Opened on 11/12/2015 at 03:18:18 AM
Closed on 01/20/2016 at 09:03:30 AM
#3306 closed change (fixed)
Create uplink for pushing log files
Reported by: | matze | Assignee: | matze |
---|---|---|---|
Priority: | P2 | Milestone: | |
Module: | Infrastructure | Keywords: | |
Cc: | fred | Blocked By: | #3471, #3479 |
Blocking: | #3307 | Platform: | Unknown / Cross platform |
Ready: | yes | Confidential: | no |
Tester: | Unknown | Verified working: | no |
Review URL(s): |
Description (last modified by matze)
In the context of introducing our new log server, we are going to extend the log rotation's postrotate commands to include the upload to the log master, i.e.:
postrotate ssh log@logmaster.adblockplus.org nginx_error < /var/log/nginx/error.log.1.gz endscript
Requirements
We need the master to recognize hosts sending incoming data and dispatch the IO to the respective uplink (from logstash), i.e.:
# $adblockplus::log::directory/$host/$name /var/adblockplus/log/uplink/$host/nginx_error
This should become implemented using a designated user-account and a small Python script on the master, invoked via command= directives from .ssh/authorized_keys which itself is populated via Puppet and identifies the source hosts based on their RSA key.
Notes
In order to avoid accidental or malicious data insertion, the script should ensure that only the logfile's $name part can be passed on by the client. Furthermore, the script itself should be designed to also allow for manual data import by the administrator, after network outages or similar ("single point of failure").
Finally, we should avoid the uplink logic to interprete the incoming data in any fashion. This will allow for greater flexibility, e.g. using compression and additional encryption on individual channels, or an interval other than 24 hours.
Attachments (0)
Change History (6)
comment:1 Changed on 01/06/2016 at 12:08:19 PM by matze
- Blocked By 3471 added
- Cc fred added
- Description modified (diff)
- Ready set
comment:2 Changed on 01/06/2016 at 12:11:33 PM by matze
- Review URL(s) modified (diff)
- Status changed from new to reviewing
comment:3 Changed on 01/06/2016 at 12:12:05 PM by matze
- Sensitive unset
- Type changed from defect to change
comment:4 Changed on 01/07/2016 at 01:55:39 AM by matze
- Blocked By 3479 added
comment:5 Changed on 01/07/2016 at 01:32:10 PM by matze
- Blocking 3307 added
comment:6 Changed on 01/20/2016 at 09:03:30 AM by matze
- Resolution set to fixed
- Status changed from reviewing to closed
https://hg.adblockplus.org/infrastructure/rev/f775f7683ba8