openstack/tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/deployment/logging/files/nova-api.yaml
Martin Schuppert 2093cca403 Change setype for non container /var/log/<service> directories 
/var/log/<service> is not used by containers, therefore setype
svirt_sandbox_file_t is not required. This changes it to the
default var_log_t.

Change-Id: I870f6f5286ac9222d6d8fbdcb48fe6b6559993ba
(cherry picked from commit 5906f45ffec42b5b010ef1c8b3352ba521ce9d2a)
2019-05-02 11:08:21 -06:00

64 lines
2.1 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
Template for nova-api's logging to files
parameters:
DockerNovaApiImage:
description: image
type: string
DeployIdentifier:
default: ''
type: string
description: >
Setting this to a unique value will re-run any deployment tasks which
perform configuration on a Heat stack-update.
outputs:
config_settings:
description: Extra hieradata needed to log to files in the host.
value: null
volumes:
description: The volumes needed to log to files in the host.
value: &nova_api_volumes
- /var/log/containers/nova:/var/log/nova:z
- /var/log/containers/httpd/nova-api:/var/log/httpd:z
docker_config:
description: Extra containers needed for logging to files in the host.
value:
step_2:
# db sync runs before permissions set by kolla_config
nova_api_init_logs:
image: {get_param: DockerNovaApiImage}
net: none
privileged: false
user: root
volumes: *nova_api_volumes
command: ['/bin/bash', '-c', 'chown -R nova:nova /var/log/nova']
environment:
# NOTE: this should force this container to re-run on each
# update (scale-out, etc.)
- list_join:
- ''
- - 'TRIPLEO_DEPLOY_IDENTIFIER='
- {get_param: DeployIdentifier}
host_prep_tasks:
description: Extra ansible tasks needed for logging to files in the host.
value:
- name: create persistent directories
file:
path: "{{ item.path }}"
setype: "{{ item.setype }}"
state: directory
with_items:
- { 'path': /var/log/containers/nova, 'setype': svirt_sandbox_file_t }
- { 'path': /var/log/containers/httpd/nova-api, 'setype': svirt_sandbox_file_t }
- { 'path': /var/log/nova, 'setype': var_log_t }
- name: nova logs readme
copy:
dest: /var/log/nova/readme.txt
content: |
Log files from nova containers can be found under
/var/log/containers/nova and /var/log/containers/httpd/nova-*.
ignore_errors: true
View Git Blame Copy Permalink