diff --git a/puppet/files/rsyslog/20-swift.conf b/puppet/files/rsyslog/20-swift.conf new file mode 100644 index 0000000000000000000000000000000000000000..c48688e8b74de2495745176c006a5317c7e89408 --- /dev/null +++ b/puppet/files/rsyslog/20-swift.conf @@ -0,0 +1,18 @@ +$fileOwner swift + +if $programname contains 'account' then /var/log/swift/account.log +if $programname contains 'account' then stop + +if $programname contains 'container' then /var/log/swift/container.log +if $programname contains 'container' then stop + +if $programname contains 'object' then /var/log/swift/object.log +if $programname contains 'object' then stop + +if $programname contains 'proxy' then /var/log/swift/proxy.log +if $programname contains 'proxy' then stop + +if $programname contains 'swift' then /var/log/swift/swift.log +if $programname contains 'swift' then stop + +$fileOwner root diff --git a/puppet/manifests/swiftcommon.pp b/puppet/manifests/swiftcommon.pp index 867db57e76b86a62b4fa39db8ef3307003db0d03..ff1b2515827b2075c2f835562ce7f94fb71bb07c 100644 --- a/puppet/manifests/swiftcommon.pp +++ b/puppet/manifests/swiftcommon.pp @@ -1,119 +1,52 @@ class oci::swiftcommon( ){ + package { 'swift-drive-audit': + ensure => present, + } + + swift_drive_audit_config { + 'drive-audit/log_file_pattern': value => '/var/log/kern-legacy.*[!.][!g][!z]'; + } + + file { '/etc/rsyslog.d/10-kern-legacy.conf': + ensure => present, + source => 'puppet:///modules/oci/rsyslog/10-kern-legacy.conf', + path => '/etc/rsyslog.d/10-kern-legacy.conf', + group => 'root', + owner => 'root', + mode => '0644', + require => [Package['rsyslog']], + notify => Service['rsyslog'], + } + + logrotate::rule { 'kern-legacy': + path => '/var/log/kern-legacy.log', + rotate => '4', + rotate_every => 'week', + missingok => true, + ifempty => false, + compress => true, + delaycompress => true, + postrotate => '/usr/lib/rsyslog/rsyslog-rotate', + } + + file { '/etc/rsyslog.d/swift.conf': + ensure => absent, + } + + file { '/etc/rsyslog.d/20-swift.conf': + ensure => present, + source => "puppet:///modules/oci/rsyslog/20-swift.conf", + require => [Package['rsyslog'], File['/var/log/swift']], + notify => Service['rsyslog'], + } + + # setgid so created files inherit the group file { '/var/log/swift': ensure => directory, - mode => '0750', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-account-auditor.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-account.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-account-reaper.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-account-replicator.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-container-auditor.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-container.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-container-reconciler.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-container-replicator.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-container-sync.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-container-updater.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-proxy.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-object.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-object-auditor.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-object-replicator.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-object-updater.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/object.log': - ensure => file, - mode => '0640', - owner => 'swift', - group => 'adm', - }-> - file { '/var/log/swift/swift-drive-audit.log': - ensure => file, - mode => '0640', + mode => '2750', owner => 'swift', group => 'adm', } - -} \ No newline at end of file +} diff --git a/puppet/manifests/swiftproxy.pp b/puppet/manifests/swiftproxy.pp index 3f8fd9afea0391dbc323a49ec477ba5329ea6e23..a58cc1cb4b63f6914c0897dc5fd4b835f8ee82af 100644 --- a/puppet/manifests/swiftproxy.pp +++ b/puppet/manifests/swiftproxy.pp @@ -817,36 +817,21 @@ EnvironmentFile=/etc/swift/swift-proxy.enviroment", } } - package { 'swift-drive-audit': - ensure => present, - } - - file { '/etc/rsyslog.d/10-kern-legacy.conf': - ensure => present, - source => 'puppet:///modules/oci/rsyslog/10-kern-legacy.conf', - path => '/etc/rsyslog.d/10-kern-legacy.conf', - group => 'root', - owner => 'root', - mode => '0644', - require => [Package['rsyslog']], + # update Rsyslog HAProxy priority to avoid log mess between HAProxy & Swift proxy + exec { 'move-haproxy-rsyslog-priority': + command => 'cp /etc/rsyslog.d/49-haproxy.conf /etc/rsyslog.d/15-haproxy.conf', + onlyif => 'test -e /etc/rsyslog.d/49-haproxy.conf', + creates => '/etc/rsyslog.d/15-haproxy.conf', + path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], + } + + exec { 'remove-default-configuration': + command => 'rm /etc/rsyslog.d/49-haproxy.conf', + onlyif => 'test -e /etc/rsyslog.d/49-haproxy.conf', + path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], notify => Service['rsyslog'], } - logrotate::rule { 'kern-legacy': - path => '/var/log/kern-legacy.log', - rotate => '4', - rotate_every => 'week', - missingok => true, - ifempty => false, - compress => true, - delaycompress => true, - postrotate => '/usr/lib/rsyslog/rsyslog-rotate', - } - - swift_drive_audit_config { - 'drive-audit/log_file_pattern': value => '/var/log/kern-legacy.*[!.][!g][!z]'; - } - if $swift_store_account { $rings1 = [ 'account' ] }else{ diff --git a/puppet/manifests/swiftstore.pp b/puppet/manifests/swiftstore.pp index 26bc3285b2ca97246bfa6310049c82c8eb13800b..4f614096fc42e6ce79f5098c1a6a4f5bde31ca53 100644 --- a/puppet/manifests/swiftstore.pp +++ b/puppet/manifests/swiftstore.pp @@ -277,36 +277,6 @@ class oci::swiftstore( } } - package { 'swift-drive-audit': - ensure => present, - } - - file { '/etc/rsyslog.d/10-kern-legacy.conf': - ensure => present, - source => 'puppet:///modules/oci/rsyslog/10-kern-legacy.conf', - path => '/etc/rsyslog.d/10-kern-legacy.conf', - group => 'root', - owner => 'root', - mode => '0644', - require => [Package['rsyslog']], - notify => Service['rsyslog'], - } - - logrotate::rule { 'kern-legacy': - path => '/var/log/kern-legacy.log', - rotate => '4', - rotate_every => 'week', - missingok => true, - ifempty => false, - compress => true, - delaycompress => true, - postrotate => '/usr/lib/rsyslog/rsyslog-rotate', - } - - swift_drive_audit_config { - 'drive-audit/log_file_pattern': value => '/var/log/kern-legacy.*[!.][!g][!z]'; - } - if $swift_store_account { $rings1 = [ 'account' ] }else{