Remove usage of rsyslog roles

We've switched all services to store logs to journald by default and
rsyslog roles are not used except really small amount of usecases that
also hardly valid as of today. With that we deprecate repos and remove
their usega to reduce maintenance load.

Change-Id: Iefd4143f83f4df44b917180000a1aa57161b2811
This commit is contained in:
Dmitriy Rabotyagov 2022-10-19 15:10:53 +02:00
parent fef2375ea1
commit bc5428b21d
30 changed files with 27 additions and 278 deletions

View File

@ -269,18 +269,6 @@
version: master
trackbranch: master
shallow_since: '2022-06-19'
- name: rsyslog_client
scm: git
src: https://opendev.org/openstack/openstack-ansible-rsyslog_client
version: master
trackbranch: master
shallow_since: '2022-06-19'
- name: rsyslog_server
scm: git
src: https://opendev.org/openstack/openstack-ansible-rsyslog_server
version: master
trackbranch: master
shallow_since: '2022-06-19'
- name: bird
scm: git
src: https://github.com/logan2211/ansible-bird

View File

@ -120,8 +120,6 @@ Infrastructure service roles
- :role_docs:`repo_server`
- :role_docs:`rsyslog_server`
OpenStack service roles
-----------------------
@ -194,7 +192,6 @@ Other roles
- :role_docs:`openstack_openrc`
- :role_docs:`rsyslog_client`
Configuring service credentials
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

View File

@ -15,8 +15,8 @@ The installation process requires running three main playbooks:
on target hosts.
- The ``setup-infrastructure.yml`` Ansible infrastructure playbook installs
infrastructure services: Memcached, the repository server, Galera, RabbitMQ,
and rsyslog.
infrastructure services: Memcached, the repository server, Galera and
RabbitMQ.
- The ``setup-openstack.yml`` OpenStack playbook installs OpenStack services,
including Identity (keystone), Image (glance), Block Storage (cinder),

View File

@ -352,22 +352,7 @@
<td></td>
<td></td>
</tr>
<tr >
<td>rsyslog_client</td>
<td>Mitaka</td>
<td>Complete</td>
<td></td>
<td></td>
<td></td>
</tr>
<tr >
<td>rsyslog_server</td>
<td>Mitaka</td>
<td>Complete</td>
<td></td>
<td></td>
<td></td>
</tr></table>
</table>
<h3>Retired roles</h3>
<table class="table table-bordered">
@ -390,6 +375,16 @@
<td>Mitaka</td>
<td>Ussuri</td>
</tr>
<tr >
<td>rsyslog_client</td>
<td>Mitaka</td>
<td>Zed</td>
</tr>
<tr >
<td>rsyslog_server</td>
<td>Mitaka</td>
<td>Zed</td>
</tr>
<tr>
<td>pip_install</td>
<td>Mitaka</td>

View File

@ -68,12 +68,6 @@ OpenStack-Ansible deploys the following infrastructure components:
OpenStack environment. It is set to automatically use the internal service
endpoints.
* Log aggregation host
A rsyslog service is optionally set up to receive rsyslog traffic from all
hosts and containers. You can replace rsyslog with any alternative log
receiver.
* Unbound DNS container
Containers running an `Unbound DNS`_ caching service can optionally be

View File

@ -111,9 +111,6 @@ container_skel:
rabbit_mq_container:
properties:
is_metal: true
rsyslog_container:
properties:
is_metal: true
sahara_container:
properties:
is_metal: true

View File

@ -119,11 +119,6 @@ haproxy_hosts:
infra3:
ip: 172.29.236.13
# rsyslog server
log_hosts:
log1:
ip: 172.29.236.14
###
### OpenStack
###

View File

@ -318,11 +318,6 @@ haproxy_hosts:
infra3:
ip: 172.29.242.10
# rsyslog server
log_hosts:
log1:
ip: 172.29.236.11
###
### OpenStack
###

View File

@ -121,11 +121,6 @@ repo-infra_hosts: *infrastructure_hosts
# Dedicated hardware is best for improved performance and security.
haproxy_hosts: *infrastructure_hosts
# rsyslog server
log_hosts:
log1:
ip: 172.29.236.14
###
### OpenStack
###

View File

@ -104,11 +104,6 @@ haproxy_hosts:
infra3:
ip: 172.29.236.13
# rsyslog server
log_hosts:
log1:
ip: 172.29.236.14
###
### OpenStack
###

View File

@ -157,11 +157,6 @@ haproxy_hosts:
infra3:
ip: 172.29.236.13
# rsyslog server
log_hosts:
log1:
ip: 172.29.236.14
###
### OpenStack
###

View File

@ -119,11 +119,6 @@ haproxy_hosts:
infra3:
ip: 172.29.236.13
# rsyslog server
log_hosts:
log1:
ip: 172.29.236.14
###
### OpenStack
###

View File

@ -1,36 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
component_skel:
rsyslog:
belongs_to:
- rsyslog_all
container_skel:
rsyslog_container:
belongs_to:
- log_containers
contains:
- rsyslog
physical_skel:
log_containers:
belongs_to:
- all_containers
log_hosts:
belongs_to:
- hosts

View File

@ -47,11 +47,6 @@ os_distro_version: "{{ (ansible_facts['distribution'] | lower) | replace(' ', '_
openstack_lock_dir: "/run/lock"
# Ensure that the package state matches the global setting
rsyslog_client_package_state: "{{ package_state }}"
rsyslog_client_enabled: False
rsyslog_server_enabled: False
# URL for the frozen internal openstack repo.
repo_server_port: 8181

View File

@ -1,19 +0,0 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
rsyslog_server_storage_directory: /var/log/log-storage
# Ensure that the package state matches the global setting
rsyslog_package_state: "{{ package_state }}"

View File

@ -24,8 +24,6 @@ hosts
[repo_all]
[rsyslog]
[unbound]
[utility_all]
@ -225,8 +223,6 @@ nova_scheduler
placement_api
[placement_api]
[rsyslog_all]
[sahara_all:children]
sahara_api
sahara_engine

View File

@ -114,13 +114,6 @@
tags:
- crontab
post_tasks:
- include_tasks: "common-tasks/rsyslog-client.yml"
vars:
rsyslog_client_log_rotate_file: ceph_log_rotate
rsyslog_client_log_dir: "/var/log/ceph"
rsyslog_client_config_name: "99-ceph-rsyslog-client.conf"
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- ceph
@ -177,13 +170,6 @@
tags:
- crontab
post_tasks:
- include_tasks: "common-tasks/rsyslog-client.yml"
vars:
rsyslog_client_log_rotate_file: ceph_log_rotate
rsyslog_client_log_dir: "/var/log/ceph"
rsyslog_client_config_name: "99-ceph-rsyslog-client.conf"
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- ceph

View File

@ -66,13 +66,6 @@
tags:
- "system-crontab-coordination"
post_tasks:
- include_tasks: "common-tasks/rsyslog-client.yml"
vars:
rsyslog_client_log_rotate_file: ceph_log_rotate
rsyslog_client_log_dir: "/var/log/ceph"
rsyslog_client_config_name: "99-ceph-rsyslog-client.conf"
vars:
is_metal: "{{ properties.is_metal|default(false) }}"
radosgw_civetweb_port: "{{ radosgw_service_port }}"

View File

@ -1,22 +0,0 @@
---
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Run the rsyslog client role
include_role:
name: rsyslog_client
when:
- rsyslog_client_enabled | bool
tags:
- rsyslog

View File

@ -55,10 +55,3 @@
state: "link"
roles:
- role: "lxc_hosts"
post_tasks:
- include_tasks: "common-tasks/rsyslog-client.yml"
vars:
rsyslog_client_log_rotate_file: lxc_log_rotate
rsyslog_client_log_dir: "/var/log/lxc"
rsyslog_client_config_name: "99-lxc-rsyslog-client.conf"

View File

@ -315,7 +315,7 @@
- healthcheck-rabbitmq-install
- name: Ensure all the usual openstack containers can connect to rabbit
hosts: all_containers:!etcd_all:!galera_all:!memcached:!haproxy:!rabbitmq_all:!rsyslog:!unbound:!repo_all
hosts: all_containers:!etcd_all:!galera_all:!memcached:!haproxy:!rabbitmq_all:!unbound:!repo_all
gather_facts: no
vars:
venv_path: /tmp/rabbitmqtest

View File

@ -43,13 +43,6 @@
tags:
- crontab
post_tasks:
- include_tasks: "common-tasks/rsyslog-client.yml"
vars:
rsyslog_client_log_rotate_file: utility_log_rotate
rsyslog_client_log_dir: "{{ tempest_log_dir }}"
rsyslog_client_config_name: "99-tempest-rsyslog-client.conf"
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- tempest

View File

@ -51,10 +51,3 @@
- qdrouterd
roles:
- role: "qdrouterd"
post_tasks:
- include_tasks: "common-tasks/rsyslog-client.yml"
vars:
rsyslog_client_log_rotate_file: qdrouterd_log_rotate
rsyslog_client_log_dir: "/var/log/qdrouterd"
rsyslog_client_config_name: "99-qdrouterd-rsyslog-client.conf"

View File

@ -63,20 +63,6 @@
roles:
- role: "repo_server"
post_tasks:
- include_tasks: "common-tasks/rsyslog-client.yml"
vars:
rsyslog_client_log_rotate_file: "{{ rsyslog_var.log_rotate_file }}"
rsyslog_client_log_dir: "{{ rsyslog_var.log_dir }}"
rsyslog_client_log_files: "{{ rsyslog_var.log_files | default([]) }}"
rsyslog_client_config_name: "{{ rsyslog_var.config_name }}"
with_items:
- log_rotate_file: repo_nginx_log_rotate
log_dir: "/var/log/nginx"
config_name: "99-repo-nginx-rsyslog-client.conf"
loop_control:
loop_var: rsyslog_var
vars_files:
- defaults/repo_packages/openstack_services.yml
- "defaults/{{ install_method }}_install.yml"

View File

@ -1,54 +0,0 @@
---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Gather rsyslog facts
hosts: rsyslog
gather_facts: "{{ osa_gather_facts | default(True) }}"
tags:
- always
- name: Install rsyslog
hosts: rsyslog
gather_facts: false
user: root
pre_tasks:
# The systemd-journal-remote capability has taken over this functionality.
- name: End playbook if disabled
meta: end_play
when:
- not rsyslog_server_enabled | bool
- include_tasks: "common-tasks/os-{{ container_tech | default('lxc') }}-container-setup.yml"
vars:
list_of_bind_mounts:
- bind_dir_path: "{{ rsyslog_server_storage_directory }}"
mount_path: "/openstack/{{ inventory_hostname }}/log-storage"
extra_container_config_no_restart:
- "lxc.start.order=19"
when: not is_metal
- include_tasks: common-tasks/unbound-clients.yml
when:
- hostvars['localhost']['resolvconf_enabled'] | bool
roles:
- role: "rsyslog_server"
tags:
- rsyslog
- role: "openstack.osa.system_crontab_coordination"
tags:
- crontab
environment: "{{ deployment_environment_variables | default({}) }}"
tags:
- rsyslog

View File

@ -24,7 +24,6 @@
- import_playbook: etcd-install.yml
- import_playbook: ceph-install.yml
- import_playbook: ceph-nfs-install.yml
- import_playbook: rsyslog-install.yml
# The journald-remote should be disabled by default until
# https://github.com/systemd/systemd/issues/2376 has been

View File

@ -0,0 +1,13 @@
---
deprecations:
- |
Roles ``rsyslog_client`` and ``rsyslog_server`` are deprecated and removed
from OpenStack-Ansible. Since Train service were configured to save logs
in journald instead of regular log files. Journald from containers passed
to hosts, so you can read and manipulate logs from metal hosts. Journald
can be transformed and collected by many tools, including rsyslog.
At the same time rsyslog is not ideal as it stores data in plain text,
which is hard to index and search later, while journald has is
structured so logs can be consumed way more efficiently with other tools.
You can also check out our ELK role from `OPS repository <https://opendev.org/openstack/openstack-ansible-ops/src/branch/master/elk_metrics_7x>`_
as alternative.

View File

@ -65,7 +65,6 @@ COMMON_ETC_LOG_NAMES="apt \
rabbitmq \
repo \
resolv.conf \
rsyslog \
sasl2 \
ssh \
sysconfig/network-scripts \

View File

@ -437,9 +437,6 @@ class TestAnsibleInventoryFormatConstraints(unittest.TestCase):
'repo-infra_hosts',
'repo_all',
'repo_container',
'rsyslog',
'rsyslog_all',
'rsyslog_container',
'sahara-infra_all',
'sahara-infra_containers',
'sahara-infra_hosts',

View File

@ -96,8 +96,6 @@
- name: openstack/ansible-role-qdrouterd
- name: openstack/openstack-ansible-rabbitmq_server
- name: openstack/openstack-ansible-repo_server
- name: openstack/openstack-ansible-rsyslog_client
- name: openstack/openstack-ansible-rsyslog_server
- name: openstack/ansible-role-systemd_service
- name: openstack/ansible-role-systemd_mount
- name: openstack/ansible-role-systemd_networkd
@ -183,8 +181,6 @@
- name: openstack/ansible-role-qdrouterd
- name: openstack/openstack-ansible-rabbitmq_server
- name: openstack/openstack-ansible-repo_server
- name: openstack/openstack-ansible-rsyslog_client
- name: openstack/openstack-ansible-rsyslog_server
- name: openstack/ansible-role-systemd_service
- name: openstack/ansible-role-systemd_mount
- name: openstack/ansible-role-systemd_networkd