diff --git a/Gemfile b/Gemfile index 46e07661..f0f457b3 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,3 @@ source :rubygems -gem 'test-kitchen', '< 1.0' +gem 'test-kitchen' diff --git a/README.md b/README.md index fcafa13d..8710cc0b 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ Description Installs and configures rsyslog to replace sysklogd for client and/or server use. By default, the service will be configured to log to -files on local disk. See the __Recipes__ and __Examples__ sections +files on local disk. See the __Recipes__ and __Examples__ sections for other uses. **Major Changes in 1.2.0**: See CHANGELOG.md @@ -51,10 +51,14 @@ See `attributes/default.rb` for default values. template statements in `35-server-per-host.conf`. Default value is the previous cookbook version's value, to preserve compatibility. See __server__ recipe below. +* `node['rsyslog']['user']` - Specify the user to run and write files as. +* `node['rsyslog']['group']` - Specify the group to run and write files as. * `node['rsyslog']['priv_seperation']` - Whether to use privilege seperation or not. * `node['rsyslog']['max_message_size']` - Specify the maximum allowed message size. Default is 2k. +* `node['rsyslog']['preserve_fqdn']` - Specify if the full host name + will be used. Default is off. * `node['rsyslog']['user']` - Who should own the configuration files and directories * `node['rsyslog']['group']` - Who should group-own the configuration files and directories diff --git a/attributes/default.rb b/attributes/default.rb index d653e4df..3d3ac800 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -1,6 +1,6 @@ # # Cookbook Name:: rsyslog -# Attributes:: default +# Attributes:: rsyslog # # Copyright 2009, Opscode, Inc. # @@ -20,7 +20,7 @@ default["rsyslog"]["log_dir"] = "/srv/rsyslog" default["rsyslog"]["server"] = false default["rsyslog"]["protocol"] = "tcp" -default["rsyslog"]["port"] = 514 +default["rsyslog"]["port"] = "514" default["rsyslog"]["server_ip"] = nil default["rsyslog"]["server_search"] = "role:loghost" default["rsyslog"]["remote_logs"] = true @@ -33,6 +33,9 @@ default["rsyslog"]["user"] = "root" default["rsyslog"]["group"] = "adm" default["rsyslog"]["priv_seperation"] = false +default["rsyslog"]["defaults_file"] = "/etc/default/rsyslog" +default['rsyslog']['default_file_template'] = "RSYSLOG_TraditionalFileFormat" +default['rsyslog']['default_forward_template'] = "RSYSLOG_TraditionalForwardFormat" case node["platform"] when "ubuntu" @@ -42,6 +45,8 @@ default["rsyslog"]["group"] = "adm" default["rsyslog"]["priv_seperation"] = true end +when "redhat" + default["rsyslog"]["defaults_file"] = "/etc/sysconfig/rsyslog" when "arch" default["rsyslog"]["service_name"] = "rsyslogd" end diff --git a/files/default/rsyslog.default b/files/default/rsyslog.default new file mode 100644 index 00000000..87449b3e --- /dev/null +++ b/files/default/rsyslog.default @@ -0,0 +1,9 @@ +# Generated by Chef +# +# Use v3 native mode, rather than compatibility mode by specifying -c3 +# here. Compatibility mode for older versions is not recommended as +# custom configuration may get messy. +# +# See rsyslogd(8) for more details + +RSYSLOGD_OPTIONS="-c3" diff --git a/files/redhat-6/rsyslog.default b/files/redhat-6/rsyslog.default new file mode 100644 index 00000000..ad9723f8 --- /dev/null +++ b/files/redhat-6/rsyslog.default @@ -0,0 +1,5 @@ +# Options for rsyslogd +# Syslogd options are deprecated since rsyslog v3. +# If you want to use them, switch to compatibility mode 2 by "-c 2" +# See rsyslogd(8) for more details +SYSLOGD_OPTIONS="-c 5" diff --git a/files/ubuntu-10.04/rsyslog.default b/files/ubuntu-10.04/rsyslog.default new file mode 100644 index 00000000..2e4599f0 --- /dev/null +++ b/files/ubuntu-10.04/rsyslog.default @@ -0,0 +1,9 @@ +# Generated by Chef +# +# Options for rsyslogd +# -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3) +# -r enables logging from remote machines (deprecated, only used in compat mode < 3) +# -x disables DNS lookups on messages received with -r +# -c compatibility mode +# See rsyslogd(8) for more details +RSYSLOGD_OPTIONS="-c4" diff --git a/files/ubuntu-9.10/rsyslog.default b/files/ubuntu-9.10/rsyslog.default new file mode 100644 index 00000000..2e4599f0 --- /dev/null +++ b/files/ubuntu-9.10/rsyslog.default @@ -0,0 +1,9 @@ +# Generated by Chef +# +# Options for rsyslogd +# -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3) +# -r enables logging from remote machines (deprecated, only used in compat mode < 3) +# -x disables DNS lookups on messages received with -r +# -c compatibility mode +# See rsyslogd(8) for more details +RSYSLOGD_OPTIONS="-c4" diff --git a/metadata.rb b/metadata.rb index 578f8bc8..b0ec1639 100644 --- a/metadata.rb +++ b/metadata.rb @@ -10,7 +10,7 @@ recipe "rsyslog::client", "Sets up a client to log to a remote rsyslog server" recipe "rsyslog::server", "Sets up an rsyslog server" -supports "ubuntu" +supports "ubuntu", ">= 10.04" supports "debian", ">= 5.0" supports "redhat", ">= 6.0" @@ -68,6 +68,11 @@ :description => "The name of the service for the platform", :default => "rsyslog" +attribute "rsyslog/defaults_file", + :display_name => "Defaults file", + :description => "The full path to the service's defaults/sysconfig file", + :default => "/etc/default/rsyslog" + attribute "rsyslog/max_message_size", :display_name => "Maximum Rsyslog message size", :description => "Specifies the maximum size of allowable Rsyslog messages", diff --git a/recipes/client.rb b/recipes/client.rb index 068e6231..0d66b219 100644 --- a/recipes/client.rb +++ b/recipes/client.rb @@ -2,7 +2,7 @@ # Cookbook Name:: rsyslog # Recipe:: client # -# Copyright 2009-2013, Opscode, Inc. +# Copyright 2009-2011, Opscode, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,11 +22,39 @@ if !node['rsyslog']['server'] and node['rsyslog']['server_ip'].nil? and Chef::Config[:solo] Chef::Log.fatal("Chef Solo does not support search, therefore it is a requirement of the rsyslog::client recipe that the attribute 'server_ip' is set when using Chef Solo. 'server_ip' is not set.") elsif !node['rsyslog']['server'] - rsyslog_server = node['rsyslog']['server_ip'] || - search(:node, node['rsyslog']['server_search']).first['ipaddress'] rescue nil + + # discover the rsyslog server + if node['rsyslog']['server_ip'] + rsyslog_server = node['rsyslog']['server_ip'] + else + rsyslog_server = search(:node, node['rsyslog']['server_search']).first + + if rsyslog_server.nil? + Chef::Log.warn "The rsyslog::client recipe was unable to determine the remote syslog server. Checked both the server_ip attribute and search()" + else + # we prefer connecting via local_ipv4 if + # we are in the same cloud + server_ip = begin + if rsyslog_server.attribute?('meta_data') + Chef::Log.info "we #{node['hostname']} are in #{node['meta_data']['region']}" + Chef::Log.info "potential rsyslog_server #{rsyslog_server['hostname']} is in #{rsyslog_server['meta_data']['region']}" + if node.attribute?('meta_data') && (rsyslog_server['meta_data']['region'] == node['meta_data']['region']) + Chef::Log.info "using private_ipv4 #{rsyslog_server['meta_data']['private_ipv4']} for the rsyslog_server" + rsyslog_server['meta_data']['private_ipv4'] + else + Chef::Log.info "using public_ipv4 #{rsyslog_server['meta_data']['public_ipv4']} for the rsyslog_server" + rsyslog_server['meta_data']['public_ipv4'] + end + else + rsyslog_server['ipaddress'] + end + end + end + rsyslog_server = server_ip + end if rsyslog_server.nil? - Chef::Application.fatal!("The rsyslog::client recipe was unable to determine the remote syslog server. Checked both the server_ip attribute and search()") + Chef::Log.warn "The rsyslog::client recipe was unable to determine the remote syslog server. Checked both the server_ip attribute and search()" end template "/etc/rsyslog.d/49-remote.conf" do @@ -37,11 +65,14 @@ :server => rsyslog_server, :protocol => node['rsyslog']['protocol'] ) + owner node["rsyslog"]["user"] + group node["rsyslog"]["group"] mode 0644 notifies :restart, "service[#{node['rsyslog']['service_name']}]" end file "/etc/rsyslog.d/server.conf" do + only_if do ::File.exists?("/etc/rsyslog.d/server.conf") end action :delete notifies :reload, "service[#{node['rsyslog']['service_name']}]" end diff --git a/recipes/default.rb b/recipes/default.rb index 3574878e..bf5762e7 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -2,7 +2,7 @@ # Cookbook Name:: rsyslog # Recipe:: default # -# Copyright 2009-2013, Opscode, Inc. +# Copyright 2009-2011, Opscode, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,11 +21,22 @@ action :install end +cookbook_file "#{node["rsyslog"]["defaults_file"]}" do + source "rsyslog.default" + owner node['rsyslog']['user'] + group node['rsyslog']['group'] + mode 0644 +end + directory "/etc/rsyslog.d" do + owner node['rsyslog']['user'] + group node['rsyslog']['group'] mode 0755 end directory "/var/spool/rsyslog" do + owner node['rsyslog']['user'] + group node['rsyslog']['group'] mode 0755 end @@ -33,6 +44,8 @@ # include of things in /etc/rsyslog.d/* template "/etc/rsyslog.conf" do source 'rsyslog.conf.erb' + owner node['rsyslog']['user'] + group node['rsyslog']['group'] mode 0644 variables(:protocol => node['rsyslog']['protocol']) notifies :restart, "service[#{node['rsyslog']['service_name']}]" @@ -41,18 +54,13 @@ template "/etc/rsyslog.d/50-default.conf" do source "50-default.conf.erb" backup false + owner node['rsyslog']['user'] + group node['rsyslog']['group'] mode 0644 notifies :restart, "service[#{node['rsyslog']['service_name']}]" end -# syslog needs to be stopped before rsyslog can be started on RHEL versions before 6.0 -if platform_family?('rhel') && node['platform_version'].to_i < 6 - service "syslog" do - action [:stop, :disable] - end -end - -service node['rsyslog']['service_name'] do - supports :restart => true, :reload => true, :status => true +service "#{node['rsyslog']['service_name']}" do + supports :restart => true, :reload => true action [:enable, :start] end diff --git a/recipes/server.rb b/recipes/server.rb index a5c9909a..40cefb0d 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -17,12 +17,21 @@ # limitations under the License. # +include_recipe "rsyslog" + node.set['rsyslog']['server'] = true +node.save unless Chef::Config[:solo] -include_recipe "rsyslog" +directory ::File.dirname(node['rsyslog']['log_dir']) do + owner node["rsyslog"]["user"] + group node["rsyslog"]["group"] + recursive true + mode 0755 +end directory node['rsyslog']['log_dir'] do - recursive true + owner node['rsyslog']['user'] + group node['rsyslog']['group'] mode 0755 end @@ -33,6 +42,8 @@ :log_dir => node['rsyslog']['log_dir'], :per_host_dir => node['rsyslog']['per_host_dir'] ) + owner node["rsyslog"]["user"] + group node["rsyslog"]["group"] mode 0644 notifies :restart, "service[#{node['rsyslog']['service_name']}]" end diff --git a/templates/default/rsyslog.conf.erb b/templates/default/rsyslog.conf.erb index 71d36e02..2f7c6472 100644 --- a/templates/default/rsyslog.conf.erb +++ b/templates/default/rsyslog.conf.erb @@ -37,11 +37,15 @@ $UDPServerRun <%= node['rsyslog']['port'] %> #### GLOBAL DIRECTIVES #### ########################### +# GrayLog2 Format +$template GRAYLOG2,"<%%PRI%>1 %timegenerated:::date-rfc3339% %HOSTNAME% %syslogtag% - %APP-NAME%: %msg:::drop-last-lf%\n" + # # Use default timestamp format. # To enable high precision timestamps, comment out the following line. # -$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat +$ActionFileDefaultTemplate <%= node['rsyslog']['default_file_template'] %> +$ActionForwardDefaultTemplate <%= node['rsyslog']['default_forward_template'] %> # Filter duplicated messages $RepeatedMsgReduction on