Ask Your Question
2

Puppet and rsyslog

asked 2013-02-07 03:32:48 -0500

cwo gravatar image

I installed a puppet environment using the Puppetlabs APT repository. The operating system is Ubuntu Linux 12.04 LTS. By default the log output of the puppetmaster instance is logged into the standard syslog file /var/log/syslog. I want to change that by configuring rsyslog to redirect the log output to /var/log/puppet/master.log. So I tried to configure the rsyslog deamon via a configuration file in /etc/rsyslog.d/. I'm not so strong in using rsyslog but here is what I wrote.

:programname, isequal, "puppet-master" /var/log/puppet/master.log
:programname, isequal, "puppet-master" ~

I found ... (more)

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
2

answered 2013-02-07 04:18:31 -0500

cwo gravatar image

I found the answer using the debug mode of rsyslog. Rsyslog is running as user syslog and can't write into the /var/log/puppet directory which is puppetized by puppet itself (user puppet, group puppet). Rsyslog is really funning not logging that it's not possible to write the file.

edit flag offensive delete link more
1

answered 2013-02-07 18:03:22 -0500

ramindk gravatar image

updated 2014-08-31 11:54:46 -0500

Some additional info for anyone searching about this later. You can use & as a placeholder for the last command to shorten your config.

/etc/rsyslog.d/conf.d/40-puppet.conf

# PUPPETHEADER: This file is owned by Puppet.
if $programname == 'puppet-agent' then -/var/log/puppet/puppet.log
& ~    
if $programname == 'puppet-master' then -/var/log/puppet/puppetmaster.log
& ~

Additionally make sure rsyslog loads your puppet logging config before the general log config or you'll double log to puppet.log, messages, and syslog. Finally I'd make sure /var/log/puppet has the permissions you expect. By default the current Puppet packages will own the directory to puppet:puppet however many rsyslog configs will drop privileges to a syslog user and won't be able to write logs to the directory.

file { '/var/log/puppet':
  ensure  => directory,
  owner   => syslog,  # or whatever owner
  group   => adm,     # and group
  mode    => '0750',  # and permissions make sense on your system.
  recurse => true,
  before  => Class['rsyslog::service']
}
edit flag offensive delete link more

Comments

But /var/log/puppet is the standard logdir of puppet itself. Is this File resource working as expected? Have you changed the logdir in the puppet.conf?

cwo gravatar imagecwo ( 2013-02-08 02:51:18 -0500 )edit

The problem is that the Puppet deb package started creating /var/log/puppet to be owned by puppet:puppet at some point in 2.7.x. Which would be fine ...(more)

ramindk gravatar imageramindk ( 2013-02-08 10:29:42 -0500 )edit

Yeah. That's right. The default logdir only holds the HTTP Log from the Puppet Master which hasn't been useful to me yet. I think about changing the logdir ...(more)

cwo gravatar imagecwo ( 2013-02-08 12:12:29 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2013-02-07 03:32:48 -0500

Seen: 2,336 times

Last updated: Aug 31 '14