Move socket binding to named_volume

The extend_start.sh script for rsyslog is removed as it is no longer
needed. Docker no longer binds to /dev/log or /run/kolla/log

Closes-Bug: #1544545
Change-Id: Ic0a323a26ee4e9e15baf4598285844a8a4955f23
This commit is contained in:
SamYaple 2016-02-15 20:49:04 +00:00
parent 84f43146dc
commit 690e6853de
16 changed files with 65 additions and 59 deletions

View File

@ -7,7 +7,7 @@
image: "{{ cinder_api_image_full }}"
volumes:
- "{{ node_config_directory }}/cinder-api/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['cinder-api']
- name: Starting cinder-backup container
@ -19,8 +19,8 @@
privileged: True
volumes:
- "{{ node_config_directory }}/cinder-backup/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "/dev/mapper/:/dev/mapper/"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['cinder-backup']
- name: Starting cinder-scheduler container
@ -31,7 +31,7 @@
image: "{{ cinder_scheduler_image_full }}"
volumes:
- "{{ node_config_directory }}/cinder-scheduler/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['cinder-scheduler']
- name: Starting cinder-volume container
@ -45,5 +45,5 @@
- "{{ node_config_directory }}/cinder-volume/:{{ container_config_directory }}/:ro"
- "/dev/:/dev/"
- "/run/:/run/"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['cinder-volume']

View File

@ -3,13 +3,16 @@
kolla_docker:
action: "start_container"
common_options: "{{ docker_common_options }}"
environment:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
SKIP_LOG_SETUP:
image: "{{ rsyslog_image_full }}"
name: "rsyslog"
privileged: True
volumes:
- "{{ node_config_directory }}/rsyslog/:{{ container_config_directory }}/:ro"
- "rsyslog:/var/log"
- "/run/kolla/:/run/kolla/"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
- name: Starting kolla-toolbox container
kolla_docker:
@ -24,4 +27,4 @@
volumes:
- "/dev/:/dev/"
- "/run/:/run/"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"

View File

@ -1,6 +1,6 @@
# provides support for local system logging
$ModLoad imuxsock
$AddUnixListenSocket /run/kolla/log
$AddUnixListenSocket /var/lib/kolla/rsyslog/log
$ModLoad imklog
$KLogPermitNonKernelFacility on

View File

@ -7,7 +7,7 @@
name: "glance_registry"
volumes:
- "{{ node_config_directory }}/glance-registry/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['glance-registry']
- name: Starting glance-api container
@ -18,6 +18,6 @@
name: "glance_api"
volumes:
- "{{ node_config_directory }}/glance-api/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "glance:/var/lib/glance/"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['glance-api']

View File

@ -7,7 +7,7 @@
name: "heat_api"
volumes:
- "{{ node_config_directory }}/heat-api/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['heat-api']
- name: Starting heat-api-cfn container
@ -18,7 +18,7 @@
name: "heat_api_cfn"
volumes:
- "{{ node_config_directory }}/heat-api-cfn/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['heat-api-cfn']
- name: Starting heat-engine container
@ -29,5 +29,5 @@
name: "heat_engine"
volumes:
- "{{ node_config_directory }}/heat-engine/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['heat-engine']

View File

@ -7,7 +7,7 @@
name: "keystone"
volumes:
- "{{ node_config_directory }}/keystone/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
- name: Wait for keystone startup
wait_for: host={{ keystone_admin_address }} port={{ keystone_admin_port }}

View File

@ -7,7 +7,7 @@
name: "magnum_api"
volumes:
- "{{ node_config_directory }}/magnum-api/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['magnum-api']
- name: Starting magnum-conductor container
@ -18,5 +18,5 @@
name: "magnum_conductor"
volumes:
- "{{ node_config_directory }}/magnum-conductor/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['magnum-conductor']

View File

@ -7,7 +7,7 @@
image: "{{ mistral_engine_image_full }}"
volumes:
- "{{ node_config_directory }}/mistral-engine/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['mistral-engine']
- name: Starting mistral-executor container
@ -18,7 +18,7 @@
image: "{{ mistral_executor_image_full }}"
volumes:
- "{{ node_config_directory }}/mistral-executor/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['mistral-executor']
- name: Starting mistral-api container
@ -29,5 +29,5 @@
image: "{{ mistral_api_image_full }}"
volumes:
- "{{ node_config_directory }}/mistral-api/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['mistral-api']

View File

@ -7,7 +7,7 @@
name: "murano_engine"
volumes:
- "{{ node_config_directory }}/murano-engine/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['murano-engine']
- name: Starting murano-api container
@ -18,5 +18,5 @@
name: "murano_api"
volumes:
- "{{ node_config_directory }}/murano-api/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['murano-api']

View File

@ -67,7 +67,7 @@
name: "neutron_server"
volumes:
- "{{ node_config_directory }}/neutron-server/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['neutron-server']
- name: Starting neutron-openvswitch-agent container
@ -81,7 +81,7 @@
- "{{ node_config_directory }}/neutron-openvswitch-agent/:{{ container_config_directory }}/:ro"
- "/lib/modules:/lib/modules:ro"
- "/run:/run"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- (
( inventory_hostname in groups['compute']
@ -109,7 +109,7 @@
- "{{ node_config_directory }}/neutron-openvswitch-agent-fake-{{ item }}/:{{ container_config_directory }}/:ro"
- "/lib/modules:/lib/modules:ro"
- "/run:/run"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
with_sequence: start=1 end={{ num_nova_fake_per_node }}
when:
- inventory_hostname in groups['compute']
@ -131,7 +131,7 @@
- "{{ node_config_directory }}/neutron-linuxbridge-agent/:{{ container_config_directory }}/:ro"
- "/lib/modules:/lib/modules:ro"
- "/run:/run"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- (inventory_hostname in groups['compute']
or inventory_hostname in groups['neutron-dhcp-agent']
@ -149,9 +149,9 @@
volumes:
- "{{ node_config_directory }}/neutron-dhcp-agent/:{{ container_config_directory }}/:ro"
- "/run/:/run/"
- "/run/kolla/log:/dev/log"
- "/run/netns/:/run/netns/:shared"
- "neutron_metadata_socket:/var/lib/neutron/kolla/"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- inventory_hostname in groups['neutron-dhcp-agent']
@ -165,9 +165,9 @@
volumes:
- "{{ node_config_directory }}/neutron-l3-agent/:{{ container_config_directory }}/:ro"
- "/run:/run"
- "/run/kolla/log:/dev/log"
- "/run/netns/:/run/netns/:shared"
- "neutron_metadata_socket:/var/lib/neutron/kolla/"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- inventory_hostname in groups['neutron-l3-agent']
@ -180,8 +180,8 @@
privileged: True
volumes:
- "{{ node_config_directory }}/neutron-metadata-agent/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "/run/netns/:/run/netns/:shared"
- "neutron_metadata_socket:/var/lib/neutron/kolla/"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- inventory_hostname in groups['neutron-metadata-agent']

View File

@ -26,7 +26,7 @@
volumes:
- "{{ node_config_directory }}/nova-api/:{{ container_config_directory }}/:ro"
- "/lib/modules:/lib/modules:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['nova-api']
- name: Starting nova-conductor container
@ -37,7 +37,7 @@
image: "{{ nova_conductor_image_full }}"
volumes:
- "{{ node_config_directory }}/nova-conductor/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['nova-conductor']
- name: Starting nova-consoleauth container
@ -48,7 +48,7 @@
name: "nova_consoleauth"
volumes:
- "{{ node_config_directory }}/nova-consoleauth/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['nova-consoleauth']
- name: Starting nova-novncproxy container
@ -59,7 +59,7 @@
name: "nova_novncproxy"
volumes:
- "{{ node_config_directory }}/nova-novncproxy/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- inventory_hostname in groups['nova-novncproxy']
- nova_console == 'novnc'
@ -72,7 +72,7 @@
name: "nova_scheduler"
volumes:
- "{{ node_config_directory }}/nova-scheduler/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['nova-scheduler']
- name: Starting nova-spicehtml5proxy container
@ -83,7 +83,7 @@
name: "nova_spicehtml5proxy"
volumes:
- "{{ node_config_directory }}/nova-spicehtml5proxy/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- inventory_hostname in groups['nova-spicehtml5proxy']
- nova_console == 'spice'
@ -99,9 +99,9 @@
- "{{ node_config_directory }}/nova-compute/:{{ container_config_directory }}/:ro"
- "/lib/modules:/lib/modules:ro"
- "/run:/run"
- "/run/kolla/log:/dev/log"
- "nova_compute:/var/lib/nova/"
- "nova_libvirt:/var/lib/libvirt"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- inventory_hostname in groups['compute']
- not enable_nova_fake | bool
@ -114,7 +114,7 @@
name: "nova_compute_ironic"
volumes:
- "{{ node_config_directory }}/nova-compute-ironic/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when:
- inventory_hostname in groups['nova-compute-ironic']
- enable_ironic | bool
@ -130,7 +130,7 @@
- "{{ node_config_directory }}/nova-compute-fake-{{ item }}/:{{ container_config_directory }}/:ro"
- "/lib/modules:/lib/modules:ro"
- "/run:/run"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
with_sequence: start=1 end={{ num_nova_fake_per_node }}
when:
- inventory_hostname in groups['compute']

View File

@ -40,7 +40,7 @@
volumes:
- "{{ node_config_directory }}/swift-rsyncd/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname not in groups['swift-proxy-server']
- name: Starting swift-proxy-server container
@ -52,7 +52,7 @@
volumes:
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-proxy-server/:{{ container_config_directory }}/:ro"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-proxy-server']
- name: Starting swift-account-server container
@ -65,7 +65,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-account-server/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-account-server']
- name: Starting swift-account-auditor container
@ -78,7 +78,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-account-auditor/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-account-server']
- name: Starting swift-account-replicator container
@ -91,7 +91,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-account-replicator/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-account-server']
- name: Starting swift-account-reaper container
@ -104,7 +104,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-account-reaper/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-account-server']
- name: Starting swift-container-server container
@ -117,7 +117,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-container-server/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-container-server']
- name: Starting swift-container-auditor container
@ -130,7 +130,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-container-auditor/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-container-server']
- name: Starting swift-container-replicator container
@ -143,7 +143,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-container-replicator/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-container-server']
- name: Starting swift-container-updater container
@ -156,7 +156,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-container-updater/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-container-server']
- name: Starting swift-object-server container
@ -169,7 +169,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-object-server/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-object-server']
- name: Starting swift-object-auditor container
@ -182,7 +182,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-object-auditor/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-object-server']
- name: Starting swift-object-replicator container
@ -195,7 +195,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-object-replicator/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-object-server']
- name: Starting swift-object-updater container
@ -208,7 +208,7 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-object-updater/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-object-server']
- name: Starting swift-object-expirer container
@ -221,5 +221,5 @@
- "{{ node_config_directory }}/swift/:/var/lib/kolla/swift/:ro"
- "{{ node_config_directory }}/swift-object-expirer/:{{ container_config_directory }}/:ro"
- "{{ swift_devices_mount_point }}:{{ swift_devices_mount_point }}"
- "/run/kolla/log:/dev/log"
- "rsyslog_socket:/var/lib/kolla/rsyslog/"
when: inventory_hostname in groups['swift-object-server']

View File

@ -1,6 +1,16 @@
#!/bin/bash
set -o errexit
# TODO(SamYaple): After we merge Heka it should be possible to remove
# this symlink, investigate that after Heka is finalized
# NOTE(SamYaple): Setting up logging socket to /dev/log
if [[ ! "${!SKIP_LOG_SETUP[@]}" && -e /var/lib/kolla/rsyslog ]]; then
while [[ ! -S /var/lib/kolla/rsyslog/log ]]; do
sleep 1
done
sudo ln -sf /var/lib/kolla/rsyslog/log /dev/log
fi
# Processing /var/lib/kolla/config_files/config.json as root. This is necessary
# to permit certain files to be controlled by the root user which should
# not be writable by the dropped-privileged user, especially /run_command

View File

@ -13,6 +13,6 @@ root ALL=(ALL) ALL
# anyone in the kolla group may run /usr/local/bin/kolla_set_configs as the
# root user via sudo without password confirmation
%kolla ALL=(root) NOPASSWD: /usr/local/bin/kolla_set_configs, /usr/bin/install
%kolla ALL=(root) NOPASSWD: /usr/local/bin/kolla_set_configs, /usr/bin/install, /bin/ln -sf /var/lib/kolla/rsyslog/log /dev/log
#includedir /etc/sudoers.d

View File

@ -13,6 +13,4 @@ RUN apt-get install -y --no-install-recommends rsyslog \
{% endif %}
COPY extend_start.sh /usr/local/bin/kolla_extend_start
{{ include_footer }}

View File

@ -1,5 +0,0 @@
#!/bin/bash
if [[ -e "/dev/log" ]]; then
rm -rf /dev/log
fi