From 12ea9635ff5f4d4dd9eee068e7ce27fb84a52846 Mon Sep 17 00:00:00 2001 From: "Kevin Carter (cloudnull)" Date: Tue, 12 Jun 2018 17:10:34 +0000 Subject: [PATCH] Convert role to use a common systemd service role This removes the systemd service templates and tasks from this role and leverages a common systemd service role instead. This change removes a lot of code duplication across all roles all without sacrificing features or functionality. The intention of this change is to ensure uniformity and reduce the maintenance burden on the community when sweeping changes are needed. The systemd journal would normally be populated with the standard out of a service however with the use of uwsgi this is not actually happening resulting in us only capturing the logs from the uwsgi process instead of the service itself. This change implements journal logging in the service config, which is part of OSLO logging. OSLO logging docs found here: A new variable `cinder_environment_overrides` has been added to ensure the correct PATH is set for cinder services. This reverts commit b219b905367af4dba9936be9591065e76f86bea5. Change-Id: I1cb10aa591a8262add47e2f5b61cfded9e28241d Signed-off-by: Kevin Carter --- defaults/main.yml | 38 +++++++----- .../notes/journal-log-cwbr504hd9b59612.yaml | 5 ++ tasks/cinder_init_systemd.yml | 59 ------------------- tasks/cinder_install.yml | 28 +++++++++ tasks/cinder_post_install.yml | 4 -- tasks/cinder_pre_install.yml | 23 -------- tasks/cinder_selinux.yml | 31 ---------- tasks/main.yml | 4 -- templates/cinder-systemd-init.j2 | 37 ------------ templates/cinder-systemd-tmpfiles.j2 | 5 -- templates/cinder.conf.j2 | 5 ++ vars/redhat-7.yml | 2 + vars/suse-42.yml | 3 + vars/ubuntu.yml | 4 ++ 14 files changed, 71 insertions(+), 177 deletions(-) create mode 100644 releasenotes/notes/journal-log-cwbr504hd9b59612.yaml delete mode 100644 tasks/cinder_init_systemd.yml delete mode 100644 tasks/cinder_selinux.yml delete mode 100644 templates/cinder-systemd-init.j2 delete mode 100644 templates/cinder-systemd-tmpfiles.j2 diff --git a/defaults/main.yml b/defaults/main.yml index 0f1d6e1f..cb8a578d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -26,8 +26,6 @@ cinder_service_setup_host: "{{ openstack_service_setup_host | default('localhost # Set installation method. cinder_install_method: "source" -cinder_log_dir: /var/log/cinder - cinder_git_repo: https://git.openstack.org/openstack/cinder cinder_git_install_branch: master cinder_developer_mode: false @@ -284,6 +282,7 @@ cinder_pip_packages: - python-openstackclient - python-keystoneclient - python-memcached + - systemd-python - uwsgi cinder_api_init_overrides: {} @@ -298,29 +297,35 @@ cinder_services: service_name: cinder-scheduler init_config_overrides: "{{ cinder_scheduler_init_overrides }}" start_order: 1 + execstarts: "{{ cinder_bin }}/cinder-scheduler" + execreloads: "/bin/kill -HUP $MAINPID" cinder-volume: group: cinder_volume service_name: cinder-volume init_config_overrides: "{{ cinder_volume_init_overrides }}" start_order: 2 + execstarts: "{{ cinder_bin }}/cinder-volume" + execreloads: "/bin/kill -HUP $MAINPID" + cinder-api: + group: cinder_api + service_name: cinder-api + init_config_overrides: "{{ cinder_api_init_overrides }}" + start_order: 3 + execstarts: "{{ cinder_uwsgi_bin }}/uwsgi --autoload --ini /etc/uwsgi/cinder-api.ini" + execreloads: "{{ cinder_uwsgi_bin }}/uwsgi --reload /var/run/cinder-api/cinder-api.pid" + wsgi_overrides: "{{ cinder_api_uwsgi_ini_overrides }}" + wsgi_app: True + wsgi_name: cinder-wsgi + uwsgi_port: "{{ cinder_service_port }}" + uwsgi_bind_address: "{{ cinder_uwsgi_bind_address }}" cinder-backup: group: cinder_backup service_name: cinder-backup condition: "{{ cinder_service_backup_program_enabled | bool }}" init_config_overrides: "{{ cinder_backup_init_overrides }}" - start_order: 3 - cinder-api: - group: cinder_api - service_name: cinder-api - init_config_overrides: "{{ cinder_api_init_overrides }}" - wsgi_overrides: "{{ cinder_api_uwsgi_ini_overrides }}" - wsgi_app: True - log_string: "--logto " - wsgi_name: cinder-wsgi - uwsgi_port: "{{ cinder_service_port }}" - uwsgi_bind_address: "{{ cinder_uwsgi_bind_address }}" - program_override: "{{ cinder_uwsgi_bin }}/uwsgi --autoload --ini /etc/uwsgi/cinder-api.ini" start_order: 4 + execstarts: "{{ cinder_bin }}/cinder-backup" + execreloads: "/bin/kill -HUP $MAINPID" # Cinder uWSGI settings cinder_wsgi_processes_max: 16 @@ -356,4 +361,9 @@ cinder_api_paste_ini_overrides: {} cinder_cinder_conf_overrides: {} cinder_api_uwsgi_ini_overrides: {} +## Set default cinder path in service units. The default override sets the +## execution path for the cinder service. +cinder_environment_overrides: + Environment: "PATH='{{ cinder_bin }}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'" + _UUID_regex: "[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}" diff --git a/releasenotes/notes/journal-log-cwbr504hd9b59612.yaml b/releasenotes/notes/journal-log-cwbr504hd9b59612.yaml new file mode 100644 index 00000000..6ca8e99f --- /dev/null +++ b/releasenotes/notes/journal-log-cwbr504hd9b59612.yaml @@ -0,0 +1,5 @@ +--- +deprecations: + - The log path, ``/var/log/cinder`` is no longer used to capture service + logs. All logging for the cinder service will now be sent directly to the + systemd journal. diff --git a/tasks/cinder_init_systemd.yml b/tasks/cinder_init_systemd.yml deleted file mode 100644 index 55364b82..00000000 --- a/tasks/cinder_init_systemd.yml +++ /dev/null @@ -1,59 +0,0 @@ ---- -# Copyright 2016, Rackspace US, Inc. -# Copyright 2016, IBM Corporation. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Create TEMP run dir - file: - path: "/var/run/{{ item.service_name }}" - state: directory - owner: "{{ cinder_system_user_name }}" - group: "{{ cinder_system_group_name }}" - mode: "02755" - with_items: "{{ filtered_cinder_services }}" - -- name: Create TEMP lock dir - file: - path: "/var/lock/{{ item.service_name }}" - state: directory - owner: "{{ cinder_system_user_name }}" - group: "{{ cinder_system_group_name }}" - mode: "02755" - with_items: "{{ filtered_cinder_services }}" - -- name: Create tmpfiles.d entry - template: - src: "cinder-systemd-tmpfiles.j2" - dest: "/etc/tmpfiles.d/openstack-{{ item.service_name }}.conf" - mode: "0644" - owner: "root" - group: "root" - with_items: "{{ filtered_cinder_services }}" - notify: - - Manage LB - - Restart cinder services - -- name: Place the systemd init script - config_template: - src: "cinder-systemd-init.j2" - dest: "/etc/systemd/system/{{ item.service_name }}.service" - mode: "0644" - owner: "root" - group: "root" - config_overrides: "{{ item.init_config_overrides }}" - config_type: "ini" - with_items: "{{ filtered_cinder_services }}" - notify: - - Manage LB - - Restart cinder services diff --git a/tasks/cinder_install.yml b/tasks/cinder_install.yml index 2f942d95..9145387c 100644 --- a/tasks/cinder_install.yml +++ b/tasks/cinder_install.yml @@ -40,6 +40,34 @@ include_tasks: cinder_install_source.yml when: cinder_install_method == 'source' +- name: Run the systemd service role + include_role: + name: systemd_service + private: true + vars: + systemd_user_name: "{{ cinder_system_user_name }}" + systemd_group_name: "{{ cinder_system_group_name }}" + systemd_tempd_prefix: openstack + systemd_slice_name: cinder + systemd_lock_path: /var/lock/cinder + systemd_CPUAccounting: true + systemd_BlockIOAccounting: true + systemd_MemoryAccounting: true + systemd_TasksAccounting: true + systemd_services: + - service_name: "{{ service_var.service_name }}" + enabled: yes + state: started + execstarts: "{{ service_var.execstarts }}" + execreloads: "{{ service_var.execreloads | default([]) }}" + config_overrides: "{{ cinder_environment_overrides | combine(service_var.init_config_overrides) }}" + with_items: "{{ filtered_cinder_services }}" + loop_control: + loop_var: service_var + tags: + - cinder-config + - systemd-service + - name: Set the upgrade facts ini_file: dest: "/etc/ansible/facts.d/openstack_ansible.fact" diff --git a/tasks/cinder_post_install.yml b/tasks/cinder_post_install.yml index c17e65cb..7ba1c17d 100644 --- a/tasks/cinder_post_install.yml +++ b/tasks/cinder_post_install.yml @@ -72,7 +72,3 @@ mode: "0440" owner: "root" group: "root" - -- include: cinder_selinux.yml - when: - - ansible_selinux.status == "enabled" diff --git a/tasks/cinder_pre_install.yml b/tasks/cinder_pre_install.yml index d85ccb38..b9d1ea8c 100644 --- a/tasks/cinder_pre_install.yml +++ b/tasks/cinder_pre_install.yml @@ -45,26 +45,3 @@ - { path: "/etc/cinder/rootwrap.d", owner: "root", group: "root", mode: "0750" } - { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" } - { path: "{{ cinder_system_home_folder }}" } - -- name: Test for log directory or link - shell: | - if [ -h "{{ cinder_log_dir }}" ]; then - chown -h {{ cinder_system_user_name }}:{{ cinder_system_group_name }} "{{ cinder_log_dir }}" - chown -R {{ cinder_system_user_name }}:{{ cinder_system_group_name }} "$(readlink {{ cinder_log_dir }})" - else - exit 1 - fi - register: log_dir - failed_when: false - changed_when: log_dir.rc != 0 - -- name: Create cinder log dir - file: - path: "{{ item.path }}" - state: directory - owner: "{{ item.owner|default(cinder_system_user_name) }}" - group: "{{ item.group|default(cinder_system_group_name) }}" - mode: "{{ item.mode|default('0755') }}" - with_items: - - { path: "{{ cinder_log_dir }}" } - when: log_dir.rc != 0 diff --git a/tasks/cinder_selinux.yml b/tasks/cinder_selinux.yml deleted file mode 100644 index cc01a5a1..00000000 --- a/tasks/cinder_selinux.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# Copyright 2018, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Stat cinder's log directory - stat: - path: "{{ cinder_log_dir }}" - register: cinder_log_dir_check - -- name: Set SELinux file contexts for cinder's log directory - sefcontext: - target: "{{ (cinder_log_dir_check.stat.islnk) | ternary(cinder_log_dir_check.stat.lnk_target, cinder_log_dir) }}(/.*)?" - setype: cinder_log_t - state: present - register: selinux_file_context_log_files - -- name: Apply updated SELinux contexts on cinder log directory - command: "restorecon -Rv {{ (cinder_log_dir_check.stat.islnk) | ternary(cinder_log_dir_check.stat.lnk_target, cinder_log_dir) }}" - when: - - selinux_file_context_log_files is changed diff --git a/tasks/main.yml b/tasks/main.yml index 034605e8..4360a6d9 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -106,10 +106,6 @@ tags: - cinder-config -- include: "cinder_init_{{ ansible_service_mgr }}.yml" - tags: - - cinder-config - - name: Include ceph_client role include_role: name: ceph_client diff --git a/templates/cinder-systemd-init.j2 b/templates/cinder-systemd-init.j2 deleted file mode 100644 index 15c7d71e..00000000 --- a/templates/cinder-systemd-init.j2 +++ /dev/null @@ -1,37 +0,0 @@ -# {{ ansible_managed }} - -[Unit] -Description=cinder openstack service -After=syslog.target -After=network.target - -[Service] -Type=simple -User={{ cinder_system_user_name }} -Group={{ cinder_system_group_name }} - -{% if item.program_override is defined %} -ExecStart={{ item.program_override }} {{ item.program_config_options|default('') }} {{ item.log_string | default('--log-file=') }}{{ cinder_log_dir }}/{{ item.service_name }}.log -{% else %} -ExecStart={{ cinder_bin }}/{{ item.service_name }} {{ item.program_config_options|default('') }} --log-file={{ cinder_log_dir }}/{{ item.service_name }}.log -{% endif %} -{% if item.service_name != cinder_services['cinder-api']['service_name'] or item.wsgi_app %} -ExecReload={{ (item.wsgi_app is defined and item.wsgi_app) | ternary(cinder_bin + '/uwsgi --reload /var/run/' + item.service_name + '/' + item.service_name +'.pid','/bin/kill -HUP $MAINPID') }} -{% endif %} - -# Give a reasonable amount of time for the server to start up/shut down -TimeoutSec=120 -Restart=on-failure -RestartSec=2 - -# This creates a specific slice which all services will operate from -# The accounting options give us the ability to see resource usage through -# the `systemd-cgtop` command. -Slice=cinder.slice -CPUAccounting=true -BlockIOAccounting=true -MemoryAccounting=false -TasksAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/templates/cinder-systemd-tmpfiles.j2 b/templates/cinder-systemd-tmpfiles.j2 deleted file mode 100644 index ce057ba7..00000000 --- a/templates/cinder-systemd-tmpfiles.j2 +++ /dev/null @@ -1,5 +0,0 @@ -# {{ ansible_managed }} - -D /var/lock/{{ item.service_name }} 2755 {{ cinder_system_user_name }} {{ cinder_system_group_name }} -D /var/run/{{ item.service_name }} 2755 {{ cinder_system_user_name }} {{ cinder_system_group_name }} -D {{ cinder_lock_path }} 2755 {{ cinder_system_user_name }} {{ cinder_system_group_name }} diff --git a/templates/cinder.conf.j2 b/templates/cinder.conf.j2 index 5fe1bcc5..a8f3b4b7 100644 --- a/templates/cinder.conf.j2 +++ b/templates/cinder.conf.j2 @@ -1,9 +1,14 @@ # {{ ansible_managed }} [DEFAULT] +use_journal = True # Disable stderr logging use_stderr = False debug = {{ debug }} +# JSON logging is set to true when debug is enabled. This is done to resolve an issue with unicode +# logging that can result in a stacktrace with "python2.7". The following bug covers the issues +# we're seeing in the logs [ https://bugs.launchpad.net/cinder/+bug/1703493 ]. +use_json = {{ debug }} fatal_deprecations = {{ cinder_fatal_deprecations }} my_ip = {{ cinder_management_address }} diff --git a/vars/redhat-7.yml b/vars/redhat-7.yml index ce1402b5..16968a6f 100644 --- a/vars/redhat-7.yml +++ b/vars/redhat-7.yml @@ -33,11 +33,13 @@ cinder_service_distro_packages: - openstack-cinder - python-openstackclient - python2-shade + - systemd-python - uwsgi - uwsgi-plugin-python cinder_developer_mode_distro_packages: - git + - systemd-devel cinder_volume_distro_packages: - qemu-img-ev diff --git a/vars/suse-42.yml b/vars/suse-42.yml index 73ab20af..97fbbf68 100644 --- a/vars/suse-42.yml +++ b/vars/suse-42.yml @@ -38,11 +38,14 @@ cinder_service_distro_packages: - openstack-cinder-volume - python-openstackclient - python-shade + - python-systemd - uwsgi - uwsgi-python cinder_developer_mode_distro_packages: - git-core + - pkg-config + - systemd-devel cinder_volume_distro_packages: - qemu-tools diff --git a/vars/ubuntu.yml b/vars/ubuntu.yml index 6a8dd4a2..02469a29 100644 --- a/vars/ubuntu.yml +++ b/vars/ubuntu.yml @@ -43,11 +43,15 @@ cinder_service_distro_packages: - cinder-volume - python-openstackclient - python-shade + - python-systemd + - python3-systemd - uwsgi - uwsgi-plugin-python cinder_developer_mode_distro_packages: + - build-essential - git-core + - libsystemd-dev cinder_volume_distro_packages: - qemu-utils