2093cca403
/var/log/<service> is not used by containers, therefore setype
svirt_sandbox_file_t is not required. This changes it to the
default var_log_t.
Change-Id: I870f6f5286ac9222d6d8fbdcb48fe6b6559993ba
(cherry picked from commit 5906f45ffe)
52 lines
1.7 KiB
YAML
52 lines
1.7 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack containerized Barbican API service
|
|
|
|
parameters:
|
|
DockerBarbicanApiImage:
|
|
description: image
|
|
type: string
|
|
|
|
outputs:
|
|
cmd_extra_args:
|
|
description: Extra command line arguments for running the service in the container.
|
|
value: ''
|
|
config_settings:
|
|
description: Extra hieradata needed to log to files in the host.
|
|
value: null
|
|
volumes:
|
|
description: The volumes needed to log to files in the host.
|
|
value: &barbican_api_volumes
|
|
- /var/log/containers/barbican:/var/log/barbican:z
|
|
- /var/log/containers/httpd/barbican-api:/var/log/httpd:z
|
|
docker_config:
|
|
description: Extra containers needed for logging to files in the host.
|
|
value:
|
|
step_2:
|
|
barbican_init_log:
|
|
image: {get_param: DockerBarbicanApiImage}
|
|
net: none
|
|
user: root
|
|
volumes: *barbican_api_volumes
|
|
command: ['/bin/bash', '-c', 'chown -R barbican:barbican /var/log/barbican']
|
|
host_prep_tasks:
|
|
description: Extra ansible tasks needed for logging to files in the host.
|
|
value:
|
|
- name: create persistent directories
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: directory
|
|
setype: "{{ item.setype }}"
|
|
with_items:
|
|
- { 'path': /var/log/containers/barbican, 'setype': svirt_sandbox_file_t }
|
|
- { 'path': /var/log/containers/httpd/barbican-api, 'setype': svirt_sandbox_file_t }
|
|
- { 'path': /var/log/barbican, 'setype': var_log_t }
|
|
- name: barbican logs readme
|
|
copy:
|
|
dest: /var/log/barbican/readme.txt
|
|
content: |
|
|
Log files from barbican containers can be found under
|
|
/var/log/containers/barbican.
|
|
ignore_errors: true
|