836705161c
Installing and configuring tmpwatch allows to get rid of some ugly things in logrotate configuration. As the container has no network access anymore, we have to install the tool on the host directly - this isn't that bad. In order to avoid issues with logrotate manage logs, we explicitely exclude patterns manage in the specific logorate configuration. Also, always in order to avoid issues and ensure logrotate does its own cleanup, we clean files one day later. Change-Id: Ic666388d9ba7556e7b68ab2fc1082957a9e26552
128 lines
4.3 KiB
YAML
128 lines
4.3 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
Containerized logrotate with crond for containerized service logs rotation
|
|
|
|
parameters:
|
|
DockerCrondImage:
|
|
description: image
|
|
type: string
|
|
DockerCrondConfigImage:
|
|
description: The container image to use for the crond config_volume
|
|
type: string
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
LogrotateMaxsize:
|
|
description: Configures tme maxsize param for containerized logrotate.
|
|
type: string
|
|
default: '10M'
|
|
LogrotateRotationInterval:
|
|
description: Configures rotation interval for containerized logrotate.
|
|
type: string
|
|
default: 'daily'
|
|
constraints:
|
|
- allowed_values: [ 'daily', 'weekly', 'monthly' ]
|
|
LogrotateRotate:
|
|
description: Configures the rotate param for containerized logrotate.
|
|
type: string
|
|
default: '14'
|
|
LogrotatePurgeAfterDays:
|
|
description: Enforces life time (days) of rotated and compressed files.
|
|
type: string
|
|
default: '14'
|
|
|
|
resources:
|
|
|
|
ContainersCommon:
|
|
type: ../../docker/services/containers-common.yaml
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the crond role.
|
|
value:
|
|
service_name: logrotate_crond
|
|
config_settings:
|
|
tripleo::profile::base::logging::logrotate::maxsize: {get_param: LogrotateMaxsize}
|
|
tripleo::profile::base::logging::logrotate::rotation: {get_param: LogrotateRotationInterval}
|
|
tripleo::profile::base::logging::logrotate::rotate: {get_param: LogrotateRotate}
|
|
tripleo::profile::base::logging::logrotate::purge_after_days: {get_param: LogrotatePurgeAfterDays}
|
|
deploy_steps_tasks:
|
|
- name: configure tmpwatch on the host
|
|
when: step|int == 2
|
|
copy:
|
|
dest: /etc/cron.daily/containers-tmpwatch
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
content: |
|
|
#!/bin/sh
|
|
tmpwatch --nodirs \
|
|
-X "/var/log/containers/*/*log" \
|
|
-X "/var/log/containers/*/*/*log" \
|
|
-X "/var/log/containers/*/*err" \
|
|
{{ LogrotatePurgeAfterDays|int +1 }} \
|
|
/var/log/containers/ 2>&1 | logger -t container-tmpwatch
|
|
vars:
|
|
LogrotatePurgeAfterDays: {get_param: LogrotatePurgeAfterDays}
|
|
# BEGIN DOCKER SETTINGS
|
|
puppet_config:
|
|
config_volume: crond
|
|
step_config: 'include ::tripleo::profile::base::logging::logrotate'
|
|
config_image: {get_param: DockerCrondConfigImage}
|
|
kolla_config:
|
|
/var/lib/kolla/config_files/logrotate-crond.json:
|
|
command: /usr/sbin/crond -s -n
|
|
config_files:
|
|
- source: "/var/lib/kolla/config_files/src/*"
|
|
dest: "/"
|
|
merge: true
|
|
preserve_properties: true
|
|
docker_config:
|
|
step_4:
|
|
logrotate_crond:
|
|
image: {get_param: DockerCrondImage}
|
|
net: none
|
|
pid: host
|
|
privileged: true
|
|
user: root
|
|
restart: always
|
|
volumes:
|
|
list_concat:
|
|
- {get_attr: [ContainersCommon, volumes]}
|
|
-
|
|
- /var/lib/kolla/config_files/logrotate-crond.json:/var/lib/kolla/config_files/config.json:ro
|
|
- /var/lib/config-data/puppet-generated/crond/:/var/lib/kolla/config_files/src:ro
|
|
- /var/log/containers:/var/log/containers:z
|
|
environment:
|
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
|
post_upgrade_tasks:
|
|
- when: step|int == 1
|
|
import_role:
|
|
name: tripleo-docker-rm
|
|
vars:
|
|
containers_to_rm:
|
|
- logrotate_crond
|