Description of problem:
In OpenStack, in order to make a containerized haproxy log into a file, one must use rsyslog on the host and write a dedicated config file to log into /var/log/containers/haproxy/
For our OpenStack deployment, the location for all logs is in /var/log/containers/, and the parent directory /var/log/containers is mounted with ":rw,z" flag by the crontab container, meaning all the content will see its context switched to container_file_t.
This context currently prevents rsyslog writing haproxy logs in the standard
A fix is available upstream  to allow writing to such location.
Steps to Reproduce:
1. Enable SELinux and deploy OSP13 with https://review.openstack.org/620601
logs can't be written to the expected location
logs should be written to expected location
The PR mentionned above has been merged upstream
Is it possible to merge the fix into RHOSP13z5?
I am currently looking into this. I am not sure if this will be in z5, I will update when I find out.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.