1784043 – Set SyslogIdentifier for container healthchecks

Bug 1784043 - Set SyslogIdentifier for container healthchecks

Summary: Set SyslogIdentifier for container healthchecks

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	python-paunch
Sub Component:
Version:	15.0 (Stein)
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	z2
Target Release:	15.0 (Stein)
Assignee:	Cédric Jeanneret
QA Contact:	nlevinki
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1784065
TreeView+	depends on / blocked

Reported:	2019-12-16 15:00 UTC by Cédric Jeanneret
Modified:	2020-03-05 12:01 UTC (History)
CC List:	2 users (show)
Fixed In Version:	python-paunch-4.5.3-0.20200108190459.3c38fe6.el8ost
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-03-05 12:01:18 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Launchpad	1856573	None	None	None	2019-12-16 15:00:03 UTC
OpenStack gerrit	699216	None	MERGED	Add SyslogIdenfier to healthcheck systemd unit	2020-03-02 13:01:01 UTC
OpenStack gerrit	701523	None	MERGED	Add SyslogIdenfier to healthcheck systemd unit	2020-03-02 13:01:01 UTC
Red Hat Product Errata	RHBA-2020:0643	None	None	None	2020-03-05 12:01:43 UTC

Description Cédric Jeanneret 2019-12-16 15:00:04 UTC

Hello,

In order to have an easy way to collect the logs for the container healthchecks (managed via systemd timers), it would be really nice to set the "SyslogIdentified" in the healthcheck units - maybe something like "container-healthcheck".

This would allow to filter those logs at (r)syslog level and push them in a dedicated file, allowing for better monitoring via collectd/sensu without the need to call journald from within a container (this creates "some" SELinux issues due to the need of dbus and some other things).

This change is mandatory in order to be able to correct some SELinux policy that was added some time ago[1]




[1] https://bugzilla.redhat.com/show_bug.cgi?id=1738134

Comment 1 Cédric Jeanneret 2020-01-08 10:07:37 UTC

Upstream for Stein (osp-15) in the pipe.

Comment 2 Cédric Jeanneret 2020-01-15 13:13:53 UTC

In order to verify this BZ, one can deploy an undercloud|standalone on osp-15 with the related paunch version, and ensure the container service unit files have the new "SyslogIdentifier" instruction.

Comment 8 errata-xmlrpc 2020-03-05 12:01:18 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0643

Note You need to log in before you can comment on or make changes to this bug.