Permalink
Browse files

COOK-836 - search for a specified role (via attribute)

* no longer uses the rsyslog['server'] attribute to search
* default server role to search for is `loghost`, see README
* change attributes from Ruby symbols to strings
* add a port attribute to specify a port other than 514 (still default)
* extensive README.md updates describing behavior
  • Loading branch information...
1 parent 43ee202 commit f9e2247a0ea2c0c89ce646d32160fef6708994e4 @jtimberman jtimberman committed Nov 20, 2011
View
@@ -1,9 +1,20 @@
-DESCRIPTION
+Description
===========
Installs rsyslog to replace sysklogd for client and/or server use. By default, server will be set up to log to files.
-REQUIREMENTS
+Changes
+=======
+
+## v1.0.0:
+
+* [COOK-836] - use an attribute to specify the role to search for
+ instead of relying on the rsyslog['server'] attribute.
+* Clean up attribute usage to use strings instead of symbols.
+* Update this README.
+* Better handling for chef-solo.
+
+Requirements
============
Platform
@@ -20,37 +31,133 @@ Ubuntu 8.10 and 9.04 are no longer supported releases and have not been tested w
Cookbooks
---------
-* cron (http://cookbooks.opscode.com/cookbooks/cron)
+* cron (http://community.opscode.com/cookbooks/cron)
+
+Other
+-----
-ATTRIBUTES
+To use the `recipe[rsyslog::client]` recipe, you'll need to set up a
+role to search for. See the __Recipes__, and __Examples__ sections below.
+
+Attributes
==========
-* `rsyslog[:log_dir]` - specify the directory to store logs (applicable to server only), default /srv/rsyslog
-* `rsyslog[:server]` - specify the remote rsyslog server. default false (no remote server)
-* `rsyslog[:protocol]` - specify whether to use udp or tcp for remote log transmission. tcp is default.
+See `attributes/default.rb` for default values.
+
+* `node['rsyslog']['log_dir']` - If the node is an rsyslog server,
+ this specifies the directory where the logs should be stored.
+* `node['rsyslog']['server']` - Used to indicate whether the node
+ running Chef is an rsyslog server. As of cookbook v1.0.0, this is
+ determined automatically through search. The server recipe will set
+ this to true. It is otherwise unused in the current version.
+* `node['rsyslog']['protocol']` - Specify whether to use `udp` or
+ `tcp` for remote loghost.
+* `node['rsyslog']['port']` - Specify the port which rsyslog should
+ connect to a remote loghost.
+* `node['rsyslog']['server_role']` - Role applied to a remote
+ loghost. Used by `recipe[rsyslog::client]` to search for the
+ loghost.
+
+Recipes
+=======
+
+default
+-------
+
+Installs the rsyslog package, manages the rsyslog service and sets up
+basic configuration for a standalone machine.
+
+client
+------
+
+Includes `recipe[rsyslog]`.
+
+Uses Chef search to find a remote loghost node with the role specified
+by `node['rsyslog']['server_role']` and uses its `ipaddress` attribute
+to send log messages. If the node itself has the `server_role` in the
+expanded roles, then the configuration is skipped. If the node had an
+`/etc/rsyslog.d/server.conf` file previously configured, this file
+gets removed to prevent duplicate logging. Any previous logs are not
+cleaned up from the `log_dir`.
+
+server
+------
+
+Configures the node to be an rsyslog loghost. The node should have the
+role specified by `node['rsyslog']['server_role']` applied so client
+nodes can find it with search. This recipe will create the logs in
+`node['rsyslog']['log_dir']`, and the configuration is in
+`/etc/rsyslog.d/server.conf`. This recipe also removes any previous
+configuration to a remote server by removing the
+`/etc/rsyslog.d/remote.conf` file. Finally, a cron job is set up to
+compress logs in the `log_dir` that are older than one day.
+
+The server configuration will set up `log_dir` for each client, by
+date. Directory structure:
+
+ <%= @log_dir %>/YEAR/MONTH/DAY/HOSTNAME/"logfile"
+
+For example:
-USAGE
+ /srv/rsyslog/2011/11/19/www/messages
+
+At this time, the server can only listen on UDP *or* TCP.
+
+Usage
=====
-To replace the sysklogd syslog service with rsyslog:
+Use `recipe[rsyslog]` to install and start rsyslog as a basic
+configured service for standalone systems.
- include_recipe "rsyslog"
+Use `recipe[rsyslog::client]` to have nodes search for the loghost
+automatically to configure remote [r]syslog.
-To set up a client with a remote [r]syslog server:
+Use `recipe[rsyslog::server]` to set up a loghost. It will listen on
+`node['rsyslog']['port']` protocol `node['rsyslog']['protocol']`.
- include_recipe "rsyslog::client"
+If you set up a different kind of centralized loghost (syslog-ng,
+graylog2, logstash, etc), you can still send log messages to it as
+long as the port and protocol match up with the server
+software. See __Examples__
-By default, this cookbook will use TCP so the server should be configured for TCP. This can be done easily with the server recipe:
+Examples
+--------
- include_recipe "rsyslog::server"
+A `base` role (e.g., roles/base.rb), applied to all nodes so they are syslog clients:
-To switch to UDP, change the rsyslog[:protocol] attribute. Note this needs to be done on each client as well.
+ name "base"
+ description "Base role applied to all nodes
+ run_list("recipe[rsyslog::client]")
-Also, the server configuration will set up `log_dir` for each client, by date. Structure:
+Then, a role for the loghost (should only be one):
- <%= @log_dir %>/YEAR/MONTH/DAY/HOSTNAME/"logfile"
+ name "loghost"
+ description "Central syslog server"
+ run_list("recipe[rsyslog::server]")
+
+By default this will set up the clients search for a node with the
+`loghost` role to talk to the server on TCP port 514. Change the
+`protocol` and `port` rsyslog attributes to modify this.
+
+If you're using another log server software on your loghost, such as
+graylog2, you can use the role for that loghost for the search
+instead. For example, if the role of your graylog2 server is
+`graylog2_server`, then modify the base role for the server role:
+
+ name "base"
+ description "Base role applied to all nodes
+ run_list("recipe[rsyslog::client]")
+ default_attributes(
+ "rsyslog" => {
+ "server_role" => "graylog2_server"
+ }
+ )
+
+Then make sure you have a role named `graylog2_server` applied to some
+node, and `recipe[rsyslog::client]` will configure the local system to
+send logs to graylog2.
-LICENSE AND AUTHOR
+License and Author
==================
Author:: Joshua Timberman (<joshua@opscode.com>)
@@ -17,6 +17,8 @@
# limitations under the License.
#
-default[:rsyslog][:log_dir] = "/srv/rsyslog"
-default[:rsyslog][:server] = false
-default[:rsyslog][:protocol] = "tcp"
+default["rsyslog"]["log_dir"] = "/srv/rsyslog"
+default["rsyslog"]["server"] = false
+default["rsyslog"]["protocol"] = "tcp"
+default["rsyslog"]["port"] = "514"
+default["rsyslog"]["server_role"] = "loghost"
View
@@ -3,7 +3,7 @@
license "Apache 2.0"
description "Installs and configures rsyslog"
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version "0.99.2"
+version "1.0.0"
recipe "rsyslog", "Installs rsyslog"
recipe "rsyslog::client", "Sets up a client to log to a remote rsyslog server"
@@ -34,3 +34,7 @@
:description => "Set which network protocol to use for rsyslog",
:default => "tcp"
+attribute "rsyslog/port",
+ :display_name => "Rsyslog Port",
+ :description => "Port that Rsyslog listens for incoming connections",
+ :default => "514"
View
@@ -2,7 +2,7 @@
# Cookbook Name:: rsyslog
# Recipe:: client
#
-# Copyright 2009, Opscode, Inc.
+# Copyright 2009-2011, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -19,25 +19,28 @@
include_recipe "rsyslog"
-rsyslog_server = search(:node, "rsyslog_server:true")
+if Chef::Config[:solo]
+ Chef::Log.info("The rsyslog::client recipe uses search. Chef Solo does not support search.")
+elsif !node.run_list.roles.include?(node['rsyslog']['server_role'])
+ Chef::Log.debug("Searching for an rsyslog server with the role #{node['rsyslog']['server_role']}")
+ rsyslog_server = search(:node, "roles:#{node['rsyslog']['server_role']}")
-unless node[:rsyslog][:server]
template "/etc/rsyslog.d/remote.conf" do
source "remote.conf.erb"
backup false
variables(
- :server => rsyslog_server.first['fqdn'],
- :protocol => node[:rsyslog][:protocol]
+ :server => rsyslog_server.first['ipaddress'] || node['rsyslog']['server'],
+ :protocol => node['rsyslog']['protocol']
)
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "rsyslog"), :delayed
+ notifies :restart, "service[rsyslog]"
end
file "/etc/rsyslog.d/server.conf" do
action :delete
- notifies :reload, resources(:service => "rsyslog"), :delayed
+ notifies :reload, "service[rsyslog]"
only_if do ::File.exists?("/etc/rsyslog.d/server.conf") end
end
end
@@ -2,7 +2,7 @@
# Cookbook Name:: rsyslog
# Recipe:: default
#
-# Copyright 2009, Opscode, Inc.
+# Copyright 2009-2011, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -17,7 +17,7 @@
# limitations under the License.
#
-if platform?("ubuntu") && node[:platform_version].to_f == 8.04
+if platform?("ubuntu") && node['platform_version'].to_f == 8.04
apt_repository "hardy-rsyslog-ppa" do
uri "http://ppa.launchpad.net/a.bono/rsyslog/ubuntu"
distribution "hardy"
@@ -34,6 +34,7 @@
end
service "rsyslog" do
+ service_name "rsyslogd" if platform?("arch")
supports :restart => true, :reload => true
action [:enable, :start]
end
@@ -56,7 +57,7 @@
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "rsyslog"), :delayed
+ notifies :restart, "service[rsyslog]"
end
if platform?("ubuntu")
View
@@ -20,40 +20,38 @@
include_recipe "cron"
include_recipe "rsyslog"
-node.set[:rsyslog][:server] = true
+node.set['rsyslog']['server'] = true
+node.save unless Chef::Config[:solo]
-unless Chef::Config[:solo]
- node.save
-end
-
-directory node[:rsyslog][:log_dir] do
+directory node['rsyslog']['log_dir'] do
owner "root"
group "root"
+ recursive true
mode 0755
end
template "/etc/rsyslog.d/server.conf" do
source "server.conf.erb"
backup false
variables(
- :log_dir => node[:rsyslog][:log_dir],
- :protocol => node[:rsyslog][:protocol]
+ :log_dir => node['rsyslog']['log_dir'],
+ :protocol => node['rsyslog']['protocol']
)
owner "root"
group "root"
mode 0644
- notifies :restart, resources(:service => "rsyslog"), :delayed
+ notifies :restart, "service[rsyslog]"
end
file "/etc/rsyslog.d/remote.conf" do
action :delete
backup false
- notifies :reload, resources(:service => "rsyslog"), :delayed
+ notifies :reload, "service[rsyslog]"
only_if do ::File.exists?("/etc/rsyslog.d/remote.conf") end
end
cron "rsyslog_gz" do
- command "find #{node[:rsyslog][:log_dir]}/$(date +\\%Y) -type f -mtime +1 -exec gzip -q {} \\;"
+ command "find #{node['rsyslog']['log_dir']}/$(date +\\%Y) -type f -mtime +1 -exec gzip -q {} \\;"
minute "0"
hour "4"
end
@@ -1,6 +1,6 @@
<% case @protocol -%>
<% when "tcp" -%>
-*.* @@<%= @server %>
+*.* @@<%= @server %>:<%= node['rsyslog']['port'] %>
<% when "udp" -%>
-*.* @<%= @server %>
+*.* @<%= @server %>:<%= node['rsyslog']['port'] %>
<% end -%>
@@ -14,11 +14,11 @@ $ModLoad imklog # provides kernel logging support (previously done by rklogd)
# provides UDP syslog reception
#$ModLoad imudp
-#$UDPServerRun 514
+#$UDPServerRun <%= node['rsyslog']['port'] %>
# provides TCP syslog reception
#$ModLoad imtcp
-#$InputTCPServerRun 514
+#$InputTCPServerRun <%= node['rsyslog']['port'] %>
###########################
@@ -3,10 +3,10 @@
<% case @protocol -%>
<% when "tcp" -%>
$ModLoad imtcp
-$InputTCPServerRun 514
+$InputTCPServerRun <%= node['rsyslog']['port'] %>
<% when "udp" -%>
$ModLoad imudp
-$UDPServerRun 514
+$UDPServerRun <%= node['rsyslog']['port'] %>
<% end -%>
$DirGroup root

0 comments on commit f9e2247

Please sign in to comment.