From 03354bc99e7bf4c162e27f287d3399236762f871 Mon Sep 17 00:00:00 2001
From: Tatsuma Matsuki <matsuki.tatsuma@jp.fujitsu.com>
Date: Tue, 5 Sep 2017 00:27:19 +0000
Subject: [PATCH] Add fluentd enable option
This change adds enable_fluentd option and enables some other log shippers
to be integrated. When enable_fluentd is "no", syslog server is also disabled.
Then, this change also adds syslog parameters to use a syslog server
prepared by users.
Change-Id: I7c83ef7fe30a6b9ab7385bcee953ad07e96b0a83
Implements: blueprint fluentd-enable-option
---
ansible/group_vars/all.yml | 3 +++
ansible/roles/common/defaults/main.yml | 6 +++++
ansible/roles/common/handlers/main.yml | 3 +++
ansible/roles/common/tasks/config.yml | 24 +++++++++++++++----
.../templates/conf/output/00-local.conf.j2 | 4 ++--
ansible/roles/haproxy/defaults/main.yml | 3 +++
.../roles/haproxy/templates/haproxy.cfg.j2 | 2 +-
ansible/roles/swift/defaults/main.yml | 3 +++
ansible/roles/swift/templates/account.conf.j2 | 6 ++---
.../roles/swift/templates/container.conf.j2 | 6 ++---
ansible/roles/swift/templates/object.conf.j2 | 6 ++---
.../swift/templates/proxy-server.conf.j2 | 6 ++---
doc/source/user/advanced-configuration.rst | 19 +++++++++++++++
etc/kolla/globals.yml | 1 +
14 files changed, 73 insertions(+), 19 deletions(-)
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index a7de1e6d59..bfd37c7afe 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -257,6 +257,8 @@ swift_account_server_port: "6001"
swift_container_server_port: "6002"
swift_rsync_port: "10873"
+syslog_udp_port: "{{ fluentd_syslog_port }}"
+
tacker_server_port: "9890"
trove_api_port: "8779"
@@ -346,6 +348,7 @@ enable_cloudkitty: "no"
enable_congress: "no"
enable_designate: "no"
enable_etcd: "no"
+enable_fluentd: "yes"
enable_freezer: "no"
enable_gnocchi: "no"
enable_grafana: "no"
diff --git a/ansible/roles/common/defaults/main.yml b/ansible/roles/common/defaults/main.yml
index 850af87d6f..82f6c1d575 100644
--- a/ansible/roles/common/defaults/main.yml
+++ b/ansible/roles/common/defaults/main.yml
@@ -6,6 +6,7 @@ common_run: False
common_services:
fluentd:
container_name: fluentd
+ enabled: "{{ enable_fluentd | bool }}"
image: "{{ fluentd_image_full }}"
environment:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
@@ -15,6 +16,7 @@ common_services:
- "kolla_logs:/var/log/kolla/"
kolla-toolbox:
container_name: kolla_toolbox
+ enabled: True
image: "{{ kolla_toolbox_image_full }}"
environment:
ANSIBLE_NOCOLOR: "1"
@@ -29,6 +31,7 @@ common_services:
# DUMMY_ENVIRONMENT is needed because empty environment is not supported
cron:
container_name: cron
+ enabled: True
image: "{{ cron_image_full }}"
environment:
DUMMY_ENVIRONMENT: kolla_useless_env
@@ -56,3 +59,6 @@ fluentd_image_full: "{{ fluentd_image }}:{{ fluentd_tag }}"
kubetoolbox_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-kubetoolbox"
kubetoolbox_tag: "{{ openstack_release }}"
kubetoolbox_image_full: "{{ kubetoolbox_image }}:{{ kubetoolbox_tag }}"
+
+syslog_swift_facility: "local0"
+syslog_haproxy_facility: "local1"
diff --git a/ansible/roles/common/handlers/main.yml b/ansible/roles/common/handlers/main.yml
index 9aef59e5af..c580ab5246 100644
--- a/ansible/roles/common/handlers/main.yml
+++ b/ansible/roles/common/handlers/main.yml
@@ -14,6 +14,7 @@
environment: "{{ service.environment }}"
when:
- action != "config"
+ - service.enabled | bool
- config_json.changed | bool
or fluentd_input.changed | bool
or fluentd_output.changed | bool
@@ -39,6 +40,7 @@
environment: "{{ service.environment }}"
when:
- action != "config"
+ - service.enabled | bool
- config_json.changed | bool
or kolla_toolbox_container.changed | bool
notify:
@@ -63,6 +65,7 @@
environment: "{{ service.environment }}"
when:
- action != "config"
+ - service.enabled | bool
- config_json.changed | bool
or cron_confs.changed | bool
or check_common_containers.changed | bool
diff --git a/ansible/roles/common/tasks/config.yml b/ansible/roles/common/tasks/config.yml
index 721bc4d753..b6e4ccc734 100644
--- a/ansible/roles/common/tasks/config.yml
+++ b/ansible/roles/common/tasks/config.yml
@@ -1,5 +1,15 @@
---
- name: Ensuring config directories exist
+ file:
+ path: "{{ node_config_directory }}/{{ item }}"
+ state: "directory"
+ recurse: yes
+ with_items:
+ - "kolla-toolbox"
+ - "cron"
+ - "cron/logrotate"
+
+- name: Ensuring fluentd config directories exist
file:
path: "{{ node_config_directory }}/{{ item }}"
state: "directory"
@@ -10,15 +20,14 @@
- "fluentd/output"
- "fluentd/format"
- "fluentd/filter"
- - "kolla-toolbox"
- - "cron"
- - "cron/logrotate"
+ when: enable_fluentd | bool
- name: Copying over config.json files for services
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
register: common_config_jsons
+ when: item.value.enabled | bool
with_dict: "{{ common_services }}"
notify:
- "Restart {{ item.key }} container"
@@ -28,6 +37,7 @@
src: "conf/input/{{ item }}.conf.j2"
dest: "{{ node_config_directory }}/fluentd/input/{{ item }}.conf"
register: fluentd_input
+ when: enable_fluentd | bool
with_items:
- "00-global"
- "01-syslog"
@@ -43,7 +53,9 @@
src: "conf/output/{{ item.name }}.conf.j2"
dest: "{{ node_config_directory }}/fluentd/output/{{ item.name }}.conf"
register: fluentd_output
- when: item.enabled | bool
+ when:
+ - enable_fluentd | bool
+ - item.enabled | bool
with_items:
- name: "00-local"
enabled: true
@@ -78,6 +90,7 @@
with_items:
- "apache_access"
- "wsgi_access"
+ when: enable_fluentd | bool
notify:
- Restart fluentd container
@@ -89,6 +102,7 @@
with_items:
- "00-record_transformer"
- "01-rewrite"
+ when: enable_fluentd | bool
notify:
- Restart fluentd container
@@ -99,6 +113,7 @@
register: fluentd_td_agent
with_items:
- "fluentd"
+ when: enable_fluentd | bool
notify:
- Restart fluentd container
@@ -177,6 +192,7 @@
register: check_common_containers
when:
- action != "config"
+ - item.value.enabled | bool
with_dict: "{{ common_services }}"
notify:
- "Restart {{ item.key }} container"
diff --git a/ansible/roles/common/templates/conf/output/00-local.conf.j2 b/ansible/roles/common/templates/conf/output/00-local.conf.j2
index 5e30f575e6..22d2ba76bb 100644
--- a/ansible/roles/common/templates/conf/output/00-local.conf.j2
+++ b/ansible/roles/common/templates/conf/output/00-local.conf.j2
@@ -1,4 +1,4 @@
-<match syslog.local0.**>
+<match syslog.{{ syslog_swift_facility }}.**>
@type copy
<store>
@type file
@@ -20,7 +20,7 @@
{% endif %}
</match>
-<match syslog.local1.**>
+<match syslog.{{ syslog_haproxy_facility }}.**>
@type copy
<store>
@type file
diff --git a/ansible/roles/haproxy/defaults/main.yml b/ansible/roles/haproxy/defaults/main.yml
index b38a9aea98..ab75993a8e 100644
--- a/ansible/roles/haproxy/defaults/main.yml
+++ b/ansible/roles/haproxy/defaults/main.yml
@@ -41,3 +41,6 @@ haproxy_server_timeout: "1m"
haproxy_glance_api_client_timeout: "6h"
haproxy_glance_api_server_timeout: "6h"
+
+syslog_server: "{{ api_interface_address }}"
+syslog_haproxy_facility: "local1"
diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2
index e447b1cbb5..837ec8630e 100644
--- a/ansible/roles/haproxy/templates/haproxy.cfg.j2
+++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2
@@ -4,7 +4,7 @@ global
user haproxy
group haproxy
daemon
- log {{ api_interface_address }}:{{ fluentd_syslog_port }} local1
+ log {{ syslog_server }}:{{ syslog_udp_port }} {{ syslog_haproxy_facility }}
maxconn 4000
stats socket /var/lib/kolla/haproxy/haproxy.sock
{% if kolla_enable_tls_external | bool %}
diff --git a/ansible/roles/swift/defaults/main.yml b/ansible/roles/swift/defaults/main.yml
index 78e5c740f0..d433fbe51a 100644
--- a/ansible/roles/swift/defaults/main.yml
+++ b/ansible/roles/swift/defaults/main.yml
@@ -48,3 +48,6 @@ swift_devices_match_mode: "strict"
swift_devices_name: "KOLLA_SWIFT_DATA"
openstack_swift_auth: "{{ openstack_auth }}"
+
+syslog_server: "{{ api_interface_address }}"
+syslog_swift_facility: "local0"
diff --git a/ansible/roles/swift/templates/account.conf.j2 b/ansible/roles/swift/templates/account.conf.j2
index 89ec687a79..1e03fdecdc 100644
--- a/ansible/roles/swift/templates/account.conf.j2
+++ b/ansible/roles/swift/templates/account.conf.j2
@@ -3,10 +3,10 @@ bind_ip = {{ hostvars[inventory_hostname]['ansible_' + storage_interface]['ipv4'
bind_port = {{ swift_account_server_port }}
devices = {{ swift_devices_mount_point }}
mount_check = false
-log_udp_host = {{ api_interface_address }}
-log_udp_port = {{ fluentd_syslog_port }}
+log_udp_host = {{ syslog_server }}
+log_udp_port = {{ syslog_udp_port }}
log_name = {{ service_name }}
-log_facility = LOG_LOCAL0
+log_facility = {{ syslog_swift_facility }}
log_level = INFO
workers = {{ openstack_service_workers }}
diff --git a/ansible/roles/swift/templates/container.conf.j2 b/ansible/roles/swift/templates/container.conf.j2
index b651811190..cd3a3d5423 100644
--- a/ansible/roles/swift/templates/container.conf.j2
+++ b/ansible/roles/swift/templates/container.conf.j2
@@ -3,10 +3,10 @@ bind_ip = {{ hostvars[inventory_hostname]['ansible_' + storage_interface]['ipv4'
bind_port = {{ swift_container_server_port }}
devices = {{ swift_devices_mount_point }}
mount_check = false
-log_udp_host = {{ api_interface_address }}
-log_udp_port = {{ fluentd_syslog_port }}
+log_udp_host = {{ syslog_server }}
+log_udp_port = {{ syslog_udp_port }}
log_name = {{ service_name }}
-log_facility = LOG_LOCAL0
+log_facility = {{ syslog_swift_facility }}
log_level = INFO
workers = {{ openstack_service_workers }}
diff --git a/ansible/roles/swift/templates/object.conf.j2 b/ansible/roles/swift/templates/object.conf.j2
index b2fd60ef74..af18bdf2a6 100644
--- a/ansible/roles/swift/templates/object.conf.j2
+++ b/ansible/roles/swift/templates/object.conf.j2
@@ -4,10 +4,10 @@ bind_port = {{ swift_object_server_port }}
devices = {{ swift_devices_mount_point }}
mount_check = false
-log_udp_host = {{ api_interface_address }}
-log_udp_port = {{ fluentd_syslog_port }}
+log_udp_host = {{ syslog_server }}
+log_udp_port = {{ syslog_udp_port }}
log_name = {{ service_name }}
-log_facility = LOG_LOCAL0
+log_facility = {{ syslog_swift_facility }}
log_level = INFO
workers = {{ openstack_service_workers }}
diff --git a/ansible/roles/swift/templates/proxy-server.conf.j2 b/ansible/roles/swift/templates/proxy-server.conf.j2
index 117f54ed60..3527398369 100644
--- a/ansible/roles/swift/templates/proxy-server.conf.j2
+++ b/ansible/roles/swift/templates/proxy-server.conf.j2
@@ -2,10 +2,10 @@
bind_ip = {{ api_interface_address }}
bind_port = {{ swift_proxy_server_port }}
-log_udp_host = {{ api_interface_address }}
-log_udp_port = {{ fluentd_syslog_port }}
+log_udp_host = {{ syslog_server }}
+log_udp_port = {{ syslog_udp_port }}
log_name = {{ service_name }}
-log_facility = LOG_LOCAL0
+log_facility = {{ syslog_swift_facility }}
log_level = INFO
workers = {{ openstack_service_workers }}
diff --git a/doc/source/user/advanced-configuration.rst b/doc/source/user/advanced-configuration.rst
index 05112494de..8d5b7f9251 100644
--- a/doc/source/user/advanced-configuration.rst
+++ b/doc/source/user/advanced-configuration.rst
@@ -240,3 +240,22 @@ For example:
As <service>_port value is saved in different services' configuration so
it's advised to make above change before deploying.
+
+Use an external Syslog server
+=============================
+
+By default, Fluentd is used as a syslog server to collect Swift and HAProxy
+logs. When Fluentd is disabled or you want to use an external syslog server,
+You can set syslog parameters in ``globals.yml`` file.
+For example:
+::
+
+ syslog_server: "172.29.9.145"
+ syslog_udp_port: "514"
+
+You can also set syslog facility names for Swift and HAProxy logs. By default,
+Swift and HAProxy use ``local0`` and ``local1``, respectively.
+::
+
+ syslog_swift_facility: "local0"
+ syslog_haproxy_facility: "local1"
diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml
index 17773b642c..f03b055c8b 100644
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@@ -145,6 +145,7 @@ kolla_internal_vip_address: "10.10.10.254"
#enable_designate: "no"
#enable_destroy_images: "no"
#enable_etcd: "no"
+#enable_fluentd: "yes"
#enable_freezer: "no"
#enable_gnocchi: "no"
#enable_grafana: "no"