diff options
Diffstat (limited to 'roles/openshift_logging_fluentd')
10 files changed, 58 insertions, 47 deletions
diff --git a/roles/openshift_logging_fluentd/defaults/main.yml b/roles/openshift_logging_fluentd/defaults/main.yml index 861935c99..9b58e4456 100644 --- a/roles/openshift_logging_fluentd/defaults/main.yml +++ b/roles/openshift_logging_fluentd/defaults/main.yml @@ -1,7 +1,5 @@ --- ### General logging settings -openshift_logging_fluentd_image_prefix: "{{ openshift_logging_image_prefix | default(__openshift_logging_image_prefix) }}" -openshift_logging_fluentd_image_version: "{{ openshift_logging_image_version | default('latest') }}" openshift_logging_fluentd_image_pull_secret: "{{ openshift_hosted_logging_image_pull_secret | default('') }}" openshift_logging_fluentd_master_url: "https://kubernetes.default.svc.{{ openshift.common.dns_domain }}" openshift_logging_fluentd_namespace: logging diff --git a/roles/openshift_logging_fluentd/files/secure-forward.conf b/roles/openshift_logging_fluentd/files/secure-forward.conf index f4483df79..87410c1c5 100644 --- a/roles/openshift_logging_fluentd/files/secure-forward.conf +++ b/roles/openshift_logging_fluentd/files/secure-forward.conf @@ -1,3 +1,4 @@ +# <store> # @type secure_forward # self_hostname ${HOSTNAME} @@ -22,3 +23,4 @@ # specify hostlabel for FQDN verification if ipaddress is used for host # hostlabel server.fqdn.example.com # </server> +# </store> diff --git a/roles/openshift_logging_fluentd/meta/main.yaml b/roles/openshift_logging_fluentd/meta/main.yaml index 2003aacb2..62f076780 100644 --- a/roles/openshift_logging_fluentd/meta/main.yaml +++ b/roles/openshift_logging_fluentd/meta/main.yaml @@ -13,3 +13,5 @@ galaxy_info: - cloud dependencies: - role: lib_openshift +- role: openshift_facts +- role: lib_utils diff --git a/roles/openshift_logging_fluentd/tasks/determine_version.yaml b/roles/openshift_logging_fluentd/tasks/determine_version.yaml index a1ba71b1b..6848eb512 100644 --- a/roles/openshift_logging_fluentd/tasks/determine_version.yaml +++ b/roles/openshift_logging_fluentd/tasks/determine_version.yaml @@ -1,16 +1,16 @@ --- # debating making this a module instead? - fail: - msg: Missing version to install provided by 'openshift_logging_image_version' - when: not openshift_logging_image_version or openshift_logging_image_version == '' + msg: Missing version to install provided by 'openshift_logging_fluentd_image_version' + when: not openshift_logging_fluentd_image_version or openshift_logging_fluentd_image_version == '' - set_fact: fluentd_version: "{{ __latest_fluentd_version }}" - when: openshift_logging_image_version == 'latest' + when: openshift_logging_fluentd_image_version == 'latest' # should we just assume that we will have the correct major version? -- set_fact: fluentd_version="{{ openshift_logging_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}" - when: openshift_logging_image_version != 'latest' +- set_fact: fluentd_version="{{ openshift_logging_fluentd_image_version | regex_replace('^v?(?P<major>\d)\.(?P<minor>\d).*$', '3_\\g<minor>') }}" + when: openshift_logging_fluentd_image_version != 'latest' - fail: msg: Invalid version specified for Fluentd diff --git a/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml b/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml index e92a35f27..1cef6c25e 100644 --- a/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml +++ b/roles/openshift_logging_fluentd/tasks/label_and_wait.yaml @@ -4,7 +4,8 @@ name: "{{ node }}" kind: node state: add - labels: "{{ openshift_logging_fluentd_nodeselector | oo_dict_to_list_of_dict }}" + labels: "{{ openshift_logging_fluentd_nodeselector | lib_utils_oo_dict_to_list_of_dict }}" # wait half a second between labels - local_action: command sleep {{ openshift_logging_fluentd_label_delay | default('.5') }} + become: no diff --git a/roles/openshift_logging_fluentd/tasks/main.yaml b/roles/openshift_logging_fluentd/tasks/main.yaml index f56810610..529859983 100644 --- a/roles/openshift_logging_fluentd/tasks/main.yaml +++ b/roles/openshift_logging_fluentd/tasks/main.yaml @@ -34,7 +34,20 @@ msg: WARNING Use of openshift_logging_mux_client_mode=minimal is not recommended due to current scaling issues when: openshift_logging_mux_client_mode is defined and openshift_logging_mux_client_mode == 'minimal' -- include: determine_version.yaml +- name: Set default image variables based on openshift_deployment_type + include_vars: "{{ var_file_name }}" + with_first_found: + - "{{ openshift_deployment_type }}.yml" + - "default_images.yml" + loop_control: + loop_var: var_file_name + +- name: Set fluentd image facts + set_fact: + openshift_logging_fluentd_image_prefix: "{{ openshift_logging_fluentd_image_prefix | default(__openshift_logging_fluentd_image_prefix) }}" + openshift_logging_fluentd_image_version: "{{ openshift_logging_fluentd_image_version | default(__openshift_logging_fluentd_image_version) }}" + +- include_tasks: determine_version.yaml # allow passing in a tempdir - name: Create temp directory for doing work in @@ -69,7 +82,7 @@ name: "aggregated-logging-fluentd" namespace: "{{ openshift_logging_fluentd_namespace }}" when: - - openshift_logging_image_pull_secret == '' + - openshift_logging_image_pull_secret == '' # set service account scc - name: Set privileged permissions for Fluentd @@ -95,38 +108,28 @@ dest: "{{ tempdir }}/fluent.conf" vars: deploy_type: "{{ openshift_logging_fluentd_deployment_type }}" - when: fluentd_config_contents is undefined - changed_when: no - copy: src: fluentd-throttle-config.yaml dest: "{{ tempdir }}/fluentd-throttle-config.yaml" - when: fluentd_throttle_contents is undefined - changed_when: no - copy: src: secure-forward.conf dest: "{{ tempdir }}/secure-forward.conf" - when: fluentd_secureforward_contents is undefined - changed_when: no - -- copy: - content: "{{ fluentd_config_contents }}" - dest: "{{ tempdir }}/fluent.conf" - when: fluentd_config_contents is defined - changed_when: no - -- copy: - content: "{{ fluentd_throttle_contents }}" - dest: "{{ tempdir }}/fluentd-throttle-config.yaml" - when: fluentd_throttle_contents is defined - changed_when: no -- copy: - content: "{{ fluentd_secureforward_contents }}" - dest: "{{ tempdir }}/secure-forward.conf" - when: fluentd_secureforward_contents is defined - changed_when: no +- import_role: + name: openshift_logging + tasks_from: patch_configmap_files.yaml + vars: + configmap_name: "logging-fluentd" + configmap_namespace: "logging" + configmap_file_names: + - current_file: "fluent.conf" + new_file: "{{ tempdir }}/fluent.conf" + - current_file: "throttle-config.yaml" + new_file: "{{ tempdir }}/fluentd-throttle-config.yaml" + - current_file: "secure-forward.conf" + new_file: "{{ tempdir }}/secure-forward.conf" - name: Set Fluentd configmap oc_configmap: @@ -146,15 +149,14 @@ name: logging-fluentd namespace: "{{ openshift_logging_fluentd_namespace }}" files: - - name: ca - path: "{{ generated_certs_dir }}/ca.crt" - - name: key - path: "{{ generated_certs_dir }}/system.logging.fluentd.key" - - name: cert - path: "{{ generated_certs_dir }}/system.logging.fluentd.crt" + - name: ca + path: "{{ generated_certs_dir }}/ca.crt" + - name: key + path: "{{ generated_certs_dir }}/system.logging.fluentd.key" + - name: cert + path: "{{ generated_certs_dir }}/system.logging.fluentd.crt" # create Fluentd daemonset - # this should change based on the type of fluentd deployment to be done... # TODO: pass in aggregation configurations - name: Generate logging-fluentd daemonset definition @@ -173,7 +175,7 @@ fluentd_nodeselector_key: "{{ openshift_logging_fluentd_nodeselector.keys()[0] }}" fluentd_nodeselector_value: "{{ openshift_logging_fluentd_nodeselector.values()[0] }}" fluentd_cpu_limit: "{{ openshift_logging_fluentd_cpu_limit }}" - fluentd_cpu_request: "{{ openshift_logging_fluentd_cpu_request }}" + fluentd_cpu_request: "{{ openshift_logging_fluentd_cpu_request | min_cpu(openshift_logging_fluentd_cpu_limit | default(none)) }}" fluentd_memory_limit: "{{ openshift_logging_fluentd_memory_limit }}" audit_container_engine: "{{ openshift_logging_fluentd_audit_container_engine | default(False) | bool }}" audit_log_file: "{{ openshift_logging_fluentd_audit_file | default() }}" @@ -188,7 +190,7 @@ namespace: "{{ openshift_logging_fluentd_namespace }}" kind: daemonset files: - - "{{ tempdir }}/templates/logging-fluentd.yaml" + - "{{ tempdir }}/templates/logging-fluentd.yaml" delete_after: true # Scale up Fluentd @@ -204,7 +206,7 @@ openshift_logging_fluentd_hosts: "{{ fluentd_hosts.results.results[0]['items'] | map(attribute='metadata.name') | list }}" when: "'--all' in openshift_logging_fluentd_hosts" -- include: label_and_wait.yaml +- include_tasks: label_and_wait.yaml vars: node: "{{ fluentd_host }}" with_items: "{{ openshift_logging_fluentd_hosts }}" diff --git a/roles/openshift_logging_fluentd/templates/fluentd.j2 b/roles/openshift_logging_fluentd/templates/fluentd.j2 index b07175a50..c6256cf49 100644 --- a/roles/openshift_logging_fluentd/templates/fluentd.j2 +++ b/roles/openshift_logging_fluentd/templates/fluentd.j2 @@ -29,7 +29,7 @@ spec: containers: - name: "{{ daemonset_container_name }}" image: "{{ openshift_logging_fluentd_image_prefix }}{{ daemonset_name }}:{{ openshift_logging_fluentd_image_version }}" - imagePullPolicy: Always + imagePullPolicy: IfNotPresent securityContext: privileged: true {% if (fluentd_memory_limit is defined and fluentd_memory_limit is not none) or (fluentd_cpu_limit is defined and fluentd_cpu_limit is not none) or (fluentd_cpu_request is defined and fluentd_cpu_request is not none) %} @@ -130,7 +130,7 @@ spec: containerName: "{{ daemonset_container_name }}" resource: limits.memory - name: "FILE_BUFFER_LIMIT" - value: "{{ openshift_logging_fluentd_file_buffer_limit | default('256i') }}" + value: "{{ openshift_logging_fluentd_file_buffer_limit | default('256Mi') }}" {% if openshift_logging_mux_client_mode is defined and ((openshift_logging_mux_allow_external is defined and openshift_logging_mux_allow_external | bool) or (openshift_logging_use_mux is defined and openshift_logging_use_mux | bool)) %} diff --git a/roles/openshift_logging_fluentd/vars/default_images.yml b/roles/openshift_logging_fluentd/vars/default_images.yml new file mode 100644 index 000000000..6d127b730 --- /dev/null +++ b/roles/openshift_logging_fluentd/vars/default_images.yml @@ -0,0 +1,3 @@ +--- +__openshift_logging_fluentd_image_prefix: "{{ openshift_logging_image_prefix | default('docker.io/openshift/origin-') }}" +__openshift_logging_fluentd_image_version: "{{ openshift_logging_image_version | default('latest') }}" diff --git a/roles/openshift_logging_fluentd/vars/main.yml b/roles/openshift_logging_fluentd/vars/main.yml index 92a426952..762e3d4d0 100644 --- a/roles/openshift_logging_fluentd/vars/main.yml +++ b/roles/openshift_logging_fluentd/vars/main.yml @@ -1,5 +1,5 @@ --- -__latest_fluentd_version: "3_6" -__allowed_fluentd_versions: ["3_5", "3_6", "3_7"] +__latest_fluentd_version: "3_8" +__allowed_fluentd_versions: ["3_5", "3_6", "3_7", "3_8"] __allowed_fluentd_types: ["hosted", "secure-aggregator", "secure-host"] __allowed_mux_client_modes: ["minimal", "maximal"] diff --git a/roles/openshift_logging_fluentd/vars/openshift-enterprise.yml b/roles/openshift_logging_fluentd/vars/openshift-enterprise.yml new file mode 100644 index 000000000..d0c74f1fb --- /dev/null +++ b/roles/openshift_logging_fluentd/vars/openshift-enterprise.yml @@ -0,0 +1,3 @@ +--- +__openshift_logging_fluentd_image_prefix: "{{ openshift_logging_image_prefix | default('registry.access.redhat.com/openshift3/') }}" +__openshift_logging_fluentd_image_version: "{{ openshift_logging_image_version | default ('v3.7') }}" |