme.txt diff --git a/docker/services/sahara-api.yaml b/docker/services/sahara-api.yaml index 2609750efd..89f03d2477 100644 --- a/docker/services/sahara-api.yaml +++ b/docker/services/sahara-api.yaml @@ -143,14 +143,15 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create /var/lib/sahara + - name: create persistent directories file: - path: /var/lib/sahara - state: directory - - name: create persistent sahara logs directory - file: - path: /var/log/containers/sahara + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/sahara, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/sahara, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/sahara, 'setype': svirt_sandbox_file_t } - name: sahara logs readme copy: dest: /var/log/sahara/readme.txt diff --git a/docker/services/sahara-engine.yaml b/docker/services/sahara-engine.yaml index b395c8a6f7..a8d59bf4b3 100644 --- a/docker/services/sahara-engine.yaml +++ b/docker/services/sahara-engine.yaml @@ -133,14 +133,15 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create /var/lib/sahara + - name: create persistent directories file: - path: /var/lib/sahara - state: directory - - name: create persistent sahara logs directory - file: - path: /var/log/containers/sahara + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/sahara, 'setype': svirt_sandbox_file_t } + - { 'path': /var/lib/sahara, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/sahara, 'setype': svirt_sandbox_file_t } - name: sahara logs readme copy: dest: /var/log/sahara/readme.txt diff --git a/docker/services/sensu-client.yaml b/docker/services/sensu-client.yaml index 6acb76b51c..35bd1ed73c 100644 --- a/docker/services/sensu-client.yaml +++ b/docker/services/sensu-client.yaml @@ -151,10 +151,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/sensu + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/containers/sensu, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/sensu, 'setype': svirt_sandbox_file_t } - name: sensu logs readme copy: dest: /var/log/sensu/readme.txt diff --git a/docker/services/tacker.yaml b/docker/services/tacker.yaml index 31d7777c05..c7c0937d98 100644 --- a/docker/services/tacker.yaml +++ b/docker/services/tacker.yaml @@ -133,10 +133,14 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: /var/log/containers/tacker + path: "{{ item.path }}" state: directory + setype: "{{ item.setype }}" + with_items: + - { 'path': /var/log/tacker, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/tacker, 'setype': svirt_sandbox_file_t } - name: tacker logs readme copy: dest: /var/log/tacker/readme.txt diff --git a/docker/services/tempest.yaml b/docker/services/tempest.yaml index d0ece8b7df..132f69918e 100644 --- a/docker/services/tempest.yaml +++ b/docker/services/tempest.yaml @@ -55,13 +55,14 @@ outputs: - /var/log/containers/tempest:/var/log/tempest command: ['/bin/bash', '-c', 'chown -R tempest:tempest /var/log/tempest'] host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/log/containers/tempest - - /var/log/tempest + - { 'path': /var/log/containers/tempest, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/tempest, 'setype': svirt_sandbox_file_t } - name: Tempest logs readme copy: dest: /var/log/tempest/readme.txt diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml index 90a2f22b09..45c1c7014d 100644 --- a/docker/services/zaqar.yaml +++ b/docker/services/zaqar.yaml @@ -184,13 +184,15 @@ outputs: environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - - name: create persistent logs directory + - name: create persistent directories file: - path: "{{ item }}" + path: "{{ item.path }}" + setype: "{{ item.setype }}" state: directory with_items: - - /var/log/containers/zaqar - - /var/log/containers/httpd/zaqar + - { 'path': /var/log/containers/zaqar, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/containers/httpd/zaqar, 'setype': svirt_sandbox_file_t } + - { 'path': /var/log/zaqar, 'setype': svirt_sandbox_file_t } - name: zaqar logs readme copy: dest: /var/log/zaqar/readme.txt