2044277 – Replace ovirt-engine-extension-logger-log4j with internal ovirt-engine implementation

Bug 2044277 - Replace ovirt-engine-extension-logger-log4j with internal ovirt-engine implementation

Summary: Replace ovirt-engine-extension-logger-log4j with internal ovirt-engine implem...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine
Sub Component:
Version:	4.4.9
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	ovirt-4.4.10-1
Target Release:	---
Assignee:	Martin Perina
QA Contact:	Guilherme Santos
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2033534 2042344 2045913 2046095
TreeView+	depends on / blocked

Reported:	2022-01-24 11:02 UTC by Martin Perina
Modified:	2022-08-17 18:47 UTC (History)
CC List:	11 users (show)
Fixed In Version:	ovirt-engine-4.4.10.6
Doc Type:	Removed functionality
Doc Text:	With this release, the ovirt-engine-extension-logger-log4j package has been removed. It is replaced by an internal ovirt-engine implementation. When upgrading from earlier Red Hat Virtualization versions to RHV 4.4.10, the ovirt-engine-extension-logger-log4j package is uninstalled if it is present. If you used the ovirt-engine-extension-logger-log4j in earlier Red Hat Virtualization versions, you must manually remove the ovirt-engine-extension-logger-log4j configuration files and configure the new feature for sending log records to a remote syslog service, as outlined in the Administration Guide. After a successful upgrade to RHV 4.4.10, you can uninstall log4j12 without breaking the Red Hat Virtualization setup by running the following command: `$ dnf remove log4j12`.
Clone Of:
Clones:	2045913 (view as bug list)
Environment:
Last Closed:	2022-02-08 16:57:32 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHV-44531	None	None	None	2022-01-24 11:07:55 UTC
Red Hat Product Errata	RHSA-2022:0475	None	None	None	2022-02-08 16:58:37 UTC
oVirt gerrit	118337	master	MERGED	core: Obsolete logger-log4j with internal engine implementation	2022-01-25 22:10:36 UTC
oVirt gerrit	118347	ovirt-engine-4.4	MERGED	core: Obsolete logger-log4j with internal engine implementation	2022-01-26 08:14:55 UTC

Internal Links: 2045913

Description Martin Perina 2022-01-24 11:02:32 UTC

ovirt-engine-extension-logger-log4j provides the ability to pass oVirt Engine logs to remove syslog instance:

https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html/administration_guide/enabling_the_ovirt_engine_extension_logger_log4j

Unfortunately ovirt-engine-extension-logger-log4j depends on log4j 1.y, which containns several CVEs.

We are going to use JBoss Log Manager within ovirt-engine itself to provide similar functionality:

https://docs.wildfly.org/23/wildscribe/subsystem/logging/syslog-handler/index.html
https://magnus-k-karlsson.blogspot.com/2019/03/syslog-handler-in-jboss-eap-6-and-7.html

This means that ovirt-engine-extension-logger-log4j will be obsoleted by ovirt-engine package itself

Comment 4 Guilherme Santos 2022-02-03 12:55:42 UTC

Verified on:
ovirt-engine-4.4.10.6-0.1.el8ev.noarch

ovirt-engine-extension-logger-log4j not present on new installations of RHV and on upgrade from previous versions where it was present.
Also, log4j12 can be remove from the machine without interfering with the engine

Comment 6 errata-xmlrpc 2022-02-08 16:57:32 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: RHV Manager (ovirt-engine) security update [ovirt-4.4.10-1]), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0475

Comment 7 Nikolai Sednev 2022-03-07 09:57:34 UTC

Do we need a doc bug explaining how to reconfigure the syslog configurations to work after the successor of ovirt-engine-extension-logger-log4j will take its part in reporting engine logs to syslog remote server or we're terminating this functionality and syslog server won't be supported anymore?

How customers should handle upgrade flow with deployed engine<= 4.4.9 with this extension and configured to forward the logs to some syslog server, then upgrade the engine to >= 4.4.10, log forwarding might be broken.

Comment 8 Martin Perina 2022-06-09 06:17:09 UTC

Obsoleting ovirtt-engine-extension-logger-log4j should be mentioned in 4.4.10 release notes and also relevant administration guide has been updated:

https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html/administration_guide/chap-log_files#Enabling_SyslogHandler_RHV_Manager_logs

Note You need to log in before you can comment on or make changes to this bug.