heat_template_version: rocky description: > Containerized logrotate with crond for containerized service logs rotation parameters: ContainerCrondImage: description: image type: string ContainerCrondConfigImage: description: The container image to use for the crond config_volume type: string EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json LogrotateMaxsize: description: Configures the maxsize param for containerized logrotate. type: string default: '10M' LogrotateRotationInterval: description: Configures rotation interval for containerized logrotate. type: string default: 'daily' constraints: - allowed_values: [ 'daily', 'weekly', 'monthly' ] LogrotateRotate: description: Configures the rotate param for containerized logrotate. type: string default: '14' LogrotatePurgeAfterDays: description: Enforces life time (days) of rotated and compressed files. type: string default: '14' LogrotateDateExt: description: Enable/disable dateext parameter. type: boolean default: false LogrotateDateFormat: description: Configures dateformat strings for containerized logrotate. This is valid when LogrotateDateExt is true. The allowed specifiers are only %Y %m %d %H %M %S %V and %s. type: string default: '-%Y%m%d' constraints: - allowed_pattern: '-(%[YmdHMSVs])+$' LogrotateDateYesterday: description: Configures dateyesterday paramter for containerized logrotate. This is valid when LogrotateDateExt is true. type: boolean default: false conditions: logrotatedateext_is_enabled: {equals: [{get_param: LogrotateDateExt}, true]} resources: ContainersCommon: type: ../containers-common.yaml outputs: role_data: description: Role data for the crond role. value: service_name: logrotate_crond config_settings: map_merge: - tripleo::profile::base::logging::logrotate::maxsize: {get_param: LogrotateMaxsize} tripleo::profile::base::logging::logrotate::rotation: {get_param: LogrotateRotationInterval} tripleo::profile::base::logging::logrotate::rotate: {get_param: LogrotateRotate} tripleo::profile::base::logging::logrotate::purge_after_days: {get_param: LogrotatePurgeAfterDays} tripleo::profile::base::logging::logrotate::dateext: {get_param: LogrotateDateExt} - if: - logrotatedateext_is_enabled - tripleo::profile::base::logging::logrotate::dateformat: {get_param: LogrotateDateFormat} tripleo::profile::base::logging::logrotate::dateyesterday: {get_param: LogrotateDateYesterday} - {} host_prep_tasks: - name: allow logrotate to read inside containers seboolean: name: logrotate_read_inside_containers persistent: yes state: yes deploy_steps_tasks: - name: configure tmpwatch on the host when: step|int == 2 copy: dest: /etc/cron.daily/containers-tmpwatch owner: root group: root mode: 0755 content: | #!/bin/sh tmpwatch --nodirs \ -X "/var/log/containers/*/*log" \ -X "/var/log/containers/*/*/*log" \ -X "/var/log/containers/*/*err" \ {{ LogrotatePurgeAfterDays|int +1 }}d \ /var/log/containers/ 2>&1 | logger -t container-tmpwatch vars: LogrotatePurgeAfterDays: {get_param: LogrotatePurgeAfterDays} # BEGIN DOCKER SETTINGS puppet_config: config_volume: crond step_config: 'include ::tripleo::profile::base::logging::logrotate' config_image: {get_param: ContainerCrondConfigImage} kolla_config: /var/lib/kolla/config_files/logrotate-crond.json: command: /usr/sbin/crond -s -n config_files: - source: "/var/lib/kolla/config_files/src/*" dest: "/" merge: true preserve_properties: true docker_config: step_4: logrotate_crond: image: {get_param: ContainerCrondImage} net: none pid: host privileged: true user: root restart: always healthcheck: test: '/usr/share/openstack-tripleo-common/healthcheck/cron' volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/lib/kolla/config_files/logrotate-crond.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/crond/:/var/lib/kolla/config_files/src:ro - /var/log/containers:/var/log/containers:z environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS post_upgrade_tasks: - when: step|int == 1 import_role: name: tripleo-docker-rm vars: containers_to_rm: - logrotate_crond tripleo_container_cli: "docker" external_upgrade_tasks: - when: - step|int == 1 tags: - never - system_upgrade_transfer_data - system_upgrade_stop_services block: - name: Stop logrotate container import_role: name: tripleo-container-stop vars: tripleo_containers_to_stop: - logrotate_crond tripleo_delegate_to: "{{ groups['logrotate_crond'] | default([]) }}"