Add option for keystone containers to log to stdout/stderr

This adds the option to get the keystone containers to log to stdout.
The option is disabled by default.

If enabled, It also adds a sidecar container that reads the apache
access logs.

bp logging-stdout-rsyslog

Depends-On: I4250ebce75933c8fb3f85b9efdb3e2ade392a60c
Change-Id: Ibb633731a60a16d595d10d38a79ec284da18c5c2
This commit is contained in:
Juan Antonio Osorio Robles 2017-09-29 13:51:07 +00:00
parent 2a7efbada6
commit e5f0113f6f
5 changed files with 116 additions and 20 deletions

@ -68,6 +68,9 @@ resources:
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
KeystoneLogging:
type: OS::TripleO::Services::Logging::Keystone
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
@ -80,6 +83,7 @@ outputs:
config_settings:
map_merge:
- get_attr: [KeystoneBase, role_data, config_settings]
- get_attr: [KeystoneLogging, config_settings]
- apache::default_vhost: false
logging_source: {get_attr: [KeystoneBase, role_data, logging_source]}
logging_groups: {get_attr: [KeystoneBase, role_data, logging_groups]}
@ -120,16 +124,19 @@ outputs:
docker_config:
# Kolla_bootstrap/db sync runs before permissions set by kolla_config
step_2:
keystone_init_log:
image: &keystone_image {get_param: DockerKeystoneImage}
user: root
command: ['/bin/bash', '-c', 'chown -R keystone:keystone /var/log/keystone']
volumes:
- /var/log/containers/keystone:/var/log/keystone
- /var/log/containers/httpd/keystone:/var/log/httpd
map_merge:
-
keystone_init_log:
start_order: 1
image: {get_param: DockerKeystoneImage}
user: root
command: ['/bin/bash', '-c', 'chown -R keystone:keystone /var/log/keystone']
volumes:
get_attr: [KeystoneLogging, volumes]
- get_attr: [KeystoneLogging, docker_config, step_2]
step_3:
keystone_db_sync:
image: *keystone_image
image: &keystone_image {get_param: DockerKeystoneImage}
net: host
user: root
privileged: false
@ -137,11 +144,10 @@ outputs:
volumes: &keystone_volumes
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [KeystoneLogging, volumes]}
-
- /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/keystone:/var/log/keystone
- /var/log/containers/httpd/keystone:/var/log/httpd
-
if:
- internal_tls_enabled
@ -184,11 +190,10 @@ outputs:
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}
- {get_attr: [KeystoneLogging, volumes]}
-
- /var/lib/kolla/config_files/keystone_cron.json:/var/lib/kolla/config_files/config.json:ro
- /var/lib/config-data/puppet-generated/keystone/:/var/lib/kolla/config_files/src:ro
- /var/log/containers/keystone:/var/log/keystone
- /var/log/containers/httpd/keystone:/var/log/httpd
environment:
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
docker_puppet_tasks:
@ -198,14 +203,7 @@ outputs:
puppet_tags: 'keystone_config,keystone_domain_config,keystone_endpoint,keystone_identity_provider,keystone_paste_ini,keystone_role,keystone_service,keystone_tenant,keystone_user,keystone_user_role,keystone_domain'
step_config: 'include ::tripleo::profile::base::keystone'
config_image: *keystone_config_image
host_prep_tasks:
- name: create persistent logs directory
file:
path: "{{ item }}"
state: directory
with_items:
- /var/log/containers/keystone
- /var/log/containers/httpd/keystone
host_prep_tasks: {get_attr: [KeystoneLogging, host_prep_tasks]}
upgrade_tasks:
- name: Stop and disable keystone service (running under httpd)
tags: step2

@ -0,0 +1,32 @@
heat_template_version: pike
description: >
OpenStack containerized Keystone service
parameters:
DockerKeystoneImage:
description: image
type: string
outputs:
config_settings:
description: Extra hieradata needed to log to files in the host.
value: null
docker_config:
description: Extra containers needed for logging to files in the host.
value: {}
volumes:
description: The volumes needed to log to files in the host.
value:
- /var/log/containers/keystone:/var/log/keystone
- /var/log/containers/httpd/keystone:/var/log/httpd
host_prep_tasks:
description: Extra ansible tasks needed for logging to files in the host.
value:
- name: create persistent logs directory
file:
path: "{{ item }}"
state: directory
with_items:
- /var/log/containers/keystone
- /var/log/containers/httpd/keystone

@ -0,0 +1,60 @@
heat_template_version: pike
description: >
OpenStack containerized Keystone service
parameters:
DockerKeystoneImage:
description: image
type: string
outputs:
config_settings:
description: Extra hieradata needed to log to stdout.
value:
keystone::wsgi::apache::access_log_file: /var/log/httpd/access.log
keystone::wsgi::apache::error_log_file: /var/log/httpd/error_log
docker_config:
description: Extra containers needed for logging to stdout or a sidecar container.
value:
step_2:
keystone_apache_error_logs:
start_order: 1
image: {get_param: DockerKeystoneImage}
user: root
privileged: false
restart: always
healthcheck:
test: '[ -p /var/log/httpd/error_log ]'
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done']
volumes:
- KeystoneLogs:/var/log/
keystone_apache_access_logs:
start_order: 1
image: {get_param: DockerKeystoneImage}
user: root
privileged: false
restart: always
healthcheck:
test: '[ -p /var/log/httpd/access.log ]'
command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done']
volumes:
- KeystoneLogs:/var/log/
keystone_logs:
start_order: 2
image: {get_param: DockerKeystoneImage}
user: keystone
privileged: false
restart: always
healthcheck:
test: '[ -p /var/log/keystone/keystone.log ]'
command: ['/bin/bash', '-c', 'mkdir -p /var/log/keystone && rm -f /var/log/keystone/keystone.log && mkfifo /var/log/keystone/keystone.log && while true; do cat /var/log/keystone/keystone.log; done']
volumes:
- KeystoneLogs:/var/log/
volumes:
description: The volumes needed to log to stdout or a sidecar container.
value:
- KeystoneLogs:/var/log/
host_prep_tasks:
description: Extra ansible tasks needed for logging to files in the host.
value: null

@ -0,0 +1,3 @@
resource_registry:
OS::TripleO::Services::Logging::Keystone: ../docker/services/logging/stdout/keystone.yaml

@ -298,6 +298,9 @@ resource_registry:
OS::TripleO::Services::SkydiveAgent: OS::Heat::None
OS::TripleO::Services::SkydiveAnalyzer: OS::Heat::None
# Logging
OS::TripleO::Services::Logging::Keystone: docker/services/logging/files/keystone.yaml
parameter_defaults:
EnablePackageInstall: false
SoftwareConfigTransport: POLL_TEMP_URL