From 9cbfdfa1466ca38e7dd9f3df800993b5e2f2571d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Jeanneret?= <cjeanner@redhat.com>
Date: Fri, 13 Dec 2019 14:52:22 +0100
Subject: [PATCH] Ensure /var/log/journal exists as soon as possible

It might happen the /var/log/journal directory doesn't exist on a host,
especially if this host is a VM (the image creation usually involves
deep cleaning of the logs).

This absence might lead to log loss with the default journald
configuration, which uses the "auto" Storage.
This "auto" means that:
- if /var/log/journal exists, journald will use it, and it will be
persistent
- if /var/log/journal doesn't exist, journald will use a volatile
location, /run/log/journal, which is dropped upon system reboot

Since logs are important, and "old" logs might be useful after a reboot,
it's better to ensure we have persistent storage for journald.

Related-Bug: #1856278
Change-Id: I93dcc57aff63b91dab475b0c114b278324434e41
---
 common/services/role.role.j2.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/common/services/role.role.j2.yaml b/common/services/role.role.j2.yaml
index d99fec6f1b..a156c76d4f 100644
--- a/common/services/role.role.j2.yaml
+++ b/common/services/role.role.j2.yaml
@@ -393,6 +393,14 @@ outputs:
           - {get_attr: [DockerPuppetTasks, value]}
       host_prep_tasks:
         list_concat:
+          - - name: Ensure /var/log/journal exists
+              file:
+                path: /var/log/journal
+                state: directory
+                mode: 0750
+                owner: root
+                group: root
+                setype: var_log_t
           - - name: Run firewall role
               include_role:
                 name: tripleo-firewall