From ffd86b3f2c7352ff530d6f37664aaa76b9a81b1c Mon Sep 17 00:00:00 2001 From: Gregory Thiemonge Date: Wed, 9 Dec 2020 08:27:48 +0100 Subject: [PATCH] Fix ownership of octavia_rsyslog log directory The octavia_rsyslog container should not use the octavia user and group since the rsyslog image doesn't know about that user. It should use root and have a dedicated log directory on the host to avoid mixing ownerships with the octavia containers that are running as octavia user. Change-Id: Ie7eb7905eb33235fc73f94b9e84f553394e951fd Closes-Bug: #1907260 --- .../octavia/octavia-health-manager-container-puppet.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/deployment/octavia/octavia-health-manager-container-puppet.yaml b/deployment/octavia/octavia-health-manager-container-puppet.yaml index 2661ed1e50..6ce3b5d1e1 100644 --- a/deployment/octavia/octavia-health-manager-container-puppet.yaml +++ b/deployment/octavia/octavia-health-manager-container-puppet.yaml @@ -140,7 +140,7 @@ outputs: preserve_properties: true permissions: - path: /var/log/octavia - owner: octavia:octavia + owner: root:root recurse: true docker_config: step_2: @@ -191,7 +191,7 @@ outputs: - - /var/lib/kolla/config_files/octavia_rsyslog.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/octavia:/var/lib/kolla/config_files/src:ro - - /var/log/containers/octavia:/var/log/octavia:z + - /var/log/containers/octavia-amphorae:/var/log/octavia:z environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS - {} @@ -205,3 +205,4 @@ outputs: mode: "{{ item.mode }}" with_items: - { 'path': /var/log/containers/octavia, 'setype': container_file_t, 'mode': '0750' } + - { 'path': /var/log/containers/octavia-amphorae, 'setype': container_file_t, 'mode': '0750' }