Use systemd-journald instead of log files

This patch aims to migrate service from usage of  rsyslog to journald.
By this we mean dropping rsyslog client installation and
set log address to /dev/log, which is served by journald.

Change-Id: I80dccb129e73fd58f7211bd56d36e55b55603c6a
This commit is contained in:
Dmitriy Rabotyagov 2019-07-22 16:18:57 +03:00
parent 65f6297631
commit 424d48440c
10 changed files with 22 additions and 125 deletions

View File

@ -1,15 +0,0 @@
$ModLoad imudp
$UDPServerRun 514
$template Haproxy,"%msg%\n"
if $programname startswith 'haproxy' then {
# Connections are logged at level "info".
# See https://www.haproxy.org/download/1.6/doc/configuration.txt.
local0.=info -/var/log/haproxy/haproxy.log
# Level "notice" will be used to indicate a server going up,
# "warning" will be used for termination signals and definitive service
# termination, and "alert" will be used for when a server goes down.
# See https://www.haproxy.org/download/1.6/doc/configuration.txt.
local1.notice -/var/log/haproxy/haproxy-status.log
# Discard HAProxy messages to prevent further processing/logging.
local0.*;local1.* ~
}

View File

@ -26,16 +26,16 @@
tags: tags:
- haproxy-general-config - haproxy-general-config
- name: Reload haproxy
service:
name: "haproxy"
state: "reloaded"
enabled: yes
daemon_reload: yes
- name: Restart rsyslog - name: Restart rsyslog
service: service:
name: "rsyslog" name: "rsyslog"
state: "restarted" state: "restarted"
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: Reload haproxy
service:
name: "haproxy"
state: "reloaded"
enabled: yes
daemon_reload: yes

View File

@ -23,6 +23,20 @@
tags: tags:
- haproxy-non-local-bind-config - haproxy-non-local-bind-config
# NOTE (noonedeadpunk) Debian/Ubuntu haproxy packages configure rsyslog
# to handle log collection and log file rotation. This is not needed since
# journald is used for this purpose
- name: Delete rsyslog and logrotate configs
file:
path: "{{ item }}"
state: absent
with_items:
- /etc/rsyslog.d/49-haproxy.conf
- /etc/logrotate.d/haproxy
notify: Restart rsyslog
tags:
- haproxy-logging-config
- name: Drop base haproxy config - name: Drop base haproxy config
template: template:
src: "haproxy.cfg.j2" src: "haproxy.cfg.j2"
@ -31,23 +45,6 @@
tags: tags:
- haproxy-base-config - haproxy-base-config
# remove config file from old location (ie releases 14-18)
- name: Delete prior haproxy logging config
file:
path: "/etc/rsyslog.d/99-haproxy-local-logging.conf"
state: absent
notify: Restart rsyslog
tags:
- haproxy-logging-config
- name: Drop haproxy logging config
copy:
src: "haproxy-logging.cfg"
dest: "/etc/rsyslog.d/10-haproxy-local-logging.conf"
notify: Restart rsyslog
tags:
- haproxy-logging-config
- include_tasks: haproxy_service_config.yml - include_tasks: haproxy_service_config.yml
tags: tags:
- haproxy-service-config - haproxy-service-config

View File

@ -13,22 +13,6 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
# NOTE(cloudnull):
# Any packages needed to be installed to support the system will
# be installed at this point, as a pre-task. This is done to
# ensure application and role assumptions are resolved on all of
# our supporting OS's up front.
- name: Install HAProxy Packages
package:
name: "{{ haproxy_distro_pre_packages }}"
state: "{{ haproxy_package_state }}"
update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
register: install_pre_packages
until: install_pre_packages is success
retries: 5
delay: 2
# NOTE(cloudnull): # NOTE(cloudnull):
# While the haproxy distro packages provide for an haproxy # While the haproxy distro packages provide for an haproxy
# group this group is being created upfront to support # group this group is being created upfront to support
@ -59,31 +43,6 @@
tags: tags:
- haproxy-user - haproxy-user
- name: create the system group
group:
name: "adm"
state: "present"
system: "yes"
tags:
- haproxy-dirs
- haproxy-logs
- name: Create haproxy log dir
file:
path: "{{ '/var/log/haproxy' | realpath }}"
state: directory
owner: "{{ haproxy_log_directory_owner }}"
group: adm
mode: "0755"
tags:
- haproxy-dirs
- haproxy-logs
- name: Remove conflicting distro packages
package:
name: "{{ haproxy_distro_packages_remove }}"
state: absent
- name: Create haproxy conf.d dir - name: Create haproxy conf.d dir
file: file:
path: "/etc/haproxy/conf.d" path: "/etc/haproxy/conf.d"

View File

@ -1,8 +1,7 @@
# {{ ansible_managed }} # {{ ansible_managed }}
global global
log 127.0.0.1 local0 log /dev/log local0
log 127.0.0.1 local1 notice
chroot /var/lib/haproxy chroot /var/lib/haproxy
user haproxy user haproxy
group haproxy group haproxy

View File

@ -16,16 +16,8 @@
## APT Cache options ## APT Cache options
cache_timeout: 600 cache_timeout: 600
haproxy_distro_pre_packages:
- rsyslog # Used for local logging
haproxy_distro_packages: haproxy_distro_packages:
- haproxy - haproxy
- netcat # Used for the Ansible haproxy module - netcat # Used for the Ansible haproxy module
- psmisc - psmisc
- vim-haproxy - vim-haproxy
# On Debian rsyslog runs as the "root" user, so have the
# HAProxy log directory be owned by the same user so that rsyslog can write
# HAProxy's logs to that directory.
haproxy_log_directory_owner: root

View File

@ -1,18 +0,0 @@
---
# Copyright 2017, SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
haproxy_distro_packages_remove: []
haproxy_log_directory_owner: haproxy

View File

@ -13,9 +13,6 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
haproxy_distro_pre_packages:
- rsyslog # Used for local logging
haproxy_distro_packages: haproxy_distro_packages:
- haproxy - haproxy
- nc # Used for the Ansible haproxy module - nc # Used for the Ansible haproxy module

View File

@ -13,15 +13,9 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
haproxy_distro_pre_packages:
- rsyslog # Used for local logging
haproxy_distro_packages: haproxy_distro_packages:
- apparmor-parser - apparmor-parser
- apparmor-profiles - apparmor-profiles
- apparmor-utils - apparmor-utils
- haproxy - haproxy
- netcat # Used for the Ansible haproxy module - netcat # Used for the Ansible haproxy module
haproxy_distro_packages_remove:
- systemd-logger # conflicts with rsyslog

View File

@ -16,16 +16,8 @@
## APT Cache options ## APT Cache options
cache_timeout: 600 cache_timeout: 600
haproxy_distro_pre_packages:
- rsyslog # Used for local logging
haproxy_distro_packages: haproxy_distro_packages:
- haproxy - haproxy
- netcat # Used for the Ansible haproxy module - netcat # Used for the Ansible haproxy module
- psmisc - psmisc
- vim-haproxy - vim-haproxy
# On Ubuntu 16.04 and 18.04 rsyslog runs as the "syslog" user, so have the
# HAProxy log directory be owned by the same user so that rsyslog can write
# HAProxy's logs to that directory.
haproxy_log_directory_owner: syslog