Merge "Ensure we get dedicated logging file for HAProxy" into stable/queens

This commit is contained in:
Zuul 2019-02-19 13:09:53 +00:00 committed by Gerrit Code Review
commit d6b05a755e
6 changed files with 95 additions and 3 deletions

View File

@ -8,6 +8,14 @@
when: step == "1"
become: true
block:
- name: Create and ensure setype for /var/log/containers directory
file:
path: /var/log/containers
state: directory
setype: var_log_t
selevel: s0
tags:
- host_config
- name: Create /var/lib/tripleo-config directory
file: path=/var/lib/tripleo-config state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true

View File

@ -40,6 +40,10 @@ parameters:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
SSLCertificate:
default: ''
description: >
@ -110,6 +114,8 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
HAProxySyslogFacility: {get_param: HAProxySyslogFacility}
HAProxyLogging:
type: OS::TripleO::Services::Logging::HAProxy
@ -248,13 +254,33 @@ outputs:
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
host_prep_tasks:
- name: Check if rsyslog exists
shell: systemctl is-active rsyslog
register: rsyslog_config
- when: rsyslog_config.rc == 0
block:
- name: Forward logging to haproxy.log file
blockinfile:
content: |
if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log
& stop
create: yes
path: /etc/rsyslog.d/openstack-haproxy.conf
vars:
facility: {get_param: HAProxySyslogFacility}
register: logconfig
- name: restart rsyslog service after logging conf change
service:
name: rsyslog
state: restarted
when: logconfig is changed
- name: create persistent directories
file:
path: "{{ item.path }}"
state: directory
setype: "{{ item.setype }}"
with_items:
- { 'path': /var/log/containers/haproxy, 'setype': svirt_sandbox_file_t }
- { 'path': /var/log/containers/haproxy, 'setype': var_log_t }
- { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t }
- { 'path': /var/log/haproxy, 'setype': svirt_sandbox_file_t }
- name: haproxy logs readme

View File

@ -67,6 +67,14 @@ parameters:
HAProxyInternalTLSKeysDirectory:
default: '/etc/pki/tls/private/haproxy'
type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
ConfigDebug:
default: false
description: Whether to run config management (e.g. Puppet) in debug mode.
@ -109,6 +117,8 @@ resources:
DefaultPasswords: {get_param: DefaultPasswords}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
HAProxySyslogFacility: {get_param: HAProxySyslogFacility}
outputs:
role_data:
@ -279,12 +289,41 @@ outputs:
- - 'TRIPLEO_DEPLOY_IDENTIFIER='
- {get_param: DeployIdentifier}
host_prep_tasks:
- name: Check if rsyslog exists
shell: systemctl is-active rsyslog
register: rsyslog_config
- when: rsyslog_config.rc == 0
block:
- name: Forward logging to haproxy.log file
blockinfile:
content: |
if $syslogfacility-text == '{{facility}}' and $programname == 'haproxy' then -/var/log/containers/haproxy/haproxy.log
& stop
create: yes
path: /etc/rsyslog.d/openstack-haproxy.conf
vars:
facility: {get_param: HAProxySyslogFacility}
register: logconfig
- name: restart rsyslog service after logging conf change
service:
name: rsyslog
state: restarted
when: logconfig is changed
- name: create persistent directories
file:
path: "{{ item }}"
path: "{{ item.path }}"
state: directory
setype: "{{ item.setype }}"
with_items:
- /var/lib/haproxy
- { 'path': /var/log/containers/haproxy, 'setype': var_log_t }
- { 'path': /var/lib/haproxy, 'setype': svirt_sandbox_file_t }
- name: haproxy logs readme
copy:
dest: /var/log/haproxy/readme.txt
content: |
Log files from the haproxy containers can be found under
/var/log/containers/haproxy.
ignore_errors: true
metadata_settings:
get_attr: [HAProxyBase, role_data, metadata_settings]
update_tasks:

View File

@ -46,6 +46,10 @@ parameters:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
HAProxyStatsEnabled:
default: true
description: Whether or not to enable the HAProxy stats interface.
@ -129,6 +133,7 @@ outputs:
'107 haproxy stats':
dport: 1993
tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
tripleo::haproxy::haproxy_log_facility: {get_param: HAProxySyslogFacility}
tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
tripleo::haproxy::redis_password: {get_param: RedisPassword}

View File

@ -30,6 +30,14 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
HAProxySyslogFacility:
default: local0
description: Syslog facility HAProxy will use for its logs
type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
resources:
LoadbalancerServiceBase:
@ -53,6 +61,8 @@ outputs:
- get_attr: [LoadbalancerServiceBase, role_data, config_settings]
- tripleo::haproxy::haproxy_service_manage: false
tripleo::haproxy::mysql_clustercheck: true
tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
tripleo::haproxy::haproxy_log_facility: {get_param: HAProxySyslogFacility}
step_config: |
include ::tripleo::profile::pacemaker::haproxy
metadata_settings:

View File

@ -0,0 +1,4 @@
---
features:
- Allow to output HAProxy in a dedicated file
- Adds new HAProxySyslogFacility param