[Rocky-only] Install and configure tmpwatch for log cleanup
Installing and configuring tmpwatch allows to get rid of some ugly things in logrotate configuration. As the container has no network access anymore, we have to install the tool on the host directly - this isn't that bad. In order to avoid issues with logrotate manage logs, we explicitely exclude patterns manage in the specific logorate configuration. Also, always in order to avoid issues and ensure logrotate does its own cleanup, we clean files one day later. Note: this patch is the port of [1], without the "deployment" directory. We can't really cherry-pick things since the tree is modified in master. [1] https://review.openstack.org/641608 Change-Id: I5c59f337f2a62bc44e459f13de9bab6b4ab1a9f5
This commit is contained in:
parent
8b49052e3f
commit
9e37ce9ab6
|
@ -70,6 +70,24 @@ outputs:
|
|||
tripleo::profile::base::logging::logrotate::rotation: {get_param: LogrotateRotationInterval}
|
||||
tripleo::profile::base::logging::logrotate::rotate: {get_param: LogrotateRotate}
|
||||
tripleo::profile::base::logging::logrotate::purge_after_days: {get_param: LogrotatePurgeAfterDays}
|
||||
deploy_steps_tasks:
|
||||
- name: configure tmpwatch on the host
|
||||
when: step|int == 2
|
||||
copy:
|
||||
dest: /etc/cron.daily/containers-tmpwatch
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
content: |
|
||||
#!/bin/sh
|
||||
tmpwatch --nodirs \
|
||||
-X "/var/log/containers/*/*log" \
|
||||
-X "/var/log/containers/*/*/*log" \
|
||||
-X "/var/log/containers/*/*err" \
|
||||
{{ LogrotatePurgeAfterDays|int +1 }} \
|
||||
/var/log/containers/ 2>&1 | logger -t container-tmpwatch
|
||||
vars:
|
||||
LogrotatePurgeAfterDays: {get_param: LogrotatePurgeAfterDays}
|
||||
# BEGIN DOCKER SETTINGS
|
||||
puppet_config:
|
||||
config_volume: crond
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
# DEPRECATED.
|
||||
# This file has been replaced with environments/standalone/standalone-tripleo.yaml
|
||||
resource_registry:
|
||||
OS::TripleO::Services::Tmpwatch: ../extraconfig/services/tmpwatch-install.yaml
|
||||
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml
|
||||
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
|
||||
OS::TripleO::Standalone::Net::SoftwareConfig: ../net-config-standalone.yaml
|
||||
|
|
|
@ -109,5 +109,6 @@ resource_registry:
|
|||
OS::TripleO::Services::SaharaApi: OS::Heat::None
|
||||
OS::TripleO::Services::SaharaEngine: OS::Heat::None
|
||||
OS::TripleO::Services::Tacker: OS::Heat::None
|
||||
OS::TripleO::Services::Tmpwatch: ../../extraconfig/services/tmpwatch-install.yaml
|
||||
OS::TripleO::Services::Zaqar: OS::Heat::None
|
||||
OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml
|
||||
|
|
|
@ -3,6 +3,7 @@ parameter_merge_strategies:
|
|||
UndercloudExtraConfig: deep_merge
|
||||
|
||||
resource_registry:
|
||||
OS::TripleO::Services::Tmpwatch: ../extraconfig/services/tmpwatch-install.yaml
|
||||
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml
|
||||
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
|
||||
OS::TripleO::Undercloud::Net::SoftwareConfig: ../net-config-undercloud.yaml
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
heat_template_version: rocky
|
||||
|
||||
description: >
|
||||
Install tmpwatch on the undercloud/standalone
|
||||
|
||||
parameters:
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
ServiceData:
|
||||
default: {}
|
||||
description: Dictionary packing service data
|
||||
type: json
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
type: string
|
||||
RoleParameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for tmpwatch install on undercloud or standalone
|
||||
value:
|
||||
service_name: logrotate_tmpwatch
|
||||
deploy_steps_tasks:
|
||||
- name: install tmpwatch on the host
|
||||
when: step|int == 1
|
||||
package:
|
||||
name: tmpwatch
|
||||
state: installed
|
|
@ -333,6 +333,7 @@ resource_registry:
|
|||
OS::TripleO::Services::Multipathd: docker/services/multipathd.yaml
|
||||
|
||||
# Logging
|
||||
OS::TripleO::Services::Tmpwatch: OS::Heat::None
|
||||
OS::TripleO::Services::Logging::BarbicanApi: docker/services/logging/files/barbican-api.yaml
|
||||
OS::TripleO::Services::Logging::GlanceApi: docker/services/logging/files/glance-api.yaml
|
||||
OS::TripleO::Services::Logging::HAProxy: docker/services/logging/files/haproxy.yaml
|
||||
|
|
|
@ -181,6 +181,7 @@
|
|||
- OS::TripleO::Services::SwiftStorage
|
||||
- OS::TripleO::Services::Tacker
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::Tmpwatch
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
- OS::TripleO::Services::TripleoPackages
|
||||
- OS::TripleO::Services::Tuned
|
||||
|
|
|
@ -90,6 +90,7 @@
|
|||
- OS::TripleO::Services::SwiftRingBuilder
|
||||
- OS::TripleO::Services::SwiftStorage
|
||||
- OS::TripleO::Services::Tempest
|
||||
- OS::TripleO::Services::Tmpwatch
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
- OS::TripleO::Services::TripleoUI
|
||||
- OS::TripleO::Services::Tuned
|
||||
|
|
|
@ -93,6 +93,7 @@
|
|||
- OS::TripleO::Services::SwiftRingBuilder
|
||||
- OS::TripleO::Services::SwiftStorage
|
||||
- OS::TripleO::Services::Tempest
|
||||
- OS::TripleO::Services::Tmpwatch
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
- OS::TripleO::Services::TripleoUI
|
||||
- OS::TripleO::Services::Tuned
|
||||
|
|
|
@ -63,6 +63,9 @@ environments:
|
|||
OS::TripleO::Services::ContainerImagePrepare: ../../puppet/services/container-image-prepare.yaml
|
||||
OS::TripleO::Services::DockerRegistry: ../../puppet/services/docker-registry.yaml
|
||||
|
||||
# Install tmpwatch
|
||||
OS::TripleO::Services::Tmpwatch: ../../extraconfig/services/tmpwatch-install.yaml
|
||||
|
||||
# Disable non-openstack services that are enabled by default
|
||||
OS::TripleO::Services::HAproxy: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
|
|
Loading…
Reference in New Issue