Add option for keystone containers to log to stdout/stderr
This adds the option to get the keystone containers to log to stdout. The option is disabled by default. If enabled, It also adds a sidecar container that reads the apache access logs. bp logging-stdout-rsyslog Depends-On: I4250ebce75933c8fb3f85b9efdb3e2ade392a60c Change-Id: Ibb633731a60a16d595d10d38a79ec284da18c5c2
This commit is contained in:
parent
2a7efbada6
commit
e5f0113f6f
@ -68,6 +68,9 @@ resources:
|
||||
RoleName: {get_param: RoleName}
|
||||
RoleParameters: {get_param: RoleParameters}
|
||||
|
||||
KeystoneLogging:
|
||||
type: OS::TripleO::Services::Logging::Keystone
|
||||
|
||||
conditions:
|
||||
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
@ -80,6 +83,7 @@ outputs:
|
||||
config_settings:
|
||||
map_merge:
|
||||
- get_attr: [KeystoneBase, role_data, config_settings]
|
||||
- get_attr: [KeystoneLogging, config_settings]
|
||||
- apache::default_vhost: false
|
||||
logging_source: {get_attr: [KeystoneBase, role_data, logging_source]}
|
||||
logging_groups: {get_attr: [KeystoneBase, role_data, logging_groups]}
|
||||
@ -120,16 +124,19 @@ outputs:
|
||||
docker_config:
|
||||
# Kolla_bootstrap/db sync runs before permissions set by kolla_config
|
||||
step_2:
|
||||
keystone_init_log:
|
||||
image: &keystone_image {get_param: DockerKeystoneImage}
|
||||
user: root
|
||||
command: ['/bin/bash', '-c', 'chown -R keystone:keystone /var/log/keystone']
|
||||
volumes:
|
||||
- /var/log/containers/keystone:/var/log/keystone
|
||||
- /var/log/containers/httpd/keystone:/var/log/httpd
|
||||
map_merge:
|
||||
-
|
||||
keystone_init_log:
|
||||
start_order: 1
|
||||
image: {get_param: DockerKeystoneImage}
|
||||
user: root
|
||||
command: ['/bin/bash', '-c', 'chown -R keystone:keystone /var/log/keystone']
|
||||
volumes:
|
||||
get_attr: [KeystoneLogging, volumes]
|
||||
- get_attr: [KeystoneLogging, docker_config, step_2]
|
||||
step_3:
|
||||
keystone_db_sync:
|
||||
image: *keystone_image
|
||||
image: &keystone_image {get_param: DockerKeystoneImage}
|
||||
net: host
|
||||
user: root
|
||||
privileged: false
|
||||
@ -137,11 +144,10 @@ outputs:
|
||||
volumes: &keystone_volumes
|
||||
list_concat:
|
||||
- {get_attr: [ContainersCommon, volumes]}
|
||||
- {get_attr: [KeystoneLogging, volumes]}
|
||||
-
|
||||
- /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro
|
||||
- /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
|
||||
- /var/log/containers/keystone:/var/log/keystone
|
||||
- /var/log/containers/httpd/keystone:/var/log/httpd
|
||||
-
|
||||
if:
|
||||
- internal_tls_enabled
|
||||
@ -184,11 +190,10 @@ outputs:
|
||||
volumes:
|
||||
list_concat:
|
||||
- {get_attr: [ContainersCommon, volumes]}
|
||||
- {get_attr: [KeystoneLogging, volumes]}
|
||||
-
|
||||
- /var/lib/kolla/config_files/keystone_cron.json:/var/lib/kolla/config_files/config.json:ro
|
||||
- /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
|
||||
- /var/log/containers/keystone:/var/log/keystone
|
||||
- /var/log/containers/httpd/keystone:/var/log/httpd
|
||||
environment:
|
||||
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
||||
docker_puppet_tasks:
|
||||
@ -198,14 +203,7 @@ outputs:
|
||||
puppet_tags: 'keystone_config,keystone_domain_config,keystone_endpoint,keystone_identity_provider,keystone_paste_ini,keystone_role,keystone_service,keystone_tenant,keystone_user,keystone_user_role,keystone_domain'
|
||||
step_config: 'include ::tripleo::profile::base::keystone'
|
||||
config_image: *keystone_config_image
|
||||
host_prep_tasks:
|
||||
- name: create persistent logs directory
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- /var/log/containers/keystone
|
||||
- /var/log/containers/httpd/keystone
|
||||
host_prep_tasks: {get_attr: [KeystoneLogging, host_prep_tasks]}
|
||||
upgrade_tasks:
|
||||
- name: Stop and disable keystone service (running under httpd)
|
||||
tags: step2
|
||||
|
32
docker/services/logging/files/keystone.yaml
Normal file
32
docker/services/logging/files/keystone.yaml
Normal file
@ -0,0 +1,32 @@
|
||||
heat_template_version: pike
|
||||
|
||||
description: >
|
||||
OpenStack containerized Keystone service
|
||||
|
||||
parameters:
|
||||
DockerKeystoneImage:
|
||||
description: image
|
||||
type: string
|
||||
|
||||
outputs:
|
||||
config_settings:
|
||||
description: Extra hieradata needed to log to files in the host.
|
||||
value: null
|
||||
docker_config:
|
||||
description: Extra containers needed for logging to files in the host.
|
||||
value: {}
|
||||
volumes:
|
||||
description: The volumes needed to log to files in the host.
|
||||
value:
|
||||
- /var/log/containers/keystone:/var/log/keystone
|
||||
- /var/log/containers/httpd/keystone:/var/log/httpd
|
||||
host_prep_tasks:
|
||||
description: Extra ansible tasks needed for logging to files in the host.
|
||||
value:
|
||||
- name: create persistent logs directory
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- /var/log/containers/keystone
|
||||
- /var/log/containers/httpd/keystone
|
60
docker/services/logging/stdout/keystone.yaml
Normal file
60
docker/services/logging/stdout/keystone.yaml
Normal file
@ -0,0 +1,60 @@
|
||||
heat_template_version: pike
|
||||
|
||||
description: >
|
||||
OpenStack containerized Keystone service
|
||||
|
||||
parameters:
|
||||
DockerKeystoneImage:
|
||||
description: image
|
||||
type: string
|
||||
|
||||
outputs:
|
||||
config_settings:
|
||||
description: Extra hieradata needed to log to stdout.
|
||||
value:
|
||||
keystone::wsgi::apache::access_log_file: /var/log/httpd/access.log
|
||||
keystone::wsgi::apache::error_log_file: /var/log/httpd/error_log
|
||||
docker_config:
|
||||
description: Extra containers needed for logging to stdout or a sidecar container.
|
||||
value:
|
||||
step_2:
|
||||
keystone_apache_error_logs:
|
||||
start_order: 1
|
||||
image: {get_param: DockerKeystoneImage}
|
||||
user: root
|
||||
privileged: false
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: '[ -p /var/log/httpd/error_log ]'
|
||||
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done']
|
||||
volumes:
|
||||
- KeystoneLogs:/var/log/
|
||||
keystone_apache_access_logs:
|
||||
start_order: 1
|
||||
image: {get_param: DockerKeystoneImage}
|
||||
user: root
|
||||
privileged: false
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: '[ -p /var/log/httpd/access.log ]'
|
||||
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done']
|
||||
volumes:
|
||||
- KeystoneLogs:/var/log/
|
||||
keystone_logs:
|
||||
start_order: 2
|
||||
image: {get_param: DockerKeystoneImage}
|
||||
user: keystone
|
||||
privileged: false
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: '[ -p /var/log/keystone/keystone.log ]'
|
||||
command: ['/bin/bash', '-c', 'mkdir -p /var/log/keystone && rm -f /var/log/keystone/keystone.log && mkfifo /var/log/keystone/keystone.log && while true; do cat /var/log/keystone/keystone.log; done']
|
||||
volumes:
|
||||
- KeystoneLogs:/var/log/
|
||||
volumes:
|
||||
description: The volumes needed to log to stdout or a sidecar container.
|
||||
value:
|
||||
- KeystoneLogs:/var/log/
|
||||
host_prep_tasks:
|
||||
description: Extra ansible tasks needed for logging to files in the host.
|
||||
value: null
|
3
environments/stdout-logging.yaml
Normal file
3
environments/stdout-logging.yaml
Normal file
@ -0,0 +1,3 @@
|
||||
resource_registry:
|
||||
|
||||
OS::TripleO::Services::Logging::Keystone: ../docker/services/logging/stdout/keystone.yaml
|
@ -298,6 +298,9 @@ resource_registry:
|
||||
OS::TripleO::Services::SkydiveAgent: OS::Heat::None
|
||||
OS::TripleO::Services::SkydiveAnalyzer: OS::Heat::None
|
||||
|
||||
# Logging
|
||||
OS::TripleO::Services::Logging::Keystone: docker/services/logging/files/keystone.yaml
|
||||
|
||||
parameter_defaults:
|
||||
EnablePackageInstall: false
|
||||
SoftwareConfigTransport: POLL_TEMP_URL
|
||||
|
Loading…
x
Reference in New Issue
Block a user