Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
systemsmanagement:Ardana:8:CentOS
ardana-logging
ardana-logging-8.0+git.1610573640.452aed1.obscpio
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ardana-logging-8.0+git.1610573640.452aed1.obscpio of Package ardana-logging
07070100000000000081A40000000000000000000000015FFF674800000083000000000000000000000000000000000000003500000000ardana-logging-8.0+git.1610573640.452aed1/.gitreview[gerrit] host=gerrit.suse.provo.cloud port=29418 project=ardana/logging-ansible.git defaultremote=ardana defaultbranch=stable/pike 07070100000001000081A40000000000000000000000015FFF67480000000C000000000000000000000000000000000000003800000000ardana-logging-8.0+git.1610573640.452aed1/.rsync-filter- ardana-ci 07070100000002000081A40000000000000000000000015FFF67480000279F000000000000000000000000000000000000003200000000ardana-logging-8.0+git.1610573640.452aed1/LICENSE Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. 07070100000003000081A40000000000000000000000015FFF6748000004F2000000000000000000000000000000000000003400000000ardana-logging-8.0+git.1610573640.452aed1/README.md# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # README ====== This repo contains the following roles: - kronos-api: Management for kronos api stack - logging-server: Management for kronos server stack - logging-monitor: Management for monitoring of kronos - logging-producer: Management for kronos producer stack The verbs: - configure - install - status - start - stop The operations: - deploy - reconfigure top-level playbooks (i.e. called by Ardana) - logging-deploy.yml - deploys kronos services - logging-start.yml - start kronos services - logging-stop.yml - stop kronos services - logging-status.yml - check kronos services - logging-upgrade.yml - upgrades kronos 07070100000004000081A40000000000000000000000015FFF6748000002E3000000000000000000000000000000000000004B00000000ardana-logging-8.0+git.1610573640.452aed1/_kronos-api-schedule-restart.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Schedule a restart of kronos-api services using ardana_notify_... variables - hosts: all tasks: - include: roles/kronos-api/tasks/_schedule_restart.yml07070100000005000081A40000000000000000000000015FFF6748000002EE000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/_kronos-producer-schedule-restart.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Schedule a restart of kronos-producer services using ardana_notify_... variables - hosts: all tasks: - include: roles/logging-producer/tasks/_schedule_restart.yml07070100000006000081A40000000000000000000000015FFF6748000002EA000000000000000000000000000000000000004E00000000ardana-logging-8.0+git.1610573640.452aed1/_kronos-server-schedule-restart.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Schedule a restart of kronos-server services using ardana_notify_... variables - hosts: all tasks: - include: roles/logging-server/tasks/_schedule_restart.yml07070100000007000081A40000000000000000000000015FFF674800000317000000000000000000000000000000000000004800000000ardana-logging-8.0+git.1610573640.452aed1/_logging-schedule-restart.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Schedule a restart of all services using ardana_notify_... variables - include: _kronos-api-schedule-restart.yml - include: _kronos-server-schedule-restart.yml - include: _kronos-producer-schedule-restart.yml 07070100000008000041ED0000000000000000000000045FFF674800000000000000000000000000000000000000000000003400000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci07070100000009000041ED0000000000000000000000035FFF674800000000000000000000000000000000000000000000003C00000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/project0707010000000A000041ED0000000000000000000000035FFF674800000000000000000000000000000000000000000000004800000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/project/input-model0707010000000B000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/project/input-model/data0707010000000C000081A40000000000000000000000015FFF674800000724000000000000000000000000000000000000005F00000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/project/input-model/data/control_plane.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 control-planes: - name: ccp control-plane-prefix: ccp region-name: region1 failure-zones: - AZ1 - AZ2 - AZ3 common-service-components: - lifecycle-manager-target - monasca-agent - logging-rotate - logging-producer clusters: - name: cluster0 cluster-prefix: c0 server-role: - SERVER1-ROLE - SERVER2-ROLE - SERVER3-ROLE member-count: 3 allocation-policy: strict service-components: - lifecycle-manager - openstack-client - ntp-server - mysql - ip-cluster - keystone-api - keystone-client - rabbitmq - memcached - zookeeper - kafka - vertica - storm - monasca-api - monasca-persister - monasca-notifier - monasca-threshold - monasca-client - tempest - monasca-liveness-check - logging-server - cassandra 0707010000000D000081A40000000000000000000000015FFF6748000005D4000000000000000000000000000000000000005900000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/project/input-model/data/servers.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 baremetal: netmask: 255.255.255.0 subnet: 192.168.110.0 server-interface: eth2 servers: - id: server1 ip-addr: 192.168.110.3 role: SERVER1-ROLE server-group: RACK1 mac-addr: b2:72:8d:ac:7c:6f ilo-ip: 192.168.109.3 ilo-password: password ilo-user: admin nic-mapping: VAGRANT - id: server2 ip-addr: 192.168.110.4 role: SERVER2-ROLE server-group: RACK2 mac-addr: 8a:8e:64:55:43:76 ilo-ip: 192.168.109.4 ilo-password: password ilo-user: admin nic-mapping: VAGRANT - id: server3 ip-addr: 192.168.110.5 role: SERVER3-ROLE server-group: RACK3 mac-addr: 26:67:3e:49:5a:a7 ilo-ip: 192.168.109.5 ilo-password: password ilo-user: admin nic-mapping: VAGRANT 0707010000000E000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000003A00000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests0707010000000F000081ED0000000000000000000000015FFF674800000ABF000000000000000000000000000000000000004900000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests/test-plan.yaml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: Test Kronos API stop logfile: testsuite-stop-kronos-api.log prefix: stop-kronos-api playbooks: - kronos-api-stop.yml - name: Validate Kronos API down logfile: testsuite-stop-kronos-api.log prefix: validate-kronos-api-down exec: - validate-kronos-api-down.bash - name: Test Kronos API start logfile: testsuite-start-kronos-api.log prefix: start-kronos-api playbooks: - kronos-api-start.yml - name: Validate Kronos API up logfile: testsuite-start-kronos-api.log prefix: start-kronos-api exec: - validate-kronos-api-up.bash - name: Test Kronos reconfigure logfile: testsuite-reconfigure-kronos.log prefix: reconfigure-kronos playbooks: - kronos-reconfigure.yml - name: Validate Kronos API up logfile: testsuite-start-kronos-api.log prefix: start-kronos-api exec: - validate-kronos-api-up.bash - name: Test Kronos Producer stop logfile: testsuite-stop-producer.log prefix: stop-kronos-producer playbooks: - kronos-producer-stop.yml - name: Validate Kronos Producer down logfile: testsuite-stop-kronos-producer.log prefix: stop-kronos-producer exec: - validate-kronos-producer-down.bash - name: Test Kronos Producer start logfile: testsuite-start-kronos-producer.log prefix: start-kronos-producer playbooks: - kronos-producer-start.yml - name: Validate Kronos Producer up logfile: testsuite-start-kronos-producer.log prefix: start-kronos-producer exec: - validate-kronos-producer-up.bash - name: Test Kronos Server stop logfile: testsuite-stop-server.log prefix: stop-kronos-server playbooks: - kronos-server-stop.yml - name: Validate Kronos Server down logfile: testsuite-stop-kronos-server.log prefix: stop-kronos-server exec: - validate-kronos-server-down.bash - name: Test Kronos Server start logfile: testsuite-start-kronos-server.log prefix: start-kronos-server playbooks: - kronos-server-start.yml - name: Validate Kronos Server up logfile: testsuite-start-kronos-server.log prefix: start-kronos-server exec: - validate-kronos-server-up.bash 07070100000010000081ED0000000000000000000000015FFF674800000348000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests/validate-kronos-api-down.bash#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # ansible-playbook -i hosts/verb_hosts kronos-api-status.yml kronos_status=$? echo "Kronos API Status is $status" if [ $kronos_status -eq 0 ] then echo "Fail" exit 1 else echo "OK" fi 07070100000011000081ED0000000000000000000000015FFF67480000034F000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests/validate-kronos-api-up.bash#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # ansible-playbook -i hosts/verb_hosts kronos-api-status.yml kronos_status=$? echo "Kronos API Status is $kronos_status" if [ $kronos_status -eq 0 ] then echo "OK" else echo "Fail" exit 1 fi 07070100000012000081ED0000000000000000000000015FFF674800000359000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests/validate-kronos-producer-down.bash#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # ansible-playbook -i hosts/verb_hosts kronos-producer-status.yml kronos_status=$? echo "Kronos Producer Status is $kronos_status" if [ $kronos_status -eq 0 ] then echo "Fail" exit 1 else echo "OK" fi 07070100000013000081ED0000000000000000000000015FFF674800000359000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests/validate-kronos-producer-up.bash#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # ansible-playbook -i hosts/verb_hosts kronos-producer-status.yml kronos_status=$? echo "Kronos Producer Status is $kronos_status" if [ $kronos_status -eq 0 ] then echo "OK" else echo "Fail" exit 1 fi 07070100000014000081ED0000000000000000000000015FFF674800000355000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests/validate-kronos-server-down.bash#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # ansible-playbook -i hosts/verb_hosts kronos-server-status.yml kronos_status=$? echo "Kronos Server Status is $kronos_status" if [ $kronos_status -eq 0 ] then echo "Fail" exit 1 else echo "OK" fi 07070100000015000081ED0000000000000000000000015FFF674800000355000000000000000000000000000000000000005900000000ardana-logging-8.0+git.1610573640.452aed1/ardana-ci/tests/validate-kronos-server-up.bash#!/bin/bash # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # ansible-playbook -i hosts/verb_hosts kronos-server-status.yml kronos_status=$? echo "Kronos Server Status is $kronos_status" if [ $kronos_status -eq 0 ] then echo "OK" else echo "Fail" exit 1 fi 07070100000016000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000003100000000ardana-logging-8.0+git.1610573640.452aed1/config07070100000017000081A40000000000000000000000015FFF6748000005A4000000000000000000000000000000000000004600000000ardana-logging-8.0+git.1610573640.452aed1/config/logging-symlinks.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # The following relative symlinks are created under the # my_cloud/config directory on the deployer --- symlinks: "logging/vars": roles/logging-common/vars "logging/main.yml": roles/logging-common/defaults/main.yml "logging/beaver.conf.j2": roles/logging-producer/templates/beaver.conf.j2 "logging/elasticsearch.yml.j2": roles/logging-server/templates/elasticsearch.yml.j2 "logging/elasticsearch-default.j2": roles/logging-server/templates/elasticsearch-default.j2 "logging/logstash.conf.j2": roles/logging-server/templates/logstash.conf.j2 "logging/logstash-default.j2": roles/logging-server/templates/logstash-default.j2 "logging/kibana.yml.j2": roles/logging-server/templates/kibana.yml.j2 "logging/kibana-apache2.conf.j2": roles/logging-server/templates/kibana-apache2.conf.j2 07070100000018000081ED0000000000000000000000015FFF6748000003B5000000000000000000000000000000000000003B00000000ardana-logging-8.0+git.1610573640.452aed1/generate-logs.sh#!/bin/bash # # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # this script runs the logging-test playbook to simulate service log (JSON) growth set -x # Get the count from command line. If not provided, use a default log_times=${1:-10} for i in `seq $log_times`; do ansible-playbook -i hosts/verb_hosts logging-test.yml -e log_message=msg_$i done set +x 07070100000019000081A40000000000000000000000015FFF674800000336000000000000000000000000000000000000004300000000ardana-logging-8.0+git.1610573640.452aed1/kronos-api-configure.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure Kronos API stack - hosts: LOG-API any_errors_fatal: true roles: - logging-common - kronos-api tasks: - include: roles/kronos-api/tasks/configure.yml 0707010000001A000081A40000000000000000000000015FFF6748000002EA000000000000000000000000000000000000004000000000ardana-logging-8.0+git.1610573640.452aed1/kronos-api-deploy.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: kronos-api-install.yml - include: kronos-api-configure.yml - include: kronos-api-start.yml 0707010000001B000081A40000000000000000000000015FFF6748000003D7000000000000000000000000000000000000004100000000ardana-logging-8.0+git.1610573640.452aed1/kronos-api-install.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Install Kronos API stack - hosts: LOG-API any_errors_fatal: true roles: - logging-common - kronos-api tasks: - include: roles/kronos-api/tasks/install.yml - include: roles/kronos-api/tasks/create_api_user.yml ansible_python_interpreter: > "{{ KEY_CLI.vars.keystone_client_python_interpreter }}" 0707010000001C000081A40000000000000000000000015FFF6748000002D5000000000000000000000000000000000000004100000000ardana-logging-8.0+git.1610573640.452aed1/kronos-api-restart.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _kronos-api-schedule-restart.yml - include: kronos-api-start.yml 0707010000001D000081A40000000000000000000000015FFF674800000329000000000000000000000000000000000000003F00000000ardana-logging-8.0+git.1610573640.452aed1/kronos-api-start.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Start Kronos API - hosts: LOG-API any_errors_fatal: true roles: - logging-common - kronos-api tasks: - include: roles/kronos-api/tasks/start.yml 0707010000001E000081A40000000000000000000000015FFF67480000034B000000000000000000000000000000000000004000000000ardana-logging-8.0+git.1610573640.452aed1/kronos-api-status.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Check status of Kronos API - hosts: LOG-API max_fail_percentage: 0 any_errors_fatal: true roles: - logging-common - kronos-api tasks: - include: roles/kronos-api/tasks/status.yml 0707010000001F000081A40000000000000000000000015FFF67480000032D000000000000000000000000000000000000003E00000000ardana-logging-8.0+git.1610573640.452aed1/kronos-api-stop.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Stop Kronos API stack - hosts: LOG-API any_errors_fatal: true roles: - logging-common - kronos-api tasks: - include: roles/kronos-api/tasks/stop.yml 07070100000020000081A40000000000000000000000015FFF674800000394000000000000000000000000000000000000004B00000000ardana-logging-8.0+git.1610573640.452aed1/kronos-elasticsearch-migrate.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Handle re-indexing of Elasticsearch data and other pre-work - hosts: LOG-SVR any_errors_fatal: true vars: elasticsearch_resolve_conflicts: true roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/pre-upgrade.yml 07070100000021000081A40000000000000000000000015FFF67480000033C000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/kronos-elasticsearch-start-dependencies.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Start services that depend on Elasticsearch #------------------------------------------------------------------------------- # Start Freezer components - include: freezer-start.yml 07070100000022000081A40000000000000000000000015FFF674800000339000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/kronos-elasticsearch-stop-dependencies.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Stop services that depend on Elasticsearch #------------------------------------------------------------------------------- # Stop Freezer components - include: freezer-stop.yml 07070100000023000081A40000000000000000000000015FFF67480000042B000000000000000000000000000000000000004800000000ardana-logging-8.0+git.1610573640.452aed1/kronos-logrotation-deploy.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure logrotation and centralized logging for services #------------------------------------------------------------------------------- - hosts: LOG-ROT any_errors_fatal: true roles: - logging-common - kronos-logrotation tasks: - include: roles/kronos-logrotation/tasks/configure.yml - include: roles/kronos-logrotation/tasks/configure-rhel.yml when: ansible_os_family == 'RedHat' 07070100000024000081A40000000000000000000000015FFF674800000324000000000000000000000000000000000000004100000000ardana-logging-8.0+git.1610573640.452aed1/kronos-pre-upgrade.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/pre-upgrade.yml 07070100000025000081A40000000000000000000000015FFF6748000004EE000000000000000000000000000000000000004800000000ardana-logging-8.0+git.1610573640.452aed1/kronos-producer-configure.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure centralized logging for services #------------------------------------------------------------------------------- - hosts: LOG-PRO any_errors_fatal: true roles: - logging-common - logging-producer tasks: - include: roles/logging-producer/tasks/configure.yml # Configure Kronos producer monitoring #------------------------------------------------------------------------------- - hosts: LOG-PRO:&MON-AGN any_errors_fatal: true roles: - monasca-alarm-definition - logging-common - logging-monitor tasks: - include: roles/logging-monitor/tasks/configure-PRO.yml 07070100000026000081A40000000000000000000000015FFF6748000002FE000000000000000000000000000000000000004500000000ardana-logging-8.0+git.1610573640.452aed1/kronos-producer-deploy.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: kronos-producer-install.yml - include: kronos-producer-configure.yml - include: kronos-producer-start.yml 07070100000027000081A40000000000000000000000015FFF67480000048A000000000000000000000000000000000000004600000000ardana-logging-8.0+git.1610573640.452aed1/kronos-producer-install.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Install Kronos producer stack - hosts: LOG-PRO:&{{ target_hosts | default('LOG-PRO') }} any_errors_fatal: true roles: - logging-common - logging-producer tasks: - include: roles/logging-producer/tasks/install.yml - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-producer tasks: - include: roles/logging-producer/tasks/create_beaver_user.yml ansible_python_interpreter: > "{{ KEY_CLI.vars.keystone_client_python_interpreter }}" 07070100000028000081A40000000000000000000000015FFF6748000002DF000000000000000000000000000000000000004600000000ardana-logging-8.0+git.1610573640.452aed1/kronos-producer-restart.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _kronos-producer-schedule-restart.yml - include: kronos-producer-start.yml 07070100000029000081A40000000000000000000000015FFF67480000045A000000000000000000000000000000000000004400000000ardana-logging-8.0+git.1610573640.452aed1/kronos-producer-start.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Start Kronos producer stack - hosts: LOG-PRO any_errors_fatal: true roles: - logging-common - logging-producer tasks: - include: roles/logging-producer/tasks/start.yml # Start monitoring last as it needs other services to be already running # Start PROducer hosts monitoring - hosts: LOG-PRO:&MON-AGN any_errors_fatal: true roles: - logging-common - logging-monitor tasks: - include: roles/logging-monitor/tasks/start-PRO.yml 0707010000002A000081A40000000000000000000000015FFF674800000362000000000000000000000000000000000000004500000000ardana-logging-8.0+git.1610573640.452aed1/kronos-producer-status.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Check status of Kronos producer stack - hosts: LOG-PRO any_errors_fatal: true max_fail_percentage: 0 roles: - logging-common - logging-producer tasks: - include: roles/logging-producer/tasks/status.yml 0707010000002B000081A40000000000000000000000015FFF674800000343000000000000000000000000000000000000004300000000ardana-logging-8.0+git.1610573640.452aed1/kronos-producer-stop.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Stop Kronos producer stack - hosts: LOG-PRO any_errors_fatal: true roles: - logging-common - logging-producer tasks: - include: roles/logging-producer/tasks/stop.yml 0707010000002C000081A40000000000000000000000015FFF6748000002A7000000000000000000000000000000000000004100000000ardana-logging-8.0+git.1610573640.452aed1/kronos-reconfigure.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: logging-deploy.yml 0707010000002D000081A40000000000000000000000015FFF674800000562000000000000000000000000000000000000004600000000ardana-logging-8.0+git.1610573640.452aed1/kronos-server-configure.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure Kronos server stack including alarms and monitoring #------------------------------------------------------------------------------ - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/configure.yml - hosts: LOG-SVR:&MON-AGN any_errors_fatal: true roles: - logging-common - logging-monitor tasks: - name: kronos-server-configure | Generate monitoring variables local_action: kronos_generate_monitoring register: monitoring_directory_output_result run_once: true - include: roles/logging-monitor/tasks/alarm-definitions.yml - include: roles/logging-monitor/tasks/configure-SVR.yml 0707010000002E000081A40000000000000000000000015FFF6748000002F8000000000000000000000000000000000000004300000000ardana-logging-8.0+git.1610573640.452aed1/kronos-server-deploy.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: kronos-server-install.yml - include: kronos-server-configure.yml - include: kronos-server-start.yml 0707010000002F000081A40000000000000000000000015FFF674800000431000000000000000000000000000000000000004400000000ardana-logging-8.0+git.1610573640.452aed1/kronos-server-install.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Install Kronos server stack - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-monitor - logging-server tasks: - include: roles/logging-server/tasks/install.yml - include: roles/logging-monitor/tasks/create_monitoring_user.yml ansible_python_interpreter: > "{{ KEY_CLI.vars.keystone_client_python_interpreter }}" when: ( 'MON_API' in verb_hosts ) 07070100000030000081A40000000000000000000000015FFF6748000002DB000000000000000000000000000000000000004400000000ardana-logging-8.0+git.1610573640.452aed1/kronos-server-restart.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _kronos-server-schedule-restart.yml - include: kronos-server-start.yml 07070100000031000081A40000000000000000000000015FFF6748000004FF000000000000000000000000000000000000004200000000ardana-logging-8.0+git.1610573640.452aed1/kronos-server-start.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Start Kronos server stack - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/start-elasticsearch.yml - include: roles/logging-server/tasks/start-logstash.yml - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/start-kibana.yml serial: 1 # Start SVR hosts monitoring - hosts: LOG-SVR:&MON-AGN any_errors_fatal: true roles: - logging-common - logging-monitor tasks: - include: roles/logging-monitor/tasks/start-SVR.yml 07070100000032000081A40000000000000000000000015FFF67480000035C000000000000000000000000000000000000004300000000ardana-logging-8.0+git.1610573640.452aed1/kronos-server-status.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Check status of Kronos server stack - hosts: LOG-SVR any_errors_fatal: true max_fail_percentage: 0 roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/status.yml 07070100000033000081A40000000000000000000000015FFF67480000033D000000000000000000000000000000000000004100000000ardana-logging-8.0+git.1610573640.452aed1/kronos-server-stop.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Stop Kronos server stack - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/stop.yml 07070100000034000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000003200000000ardana-logging-8.0+git.1610573640.452aed1/library07070100000035000081ED0000000000000000000000015FFF674800000916000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/library/kronos_generate_monitoring#!/usr/bin/python # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import re import os import yaml # Construct directory monitoring configuration for profiles #------------------------------------------------------------------------------- def main(): module = AnsibleModule( argument_spec=dict( profiles_dir = dict(default="roles/logging-common/vars") ), supports_check_mode=False ) try: params = type('Params', (), module.params) # Get profiles from profiles directory profiles = {} for filename in sorted(os.listdir(params.profiles_dir)): if filename.endswith("-clr.yml"): with open(os.path.join(params.profiles_dir, filename), 'r') as strm: profile = yaml.load(strm)['sub_service'] profiles[profile['name']] = profile # Generate monitoring configuration for profile ensuring uniqueness result = {} for profile in profiles.values(): if 'monitoring' in profile and profile['monitoring']['enabled']: result[profile['monitoring']['logging_dir']] = { 'name': profile['monitoring']['external_name'], 'directory': profile['monitoring']['logging_dir'] } except Exception, e: module.fail_json(msg="{}".format(e)) finally: # Return list of dictionaries sorted by directory module.exit_json(result=sorted(result.values(), key=lambda x: x['directory'])) # Execute main as an Ansible module #------------------------------------------------------------------------------- from ansible.module_utils.basic import * if __name__ == '__main__': main() 07070100000036000081ED0000000000000000000000015FFF674800000CC9000000000000000000000000000000000000004700000000ardana-logging-8.0+git.1610573640.452aed1/library/kronos_load_profiles#!/usr/bin/python # # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import re import os import yaml # Determine which logging profiles apply to the current hosts #------------------------------------------------------------------------------- def main(): module = AnsibleModule( argument_spec=dict( host = dict(required=True), # inventory_hostname hosts = dict(required=True), # verb_hosts groups = dict(required=True), # groups profiles_dir = dict(default="roles/logging-common/vars"), # profile directory config_dir = dict(default="roles/kronos-logrotation/vars") # config directory ), supports_check_mode=False ) try: params = type('Params', (), module.params) profiles = {} uf_profiles = {} # unfiltered profiles # Load rotation_config from a file with open(os.path.join(params.config_dir, 'rotation_config.yml'), 'r') as config_file: rotation_config = yaml.load(config_file) # Load all logging profiles from the specified directory for filename in sorted(os.listdir(params.profiles_dir)): if filename.endswith("-clr.yml"): with open(os.path.join(params.profiles_dir, filename), 'r') as strm: profile = yaml.load(strm)['sub_service'] uf_profiles[os.path.basename(filename)] = profile for key, profile in uf_profiles.iteritems(): group_regexps = profile['hosts'].split(':') # Filter possible host groups down to only those that are active # e.g. LOG-SVR matches LOG-SVR-ccp matched_groups = [] for group in params.hosts.values(): for group_regexp in group_regexps: if re.search(group_regexp, group): matched_groups.append(group) break for group in matched_groups: # Map into groups to get list of hosts to match against if group in params.groups and params.host in params.groups[group]: profiles[key] = profile break except Exception, e: module.fail_json(msg="{}".format(e)) finally: module.exit_json(result=profiles, rotation_config=rotation_config) # Execute main as an Ansible module #------------------------------------------------------------------------------- from ansible.module_utils.basic import * if __name__ == '__main__': main() 07070100000037000081ED0000000000000000000000015FFF674800000FF9000000000000000000000000000000000000005100000000ardana-logging-8.0+git.1610573640.452aed1/library/kronos_populate_service_quotas#!/usr/bin/python # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import os import yaml import platform # Keys namespace keys = type('Keys', (), { 'name':'name', 'files':'files', 'service':'service', 'subservices':'subservices', 'opt':'logging_options', 'quota':'quota', 'os_family':'os_family' }) # Directory namespace dirs = type('Dirs', (), { 'logging':'/var/log' }) #------------------------------------------------------------------------------- def main(): module = AnsibleModule( argument_spec=dict( profiles = dict(required=True), # Output of load_profiles rotation_config = dict(required=True), # Service weights usable_log_percent = dict(required=True), # Applied prior to calculating quotas service_info_dir = dict(default="/opt/kronos") ), supports_check_mode=False ) try: # Get profiles and service weights from Ansible playbook params = type('Params', (), module.params) profiles = params.profiles service_weights = {service: params.rotation_config[service]['weight'] for service in params.rotation_config} os_family = platform.dist()[0].lower() # Extract service info from profiles passed in through Ansible service_info = {} for value in profiles.values(): if keys.os_family in value: if os_family != value[keys.os_family].lower(): continue service_info.setdefault(value[keys.service], {keys.subservices: [], keys.files: []}) service_info[value[keys.service]][keys.subservices].append(value[keys.name]) for opt in value[keys.opt]: service_info[value[keys.service]][keys.files] += opt[keys.files] # Filters out Service weights which are not running on the node filtered_weights = {x: service_weights[x] for x in [y[keys.service] for y in profiles.values()]} # Get logging space available disk_stats = os.statvfs(dirs.logging) logging_space_available = disk_stats.f_blocks * disk_stats.f_bsize * (10 ** -6) * (float(params.usable_log_percent) / 100) # Create service quotas _sum = float(sum(filtered_weights.values())) for service in service_info: service_info[service][keys.quota] = int((filtered_weights[service] / _sum) * logging_space_available) # Read in existing file changed = False old_data = None service_info_path = os.path.join(params.service_info_dir, "service_info.yml") if not os.path.exists(params.service_info_dir): os.makedirs(params.service_info_dir) if os.path.exists(service_info_path): with open(service_info_path, 'r') as service_info_file: old_data = service_info_file.read() # If the new file is different, write our new file if old_data != yaml.dump(service_info): with open(service_info_path, 'w') as service_info_file: yaml.dump(service_info, service_info_file) changed = True except Exception, e: module.fail_json(msg="{}".format(e)) finally: module.exit_json(changed=changed) # Execute main as an Ansible module #------------------------------------------------------------------------------- from ansible.module_utils.basic import * if __name__ == '__main__': main() 07070100000038000081ED0000000000000000000000015FFF6748000022D5000000000000000000000000000000000000004A00000000ardana-logging-8.0+git.1610573640.452aed1/library/kronos_process_profiles#!/usr/bin/python # # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import os import platform # Actions namespace actions = type('Actions', (), { 'rotation': 'rotation', 'logging': 'logging', 'auditing': 'auditing' }) # Keys namespace for ease of maintenance keys = type('Keys', (), { 'name':'name', 'files':'files', 'format':'format', 'service':'service', 'enabled':'enabled', 'rotate':'log_rotate', 'os_family':'os_family', 'options':'logging_options', 'logging':'centralized_logging', 'auditing':'centralized_audit_logging', 'retention':'retention' }) def config_rotation(module, action, profile): """Configure logging rotation for given profile :module: ansible helper module :action: action to perform :profile: document describing service :returns: True when something has changed """ changed = False params = type('Params', (), module.params) filename = os.path.join(params.logrotate_conf_dir, profile[keys.name]) # Read in any existing configuration for comparison data = None if os.path.exists(filename): with open(filename, 'r') as f: data = f.read() # Construct new config file conf = "" for opt in [x for x in profile[keys.options] if keys.rotate in x]: # Basic validation error = '' combo = " ".join(opt[keys.rotate]) if combo.find('rotate') == -1: error = 'rotate' if combo.find('maxsize') == -1: error = 'maxsize' if error: module.fail_json(msg="Error: missing '{}' rotation param".format(error)) # Add files to conf for f in opt[keys.files]: conf += "{}\n".format(f) conf += "{\n" # Add rotate settings for files for rotate_opt in opt[keys.rotate]: conf += " {}\n".format(rotate_opt) if rotate_opt.strip().startswith('create') and 'nosu' not in opt: conf += " su {} {}\n".format(rotate_opt.strip().split()[-2], rotate_opt.strip().split()[-1]) conf += "}\n\n" # Write out the configuration if conf and conf != data: with open(filename, 'w') as f: f.write(conf) changed = True return changed def config_logging(module, action, profile): """Configure centralized logging/auditing for given profile :module: ansible helper module :action: action to perform :profile: document describing service :returns: True when something has changed """ changed = False params = type('Params', (), module.params) audit = True if action == actions.auditing else False filename = "{}{}.conf".format(os.path.join(params.beaver_conf_dir, profile[keys.name]), "-audit" if audit else "") # Read in any existing configuration for comparison data = None if os.path.exists(filename): with open(filename, 'r') as f: data = f.read() # Construct new beaver config file conf = "" key = keys.auditing if audit else keys.logging for opt in [x for x in profile[keys.options] if key in x and x[key][keys.enabled]]: # Add files to conf for f in opt[keys.files]: conf += "[{}]\n".format(os.path.join(params.audit_log_dir, f) if audit else f) conf += "type={}\n".format(profile[keys.name]) conf += "format={}\n".format(opt[key][keys.format]) conf += "add_field=control_plane,{},cluster,{},cloud_name,{},service,{}{}\n".format( params.control_plane, params.cluster, params.cloud_name, profile[keys.service], ",log_type,audit" if audit else "") conf += "start_position=beginning\n" if f != opt[keys.files][-1]: conf += "\n" # Write out the configuration if conf and conf != data: with open(filename, 'w') as f: f.write(conf) changed = True # Remove the configuration if not conf and data: os.remove(filename) return changed def override_retention(rotation_config, profiles): """If a Service has a retention value in roles/kronos_logrotation/vars/rotation_config.yml, : then replace the retention value to be written to /etc/logrotate.d/<subservice> with the rotation_config value :rotation_config: Dict with Service name mapped to a Dict containing a service's weight and retention :profiles: logrotate configuration files :returns: the updated profiles """ # If retention value is an integer, the customer wants to override that service's values retention_values = {} for service in rotation_config: if isinstance(rotation_config[service][keys.retention], int): retention_values[service] = rotation_config[service][keys.retention] # If no overrides are set, then return the unmodified profiles if len(retention_values) == 0: return profiles # Replace the retention attributes for all services which have overrides set for subservice in profiles: service = profiles[subservice][keys.service] if retention_values.has_key(service): service_override_value = retention_values[service] # Modify only the "rotate" attribute within each "log_rotate" section of "logging_options" for group_of_files, opt in enumerate(profiles[subservice][keys.options]): if keys.rotate not in opt: continue # Modify the attribute variable but keep the other variables unchanged updated_attribute_list = [] for attribute in opt[keys.rotate]: if attribute.startswith('rotate '): updated_attribute_list.append('rotate {}'.format(service_override_value)) else: updated_attribute_list.append(attribute) profiles[subservice][keys.options][group_of_files][keys.rotate] = updated_attribute_list return profiles # Map the possible actions to call from ansible action_methods = { actions.rotation: config_rotation, actions.logging: config_logging, actions.auditing: config_logging } # Determine which logging profiles apply to the current hosts #------------------------------------------------------------------------------- def main(): module = AnsibleModule( argument_spec=dict( profiles = dict(required=True), # output of filter_profiles rotation_config = dict(required=True), # service level rotation info control_plane = dict(required=True), # host.my_dimensions.control_plane cluster = dict(required=True), # host.my_dimensions.cluster cloud_name = dict(required=True), # host.my_dimensions.cloud_name audit_log_dir = dict(default="/var/audit"), beaver_conf_dir = dict(default="/etc/beaver/conf.d"), logrotate_conf_dir = dict(default="/etc/logrotate.d"), config_actions = dict(default="{},{}".format(actions.logging,actions.auditing)) ), supports_check_mode=False ) try: changed = False os_family = platform.dist()[0].lower().replace('centos', 'redhat') params = type('Params', (), module.params) # Set retention overrides if retention value is set in rotation config file params.profiles = override_retention(params.rotation_config, params.profiles) # Process each profile for filename in params.profiles: profile = params.profiles[filename] # Skip if os_family doesn't match if keys.os_family in profile: if os_family != profile[keys.os_family].lower(): continue # Configure logging for service for action in params.config_actions.split(","): if action not in action_methods: raise Exception("Non-existent action {}".format(action)) changed += action_methods[action](module, action, profile) except Exception, e: module.fail_json(msg="{}".format(e)) finally: module.exit_json(changed=changed) # Execute main as an Ansible module #------------------------------------------------------------------------------- from ansible.module_utils.basic import * if __name__ == '__main__': main() 07070100000039000081A40000000000000000000000015FFF674800000314000000000000000000000000000000000000004000000000ardana-logging-8.0+git.1610573640.452aed1/logging-configure.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure all components - include: kronos-server-configure.yml - include: kronos-api-configure.yml - include: kronos-producer-configure.yml 0707010000003A000081A40000000000000000000000015FFF6748000004A6000000000000000000000000000000000000003D00000000ardana-logging-8.0+git.1610573640.452aed1/logging-deploy.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Install all components - include: kronos-server-install.yml - include: kronos-api-install.yml - include: kronos-producer-install.yml # Configure all components - include: kronos-server-configure.yml - include: kronos-api-configure.yml - include: kronos-producer-configure.yml # Start all components - include: kronos-api-start.yml - include: kronos-server-start.yml - include: kronos-producer-start.yml # Configure logrotate # Note: This needs to be moved to ardana-deploy preferably at the end - include: kronos-logrotation-deploy.yml 0707010000003B000081A40000000000000000000000015FFF6748000003E0000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/logging-reconfigure-credentials-change.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-producer tasks: - include: roles/logging-post-configure/tasks/keystone_change_pwd.yml ansible_python_interpreter: >- "{{ KEY_CLI.vars.keystone_client_python_interpreter }}" - include: logging-configure.yml - include: logging-start.yml 0707010000003C000081A40000000000000000000000015FFF6748000002CF000000000000000000000000000000000000003E00000000ardana-logging-8.0+git.1610573640.452aed1/logging-restart.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _logging-schedule-restart.yml - include: logging-start.yml 0707010000003D000081A40000000000000000000000015FFF674800000315000000000000000000000000000000000000003C00000000ardana-logging-8.0+git.1610573640.452aed1/logging-start.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Start from the inside working out - include: kronos-api-start.yml - include: kronos-server-start.yml - include: kronos-producer-start.yml 0707010000003E000081A40000000000000000000000015FFF6748000002F4000000000000000000000000000000000000003D00000000ardana-logging-8.0+git.1610573640.452aed1/logging-status.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: kronos-server-status.yml - include: kronos-api-status.yml - include: kronos-producer-status.yml 0707010000003F000081A40000000000000000000000015FFF674800000311000000000000000000000000000000000000003B00000000ardana-logging-8.0+git.1610573640.452aed1/logging-stop.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Stop from the outside working in - include: kronos-producer-stop.yml - include: kronos-api-stop.yml - include: kronos-server-stop.yml 07070100000040000081A40000000000000000000000015FFF6748000003D5000000000000000000000000000000000000003B00000000ardana-logging-8.0+git.1610573640.452aed1/logging-test.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Test harness for kronos. Keep this separate from logging-deploy.yml - hosts: LOG-PRO any_errors_fatal: true roles: - logging-common - logging-producer tasks: - name: logging-test | include_vars include_vars: roles/logging-common/defaults/test_vars.yml - include: roles/logging-producer/tasks/test.yml 07070100000041000081A40000000000000000000000015FFF6748000005CB000000000000000000000000000000000000003E00000000ardana-logging-8.0+git.1610573640.452aed1/logging-upgrade.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Stop other projects dependent on Elasticsearch - include: kronos-elasticsearch-stop-dependencies.yml # Stop the producers to avoid data coming in during upgrade - include: kronos-producer-stop.yml # Upgrade server stack - hosts: LOG-SVR any_errors_fatal: true roles: - logging-common - logging-server tasks: - include: roles/logging-server/tasks/upgrade.yml # Upgrade log rotation stack (server + producer) - hosts: LOG-ROT any_errors_fatal: true roles: - logging-common - kronos-logrotation tasks: - include: roles/kronos-logrotation/tasks/upgrade.yml # Stop the server stack during upgrade - include: kronos-server-stop.yml # Perform the actual upgrade - include: logging-deploy.yml # Start other projects dependent on Elasticserach - include: kronos-elasticsearch-start-dependencies.yml 07070100000042000041ED0000000000000000000000095FFF674800000000000000000000000000000000000000000000003000000000ardana-logging-8.0+git.1610573640.452aed1/roles07070100000043000041ED0000000000000000000000055FFF674800000000000000000000000000000000000000000000003B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api07070100000044000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004000000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/meta07070100000045000081A40000000000000000000000015FFF6748000002A3000000000000000000000000000000000000004900000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/meta/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- dependencies: - role: FND-AP2 07070100000046000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004100000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks07070100000047000081A40000000000000000000000015FFF674800000310000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/_schedule_restart.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: kronos-api | _schedule_restart | Schedule a restart for kronos-api debug: msg: "Trigger a change notification in kronos-api" changed_when: true register: ardana_notify_kronos_api_restart07070100000048000081A40000000000000000000000015FFF67480000084B000000000000000000000000000000000000004F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/configure.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure Kronos API #------------------------------------------------------------------------------ - name: kronos-api | configure | Configure Kronos API INI file become: yes template: src: kronos-api.ini.j2 dest: /etc/monasca/log-api-paste.ini owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0600 register: ardana_notify_kronos_api_restart when: ( 'MON_API' in verb_hosts ) - name: kronos-api | configure | Configure Kronos API Conf file become: yes template: src: kronos-api.conf.j2 dest: /etc/monasca/log-api.conf owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0600 register: ardana_notify_kronos_api_restart when: ( 'MON_API' in verb_hosts ) - name: kronos-api | configure | Configure Monasca-Log Apache vhost become: yes template: src: monasca-log-apache2.conf.j2 dest: "{{ apache2_vhost_dir }}/kronos-apache2.vhost" mode: 0755 register: ardana_notify_kronos_apache_reload - name: kronos-api | configure | Configure Kronos/Apache log file ownership become: yes file: path: "{{ kronos_log_dir }}/{{ item }}" owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0640 state: touch with_items: - wsgi-access.log - wsgi.log - "{{ kronos_api_log_file }}" - name: kronos-api | configure | Configure Monasca-Log log directory access become: yes file: path: /var/log/monasca state: directory mode: o+rx 07070100000049000081A40000000000000000000000015FFF674800000970000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/create_api_user.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: kronos-api | create_api_user | Get a domain scoped token become: yes keystone_v3: endpoint: "{{ keystone_admin_endpoint }}" login_username: "{{ keystone_admin_user }}" login_password: "{{ keystone_admin_password | quote }}" login_user_domain_name: "{{ keystone_admin_domain }}" login_domain_name: "{{ keystone_admin_domain }}" action: "token_get" register: domain_scoped_token_result run_once: true - name: kronos-api | create_api_user | Create Kronos API User become: yes keystone_v3: description: "Kronos API User" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "create_user" user_name: "{{ kronos_api_user }}" user_password: "{{ kronos_api_password | quote }}" user_domain_name: "{{ kronos_domain }}" run_once: true - name: kronos-api | create_api_user | Create Kronos Project keystone_v3: description: "Centralized logging and log rotation" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "create_project" project_name: "{{ kronos_project }}" project_domain_name: "{{ kronos_domain }}" run_once: true - name: >- kronos-api | create_api_user | Grant Kronos user service admin Role become: yes keystone_v3: description: "Grant Beaver user monasca-user Role" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "grant_project_role" user_name: "{{ kronos_api_user }}" project_name: "{{ kronos_project }}" role_name: "{{ kronos_api_admin_role }}" user_domain_name: "{{ kronos_domain }}" project_domain_name: "{{ kronos_domain }}" run_once: true 0707010000004A000081A40000000000000000000000015FFF674800000871000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/install.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Install Kronos API #------------------------------------------------------------------------------ - name: kronos-api | install | Install Kronos rpm (SUSE) become: yes package: name: openstack-monasca-log-api state: present register: ardana_notify_kronos_api_install - name: kronos-api | install | Create Kronos API user become: yes user: name: "{{ kronos_user }}" group: "{{ kronos_group }}" shell: /usr/sbin/nologin system: yes createhome: no home: "{{ kronos_home_dir }}" register: ardana_notify_kronos_api_restart - name: kronos-api | install | Create Kronos API user home become: yes file: path: "{{ kronos_home_dir }}" state: directory owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0700 - name: kronos-api | install | Create Kronos API log directory become: yes file: path: "{{ kronos_log_dir }}" state: directory owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0755 register: ardana_notify_kronos_api_restart - name: kronos-api | install | Create a directory to host the log-api WSGI file become: yes file: path: "{{ kronos_wsgi_dir }}" state: directory owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0755 recurse: yes - name: kronos-api | install | Link log-api WSGI file become: yes file: src: "{{ 'monasca' | venv_dir }}/bin/monasca-log-api-wsgi" dest: "{{ kronos_wsgi_dir }}/monasca-log-api-wsgi" state: link 0707010000004B000081A40000000000000000000000015FFF6748000002BE000000000000000000000000000000000000004A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Ansible doesn't seem to like a role without any main.yml 0707010000004C000081A40000000000000000000000015FFF67480000056A000000000000000000000000000000000000004B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/start.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: kronos-api | start | Enable Kronos vhost become: yes file: src: "{{ apache2_vhost_dir }}/kronos-apache2.vhost" dest: "{{ apache2_vhost_dir }}/kronos-apache2.conf" state: link register: ardana_notify_kronos_api_restart # Set the fact for restart based on ardana_notify - name: kronos-api | start | Set fact to start based on ardana_notify_fact set_fact: kronos_restart_required : True when: >- ardana_notify_kronos_api_restart is defined and ardana_notify_kronos_api_restart.changed - include: "{{ playbook_dir }}/roles/FND-AP2/tasks/start_reload.yml" vars: apache_reload_requested: "{{ kronos_restart_required }}" apache_restart_requested: "{{ kronos_restart_required }}" 0707010000004D000081A40000000000000000000000015FFF67480000033D000000000000000000000000000000000000004C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/status.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: kronos-api | status | Get logging Kronos API status uri: url: "{{ kronos_api_url }}" when: "ardana_pre_upgrade_check is not defined and 'monasca-api' in group.services" 0707010000004E000081A40000000000000000000000015FFF674800000538000000000000000000000000000000000000004A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/tasks/stop.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: kronos-api | stop | Disable Kronos site if required become: yes file: state: absent path: "{{ apache2_vhost_dir }}/kronos-apache2.conf" become: yes register: ardana_notify_kronos_api_restart # Set the fact for restart based on ardana_notify - name: kronos-api | stop | Set fact to stop based on ardana_notify_fact set_fact: kronos_reload_required : True when: >- ardana_notify_kronos_api_restart is defined and ardana_notify_kronos_api_restart.changed - name: kronos-api | stop | Reload Apache become: yes include: "{{ playbook_dir }}/roles/FND-AP2/tasks/start_reload.yml" vars: apache_reload_requested: "{{ kronos_reload_required }}" 0707010000004F000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004500000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/templates07070100000050000081A40000000000000000000000015FFF674800000835000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/templates/kronos-api.conf.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [DEFAULT] # logging, make sure that the user under whom the server runs has permission # to write to the directory. debug = {{ kronos_api_debug }} log_dir = {{ kronos_log_dir }} log_file = {{ kronos_api_log_file }} # Dispatchers to be loaded to serve restful APIs [dispatcher] logs = monasca_log_api.reference.v2.logs:Logs logs_v3 = monasca_log_api.reference.v3.logs:Logs versions = monasca_log_api.reference.versions:Versions healthchecks = monasca_log_api.reference.healthchecks:HealthChecks [service] region = 'region-one' max_log_size = {{ kronos_api_max_log_size }} [log_publisher] topics = {{ kronos_kafka_topic }} kafka_url = {{ kronos_kafka_hosts }} [keystone_authtoken] username = {{ kronos_api_user }} password = {{ kronos_api_password }} project_name = {{ kronos_project }} project_domain_name = {{ kronos_api_domain }} user_domain_name = {{ kronos_api_domain }} auth_url = {{ keystone_admin_auth_uri }}/v3 www_authenticate_uri = {{ keystone_admin_auth_uri }} auth_type = v3password cafile = {{ keystone_admin_authtoken_cafile }} certfile = {{ keystone_admin_authtoken_certfile }} keyfile = {{ keystone_admin_authtoken_keyfile }} insecure = {{ keystone_admin_authtoken_insecure }} [kafka_healthcheck] topics = {{ kronos_kafka_topic }} kafka_url = {{ kronos_kafka_hosts }} [roles_middleware] path = /v2.0/log path = /v3.0/logs agent_roles = {{ kronos_api_middleware_agent_roles }} default_roles = {{ kronos_api_middleware_default_roles }} 07070100000051000081A40000000000000000000000015FFF6748000008E7000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/templates/kronos-api.ini.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [DEFAULT] name = {{ kronos_api_name }} [composite:main] use = egg:Paste#urlmap /: la_version /healthcheck: la_healthcheck /v2.0: la_api_v2 /v3.0: la_api_v3 [pipeline:la_version] pipeline = error_trap versionapp [pipeline:la_healthcheck] pipeline = error_trap healthcheckapp [pipeline:la_api_v2] pipeline = error_trap request_id auth roles api_v2_app [pipeline:la_api_v3] pipeline = error_trap request_id auth roles api_v3_app [app:versionapp] paste.app_factory = monasca_log_api.app.api:create_version_app [app:healthcheckapp] paste.app_factory = monasca_log_api.app.api:create_healthcheck_app [app:api_v2_app] paste.app_factory = monasca_log_api.app.api:create_api_app set api_version=v2.0 [app:api_v3_app] paste.app_factory = monasca_log_api.app.api:create_api_app set api_version=v3.0 [filter:auth] paste.filter_factory = keystonemiddleware.auth_token:filter_factory [filter:roles] paste.filter_factory = monasca_log_api.middleware.role_middleware:RoleMiddleware.factory [filter:request_id] paste.filter_factory = oslo_middleware.request_id:RequestId.factory # NOTE(trebskit) this is optional # insert this into either pipeline to get some WSGI environment debug output [filter:debug] paste.filter_factory = oslo_middleware.debug:Debug.factory [filter:error_trap] paste.filter_factory = oslo_middleware.catch_errors:CatchErrors.factory [server:main] use = egg:gunicorn#main host = {{ kronos_api_host }} port = {{ kronos_api_port }} workers = {{ kronos_api_workers }} worker-connections = 2000 worker-class = eventlet timeout = 30 backlog = 2048 keepalive = 2 proc_name = {{ kronos_api_proc_name }} loglevel = DEBUG 07070100000052000081A40000000000000000000000015FFF6748000004E4000000000000000000000000000000000000006100000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-api/templates/monasca-log-apache2.conf.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} Listen {{ kronos_api_host }}:{{ kronos_api_port }} <VirtualHost *:{{ kronos_api_port }}> WSGIDaemonProcess log-api processes=4 threads=4 socket-timeout=300 user={{ kronos_user }} group={{ kronos_group }} python-path=/opt/stack/service/monasca/venv/bin/../lib/python2.7/site-packages/ display-name=monasca-log-api WSGIProcessGroup log-api WSGIApplicationGroup %{GLOBAL} WSGIScriptAlias / {{ kronos_wsgi_dir }}/monasca-log-api-wsgi ErrorLog /var/log/kronos/wsgi.log LogLevel info CustomLog /var/log/kronos/wsgi-access.log combined SetEnv no-gzip 1 </VirtualHost> 07070100000053000041ED0000000000000000000000065FFF674800000000000000000000000000000000000000000000004300000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation07070100000054000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004900000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/files07070100000055000081A40000000000000000000000015FFF67480000005E000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/files/auditlogrotate.sh#!/bin/sh test -x /usr/sbin/logrotate || exit 0 /usr/sbin/logrotate /etc/auditlogrotate.conf 07070100000056000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004900000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/tasks07070100000057000081A40000000000000000000000015FFF674800000893000000000000000000000000000000000000005C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/tasks/configure-rhel.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # RHEL specific configuration #------------------------------------------------------------------------------ - name: >- kronos-logrotation | configure-rhel | Set /var/log SELinux context become: yes file: recurse: yes path: /var/log state: directory seuser: system_u serole: object_r setype: var_log_t register: permissions_result until: permissions_result|success - name: >- kronos-logrotation | configure-rhel | Set /var/log/libvirt SELinux context become: yes file: recurse: yes path: /var/log/libvirt state: directory seuser: system_u serole: object_r setype: virt_log_t register: permissions_result until: permissions_result|success - name: >- kronos-logrotation | configure-rhel | Set /var/log/audit SELinux context become: yes file: recurse: yes path: /var/log/audit state: directory seuser: system_u serole: object_r setype: auditd_log_t register: permissions_result until: permissions_result|success - name: >- kronos-logrotation | configure-rhel | Set /var/log/openvswitch context become: yes file: recurse: yes path: /var/log/openvswitch state: directory seuser: system_u serole: object_r setype: openvswitch_rw_t register: permissions_result until: permissions_result|success - name: kronos-logrotation | configure-rhel | Add hourly cron job for logrotate become: yes cron: name: "Run hourly cron jobs" minute: 17 job: "cd / && run-parts /etc/cron.hourly" 07070100000058000081A40000000000000000000000015FFF6748000013E5000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/tasks/configure.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Install Logging Dependencies #------------------------------------------------------------------------------ - name: kronos-logrotation | configure | include OS specific variables include_vars: "{{ ansible_os_family | lower }}.yml" - name: kronos-logrotation | configure | Install logging dependencies become: yes package: name: "{{ item }}" state: present with_items: kronos_logrotation_dependencies # Configure logging for the implicated services #------------------------------------------------------------------------------ - name: kronos-logrotation | configure | Load logging profiles local_action: kronos_load_profiles args: host: "{{ inventory_hostname }}" hosts: "{{ verb_hosts }}" groups: "{{ groups }}" register: logging_profiles - name: kronos-logrotation | configure | Configure logging for service become: yes kronos_process_profiles: profiles: "{{ logging_profiles.result }}" control_plane: "{{ host.my_dimensions.control_plane }}" cluster: "{{ host.my_dimensions.cluster }}" cloud_name: "{{ host.my_dimensions.cloud_name }}" audit_log_dir: "{{ audit_mount_name }}" rotation_config: "{{ logging_profiles.rotation_config }}" config_actions: "rotation" - name: kronos-logrotation | configure | Populate service quotas become: yes kronos_populate_service_quotas: profiles: "{{ logging_profiles.result }}" rotation_config: "{{ logging_profiles.rotation_config }}" usable_log_percent: "{{ var_log_high_watermark_percent }}" # Configure Audit Logrotate #------------------------------------------------------------------------------- - name: >- kronos-logrotation | configure | Install default auditlogrotate.conf file become: yes template: src: auditlogrotate.conf.j2 dest: /etc/auditlogrotate.conf mode: 0644 - name: >- kronos-logrotation | configure | Set hourly auditlogrotate cron job become: yes copy: src: auditlogrotate.sh dest: /etc/cron.hourly/auditlogrotate mode: 0755 # Configure Logrotate Check #------------------------------------------------------------------------------- - name: kronos-logrotation | configure | Create /opt/kronos directory become: yes file: path: "{{ opt_kronos_dir }}" state: directory owner: root group: root mode: 0755 - name: >- kronos-logrotation | configure | Configure Logrotate if needed script become: yes template: src: "logrotate_if_needed.sh.j2" dest: "{{ logrotate_if_needed_path }}" mode: 0755 when: logrotate_check_enable - name: >- kronos-logrotation | configure | Configure rotate_if_exceeded_quota script become: yes template: src: "rotate_if_exceeded_quota.py.j2" dest: "{{ rotate_if_exceeded_quota_path }}" mode: 0755 when: logrotate_check_enable - name: >- kronos-logrotation | configure | Add cron job for checking available space for logs become: yes cron: name: "Run logrotate if high watermark hit" minute: "*/{{ logrotate_check_sleep_minutes }}" job: "{{ logrotate_if_needed_path }}" - name: >- kronos-logrotation | configure | Add cron job for checking log file sizes vs. quotas become: yes cron: name: "Run rotate_if_exceeded_quota" minute: "*/{{ logrotate_check_sleep_minutes }}" job: "{{ rotate_if_exceeded_quota_path }}" # Configure logging #------------------------------------------------------------------------------- - name: kronos-logrotation | configure | Create Kronos user become: yes user: name: "{{ kronos_user }}" group: "{{ kronos_group }}" shell: /usr/sbin/nologin createhome: no home: "{{ kronos_home_dir }}" - name: kronos-logrotation | configure | Create Kronos user home become: yes file: path: "{{ kronos_home_dir }}" state: directory owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0700 - name: kronos-logrotation | configure | Create log directory become: yes file: path: "{{ kronos_log_dir }}" state: directory owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0755 - name: kronos-logrotation | configure | Configure log file ownership become: yes file: path: "{{ kronos_log_dir }}/{{ item }}" owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0640 state: touch with_items: - logrotate_if_needed.log - rotate_if_exceeded_quota.log 07070100000059000081A40000000000000000000000015FFF6748000002BE000000000000000000000000000000000000005200000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/tasks/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Ansible doesn't seem to like a role without any main.yml 0707010000005A000081A40000000000000000000000015FFF674800001E59000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/tasks/upgrade.yml# # (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Set logfile groups to adm #------------------------------------------------------------------------------ - name: logging-server | upgrade | Get list of logfiles to set group to adm become: yes register: path_files_result ignore_errors: yes shell: >- ls /var/log/barbican/barbican.log* /var/log/barbican/barbican-worker.log* /var/log/barbican/barbican-json.log* /var/log/barbican/barbican-worker-json.log* /var/log/barbican/barbican-access.log* /var/log/barbican/barbican-monitor.log* /var/log/kronos/esutil.log* /var/log/kronos/logrotate_if_needed.log* /var/log/kronos/wsgi.log* /var/log/kronos/wsgi-access.log* /var/log/ceilometer/ceilometer.log* /var/log/ceilometer/ceilometer-api.log* /var/log/ceilometer/ceilometer-expirer.log* /var/log/ceilometer/ceilometer-polling.log* /var/log/ceilometer/ceilometer-collector.log* /var/log/ceilometer/ceilometer-preparation.log* /var/log/ceilometer/ceilometer-agent-central.log* /var/log/ceilometer/ceilometer-agent-compute.log* /var/log/ceilometer/ceilometer-alarm-notifier.log* /var/log/ceilometer/ceilometer-alarm-evaluator.log* /var/log/ceilometer/ceilometer-agent-notification.log* /var/log/ceilometer/ceilometer-json.log* /var/log/ceilometer/ceilometer-api-json.log* /var/log/ceilometer/ceilometer-expirer-json.log* /var/log/ceilometer/ceilometer-polling-json.log* /var/log/ceilometer/ceilometer-collector-json.log* /var/log/ceilometer/ceilometer-preparation-json.log* /var/log/ceilometer/ceilometer-agent-central-json.log* /var/log/ceilometer/ceilometer-agent-compute-json.log* /var/log/ceilometer/ceilometer-alarm-notifier-json.log* /var/log/ceilometer/ceilometer-alarm-evaluator-json.log* /var/log/ceilometer/ceilometer-agent-notification-json.log* /var/log/eon/eon-api.log* /var/log/eon/eon-api-json.log* /var/log/eon/eon-conductor.log* /var/log/eon/eon-conductor-json.log* /var/log/freezer-api/freezer-api.log* /var/log/ironic/ironic-api.log* /var/log/ironic/ironic-api-json.log* /var/log/ironic/ironic-conductor.log* /var/log/ironic/ironic-conductor-json.log* /var/log/ironic/ironic_ipxe_access.log* /var/log/ironic/ironic_ipxe_error.log* /var/log/monasca/api/monasca-api.log* /var/log/monasca/api/request.log* /var/log/monasca/notification/notification.log* /var/log/monasca/persister/monasca-persister.log* /var/log/keystone/keystone.log* /var/log/keystone/keystone-json.log* /var/log/keystone/keystone_access.log* /var/log/keystone/keystone_modwsgi.log* /var/log/keystone/keystone_monitoring.log* /var/log/keystone/keystone_access.log* /var/log/keystone/keystone_modwsgi.log* /var/log/keystone/keystone_monitoring.log* /var/log/shibboleth/shibd.log* /var/log/shibboleth/shibd_warn.log* /var/log/shibboleth/signature.log* /var/log/shibboleth/transaction.log* /var/log/neutron/neutron-ovs-cleanup.log* /var/log/neutron/neutron-dhcp-agent.log* /var/log/neutron/neutron-dhcp-agent-json.log* /var/log/neutron/neutron-l3-agent.log* /var/log/neutron/neutron-l3-agent-json.log* /var/log/neutron/infoblox-ipam-agent.log* /var/log/neutron/infoblox-ipam-agent-json.log* /var/log/octavia/octavia-api.log* /var/log/octavia/octavia-worker.log* /var/log/octavia/octavia-housekeeping.log* /var/log/octavia/octavia-health-manager.log* /var/log/octavia/octavia-api-json.log* /var/log/octavia/octavia-worker-json.log* /var/log/octavia/octavia-housekeeping-json.log* /var/log/octavia/octavia-health-manager-json.log* /var/log/neutron/neutron-l2gateway-agent.log* /var/log/neutron/neutron-l2gateway-agent-json.log* /var/log/neutron/neutron-lbaas-agent.log* /var/log/neutron/neutron-lbaas-agent-json.log* /var/log/neutron/neutron-metadata-agent.log* /var/log/neutron/neutron-metadata-agent-json.log* /var/log/neutron/neutron-openvswitch-agent.log* /var/log/neutron/neutron-openvswitch-agent-json.log* /var/log/neutron/ovsvapp-agent/monitor.log* /var/log/neutron/ovsvapp-agent/monitor-json.log* /var/log/neutron/ovsvapp-agent/ovsvapp_agent.log* /var/log/neutron/ovsvapp-agent/ovsvapp_agent-json.log* /var/log/neutron/neutron-sriov-nic-agent.log* /var/log/neutron/neutron-sriov-nic-agent-json.log* /var/log/neutron/neutron-server.log* /var/log/neutron/neutron-server-json.log* /var/log/neutron/neutron-vpn-agent.log* /var/log/neutron/neutron-vpn-agent-json.log* /var/log/nova/nova-api.log* /var/log/nova/nova-api-json.log* /var/log/nova/nova-cert.log* /var/log/nova/nova-cert-json.log* /var/log/nova/nova-consoleauth.log* /var/log/nova/nova-consoleauth-json.log* /var/log/nova/nova-conductor.log* /var/log/nova/nova-conductor-json.log* /var/log/nova/nova-scheduler.log* /var/log/nova/nova-scheduler-json.log* /var/log/nova/nova-novncproxy.log* /var/log/nova/nova-novncproxy-json.log* /var/log/nova/nova-baremetal-deploy-helper.log* /var/log/nova/nova-baremetal-deploy-helper-json.log* /var/log/nova/nova-compute.log* /var/log/nova/nova-compute-json.log* /var/log/designate/designate-api.log* /var/log/designate/designate-mdns.log* /var/log/designate/designate-central.log* /var/log/designate/designate-pool-manager.log* /var/log/designate/designate-zone-manager.log* /var/log/designate/designate-api-json.log* /var/log/designate/designate-mdns-json.log* /var/log/designate/designate-central-json.log* /var/log/designate/designate-pool-manager-json.log* /var/log/designate/designate-zone-manager-json.log* /var/log/ops-console/access.log* /var/log/ops-console/error.log* /var/log/heat/heat-api.log* /var/log/heat/heat-engine.log* /var/log/heat/heat-api-json.log* /var/log/heat/heat-engine-json.log* /var/log/heat/heat-api-cfn-json.log* /var/log/heat/heat-api-cloudwatch-json.log* /var/log/heat/heat-api-cfn.log* /var/log/heat/heat-api-cloudwatch.log* 2>/dev/null # NOTE: Those that are commented out are not yet adm in the current version... # /var/log/configuration_processor/errors.log* # /var/log/configuration_processor/output.log* # /var/log/ardana-service/service.log* # /var/log/logstash/logstash.log* - name: logging-server | upgrade | Set logfile groups to adm become: yes file: state: file path: "{{ item }}" group: adm ignore_errors: yes with_items: path_files_result.stdout_lines # Delete empty log files #------------------------------------------------------------------------------ - name: logging-server | upgrade | Get list of empty logfiles to delete become: yes register: delete_files_result ignore_errors: yes shell: >- find /var/log /var/audit -type f -name "*.log.1" -size 0 2>/dev/null - name: logging-server | upgrade | Delete them to avoid blocking logrotation become: yes file: state: absent path: "{{ item }}" ignore_errors: yes with_items: delete_files_result.stdout_lines 0707010000005B000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/templates0707010000005C000081A40000000000000000000000015FFF6748000000DD000000000000000000000000000000000000006400000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/templates/auditlogrotate.conf.j2# if in the future we need more config files, use this directory: #include /etc/auditlogrotate.d /var/audit/**/*.log { daily compress copytruncate missingok notifempty rotate {{ logr_rotate }} } 0707010000005D000081A40000000000000000000000015FFF674800000F96000000000000000000000000000000000000006700000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/templates/logrotate_if_needed.sh.j2#!/bin/bash # # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This script checks the size of /var/log and if it is beyond # {{ var_log_high_watermark_percent }} full, it runs logrotate. # Also... # This script checks the size of /var/audit and if it is beyond # {{ var_audit_high_watermark_percent }} full, it runs logrotate. logfile={{ logrotate_log_path }} dt="$(date +"%Y-%m-%d %H:%M:%S")\t\t" # function to find the current used size of the parition function get_current_partition_size() { echo $(df -h $partition | tail -1 | awk '{print $5}' | grep -Po '[0-9]+' ) } function check_high_low_watermarks() { current_level=$(get_current_partition_size) if [ $current_level -gt $low_watermark ] && [ $current_level -lt $high_watermark ]; then echo -e "$dt WARNING: $partition running low on disk space, at $current_level% used! (crossed low watermark of $low_watermark%) Logrotate will be forced when usage reaches high watermark of $high_watermark%!" >> $logfile fi if [ $current_level -gt $high_watermark ]; then if [ $config ]; then echo -e "$dt ERROR: $partition at $current_level% used is over high watermark of $high_watermark%. Running logrotate to free disk space..." >> $logfile $bin_name $config current_level=$(get_current_partition_size) else echo -e "$dt ERROR: $partition at $current_level% used is over high watermark of $high_watermark%, despite remediation by dynamic log rotation" fi fi # check if we still need to make space if [ $current_level -gt $high_watermark ]; then echo -e "$dt ERROR: $partition at $current_level% used is still over high watermark of $high_watermark%. Removing content of deleted files held by running processes (see man lsof)." >> $logfile lsof -w | grep $partition | grep " (deleted)$" | sort -u | awk '{ print ">/proc/" $2 "/fd/" substr($(NF-6),0,length($(NF-6))-1) }' | sh fi current_level=$(get_current_partition_size) # check if we still need to make space if [ $current_level -gt $high_watermark ]; then echo -e "$dt ERROR: $partition at $current_level% used is still over high watermark of $high_watermark%. Please consider increasing the partition size for $partition and/or removing log files. You may also consider changing the var_${which}_high_watermark_percent and/or var_${which}_low_watermark_percent." >> $logfile fi } echo -e "$dt Running logrotate_if_needed cron script ..." >> $logfile bin_name={{ logrotate_bin_path }} # bail if another instance is running if [ $(pidof -x $bin_name | wc -w) -gt 0 ]; then echo -e "$dt Logrotate is already running. Exiting..." >> $logfile exit 2 fi # bail if logrotate is not installed if [ ! -f $bin_name ]; then echo -e "$dt $bin_name not found. Is logrotate installed? If so, please make sure the logrotate_bin_path variable is set correctly. Exiting..." >> $logfile exit 3 fi # ready to see if we need to run logrotate now partition={{ var_log_partition }} which=log config={{ logrotate_conf_dir }} low_watermark={{ var_log_low_watermark_percent }} high_watermark={{ var_log_high_watermark_percent }} check_high_low_watermarks partition={{ var_audit_partition }} if [ -d "$partition" ]; then which=audit config=/etc/auditlogrotate.conf low_watermark={{ var_audit_low_watermark_percent }} high_watermark={{ var_audit_high_watermark_percent }} check_high_low_watermarks fi 0707010000005E000081A40000000000000000000000015FFF6748000015D7000000000000000000000000000000000000006C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/templates/rotate_if_exceeded_quota.py.j2#!/usr/bin/python # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import os import yaml import subprocess import logging import glob # Paths namespace paths = type('Paths', (), { 'logrotate_conf':'/etc/logrotate.d/' }) # Files namespace files = type('Files', (), { 'output_log':'/var/log/kronos/rotate_if_exceeded_quota.log', 'service_info':'/opt/kronos/service_info.yml' }) class Service: # Instance Variables subservices = [] log_files = [] name = '' quota = 0 usage = 0 # Constructor def __init__(self, name, quota, log_files, subservices): self.name = name self.quota = quota self.log_files = log_files self.subservices = subservices self.calculate_usage() def __lt__(self, other): if self.name < other.name: return True else: return False def __gt__(self, other): if self.name > other.name: return False else: return True def __str__(self): return self.name def __repr__(self): return self.name def rotate(self): """Rotate all subservices which belong to this service :returns: Nothing """ logging.debug('From service: [{}], rotating the {} following subservices.'.format(self.name, len(self.subservices))) logging.debug(self.subservices) for subservice in self.subservices: # Run logrotate for subservice with -f flag to force rotation and pipe any stderr to log if os.path.isfile(os.path.join(paths.logrotate_conf, subservice)): logging.debug('--Start [{}] logrotate Subprocess Call--'.format(subservice)) sp = subprocess.Popen(['sudo', 'logrotate', os.path.join(paths.logrotate_conf, subservice), '-f'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) sp.wait() stdout, stderr = sp.communicate() if stderr: logging.debug(stderr) logging.debug('--End [{}] logrotate Subprocess Call--'.format(subservice)) # If file doesn't exist, log a warning message else: logging.warn('Config file {} does not exist... Not rotating'.format(subservice)) def calculate_usage(self): """Calculates the usage for each service :returns: Nothing """ _sum = 0 all_logs = [] # Match log files w/ globs to files on system ( /var/log/apache2/* -> /var/log/apache2/access.log , /var/log/apache2/access.log.1.gz, ... ) for log_file in self.log_files: if not log_file.endswith('*'): log_file += "*" all_logs += glob.glob(log_file+'*') # Retrieve and sum file size of every file we have found for log_file in set(all_logs): _sum += os.path.getsize(log_file) * (10 ** -6) self.usage = _sum def print_services_to_rotate(services): """Only needed for printing/logging if needed at all :services: Dictionary { Service Name : Service Object } of all services which will be rotated :returns: Nothing """ # Create list of services which have exceeded their quota to_rotate = [] for key, service in services.iteritems(): if service.usage > service.quota: to_rotate.append(service) # Log the number of services we will rotate number_to_rotate = len(to_rotate) if number_to_rotate == 0: logging.info('No services exceeded their quota, not rotating') else: logging.info('The following {} services exceeded their quota, rotating..'.format(number_to_rotate)) logging.info(str(to_rotate)) # Log each service we will rotate including their Usage and Quota for service in sorted(to_rotate): logging.debug('\t-{}\t\t\t\tUsage: {} | Quota: {}'.format(service.name, service.usage, service.quota)) #------------------------------------------------------------------------------- try: # Configure Logging logging.basicConfig(filename=files.output_log, level=logging.INFO, format='%(asctime)s %(message)s') logging.info('rotate_if_exceeded_quota START') # Create Service objects with open(os.path.join(files.service_info), 'r') as f: service_info = yaml.load(f,Loader=yaml.FullLoader) services = {} for service_name, config in service_info.iteritems(): services[service_name] = Service(service_name, config['quota'], config['files'], config['subservices']) # For sequential logging print_services_to_rotate(services) # Rotate services which are over their quota for service_name, service in sorted(services.items()): if service.usage > service.quota: service.rotate() # Shutdown Logging logging.info('rotate_if_exceeded_quota END') logging.shutdown() except Exception, e: logging.exception(e) 0707010000005F000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004800000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/vars07070100000060000081A40000000000000000000000015FFF674800000274000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/vars/debian.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- kronos_logrotation_dependencies: - python-yaml07070100000061000081A40000000000000000000000015FFF674800000274000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/vars/redhat.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- kronos_logrotation_dependencies: - python-yaml07070100000062000081A40000000000000000000000015FFF674800000A8C000000000000000000000000000000000000005C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/vars/rotation_config.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Set service weights in relation to each other, and optionally set the # number of days to retain logs if the default is unacceptable --- apache2: weight: 100 retention: default apt: weight: 100 retention: default barbican: weight: 100 retention: default beaver: weight: 100 retention: default cassandra: weight: 100 retention: default ceilometer: weight: 100 retention: default ceph: weight: 100 retention: default cinder: weight: 100 retention: default collectl: weight: 100 retention: default deployer: weight: 100 retention: default designate: weight: 100 retention: default eon: weight: 100 retention: default foundation: weight: 100 retention: default freezer: weight: 100 retention: default glance: weight: 100 retention: default heat: weight: 100 retention: default ardana-service: weight: 100 retention: default horizon: weight: 100 retention: default ironic: weight: 100 retention: default kafka: weight: 100 retention: default keepalived: weight: 100 retention: default keystone: weight: 100 retention: default kronos: weight: 100 retention: default logging: weight: 100 retention: default magnum: weight: 100 retention: default monasca: weight: 100 retention: default crm: weight: 100 retention: default mysql: weight: 100 retention: default neutron: weight: 100 retention: default nova: weight: 100 retention: default octavia: weight: 100 retention: default ops-console: weight: 100 retention: default rabbitmq-server: weight: 100 retention: default shibboleth: weight: 100 retention: default spark: weight: 100 retention: default swift: weight: 100 retention: default syslog: weight: 100 retention: default vsa: weight: 100 retention: default yum: weight: 100 retention: default zookeeper: weight: 100 retention: default 07070100000063000081A40000000000000000000000015FFF674800000285000000000000000000000000000000000000005100000000ardana-logging-8.0+git.1610573640.452aed1/roles/kronos-logrotation/vars/suse.yml# # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- kronos_logrotation_dependencies: - cron - python-PyYAML 07070100000064000041ED0000000000000000000000055FFF674800000000000000000000000000000000000000000000003F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common07070100000065000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/defaults07070100000066000081A40000000000000000000000015FFF67480000457B000000000000000000000000000000000000005100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/defaults/main.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Select heap tunings based on system RAM #------------------------------------------------------------------------------- threshold_small_mb: 31000 threshold_medium_mb: 63000 threshold_large_mb: 127000 tuning_selector: "{% if ansible_memtotal_mb < threshold_small_mb|int %}demo{% elif ansible_memtotal_mb < threshold_medium_mb|int %}small{% elif ansible_memtotal_mb < threshold_large_mb|int %}medium{% else %}large{%endif %}" logging_possible_tunings: # RAM < 32GB demo: elasticsearch_heap_size: 512m logstash_heap_size: 512m # RAM < 64GB small: elasticsearch_heap_size: 8g logstash_heap_size: 2g # RAM < 128GB medium: elasticsearch_heap_size: 16g logstash_heap_size: 4g # RAM >= 128GB large: elasticsearch_heap_size: 31g logstash_heap_size: 8g logging_tunings: "{{ logging_possible_tunings[tuning_selector] }}" # Kibana variables #------------------------------------------------------------------------------- kibana_path: /opt/kibana kibana_internal_host: 127.0.0.1 kibana_internal_port: "{{ host.bind.LOG_SVR.internal.port }}" kibana_log_path: /var/log/kibana kibana_port: "{{ host.bind.LOG_SVR.internal.port }}" kibana_host: "{{ host.bind.LOG_SVR.internal.ip_address }}" kibana_user: "{{ LOG_SVR | item('vars.kibana_user', default='kibana') }}" kibana_pass: "{{ LOG_SVR.vars.logging_kibana_password }}" # Elasticsearch variables # We are tuning to increase indexing performance at the expense of search # performance since searching will be rare and indexing constant and heavy # https://www.elastico.co/blog/performance-indexing-2-0 # https://www.elastic.co/guide/en/elasticsearch/guide/current/indexing-performance.html # https://www.elastic.co/guide/en/elasticsearch/guide/current/_limiting_memory_usage.html #------------------------------------------------------------------------------- elasticsearch_plugin_dir: "/usr/share/elasticsearch/plugins" elasticsearch_heap_size: "{{ logging_tunings.elasticsearch_heap_size }}" elasticsearch_http_host: 127.0.0.1 elasticsearch_http_port: "{{ host.bind.LOG_SVR.elasticsearch_http.port }}" elasticsearch_transport_host: "{{ host.bind.LOG_SVR.elasticsearch_transport.ip_address }}" elasticsearch_transport_port: "{{ host.bind.LOG_SVR.elasticsearch_transport.port }}" elasticsearch_cluster_name: "{{ LOG_SVR | item('vars.elasticsearch_cluster_name', default='elasticsearch') }}" elasticsearch_max_total_indices_size_in_bytes: 21474836480 # Per index shard allocation. For few larger indices 1 shard/index/node is a good rule # of thumb. When dealing with many smaller indices 1 shard/index is recommended # Default: 5 elasticsearch_index_number_of_shards: 1 # Spinning media has a harder time with cocurrent I/O, so we need to decrease the number of # threads that can concurrently access the disk per index. This setting allows max_thread_count # + 2 threads to operate on the disk at one time, so a setting of 1 will allow 3 threads elasticsearch_index_merge_scheduler_max_thread_count: 1 # If you don't need real-time accuracy on search results, you can decrease this per index value to # futher slant performance in favor of indexing. # Default: 1s elasticsearch_index_refresh_interval: 30s # Number of operations to allow before flushing if threshold size hasn't been reached yet. # Default: unlimited elasticsearch_index_translog_flush_threshold_ops: 150000 # Allows larger segments to accumulate in the translog before a flush occurs. By letting larger # segments build, you flush less often, and the larger segments merge less often. This means # less I/O overhead and better indexing rates. # Default: 512mb elasticsearch_index_translog_flush_threshold_size: 1gb # Circuit breaker designed to estimate memory requirements of a query. If the memory requirements # are over the percentage of the heap then abort # Default: 60% elasticsearch_indices_breaker_fielddata_limit: 25% # Controls memory size for filter cache for a node # Default: 10% elasticsearch_indices_cache_filter_size: 10% # Expires filters after this amount of time # Default: -1 elasticsearch_indices_cache_filter_expire: 6h # How much heap space is allocated to field data before additional field data will # trigger eviction from the heap of older field data. # Default: unbounded elasticsearch_indices_fielddata_cache_size: 15% # Amount of total heap allocated to Elasticsaerch used for indexing # Default: 10% elasticsearch_indices_memory_index_buffer_size: 50% # Absolute minimum of memory to use for indexing # Default: 48mb elasticsearch_indices_memory_min_index_buffer_size: 200mb # Hard lower limit for the memory allocated per shard for its own indexing buffer. # Default: 4mb elasticsearch_indices_memory_min_shard_index_buffer_size: 12mb # Elasticsearch is tuned by default for search and thus has overly conservative # values here for background merging. Increase this value to reduce index # throttling. SSDs are recommended to use 100-200mb here # Default: 20mb elasticsearch_indices_store_throttle_max_bytes_per_sec: 80mb # If you don't care about search at all you can set this to "none" which will # disable throttling entirely and allow indexing to run as fast as your disks will allow # Default: merge elasticsearch_indices_store_throttle_type: merge # Number of expired documents to delete at once elasticsearch_indices_ttl_bulk_size: 100000 # Rebalancing the search to indexing ratio in favor of indexing # Default: 50 elasticsearch_threadpool_bulk_queue_size: 3000 # Number of threads for bulk operations. More than double core count doen't help # https://www.elastic.co/guide/en/elasticsearch/guide/current/_don_8217_t_touch_these_settings.html # Elasticsearch threads/node: 4VCPUs = 7, 8VCPUs = 13, 24VCPUs = 37, 48VCPUs = 73 # Default: # of available cores elasticsearch_threadpool_bulk_size: "{{ (ansible_processor_vcpus*3/2+1)|int }}" # Rebalancing the search to indexing ratio in favor of indexing # Default: 200 elasticsearch_threadpool_index_queue_size: 2000 # Number of threads for indexing operations. More than double core count doesn't help. # https://www.elastic.co/guide/en/elasticsearch/guide/current/_don_8217_t_touch_these_settings.html # Elasticsearch threads/node: 4VCPUs = 7, 8VCPUs = 13, 24VCPUs = 37, 48VCPUs = 73 # Default: # of available cores elasticsearch_threadpool_index_size: "{{ (ansible_processor_vcpus*3/2+1)|int }}" # Rebalancing the search to indexing ratio in favor of indexing # Default: 1000 elasticsearch_threadpool_search_queue_size: 100 # Number of threads for search. More than double core count doesn't help. # https://www.elastic.co/guide/en/elasticsearch/guide/current/_don_8217_t_touch_these_settings.html # Default: int((# of available cores * 3)/2) + 1 elasticsearch_threadpool_search_size: "{{ ansible_processor_vcpus }}" # Logstash defaults #------------------------------------------------------------------------------- logstash_user: logstash logstash_group: logstash logstash_heap_size: "{{ logging_tunings.logstash_heap_size }}" logstash_anonymize_salt: "{{ LOG_SVR | item('vars.logstash_anonymize_salt', default='7cd8yjqhdw') }}" logstash_operational_logs_prefix: "logstash-operational-" logstash_audit_logs_prefix: "logstash-audit-" # Set number of input/output threads. # We need to balance this with Elasticsearch and Kafka (i.e. slightly less) # Logstash threads/node: 4VCPUs = 6, 8VCPUs = 11, 24VCPUs = 33, 48VCPUs = 65 logstash_threads: "{{ (ansible_processor_vcpus*4/3+1)|int }}" # Needs to be less than or equal to elasticsearch_threadpool_bulk_queue_size # to avoid bulk rejections from Elasticsearch. logstash_flush_size: 2000 # Curator variables #---------------------------------------------------------------------------------------- curator_enable: "{{ LOG_SVR | item('vars.curator_enable', default=True) }}" curator_es_hostname: "{{ elasticsearch_http_host }}" curator_es_port: "{{ elasticsearch_http_port }}" curator_bin_path: /usr/bin/curator_cli curator_indices_regex: ^logstash-.*$ curator_num_of_indices_to_keep: "{{ LOG_SVR | item('vars.curator_num_of_indices_to_keep', default=7) }}" curator_log_path: /var/log/elasticsearch/curator.log curator_close_indices_after_days: "{{ LOG_SVR | item('vars.curator_close_indices_after_days', default=0) }}" # ES backup settings # Note: Enable this variable only after making sure you have setup a shared partition # that is accessible from all LOG-SVR nodes as described below by the curator_es_backup_partition variable. # If this variable is enabled without that, Elasticsearch will fail to start curator_enable_backup: false curator_backup_repo_name: "es_{{host.my_dimensions.cloud_name}}" # the partition where all ES snapshots will be stored # Note: this has to be a shared partition that is accessible from all the LOG-SVR ES nodes curator_es_backup_partition: /var/lib/esbackup # the default partition for Elasticsearch curator_es_partition: /var/lib/elasticsearch # The following low watermark will be used to trigger alarms if the ES partition size grows over it. # Tuning this to to a higher percent may not give sufficient time to backup old indices before they # are removed. curator_low_watermark_percent: 65 # The following high watermark will be used to decide if it is time to delete old indices. # The following approach is taken: # An hourly cronjob checks to see if there are more indices than curator_num_of_indices_to_keep. # If there are, curator will be run to delete old indices per the curator_num_of_indices_to_keep setting. # Then, a check is made to see if the partition size is below the high watermark percent. # If it is still too high, curator will be run again to delete all indices older than # curator_num_of_indices_to_keep -1, then -2, then -3 until the partition # size is below the high watermark, or only the current index remains. # Finally, if the usage is still high, just an error message is written to the log # file but the current index is NOT deleted. curator_high_watermark_percent: 90 # Logging average rates #------------------------------------------------------------------------------- kronos_logging_rate_info_msg_sec: 1 kronos_logging_rate_debug_msg_sec: 20 # Kafka variables #------------------------------------------------------------------------------- kronos_kafka_topic: logs kafka_segment_minutes: 15 kafka_node_count: "{{ FND_KFK.members.private | length }}" kronos_kafka_replication_factor: "{% if kafka_node_count | int > 3 %}3{% else %}{{ kafka_node_count }}{% endif %}" kronos_kafka_consumer_group: kronos kronos_kafka_nodes: "{{ LOG_SVR.consumes_FND_KFK.members.private }}" kronos_kafka_hosts: "{% for node in kronos_kafka_nodes %}{{ node.host }}:{{ node.port }}{% if not loop.last %},{% endif %}{% endfor %}" kronos_zookeeper_nodes: "{{ LOG_SVR.consumes_FND_ZOO.members.private }}" kronos_zookeeper_hosts: "{% for node in kronos_zookeeper_nodes %}{{ node.host }}:{{ node.port }}{% if not loop.last %},{% endif %}{% endfor %}" # Set number of Kafka partitions (i.e. you can think of these as threads) # We need to balance this with the number of logstash threads taking into account # of nodes and some headroom # Logstash threads for 3 nodes: 4VCPUs = 18, 8VCPUs = 33, 24VCPUs = 99, 48VCPUs = 144 # Kafka partitions for 3 nodes: 4VCPUs = 21, 8VCPUs = 39, 24VCPUs = 111, 48VCPUs = 219 kronos_kafka_partitions: "{{ (ansible_processor_vcpus*3/2+1)|int * (groups['LOG-SVR']|length) }}" # kronos_kafka_max_lag = # Producer Nodes (PRO) * Rate (DEBUG: ~20 msg/sec) * Kafka Partitions * # commit rate (logstash idle_flush_time=1 sec) * 4x (padding) kronos_kafka_max_lag: "{{ ( groups['LOG-PRO'] | length ) | int * kronos_logging_rate_debug_msg_sec | int * kronos_kafka_partitions | int * 4 }}" # Beaver Monitoring variables #------------------------------------------------------------------------------- kronos_domain: "Default" kronos_project: "kronos" # The folling max mem usage is used to indicate the max memory beaver is expected to use. # If the mem usage of beaver crosses this threshold it will trigger an alarm. # This is given in MB beaver_max_mem_usage: 400 # following settings are for the python-kafka client used by the Beaver kafka transport kronos_kafka_queue_put_timeout: 10 # seconds kronos_kafka_queue_maxsize: 100 # Centralized Logging enablement enable_centralized_logging: "{{ LOG_SVR | item('vars.enable_centralized_logging', default=True) }}" # Log-API #------------------------------------------------------------------------------- kronos_api_user: "{{ LOG_API | item('consumes_KEY_API.vars.logging_api_user', default='logging_api') }}" kronos_api_password: "{{ LOG_API | item('consumes_KEY_API.vars.logging_api_password') | quote }}" kronos_api_domain: "{{ LOG_API | item('consumes_KEY_API.vars.logging_domain') }}" kronos_api_admin_role: "service" # Kronos variables #---------------------------------------------------------------------------------------- kronos_user: kronos kronos_group: adm kronos_home_dir: /var/lib/kronos kronos_log_dir: /var/log/kronos kronos_wsgi_dir: "{{ www_root }}/kronos" kronos_api_log_file: kronos-api.log kronos_api_host: "{{ host.bind.LOG_API.internal.ip_address }}" kronos_api_port: "{{ host.bind.LOG_API.internal.port }}" kronos_api_url: "http://{{ kronos_api_host }}:{{ kronos_api_port }}/healthcheck" kronos_api_workers: 1 kronos_api_debug: False kronos_api_name: kronos kronos_api_proc_name: kronos kronos_api_max_log_size: 1048576 kronos_api_nodes: "{{ LOG_SVR.consumes_FND_KFK.members.private }}" kronos_api_hosts: "{% for node in kronos_api_nodes %}{{ node.host }}:{{ kronos_api_port }}{% if not loop.last %},{% endif %}{% endfor %}" keystone_admin_user: "{{ KEY_API.vars.keystone_admin_user }}" keystone_admin_password: "{{ KEY_API.vars.keystone_admin_pwd }}" keystone_admin_project: "{{ KEY_API.vars.keystone_admin_tenant }}" keystone_admin_domain: "{{ KEY_API.vars.keystone_default_domain }}" keystone_admin_auth_uri: "{{ LOG_SVR.consumes_KEY_API.vips.private[0].url }}" keystone_admin_identity_uri: "{{ LOG_SVR.consumes_KEY_API.vips.private[0].url }}" keystone_admin_authtoken_cafile: "" keystone_admin_authtoken_certfile: "" keystone_admin_authtoken_keyfile: "" keystone_admin_authtoken_insecure: false kronos_api_middleware_agent_roles: "monasca-agent, admin" kronos_api_middleware_default_roles: "{{ kronos_monitoring_role }}" keystone_admin_project_domain: "Default" keystone_admin_user_domain: "Default" system_cacert_file: "{{ trusted_ca_bundle }}" # Log Monitoring #-------------------------------------------------------------------------------- keystone_admin_endpoint: "{{ LOG_SVR.consumes_KEY_API.vips.private[0].url ~ '/v3' }}" kronos_monitoring_user: "{{ LOG_PRO | item('consumes_KEY_API.vars.logging_monitor_user', default='logging_monitor') }}" kronos_monitoring_password: "{{ LOG_PRO | item('consumes_KEY_API.vars.logging_monitor_password', default='logging') }}" kronos_monitoring_project: "{{ KEY_API.vars.keystone_admin_tenant }}" kronos_monitoring_role: "monasca-user" monasca_alarm_definition_api_url: "{{ MON_AGN.consumes_MON_API.vips.private[0].url ~ '/v2.0' }}" # The following low watermark will be used to trigger alarms if the /var/log partition size grows over it. # Tuning this to a higher percent may not give sufficient time to free disk space on /var/log before it # reaches 100% full, at which time log rotate will not work. var_log_low_watermark_percent: 80 # The following high watermark will be used to alert the user that when /var/log is 100% full, # log rotate will not work, and to free up space on /var/log. # Don't set it at 100%, as by then alarms may not fire properly var_log_high_watermark_percent: 95 # The following low watermark will be used to trigger alarms if the /var/audit partition size grows over it. # Tuning this to a higher percent may not give sufficient time to free disk space on /var/audit before it # reaches 100% full, at which time log rotate will not work. var_audit_low_watermark_percent: 80 # The following high watermark will be used to alert the user that when /var/audit is 100% full, # log rotate will not work, and to free up space on /var/audit. # Don't set it at 100%, as by then alarms may not fire properly var_audit_high_watermark_percent: 95 # This quota is in GB service_log_directory_size_quota: 100 monasca_alarm_definition_api_url: "{{ MON_AGN.consumes_MON_API.vips.private[0].url ~ '/v2.0' }}" # Log rotate variables #---------------------------------------------------------------------------------------- logrotate_conf_dir: /etc/logrotate.d logr_maxsize: 45M logr_rotate: 7 logr_json_rotate: 5 opt_kronos_dir: /opt/kronos var_kronos_dir: /var/log/kronos var_log_partition: /var/log var_audit_partition: /var/audit logrotate_check_enable: true logrotate_check_sleep_minutes: 5 logrotate_bin_path: /usr/sbin/logrotate logrotate_log_path: /var/log/kronos/logrotate_if_needed.log # sh script, but .sh removed to avoid cron issue logrotate_if_needed_path: /opt/kronos/logrotate_if_needed rotate_if_exceeded_quota_path: /opt/kronos/rotate_if_exceeded_quota.py # Base mount location for audit log files audit_mount_name: "{{ LOG.audit.dir }}" 07070100000067000081A40000000000000000000000015FFF674800000BC6000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/defaults/test_vars.yml# # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- log_message: test log_files: barbican_1: /var/log/barbican/barbican.log barbican_2: /var/log/barbican/barbican-json.log barbican_3: /var/log/barbican/barbican-worker.log barbican_4: /var/log/barbican/barbican-access.log barbican_5: /var/log/barbican/barbican-monitor.log bura_1: /var/log/freezer-json.log bura_2: /var/log/freezer-api-json.log ceilometer_1: /var/log/ceilometer/ceilometer-expirer-json.log cinder_1: /var/log/cinder/cinder-volume-json.log eon_1: /var/log/eon/json.log glance_1: /var/log/glance/glance-registry-json.log heat-api_1: /var/log/heat/heat-api-cloudwatch-json.log heat-engine_1: /var/log/heat/heat-engine-json.log horizon_1: /var/log/horizon/horizon-json.log keepalived_1: /var/log/keepalived/keepalived.log keystone_1: /var/log/keystone/keystone-json.log magnum_1: /var/log/magnum/magnum-api-json.log monasca_10: /var/log/zookeeper/zookeeper.log monasca_11: /var/log/storm/nimbus.log monasca_12: /var/log/storm/supervisor.log monasca_1: /var/log/monasca/notification/notification.log monasca_2: /var/log/monasca/agent/collector.log monasca_3: /var/log/monasca/agent/forwarder.log monasca_4: /var/log/monasca/agent/statsd.log monasca_5: /var/log/monasca/agent/supervisord.log monasca_6: /var/log/monasca/api/monasca-api.log monasca_7: /var/log/monasca/persister/monasca-persister.log monasca_8: /var/log/kafka/controller.log monasca_9: /var/log/kafka/server/log mysql_1: /var/log/mysql/error.log mysql_2: /var/log/mysql.log mysql_3: /var/log/mysql.err neutron_1: /var/log/neutron/neutron-metadata-agent-json.log nova_1: /var/log/nova/nova-baremetal-deploy-helper-json.log opsconsole_1: /var/log/ops-console/access.log opsconsole_2: /var/log/ops-console/error.log opsconsole_3: /var/log/ops-console/monitor.log rsyslog_10: /var/log/cron.log rsyslog_11: /var/log/debug rsyslog_12: /var/log/messages rsyslog_1: /var/log/mail.info rsyslog_2: /var/log/mail.warn rsyslog_3: /var/log/mail.err rsyslog_4: /var/log/mail.log rsyslog_5: /var/log/daemon.log rsyslog_6: /var/log/kern.log rsyslog_7: /var/log/auth.log rsyslog_8: /var/log/user.log rsyslog_9: /var/log/lpr.log sirius_1: /var/log/sirius/json.log swift_1: /var/log/swift/swift-json.log 07070100000068000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/meta07070100000069000081A40000000000000000000000015FFF674800000263000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/meta/main.yml# (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- dependencies: - role: tls-vars 0707010000006A000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars0707010000006B000081A40000000000000000000000015FFF674800000402000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/apache2-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-AP2 name: apache2 service: foundation logging_options: - files: - /var/log/apache2/*_log centralized_logging: enabled: false format: json log_rotate: - weekly - compress - missingok - copytruncate - rotate 7 - maxsize 45M - delaycompress - create 640 root adm 0707010000006C000081A40000000000000000000000015FFF674800000534000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/apt-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: .* name: apt service: foundation os_family: Debian logging_options: - files: - /var/log/apt/history.log centralized_logging: enabled: false format: json log_rotate: - rotate 7 - monthly - maxsize 20M - missingok - copytruncate - compress - sharedscripts - create 644 root root - files: - /var/log/apt/term.log centralized_logging: enabled: false format: json log_rotate: - rotate 7 - monthly - maxsize 20M - missingok - copytruncate - compress - sharedscripts - create 640 root adm 0707010000006D000081A40000000000000000000000015FFF67480000042C000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ardana-service-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: ARD-SVC name: ardana-service service: ardana-service logging_options: - files: - /var/log/ardana-service/ardana-service.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 5M - rotate 5 - create 640 ardana ardana - su ardana ardana 0707010000006E000081A40000000000000000000000015FFF6748000008C9000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/barbican-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: KEYMGR-.* name: barbican service: barbican monitoring: enabled: true external_name: key-manager logging_dir: /var/log/barbican logging_options: - files: - /var/log/barbican/barbican.log - /var/log/barbican/barbican-api.log - /var/log/barbican/barbican-worker.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 50M - rotate 7 - compress - missingok - copytruncate - create 640 barbican adm - files: - /var/log/barbican/barbican-json.log - /var/log/barbican/barbican-worker-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - maxsize 50M - rotate 7 - compress - missingok - copytruncate - create 640 barbican adm - files: - /var/log/barbican/barbican-access.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 50M - rotate 7 - compress - missingok - copytruncate - create 640 barbican adm - files: - /var/log/barbican/barbican-monitor.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 50M - rotate 7 - compress - missingok - copytruncate - create 640 barbican adm - files: - barbican/barbican-audit.log centralized_audit_logging: enabled: true format: rawjson 0707010000006F000081A40000000000000000000000015FFF6748000003ED000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/beaver-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: LOG-PRO name: beaver service: logging logging_options: - files: - /var/log/beaver/beaver.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 beaver adm 07070100000070000081A40000000000000000000000015FFF67480000043B000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/cassandra-clr.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-CDB name: cassandra service: cassandra monitoring: enabled: true external_name: cassandra logging_dir: /var/log/cassandra logging_options: - files: - /var/log/cassandra/debug.log - /var/log/cassandra/gc.log - /var/log/cassandra/system.log centralized_logging: enabled: true format: json log_rotate: - daily - rotate 5 - maxsize 200M - missingok - compress - copytruncate 07070100000071000081A40000000000000000000000015FFF6748000005C1000000000000000000000000000000000000006A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ceilometer-agent-notification-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CEI-NAG name: ceilometer-agent-notification service: ceilometer monitoring: enabled: true external_name: telemetry logging_dir: /var/log/ceilometer logging_options: - files: - /var/log/ceilometer/ceilometer-agent-notification.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 ceilometer adm - files: - /var/log/ceilometer/ceilometer-agent-notification-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 ceilometer adm 07070100000072000081A40000000000000000000000015FFF67480000076A000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ceilometer-api-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CEI-API name: ceilometer-api service: ceilometer monitoring: enabled: true external_name: telemetry logging_dir: /var/log/ceilometer logging_options: - files: - /var/log/ceilometer/ceilometer_access.log - /var/log/ceilometer/ceilometer_modwsgi.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 644 root root - files: - /var/log/ceilometer/ceilometer-api.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 ceilometer adm - files: - /var/log/ceilometer/ceilometer-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 ceilometer adm - files: - ceilometer/ceilometer-audit.log centralized_audit_logging: enabled: true format: rawjson 07070100000073000081A40000000000000000000000015FFF6748000007C9000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ceilometer-common-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CEI-CMN name: ceilometer-common service: ceilometer monitoring: enabled: true external_name: telemetry logging_dir: /var/log/ceilometer logging_options: - files: - /var/log/ceilometer/ceilometer.log - /var/log/ceilometer/ceilometer-expirer.log - /var/log/ceilometer/ceilometer-collector.log - /var/log/ceilometer/ceilometer-preparation.log - /var/log/ceilometer/ceilometer-agent-central.log - /var/log/ceilometer/ceilometer-agent-compute.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 ceilometer adm - files: - /var/log/ceilometer/ceilometer-json.log - /var/log/ceilometer/ceilometer-expirer-json.log - /var/log/ceilometer/ceilometer-collector-json.log - /var/log/ceilometer/ceilometer-preparation-json.log - /var/log/ceilometer/ceilometer-agent-central-json.log - /var/log/ceilometer/ceilometer-agent-compute-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 ceilometer adm 07070100000074000081A40000000000000000000000015FFF6748000005A0000000000000000000000000000000000000005F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ceilometer-polling-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CEI-POL name: ceilometer-polling service: ceilometer monitoring: enabled: true external_name: telemetry logging_dir: /var/log/ceilometer logging_options: - files: - /var/log/ceilometer/ceilometer-polling.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 ceilometer adm - files: - /var/log/ceilometer/ceilometer-polling-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 ceilometer adm 07070100000075000081A40000000000000000000000015FFF674800000B46000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ceph-mon-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CEP-MON name: ceph-mon service: ceph monitoring: enabled: true external_name: ceph-storage logging_dir: /var/log/ceph logging_options: - files: - /var/log/ceph/*-cluster.log - /var/log/ceph/*-mon.*.log centralized_logging: enabled: true format: json nosu: true log_rotate: - daily - compress - missingok - create 644 root root - maxsize 45M - rotate 5 - | sharedscripts postrotate # Prioritizing systemd before service, since there ceph.service is not defined for init.d if which systemctl > /dev/null 2>&1 && [ -x `which systemctl` ]; then if systemctl is-active 'ceph-*' | grep -i active > /dev/null 2>&1 ; then systemctl reload 'ceph-*' >/dev/null || : fi elif which service > /dev/null 2>&1 && [ -x `which service` ]; then service ceph reload >/dev/null elif which invoke-rc.d > /dev/null 2>&1 && [ -x `which invoke-rc.d` ]; then invoke-rc.d ceph reload >/dev/null fi # Possibly reload twice, but depending on ceph.conf the reload above may be a no-op if which initctl > /dev/null 2>&1 && [ -x `which initctl` ]; then for daemon in osd mon mds ; do find -L /var/lib/ceph/$daemon/ -mindepth 1 -maxdepth 1 -regextype posix-egrep -regex '.*/[A-Za-z0-9]+-[A-Za-z0-9._-]+' -printf '%P\n' \ | while read f; do if [ -e "/var/lib/ceph/$daemon/$f/done" -o -e "/var/lib/ceph/$daemon/$f/ready" ] && [ -e "/var/lib/ceph/$daemon/$f/upstart" ] && [ ! -e "/var/lib/ceph/$daemon/$f/sysvinit" ]; then cluster="${f%%-*}" id="${f#*-}" initctl reload ceph-$daemon cluster="$cluster" id="$id" 2>/dev/null || : fi done done fi endscript - files: - ceph/*-cluster.audit.log centralized_audit_logging: enabled: true format: json 07070100000076000081A40000000000000000000000015FFF674800000AA8000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ceph-osd-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CEP-OSD name: ceph-osd service: ceph monitoring: enabled: true external_name: ceph-storage logging_dir: /var/log/ceph logging_options: - files: - /var/log/ceph/*-osd.*.log centralized_logging: enabled: true format: json nosu: true log_rotate: - daily - compress - missingok - create 644 root root - maxsize 45M - rotate 5 - | sharedscripts postrotate # Prioritizing systemd before service, since there ceph.service is not defined for init.d if which systemctl > /dev/null 2>&1 && [ -x `which systemctl` ]; then if systemctl is-active 'ceph-*' | grep -i active > /dev/null 2>&1 ; then systemctl reload 'ceph-*' >/dev/null || : fi elif which service > /dev/null 2>&1 && [ -x `which service` ]; then service ceph reload >/dev/null elif which invoke-rc.d > /dev/null 2>&1 && [ -x `which invoke-rc.d` ]; then invoke-rc.d ceph reload >/dev/null fi # Possibly reload twice, but depending on ceph.conf the reload above may be a no-op if which initctl > /dev/null 2>&1 && [ -x `which initctl` ]; then for daemon in osd mon mds ; do find -L /var/lib/ceph/$daemon/ -mindepth 1 -maxdepth 1 -regextype posix-egrep -regex '.*/[A-Za-z0-9]+-[A-Za-z0-9._-]+' -printf '%P\n' \ | while read f; do if [ -e "/var/lib/ceph/$daemon/$f/done" -o -e "/var/lib/ceph/$daemon/$f/ready" ] && [ -e "/var/lib/ceph/$daemon/$f/upstart" ] && [ ! -e "/var/lib/ceph/$daemon/$f/sysvinit" ]; then cluster="${f%%-*}" id="${f#*-}" initctl reload ceph-$daemon cluster="$cluster" id="$id" 2>/dev/null || : fi done done fi endscript 07070100000077000081A40000000000000000000000015FFF674800000924000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ceph-rgw-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CEP-RGW name: ceph-rgw service: ceph monitoring: enabled: true external_name: ceph-storage logging_dir: /var/log/ceph logging_options: - files: - /var/log/ceph/radosgw.log centralized_logging: enabled: true format: json nosu: true log_rotate: - daily - compress - missingok - create 644 root root - maxsize 45M - rotate 5 - | sharedscripts postrotate if which systemctl > /dev/null 2>&1 && [ -x `which systemctl` ]; then if systemctl is-active 'radosgw' | grep -i active > /dev/null 2>&1 ; then systemctl reload 'radosgw' >/dev/null || : fi elif which service > /dev/null 2>&1 && [ -x `which service` ]; then service radosgw reload >/dev/null elif which invoke-rc.d > /dev/null 2>&1 && [ -x `which invoke-rc.d` ]; then invoke-rc.d radosgw reload >/dev/null fi # Possibly reload twice, but depending on ceph.conf the reload above may be a no-op if which initctl > /dev/null 2>&1 && [ -x `which initctl` ]; then find -L /var/lib/ceph/radosgw/ -mindepth 1 -maxdepth 1 -regextype posix-egrep -regex '.*/[A-Za-z0-9]+-[A-Za-z0-9._-]+' -printf '%P\n' \ | while read f; do if [ -e "/var/lib/ceph/radosgw/$f/done" ]; then cluster="${f%%-*}" id="${f#*-}" initctl reload radosgw cluster="$cluster" id="$id" 2>/dev/null || : fi done fi endscript 07070100000078000081A40000000000000000000000015FFF6748000005F2000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/cinder-api-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CND-API name: cinder-api service: cinder monitoring: enabled: true external_name: block-storage logging_dir: /var/log/cinder logging_options: - files: - /var/log/cinder/cinder-api.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 256M - rotate 14 - create 640 cinder adm - files: - /var/log/cinder/cinder-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 256M - rotate 1 - create 640 cinder adm - files: - cinder/cinder-audit.log centralized_audit_logging: enabled: true format: rawjson 07070100000079000081A40000000000000000000000015FFF67480000057D000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/cinder-backup-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CND-BCK name: cinder-backup service: cinder monitoring: enabled: true external_name: block-storage logging_dir: /var/log/cinder logging_options: - files: - /var/log/cinder/cinder-backup.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 14 - create 640 cinder adm - files: - /var/log/cinder/cinder-backup-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 1 - create 640 cinder adm 0707010000007A000081A40000000000000000000000015FFF674800000586000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/cinder-scheduler-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CND-SCH name: cinder-scheduler service: cinder monitoring: enabled: true external_name: block-storage logging_dir: /var/log/cinder logging_options: - files: - /var/log/cinder/cinder-scheduler.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 14 - create 640 cinder adm - files: - /var/log/cinder/cinder-scheduler-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 1 - create 640 cinder adm 0707010000007B000081A40000000000000000000000015FFF67480000057D000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/cinder-volume-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CND-VOL name: cinder-volume service: cinder monitoring: enabled: true external_name: block-storage logging_dir: /var/log/cinder logging_options: - files: - /var/log/cinder/cinder-volume.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 14 - create 640 cinder adm - files: - /var/log/cinder/cinder-volume-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 1 - create 640 cinder adm 0707010000007C000081A40000000000000000000000015FFF6748000003FF000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/collectl-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: .* name: collectl service: foundation logging_options: - files: - /var/log/collectl/*.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - rotate 7 - maxsize 45M - delaycompress - create 640 root root 0707010000007D000081A40000000000000000000000015FFF674800000558000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/crm-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: CRM-SVR name: crm service: crm monitoring: enabled: false external_name: crm logging_dir: /var/log/crm logging_options: - files: - /var/log/crm/crmconsumer.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 300M - rotate 7 - compress - missingok - copytruncate - create 640 root adm - files: - /var/log/crm/crmconsumer-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - maxsize 200M - rotate 5 - compress - missingok - copytruncate - create 640 root adm 0707010000007E000081A40000000000000000000000015FFF674800000998000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/deployer-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: OPS-LM- # Intentionally added the '-' at the end to exclude the OPS-LMTGT-ccp match name: deployer service: deployer logging_options: - files: - /var/log/configuration_processor/errors.log centralized_logging: enabled: false format: json log_rotate: - weekly - compress - missingok - copytruncate - rotate 5 - maxsize 45M - delaycompress - create 755 ardana ardana - files: - /var/log/lastlog centralized_logging: enabled: false format: json log_rotate: - weekly - compress - missingok - copytruncate - rotate 5 - maxsize 45M - delaycompress - create 664 root utmp - files: - /var/log/faillog - /var/log/fontconfig.log - /var/log/cobbler/tasks/*.log - /var/log/cobbler/cobbler.log centralized_logging: enabled: false format: json log_rotate: - weekly - compress - missingok - copytruncate - rotate 5 - maxsize 45M - delaycompress - create 644 root root - files: - /var/log/configuration_processor/output.log centralized_logging: enabled: false format: json log_rotate: - weekly - compress - missingok - copytruncate - rotate 5 - maxsize 45M - delaycompress - create 644 ardana ardana - files: - /var/log/fsck/checkfs - /var/log/fsck/checkroot centralized_logging: enabled: false format: json log_rotate: - weekly - compress - missingok - copytruncate - rotate 5 - maxsize 45M - delaycompress - create 644 root adm 0707010000007F000081A40000000000000000000000015FFF6748000005AD000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/designate-api-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: DES-API name: designate-api service: designate monitoring: enabled: true external_name: dns logging_dir: /var/log/designate logging_options: - files: - /var/log/designate/designate-api.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 designate adm - files: - /var/log/designate/designate-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 designate adm 07070100000080000081A40000000000000000000000015FFF6748000005B9000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/designate-central-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: DES-CEN name: designate-central service: designate monitoring: enabled: true external_name: dns logging_dir: /var/log/designate logging_options: - files: - /var/log/designate/designate-central.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 designate adm - files: - /var/log/designate/designate-central-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 designate adm 07070100000081000081A40000000000000000000000015FFF6748000005A6000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/designate-mdns-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: DES-MDN name: designate-mdns service: designate monitoring: enabled: true external_name: dns logging_dir: /var/log/designate logging_options: - files: - /var/log/designate/designate-mdns.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 root adm - files: - /var/log/designate/designate-mdns-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 root adm 07070100000082000081A40000000000000000000000015FFF6748000005C8000000000000000000000000000000000000006300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/designate-pool-manager-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: DES-PMG name: designate-pool-manager service: designate monitoring: enabled: true external_name: dns logging_dir: /var/log/designate logging_options: - files: - /var/log/designate/designate-pool-manager.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 designate adm - files: - /var/log/designate/designate-pool-manager-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 designate adm 07070100000083000081A40000000000000000000000015FFF67480000059E000000000000000000000000000000000000005F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/designate-producer-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: DES-PDR name: designate-producer service: designate monitoring: enabled: true external_name: dns logging_dir: /var/log/designate logging_options: - files: - /var/log/designate/designate-producer.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 designate adm - files: - /var/log/designate/designate-producer-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 designate adm 07070100000084000081A40000000000000000000000015FFF674800000598000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/designate-worker-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: DES-WKR name: designate-worker service: designate monitoring: enabled: true external_name: dns logging_dir: /var/log/designate logging_options: - files: - /var/log/designate/designate-worker.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 designate adm - files: - /var/log/designate/designate-worker-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 designate adm 07070100000085000081A40000000000000000000000015FFF6748000005C8000000000000000000000000000000000000006300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/designate-zone-manager-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: DES-ZMG name: designate-zone-manager service: designate monitoring: enabled: true external_name: dns logging_dir: /var/log/designate logging_options: - files: - /var/log/designate/designate-zone-manager.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 designate adm - files: - /var/log/designate/designate-zone-manager-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 designate adm 07070100000086000081A40000000000000000000000015FFF6748000003FB000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/elasticsearch-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: LOG-SVR name: elasticsearch service: logging logging_options: - files: - /var/log/elasticsearch/curator.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 root root 07070100000087000081A40000000000000000000000015FFF67480000054E000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/eon-api-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: EON-API name: eon-api service: eon monitoring: enabled: true external_name: eon logging_dir: /var/log/eon logging_options: - files: - /var/log/eon/eon-api.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 eon adm - files: - /var/log/eon/eon-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 eon adm 07070100000088000081A40000000000000000000000015FFF67480000055E000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/eon-conductor-clr.yml# (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: EON-CND name: eon-conductor service: eon monitoring: enabled: true external_name: eon logging_dir: /var/log/eon logging_options: - files: - /var/log/eon/eon-conductor.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 eon adm - files: - /var/log/eon/eon-conductor-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 eon adm 07070100000089000081A40000000000000000000000015FFF6748000004DC000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/freezer-agent-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- freezer_log_user: "freezer" freezer_log_group: "freezer" sub_service: hosts: FRE-AGN name: freezer-agent service: freezer monitoring: enabled: true external_name: backup logging_dir: /var/log/freezer-agent logging_options: - files: - /var/log/freezer-agent/freezer-agent-json.log - /var/log/freezer-agent/freezer-scheduler-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 14 - su root root 0707010000008A000081A40000000000000000000000015FFF67480000066E000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/freezer-api-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FRE-API name: freezer-api service: freezer monitoring: enabled: true external_name: backup logging_dir: /var/log/freezer-api logging_options: - files: - /var/log/freezer-api/freezer-api.log - /var/log/freezer-api/freezer-api-access.log - /var/log/freezer-api/freezer-api-modwsgi.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 14 - create 640 freezer adm - files: - /var/log/freezer-api/freezer-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 80M - rotate 14 - create 640 freezer adm - files: - freezer/freezer-api-audit.log centralized_audit_logging: enabled: true format: rawjson 0707010000008B000081A40000000000000000000000015FFF67480000070A000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/glance-api-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: GLA-API name: glance-api service: glance monitoring: enabled: true external_name: image-service logging_dir: /var/log/glance logging_options: - files: - /var/log/glance/glance-api.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 340M - rotate 7 - compress - missingok - copytruncate - create 640 glance adm - files: - /var/log/glance/glance-cache.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 150M - rotate 5 - compress - missingok - copytruncate - create 640 glance adm - files: - /var/log/glance/glance-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - maxsize 150M - rotate 4 - compress - missingok - copytruncate - create 640 glance adm - files: - glance/glance-audit.log centralized_audit_logging: enabled: true format: rawjson 0707010000008C000081A40000000000000000000000015FFF674800000584000000000000000000000000000000000000005C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/glance-registry-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: GLA-REG name: glance-registry service: glance monitoring: enabled: true external_name: image-service logging_dir: /var/log/glance logging_options: - files: - /var/log/glance/glance-registry.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 340M - rotate 7 - compress - missingok - copytruncate - create 640 glance adm - files: - /var/log/glance/glance-registry-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - maxsize 150M - rotate 4 - compress - missingok - copytruncate - create 640 glance adm 0707010000008D000081A40000000000000000000000015FFF67480000039E000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/haproxy-clr.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-CLU name: haproxy service: foundation logging_options: - files: - /var/log/haproxy.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - su root root 0707010000008E000081A40000000000000000000000015FFF67480000081E000000000000000000000000000000000000005100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/heat-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: HEA-API name: heat service: heat monitoring: enabled: true external_name: orchestration logging_dir: /var/log/heat logging_options: - files: - /var/log/heat/heat-api.log - /var/log/heat/heat-engine.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 20 - create 640 heat adm - files: - /var/log/heat/heat-api-json.log - /var/log/heat/heat-engine-json.log - /var/log/heat/heat-api-cfn-json.log - /var/log/heat/heat-api-cloudwatch-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 heat adm - files: - /var/log/heat/heat-api-cfn.log - /var/log/heat/heat-api-cloudwatch.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 heat adm - files: - heat/heat-api-audit.log - heat/heat-api-cfn-audit.log - heat/heat-api-cloudwatch-audit.log centralized_audit_logging: enabled: true format: rawjson 0707010000008F000081A40000000000000000000000015FFF6748000008FC000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/horizon-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: HZN-WEB name: horizon service: horizon monitoring: enabled: true external_name: web-ui logging_dir: /var/log/horizon logging_options: - files: - /var/log/horizon/horizon_access.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 100M - rotate 7 - compress - missingok - copytruncate - create 640 horizon horizon - files: - /var/log/horizon/horizon_error.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 300M - rotate 7 - compress - missingok - copytruncate - create 640 horizon horizon - files: - /var/log/horizon/horizon-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - maxsize 400M - rotate 5 - compress - missingok - copytruncate - create 640 horizon horizon - files: - /var/log/horizon/management/management.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 45M - rotate 7 - compress - missingok - copytruncate - create 640 horizon-venv horizon - files: - /var/log/horizon/management/management-json.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 45M - rotate 7 - compress - missingok - copytruncate - create 640 horizon-venv horizon 07070100000090000081A40000000000000000000000015FFF674800000453000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/influx-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-IDB name: influx service: foundation monitoring: enabled: false external_name: monitoring logging_dir: /var/log/influxdb logging_options: - files: - /var/log/influxdb/influxd.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 root root 07070100000091000081A40000000000000000000000015FFF6748000007BB000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ironic-api-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: IRN-API name: ironic-api service: ironic monitoring: enabled: true external_name: baremetal logging_dir: /var/log/ironic logging_options: - files: - /var/log/ironic/ironic-api.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 7 - create 640 ironic adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - /var/log/ironic/ironic-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 5 - create 640 ironic adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - ironic/ironic-api-audit.log centralized_audit_logging: enabled: true format: rawjson 07070100000092000081A40000000000000000000000015FFF674800000B54000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ironic-conductor-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: IRN-CND name: ironic-conductor service: ironic monitoring: enabled: true external_name: baremetal logging_dir: /var/log/ironic logging_options: - files: - /var/log/ironic/ironic-conductor.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 7 - create 640 ironic adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - /var/log/ironic/ironic-conductor-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 5 - create 640 ironic adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - /var/log/ironic/ironic_ipxe_access.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 7 - create 640 ironic adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - /var/log/ironic/ironic_ipxe_error.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 7 - create 640 ironic adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript 07070100000093000081A40000000000000000000000015FFF674800000428000000000000000000000000000000000000005200000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/kafka-clr.yml# # (c) Copyright 2015-2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-KFK name: kafka service: foundation logging_options: - files: - /var/log/kafka/controller.log - /var/log/kafka/server.log centralized_logging: enabled: true format: json - files: - /var/log/kafka/kafkaServer-gc.log - /var/log/kafka/state-change.log centralized_logging: enabled: false format: json 07070100000094000081A40000000000000000000000015FFF6748000004BE000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/keepalived-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-CLU name: keepalived service: foundation logging_options: - files: - /var/log/keepalived.log centralized_logging: enabled: true format: json log_rotate: - daily - rotate 5 - maxsize 45M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - | sharedscripts postrotate invoke-rc.d --quiet rsyslog rotate >/dev/null 2>&1 || true endscript - create 640 root adm 07070100000095000081A40000000000000000000000015FFF674800000957000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/keystone-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: KEY-API name: keystone service: keystone monitoring: enabled: true external_name: identity-service logging_dir: /var/log/keystone logging_options: - files: - /var/log/keystone/keystone.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 300M - rotate 7 - compress - missingok - copytruncate - create 640 keystone adm - files: - /var/log/keystone/keystone-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - maxsize 200M - rotate 5 - compress - missingok - copytruncate - create 640 keystone adm - files: - /var/log/keystone/keystone_access.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 45M - rotate 7 - compress - missingok - copytruncate - create 640 root adm - files: - /var/log/keystone/keystone_monitoring.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 275M - rotate 7 - compress - missingok - copytruncate - create 640 root adm - files: - /var/log/keystone/keystone_modwsgi.log centralized_logging: enabled: false format: json log_rotate: - monthly - maxsize 10M - rotate 7 - compress - missingok - copytruncate - create 640 root adm - files: - keystone/keystone-audit.log centralized_audit_logging: enabled: true format: rawjson 07070100000096000081A40000000000000000000000015FFF67480000052F000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/kibana-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: LOG-SVR name: kibana service: logging logging_options: - files: - /var/log/kibana/kibana.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 kibana adm - files: - /var/log/kibana/kibana_error.log - /var/log/kibana/kibana_access.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 kibana adm 07070100000097000081A40000000000000000000000015FFF674800000432000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/kronos-pro-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: LOG-ROT name: kronos-pro service: kronos logging_options: - files: - /var/log/kronos/logrotate_if_needed.log - /var/log/kronos/rotate_if_exceeded_quota.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 45M - rotate 7 - compress - missingok - copytruncate - create 640 kronos adm 07070100000098000081A40000000000000000000000015FFF67480000057A000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/kronos-svr-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: LOG-SVR name: kronos-svr service: kronos logging_options: - files: - /var/log/kronos/kronos-api.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 400M - rotate 7 - compress - missingok - copytruncate - create 640 kronos adm - files: - /var/log/kronos/elasticsearch.log - /var/log/kronos/esutil.log - /var/log/kronos/wsgi.log - /var/log/kronos/wsgi-access.log centralized_logging: enabled: false format: json log_rotate: - daily - maxsize 45M - rotate 7 - compress - missingok - copytruncate - create 640 kronos adm 07070100000099000081A40000000000000000000000015FFF6748000003F5000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/logstash-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: LOG-SVR name: logstash service: logging logging_options: - files: - /var/log/logstash/logstash.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 logstash adm 0707010000009A000081A40000000000000000000000015FFF6748000005CD000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/magnum-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: MAG-API name: magnum service: magnum monitoring: enabled: true external_name: container logging_dir: /var/log/magnum logging_options: - files: - /var/log/magnum/magnum-api.log - /var/log/magnum/magnum-conductor.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 20 - create 640 magnum adm - files: - /var/log/magnum/magnum-api-json.log - /var/log/magnum/magnum-conductor-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 magnum adm 0707010000009B000081A40000000000000000000000015FFF6748000004F3000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/monasca-agent-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: MON-AGN name: monasca-agent service: monasca monitoring: enabled: true external_name: monitoring logging_dir: /var/log/monasca logging_options: - files: - /var/log/monasca/agent/collector.log - /var/log/monasca/agent/forwarder.log - /var/log/monasca/agent/statsd.log - /var/log/monasca/agent/supervisord.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 monasca-agent monasca 0707010000009C000081A40000000000000000000000015FFF6748000005E5000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/monasca-api-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: MON-API name: monasca-api service: monasca monitoring: enabled: true external_name: monitoring logging_dir: /var/log/monasca logging_options: - files: - /var/log/monasca/api/monasca-api.log - /var/log/monasca/api/monasca_api_wsgi-access.log - /var/log/monasca/api/monasca_api_wsgi.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 mon-api adm - files: - /var/log/monasca/api/request.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 mon-api adm 0707010000009D000081A40000000000000000000000015FFF674800000478000000000000000000000000000000000000006100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/monasca-notification-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: MON-NTF name: monasca-notification service: monasca monitoring: enabled: true external_name: monitoring logging_dir: /var/log/monasca logging_options: - files: - /var/log/monasca/notification/notification.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 5 - create 640 mon-notification adm 0707010000009E000081A40000000000000000000000015FFF674800000474000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/monasca-persister-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: MON-PST name: monasca-persister service: monasca monitoring: enabled: true external_name: monitoring logging_dir: /var/log/monasca logging_options: - files: - /var/log/monasca/persister/monasca-persister.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 90M - rotate 5 - create 640 mon-persister adm 0707010000009F000081A40000000000000000000000015FFF674800000827000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/monasca-storm-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: MON-THR name: monasca-storm service: monasca monitoring: enabled: false external_name: monitoring logging_dir: /var/log/storm logging_options: - files: - /var/log/storm/access.log - /var/log/storm/metrics.log - /var/log/storm/access-nimbus.log - /var/log/storm/access-supervisor.log - /var/log/storm/access-web-nimbus.log - /var/log/storm/access-web-supervisor.log - /var/log/storm/6701/worker.log.metrics - /var/log/storm/6702/worker.log.metrics - /var/log/storm/6703/worker.log.metrics - /var/log/storm/6704/worker.log.metrics centralized_logging: enabled: false format: json - files: - /var/log/storm/6701/worker.log - /var/log/storm/6701/worker.log.err - /var/log/storm/6701/worker.log.out - /var/log/storm/6702/worker.log - /var/log/storm/6702/worker.log.err - /var/log/storm/6702/worker.log.out - /var/log/storm/6703/worker.log - /var/log/storm/6703/worker.log.err - /var/log/storm/6703/worker.log.out - /var/log/storm/6704/worker.log - /var/log/storm/6704/worker.log.err - /var/log/storm/6704/worker.log.out - /var/log/storm/nimbus.log - /var/log/storm/supervisor.log # to be removed after storm upgrade: - /var/log/storm/worker*.log centralized_logging: enabled: true format: json 070701000000A0000081A40000000000000000000000015FFF6748000004A0000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/monasca-transform-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: MON-TRA name: monasca-transform service: monasca monitoring: enabled: false external_name: monasca-transform logging_dir: /var/log/monasca/monasca-transform logging_options: - files: - /var/log/monasca/monasca-transform/monasca-transform.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 370M - rotate 7 - create 640 monasca-transform adm 070701000000A1000081A40000000000000000000000015FFF6748000006BE000000000000000000000000000000000000005200000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/mysql-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-MDB name: mysql service: foundation logging_options: - files: - /var/log/mysql.log - /var/log/mysql.err - /var/log/mysql/error.log - /var/log/mysql/mysql-slow.log centralized_logging: enabled: true format: json nosu: true log_rotate: - daily - rotate 5 - maxsize 45M - missingok # - copytruncate # logs w/ postrotate script shouldn't have copytruncate - compress - | sharedscripts postrotate if test -x /usr/bin/mysqladmin && /usr/bin/mysqladmin ping &>/dev/null then env HOME="$(realpath ~root)" /usr/bin/mysql -e 'select @@global.long_query_time,@@global.slow_query_log into @lqt_save, @sq_save; set global long_query_time=2000; set global slow_query_log = 0; select sleep(2); FLUSH LOGS; select sleep(2); set global long_query_time=@lqt_save; set global slow_query_log=@sq_save;' > /var/log/mysqladmin.flush-logs 2>&1 fi endscript - create 640 mysql adm 070701000000A2000081A40000000000000000000000015FFF67480000058A000000000000000000000000000000000000005900000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-dhcp-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-DHCP name: neutron-dhcp service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-dhcp-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-dhcp-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 50M - rotate 3 - create 640 neutron adm 070701000000A3000081A40000000000000000000000015FFF674800000585000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-fwaas-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-L3A name: neutron-fwaas service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-l3-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-l3-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 30M - rotate 3 - create 640 neutron adm 070701000000A4000081A40000000000000000000000015FFF674800000596000000000000000000000000000000000000006200000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-infoblox-ipam-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-IFBLXA name: neutron-infoblox-ipam service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/infoblox-ipam-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/infoblox-ipam-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 30M - rotate 3 - create 640 neutron adm 070701000000A5000081A40000000000000000000000015FFF674800000599000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-l2gateway-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-L2GWA name: neutron-l2gateway service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-l2gateway-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-l2gateway-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 30M - rotate 3 - create 640 neutron adm 070701000000A6000081A40000000000000000000000015FFF67480000058E000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-lbaas-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-LBAV.* name: neutron-lbaas service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-lbaas-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-lbaas-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 30M - rotate 3 - create 640 neutron adm 070701000000A7000081A40000000000000000000000015FFF6748000006B6000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-mda-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-MDA name: neutron-mda service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-metadata-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-metadata-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 3 - create 640 neutron adm - files: - /var/log/neutron/neutron-ns-metadata-proxy*.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100K - rotate 1 - create 640 root root 070701000000A8000081A40000000000000000000000015FFF6748000006B7000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-ovs-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-OVS name: neutron-ovs service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-ovs-cleanup.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 10M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-openvswitch-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-openvswitch-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 75M - rotate 3 - create 640 neutron adm 070701000000A9000081A40000000000000000000000015FFF6748000005A1000000000000000000000000000000000000005C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-ovsvapp-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-OVSVAPP name: neutron-ovsvapp service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/ovsvapp-agent/ovsvapp_agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/ovsvapp-agent/ovsvapp_agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 30M - rotate 3 - create 640 neutron adm 070701000000AA000081A40000000000000000000000015FFF674800000601000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-server-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-SVR name: neutron-server service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-server.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-server-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 75M - rotate 3 - create 640 neutron adm - files: - neutron/neutron-audit.log centralized_audit_logging: enabled: true format: rawjson 070701000000AB000081A40000000000000000000000015FFF674800000595000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-sriov-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-SRIOV name: neutron-sriov service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-sriov-nic-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-sriov-nic-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 3 - create 640 neutron adm 070701000000AC000081A40000000000000000000000015FFF674800000589000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/neutron-vpnaas-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-VPNA name: neutron-vpnaas service: neutron monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/neutron-vpn-agent.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 640 neutron adm - files: - /var/log/neutron/neutron-vpn-agent-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 30M - rotate 3 - create 640 neutron adm 070701000000AD000081A40000000000000000000000015FFF674800001023000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/nova-api-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NOV-API name: nova-api service: nova monitoring: enabled: true external_name: compute logging_dir: /var/log/nova logging_options: - files: - /var/log/nova/nova-manage.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 10M - rotate 7 - create 640 root root - files: - /var/log/nova/nova-api.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 180M - rotate 7 - create 640 nova adm - files: - /var/log/nova/nova-api-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 20M - rotate 5 - create 640 nova adm - files: - /var/log/nova/nova-baremetal-deploy-helper.log - /var/log/nova/nova-cert.log - /var/log/nova/nova-consoleauth.log - /var/log/nova/nova-novncproxy.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 4M - rotate 7 - create 640 nova adm - files: - /var/log/nova/nova-baremetal-deploy-helper-json.log - /var/log/nova/nova-cert-json.log - /var/log/nova/nova-consoleauth-json.log - /var/log/nova/nova-novncproxy-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 4M - rotate 5 - create 640 nova adm - files: - /var/log/nova/nova-conductor.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 400M - rotate 7 - create 640 nova adm - files: - /var/log/nova/nova-conductor-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 30M - rotate 5 - create 640 nova adm - files: - /var/log/nova/nova-scheduler.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 nova adm - files: - /var/log/nova/nova-scheduler-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 10M - rotate 5 - create 640 nova adm - files: - nova/nova-audit.log centralized_audit_logging: enabled: true format: rawjson - files: - /var/log/nova/nova-placement-api.log - /var/log/nova/nova_placement_api_wsgi-access.log - /var/log/nova/nova_placement_api_wsgi.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 180M - rotate 7 - create 640 nova adm 070701000000AE000081A40000000000000000000000015FFF674800000568000000000000000000000000000000000000005900000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/nova-compute-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NOV-CMP name: nova-compute service: nova monitoring: enabled: true external_name: compute logging_dir: /var/log/nova logging_options: - files: - /var/log/nova/nova-compute.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 200M - rotate 7 - create 640 nova adm - files: - /var/log/nova/nova-compute-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok - copytruncate - maxsize 20M - rotate 5 - create 640 nova adm 070701000000AF000081A40000000000000000000000015FFF67480000040B000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/nova-compute-kvm-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NOV-KVM name: nova-compute-kvm service: nova logging_options: - files: - /var/log/libvirt/libvirt.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 50M - rotate 7 - create 640 root root 070701000000B0000081A40000000000000000000000015FFF6748000006CD000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/octavia-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: OCT-.* name: octavia service: octavia monitoring: enabled: true external_name: octavia logging_dir: /var/log/octavia logging_options: - files: - /var/log/octavia/octavia-api.log - /var/log/octavia/octavia-worker.log - /var/log/octavia/octavia-housekeeping.log - /var/log/octavia/octavia-health-manager.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 7 - create 640 octavia adm - files: - /var/log/octavia/octavia-api-json.log - /var/log/octavia/octavia-worker-json.log - /var/log/octavia/octavia-housekeeping-json.log - /var/log/octavia/octavia-health-manager-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - delaycompress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 octavia adm 070701000000B1000081A40000000000000000000000015FFF6748000005CA000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/openvswitch-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-.* # Name overrides package provided profile intentionally name: openvswitch service: neutron os_family: RedHat logging_options: - files: - /var/log/openvswitch/ovs-ctl.log - /var/log/openvswitch/ovs-vswitchd.log - /var/log/openvswitch/ovsdb-server.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - maxsize 45M - rotate 7 - | sharedscripts postrotate if [ -d /var/run/openvswitch ]; then for pidfile in `cd /var/run/openvswitch && echo *.pid`; do ovs-appctl -t "${pidfile%%.pid}" vlog/reopen done fi endscript - create 640 root adm 070701000000B2000081A40000000000000000000000015FFF6748000005D1000000000000000000000000000000000000005F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/openvswitch-switch-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: NEU-.* name: openvswitch-switch # Name overrides package provided profile intentionally service: neutron os_family: Debian logging_options: - files: - /var/log/openvswitch/ovs-ctl.log - /var/log/openvswitch/ovs-vswitchd.log - /var/log/openvswitch/ovsdb-server.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - delaycompress - missingok - maxsize 45M - rotate 7 - | sharedscripts postrotate if [ -d /var/run/openvswitch ]; then for pidfile in `cd /var/run/openvswitch && echo *.pid`; do ovs-appctl -t "${pidfile%%.pid}" vlog/reopen done fi endscript - create 640 root adm 070701000000B3000081A40000000000000000000000015FFF674800000487000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ops-console-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: OPS-WEB name: ops-console service: ops-console monitoring: enabled: true external_name: ops-console logging_dir: /var/log/ops-console logging_options: - files: - /var/log/ops-console/access.log - /var/log/ops-console/error.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 200M - rotate 5 - create 640 opscon adm 070701000000B4000081A40000000000000000000000015FFF67480000041F000000000000000000000000000000000000004C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/pbl.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: .* # Name overrides package provided profile intentionally name: pbl service: foundation os_family: SUSE logging_options: - files: - /var/log/pbl centralized_logging: enabled: false format: json log_rotate: - rotate 7 - daily - maxsize 45M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - create 640 root adm 070701000000B5000081A40000000000000000000000015FFF6748000004C0000000000000000000000000000000000000005C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/rabbitmq-server-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-RMQ name: rabbitmq-server service: foundation logging_options: - files: - /var/log/rabbitmq/*.log centralized_logging: enabled: true format: json nosu: true log_rotate: - daily - compress - delaycompress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 5 - | sharedscripts postrotate /usr/sbin/rabbitmqctl rotate_logs > /dev/null endscript 070701000000B6000081A40000000000000000000000015FFF674800000EC9000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/rsyslog-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: .* # Name overrides package provided profile intentionally name: rsyslog service: foundation os_family: Debian logging_options: - files: - /var/log/syslog centralized_logging: enabled: true format: json log_rotate: - daily - rotate 7 - maxsize 500M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - postrotate - " kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null || true" - endscript - create 640 root adm - files: - /var/log/daemon.log centralized_logging: enabled: false format: json log_rotate: - rotate 7 - daily - maxsize 500M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - postrotate - " kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null || true" - endscript - create 640 root adm - files: - /var/log/mail.info - /var/log/mail.warn - /var/log/mail.err - /var/log/mail.log centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 10M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - sharedscripts - postrotate - " kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null || true" - endscript - create 640 root adm - files: - /var/log/auth.log - /var/log/boot.log - /var/log/cron.log - /var/log/debug - /var/log/kern.log - /var/log/lpr.log - /var/log/messages - /var/log/user.log - /var/log/dmesg centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 45M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - sharedscripts - postrotate - " kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null || true" - endscript - create 640 root adm - files: - /var/log/install_package.log - /var/log/rsyncd.log - /var/log/setup_systemd.log - /var/log/mcelog - /var/log/fontconfig.log centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 45M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - postrotate - " kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null || true" - endscript - create 644 root root - files: - /var/log/ntpstats/*stats centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 45M - missingok - copytruncate - compress - create 644 ntp ntp 070701000000B7000081A40000000000000000000000015FFF67480000046C000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/shibboleth-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-CLU name: shibboleth service: keystone logging_options: - files: - /var/log/shibboleth/shibd.log - /var/log/shibboleth/shibd_warn.log - /var/log/shibboleth/signature.log - /var/log/shibboleth/transaction.log centralized_logging: enabled: false format: json log_rotate: - maxsize 45M - rotate 7 - compress - missingok - copytruncate - create 640 shibd adm 070701000000B8000081A40000000000000000000000015FFF67480000049C000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/shibboleth-www-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: # FND-AP2 installed on: # deployer (aka ARD-SVC) by deployer-init.yml # FND-AP2 by FND-AP2-deploy.yml hosts: ARD-SVC:FND-CLU name: shibboleth-www service: keystone logging_options: - files: - /var/log/shibboleth-www/native.log - /var/log/shibboleth-www/native_warn.log centralized_logging: enabled: false format: json log_rotate: - maxsize 45M - rotate 7 - compress - missingok - copytruncate - create 640 shibd adm 070701000000B9000081A40000000000000000000000015FFF674800000474000000000000000000000000000000000000005200000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/spark-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-SPA name: spark service: foundation monitoring: enabled: false external_name: spark logging_dir: /var/log/spark logging_options: - files: - /var/log/spark/spark-master.log - /var/log/spark/spark-worker.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 45M - rotate 7 - create 644 root root 070701000000BA000081A40000000000000000000000015FFF6748000007C9000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/ssyslog-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: .* # Name overrides package provided profile intentionally name: syslog service: foundation os_family: SUSE logging_options: - files: - /var/log/warn - /var/log/messages - /var/log/allmessages - /var/log/localmessages - /var/log/firewall - /var/log/acpid - /var/log/NetworkManager - /var/log/mail - /var/log/mail.info - /var/log/mail.warn - /var/log/mail.err - /var/log/news/news.crit - /var/log/news/news.err - /var/log/news/news.notice centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 45M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - sharedscripts - postrotate - " /usr/bin/systemctl reload syslog.service > /dev/null" - endscript - create 640 root adm - files: - /var/log/alternatives.log - /var/log/install_package.log - /var/log/setup_systemd.log - /var/log/rc.dhcpd.log centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 45M - missingok - copytruncate - compress - create 644 root root 070701000000BB000081A40000000000000000000000015FFF674800000BA1000000000000000000000000000000000000005200000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/swift-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: SWF-.* name: swift service: swift monitoring: enabled: true external_name: object-storage logging_dir: /var/log/swift logging_options: - files: - /var/log/swift/swift.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 400M - rotate 7 - create 640 root adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - /var/log/swift/swift-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 400M - rotate 5 - create 640 root adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - /var/log/swiftlm/uptime-mon.log centralized_logging: enabled: false format: json log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 7 - create 640 root adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - /var/log/swiftlm/uptime-mon-json.log centralized_logging: enabled: true format: rawjson log_rotate: - daily - compress - missingok # - copytruncate # any log with postrotate script should not have copytruncate - maxsize 45M - rotate 5 - create 640 root adm - postrotate - " if [ -f /var/run/rsyslogd.pid ] ; then kill -HUP $(cat /var/run/rsyslogd.pid 2> /dev/null) &> /dev/null; fi || true" - endscript - files: - swift/swift-audit.log centralized_audit_logging: enabled: true format: rawjson 070701000000BC000081A40000000000000000000000015FFF6748000007A5000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/syslog-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: .* # Name overrides package provided profile intentionally name: syslog service: foundation os_family: RedHat logging_options: - files: - /var/log/boot.log - /var/log/cron - /var/log/maillog - /var/log/messages - /var/log/secure - /var/log/spooler centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 45M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - sharedscripts - postrotate - " kill -HUP $(cat /var/run/syslogd.pid 2> /dev/null) &> /dev/null || true" - endscript - create 640 root adm - files: - /var/log/install_package.log - /var/log/setup_systemd.log - /var/log/tuned/tuned.log - /var/log/dmesg centralized_logging: enabled: false format: json log_rotate: - rotate 7 - weekly - maxsize 45M - missingok # - copytruncate # any log with postrotate script should not have copytruncate - compress - postrotate - " kill -HUP $(cat /var/run/syslogd.pid 2> /dev/null) &> /dev/null || true" - endscript - create 644 root root 070701000000BD000081A40000000000000000000000015FFF6748000003ED000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/vsa-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: VSA-BLK name: vsa service: vsa logging_options: - files: - /var/log/storevirtual-installer.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - copytruncate - maxsize 100M - rotate 5 - create 640 root adm 070701000000BE000081A40000000000000000000000015FFF6748000003F3000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/yum-clr.yml# # (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: .* name: yum service: foundation os_family: RedHat logging_options: - files: - /var/log/yum.log centralized_logging: enabled: false format: json log_rotate: - monthly - maxsize 30K - rotate 7 - compress - missingok - copytruncate - create 600 root root 070701000000BF000081A40000000000000000000000015FFF67480000035D000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-common/vars/zookeeper-clr.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: FND-ZOO name: zookeeper service: foundation logging_options: - files: - /var/log/zookeeper/zookeeper.log centralized_logging: enabled: true format: json 070701000000C0000041ED0000000000000000000000065FFF674800000000000000000000000000000000000000000000004000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor070701000000C1000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/files070701000000C2000081A40000000000000000000000015FFF6748000005FE000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/files/BeaverDetect.py# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import logging import monasca_setup.agent_config import monasca_setup.detection log = logging.getLogger(__name__) PROCESS = "beaver" SERVICE = "logging" class BeaverDetect(monasca_setup.detection.Plugin): """Detect Beaver and setup configuration to monitor it. """ def _detect(self): """Run detection, set self.available True if the process is detected. """ if monasca_setup.detection.find_process_cmdline(PROCESS) is not None: self.available = True def build_config(self): """Build the config as a Plugins object and return. """ log.info("\tEnabling the Beaver plugin") config = monasca_setup.agent_config.Plugins() config.merge(monasca_setup.detection.watch_process([PROCESS], exact_match=False, service=SERVICE)) return config def dependencies_installed(self): return True 070701000000C3000081A40000000000000000000000015FFF6748000005FE000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/files/KibanaDetect.py# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import logging import monasca_setup.agent_config import monasca_setup.detection log = logging.getLogger(__name__) PROCESS = "kibana" SERVICE = "logging" class KibanaDetect(monasca_setup.detection.Plugin): """Detect Kibana and setup configuration to monitor it. """ def _detect(self): """Run detection, set self.available True if the process is detected. """ if monasca_setup.detection.find_process_cmdline(PROCESS) is not None: self.available = True def build_config(self): """Build the config as a Plugins object and return. """ log.info("\tEnabling the Kibana plugin") config = monasca_setup.agent_config.Plugins() config.merge(monasca_setup.detection.watch_process([PROCESS], exact_match=False, service=SERVICE)) return config def dependencies_installed(self): return True 070701000000C4000081A40000000000000000000000015FFF674800000631000000000000000000000000000000000000005900000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/files/KronosAPIDetect.py# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import logging import monasca_setup.agent_config import monasca_setup.detection log = logging.getLogger(__name__) PROCESS = "monasca-log-api" SERVICE = "logging" class KronosAPIDetect(monasca_setup.detection.Plugin): """Detect Kronos Logging API and setup configuration to monitor it. """ def _detect(self): """Run detection, set self.available True if the process is detected. """ if monasca_setup.detection.find_process_cmdline(PROCESS) is not None: self.available = True def build_config(self): """Build the config as a Plugins object and return. """ log.info("\tEnabling the Kronos Logging API Process Detect plugin") config = monasca_setup.agent_config.Plugins() config.merge(monasca_setup.detection.watch_process([PROCESS], exact_match=False, service=SERVICE)) return config def dependencies_installed(self): return True 070701000000C5000081A40000000000000000000000015FFF674800000606000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/files/LogstashDetect.py# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import logging import monasca_setup.agent_config import monasca_setup.detection log = logging.getLogger(__name__) PROCESS = "logstash" SERVICE = "logging" class LogstashDetect(monasca_setup.detection.Plugin): """Detect Logstash and setup configuration to monitor it. """ def _detect(self): """Run detection, set self.available True if the process is detected. """ if monasca_setup.detection.find_process_cmdline(PROCESS) is not None: self.available = True def build_config(self): """Build the config as a Plugins object and return. """ log.info("\tEnabling the Logstash plugin") config = monasca_setup.agent_config.Plugins() config.merge(monasca_setup.detection.watch_process([PROCESS], exact_match=False, service=SERVICE)) return config def dependencies_installed(self): return True 070701000000C6000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/meta070701000000C7000081A40000000000000000000000015FFF6748000002BA000000000000000000000000000000000000004E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/meta/main.yml# # (c) Copyright 2015 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- dependencies: - {role: monasca-agent, run_mode: Use} 070701000000C8000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/tasks070701000000C9000081A40000000000000000000000015FFF674800002478000000000000000000000000000000000000005C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/tasks/alarm-definitions.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Setup default email notification method #------------------------------------------------------------------------------ - name: logging-monitor | alarm-definitions | Set default email notification become: yes monasca_notification_method: name: "Default Email" type: 'EMAIL' address: "root@localhost" keystone_url: "{{ keystone_admin_endpoint }}" keystone_user: "{{ keystone_admin_user }}" keystone_password: "{{ keystone_admin_password | quote }}" keystone_project: "{{ kronos_monitoring_project }}" keystone_project_domain: "{{ keystone_admin_project_domain }}" keystone_user_domain: "{{ keystone_admin_user_domain }}" keystone_verify: "{{ system_cacert_file }}" monasca_api_url: "{{ monasca_alarm_definition_api_url }}" overwrite: false register: default_notification_result run_once: true # Configure Monasca alarm definitions #------------------------------------------------------------------------------ - name: >- logging-monitor | alarm-definitions | Setup default check against monasca-log-api url become: yes monasca_agent_plugin: name: "httpcheck" args: >- url={{ kronos_api_url }} use_keystone=true dimensions=service:logging,monitored_host_type:instance - name: logging-monitor | alarm-definitions | Remove old alarm definitions become: yes monasca_alarm_definition: state: absent name: "{{ item.name }}" monasca_api_url: "{{ monasca_alarm_definition_api_url }}" keystone_url: "{{ keystone_admin_endpoint }}" keystone_user: "{{ keystone_admin_user }}" keystone_password: "{{ keystone_admin_password | quote }}" keystone_project: "{{ kronos_monitoring_project }}" keystone_project_domain: "{{ keystone_admin_project_domain }}" keystone_user_domain: "{{ keystone_admin_user_domain }}" keystone_verify: "{{ system_cacert_file }}" severity: "Medium" ok_actions: - "{{ default_notification_result.notification_method_id }}" undetermined_actions: - "{{ default_notification_result.notification_method_id }}" alarm_actions: - "{{ default_notification_result.notification_method_id }}" run_once: true with_items: - name: "Elasticsearch Open File Descriptors" - name: "Elasticsearch Max Total Indices Size" - name: "Elasticsearch Low Watermark alarm definition" - name: "Elasticsearch High Watermark alarm definition" - name: logging-monitor | alarm-definitions | Create Logging Alarm Definitions become: yes monasca_alarm_definition: name: "{{ item.name }}" description: "{{ item.description }}" expression: "{{ item.expression }}" monasca_api_url: "{{ monasca_alarm_definition_api_url }}" keystone_url: "{{ keystone_admin_endpoint }}" keystone_user: "{{ keystone_admin_user }}" keystone_password: "{{ keystone_admin_password | quote }}" keystone_project: "{{ kronos_monitoring_project }}" keystone_project_domain: "{{ keystone_admin_project_domain }}" keystone_user_domain: "{{ keystone_admin_user_domain }}" keystone_verify: "{{ system_cacert_file }}" match_by: ["hostname"] severity: "{{ item.severity | default('LOW') }}" ok_actions: - "{{ default_notification_result.notification_method_id }}" undetermined_actions: - "{{ default_notification_result.notification_method_id }}" alarm_actions: - "{{ default_notification_result.notification_method_id }}" run_once: true with_items: - name: "Kafka Kronos Consumer Lag" description: >- Alarms when the Kronos consumer group is not keeping up with the incoming messages on the metric topic." expression: >- avg(kafka.consumer_lag{ consumer_group={{ kronos_kafka_consumer_group }} }) > {{ kronos_kafka_max_lag }} times 3 severity: "Low" - name: "Elasticsearch Number of Log Entries" description: >- Track the total number of log entries. Trigger set to < 0 (should never trigger)--just for monitoring purposes. expression: "elasticsearch.docs.count<0" severity: "Low" - name: "Elasticsearch Unassigned Shards" description: >- Elasticsearch has one or more unassigned shards and it is trying to assign them. If you continue to see this alarm, please refer to the troubleshooting guide." expression: "elasticsearch.unassigned_shards>0" severity: "High" - name: "Elasticsearch Field Data Evictions" description: >- Triggers when there are any elasticsearch.fielddata.evictions expression: "elasticsearch.fielddata.evictions>0" severity: "High" - name: "Elasticsearch Low Watermark" description: >- Elasticsearch disk space usage has increased. If it gets critical, old indices will be deleted. Adjust the curator configuration variables and enabled backup if needed. expression: >- disk.space_used_perc{mount_point=/var/lib/elasticsearch}> {{ curator_low_watermark_percent }} severity: "Low" - name: "Elasticsearch High Watermark" description: >- Elasticsearch is running low on disk space. Will attempt to delete old indices to free up space. If you see this alarm often, reconfigure logging by adjusting the curator variables. expression: >- disk.space_used_perc{mount_point=/var/lib/elasticsearch}> {{ curator_high_watermark_percent }} severity: "High" - name: "Log Partition Low Watermark" description: >- The /var/log disk space usage has crossed low watermark. If the high watermark is reached, logrotate will be run to free up disk space. Adjust var_log_low_watermark_percent if needed. expression: >- disk.space_used_perc{mount_point=/var/log}>= {{ var_log_low_watermark_percent }} severity: "Low" - name: "Log Partition High Watermark" description: >- The /var/log volume is running low on disk space. Logrotate will be run now to free up space. Adjust var_log_high_watermark_percent if needed. expression: >- disk.space_used_perc{mount_point=/var/log}>= {{ var_log_high_watermark_percent }} severity: "Critical" - name: "Beaver Memory Usage" description: >- Beaver is using more memory than expected. This may indicate that it cannot forward messages and it's queue is filling up. If you continue to see this, see the troubleshooting guide. expression: >- process.mem.rss_mbytes{process_name=beaver} >= {{ beaver_max_mem_usage*1024*1024 }} severity: "High" - name: "Audit Partition Low Watermark" description: >- The /var/audit disk space usage has crossed low watermark. If the high watermark is reached, logrotate will be run to free up disk space. Adjust var_audit_low_watermark_percent if needed. expression: >- disk.space_used_perc{mount_point=/var/audit}>= {{ var_audit_low_watermark_percent }} severity: "Low" - name: "Audit Partition High Watermark" description: >- The /var/audit volume is running low on disk space. Logrotate will be run now to free up space. Adjust var_audit_high_watermark_percent if needed. expression: >- disk.space_used_perc{mount_point=/var/audit}>= {{ var_audit_high_watermark_percent }} severity: "Critical" - name: logging-monitor | alarm-definitions | Service Log Size alarm definition become: yes monasca_alarm_definition: name: "Service Log Directory Size" description: "Service log directory consuming more disk than its quota." expression: >- directory.size_bytes>{{ service_log_directory_size_quota*1024*1024*1024 }} monasca_api_url: "{{ monasca_alarm_definition_api_url }}" keystone_url: "{{ keystone_admin_endpoint }}" keystone_user: "{{ keystone_admin_user }}" keystone_password: "{{ keystone_admin_password | quote }}" keystone_project: "{{ kronos_monitoring_project }}" keystone_project_domain: "{{ keystone_admin_project_domain }}" keystone_user_domain: "{{ keystone_admin_user_domain }}" keystone_verify: "{{ system_cacert_file }}" match_by: ["service","hostname","path"] severity: "Low" ok_actions: - "{{ default_notification_result.notification_method_id }}" undetermined_actions: - "{{ default_notification_result.notification_method_id }}" alarm_actions: - "{{ default_notification_result.notification_method_id }}" register: ardana_notify_monitor_directory_restart run_once: true 070701000000CA000081A40000000000000000000000015FFF674800000536000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/tasks/configure-PRO.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure Monasca detection plugins for PROducer hosts #------------------------------------------------------------------------------ - name: >- logging-monitor | configure-PRO | Create Beaver detection plugin directory become: yes file: path: /usr/lib/monasca/agent/custom_detect.d state: directory owner: root group: root mode: 0755 register: ardana_notify_monitor_beaver_restart - name: logging-monitor | configure-PRO | Beaver detection plugin file copy become: yes copy: src: BeaverDetect.py dest: /usr/lib/monasca/agent/custom_detect.d/ owner: root group: root mode: 0644 register: ardana_notify_monitor_beaver_restart 070701000000CB000081A40000000000000000000000015FFF674800000E16000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/tasks/configure-SVR.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Remove old Directory Detect Plugin files for 2.X to 3.0 upgrade only #------------------------------------------------------------------------------ - name: logging-monitor | configure-SVR | Directory Detect plugin files removal become: yes file: state: "absent" path: "{{ item }}" register: ardana_notify_monitor_directory_restart with_items: - /usr/lib/monasca/agent/custom_detect.d/DirectoryDetect.pyc - /usr/lib/monasca/agent/custom_detect.d/DirectoryDetect.py # Configure Monasca detection plugins for SVR hosts #------------------------------------------------------------------------------ - name: logging-monitor | configure-SVR | Create detection plugins directory become: yes file: path: /usr/lib/monasca/agent/custom_detect.d state: directory owner: root group: root mode: 0755 - name: logging-monitor | configure-SVR | Beaver detection plugin file copy become: yes copy: src: BeaverDetect.py dest: /usr/lib/monasca/agent/custom_detect.d/ owner: root group: root mode: 0644 register: ardana_notify_monitor_beaver_restart - name: >- logging-monitor | configure-SVR | Elasticsearch detection plugin file copy become: yes template: src: ElasticDetect.py.j2 dest: /usr/lib/monasca/agent/custom_detect.d/ElasticDetect.py owner: root group: root mode: 0644 register: ardana_notify_monitor_elasticsearch_restart - name: logging-monitor | configure-SVR | Directory detection plugin file copy become: yes template: src: DirectoryDetectLogging.py.j2 dest: /usr/lib/monasca/agent/custom_detect.d/DirectoryDetectLogging.py owner: root group: root mode: 0644 register: ardana_notify_monitor_directory_restart - name: logging-monitor | configure-SVR | Kibana detection plugin file copy become: yes copy: src: KibanaDetect.py dest: /usr/lib/monasca/agent/custom_detect.d/ owner: root group: root mode: 0644 register: ardana_notify_monitor_kibana_restart - name: logging-monitor | configure-SVR | Kronos API detection plugin file copy become: yes copy: src: KronosAPIDetect.py dest: /usr/lib/monasca/agent/custom_detect.d/ owner: root group: root mode: 0644 register: ardana_notify_monitor_kronos_api_restart - name: logging-monitor | configure-SVR | Logstash detection plugin file copy become: yes copy: src: LogstashDetect.py dest: /usr/lib/monasca/agent/custom_detect.d/ owner: root group: root mode: 0644 register: ardana_notify_monitor_logstash_restart # NOTE - this is currently a work in progress to monitor the size of # individual log files. # #- name: logging-monitor | configure-SVR | File Size plugin file copy # become: yes # template: # src: FileSize.py.j2 # dest: /usr/lib/monasca/agent/custom_detect.d/FileSize.py # owner: root # group: root # mode: 0644 # register: ardana_notify_monitor_filesize_restart 070701000000CC000081A40000000000000000000000015FFF674800000B27000000000000000000000000000000000000006100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/tasks/create_monitoring_user.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-monitor | create_monitoring_user | Get a domain scoped token become: yes keystone_v3: endpoint: "{{ keystone_admin_endpoint }}" login_username: "{{ keystone_admin_user }}" login_password: "{{ keystone_admin_password | quote }}" login_user_domain_name: "{{ keystone_admin_domain }}" login_domain_name: "{{ keystone_admin_domain }}" action: "token_get" run_once: true register: domain_scoped_token_result - name: logging-monitor | create_monitoring_user | Create Kronos Project/Tenant become: yes keystone_v3: description: "Centralized logging and log rotation" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "create_project" project_name: "{{ kronos_project }}" project_domain_name: "{{ kronos_domain }}" run_once: true - name: logging-monitor | create_monitoring_user | Create Monitoring Role become: yes keystone_v3: description: "Kronos monitoring role" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "create_role" role_name: "{{ kronos_monitoring_role }}" run_once: true - name: logging-monitor | create_monitoring_user | Create Monitoring User become: yes keystone_v3: description: "Kronos monitoring user" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "create_user" user_name: "{{ kronos_monitoring_user }}" user_password: "{{ kronos_monitoring_password | quote }}" user_domain_name: "{{ kronos_domain }}" run_once: true - name: >- logging-monitor | create_monitoring_user | Grant Logging user monasca-user Role become: yes keystone_v3: description: "Grant Logging user monasca-user Role" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "grant_project_role" user_name: "{{ kronos_monitoring_user }}" project_name: "{{ kronos_project }}" role_name: "{{ kronos_monitoring_role }}" user_domain_name: "{{ kronos_domain }}" project_domain_name: "{{ kronos_domain }}" run_once: true 070701000000CD000081A40000000000000000000000015FFF6748000003F1000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/tasks/start-PRO.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-monitor | start-PRO | Restart Beaver Monitor Plugin become: yes monasca_agent_plugin: name: "BeaverDetect" when: ardana_notify_monitor_beaver_restart is defined and ardana_notify_monitor_beaver_restart.changed or not ardana_notify_beaver_restart is not defined and ardana_notify_beaver_restart.changed ignore_errors: yes 070701000000CE000081A40000000000000000000000015FFF674800000A50000000000000000000000000000000000000005400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/tasks/start-SVR.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-monitor | start-SVR | Restart Directory Detection Plugin become: yes monasca_agent_plugin: name: "DirectoryDetectLogging" when: >- ardana_notify_monitor_directory_restart is defined and ardana_notify_monitor_directory_restart.changed ignore_errors: yes - name: logging-monitor | start-SVR | Restart Elasticsearch Monitor Plugin become: yes monasca_agent_plugin: name: "ElasticDetect" when: >- ardana_notify_monitor_elasticsearch_restart is defined and ardana_notify_monitor_elasticsearch_restart.changed or not ardana_notify_elasticsearch_restart is not defined and ardana_notify_elasticsearch_restart.changed ignore_errors: yes - name: logging-monitor | start-SVR | Restart Kibana Monitor Plugin become: yes monasca_agent_plugin: name: "KibanaDetect" when: >- ardana_notify_monitor_kibana_restart is defined and ardana_notify_monitor_kibana_restart.changed or not ardana_notify_kibana_restart is not defined and ardana_notify_kibana_restart.changed ignore_errors: yes - name: logging-monitor | start-SVR | Restart Logstash Monitor Plugin become: yes monasca_agent_plugin: name: "LogstashDetect" when: >- ardana_notify_monitor_logstash_restart is defined and ardana_notify_monitor_logstash_restart.changed or not ardana_notify_logstash_restart is not defined and ardana_notify_logstash_restart.changed ignore_errors: yes - name: logging-monitor | start-SVR | Restart Kronos Logging API Monitor Plugin become: yes monasca_agent_plugin: name: "KronosAPIDetect" when: >- ardana_notify_monitor_kronos_api_restart is defined and ardana_notify_monitor_kronos_api_restart.changed or not ardana_notify_kronos_api_restart is not defined and ardana_notify_kronos_api_restart.changed - name: logging-monitor | start-SVR | Restart kafka Monitor Plugin become: yes monasca_agent_plugin: name: "kafka" args: "kronos=logs service_name=logging" 070701000000CF000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/templates070701000000D0000081A40000000000000000000000015FFF6748000006B0000000000000000000000000000000000000006700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/templates/DirectoryDetectLogging.py.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} import logging import monasca_setup.agent_config import monasca_setup.detection log = logging.getLogger(__name__) class DirectoryDetectLogging(monasca_setup.detection.Plugin): """Detect service log file directory sizes. """ def _detect(self): """Run detection, always set self.available True """ self.available = True def build_config(self): """Build the config as a Plugins object and return. """ log.info("\tEnabling the directory plugin to get the metrics for each service's log file directory.") config = monasca_setup.agent_config.Plugins() config['directory'] = {'init_config': None, 'instances': [ {% for service in monitoring_directory_output_result.result %} {'directory': '{{ service.directory }}', 'dimensions': { 'service': '{{ service.name }}' } }, {% endfor %} ]} return config def dependencies_installed(self): return True 070701000000D1000081A40000000000000000000000015FFF67480000094B000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/templates/ElasticDetect.py.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} import logging import monasca_setup.agent_config import monasca_setup.detection from monasca_setup.detection.utils import service_api_check log = logging.getLogger(__name__) ES_URL="http://{{ elasticsearch_http_host }}:{{ elasticsearch_http_port }}" PROCESS="elasticsearch" class ElasticDetect(monasca_setup.detection.Plugin): """Detect Elasticsearch and setup configuration to monitor it. """ def _detect(self): """Run detection, set self.available True if the process is detected. """ if monasca_setup.detection.find_process_cmdline(PROCESS) is not None: self.available = True def build_config(self): """Build the config as a Plugins object and return. """ log.info("\tEnabling the Elasticsearch plugin") config = monasca_setup.agent_config.Plugins() service_name = 'logging' log.info("\tConfiguring http_check for logging") config.merge(service_api_check( service_name, ES_URL, '.*version.*', use_keystone=False, service=service_name) ) config.merge(monasca_setup.detection.watch_process([PROCESS], exact_match=False, detailed=True, service="logging")) config['elastic'] = {'init_config': None, 'instances': [ {'name': 'Elasticsearch', 'url': ES_URL, 'dimensions': { 'url': ES_URL, 'service': 'logging' } }]} return config def dependencies_installed(self): return True 070701000000D2000081A40000000000000000000000015FFF674800000848000000000000000000000000000000000000005900000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-monitor/templates/FileSize.py.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} import logging import monasca_setup.agent_config import monasca_setup.detection log = logging.getLogger(__name__) # NOTE: This is currently a work in progress. Eventually this will call # FileSize monitor instead of Directory Detect monitor. class DirectoryDetect(monasca_setup.detection.Plugin): """Detect size of individual log files and setup configuration to monitor it. """ def _detect(self): """Run detection, always set self.available True """ self.available = True def build_config(self): """Build the config as a Plugins object and return. """ log.info("\tEnabling the directory plugin to get the metrics for each log file.") config = monasca_setup.agent_config.Plugins() config['directory'] = {'init_config': None, 'instances': [ {% for service in services %} {% for logging_option in service.logging_options %} {'service': '{{ service.name }}', 'directory': '{{ (services[service]['logging_options'][loop.index0]['files'][0]|split('/'))[:-1]|join('/') }}', 'pattern': '{{ (services[service]['logging_options'][loop.index0]['files'][0]|split('/'))[-1] }}' }, {% endfor %} {% endfor %} {'directory': '/var/log', 'pattern': 'messages' } ]} return config def dependencies_installed(self): return True 070701000000D3000041ED0000000000000000000000035FFF674800000000000000000000000000000000000000000000004700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-post-configure070701000000D4000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-post-configure/tasks070701000000D5000081A40000000000000000000000015FFF674800000953000000000000000000000000000000000000006500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-post-configure/tasks/keystone_change_pwd.yml# # (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-post-configure | keystone_change_pwd | Get a domain scoped token become: yes keystone_v3: endpoint: "{{ keystone_admin_endpoint }}" login_username: "{{ keystone_admin_user }}" login_password: "{{ keystone_admin_password | quote }}" login_user_domain_name: "{{ kronos_domain }}" login_domain_name: "{{ kronos_domain }}" action: "token_get" run_once: true register: kronos_domain_scoped_token_result - name: >- logging-post-configure | keystone_change_pwd | Update monitoring password become: yes keystone_v3: login_token: "{{ kronos_domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "reset_password_by_admin" user_name: "{{ kronos_monitoring_user }}" user_password: "{{ kronos_monitoring_password }}" user_domain_name: "{{ kronos_domain }}" run_once: true when: ( 'MON_API' in verb_hosts ) - name: logging-post-configure | keystone_change_pwd | Update beaver password become: yes keystone_v3: login_token: "{{ kronos_domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "reset_password_by_admin" user_name: "{{ kronos_beaver_user }}" user_password: "{{ kronos_beaver_password }}" user_domain_name: "{{ kronos_domain }}" run_once: true - name: >- logging-post-configure | keystone_change_pwd | Update Kronos API password become: yes keystone_v3: login_token: "{{ kronos_domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "reset_password_by_admin" user_name: "{{ kronos_api_user }}" user_password: "{{ kronos_api_password }}" user_domain_name: "{{ kronos_domain }}" run_once: true 070701000000D6000041ED0000000000000000000000055FFF674800000000000000000000000000000000000000000000004100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer070701000000D7000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/defaults070701000000D8000081A40000000000000000000000015FFF6748000006DE000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/defaults/main.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Beaver variables #------------------------------------------------------------------------------- beaver_user: beaver beaver_group: adm beaver_home_dir: /var/lib/beaver beaver_conf_dir: /etc/beaver beaver_purge_config_files: false beaver_queue_timeout_secs: 7200 # 2 hours beaver_max_retries: 5 beaver_transport: monascalog kronos_beaver_user: "{{ LOG_PRO.consumes_KEY_API.vars.logging_beaver_user }}" kronos_beaver_password: "{{ LOG_PRO.consumes_KEY_API.vars.logging_beaver_password }}" beaver_monascalog_enable_batching: true monascalog_api_nodes: "{{ LOG_PRO.consumes_LOG_API.members.private }}" beaver_monascalog_api_hosts: "{% for node in monascalog_api_nodes %}{{ node.host }}:{{ node.port }}{% if not loop.last %},{% endif %}{% endfor %}" beaver_monascalog_uri: v3.0/logs beaver_monascalog_url: "{{ LOG_PRO.consumes_LOG_API.vips.private[0].url }}/{{ beaver_monascalog_uri }}" beaver_keystone_identity_url: "{{ LOG_PRO.consumes_KEY_API.vips.private[0].url }}/v3" # tune these if the beaver producer is faster than the consumer beaver_max_queue_size: 10000 beaver_number_of_consumer_processes: 1 070701000000D9000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks070701000000DA000081A40000000000000000000000015FFF67480000030B000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/_schedule_restart.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-producer | _schedule_restart | Schedule a restart for beaver debug: msg: "Trigger a change notification in beaver" changed_when: true register: ardana_notify_beaver_restart 070701000000DB000081A40000000000000000000000015FFF67480000090E000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/configure.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Remove old configs needs to be done first to avoid wiping everything #------------------------------------------------------------------------------ - name: logging-producer | configure | Remove old config files if directed to become: yes file: state: absent path: "{{ beaver_conf_dir }}/conf.d/*" register: ardana_notify_beaver_restart when: beaver_purge_config_files ignore_errors: yes # Configure logging for the implicated services #------------------------------------------------------------------------------ - name: logging-producer | configure | Load logging profiles local_action: kronos_load_profiles args: host: "{{ inventory_hostname }}" hosts: "{{ verb_hosts }}" groups: "{{ groups }}" register: logging_profiles - name: logging-producer | configure | Configure logging for service become: yes kronos_process_profiles: profiles: "{{ logging_profiles.result }}" control_plane: "{{ host.my_dimensions.control_plane }}" cluster: "{{ host.my_dimensions.cluster }}" cloud_name: "{{ host.my_dimensions.cloud_name }}" audit_log_dir: "{{ audit_mount_name | default('/var/audit') }}" rotation_config: "{{ logging_profiles.rotation_config }}" config_actions: "logging,auditing" register: ardana_notify_beaver_restart # Configure Beaver #------------------------------------------------------------------------------- - name: logging-producer | configure | Configure Beaver become: yes template: src: "beaver.conf.j2" dest: "{{ beaver_conf_dir }}/beaver.conf" owner: "{{ beaver_user }}" group: "{{ beaver_group }}" mode: 0600 register: ardana_notify_beaver_restart 070701000000DC000081A40000000000000000000000015FFF6748000009D1000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/create_beaver_user.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-producer | create_beaver_user | Get a domain scoped token become: yes keystone_v3: endpoint: "{{ keystone_admin_endpoint }}" login_username: "{{ keystone_admin_user }}" login_password: "{{ keystone_admin_password | quote }}" login_user_domain_name: "{{ keystone_admin_domain }}" login_domain_name: "{{ keystone_admin_domain }}" action: "token_get" register: domain_scoped_token_result run_once: true - name: logging-producer | create_beaver_user | Create Beaver User become: yes keystone_v3: description: "Centralized logging user" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "create_user" user_name: "{{ kronos_beaver_user }}" user_password: "{{ kronos_beaver_password | quote }}" user_domain_name: "{{ kronos_domain }}" run_once: true - name: logging-producer | create_beaver_user | Create Kronos Project become: yes keystone_v3: description: "Centralized logging project" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "create_project" project_name: "{{ kronos_project }}" project_domain_name: "{{ kronos_domain }}" run_once: true - name: >- logging-producer | create_beaver_user | Grant Beaver user monasca-user Role become: yes keystone_v3: description: "Grant Beaver user monasca-user Role" login_token: "{{ domain_scoped_token_result.result }}" endpoint: "{{ keystone_admin_endpoint }}" action: "grant_project_role" user_name: "{{ kronos_beaver_user }}" project_name: "{{ kronos_project }}" role_name: "{{ kronos_monitoring_role }}" user_domain_name: "{{ kronos_domain }}" project_domain_name: "{{ kronos_domain }}" run_once: true when: "'monasca-api' in group.services" 070701000000DD000081A40000000000000000000000015FFF674800000563000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/install.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-producer | install | Install Beaver from rpm (SUSE) become: yes package: name: python-Beaver state: present - name: logging-producer | install | Configure Beaver to start on boot become: yes service: name: Beaver enabled: yes # add other permissions to allow read access to configuration files - name: logging-producer | install | Modify Beaver conf directory become: yes file: path: "{{ beaver_conf_dir }}/conf.d" state: directory mode: o+rx register: ardana_notify_beaver_restart # append group to allow read access to most service logs - name: logging-producer | install | Modify Beaver user become: yes user: name: "{{ beaver_user }}" groups: "{{ beaver_group }}" append: yes register: ardana_notify_beaver_restart 070701000000DE000081A40000000000000000000000015FFF6748000002BE000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Ansible doesn't seem to like a role without any main.yml 070701000000DF000081A40000000000000000000000015FFF6748000004EA000000000000000000000000000000000000005100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/start.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-producer | start | Activate Beaver become: yes install_package: name: beaver service: beaver activate: act_on version: "{{ ardana_notify_beaver_install.version }}" when: ardana_notify_beaver_install is defined and ardana_notify_beaver_install.changed - name: logging-producer | start | Restart Beaver become: yes service: name: beaver state: restarted when: ardana_notify_beaver_restart is defined and ardana_notify_beaver_restart.changed - name: logging-producer | start | Start Beaver become: yes service: name: beaver state: started 070701000000E0000081A40000000000000000000000015FFF674800000316000000000000000000000000000000000000005200000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/status.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-producer | status | Checking systemd status for Beaver become: yes command: systemctl status beaver changed_when: false 070701000000E1000081A40000000000000000000000015FFF6748000002F3000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/stop.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-producer | stop | Stop Beaver become: yes service: name: beaver state: stopped 070701000000E2000081A40000000000000000000000015FFF674800000428000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/tasks/test.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Simulate log growth by appending lines to the service log files - name: logging-producer | test | Append lines to service log files become: yes lineinfile: >- dest: "{{ item.value }}" state: present create: yes insertafter: EOF line: '{"type":"{{ item.key|regex_replace("(.*)_(.*)","\\1") }}", "message":"{{ log_message }}","host":"{{ inventory_hostname }}"}' with_dict: log_files 070701000000E3000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/templates070701000000E4000081A40000000000000000000000015FFF67480000053E000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/templates/beaver.conf.j2{# # # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [beaver] sincedb_path = /var/log/beaver/since.db logstash_version = 1 transport={{ beaver_transport }} queue_timeout={{ beaver_queue_timeout_secs }} max_queue_size={{ beaver_max_queue_size }} number_of_consumer_processes={{ beaver_number_of_consumer_processes }} # monascalog transport settings monascalog_auth_url={{ beaver_keystone_identity_url }} monascalog_url={{ beaver_monascalog_url }} monascalog_user_name={{ kronos_beaver_user }} monascalog_password={{ kronos_beaver_password }} monascalog_project_name={{ kronos_project }} monascalog_domain_name={{ kronos_domain }} monascalog_max_retries={{ beaver_max_retries }} monascalog_enable_batching={{ beaver_monascalog_enable_batching }} 070701000000E5000081A40000000000000000000000015FFF67480000063A000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-producer/templates/beaver.service.j2{# # # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [Unit] Description=Beaver Service After=syslog.target network.target Wants=syslog.service [Service] Type=simple Restart=always User={{ beaver_user }} Group={{ beaver_group }} # Beaver log files should have 0640 permission UMask=0027 TimeoutSec=10sec PermissionsStartOnly=true Environment=CONF={{ beaver_conf_dir }}/beaver.conf Environment=CONFD={{ beaver_conf_dir }}/conf.d Environment=LOGFILE=/var/log/beaver/beaver.log ExecStartPre=/bin/chown -R {{ beaver_user }}.{{ beaver_group }} /var/log/beaver ExecStartPre=/bin/chmod -R 0640 /var/log/beaver # Make sure files created in this folder have Beaver's group ExecStartPre=/bin/chmod g+s /var/log/beaver ExecStartPre=/bin/chmod 0750 /var/log/beaver # Impossible to disable Beaver's internal log rotation, so set it to happen only when log files exceed 10TB ExecStart={{ beaver_bin_dir }}/beaver -c $CONF -C $CONFD -l $LOGFILE --max-bytes 10995116277760 [Install] WantedBy=multi-user.target 070701000000E6000041ED0000000000000000000000065FFF674800000000000000000000000000000000000000000000003F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server070701000000E7000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/meta070701000000E8000081A40000000000000000000000015FFF6748000002A3000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/meta/main.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- dependencies: - role: FND-AP2 070701000000E9000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks070701000000EA000081A40000000000000000000000015FFF674800000651000000000000000000000000000000000000005B00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/_schedule_restart.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | _schedule_restart | Schedule a restart for rsyslog debug: msg: "Trigger a change notification in rsyslog" changed_when: true register: ardana_notify_rsyslog_restart - name: logging-server | _schedule_restart | Schedule a restart for logstash debug: msg: "Trigger a change notification in logstash" changed_when: true register: ardana_notify_logstash_restart - name: logging-server | _schedule_restart | Schedule a restart for elastisearch debug: msg: "Trigger a change notification in elasticsearch" changed_when: true register: ardana_notify_elasticsearch_restart - name: logging-server | _schedule_restart | Schedule a restart for kibana debug: msg: "Trigger a change notification in kibana" changed_when: true register: ardana_notify_kibana_restart - name: logging-server | _schedule_restart | Schedule a restart for apache debug: msg: "Trigger a change notification in apache" changed_when: true register: ardana_notify_kibana_apache_restart 070701000000EB000081A40000000000000000000000015FFF674800001937000000000000000000000000000000000000005300000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/configure.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Configure Kafka #------------------------------------------------------------------------------ - name: logging-server | configure | include kafka vars include_vars: ../../kafka/vars/main.yml - name: logging-server | configure | Check for Kafka topic become: yes shell: >- {{ kafka_bin_dir }}/kafka-topics.sh --list --zookeeper {{ kronos_zookeeper_hosts }} | grep {{ kronos_kafka_topic }} ignore_errors: yes run_once: true register: kafka_topic_exists_result - name: logging-server | configure | Configure Kafka topic become: yes shell: >- {{ kafka_bin_dir }}/kafka-topics.sh --create --zookeeper {{ kronos_zookeeper_hosts }} --replication-factor {{ kronos_kafka_replication_factor }} --partitions {{ kronos_kafka_partitions }} --topic {{ kronos_kafka_topic }} when: kafka_topic_exists_result.rc != 0 run_once: true - name: logging-server | configure | Configure per topic segment rotation become: yes command: >- {{ kafka_bin_dir }}/kafka-topics.sh --zookeeper {{ kronos_zookeeper_hosts }} --topic {{ kronos_kafka_topic }} --alter --config segment.ms={{ kafka_segment_minutes * 60 * 1000 }} run_once: true # Configure Elasticsearch #------------------------------------------------------------------------------ - name: logging-server | configure | Configure rsyslog for Elasticsearch become: yes template: src: 50-ardana-elasticsearch.conf.j2 dest: /etc/rsyslog.d/50-ardana-elasticsearch.conf mode: 0644 register: ardana_notify_rsyslog_restart - name: logging-server | configure | Configure Elasticsearch process options become: yes template: src: elasticsearch-default.j2 dest: /etc/default/elasticsearch mode: 0644 register: ardana_notify_elasticsearch_restart - name: logging-server | configure | Configure Elasticsearch options become: yes template: src: elasticsearch.yml.j2 dest: /etc/elasticsearch/elasticsearch.yml mode: 0644 register: ardana_notify_elasticsearch_restart - name: logging-server | configure | Configure Elasticsearch logging options become: yes template: src: logging.yml.j2 dest: /etc/elasticsearch/logging.yml mode: 0644 register: ardana_notify_elasticsearch_restart - name: logging-server | configure | Set ElasticSearch log file ownership become: yes file: path: "{{ kronos_log_dir }}/{{ item }}" owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0640 state: touch with_items: - esutil.log - elasticsearch.log - name: logging-server | configure | Configure Elasticsearch Curator options become: yes template: src: curator.yml.j2 dest: /etc/elasticsearch/curator.yml mode: 0644 # Configure Logstash #------------------------------------------------------------------------------ - name: logging-server | configure | Configure Logstash become: yes template: src: "logstash-default.j2" dest: "/etc/default/logstash" owner: "{{ logstash_user }}" group: "{{ logstash_group }}" mode: 0600 register: ardana_notify_logstash_restart - name: logging-server | configure | Configure Logstash sources become: yes template: src: "logstash.conf.j2" dest: "/etc/logstash/conf.d/logstash.conf" owner: "{{ logstash_user }}" group: "{{ logstash_group }}" mode: 0600 register: ardana_notify_logstash_restart - name: logging-server | configure | Create /var/log/logstash directory become: yes file: path: /var/log/logstash owner: logstash group: logstash mode: 0750 state: directory - name: logging-server | configure | Create /var/log/logstash log file become: yes file: path: /var/log/logstash/logstash.log owner: logstash group: adm mode: 0640 state: touch # Configure Kibana #------------------------------------------------------------------------------ - name: logging-server | configure | Configure Kibana become: yes template: src: kibana.yml.j2 dest: "{{ kibana_path }}/config/kibana.yml" mode: 0644 register: ardana_notify_kibana_restart - name: logging-server | configure | Configure Kibana htpasswd become: yes htpasswd: path: "{{ kibana_path }}/kibana.htpasswd" name: "{{ kibana_user }}" password: "{{ kibana_pass }}" owner: root mode: 0644 register: ardana_notify_kronos_pwd_change - name: >- logging-server | configure | Configure Kibana/Apache vhost become: yes template: src: kibana-apache2.conf.j2 dest: "{{ apache2_vhost_dir }}/kibana-apache2.vhost" mode: 0644 register: ardana_notify_kibana_apache_restart - name: logging-server | configure | Create Kibana log file become: yes file: path: "{{ kibana_log_path }}/kibana.log" owner: kibana group: adm mode: 0640 state: touch - name: logging-server | configure | Create Kibana error log file become: yes file: path: "{{ kibana_log_path }}/kibana_error.log" owner: kibana group: adm mode: 0640 state: touch - name: logging-server | configure | Create Kibana access log file become: yes file: path: "{{ kibana_log_path }}/kibana_access.log" owner: kibana group: adm mode: 0640 state: touch # Configure Curator #------------------------------------------------------------------------------ - name: logging-server | configure | Fix Curator dependency issue become: yes lineinfile: dest: /usr/lib/python2.7/dist-packages/elasticsearch_curator-3.4.0.egg-info/requires.txt state: absent regexp: "{{ item }}" with_items: - elasticsearch.* - click.* - name: logging-server | configure | Configure Curator become: yes template: src: "prune_es_indices.sh.j2" dest: "/etc/cron.hourly/prune_es_indices" mode: 0755 when: curator_enable 070701000000EC000081A40000000000000000000000015FFF674800001305000000000000000000000000000000000000005100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/install.yml# # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Install Kronos server stack misc. #------------------------------------------------------------------------------ - name: logging-server | install | include OS specific variables include_vars: "{{ ansible_os_family | lower }}.yml" - name: logging-server | install | Create Kronos user become: yes user: name: "{{ kronos_user }}" group: "{{ kronos_group }}" shell: /usr/sbin/nologin createhome: no home: "{{ kronos_home_dir }}" - name: logging-server | install | Create Kronos user home become: yes file: path: "{{ kronos_home_dir }}" state: directory owner: "{{ kronos_user }}" group: "{{ kronos_group }}" mode: 0700 - name: logging-server | install | Install OS specific required packages become: yes package: name: "{{ item }}" state: present with_items: logging_server_required_packages register: ardana_notify_kronos_restart - name: logging-server | install | Create /opt/kronos directory become: yes file: path: "{{ opt_kronos_dir }}" state: directory owner: root group: root mode: 0755 - name: logging-server | install | Create /var/log/kronos directory become: yes file: path: "{{ var_kronos_dir }}" state: directory owner: "{{ kronos_user }}" group: adm mode: 0755 - name: logging-server | install | Install logging server components become: yes package: name: "{{ item }}" state: present with_items: logging_server_component_packages # Installing Elasticsearch #------------------------------------------------------------------------------ - name: logging-server | install | Install Elasticsearch package (SUSE) become: yes package: name: elasticsearch state: present register: ardana_notify_elasticsearch_install - name: logging-server | install | Ensure elasticsearch has permissions become: yes file: path: "/var/lib/elasticsearch" state: directory owner: elasticsearch group: elasticsearch mode: 0750 - name: logging-server | install | Identify installed kibana package version become: yes shell: >- zypper -n info {{ zypper_kibana_package_name }} | sed -n -e 's/^Version.*:\s*\([0-9].[0-9].[0-9]\).*/\1/p' register: installed_kibana_version_result when: ansible_os_family | lower == 'suse' - name: logging-server | install | Set installed kibana package version fact set_fact: kibana_package_version: "{{ installed_kibana_version_result.stdout }}" when: ansible_os_family | lower == 'suse' - name: logging-server | install | Install Elasticsearch util script become: yes template: src: "esutil.py.j2" dest: "{{ opt_kronos_dir }}/esutil.py" mode: 0644 # Installing Logstash #------------------------------------------------------------------------------ - name: logging-server | install | Install Logstash rpm package (SUSE) become: yes package: name: logstash state: present register: ardana_notify_logstash_install # Installing Kibana #------------------------------------------------------------------------------ - name: logging-server | install | Install Kibana rpm package (SUSE) become: yes package: name: kibana state: present register: ardana_notify_kibana_install - name: logging-server | install | Create /var/log/kibana directory become: yes file: path: "{{ kibana_log_path }}" state: directory owner: kibana group: adm mode: 0755 # Reload systemd and enable services #------------------------------------------------------------------------------ - name: logging-server | install | Reload systemd to pick up new services become: yes command: systemctl daemon-reload when: >- ardana_notify_elasticsearch_install is defined and ardana_notify_elasticserach_install.changed or ardana_notify_logstash_install is defined and ardana_notify_logstash_install.changed or ardana_notify_kibana_install is defined and ardana_notify_kibana_install.changed - name: logging-server | install | Enable ELK to start on boot become: yes service: name: "{{ item }}" enabled: yes register: ardana_notify_elasticsearch_restart with_items: - elasticsearch - logstash - kibana 070701000000ED000081A40000000000000000000000015FFF674800000B9D000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/pre-upgrade.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | pre-upgrade | include OS specific variables include_vars: "{{ ansible_os_family | lower }}.yml" - name: logging-server | pre-upgrade | Identify installed kibana package version become: yes shell: >- zypper -n info {{ zypper_kibana_package_name }} | sed -n -e 's/^Version.*:\s*\([0-9].[0-9].[0-9]\).*/\1/p' register: installed_kibana_version_result when: ansible_os_family | lower == 'suse' - name: logging-server | pre-upgrade | Set installed kibana package version fact set_fact: kibana_package_version: "{{ installed_kibana_version_result.stdout }}" when: ansible_os_family | lower == 'suse' - name: logging-server | pre-upgrade | Install Elasticsearch util script become: yes template: src: "esutil.py.j2" dest: "{{ opt_kronos_dir }}/esutil.py" mode: 0644 - name: logging-server | pre-upgrade | Stop Logstash become: yes service: name: logstash state: stopped - name: logging-server | pre-upgrade | Check Elasticsearch readiness become: yes shell: >- python {{ opt_kronos_dir }}/esutil.py --ready --clustered --healthy --no-wait run_once: true - name: logging-server | pre-upgrade | Check for mapping conflicts become: yes shell: python {{ opt_kronos_dir }}/esutil.py --check when: >- elasticsearch_resolve_conflicts is not defined and elasticsearch_delete_conflicts is not defined register: elasticsearch_check_result ignore_errors: true run_once: true - name: logging-server | pre-upgrade | Need to migrate Elasticsearch indices become: yes fail: msg: >- Conflicting mappings were found in the Elasticsearch indices. To correct this issue you can either, re-run upgrade and include the variable elasticsearch_delete_conflicts=True to simply delete any conflicts or to preserve all data run the separate playbook kronos-elasticsearch-migrate.yml note though that this operation may take a significate amount of time to complete depending on the number and size of your indices (e.g. days). when: elasticsearch_check_result | failed run_once: true - name: logging-server | pre-upgrade | Reindex all indices become: yes shell: python {{ opt_kronos_dir }}/esutil.py --reindex when: elasticsearch_resolve_conflicts is defined run_once: true 070701000000EE000081A40000000000000000000000015FFF67480000070E000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/start-elasticsearch.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | start-elasticsearch | Restart rsyslog become: yes service: name: rsyslog state: restarted when: >- ardana_notify_rsyslog_restart is defined and ardana_notify_rsyslog_restart.changed - include: stop-elasticsearch.yml when: >- ardana_notify_elasticsearch_restart is defined and ardana_notify_elasticsearch_restart.changed or not ardana_notify_kronos_restart is not defined and ardana_notify_kronos_restart.changed - name: logging-server | start-elasticsearch | Start Elasticsearch become: yes service: name: elasticsearch state: started - name: logging-server | start-elasticsearch | Check for failed status become: yes shell: systemctl status elasticsearch | grep "#.*insufficient memory.*" register: elasticsearch_status_result failed_when: "'insufficient memory' in elasticsearch_status_result.stdout" # Don't wait for healthy here as it won't be until shard allocation is enabled - name: logging-server | start-elasticsearch | Wait for Elasticsearch readiness become: yes shell: python {{ opt_kronos_dir }}/esutil.py --ready --clustered --prime-start run_once: true 070701000000EF000081A40000000000000000000000015FFF674800000A42000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/start-kibana.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | start-kibana | Restart Kibana become: yes service: name: kibana state: restarted when: >- not ardana_notify_kibana_restart is not defined and ardana_notify_kibana_restart.changed or ardana_notify_kronos_restart is defined and ardana_notify_kronos_restart.changed - name: logging-server | start-kibana | Start Kibana become: yes service: name: kibana state: started # This check is to see if apache is started, if not then # we expect that start_reload.yml will start it - name: logging-server | start-kibana | Check is apache started become: yes command: "systemctl status apache2" ignore_errors: true register: kronos_is_apache_up_result # Set kronos_apache_start to true as we now expect it to be started after kibana check - name: logging-server | start-kibana | Set kronos_apache_started become: yes set_fact: kronos_apache_started: true when: kronos_is_apache_up_result | failed - name: logging-server | start-kibana | Enable Kibana vhost become: yes file: src: "{{ apache2_vhost_dir }}/kibana-apache2.vhost" dest: "{{ apache2_vhost_dir }}/kibana-apache2.conf" state: link register: ardana_notify_kibana_restart # Ensure Apache is reloaded via Apache owned playbook - include: "{{ playbook_dir }}/roles/FND-AP2/tasks/start_reload.yml" become: yes vars: apache_reload_requested: "{{ (ardana_notify_kibana_restart is defined and ardana_notify_kibana_restart.changed) or (ardana_notify_kronos_pwd_change is defined and ardana_notify_kronos_pwd_change.changed) }}" apache_restart_requested: "{{ ardana_notify_kibana_apache_restart is defined and ardana_notify_kibana_apache_restart.changed or kibana_restart_required }}" # Prime Kibana if required - name: logging-server | start-kibana | Prime Kibana for use become: yes shell: nohup python {{ opt_kronos_dir }}/esutil.py --prime-kibana & run_once: true 070701000000F0000081A40000000000000000000000015FFF67480000051F000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/start-logstash.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Logstash should automatically be restarted by Elasticsearch via systemd # dependencies however it may not be reliable in all cases so allow for # explicit restarts as well - name: logging-server | start-logstash | Restart Logstash become: yes service: name: logstash state: restarted when: >- ardana_notify_logstash_restart is defined and ardana_notify_logstash_restart.changed or not ardana_notify_kronos_restart is not defined and ardana_notify_kronos_restart.changed ignore_errors: true - name: logging-server | start-logstash | Start Logstash become: yes service: name: logstash state: started ignore_errors: true 070701000000F1000081A40000000000000000000000015FFF6748000002FC000000000000000000000000000000000000004F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/start.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Start the ELK stack - include: start-elasticsearch.yml - include: start-logstash.yml - include: start-kibana.yml 070701000000F2000081A40000000000000000000000015FFF6748000005F6000000000000000000000000000000000000005000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/status.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | status | Checking systemd status for Elasticsearch become: yes command: systemctl status elasticsearch changed_when: false - name: logging-server | status | Checking systemd status for Logstash become: yes command: systemctl status logstash changed_when: false when: ardana_pre_upgrade_check is not defined or not ardana_pre_upgrade_check - name: logging-server | status | Checking systemd status for Kibana become: yes command: systemctl status kibana changed_when: false when: skip_kibana_status_check is not defined - name: logging-server | status | Get http status for Kibana shell: "curl {{ kibana_host }}:{{kibana_port}}" register: out_result failed_when: "out_result.rc != 0" - name: logging-server | status | Checking systemd status for Kafka become: yes command: systemctl status kafka changed_when: false 070701000000F3000081A40000000000000000000000015FFF674800000460000000000000000000000000000000000000005C00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/stop-elasticsearch.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | stop-elasticsearch | Prime Elasticsearch for shutdown become: yes shell: python {{ opt_kronos_dir }}/esutil.py --prime-shutdown run_once: true - name: logging-server | stop-elasticsearch | Stop Elasticsearch become: yes service: name: elasticsearch state: stopped - name: logging-server | stop-elasticsearch | Wait for Elasticsearch to stop become: yes shell: python {{ opt_kronos_dir }}/esutil.py --not-ready run_once: true 070701000000F4000081A40000000000000000000000015FFF6748000005A3000000000000000000000000000000000000005500000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/stop-kibana.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | stop-kibana | Disable Kibana vhost become: yes file: state: absent path: "{{ apache2_vhost_dir }}/kibana-apache2.conf" become: yes register: ardana_notify_kibana_restart # Set the fact for restart based on ardana_notify - name: logging-server | stop-kibana | Set fact to stop based on ardana_notify_fact set_fact: kibana_reload_required : True when: ardana_notify_kibana_restart is defined and ardana_notify_kibana_restart.changed - name: logging-server | stop-kibana | Reload Apache include: "{{ playbook_dir }}/roles/FND-AP2/tasks/start_reload.yml" vars: apache_reload_requested: "{{ kibana_reload_required }}" - name: logging-server | stop-kibana | Stop Kibana become: yes service: name: kibana state: stopped 070701000000F5000081A40000000000000000000000015FFF6748000002FA000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/stop-logstash.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: logging-server | stop-logstash | Stop Logstash become: yes service: name: logstash state: stopped 070701000000F6000081A40000000000000000000000015FFF6748000002F8000000000000000000000000000000000000004E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/stop.yml# # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Stop the ELK stack - include: stop-kibana.yml - include: stop-logstash.yml - include: stop-elasticsearch.yml 070701000000F7000081A40000000000000000000000015FFF67480000110B000000000000000000000000000000000000005100000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/tasks/upgrade.yml# # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- # Determine if elasticsearch should be upgraded #------------------------------------------------------------------------------ - name: logging-server | upgrade | Get Elasticsearch current version become: yes shell: >- dpkg -l | grep " elasticsearch " | sed "s/.*\([0-9]\.[0-9]\.[0-9]\).*/\1/" when: ansible_os_family | lower == 'debian' register: elasticsearch_ver_result - name: logging-server | upgrade | Set Elasticsearch upgrade fact become: yes set_fact: upgrade_elasticsearch: true when: (ansible_os_family | lower == 'debian' and elasticsearch_ver_result.stdout == '1.6.2') # Tweak ELK stack unit files to avoid Kibana and Logstash restarting #------------------------------------------------------------------------------ - name: logging-server | upgrade | Set Kibana/Logstash to not restart become: yes lineinfile: dest: "{{ item }}" state: absent regexp: 'BindsTo=.*' with_items: - /etc/systemd/system/kibana.service - /etc/systemd/system/logstash.service when: upgrade_elasticsearch is defined - name: logging-server | upgrade | Set Elasticsearch to not restart others become: yes lineinfile: dest: /etc/systemd/system/elasticsearch.service state: absent regexp: 'Wants=.*' when: upgrade_elasticsearch is defined - name: logging-server | upgrade | Reload systemd to pick up changes become: yes command: systemctl daemon-reload when: upgrade_elasticsearch is defined # Prepare ELK stack for upgrade #------------------------------------------------------------------------------ - include: stop-logstash.yml when: upgrade_elasticsearch is defined - include: stop-kibana.yml when: upgrade_elasticsearch is defined - name: logging-server | upgrade | Wait for Elasticsearch readiness become: yes shell: python {{ opt_kronos_dir }}/esutil.py --ready --clustered --healthy run_once: true - name: logging-server | upgrade | Migrate Elasticsearch data or delete it become: yes shell: python {{ opt_kronos_dir }}/esutil.py --migrate when: upgrade_elasticsearch is defined run_once: true - include: stop-elasticsearch.yml when: upgrade_elasticsearch is defined - name: logging-server | upgrade | Wipe deprecated Elasticsearch plugins become: yes file: path: "{{ elasticsearch_plugin_dir }}/*" state: absent when: upgrade_elasticsearch is defined # Clean up old Kibana version #------------------------------------------------------------------------------ - name: logging-server | upgrade | Get current version of Kibana become: yes shell: >- cat /opt/kibana/README.txt | grep "Kibana [0-9].[0-9]" | sed "s/Kibana \([0-9]\.[0-9]\.[0-9]\).*/\1/" register: kibana_ver_result # Need to be careful about deleting this directory as the new version installs # to the same location so if upgrade is run more than once we'll wipe the new # version - name: logging-server | upgrade | Wipe deprecated Kibana tarball version become: yes file: path: "/opt/kibana" state: absent when: kibana_ver_result.stdout == "4.1.1" # Remove old prime script #------------------------------------------------------------------------------ - name: logging-server | upgrade | Wipe old prime kibana script become: yes file: path: "/opt/kronos/prime_kibana.py" state: absent # Remove deprecated rabbit functionality #------------------------------------------------------------------------------ - name: logging-server | upgrade | Wipe cron job for prime rabbit script become: yes cron: name: "Prime Rabbit" state: absent - name: logging-server | upgrade | Wipe prime rabbit script become: yes file: path: "/opt/kronos/prime_rabbit.py" state: absent 070701000000F8000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004900000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates070701000000F9000081A40000000000000000000000015FFF6748000002F2000000000000000000000000000000000000006900000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/50-ardana-elasticsearch.conf.j2{# # # (c) Copyright 2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # Discard Elasticsearch messages so they don't end up in syslog :programname, contains, "elasticsearch" ~ &~ 070701000000FA000081A40000000000000000000000015FFF6748000002C1000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/curator.yml.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} client: hosts: - {{ curator_es_hostname }} port: {{ curator_es_port }} logging: logfile: {{ curator_log_path }} 070701000000FB000081A40000000000000000000000015FFF674800000A5C000000000000000000000000000000000000006200000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/elasticsearch-default.j2{# # # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # #} ################################ # Elasticsearch ################################ # Elasticsearch home directory #ES_HOME=/usr/share/elasticsearch # Elasticsearch configuration directory #CONF_DIR=/etc/elasticsearch # Elasticsearch data directory #DATA_DIR=/var/lib/elasticsearch # Elasticsearch logs directory #LOG_DIR=/var/log/elasticsearch # Elasticsearch PID directory #PID_DIR=/var/run/elasticsearch # Heap size defaults to 256m min, 1g max # Set ES_HEAP_SIZE to 50% of available RAM, but no more than 31g ES_HEAP_SIZE={{ elasticsearch_heap_size }} # Heap new generation #ES_HEAP_NEWSIZE= # Maximum direct memory #ES_DIRECT_SIZE= # Additional Java OPTS ES_JAVA_OPTS=-Djava.net.preferIPv4Stack=true # Configure restart on package upgrade (true, every other setting will lead to not restarting) #ES_RESTART_ON_UPGRADE=true # Path to the GC log file #ES_GC_LOG_FILE=/var/log/elasticsearch/gc.log ################################ # Elasticsearch service ################################ # SysV init.d # # When executing the init script, this user will be used to run the elasticsearch service. # The default value is 'elasticsearch' and is declared in the init.d file. # Note that this setting is only used by the init script. If changed, make sure that # the configured user can read and write into the data, work, plugins and log directories. # For systemd service, the user is usually configured in file /usr/lib/systemd/system/elasticsearch.service #ES_USER=elasticsearch #ES_GROUP=elasticsearch # The number of seconds to wait before checking if Elasticsearch started successfully as a daemon process ES_STARTUP_SLEEP_TIME=5 ################################ # System properties ################################ # Specifies the maximum file descriptor number that can be opened by this process # When using Systemd, this setting is ignored and the LimitNOFILE defined in # /usr/lib/systemd/system/elasticsearch.service takes precedence MAX_OPEN_FILES=65536 # The maximum number of bytes of memory that may be locked into RAM # Set to "unlimited" if you use the 'bootstrap.mlockall: true' option # in elasticsearch.yml (ES_HEAP_SIZE must also be set). # When using Systemd, the LimitMEMLOCK property must be set # in /usr/lib/systemd/system/elasticsearch.service MAX_LOCKED_MEMORY=unlimited # Maximum number of VMA (Virtual Memory Areas) a process can own # When using Systemd, this setting is ignored and the 'vm.max_map_count' # property is set at boot time in /usr/lib/sysctl.d/elasticsearch.conf MAX_MAP_COUNT=262144 070701000000FC000081A40000000000000000000000015FFF674800001A6F000000000000000000000000000000000000005E00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/elasticsearch.yml.j2{# # # (c) Copyright 2015-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # #} # ======================== Elasticsearch Configuration ========================= # # NOTE: Elasticsearch comes with reasonable defaults for most settings. # Before you set out to tweak and tune the configuration, make sure you # understand what are you trying to accomplish and the consequences. # # The primary way of configuring a node is via this file. This template lists # the most important settings you may want to configure for a production cluster. # # Please see the documentation for further information on configuration options: # <http://www.elastic.co/guide/en/elasticsearch/reference/current/setup-configuration.html> # # ---------------------------------- Cluster ----------------------------------- # # Use a descriptive name for your cluster: # cluster.name: {{ elasticsearch_cluster_name }} # # ------------------------------------ Node ------------------------------------ # # Use a descriptive name for the node: # node.name: {{ host.my_dimensions.hostname }} # # Add custom attributes to the node: # # node.rack: r1 # # ----------------------------------- Paths ------------------------------------ # # Path to directory where to store the data (separate multiple locations by comma): # # path.data: /path/to/data # # Path to log files: # # path.logs: /path/to/logs # # ----------------------------------- Memory ----------------------------------- # # Lock the memory on startup: # bootstrap.mlockall: true # # Make sure that the `ES_HEAP_SIZE` environment variable is set to about half the memory # available on the system and that the owner of the process is allowed to use this limit. # # Elasticsearch performs poorly when the system is swapping the memory. # # ---------------------------------- Network ----------------------------------- # # Set host/ip for REST traffic: # http.host: {{ elasticsearch_http_host }} # Set port to listen for REST traffic: # http.port: {{ elasticsearch_http_port }} # Set host/ip for node to node communication traffic: # transport.host: {{ elasticsearch_transport_host }} # Set port for node to node communication (9300 by default): # transport.tcp.port: {{ elasticsearch_transport_port }} # # For more information, see the documentation at: # <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-network.html> # # --------------------------------- Discovery ---------------------------------- # # Explicitly disabling this for documentation discovery.zen.ping.multicast.enabled: false # Pass an initial list of hosts to perform discovery when new node is started: # The default list of hosts is ["127.0.0.1", "[::1]"] # discovery.zen.ping.unicast.hosts: [{% for host in LOG_SVR.consumes_LOG_SVR.members.elasticsearch_transport %}{{ host.host }}{% if not loop.last %}, {% endif %}{% endfor %}] # Sets the minimum number of master eligible nodes that need to join a newly elected master # in order for an election to complete and for the elected node to accept its mastership. # Effectively controls the minimum number of active master eligible nodes that should be part # of any active cluster. # # Prevent the "split brain" by requiring the majority of nodes (total number of nodes / 2 + 1): # discovery.zen.minimum_master_nodes: "{%- if groups['LOG-SVR']|length > 1 -%} 2 {%- else -%} 1 {%- endif -%}" # For more information, see the documentation at: # <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery.html> # # ---------------------------------- Gateway ----------------------------------- # # Block initial recovery after a full cluster restart until N nodes are started: # # gateway.recover_after_nodes: 3 # # For more information, see the documentation at: # <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-gateway.html> # # ---------------------------------- Various ----------------------------------- # # Disable starting multiple nodes on a single system: # # node.max_local_storage_nodes: 1 # # Require explicit names when deleting indices: # # action.destructive_requires_name: true # # ----------------------------- Tune for Indexing ------------------------------ index.number_of_replicas: {{ 0 if groups['LOG-SVR']|length == 1 else 1 }} index.number_of_shards: {{ elasticsearch_index_number_of_shards }} index.merge.scheduler.max_thread_count: {{ elasticsearch_index_merge_scheduler_max_thread_count }} index.refresh_interval: {{ elasticsearch_index_refresh_interval }} index.translog.flush_threshold_ops: {{ elasticsearch_index_translog_flush_threshold_ops }} index.translog.flush_threshold_size: {{ elasticsearch_index_translog_flush_threshold_size }} indices.breaker.fielddata.limit: {{ elasticsearch_indices_breaker_fielddata_limit }} indices.cache.filter.expire: {{ elasticsearch_indices_cache_filter_expire }} indices.cache.filter.size: {{ elasticsearch_indices_cache_filter_size }} indices.fielddata.cache.size: {{ elasticsearch_indices_fielddata_cache_size }} indices.memory.index_buffer_size: {{ elasticsearch_indices_memory_index_buffer_size }} indices.memory.min_index_buffer_size: {{ elasticsearch_indices_memory_min_index_buffer_size }} indices.memory.min_shard_index_buffer_size: {{ elasticsearch_indices_memory_min_shard_index_buffer_size }} indices.store.throttle.max_bytes_per_sec: {{ elasticsearch_indices_store_throttle_max_bytes_per_sec }} indices.store.throttle.type: {{ elasticsearch_indices_store_throttle_type }} indices.ttl.bulk_size: {{ elasticsearch_indices_ttl_bulk_size }} threadpool.bulk.queue_size: {{ elasticsearch_threadpool_bulk_queue_size }} threadpool.bulk.size: {{ elasticsearch_threadpool_bulk_size }} threadpool.index.queue_size: {{ elasticsearch_threadpool_index_queue_size }} threadpool.index.size: {{ elasticsearch_threadpool_index_size }} threadpool.search.queue_size: {{ elasticsearch_threadpool_search_queue_size }} threadpool.search.size: {{ elasticsearch_threadpool_search_size }} # ----------------------------- Backup/Watermarks ------------------------------ # Cluster Backup(Snapshot) settings # This is the shared filesystem partition that curator will snapshot to {% if not curator_enable_backup %}#{% endif %}path.repo: ["{{ curator_es_backup_partition }}"] # Enable the watermark threshold cluster.routing.allocation.disk.threshold_enable: "TRUE" # Make sure curator kicks in before ES would stop assigning shards to a node cluster.routing.allocation.disk.watermark.low: "{{ curator_high_watermark_percent|int + 5 }}%" # This should never be hit, unless curator is disabled or the disk is being filled before curator # could do its job cluster.routing.allocation.disk.watermark.high: "99%" cluster.info.update.interval: "1m" 070701000000FD000081A40000000000000000000000015FFF674800006F2C000000000000000000000000000000000000005600000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/esutil.py.j2#!/usr/bin/env python # # (c) Copyright 2016-2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import re import sys import json import time import logging import argparse import subprocess from datetime import datetime from elasticsearch import Elasticsearch as eslib from elasticsearch.helpers import reindex as eslib_reindex # Jinja2 template arguments j2args = type('Args', (), dict( host = '{{ elasticsearch_http_host }}', port = '{{ elasticsearch_http_port }}', logstash_audit_logs_prefix = '{{ logstash_audit_logs_prefix }}', logstash_operational_logs_prefix = '{{ logstash_operational_logs_prefix }}', logfile = "{{ var_kronos_dir }}/esutil.log" )) out = type('Out', (), dict(width=80)) def print_title(msg): """Print out a title message """ print("{:->{}}".format("", out.width)) print(msg) print("{:->{}}".format("", out.width)) class LogRedirect(object): """Redirect stdout/stderr to log files """ def __init__(self, logger, level=logging.INFO): """Instantiate class """ self._level = level self._logger = logger def write(self, msg): """Write out the given message :msg: message to write to log file """ for line in msg.rstrip().splitlines(): self._logger.log(self._level, line.rstrip()) class Elasticsearch(object): def __init__(self, host, port, logstash_audit_logs_prefix, logstash_operational_logs_prefix, nop=False, timeout=600): """Initialize the class :host: elasticsearch host to connect to :port: elasticsearch host port to connect to :timeout: time in sec to wait for operations such as ready or healthy """ self._es = None self._nop = nop self._host = host self._port = port self._logstash_audit_logs_prefix = logstash_audit_logs_prefix self._logstash_operational_logs_prefix = logstash_operational_logs_prefix self._timeout = timeout self._missing = "MISSING" self._mismatch = "MISMATCH" def client(self): """Connect to elasticsearch if not already connected :returns: elasticseach client """ if not self._es: self._es = eslib(hosts=[{'host': self._host, 'port': self._port}]) return self._es def _curl(self, url=None, verb="GET", payload=None): """Wrap a curl call in a useful way :url: url to make GET call to :verb: verb to use for REST call :payload: payload to send :returns: tuple(json response, http_code) """ http_code = 500 response = "Failed to connect to server" cmd = "curl -s -w '%{http_code}' " + "-X{} {}:{}".format(verb, self._host, self._port) if url: cmd += "/{}".format(url) if payload: cmd += " -d {}".format(payload) try: output = subprocess.check_output(cmd, shell=True).strip() http_code = int(output[-3:]) try: response = json.loads(output[:-3]) except Exception: response = output[:-3].strip() except Exception: pass return response, http_code def version(self): """Get the Elasticsearch version even when in unhealthy state :returns: Elasticsearch version """ version = None response, http_code = self._curl() if 'version' in response and 'number' in response['version']: version = response['version']['number'] return version def prime_shutdown(self): """Disable shard allocation and perform synced flush This will save I/O and increase shard recovery time https://www.elastic.co/guide/en/elasticsearch/reference/current/restart-upgrade.html """ if self.ready(wait=False): # Disable shard allocation self.client().cluster.put_settings({"persistent":{"cluster.routing.allocation.enable":"none"}}) # Perform a synced Flush self._curl("_flush/synced", verb="POST") def prime_start(self): """Enable shard allocation https://www.elastic.co/guide/en/elasticsearch/reference/current/restart-upgrade.html """ success = False wait_time = 0 while not success: try: self.client().cluster.put_settings({"persistent":{"cluster.routing.allocation.enable":"all"}}) success = True except Exception: if wait_time < self._timeout: print("Warning: Elasticsearch shard allocation call timed out!") wait_time += 5 time.sleep(5) else: raise def not_ready(self, wait=True): """Wait for the Elasticsearch API to not respond :wait: False then don't wait :returns: True if API is not ready """ ready = True wait_time = 0 while ready: response, http_code = self._curl("_nodes/_local/name") if http_code != 200: ready = False elif wait_time < self._timeout and wait: print("Warning: Elasticsearch API is still responding!") wait_time += 5 time.sleep(5) else: break return not ready def ready(self, wait=True): """Wait for the Elasticsearch API to be ready :wait: False then don't wait :returns: True if API ready """ ready = False wait_time = 0 while not ready: response, http_code = self._curl("_nodes/_local/name") if http_code == 200: ready = True elif wait_time < self._timeout and wait: print("Warning: Elasticsearch API is not ready!") wait_time += 5 time.sleep(5) else: break return ready def clustered(self, wait=True): """Wait for Elasticsearch to be clustered :wait: False then don't wait for clustering :returns: True if the cluster is formed """ clustered = False wait_time = 0 while not clustered: response, http_code = self._curl("_cluster/health") if http_code == 200: clustered = True time.sleep(5) # Ensure actually done elif wait_time < self._timeout and wait: print("Warning: Elasticsearch is not clustered!") wait_time += 5 time.sleep(5) else: break return clustered def healthy(self, wait=True): """Wait for the Elasticsearch health to be yellow or better https://www.elastic.co/guide/en/elasticsearch/reference/current/restart-upgrade.html :wait: False then don't wait :returns: True if health is green or yellow """ healthy = False wait_time = 0 while not healthy: response, http_code = self._curl("_cat/health") if 'green' in response or 'yellow' in response: healthy = True elif wait_time < self._timeout and wait: print("Warning: Elasticsearch is not healthy!") wait_time += 5 time.sleep(5) else: break return healthy def reindex(self): """Re-index data based on type This will create separate indices for each type to avoid mapping conflicts when upgrading """ # Check that there is enough available space to peform the reindexing #----------------------------------------------------------------------- result = self.client().nodes.stats(node_id='_local', metric='fs') available_bytes = result['nodes'].itervalues().next()['fs']['total']['available_in_bytes'] result = self.client().cat.indices(local=True, bytes='b', h='store.size') max_index_bytes = max([int(x.strip()) for x in result.split('\n') if x]) print("Disk space - Available: {} MB, Largest index: {} MB".format(available_bytes/1024/1024, max_index_bytes/1024/1023)) if not self._nop and available_bytes < max_index_bytes: raise Exception("Error: There is not enough disk space available to perform the reindexing!") # Start reindexing the indices #----------------------------------------------------------------------- indent = 2 print("Re-indexing indices into isolated namespaces") indices = self.client().indices.get_aliases().keys() for index in [x for x in indices if any(re.findall(r'logstash-20.*', x))]: if any(self.check_index(index)): date = re.findall(r'logstash-(.*)', index)[0] print("{: >{}}Re-indexing ['{}']".format("", indent, index)) # Get all services by 'type' and old mapping mappings = self.client().indices.get_mapping(index)[index]['mappings'] types = self.client().indices.get_field_mapping('type', index)[index]['mappings'] for _type in sorted([x for x in types if not x.startswith('_')]): # Create new index based off of '_type' and set shards to 1 new_index = "logstash-operational-{}-{}".format(_type, date) print("{: >{}}Creating new index ['{}']".format("", indent+2, new_index)) if not self._nop: config = {"mappings": {'_default_': mappings['_default_'], _type: mappings[_type]}} config["settings"] = {"number_of_shards": 1, "number_of_replicas": 1} res = self.client().indices.create(index=new_index, body=config) # Now reindex the matching data from the old index into the new index query = {"query": {"match": {"type": _type}}} eslib_reindex(self.client(), index, new_index, query) self.client().indices.refresh(new_index) # Compare resulting index with original hits = int(self.client().search(index, body=query)['hits']['total']) if hits == int(self.client().search(new_index, body=query)['hits']['total']): print("{: >{}}Successfully split out index ['{}']".format("", indent+2, new_index)) else: raise Exception("Failed to split out index ['{}'] from ['{}']".format(new_index, index)) # Delete the old index if not self._nop: self.client().indices.delete(index) else: print("{: >{}}No conficts found for ['{}']".format("", indent, index)) def migrate(self): """Migrate data that has conflicting mappings """ print("Creating new indices with correct mappings") for index in self.client().indices.get_aliases().keys(): # Correct conflicts #--------------------------------------------------------------- print("Correcting mapping conflicts for ['{}']".format(index)) conflicts = self.check_index(index) mappings = self.client().indices.get_mapping(index)[index] # Correct missing conflicts for freezer if index == "freezer": for k, v in conflicts.items(): if v[0] == self._missing: item = mappings keys = k.split(":") for key in keys[:-1]: item = item[key] print("Adding missing '{}:{}' param to {}" .format(keys[-1], v[1], ":".join(keys[:-1]))) item[keys[-1]] = v[1] # Reindex/delete if required #--------------------------------------------------------------- if not any(conflicts): print("No conflicts found for ['{}']".format(index)) if any(conflicts): if index == "freezer": new_index = index + "b" print("Reindexing index ['{}']".format(index)) self.clone_index(index, new_index, mappings) self.delete_index(index) self.clone_index(new_index, index) self.delete_index(new_index) else: print("Deleting conflicting index ['{}']".format(index)) self.delete_index(index) def check(self): """Check all indices looking for conflicting mappings :returns: True if there are no conflicts else False """ print("Checking indices for conflicting mappings") indent = 2 indices = self.client().indices.get_aliases().keys() for index in [x for x in indices if any(re.findall(r'logstash-20.*', x))]: if any(self.check_index(index)): print("{: >{}}Conflicts found for ['{}']".format("", indent, index)) return False else: print("{: >{}}No conflicts found for ['{}']".format("", indent, index)) return True def delete_index(self, index): """Delete the given index :index: index to delete """ self.client().indices.delete(index) def clone_index(self, index, name, mappings=None): """Create a new index based on the given index with optionally update mappings :index: the index to clone :name: the new name to give it :mappings: new mappings to use if given """ if not mappings: mappings = self.client().indices.get_mapping(index)[index] self.client().indices.create(name, body=mappings) eslib_reindex(self.client(), index, name) self.client().indices.refresh() def check_index(self, index): """Check for conflicts for the given index :index: index to check :returns: dictionary of conflicts """ indent=2 conflicts = {} print("{: >{}}Evaluating mapping conflicts for ['{}']".format("", indent, index)) def _check_fields(fields1, fields2, check_conflict=False): """Internal helper function""" conflicts = {} # {field:code} for name, data1 in fields1.items(): # Possible recursion required if name in fields2: check = True if name != 'properties' else False data2 = fields2[name] # Recurse: base case not hit yet if type(data1) is dict and type(data2) is dict: for k, v in _check_fields(data1, data2, check).items(): conflicts["{}:{}".format(name, k)] = v # Base case: conflict in param data types elif data1 != data2: conflicts[name] = (self._mismatch, data1, data2) # Base case: param doesn't exist in both fields elif check_conflict: conflicts[name] = (self._missing, data1, None) return conflicts mappings = self.client().indices.get_mapping(index)[index] for mapping1, data1 in mappings['mappings'].items(): for mapping2, data2 in mappings['mappings'].items(): if mapping1 != mapping2: for k, v in _check_fields(data1, data2).items(): mapping = mapping1 if v[0] == self._missing: mapping = mapping2 conflicts["mappings:{}:{}".format(mapping, k)] = v for k, v in conflicts.items(): print("{: >{}}CONFLICT: {} {}".format("", indent+2, k, v)) return conflicts def _add_mappings(self, index): #Retrieve field data success = True try: field_data = subprocess.check_output('curl -XGET "http://' + self._host + ':' + self._port + '/logstash-audit-*/_mapping/field/*?ignore_unavailable=false&allow_no_indices=false&include_defaults=true"', shell=True) # Grab mappings from first logstash index fields = {} mappings = json.loads(field_data).itervalues().next()['mappings'] for mapping_key, mapping in mappings.iteritems(): # Grab fields except for _default_ ones being ignored for field_key, field in mapping.iteritems(): if field_key not in ("_type", "_all", "_boost", "_field_names", "_routing", "_size", "_timestamp", "_ttl", "_uid", "_version", "_parent"): # Add distinct fields with kibana sub-values if field_key not in fields: key = field_key.split('.')[-1] if field_key not in field["mapping"] else field_key field_data = field["mapping"][key] indexed = True if "index" in field_data and field_data["index"] != "no" else False analyzed = True if "index" in field_data and field_data["index"] == "analyzed" else False # Construct JSON field structure _field = {} _field['name'] = field_key _field['type'] = "string" _field['count'] = 0 _field['scripted'] = False _field['indexed'] = indexed _field['analyzed'] = analyzed _field['doc_values'] = False fields[field_key] = _field except: pass # Create the Kibana Index subprocess.call('curl -XPOST "http://' + self._host + ':' + self._port + '/.kibana/index-pattern/' + index + '" -d \'{"title":"' + index + '","timeFieldName":"@timestamp"}\'', shell=True) data = "" for x in fields.itervalues(): data += "," + json.dumps(x, separators=(',',':')).replace("\"", "\\\"") cmd = 'curl -XPOST "http://' + self._host + ':' + self._port + '/.kibana/index-pattern/' + index + '" -d \'{"title":"logstash-*","timeFieldName":"@timestamp","fields":"[' + data[1:] + ']"}\'' subprocess.call(cmd, shell=True) def prime_kibana(self): """Prime the kibana index such that is will be ready for use out of the box rather than require a user to choose the logstash index pattern. """ print("Priming the .kibana index") # Wait for kibana and logstash indexes to be created #----------------------------------------------------------------------- while True: if not self.client().indices.exists("logstash-*") or not self.client().indices.exists('.kibana'): print("Waiting for .kibana index and at least one logstash index to be created") time.sleep(10) else: break # Add filter for audit, IF at least 1 audit document exists... #----------------------------------------------------------------------- audit_logs_found = self.client().count(index=self._logstash_audit_logs_prefix + "*") count = 0 if audit_logs_found: count = audit_logs_found['count'] if count > 0: print('{} Audit logs found. Adding logstash-audit-* filter to Kibana.'.format(count)) self.client().create(index='.kibana', doc_type='index-pattern', id=self._logstash_audit_logs_prefix + '*', body= {'title':self._logstash_audit_logs_prefix + '*','timeFieldName':'@timestamp'}) self._add_mappings(self._logstash_audit_logs_prefix + "*") else: print('No audit logs found. Not adding logstash-audit-* filter to Kibana.') # Simply exit if .kibana config document already contains the defaultIndex #----------------------------------------------------------------------- confdoc = self.client().get(index='.kibana', doc_type='config', id='{{ kibana_package_version }}') if "_source" in confdoc and 'defaultIndex' in confdoc['_source'] and \ confdoc['_source']['defaultIndex'] == self._logstash_operational_logs_prefix + "*": print('Kibana already primed for {}*'.format( self._logstash_operational_logs_prefix ) ) return # Create .kibana index-pattern documents for logstash and audit with field mappings #----------------------------------------------------------------------- print('Creating .kibana index-pattern document with field mappings') self.client().create(index='.kibana', doc_type='index-pattern', id=self._logstash_operational_logs_prefix + '*', body= {'title':self._logstash_operational_logs_prefix + '*','timeFieldName':'@timestamp'}) # Update the .kibana config document with the correct defaultIndex #----------------------------------------------------------------------- print('Updating .kibana config document with correct defaultIndex={}*'.format(self._logstash_operational_logs_prefix) ) self.client().update(index='.kibana', doc_type='config', id='{{ kibana_package_version }}', body= {'doc': {'defaultIndex':self._logstash_operational_logs_prefix + '*'}}) # Main entry point #------------------------------------------------------------------------------- if __name__ == '__main__': # Example execution: #--------------------------------------------------------------------------- # Migrate data: python esutil.py --migrate # Wait for ready: python esutil.py --ready # Wait for not ready: python esutil.py --not-ready # Waif for healthy: python esutil.py --healthy # Configure arguments #--------------------------------------------------------------------------- parser = argparse.ArgumentParser() parser.add_argument("--check", action="store_true", help="Check if there are any conflicting indicies") parser.add_argument("--migrate", action="store_true", help="Reindex freezer and delete all other conflicting indicies") parser.add_argument("--reindex", action="store_true", help="Reindex all conflicting indices to avoid losing data") parser.add_argument("--ready", action="store_true", help="Wait for Elasticsearch's API to respond") parser.add_argument("--not-ready", dest="not_ready", action="store_true", help="Wait for Elasticsearch's API to stop responding") parser.add_argument("--healthy", action="store_true", help="Wait for Elasticsearch to be yellow or better") parser.add_argument("--clustered", action="store_true", help="Check if Elasticsearch is clustered") parser.add_argument("--prime-start", dest="prime_start", action="store_true", help="Ready Elasticsearch for operation") parser.add_argument("--prime-shutdown", dest="prime_shutdown", action="store_true", help="Ready Elasticsearch for shutdown") parser.add_argument("--prime-kibana", dest="prime_kibana", action="store_true", help="Ready kibana for use") parser.add_argument("--no-wait", dest="no_wait", action="store_true", help="Don't wait in status checks") parser.add_argument("--nop", action="store_true", help="Readonly, no action will be taken") parser.add_argument("--host", default="localhost", help="Elasticsearch host to connect to") parser.add_argument("--port", default=9200, help="Elasticsearch port to connect to") parser.add_argument("--no-log", dest="no_log", action="store_true", help="Don't redirect output to log") args = parser.parse_args() # Configure logging #--------------------------------------------------------------------------- if not args.no_log and j2args.host.find("elasticsearch_http_host") == -1: args.host = j2args.host args.port = int(j2args.port) args.logstash_audit_logs_prefix = j2args.logstash_audit_logs_prefix args.logstash_operational_logs_prefix = j2args.logstash_operational_logs_prefix logging.basicConfig( filename=j2args.logfile, level=logging.DEBUG, format='%(asctime)s[%(levelname)s:%(name)s] %(message)s', datefmt='[%m/%d/%Y][%H:%M:%S]') sys.stdout = LogRedirect(logging.getLogger('STDOUT'), logging.INFO) sys.stderr = LogRedirect(logging.getLogger('STDERR'), logging.ERROR) # Turn down logging for supporting modules logging.getLogger('urllib3').setLevel(logging.WARNING) logging.getLogger('elasticsearch').setLevel(logging.WARNING) # Execute #--------------------------------------------------------------------------- wait = False if args.no_wait else True es = Elasticsearch(args.host, args.port, args.logstash_audit_logs_prefix, args.logstash_operational_logs_prefix, nop=args.nop) if args.nop: print("Readonly: no action will be taken!") if args.not_ready: print_title("Waiting for Elasticsearch to stop responding...") if es.not_ready(wait): print("Success: Elasticsearch API stopped responding!") else: raise Exception("Error: Timed out while waiting for Elasticsearch to stop responding") if args.ready: print_title("Waiting for Elasticsearch to be ready...") if es.ready(wait): print("Success: Elasticsearch API is ready!") else: raise Exception("Error: Timed out while waiting for Elasticsearch to be ready") if args.clustered: print_title("Waiting for Elasticsearch to be clustered...") if es.clustered(wait): print("Success: Elasticsearch is clustered!") print("Elasticsearch version {}".format(es.version())) else: raise Exception("Error: Timed out while waiting for Elasticsearch to be clustered") if args.healthy: print_title("Waiting for Elasticsearch to be healthy...") if es.healthy(wait): print("Success: Elasticsearch is healthy!") print("Elasticsearch version {}".format(es.version())) else: raise Exception("Error: Timed out while waiting for Elasticsearch to be healthy") try: if args.prime_start: print_title("Executing Elasticsearch prime start") es.prime_start() print("Elasticseach prime start completed successfully!") if args.prime_shutdown: print_title("Executing Elasticsearch prime shutdown") es.prime_shutdown() print("Elasticseach prime shutdown completed successfully!") if args.prime_kibana: print_title("Executing Elasticsearch prime kibana") es.prime_kibana() print("Elasticseach prime kibana completed successfully!") if args.check: print_title("Executing Elasticsearch conflict checking") if es.check(): print("Success: Elasticsearch has no conflicting mappings!") else: raise Exception("Elasticsearch has conflicting mappings!") if args.reindex: print_title("Executing Elasticsearch reindexing") es.reindex() print("Success: Elasticsearch reindexing completed successfully!") if args.migrate: print_title("Executing Elasticsearch data migration") es.migrate() print("Success: Elasticsearch data migration completed successfully!") except Exception: print("Error: Elasticsearch operation failed!") raise 070701000000FE000081A40000000000000000000000015FFF6748000006C7000000000000000000000000000000000000006000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/kibana-apache2.conf.j2{# # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} Listen {{ kibana_host }}:{{ kibana_port }} <VirtualHost *:{{ kibana_port }}> LogLevel info ErrorLog {{ kibana_log_path }}/kibana_error.log CustomLog {{ kibana_log_path }}/kibana_access.log combined # Configure auth for both Kibana and Elasticsearch # Skip auth for Elasticsearch health checks <Location /> SetEnvIf Request_URI "/elasticsearch/_cluster/health" noauth AuthType Basic AuthName "Authenticated proxy" AuthUserFile {{ kibana_path }}/kibana.htpasswd <RequireAny> Require env noauth Require user {{ kibana_user }} </RequireAny> </Location> # Turn off forward proxies, only using reverse proxies ProxyRequests Off <Proxy http://{{ kibana_internal_host }}:{{ kibana_internal_port }}> ProxySet connectiontimeout=5 timeout=90 </Proxy> <Location /> ProxyPass http://{{ kibana_internal_host }}:{{ kibana_internal_port }}/ ProxyPassReverse http://{{ kibana_internal_host }}:{{ kibana_internal_port }}/ </Location> </VirtualHost> 070701000000FF000081A40000000000000000000000015FFF674800000F9B000000000000000000000000000000000000005700000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/kibana.yml.j2{# # # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # Kibana is served by a back end server. This controls which port to use. server.port: {{ kibana_internal_port }} # The host to bind the server to. server.host: "{{ kibana_internal_host }}" # If you are running kibana behind a proxy, and want to mount it at a path, # specify that path here. The basePath can't end in a slash. # server.basePath: "" # The maximum payload size in bytes on incoming server requests. # server.maxPayloadBytes: 1048576 # Set to sameorigin as a mitigation to CVE-2020-10743 # Header names and values to send on all responses to the client from the Kibana server. server.customResponseHeaders: {"x-frame-options":"sameorigin"} # The Elasticsearch instance to use for all your queries. elasticsearch.url: "http://{{ elasticsearch_http_host }}:{{ elasticsearch_http_port }}" # preserve_elasticsearch_host true will send the hostname specified in `elasticsearch`. If you set it to false, # then the host you use to connect to *this* Kibana instance will be sent. elasticsearch.preserveHost: true # Kibana uses an index in Elasticsearch to store saved searches, visualizations # and dashboards. It will create a new index if it doesn't already exist. kibana.index: ".kibana" # The default application to load. # kibana.defaultAppId: "discover" # If your Elasticsearch is protected with basic auth, these are the user credentials # used by the Kibana server to perform maintenance on the kibana_index at startup. Your Kibana # users will still need to authenticate with Elasticsearch (which is proxied through # the Kibana server) # elasticsearch.username: "user" # elasticsearch.password: "pass" # SSL for outgoing requests from the Kibana Server to the browser (PEM formatted) # server.ssl.cert: /path/to/your/server.crt # server.ssl.key: /path/to/your/server.key # Optional setting to validate that your Elasticsearch backend uses the same key files (PEM formatted) # elasticsearch.ssl.cert: /path/to/your/client.crt # elasticsearch.ssl.key: /path/to/your/client.key # If you need to provide a CA certificate for your Elasticsearch instance, put # the path of the pem file here. # elasticsearch.ssl.ca: /path/to/your/CA.pem # Set to false to have a complete disregard for the validity of the SSL # certificate. elasticsearch.ssl.verify: true # Time in milliseconds to wait for elasticsearch to respond to pings, defaults to # request_timeout setting # elasticsearch.pingTimeout: 1500 # Time in milliseconds to wait for responses from the back end or elasticsearch. # This must be > 0 # elasticsearch.requestTimeout: 30000 # Time in milliseconds for Elasticsearch to wait for responses from shards. # Set to 0 to disable. # elasticsearch.shardTimeout: 0 # Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying # elasticsearch.startupTimeout: 5000 # Set the path to where you would like the process id file to be created. # pid.file: /var/run/kibana.pid # If you would like to send the log output to a file you can set the path below. logging.dest: {{ kibana_log_path }}/kibana.log # Set this to true to suppress all logging output. # logging.silent: false # Set this to true to suppress all logging output except for error messages. # logging.quiet: false # Set this to true to log all events, including system usage information and all requests. # logging.verbose: false 07070100000100000081A40000000000000000000000015FFF67480000109E000000000000000000000000000000000000005800000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/logging.yml.j2{# # # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # Setting the cluster.name locally to statically define the names of the log files below cluster.name: elasticsearch # you can override this by setting a system property, for example -Des.logger.level=DEBUG es.logger.level: INFO rootLogger: ${es.logger.level}, console, file logger: # log action execution errors for easier debugging action: DEBUG # deprecation logging, turn to DEBUG to see them deprecation: INFO, deprecation_log_file # reduce the logging for aws, too much is logged under the default INFO com.amazonaws: WARN # aws will try to do some sketchy JMX stuff, but its not needed. com.amazonaws.jmx.SdkMBeanRegistrySupport: ERROR com.amazonaws.metrics.AwsSdkMetrics: ERROR org.apache.http: INFO # gateway #gateway: DEBUG #index.gateway: DEBUG # peer shard recovery #indices.recovery: DEBUG # discovery #discovery: TRACE index.search.slowlog: TRACE, index_search_slow_log_file index.indexing.slowlog: TRACE, index_indexing_slow_log_file additivity: index.search.slowlog: false index.indexing.slowlog: false deprecation: false appender: console: type: console layout: type: consolePattern conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" # Use the RollingFileAppender to get the maxBackupIndex variable # which will ensure there is a max number of rotated log files. # Log4j does not currently support both compression # and maxBackupIndex. file: type: rollingFile file: ${path.logs}/${cluster.name}.log maxFileSize: 40MB maxBackupIndex: 7 layout: type: pattern conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %.10000m%n" deprecation_log_file: type: rollingFile file: ${path.logs}/${cluster.name}_deprecation.log maxFileSize: 40MB maxBackupIndex: 7 layout: type: pattern conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" index_search_slow_log_file: type: rollingFile file: ${path.logs}/${cluster.name}_index_search_slowlog.log maxFileSize: 40MB maxBackupIndex: 7 layout: type: pattern conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" index_indexing_slow_log_file: type: rollingFile file: ${path.logs}/${cluster.name}_index_indexing_slowlog.log maxFileSize: 40MB maxBackupIndex: 7 layout: type: pattern conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" # Use the log4j-extras RollingFileAppender for gzip compression of log files # https://logging.apache.org/log4j/ # extras/apidocs/org/apache/log4j/rolling/RollingFileAppender.html # file: # type: extrasRollingFile # file: ${path.logs}/${cluster.name}.log # rollingPolicy: timeBased # rollingPolicy.FileNamePattern: ${path.logs}/${cluster.name}.log.%d{yyyy-MM-dd}.gz # layout: # type: pattern # conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" # # index_search_slow_log_file: # type: extrasRollingFile # file: ${path.logs}/${cluster.name}_index_search_slowlog.log # rollingPolicy: timeBased # rollingPolicy.FileNamePattern: ${path.logs}/${cluster.name}_index_search_slowlog.log.%d{yyyy-MM-dd}.gz # layout: # type: pattern # conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" # # index_indexing_slow_log_file: # type: extrasRollingFile # file: ${path.logs}/${cluster.name}_index_indexing_slowlog.log # rollingPolicy: timeBased # rollingPolicy.FileNamePattern: ${path.logs}/${cluster.name}_index_indexing_slowlog.log.%d{yyyy-MM-dd}.gz # layout: # type: pattern # conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" 07070100000101000081A40000000000000000000000015FFF6748000006F6000000000000000000000000000000000000005D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/logstash-default.j2{# # # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} ############################### # Default settings for logstash ############################### # Override Java location #JAVACMD=/usr/bin/java # Set a home directory LS_HOME=/var/lib/logstash # Arguments to pass to logstash agent LS_OPTS="-w {{ logstash_threads }}" # Arguments to pass to java LS_HEAP_SIZE="{{ logstash_heap_size }}" #LS_JAVA_OPTS="-Djava.io.tmpdir=$HOME" # pidfiles aren't used for upstart; this is for sysv users. LS_PIDFILE=/var/run/logstash.pid # user id to be invoked as; for upstart: edit /etc/init/logstash.conf LS_USER=logstash # logstash logging LS_LOG_DIR=/var/log/logstash LS_LOG_FILE=/var/log/logstash/logstash.log #LS_USE_GC_LOGGING="true" #LS_GC_LOG_FILE=/var/log/logstash/gc.log # logstash configuration directory LS_CONF_DIR=/etc/logstash/conf.d # Open file limit; cannot be overridden in upstart LS_OPEN_FILES=16384 # Nice level LS_NICE=19 # If this is set to 1, then when `stop` is called, if the process has # not exited within a reasonable time, SIGKILL will be sent next. # The default behavior is to simply log a message "program stop failed; still running" KILL_ON_STOP_TIMEOUT=1 07070100000102000081A40000000000000000000000015FFF6748000013D6000000000000000000000000000000000000005A00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/logstash.conf.j2{# # # (c) Copyright 2015,2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # Logstash inputs #---------------------------------------------------------------------------------------- input { # Kafka input source # Primary input for all Ardana OpenStack components # https://www.elastic.co/guide/en/logstash/current/plugins-inputs-kafka.html kafka { # Kafka topic to consume messages from topic_id => "{{ kronos_kafka_topic }}" # ZooKeeper comma delimeted connections strings zk_connect => "{{ kronos_zookeeper_hosts }}" # A string that uniquely identifies the group of consumer processes to which this consumer # belongs. By setting the same group id multiple processes indicate that they are all part of # the same consumer group. group_id => "{{ kronos_kafka_consumer_group }}" # Number of threads to read from the partitions. Ideally you should have as many threads as # the number of partitions for a perfect balance. consumer_threads => {{ logstash_threads }} # Retry when an error is received consumer_restart_on_error => true } } # Logstash filters #---------------------------------------------------------------------------------------- filter { # This must be first for the other filters to complete successfully. # Unwrap the envelope from the log message. ruby { code => " ['log', 'meta', 'dimensions'].each { |item| next if not event.include? item event[item].each {|k, v| next if k=='@timestamp' if k=='message' and item=='log' and v.instance_of? Hash v.each { |i,j| next if i=='@timestamp' event[i] = j } event[item].delete(k) elsif item == 'meta' event['log_api_'.concat(k)] = v else event[k] = v end } event.remove(item) } " } # Filter out auth tokens if [auth_token]{ anonymize { algorithm => 'SHA1' fields => ['auth_token'] key => '{{ logstash_anonymize_salt }}' } mutate { replace => [ 'auth_token', '{SHA1}%{auth_token}' ] } } # Normalize dates to ISO8601 # Services like neutron may log a timestamp field that uses a format not normally # recognized by Elasticsearch. This may cause ES to map the same field as string # for one service and date for another service - resulting in a mapping conflict # at Kibana. The following filter recognizes both formats and normalize them to # ISO8601. If the timestamp field causes the date parsing to fail, the field is # dropped silently. if [timestamp] { date { match => ["timestamp", "ISO8601", "YYYY-MM-dd HH:mm:ss.SSSSSS"] target => "timestamp" } mutate { rename => { "timestamp" => "event_timestamp" } } if "_dateparsefailure" in [tags] { mutate { remove_field => "event_timestamp" remove_tag => ["_dateparsefailure" ] } mutate { add_field => { "[event_timestamp]" => "%{@timestamp}" } } } } else { mutate { add_field => { "[event_timestamp]" => "%{@timestamp}" } } } # Ensure that the 'service' field will always exist in the case where # something other than beaver pushes the logs to the API. if ![service] { if [type] { mutate { add_field => { "service" => "%{type}" } } } else { mutate { add_field => { "service" => "other" } } } } # Decide what ES index the log should go into based on the 'log_type' and 'service' # Also ensure that each type has it's own index to avoid mapping conflicts going forward if "audit" in [log_type] { mutate { add_field => { "[@metadata][es_index]" => "{{ logstash_audit_logs_prefix }}%{service}-%{+YYYY.MM.dd}" } } mutate { remove_field => "log_type" } } else { mutate { add_field => { "[@metadata][es_index]" => "{{ logstash_operational_logs_prefix }}%{service}-%{+YYYY.MM.dd}" } } } } # Logstash outputs #---------------------------------------------------------------------------------------- output { # Configure Elasticsearch output # http://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html elasticsearch { index => "%{[@metadata][es_index]}" hosts => ["{{ elasticsearch_http_host }}:{{ elasticsearch_http_port }}"] flush_size => {{ logstash_flush_size }} idle_flush_time => 5 workers => {{ logstash_threads }} } } 07070100000103000081A40000000000000000000000015FFF6748000016F7000000000000000000000000000000000000006000000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/templates/prune_es_indices.sh.j2#!/bin/bash # # (c) Copyright 2015-2016 Hewlett Packard Enterprise Development LP # (c) Copyright 2017-2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This script helps prune the Elasticsearch indices to prevent unchecked growth # It has to be stored under /etc/cron.daily or /etc/cron.weekly logfile={{ curator_log_path }} configfile=/etc/elasticsearch/curator.yml dt="$(date +"%Y-%m-%d %H:%M:%S")\t\t" es_log_partition={{ curator_es_partition }} es_backup_enabled={% if curator_enable_backup %}true {% else %}false {% endif %} es_backup_partition={{ curator_es_backup_partition }} es_repo_name="{{ curator_backup_repo_name }}" backup_done=false curator_options="--config $configfile" curator_filter_list_json='[{"filtertype":"pattern","kind":"regex","value":"^logstash-.*$"},{"filtertype":"age","source":"name","direction":"older","timestring":"%Y.%m.%d","unit":"days","unit_count":UNIT_COUNT}]' curator_filter_list="--ignore_empty_list --filter_list $curator_filter_list_json" # function to find the current used size of the ES parition function get_current_es_partition_size() { echo $(df -h $es_log_partition | tail -1 | awk '{print $5}' | grep -Po '[0-9]+' ) } # function to backup es indices to a shared partition function backup_es_indices() { # if already backed up, just return [ $backup_done == true ] && return # if there is another back done earlier today, just return # this could happen either if this script is run from another node or # the water mark based deletion has kicked in backup_file_path="${es_backup_partition}/snapshot-curator-$(date +%Y%m%d)*" [ -f $backup_file_path ] && backup_done=true && return # check if backup is enabled if [ $es_backup_enabled == true ]; then echo -e "$dt Beginning backup of Elasticsearch indices..." >> $logfile repo_already_exists=$(es_repo_mgr $curator_options show | grep -c $es_repo_name) if [ $repo_already_exists -eq 0 ]; then # create the repo echo -e "$dt Creating repository $es_repo_name ..." >> $logfile es_repo_mgr $curator_options create fs --repository $es_repo_name --location $es_backup_partition fi $bin_name $curator_options snapshot --repository $es_repo_name --ignore_empty_list --filter_list '[{"filtertype":"pattern","kind":"prefix","value":"logstash"}]' if [ $? -eq 0 ]; then backup_done=true echo -e "$dt Backup completed." >> $logfile else echo -e "$dt Backup failed! Please check Elasticsearch logs for more details." >> $logfile fi else echo -e "$dt Backup not enabled." >> $logfile fi } echo -e "$dt Running prune_es_indices cron script ..." >> $logfile # first, check if this script should even run! enable_pruning={{ curator_enable | bool }} if [ $enable_pruning == False ]; then echo -e "$dt Pruning is not enabled. Exiting..." >> $logfile exit 1 fi bin_name={{ curator_bin_path }} # bail if another instance is running if [ $(pidof -x $bin_name | wc -w) -gt 0 ]; then echo -e "$dt Curator is already running. Exiting..." >> $logfile exit 2 fi # bail if curator is not installed if [ ! -f $bin_name ]; then echo -e "$dt $bin_name not found. Is curator installed ? If so, please make sure the curator_bin_path variable is set correctly. Exiting..." >> $logfile exit 3 fi # ready to run curator tasks now low_watermark={{ curator_low_watermark_percent }} high_watermark={{ curator_high_watermark_percent }} current_level=$(get_current_es_partition_size) if [ $current_level -gt $low_watermark ] && [ $current_level -lt $high_watermark ]; then echo -e "$dt WARNING: $es_log_partition running low (crossed $low_watermark%) on disk space! Please backup ES indices. Will delete old indices when usage reaches $high_watermark%!" >> $logfile fi num_of_indices_to_keep={{ curator_num_of_indices_to_keep }} if [ $num_of_indices_to_keep -gt 0 ]; then # check if there are any old indices that needs to be pruned pruning_required=$($bin_name $curator_options show_indices ${curator_filter_list//UNIT_COUNT/$num_of_indices_to_keep} | wc -l) if [ $pruning_required -ne 0 ]; then # backup the indices first backup_es_indices fi echo -e "$dt Running curator to delete indices older than $num_of_indices_to_keep days old..." >> $logfile $bin_name $curator_options delete_indices ${curator_filter_list//UNIT_COUNT/$num_of_indices_to_keep} fi for i in $(seq $num_of_indices_to_keep -1 1); do current_level=$(get_current_es_partition_size) # check if we still need to make space if [ $current_level -gt $high_watermark ]; then backup_es_indices echo -e "$dt $es_log_partition is still over $high_watermark%. Keeping the $i most recent indices and deleting the others..." >> $logfile $bin_name $curator_options delete_indices ${curator_filter_list//UNIT_COUNT/$i} fi done current_level=$(get_current_es_partition_size) # check if we still need to make space if [ $current_level -gt $high_watermark ]; then echo -e "$dt ERROR: $es_log_partition is still over $high_watermark%. Please consider increasing the partition size for {{ curator_es_partition }}" >> $logfile fi # close indices, if required close_indices_after_days={{ curator_close_indices_after_days | int }} if [ $close_indices_after_days -gt 0 ]; then $bin_name $curator_options close ${curator_filter_list//UNIT_COUNT/{{ curator_close_indices_after_days }}} fi 07070100000104000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000004400000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/vars07070100000105000081A40000000000000000000000015FFF67480000031B000000000000000000000000000000000000004F00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/vars/debian.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- logging_server_required_packages: - curl - default-jre-headless - python-passlib - python-pika - python-yaml - elasticsearch-curator logging_server_component_packages: - kibana_package_version: 4.5.007070100000106000081A40000000000000000000000015FFF6748000003CF000000000000000000000000000000000000004D00000000ardana-logging-8.0+git.1610573640.452aed1/roles/logging-server/vars/suse.yml# # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- logging_server_required_packages: - curl - java-1_8_0-openjdk-headless - python-passlib - python-pika - python-PyYAML - python-elasticsearch-curator logging_server_component_packages: - elasticsearch - logstash - kibana zypper_kibana_package_name: kibana # Installed kibana package version. Left blank here as value is # determined using zypper info kibana_package_version: 07070100000107000041ED0000000000000000000000025FFF674800000000000000000000000000000000000000000000003000000000ardana-logging-8.0+git.1610573640.452aed1/tools07070100000108000081ED0000000000000000000000015FFF674800008389000000000000000000000000000000000000003F00000000ardana-logging-8.0+git.1610573640.452aed1/tools/kronos-util.py# (c) Copyright 2016,2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2017 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #!/usr/bin/env python3 import sys import yaml import string import os.path import argparse from html.parser import HTMLParser DEFAULT = "\033[0m" GREEN = "\033[00;32m" BLUE = "\033[94m" YELLOW = "\033[93m" RED = "\033[91m" # Colorful output def red(msg, *args, **kwargs): printc(RED, msg, *args, **kwargs) def yellow(msg, *args, **kwargs): printc(YELLOW, msg, *args, **kwargs) def blue(msg, *args, **kwargs): printc(BLUE, msg, *args, **kwargs) def green(msg, *args, **kwargs): printc(GREEN, msg, *args, **kwargs) def die(msg=None, *args, **kwargs): if not msg: red("die die die") else: red(msg, *args, **kwargs) sys.exit() def printc(color, msg, *args, **kwargs): end = "\n" if 'end' in kwargs: end = kwargs['end'] try: if msg is string: print(color + msg.format(*args), end=end) else: print(color + str(msg), end=end) finally: print(DEFAULT, end='') class Entry(): se = "se" # Service fd = "fd" # Foundation ex = ".ex" # Rotation is handled externally but still need to track centralized logging json = "json" rawjson = "rawjson" daily = "daily" daily = "weekly" daily = "monthly" def __init__(self, service=None, sub_service=None, logfile=None): self.service = service # 0: The service or component name self.sub_service = sub_service # 1: The sub-service or sub-component name self.status = None # 2: Save the status of the self.hostgroups = [] # 3: The hostgroups that the sub_service is found in self.logfile = logfile # 4: The log files that we are working with self.logged = None # 5: Centrally log the log or not self.frequency = None # 5: How often or frequent rotate should run to monitor logs self.maxsize = None # 6: How large the files are allowed to grow before being rotated self.retention = None # 7: How many logs to keep before deleting them self.create_user = None # 8: User to use for creating new log files self.create_group = None # 9: Group to use for creating new log files self.su_user = None # self.su_group = None # # Ardana OpenStack data self.format = None self.notifempty = False def __str__(self): result = "{: <18} ".format(str(self.service)) result += "{: <18} ".format(str(self.sub_service)) result += "{: <13} ".format(str(self.status)) result += "{: <15} ".format(','.join(self.hostgroups)) result += "{: <58} ".format(str(self.logfile)) result += "{: <6} ".format(str(self.logged)) result += "{: <7} ".format(str(self.frequency)) result += "{: >4} ".format(str(self.maxsize)) result += "{: >3} ".format(str(self.retention)) result += "{: >9} ".format(str(self.format)) result += "{: >13} ".format(str(self.create_user)) result += "{: >13}".format(str(self.create_group)) return result # Parse the Services HTML data class Parser(HTMLParser): entries = [] def __init__(self, debug): """Initialize the parser :debug: provide debug output if set """ HTMLParser.__init__(self) self._debug = debug self._index = -1 self._dindex = -1 self._th = 0 self._entry = None self._start = False def handle_starttag(self, tag, attrs): # Count header to determine when to start tracking data if tag == "th": self._th += 1 if self._th == 9: self._start = True # Create new entries and handle indexing data elif self._start: if tag == "tr": self._index = self._dindex = -1 self._entry = Entry() elif tag == "td": self._index += 1 def handle_endtag(self, tag): # Stop tracking data once the end of the table is reached if self._start and tag == "table": self._start = False # Save off entries and handle null data if self._start and self._entry: if tag == "tr": self.entries.append(self._entry) # Handle null data as data call back doesn't get called in this case elif tag == "td" and self._index != self._dindex: self._dindex += 1 self.set_data(None, self._dindex) def handle_data(self, data): if self._start and self._index != -1: # Multiple lines in a single cell will come in as separate data callbacks # so don't increment data index if equal to index if self._dindex < self._index: self._dindex += 1 self.set_data(data, self._dindex) def set_data(self, data, index): if index == 0: if not data and len(self.entries) > 0: data = self.entries[-1].service self._entry.service = data.strip() if data else data if self._debug: print("0: {}".format(self._entry.service)) elif index == 1: if not data and len(self.entries) > 0: data = self.entries[-1].sub_service self._entry.sub_service = data.strip() if data else data if self._debug: print("1: {}".format(self._entry.sub_service)) elif index == 2: if not data and len(self.entries) > 0: data = self.entries[-1].status self._entry.status = data.lower().strip() if data else data # Abort if non supported status detected if self._entry.status not in (Entry.se, Entry.fd) and Entry.ex not in self._entry.status: self._entry = None self._start = False if self._debug and self._entry: print("2: {}".format(self._entry.status)) elif index == 3: if not data and len(self.entries) > 0: self._entry.hostgroups = self.entries[-1].hostgroups else: self._entry.hostgroups.append(data.strip() if data else data) if self._debug: print("3: {}".format(self._entry.hostgroups)) elif index == 4: self._entry.logfile = data.strip() if data else data if self._debug: print("4: {}".format(self._entry.logfile)) elif index == 5: self._entry.logged = True if data and 'x' in data.strip().lower() else False if self._debug: print("5: {}".format(self._entry.logged)) elif index == 6: if not data and len(self.entries) > 0: data = self.entries[-1].frequency self._entry.frequency = data.strip() if data else data if self._debug: print("6: {}".format(self._entry.frequency)) elif index == 7: if not data and len(self.entries) > 0: data = self.entries[-1].maxsize self._entry.maxsize = data.strip() if data else data if self._debug: print("7: {}".format(self._entry.maxsize)) elif index == 8: if not data and len(self.entries) > 0: data = self.entries[-1].retention self._entry.retention = data.strip() if data else data if self._debug: print("8: {}".format(self._entry.retention)) elif index == 9: self._entry.create_user = data.strip() if data else data if self._debug: print("9: {}".format(self._entry.create_user)) elif index == 10: self._entry.create_group = data.strip() if data else data if self._debug: print("10: {}".format(self._entry.create_group)) # Validate Wiki data against yml class KronosUtil(HTMLParser): true = "true" false = "false" def __init__(self, debug, wiki, ardana_files): """ Initialize :debug: provide debug output if set :wiki: html file containing wiki data :ardana_files: list of files to validate data against """ self._debug = debug # Parse entries self.openstack_entries = [] self.wiki_entries = None # Load data from HTML with open(wiki, "r") as strm: html = strm.read() parser = Parser(self._debug) parser.feed(html) self.wiki_entries = parser.entries # Load host group mappings hostgroup_mappings = {} hostgroup_file = os.path.join(os.path.dirname(ardana_files[0]) + "../../../kronos-producer-configure.yml") with open(hostgroup_file, "r") as f: for entry in [x["include"] for x in yaml.load(f) if "include" in x]: pieces = entry.split(" ") target_hosts = pieces[1][pieces[1].find("=")+1:] vars_file = pieces[2][pieces[2].find("=")+1:pieces[2].find("-clr.yml")] if vars_file not in hostgroup_mappings: hostgroup_mappings[vars_file] = [] hostgroup_mappings[vars_file].append(target_hosts) # Load Ardana OpenStack logging files data for ardana_file in ardana_files: with open(ardana_file, "r") as strm: sub_service = yaml.load(strm)["sub_service"] # Create entry per log for option in sub_service["logging_options"]: for logfile in option["files"]: # 0 - Service entry = Entry(sub_service["service"]) # 1 - Sub-Service entry.sub_service = sub_service["name"] # 2 - Status # 3 - Host Groups if sub_service["name"] in hostgroup_mappings: entry.hostgroups = hostgroup_mappings[sub_service["name"]] # 4 - Logfile entry.logfile = logfile # Central logging options #---------------------------------------------- # 5 - Logged #print(logfile) if "centralized_logging" in option: entry.logged = option["centralized_logging"]["enabled"] entry.format = option["centralized_logging"]["format"] # Log rotate options #---------------------------------------------- if "log_rotate" in option: log_rotate = option["log_rotate"] # 6 - Frequency if "daily" in log_rotate: entry.frequency = "daily" if "weekly" in log_rotate: entry.frequency = "weekly" if "monthly" in log_rotate: entry.frequency = "monthly" # 7 - Maxsize try: entry.maxsize = next(x[x.find('maxsize') + 8:] for x in log_rotate if 'maxsize' in x) except: pass # 8 - Retention try: entry.retention = next(x[x.find('rotate') + 7:] for x in log_rotate if 'rotate' in x) except: pass # 9 - Create User try: entry.create_user = next(x.split(" ")[2] for x in log_rotate if 'create' in x) except: pass # 10 - Create Group try: entry.create_group = next(x.split(" ")[3] for x in log_rotate if 'create' in x) except: pass # 9 - Su User try: entry.su_user = next(x.split(" ")[2] for x in log_rotate if 'su' in x) except: pass # 10 - Su Group try: entry.su_group = next(x.split(" ")[3] for x in log_rotate if 'su' in x) except: pass # Fail if listed more than once if len(list(filter(lambda x: x == "notifempty", log_rotate))) > 1: print("{:.<60} multiple notifempty in '{}'".format(entry.logfile, entry.sub_service)) sys.exit() if 'notifempty' in log_rotate: entry.notifempty = True self.openstack_entries.append(entry) def first(self, func, iterable): """Get the first item that matches the func or return None :returns: first matching item else None """ result = None if type(iterable) == dict: for k, v in iterable.items(): if func(k, v): result = iterable[k] break else: for x in iterable: if func(x): result = x break return result def validate(self, all, service, service_names, hostgroups, users, rotate_freq, rotate_maxsize, rotate_retention): """Validate the given paramters against OpenStack using Wiki data :all: validate all :service: validate the given service only :service_names: validate the service name :hostgroups: validate the service's hostgroups are correct :users: validate the logfiles have the correct users and groups set :rotate_freq: validate that all logs have correct frequency :rotate_maxsize: validate that all logs have correct maxsize :rotate_retention: validate that all logs have correct retention """ # Filter down to just the service we are interested in if given openstack_entries = self.openstack_entries wiki_entries = self.wiki_entries if service: blue("<[={:-^85}=]> ".format(service)) openstack_entries = self.first(lambda x, y: service in x, self.group_by_service(self.openstack_entries)) wiki_entries = self.first(lambda x, y: service in x, self.group_by_service(self.wiki_entries)) # Validate services names are correct if all or service or service_names: result = True yellow("<[={:-^85}=]> ".format("Validating service names"), end="") # Validate all wiki entries exist in the code for wiki_entry in wiki_entries: openstack_entry = self.first(lambda x: x.sub_service == wiki_entry.sub_service, openstack_entries) if not openstack_entry: if result: red("[failure]") print("{:.<60}doesn't exist".format(wiki_entry.sub_service)) result = False # Validate all host entries exist on the wiki for openstack_entry in openstack_entries: wiki_entry = self.first(lambda x: x.sub_service == openstack_entry.sub_service, wiki_entries) if not wiki_entry: if result: red("[failure]") print("{:.<60}shouldn't exist".format(openstack_entry.sub_service)) result = False if result: green("[success]") # Validate hostgroups are correct if all or service or hostgroups: result = True yellow("<[={:-^85}=]> ".format("Validating service hostgroups"), end="") for wiki_entry in wiki_entries: openstack_entry = self.first(lambda x: x.logfile == wiki_entry.logfile, openstack_entries) for x in wiki_entry.hostgroups: if openstack_entry and x not in openstack_entry.hostgroups: if result: red("[failure]") print("{:.<60}hostgroups {} not found".format(wiki_entry.logfile, str(wiki_entry.hostgroups))) result = False if openstack_entry: for x in openstack_entry.hostgroups: if x not in wiki_entry.hostgroups: if result: red("[failure]") print("{:.<60}hostgroups {} shouldn't exist".format(wiki_entry.logfile, str(x))) result = False if result: green("[success]") # Validate Wiki entries intended to be logged are logged and nothing else if all or service: result = True yellow("<[={:-^85}=]> ".format("Validating logging"), end="") for wiki_entry in wiki_entries: openstack_entry = self.first(lambda x: x.logfile == wiki_entry.logfile, openstack_entries) if not openstack_entry: if result: red("[failure]") print("{:.<60}doesn't exist".format(wiki_entry.logfile)) result = False elif not openstack_entry.logged and wiki_entry.logged: if result: red("[failure]") print("{:.<60}not logged".format(wiki_entry.logfile)) result = False for openstack_entry in openstack_entries: if openstack_entry.logged: wiki_entry = self.first(lambda x: x.logfile == openstack_entry.logfile, wiki_entries) if not wiki_entry or not wiki_entry.logged: if result: red("[failure]") print("{:.<60}being logged and shouldn't be".format(openstack_entry.logfile)) result = False if result: green("[success]") # Validate create users and groups are correct if all or service or users: result = True yellow("<[={:-^85}=]> ".format("Validating create users and groups"), end="") for wiki_entry in wiki_entries: if Entry.ex in wiki_entry.status: continue openstack_entry = self.first(lambda x: x.logfile == wiki_entry.logfile, openstack_entries) if openstack_entry and openstack_entry.create_user != wiki_entry.create_user: if result: red("[failure]") print("{:.<60}user '{}' should be '{}'".format(wiki_entry.logfile, str(openstack_entry.create_user), str(wiki_entry.create_user))) result = False if openstack_entry and openstack_entry.create_group != wiki_entry.create_group: if result: red("[failure]") print("{:.<60}group '{}' should be '{}'".format(wiki_entry.logfile, str(openstack_entry.create_group), str(wiki_entry.create_group))) result = False if result: green("[success]") # Validate all logs are being rotated correctly if all or service or rotate_freq or rotate_maxsize or rotate_retention: result = True yellow("<[={:-^85}=]> ".format("Validating all logs are being rotated"), end="") for wiki_entry in wiki_entries: if Entry.ex in wiki_entry.status: continue openstack_entry = self.first(lambda x: x.logfile == wiki_entry.logfile, openstack_entries) if not openstack_entry: if result: red("[failure]") print("{:.<60}not rotated".format(wiki_entry.logfile)) result = False sys.exit() for openstack_entry in openstack_entries: wiki_entry = self.first(lambda x: x.logfile == openstack_entry.logfile, wiki_entries) if not wiki_entry: if result: red("[failure]") print("{:.<60}rotated but not on Wiki".format(openstack_entry.logfile)) result = False sys.exit() elif Entry.ex in wiki_entry.status and any((openstack_entry.frequency, openstack_entry.retention, openstack_entry.maxsize)): if result: red("[failure]") print("{:.<60}rotated but external on Wiki".format(openstack_entry.logfile)) result = False sys.exit() if result: green("[success]") # Validate rotate frequency if all or service or rotate_freq: result = True yellow("<[={:-^85}=]> ".format("Validating logging rotate frequency"), end="") for wiki_entry in wiki_entries: if Entry.ex in wiki_entry.status: continue openstack_entry = self.first(lambda x: x.logfile == wiki_entry.logfile, openstack_entries) if openstack_entry.frequency != wiki_entry.frequency: if result: red("[failure]") print("{:.<60}frequency '{}' should be '{}'".format(wiki_entry.logfile, str(openstack_entry.frequency), str(wiki_entry.frequency))) result = False if result: green("[success]") # Validate rotate retention if all or service or rotate_retention: result = True yellow("<[={:-^85}=]> ".format("Validating logging rotate retention"), end="") for wiki_entry in wiki_entries: if Entry.ex in wiki_entry.status: continue openstack_entry = self.first(lambda x: x.logfile == wiki_entry.logfile, openstack_entries) if openstack_entry.retention != wiki_entry.retention: if result: red("[failure]") print("{:.<60}retention '{}' should be '{}'".format(wiki_entry.logfile, str(openstack_entry.retention), str(wiki_entry.retention))) result = False if result: green("[success]") # Validate rotate maxsize if all or service or rotate_maxsize: result = True yellow("<[={:-^85}=]> ".format("Validating logging rotate maxsize"), end="") for wiki_entry in wiki_entries: if Entry.ex in wiki_entry.status: continue openstack_entry = self.first(lambda x: x.logfile == wiki_entry.logfile, openstack_entries) if openstack_entry.maxsize != wiki_entry.maxsize: if result: red("[failure]") print("{:.<60}maxsize '{}' should be '{}'".format(wiki_entry.logfile, str(openstack_entry.maxsize), str(wiki_entry.maxsize))) result = False if result: green("[success]") def disk_usage(self, service=None, openstack=False): """Calculate disk usage for all services :service: validate the given service only :openstack: base calculations off openstack entries """ size_fd = 0 # Disk consumption sum size_se = 0 # Disk consumption sum max_disk = 65000 # 13% of 500G = 65G reserve = 3250 # 5% of 65G = 3.25G alloc_fd = 6500 # 10% of 65G = 6.5G services = 55000 # 85% of 65G = 55G alloc_per_se = 2500 # 55G/22 services = 2.5GB ea. compression = 1 - 0.80 # 80% compression ratio means multiply by 20% # Filter by service if needed openstack_entries = self.openstack_entries wiki_entries = self.wiki_entries if service: openstack_entries = self.first(lambda x, y: service in x, self.group_by_service(self.openstack_entries)) wiki_entries = self.first(lambda x, y: service in x, self.group_by_service(self.wiki_entries)) # Compute disk usage based off wiki or openstack files #-------------------------------------------------------------------------------- entries = wiki_entries if openstack: entries = openstack_entries for entry in entries: maxsize = int(entry.maxsize[:-1]) if entry.maxsize[-1] == "K": maxsize = maxsize/1024 retention = int(entry.retention) # Allow for one full maxsize log # Allow for a compression ration savings # Allow for current plus # of retention logs # Total = maxsize + (maxsize * retention * compression) val = int(maxsize + (maxsize * retention * compression)) # Adjustments if entry.service == "ceph": val *= 6 # ceph actually has 6 logs # Aggregate all services if not openstack: if Entry.fd in entry.status: size_fd += val elif Entry.se in entry.status: size_se += val else: size_se += val # Validate foundation disk usage #-------------------------------------------------------------------------------- if not service: yellow("<[={:-^85}=]> ".format("Validating foundation disk quotas"), end="") if size_fd > alloc_fd: red("[failure]") else: green("[success]") for entry in [x for x in wiki_entries if Entry.fd in x.status]: maxsize = int(entry.maxsize[:-1]) if entry.maxsize[-1] == "K": maxsize = maxsize/1024 retention = int(entry.retention) val = int(maxsize + (maxsize * retention * compression)) if size_fd > alloc_fd: print("{:.<60}Maxsize: {}, Retention: {} = {}M".format(entry.logfile, str(entry.maxsize), str(entry.retention), str(val))) print("{:.<60}".format("Results for ['{}']".format("foundation")), end="") if size_fd > alloc_fd: red("Total: {}m, Quota: {}m".format(str(size_fd), str(alloc_fd))) else: green("Total: {}M, Quota: {}M".format(str(size_fd), str(alloc_fd))) # Validate services disk usage #-------------------------------------------------------------------------------- yellow("<[={:-^85}=]> ".format("Validating service disk quotas"), end="") if size_se > services: red("[failure]") else: green("[success]") # Display per service quotas entries = wiki_entries if openstack: entries = openstack_entries grouped_by_service = self.group_by_service(entries) for service_name, entries in sorted(grouped_by_service.items()): if not openstack and not any([x for x in entries if Entry.se in x.status]): continue msg = "" size_per_se = 0 if service: msg += "<[={:-^85}=]> \n".format("{} - disk usage".format(service_name)) else: msg += "<[={:-^85}=]> \n".format(service_name) for entry in entries: maxsize = int(entry.maxsize[:-1]) if entry.maxsize[-1] == "K": maxsize = maxsize/1024 retention = int(entry.retention) val = int(maxsize + (maxsize * retention * compression)) # Adjustments if service_name == "ceph": val *= 6 # ceph actually has 6 logs size_per_se += val msg += "{:.<60}Maxsize: {}, Retention: {} = {}M\n".format(entry.logfile, str(entry.maxsize), str(entry.retention), str(val)) if size_per_se > alloc_per_se: print(msg) print("{:.<60}".format("Results for ['{}']".format(entry.service)), end="") if size_per_se > alloc_per_se: red("Total: {}M, Quota: {}M".format(str(size_per_se), str(alloc_per_se))) else: green("Total: {}M, Quota: {}M".format(str(size_per_se), str(alloc_per_se))) print("{0:-<91}\n{0:-<91}\n{1:.<60}".format("", "Services total results"), end="") if size_se > services: red("Total: {}M, Quota: {}M".format(str(size_se), str(services))) else: green("Total: {}M, Quota: {}M".format(str(size_se), str(services))) def group_by_service(self, entries): """Sort log files by service first (e.g. /var/log/neutron) :entries: entries to sort by service :results: sorted entries by service """ # Sort log files by service grouped_by_service = {} for entry in entries: if entry.service not in grouped_by_service: grouped_by_service[entry.service] = [] grouped_by_service[entry.service].append(entry) return grouped_by_service #---------------------------------------------------------------------------------------- if __name__ == '__main__': app = 'kronos-util' version = '0.0.1' examples = "Validate all: python3 tools/{}.py --wiki ~/services.htm --all\n".format(app) examples = "Validate service: python3 tools/{}.py --wiki ~/services.htm --service=octavia\n".format(app) examples += "Validate disk usage: python3 tools/{}.py --wiki ~/services.htm --disk-usage\n".format(app) examples += "Validate service names: python3 tools/{}.py --wiki ~/services.htm --service-names\n".format(app) title = ("{0}_v{1}\n---------------------------------------------------------------------------------".format(app, version)) parser = argparse.ArgumentParser() parser.add_argument('-d', '--debug', action="store_true", help="Validate all parameters") parser.add_argument('--wiki', help="Wiki HTML data to parse and validate") parser.add_argument('--openstack', help="Directory to search for OpenStack files") parser.add_argument('--all', action="store_true", help="Validate all parameters") parser.add_argument('--service', help="Validate service names") parser.add_argument('--service-names', dest="service_names", action="store_true", help="Validate service names") parser.add_argument('--hostgroups', action="store_true", help="Validate service's hostgroups") parser.add_argument('--users', action="store_true", help="Validate service's logfile users") parser.add_argument('--rotate-freq', dest="rotate_freq", action="store_true", help="Validate rotate frequency") parser.add_argument('--rotate-maxsize', dest="rotate_maxsize", action="store_true", help="Validate rotate maxsize") parser.add_argument('--rotate-retention', dest="rotate_retention", action="store_true", help="Validate rotate retention") parser.add_argument('--list-wiki', dest="list_wiki", action="store_true", help="List the wiki entries") parser.add_argument('--list-openstack', dest="list_ardana", action="store_true", help="List the OpenStack entries") parser.add_argument('--disk-usage', dest="disk_usage", action="store_true", help="Calculate disk usage for services") parser.add_argument('--disk-usage-openstack', dest="disk_usage_ardana", action="store_true", help="Calculate disk usage for services base on openstack values") parser.add_argument('--rename', action="store_true", help="Rename OpenStack logrotate vars") args = parser.parse_args() # Execute validOpts = False result = True if args.wiki: print(title) validOpts = True # Set path correctly if not args.openstack: args.openstack = os.getcwd() if os.path.basename(args.openstack) == "logging-ansible": args.openstack = os.path.join(args.openstack, 'roles/logging-common/vars') elif os.path.basename(args.openstack) == "tools": args.openstack = os.path.join(args.openstack, '../roles/logging-common/vars') else: die("Error: incorrect openstack source directory, run from logging-ansible") os.chdir(args.openstack) ardana_files = [x for x in os.listdir(args.openstack) if ((os.path.basename(x).endswith('.yml')) \ and os.path.basename(x) != 'services.yml')] kronos_util = KronosUtil(args.debug, args.wiki, ardana_files) # List out the wiki entries if args.list_wiki: for x in sorted(kronos_util.wiki_entries, key=lambda y: y.service): print(x) # List out the openstack entries elif args.list_ardana: for x in sorted(kronos_util.openstack_entries, key=lambda y: y.service): print(x) # Calculate disk usage for services elif args.disk_usage: kronos_util.disk_usage(args.service, args.disk_usage_ardana) else: kronos_util.validate(args.all, args.service, args.service_names, args.hostgroups, args.users, args.rotate_freq, args.rotate_maxsize, args.rotate_retention) if args.all or args.service: kronos_util.disk_usage(args.service, args.disk_usage_ardana) else: red("Error: You must specify the wiki file to scan (i.e. download the servies wiki page as html and specify its location with --wiki)") # Print out application usage, version and help if not validOpts: yellow(title) green(examples) parser.print_help() 07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!1011 blocks
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor