Commit 32069b8a authored by Joshua Timberman's avatar Joshua Timberman
Browse files

Merge pull request #1 from dennybaa/master

forgot to specifiy my COOK its COOK-1167
parents 3fb9f9f8 f0878c81
......@@ -3,6 +3,25 @@ Description
Installs rsyslog to replace sysklogd for client and/or server use. By default, server will be set up to log to files.
Changes
=======
## v1.0.1:
* More versitile server resolving mechanism. Now server's ip can be set
explicitly or the search operation can be used instead.
* Removed cron dependency.
* Removed log archivation.
* Works with ChefSolo now.
* Set debian/ubuntu default user and group. Drop privileges to `syslog.adm`.
## v1.0.0:
* [COOK-836] - use an attribute to specify the role to search for
instead of relying on the rsyslog['server'] attribute.
* Clean up attribute usage to use strings instead of symbols.
* Update this README.
* Better handling for chef-solo.
Requirements
============
......@@ -17,16 +36,12 @@ For Ubuntu 8.04, the rsyslog package will be installed from a PPA via the defaul
Ubuntu 8.10 and 9.04 are no longer supported releases and have not been tested with this cookbook.
Cookbooks
---------
* cron (http://community.opscode.com/cookbooks/cron)
Other
-----
To use the `recipe[rsyslog::client]` recipe, you'll need to set up a
role to search for. See the __Recipes__, and __Examples__ sections below.
To use the `recipe[rsyslog::client]` recipe, you'll need to set up the
`rsyslog.server_search` or `rsyslog.server_ip` attributes.
See the __Recipes__, and __Examples__ sections below.
Attributes
==========
......@@ -35,17 +50,19 @@ See `attributes/default.rb` for default values.
* `node['rsyslog']['log_dir']` - If the node is an rsyslog server,
this specifies the directory where the logs should be stored.
* `node['rsyslog']['server']` - Used to indicate whether the node
running Chef is an rsyslog server. As of cookbook v1.0.0, this is
determined automatically through search. The server recipe will set
this to true. It is otherwise unused in the current version.
* `node['rsyslog']['server']` - Determined automaticaly and set to true on
the server.
* `node['rsyslog']['server_ip']` - If not defined then search will be used
to determine rsyslog server. Default is `nil`.
* `node['rsyslog']['server_search']` - Specify the criteria for the server
search operation. Default is `role:loghost`.
* `node['rsyslog']['protocol']` - Specify whether to use `udp` or
`tcp` for remote loghost.
`tcp` for remote loghost. Default is `tcp`.
* `node['rsyslog']['port']` - Specify the port which rsyslog should
connect to a remote loghost.
* `node['rsyslog']['server_role']` - Role applied to a remote
loghost. Used by `recipe[rsyslog::client]` to search for the
loghost.
* `node['rsyslog']['remote_logs']` - Specify wether to send all logs
to a remote server (client option). Default is `true`;
Recipes
=======
......@@ -61,34 +78,35 @@ client
Includes `recipe[rsyslog]`.
Uses Chef search to find a remote loghost node with the role specified
by `node['rsyslog']['server_role']` and uses its `ipaddress` attribute
to send log messages. If the node itself has the `server_role` in the
expanded roles, then the configuration is skipped. If the node had an
`/etc/rsyslog.d/server.conf` file previously configured, this file
gets removed to prevent duplicate logging. Any previous logs are not
Uses Chef search to find a remote loghost node with the search criteria specified
by `node['rsyslog']['server_search']` and uses its `ipaddress` attribute
to send log messages. In case the `rsyslog.server_ip` is explicitly defined then
it's used instead the search operation. If the node itself is a rsyslog server ie
it has `rsyslog.server` attribute set to true then the configuration is skipped.
If the node had an `/etc/rsyslog.d/35-server-per-host.conf` file previously configured,
this file gets removed to prevent duplicate logging. Any previous logs are not
cleaned up from the `log_dir`.
server
------
Configures the node to be an rsyslog loghost. The node should have the
role specified by `node['rsyslog']['server_role']` applied so client
nodes can find it with search. This recipe will create the logs in
Configures the node to be a rsyslog server. The node should be able to be
resolved by the specified search criteria `node['rsyslog']['server_search]`
so that client nodes can find it with search. This recipe will create the logs in
`node['rsyslog']['log_dir']`, and the configuration is in
`/etc/rsyslog.d/server.conf`. This recipe also removes any previous
configuration to a remote server by removing the
`/etc/rsyslog.d/remote.conf` file. Finally, a cron job is set up to
compress logs in the `log_dir` that are older than one day.
The server configuration will set up `log_dir` for each client, by
date. Directory structure:
The server configuration will set up `log_dir` for each client.
Directory structure:
<%= @log_dir %>/YEAR/MONTH/DAY/HOSTNAME/"logfile"
<%= @log_dir %>/HOSTNAME/"logfile"
For example:
/srv/rsyslog/2011/11/19/www/messages
/srv/rsyslog/www/messages
At this time, the server can only listen on UDP *or* TCP.
......@@ -101,7 +119,7 @@ configured service for standalone systems.
Use `recipe[rsyslog::client]` to have nodes search for the loghost
automatically to configure remote [r]syslog.
Use `recipe[rsyslog::server]` to set up a loghost. It will listen on
Use `recipe[rsyslog::server]` to set up a rsyslog server. It will listen on
`node['rsyslog']['port']` protocol `node['rsyslog']['protocol']`.
If you set up a different kind of centralized loghost (syslog-ng,
......@@ -128,28 +146,16 @@ By default this will set up the clients search for a node with the
`loghost` role to talk to the server on TCP port 514. Change the
`protocol` and `port` rsyslog attributes to modify this.
If you're using another log server software on your loghost, such as
graylog2, you can use the role for that loghost for the search
instead. For example, if the role of your graylog2 server is
`graylog2_server`, then modify the base role for the server role:
name "base"
description "Base role applied to all nodes
run_list("recipe[rsyslog::client]")
default_attributes(
"rsyslog" => {
"server_role" => "graylog2_server"
}
)
If you want to specify another syslog compatible server with a role other
than loghost, simply fill free to use the `server_ip` attribute or
the `server_search` attribute.
Then make sure you have a role named `graylog2_server` applied to some
node, and `recipe[rsyslog::client]` will configure the local system to
send logs to graylog2.
License and Author
==================
Author:: Joshua Timberman (<joshua@opscode.com>)
Author:: Denis Barishev (<denz@twiket.com>)
Copyright:: 2009-2011, Opscode, Inc
......
......@@ -17,8 +17,10 @@
# limitations under the License.
#
default["rsyslog"]["log_dir"] = "/srv/rsyslog"
default["rsyslog"]["server"] = false
default["rsyslog"]["protocol"] = "tcp"
default["rsyslog"]["port"] = "514"
default["rsyslog"]["server_role"] = "loghost"
default["rsyslog"]["log_dir"] = "/srv/rsyslog"
default["rsyslog"]["server"] = false
default["rsyslog"]["protocol"] = "tcp"
default["rsyslog"]["port"] = "514"
default["rsyslog"]["server_ip"] = nil
default["rsyslog"]["server_search"] = "role:loghost"
default["rsyslog"]["remote_logs"] = true
......@@ -3,7 +3,7 @@ maintainer_email "cookbooks@opscode.com"
license "Apache 2.0"
description "Installs and configures rsyslog"
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version "1.0.0"
version "1.0.1"
recipe "rsyslog", "Installs rsyslog"
recipe "rsyslog::client", "Sets up a client to log to a remote rsyslog server"
......@@ -12,8 +12,6 @@ recipe "rsyslog::server", "Sets up an rsyslog server"
supports "ubuntu", ">= 8.04"
supports "debian", ">= 5.0"
depends "cron"
attribute "rsyslog",
:display_name => "Rsyslog",
:description => "Hash of Rsyslog attributes",
......@@ -29,6 +27,15 @@ attribute "rsyslog/server",
:description => "Is this node an rsyslog server?",
:default => "false"
attribute "rsyslog/server_ip",
:display_name => "Rsyslog Server IP Address",
:description => "Set rsyslog server ip address explicitly"
attribute "rsyslog/server_search",
:display_name => "Rsyslog Server Search Criteria",
:description => "Set the search criteria for rsyslog server resolving",
:default => "role:loghost"
attribute "rsyslog/protocol",
:display_name => "Rsyslog Protocol",
:description => "Set which network protocol to use for rsyslog",
......@@ -38,3 +45,8 @@ attribute "rsyslog/port",
:display_name => "Rsyslog Port",
:description => "Port that Rsyslog listens for incoming connections",
:default => "514"
attribute "rsyslog/remote_logs",
:display_name => "Remote Logs",
:description => "Specifies whether redirect all log from client to server",
:default => "true"
......@@ -19,22 +19,23 @@
include_recipe "rsyslog"
if Chef::Config[:solo]
if !node['rsyslog']['server'] and node['rsyslog']['server_ip'].nil? and Chef::Config[:solo]
Chef::Log.info("The rsyslog::client recipe uses search. Chef Solo does not support search.")
elsif !node.run_list.roles.include?(node['rsyslog']['server_role'])
Chef::Log.debug("Searching for an rsyslog server with the role #{node['rsyslog']['server_role']}")
rsyslog_server = search(:node, "roles:#{node['rsyslog']['server_role']}")
elsif !node['rsyslog']['server']
rsyslog_server = node['rsyslog']['server_ip'] ||
search(:node, node['rsyslog']['server_search']).first['ipaddress'] rescue nil
template "/etc/rsyslog.d/remote.conf" do
source "remote.conf.erb"
template "/etc/rsyslog.d/49-remote.conf" do
source "49-remote.conf.erb"
backup false
variables(
:server => rsyslog_server.first['ipaddress'] || node['rsyslog']['server'],
:server => rsyslog_server,
:protocol => node['rsyslog']['protocol']
)
owner "root"
group "root"
mode 0644
only_if { node['rsyslog']['remote_logs'] && !rsyslog_server.nil? }
notifies :restart, "service[rsyslog]"
end
......
......@@ -33,12 +33,6 @@ package "rsyslog" do
action :install
end
service "rsyslog" do
service_name "rsyslogd" if platform?("arch")
supports :restart => true, :reload => true
action [:enable, :start]
end
cookbook_file "/etc/default/rsyslog" do
source "rsyslog.default"
owner "root"
......@@ -52,11 +46,18 @@ directory "/etc/rsyslog.d" do
mode 0755
end
directory "/var/spool/rsyslog" do
owner "syslog"
group "adm"
mode 0755
end
template "/etc/rsyslog.conf" do
source "rsyslog.conf.erb"
owner "root"
group "root"
mode 0644
variables(:protocol => node['rsyslog']['protocol'])
notifies :restart, "service[rsyslog]"
end
......@@ -69,3 +70,9 @@ if platform?("ubuntu")
mode 0644
end
end
service "rsyslog" do
service_name "rsyslogd" if platform?("arch")
supports :restart => true, :reload => true
action [:enable, :start]
end
......@@ -17,26 +17,28 @@
# limitations under the License.
#
include_recipe "cron"
include_recipe "rsyslog"
node.set['rsyslog']['server'] = true
node.save unless Chef::Config[:solo]
directory node['rsyslog']['log_dir'] do
directory ::File.dirname(node['rsyslog']['log_dir']) do
owner "root"
group "root"
recursive true
mode 0755
end
template "/etc/rsyslog.d/server.conf" do
source "server.conf.erb"
directory node['rsyslog']['log_dir'] do
owner "syslog"
group "adm"
mode 0755
end
template "/etc/rsyslog.d/35-server-per-host.conf" do
source "35-server-per-host.conf.erb"
backup false
variables(
:log_dir => node['rsyslog']['log_dir'],
:protocol => node['rsyslog']['protocol']
)
variables(:log_dir => node['rsyslog']['log_dir'])
owner "root"
group "root"
mode 0644
......@@ -49,9 +51,3 @@ file "/etc/rsyslog.d/remote.conf" do
notifies :reload, "service[rsyslog]"
only_if do ::File.exists?("/etc/rsyslog.d/remote.conf") end
end
cron "rsyslog_gz" do
command "find #{node['rsyslog']['log_dir']}/$(date +\\%Y) -type f -mtime +1 -exec gzip -q {} \\;"
minute "0"
hour "4"
end
# Generated by Chef.
# Local modifications will be overwritten.
<% case @protocol -%>
<% when "tcp" -%>
$ModLoad imtcp
$InputTCPServerRun <%= node['rsyslog']['port'] %>
<% when "udp" -%>
$ModLoad imudp
$UDPServerRun <%= node['rsyslog']['port'] %>
<% end -%>
$DirGroup root
# Generated by Chef
# Local modifications will be overwritten
$DirGroup adm
$DirCreateMode 0755
$FileGroup root
$template PerHostAuth,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/auth.log"
$template PerHostCron,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/cron.log"
$template PerHostSyslog,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/syslog"
$template PerHostDaemon,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/daemon.log"
$template PerHostKern,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/kern.log"
$template PerHostLpr,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/lpr.log"
$template PerHostUser,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/user.log"
$template PerHostMail,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.log"
$template PerHostMailInfo,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.info"
$template PerHostMailWarn,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.warn"
$template PerHostMailErr,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/mail.err"
$template PerHostNewsCrit,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/news.crit"
$template PerHostNewsErr,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/news.err"
$template PerHostNewsNotice,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/news.notice"
$template PerHostDebug,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/debug"
$template PerHostMessages,"<%= @log_dir %>/%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%/messages"
$FileGroup adm
$template PerHostAuth,"<%= @log_dir %>/%HOSTNAME%/auth.log"
$template PerHostCron,"<%= @log_dir %>/%HOSTNAME%/cron.log"
$template PerHostSyslog,"<%= @log_dir %>/%HOSTNAME%/syslog"
$template PerHostDaemon,"<%= @log_dir %>/%HOSTNAME%/daemon.log"
$template PerHostKern,"<%= @log_dir %>/%HOSTNAME%/kern.log"
$template PerHostLpr,"<%= @log_dir %>/%HOSTNAME%/lpr.log"
$template PerHostUser,"<%= @log_dir %>/%HOSTNAME%/user.log"
$template PerHostMail,"<%= @log_dir %>/%HOSTNAME%/mail.log"
$template PerHostMailInfo,"<%= @log_dir %>/%HOSTNAME%/mail.info"
$template PerHostMailWarn,"<%= @log_dir %>/%HOSTNAME%/mail.warn"
$template PerHostMailErr,"<%= @log_dir %>/%HOSTNAME%/mail.err"
$template PerHostNewsCrit,"<%= @log_dir %>/%HOSTNAME%/news.crit"
$template PerHostNewsErr,"<%= @log_dir %>/%HOSTNAME%/news.err"
$template PerHostNewsNotice,"<%= @log_dir %>/%HOSTNAME%/news.notice"
$template PerHostDebug,"<%= @log_dir %>/%HOSTNAME%/debug"
$template PerHostMessages,"<%= @log_dir %>/%HOSTNAME%/messages"
auth,authpriv.* ?PerHostAuth
*.*;auth,authpriv.none -?PerHostSyslog
......@@ -56,3 +48,8 @@ news.notice -?PerHostNewsNotice
cron,daemon.none;\
mail,news.none -?PerHostMessages
#
# Stop processing of all non-local messages. You can process remote messages
# on levels less than 35.
#
:fromhost-ip,!isequal,"127.0.0.1" ~
......@@ -12,14 +12,17 @@ $ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support (previously done by rklogd)
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun <%= node['rsyslog']['port'] %>
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun <%= node['rsyslog']['port'] %>
<% if node['rsyslog']['server'] -%>
# Provide <%= @protocol.upcase %> log reception
<% case @protocol -%>
<% when "tcp" -%>
$ModLoad imtcp
$InputTCPServerRun <%= node['rsyslog']['port'] %>
<% when "udp" -%>
$ModLoad imudp
$UDPServerRun <%= node['rsyslog']['port'] %>
<% end -%>
<% end -%>
###########################
#### GLOBAL DIRECTIVES ####
......@@ -31,12 +34,24 @@ $ModLoad imklog # provides kernel logging support (previously done by rklogd)
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Filter duplicated messages
$RepeatedMsgReduction on
#
# Set temporary directory to buffer syslog queue
#
$WorkDirectory /var/spool/rsyslog
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup adm
#
# Include all config files in /etc/rsyslog.d/
......
......@@ -66,4 +66,3 @@ daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment