Merge "Ensure we get dedicated logging file for HAProxy"

This commit is contained in:
Zuul 2018-12-14 05:40:57 +00:00 committed by Gerrit Code Review
commit c4b816e8c5
6 changed files with 92 additions and 1 deletions

View File

@ -21,6 +21,14 @@
- name: Write config data at the start of step 1 - name: Write config data at the start of step 1
when: step == "1" when: step == "1"
block: block:
- name: Create and ensure setype for /var/log/containers directory
file:
path: /var/log/containers
state: directory
setype: var_log_t
selevel: s0
tags:
- host_config
- name: Create /var/lib/tripleo-config directory - name: Create /var/lib/tripleo-config directory
file: file:
path: /var/lib/tripleo-config path: /var/lib/tripleo-config

View File

@ -40,6 +40,10 @@ parameters:
default: /dev/log default: /dev/log
description: Syslog address where HAproxy will send its log description: Syslog address where HAproxy will send its log
type: string type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
SSLCertificate: SSLCertificate:
default: '' default: ''
description: > description: >
@ -121,6 +125,8 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords} DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
HAProxySyslogFacility: {get_param: HAProxySyslogFacility}
HAProxyLogging: HAProxyLogging:
type: OS::TripleO::Services::Logging::HAProxy type: OS::TripleO::Services::Logging::HAProxy
@ -279,13 +285,33 @@ outputs:
- haproxy - haproxy
host_prep_tasks: host_prep_tasks:
- {get_attr: [HAProxyBase, role_data, host_prep_tasks]} - {get_attr: [HAProxyBase, role_data, host_prep_tasks]}
- name: Check if rsyslog exists
shell: systemctl is-active rsyslog
register: rsyslog_config
- when: rsyslog_config.rc == 0
block:
- name: Forward logging to haproxy.log file
blockinfile:
content: |
if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log
& stop
create: yes
path: /etc/rsyslog.d/openstack-haproxy.conf
vars:
facility: {get_param: HAProxySyslogFacility}
register: logconfig
- name: restart rsyslog service after logging conf change
service:
name: rsyslog
state: restarted
when: logconfig is changed
- name: create persistent directories - name: create persistent directories
file: file:
path: "{{ item.path }}" path: "{{ item.path }}"
state: directory state: directory
setype: "{{ item.setype }}" setype: "{{ item.setype }}"
with_items: with_items:
- { 'path': /var/log/containers/haproxy, 'setype': svirt_sandbox_file_t } - { 'path': /var/log/containers/haproxy, 'setype': var_log_t }
- { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t } - { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t }
- name: haproxy logs readme - name: haproxy logs readme
copy: copy:

View File

@ -75,6 +75,14 @@ parameters:
HAProxyInternalTLSKeysDirectory: HAProxyInternalTLSKeysDirectory:
default: '/etc/pki/tls/private/haproxy' default: '/etc/pki/tls/private/haproxy'
type: string type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
ConfigDebug: ConfigDebug:
default: false default: false
description: Whether to run config management (e.g. Puppet) in debug mode. description: Whether to run config management (e.g. Puppet) in debug mode.
@ -126,6 +134,8 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords} DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName} RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters} RoleParameters: {get_param: RoleParameters}
HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
HAProxySyslogFacility: {get_param: HAProxySyslogFacility}
outputs: outputs:
role_data: role_data:
@ -279,13 +289,41 @@ outputs:
- {get_param: DeployIdentifier} - {get_param: DeployIdentifier}
host_prep_tasks: host_prep_tasks:
- {get_attr: [HAProxyBase, role_data, host_prep_tasks]} - {get_attr: [HAProxyBase, role_data, host_prep_tasks]}
- name: Check if rsyslog exists
shell: systemctl is-active rsyslog
register: rsyslog_config
- when: rsyslog_config.rc == 0
block:
- name: Forward logging to haproxy.log file
blockinfile:
content: |
if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log
& stop
create: yes
path: /etc/rsyslog.d/openstack-haproxy.conf
vars:
facility: {get_param: HAProxySyslogFacility}
register: logconfig
- name: restart rsyslog service after logging conf change
service:
name: rsyslog
state: restarted
when: logconfig is changed
- name: create persistent directories - name: create persistent directories
file: file:
path: "{{ item.path }}" path: "{{ item.path }}"
state: directory state: directory
setype: "{{ item.setype }}" setype: "{{ item.setype }}"
with_items: with_items:
- { 'path': /var/log/containers/haproxy, 'setype': var_log_t }
- { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t } - { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t }
- name: haproxy logs readme
copy:
dest: /var/log/haproxy/readme.txt
content: |
Log files from the haproxy containers can be found under
/var/log/containers/haproxy.
ignore_errors: true
metadata_settings: metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings] get_attr: [HAProxyBase, role_data, metadata_settings]
deploy_steps_tasks: deploy_steps_tasks:

View File

@ -46,6 +46,10 @@ parameters:
default: /dev/log default: /dev/log
description: Syslog address where HAproxy will send its log description: Syslog address where HAproxy will send its log
type: string type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
HAProxyStatsEnabled: HAProxyStatsEnabled:
default: true default: true
description: Whether or not to enable the HAProxy stats interface. description: Whether or not to enable the HAProxy stats interface.
@ -140,6 +144,7 @@ outputs:
'107 haproxy stats': '107 haproxy stats':
dport: 1993 dport: 1993
tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress} tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
tripleo::haproxy::haproxy_log_facility: {get_param: HAProxySyslogFacility}
tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser} tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword} tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
tripleo::haproxy::redis_password: {get_param: RedisPassword} tripleo::haproxy::redis_password: {get_param: RedisPassword}

View File

@ -30,6 +30,14 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry. via parameter_defaults in the resource registry.
type: json type: json
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
resources: resources:
LoadbalancerServiceBase: LoadbalancerServiceBase:
@ -53,6 +61,8 @@ outputs:
- get_attr: [LoadbalancerServiceBase, role_data, config_settings] - get_attr: [LoadbalancerServiceBase, role_data, config_settings]
- tripleo::haproxy::haproxy_service_manage: false - tripleo::haproxy::haproxy_service_manage: false
tripleo::haproxy::mysql_clustercheck: true tripleo::haproxy::mysql_clustercheck: true
tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
tripleo::haproxy::haproxy_log_facility: {get_param: HAProxySyslogFacility}
step_config: | step_config: |
include ::tripleo::profile::pacemaker::haproxy include ::tripleo::profile::pacemaker::haproxy
host_prep_tasks: {get_attr: [LoadbalancerServiceBase, role_data, host_prep_tasks]} host_prep_tasks: {get_attr: [LoadbalancerServiceBase, role_data, host_prep_tasks]}

View File

@ -0,0 +1,4 @@
---
features:
- Allow to output HAProxy in a dedicated file
- Adds new HAProxySyslogFacility param