heat_template_version: rocky description: > OpenStack containerized fluentd services. This service is deprecated and will be removed in future releases. parameters: ContainerFluentdImage: description: image type: string ContainerFluentdConfigImage: description: The container image to use fluentd config_volume type: string EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json resources: ContainersCommon: type: ../../containers-common.yaml LoggingConfiguration: type: OS::TripleO::LoggingConfiguration outputs: role_data: description: Role data for the fluentd role. value: service_name: fluentd config_settings: fluentd::package_name: fluentd fluentd::service_name: fluentd fluentd::config_file: /etc/fluentd/fluent.conf fluentd::config_owner: fluentd fluentd::config_group: fluentd fluentd::config_path: /etc/fluentd/config.d fluentd::plugin_provider: yum fluentd::service_provider: systemd fluentd::repo_install: false tripleo::profile::base::logging::fluentd::fluentd_servers: get_attr: [LoggingConfiguration, LoggingServers] tripleo::profile::base::logging::fluentd::fluentd_default_format: get_attr: [LoggingConfiguration, LoggingDefaultFormat] tripleo::profile::base::logging::fluentd::fluentd_filters: yaql: expression: > $.data.filters.flatten().where($) data: filters: - get_attr: [LoggingConfiguration, LoggingDefaultFilters] - get_attr: [LoggingConfiguration, LoggingExtraFilters] tripleo::profile::base::logging::fluentd::fluentd_pos_file_path: get_attr: [LoggingConfiguration, LoggingPosFilePath] tripleo::profile::base::logging::fluentd::fluentd_use_ssl: get_attr: [LoggingConfiguration, LoggingUsesSSL] tripleo::profile::base::logging::fluentd::fluentd_ssl_certificate: get_attr: [LoggingConfiguration, LoggingSSLCertificate] tripleo::profile::base::logging::fluentd::fluentd_ssl_key: get_attr: [LoggingConfiguration, LoggingSSLKey] tripleo::profile::base::logging::fluentd::fluentd_ssl_key_passphrase: get_attr: [LoggingConfiguration, LoggingSSLKeyPassphrase] tripleo::profile::base::logging::fluentd::fluentd_shared_key: get_attr: [LoggingConfiguration, LoggingSharedKey] # BEGIN DOCKER SETTINGS puppet_config: config_volume: fluentd puppet_tags: config step_config: | include ::tripleo::profile::base::logging::fluentd config_image: {get_param: ContainerFluentdConfigImage} kolla_config: /var/lib/kolla/config_files/fluentd.json: command: /usr/bin/fluentd -c /etc/fluentd/fluent.conf -o /var/log/fluentd/fluentd.log config_files: - source: "/var/lib/kolla/config_files/src/*" dest: "/" merge: true preserve_properties: true permissions: - path: /var/lib/fluentd owner: fluentd:fluentd recurse: true - path: /var/log/fluentd owner: fluentd:fluentd recurse: true docker_config: step_3: fluentd: image: {get_param: ContainerFluentdImage} net: host privileged: true user: root restart: always security_opt: 'label=disable' healthcheck: test: /openstack/healthcheck volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - /var/cache/containers/fluentd:/var/cache/fluentd:rw,z - /var/lib/kolla/config_files/fluentd.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/fluentd/:/var/lib/kolla/config_files/src:ro - /var/log/containers:/var/log/containers:ro - /var/log/containers/fluentd:/var/log/fluentd:rw,z environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS host_prep_tasks: - name: Check if rsyslog exists shell: systemctl is-active rsyslog register: rsyslog_config - when: - rsyslog_config is changed - rsyslog_config.rc == 0 block: - name: Create rsyslog.d/fluentd blockinfile: content: | *.* @127.0.0.1:42185 create: yes owner: root group: root mode: 0644 path: /etc/rsyslog.d/fluentd.conf seuser: system_u serole: object_r setype: syslog_conf_t selevel: s0 register: logconfig - name: restart rsyslog service after logging conf change service: name: rsyslog state: restarted when: logconfig is changed - name: create persistent directories file: path: "{{ item.path }}" state: directory setype: "{{ item.setype }}" with_items: - { 'path': /var/log/containers/fluentd, 'setype': svirt_sandbox_file_t } - { 'path': /var/log/fluentd, 'setype': svirt_sandbox_file_t } - name: fluentd logs readme copy: dest: /var/log/fluentd/readme.txt content: | Log files from fluentd containers can be found under /var/log/containers/fluentd. ignore_errors: true - name: create persistent cache directory file: path: /var/cache/containers/fluentd state: directory setype: svirt_sandbox_file_t upgrade_tasks: [] post_upgrade_tasks: - when: step|int == 1 import_role: name: tripleo-docker-rm vars: containers_to_rm: - fluentd fast_forward_upgrade_tasks: - when: - step|int == 0 - release == 'ocata' block: - name: Check if fluent.service is deployed command: systemctl is-enabled --quiet fluentd.service ignore_errors: True register: fluentd_enabled_result - name: Set fact fluentd_enabled set_fact: fluentd_enabled: "{{ fluentd_enabled_result.rc == 0 }}" - name: Stop fluentd service service: name=fluentd.service state=stopped enabled=no when: - step|int == 1 - release == 'ocata' - fluentd_enabled|bool