Unhardcoded logging level for syslog in Libvirtd (nova-compute)
This patch unhardcodes syslog parameters for libvirtd and qemu in libvirtd.conf
and libvirtd.conf templates accordingly. These parameters might be configured using
the bellow pillar structures:
nova:
compute:
libvirt:
logging:
level: 3
filters: '3:remote 4:event'
outputs: '3:syslog:libvirtd'
buffer_size: 64
qemu:
logging:
handler: logd
virtlog:
enabled: true
level: 3
filters: '3:remote 4:event'
outputs: '3:syslog:virtlogd'
max_clients: 1024
max_size: 2097152
max_backups: 3
Change-Id: Ic8b3f9ab1e55d9b972ff3baff48312e4dea8a5e5
Related-PROD: PROD-19919
diff --git a/README.rst b/README.rst
index bf4cbe2..9af981f 100644
--- a/README.rst
+++ b/README.rst
@@ -772,6 +772,95 @@
<logger_name>:
level: WARNING
+Configure syslog parameters for libvirtd
+----------------------------------------
+
+To configure syslog parameters for libvirtd the below pillar structure should be used with values which are supported
+by libvirtd. These values might be known from the documentation.
+
+ nova:
+ compute:
+ libvirt:
+ logging:
+ level: 3
+ filters: '3:remote 4:event'
+ outputs: '3:syslog:libvirtd'
+ buffer_size: 64
+
+#################################################################
+#
+# Logging controls
+#
+
+# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
+# basically 1 will log everything possible
+#log_level = 3
+
+# Logging filters:
+# A filter allows to select a different logging level for a given category
+# of logs
+# The format for a filter is one of:
+# x:name
+# x:+name
+# where name is a string which is matched against source file name,
+# e.g., "remote", "qemu", or "util/json", the optional "+" prefix
+# tells libvirt to log stack trace for each message matching name,
+# and x is the minimal level where matching messages should be logged:
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple filter can be defined in a single @filters, they just need to be
+# separated by spaces.
+#
+# e.g. to only get warning or errors from the remote layer and only errors
+# from the event layer:
+#log_filters="3:remote 4:event"
+
+# Logging outputs:
+# An output is one of the places to save logging information
+# The format for an output can be:
+# x:stderr
+# output goes to stderr
+# x:syslog:name
+# use syslog for the output and use the given name as the ident
+# x:file:file_path
+# output to a file, with the given filepath
+# In all case the x prefix is the minimal level, acting as a filter
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple output can be defined, they just need to be separated by spaces.
+# e.g. to log all warnings and errors to syslog under the libvirtd ident:
+#log_outputs="3:syslog:libvirtd"
+#
+
+# Log debug buffer size: default 64
+# The daemon keeps an internal debug log buffer which will be dumped in case
+# of crash or upon receiving a SIGUSR2 signal. This setting allows to override
+# the default buffer size in kilobytes.
+# If value is 0 or less the debug log buffer is deactivated
+#log_buffer_size = 64
+
+To configure logging parameters for qemu the below pillar structure and logging parameters should be used:
+
+ nova:
+ compute:
+ qemu:
+ logging:
+ handler: logd
+ virtlog:
+ enabled: true
+ level: 4
+ filters: '3:remote 3:event'
+ outputs: '4:syslog:virtlogd'
+ max_clients: 512
+ max_size: 2097100
+ max_backups: 2
+
Inject password to VM
---------------------
diff --git a/nova/compute.sls b/nova/compute.sls
index 0946d2e..33d30de 100644
--- a/nova/compute.sls
+++ b/nova/compute.sls
@@ -338,6 +338,26 @@
- require:
- pkg: nova_compute_packages
+{%- if compute.get('virtlog',{}).get('enabled', false) %}
+
+/etc/libvirt/virtlogd.conf:
+ file.managed:
+ - source: salt://nova/files/{{ compute.version }}/virtlogd.conf.{{ grains.os_family }}
+ - template: jinja
+ - require:
+ - pkg: nova_compute_packages
+
+/usr/sbin/virtlogd:
+ service.running:
+ - name: virtlogd
+ - enable: true
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+ - watch:
+ - file: /etc/libvirt/virtlogd.conf
+{%- endif %}
+
virsh net-undefine default:
cmd.run:
- name: "virsh net-destroy default"
diff --git a/nova/files/mitaka/libvirtd.conf.Debian b/nova/files/mitaka/libvirtd.conf.Debian
index 4fab737..607cbcb 100644
--- a/nova/files/mitaka/libvirtd.conf.Debian
+++ b/nova/files/mitaka/libvirtd.conf.Debian
@@ -295,7 +295,9 @@
# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
# basically 1 will log everything possible
#log_level = 3
-
+{%- if compute.libvirt.get('logging',{}).level is defined %}
+log_level = {{ compute.libvirt.logging.level }}
+{%- endif %}
# Logging filters:
# A filter allows to select a different logging level for a given category
# of logs
@@ -317,7 +319,9 @@
# e.g. to only get warning or errors from the remote layer and only errors
# from the event layer:
#log_filters="3:remote 4:event"
-
+{%- if compute.libvirt.get('logging',{}).filters is defined %}
+log_filters={{ compute.libvirt.logging.filters|yaml_dquote }}
+{%- endif %}
# Logging outputs:
# An output is one of the places to save logging information
# The format for an output can be:
@@ -336,16 +340,18 @@
# Multiple output can be defined, they just need to be separated by spaces.
# e.g. to log all warnings and errors to syslog under the libvirtd ident:
#log_outputs="3:syslog:libvirtd"
-#
-
+{%- if compute.libvirt.get('logging',{}).outputs is defined %}
+log_outputs={{ compute.libvirt.logging.outputs|yaml_dquote }}
+{%- endif %}
# Log debug buffer size: default 64
# The daemon keeps an internal debug log buffer which will be dumped in case
# of crash or upon receiving a SIGUSR2 signal. This setting allows to override
# the default buffer size in kilobytes.
# If value is 0 or less the debug log buffer is deactivated
#log_buffer_size = 64
-
-
+{%- if compute.libvirt.get('logging',{}).buffer_size is defined %}
+log_buffer_size = {{ compute.libvirt.logging.buffer_size }}
+{%- endif %}
##################################################################
#
# Auditing
@@ -400,4 +406,4 @@
# If set to 1, libvirtd will refuse to talk to clients that do not
# support keepalive protocol. Defaults to 0.
#
-#keepalive_required = 1
\ No newline at end of file
+#keepalive_required = 1
diff --git a/nova/files/mitaka/qemu.conf.Debian b/nova/files/mitaka/qemu.conf.Debian
index 5b039c4..a338e7d 100644
--- a/nova/files/mitaka/qemu.conf.Debian
+++ b/nova/files/mitaka/qemu.conf.Debian
@@ -484,3 +484,21 @@
"/dev/vfio/vfio",
{% endif %}
]
+
+# The backend to use for handling stdout/stderr output from
+# QEMU processes.
+#
+# 'file': QEMU writes directly to a plain file. This is the
+# historical default, but allows QEMU to inflict a
+# denial of service attack on the host by exhausting
+# filesystem space
+#
+# 'logd': QEMU writes to a pipe provided by virtlogd daemon.
+# This is the current default, providing protection
+# against denial of service by performing log file
+# rollover when a size limit is hit.
+#
+#stdio_handler = "logd"
+{%- if compute.get('qemu',{}).get('logging',{}).handler is defined %}
+stdio_handler = "{{ compute.qemu.logging.handler }}"
+{%- endif %}
diff --git a/nova/files/mitaka/virtlogd.conf.Debian b/nova/files/mitaka/virtlogd.conf.Debian
new file mode 100644
index 0000000..ecb5b2e
--- /dev/null
+++ b/nova/files/mitaka/virtlogd.conf.Debian
@@ -0,0 +1,78 @@
+{%- from "nova/map.jinja" import compute with context %}
+# Master virtlogd daemon configuration file
+#
+
+#################################################################
+#
+# Logging controls
+#
+
+# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
+# basically 1 will log everything possible
+{%- if compute.get('virtlog',{}).level is defined %}
+log_level = {{ compute.virtlog.level }}
+{%- endif %}
+# Logging filters:
+# A filter allows to select a different logging level for a given category
+# of logs
+# The format for a filter is one of:
+# x:name
+# x:+name
+# where name is a string which is matched against source file name,
+# e.g., "remote", "qemu", or "util/json", the optional "+" prefix
+# tells libvirt to log stack trace for each message matching name,
+# and x is the minimal level where matching messages should be logged:
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple filter can be defined in a single @filters, they just need to be
+# separated by spaces.
+#
+# e.g. to only get warning or errors from the remote layer and only errors
+# from the event layer:
+#log_filters="3:remote 4:event"
+{%- if compute.get('virtlog',{}).filters is defined %}
+log_filters={{ compute.virtlog.get('filters')|yaml_dquote }}
+{%- endif %}
+# Logging outputs:
+# An output is one of the places to save logging information
+# The format for an output can be:
+# x:stderr
+# output goes to stderr
+# x:syslog:name
+# use syslog for the output and use the given name as the ident
+# x:file:file_path
+# output to a file, with the given filepath
+# x:journald
+# ouput to the systemd journal
+# In all case the x prefix is the minimal level, acting as a filter
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple output can be defined, they just need to be separated by spaces.
+# e.g. to log all warnings and errors to syslog under the virtlogd ident:
+#log_outputs="3:syslog:virtlogd"
+{%- if compute.get('virtlog',{}).outputs is defined %}
+log_outputs={{ compute.virtlog.get('outputs')|yaml_dquote }}
+{%- endif %}
+# The maximum number of concurrent client connections to allow
+# over all sockets combined.
+#max_clients = 1024
+{%- if compute.get('virtlog',{}).max_clients is defined %}
+max_clients = {{ compute.virtlog.max_clients }}
+{%- endif %}
+# Maximum file size before rolling over. Defaults to 2 MB
+#max_size = 2097152
+{%- if compute.get('virtlog',{}).max_size is defined %}
+max_size = {{ compute.virtlog.max_size }}
+{%- endif %}
+# Maximum number of backup files to keep. Defaults to 3,
+# not including the primary active file
+#max_backups = 3
+{%- if compute.get('virtlog',{}).max_backups is defined %}
+max_backups = {{ compute.virtlog.max_backups }}
+{%- endif %}
diff --git a/nova/files/mitaka/virtlogd.conf.RedHat b/nova/files/mitaka/virtlogd.conf.RedHat
new file mode 120000
index 0000000..d466306
--- /dev/null
+++ b/nova/files/mitaka/virtlogd.conf.RedHat
@@ -0,0 +1 @@
+virtlogd.conf.Debian
\ No newline at end of file
diff --git a/nova/files/newton/libvirtd.conf.Debian b/nova/files/newton/libvirtd.conf.Debian
index 4fab737..607cbcb 100644
--- a/nova/files/newton/libvirtd.conf.Debian
+++ b/nova/files/newton/libvirtd.conf.Debian
@@ -295,7 +295,9 @@
# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
# basically 1 will log everything possible
#log_level = 3
-
+{%- if compute.libvirt.get('logging',{}).level is defined %}
+log_level = {{ compute.libvirt.logging.level }}
+{%- endif %}
# Logging filters:
# A filter allows to select a different logging level for a given category
# of logs
@@ -317,7 +319,9 @@
# e.g. to only get warning or errors from the remote layer and only errors
# from the event layer:
#log_filters="3:remote 4:event"
-
+{%- if compute.libvirt.get('logging',{}).filters is defined %}
+log_filters={{ compute.libvirt.logging.filters|yaml_dquote }}
+{%- endif %}
# Logging outputs:
# An output is one of the places to save logging information
# The format for an output can be:
@@ -336,16 +340,18 @@
# Multiple output can be defined, they just need to be separated by spaces.
# e.g. to log all warnings and errors to syslog under the libvirtd ident:
#log_outputs="3:syslog:libvirtd"
-#
-
+{%- if compute.libvirt.get('logging',{}).outputs is defined %}
+log_outputs={{ compute.libvirt.logging.outputs|yaml_dquote }}
+{%- endif %}
# Log debug buffer size: default 64
# The daemon keeps an internal debug log buffer which will be dumped in case
# of crash or upon receiving a SIGUSR2 signal. This setting allows to override
# the default buffer size in kilobytes.
# If value is 0 or less the debug log buffer is deactivated
#log_buffer_size = 64
-
-
+{%- if compute.libvirt.get('logging',{}).buffer_size is defined %}
+log_buffer_size = {{ compute.libvirt.logging.buffer_size }}
+{%- endif %}
##################################################################
#
# Auditing
@@ -400,4 +406,4 @@
# If set to 1, libvirtd will refuse to talk to clients that do not
# support keepalive protocol. Defaults to 0.
#
-#keepalive_required = 1
\ No newline at end of file
+#keepalive_required = 1
diff --git a/nova/files/newton/qemu.conf.Debian b/nova/files/newton/qemu.conf.Debian
index 5b039c4..a338e7d 100644
--- a/nova/files/newton/qemu.conf.Debian
+++ b/nova/files/newton/qemu.conf.Debian
@@ -484,3 +484,21 @@
"/dev/vfio/vfio",
{% endif %}
]
+
+# The backend to use for handling stdout/stderr output from
+# QEMU processes.
+#
+# 'file': QEMU writes directly to a plain file. This is the
+# historical default, but allows QEMU to inflict a
+# denial of service attack on the host by exhausting
+# filesystem space
+#
+# 'logd': QEMU writes to a pipe provided by virtlogd daemon.
+# This is the current default, providing protection
+# against denial of service by performing log file
+# rollover when a size limit is hit.
+#
+#stdio_handler = "logd"
+{%- if compute.get('qemu',{}).get('logging',{}).handler is defined %}
+stdio_handler = "{{ compute.qemu.logging.handler }}"
+{%- endif %}
diff --git a/nova/files/newton/virtlogd.conf.Debian b/nova/files/newton/virtlogd.conf.Debian
new file mode 100644
index 0000000..ecb5b2e
--- /dev/null
+++ b/nova/files/newton/virtlogd.conf.Debian
@@ -0,0 +1,78 @@
+{%- from "nova/map.jinja" import compute with context %}
+# Master virtlogd daemon configuration file
+#
+
+#################################################################
+#
+# Logging controls
+#
+
+# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
+# basically 1 will log everything possible
+{%- if compute.get('virtlog',{}).level is defined %}
+log_level = {{ compute.virtlog.level }}
+{%- endif %}
+# Logging filters:
+# A filter allows to select a different logging level for a given category
+# of logs
+# The format for a filter is one of:
+# x:name
+# x:+name
+# where name is a string which is matched against source file name,
+# e.g., "remote", "qemu", or "util/json", the optional "+" prefix
+# tells libvirt to log stack trace for each message matching name,
+# and x is the minimal level where matching messages should be logged:
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple filter can be defined in a single @filters, they just need to be
+# separated by spaces.
+#
+# e.g. to only get warning or errors from the remote layer and only errors
+# from the event layer:
+#log_filters="3:remote 4:event"
+{%- if compute.get('virtlog',{}).filters is defined %}
+log_filters={{ compute.virtlog.get('filters')|yaml_dquote }}
+{%- endif %}
+# Logging outputs:
+# An output is one of the places to save logging information
+# The format for an output can be:
+# x:stderr
+# output goes to stderr
+# x:syslog:name
+# use syslog for the output and use the given name as the ident
+# x:file:file_path
+# output to a file, with the given filepath
+# x:journald
+# ouput to the systemd journal
+# In all case the x prefix is the minimal level, acting as a filter
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple output can be defined, they just need to be separated by spaces.
+# e.g. to log all warnings and errors to syslog under the virtlogd ident:
+#log_outputs="3:syslog:virtlogd"
+{%- if compute.get('virtlog',{}).outputs is defined %}
+log_outputs={{ compute.virtlog.get('outputs')|yaml_dquote }}
+{%- endif %}
+# The maximum number of concurrent client connections to allow
+# over all sockets combined.
+#max_clients = 1024
+{%- if compute.get('virtlog',{}).max_clients is defined %}
+max_clients = {{ compute.virtlog.max_clients }}
+{%- endif %}
+# Maximum file size before rolling over. Defaults to 2 MB
+#max_size = 2097152
+{%- if compute.get('virtlog',{}).max_size is defined %}
+max_size = {{ compute.virtlog.max_size }}
+{%- endif %}
+# Maximum number of backup files to keep. Defaults to 3,
+# not including the primary active file
+#max_backups = 3
+{%- if compute.get('virtlog',{}).max_backups is defined %}
+max_backups = {{ compute.virtlog.max_backups }}
+{%- endif %}
diff --git a/nova/files/newton/virtlogd.conf.RedHat b/nova/files/newton/virtlogd.conf.RedHat
new file mode 120000
index 0000000..d466306
--- /dev/null
+++ b/nova/files/newton/virtlogd.conf.RedHat
@@ -0,0 +1 @@
+virtlogd.conf.Debian
\ No newline at end of file
diff --git a/nova/files/ocata/libvirt.RedHat b/nova/files/ocata/libvirt.RedHat
new file mode 120000
index 0000000..f8f6638
--- /dev/null
+++ b/nova/files/ocata/libvirt.RedHat
@@ -0,0 +1 @@
+libvirt.Debian
\ No newline at end of file
diff --git a/nova/files/ocata/libvirtd.conf.Debian b/nova/files/ocata/libvirtd.conf.Debian
index 4fab737..1278aea 100644
--- a/nova/files/ocata/libvirtd.conf.Debian
+++ b/nova/files/ocata/libvirtd.conf.Debian
@@ -295,7 +295,9 @@
# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
# basically 1 will log everything possible
#log_level = 3
-
+{%- if compute.libvirt.get('logging',{}).level is defined %}
+log_level = {{ compute.libvirt.logging.level }}
+{%- endif %}
# Logging filters:
# A filter allows to select a different logging level for a given category
# of logs
@@ -317,7 +319,9 @@
# e.g. to only get warning or errors from the remote layer and only errors
# from the event layer:
#log_filters="3:remote 4:event"
-
+{%- if compute.libvirt.get('logging',{}).filters is defined %}
+log_filters={{ compute.libvirt.logging.filters|yaml_dquote }}
+{%- endif %}
# Logging outputs:
# An output is one of the places to save logging information
# The format for an output can be:
@@ -336,15 +340,18 @@
# Multiple output can be defined, they just need to be separated by spaces.
# e.g. to log all warnings and errors to syslog under the libvirtd ident:
#log_outputs="3:syslog:libvirtd"
-#
-
+{%- if compute.libvirt.get('logging',{}).outputs is defined %}
+log_outputs={{ compute.libvirt.logging.outputs|yaml_dquote }}
+{%- endif %}
# Log debug buffer size: default 64
# The daemon keeps an internal debug log buffer which will be dumped in case
# of crash or upon receiving a SIGUSR2 signal. This setting allows to override
# the default buffer size in kilobytes.
# If value is 0 or less the debug log buffer is deactivated
#log_buffer_size = 64
-
+{%- if compute.libvirt.get('logging',{}).buffer_size is defined %}
+log_buffer_size = {{ compute.libvirt.logging.buffer_size }}
+{%- endif %}
##################################################################
#
@@ -400,4 +407,4 @@
# If set to 1, libvirtd will refuse to talk to clients that do not
# support keepalive protocol. Defaults to 0.
#
-#keepalive_required = 1
\ No newline at end of file
+#keepalive_required = 1
diff --git a/nova/files/ocata/libvirtd.conf.RedHat b/nova/files/ocata/libvirtd.conf.RedHat
new file mode 120000
index 0000000..2a7b101
--- /dev/null
+++ b/nova/files/ocata/libvirtd.conf.RedHat
@@ -0,0 +1 @@
+libvirtd.conf.Debian
\ No newline at end of file
diff --git a/nova/files/ocata/qemu.conf.Debian b/nova/files/ocata/qemu.conf.Debian
index 6212dda..cb20491 100644
--- a/nova/files/ocata/qemu.conf.Debian
+++ b/nova/files/ocata/qemu.conf.Debian
@@ -497,3 +497,21 @@
"/dev/vfio/vfio",
{% endif %}
]
+
+# The backend to use for handling stdout/stderr output from
+# QEMU processes.
+#
+# 'file': QEMU writes directly to a plain file. This is the
+# historical default, but allows QEMU to inflict a
+# denial of service attack on the host by exhausting
+# filesystem space
+#
+# 'logd': QEMU writes to a pipe provided by virtlogd daemon.
+# This is the current default, providing protection
+# against denial of service by performing log file
+# rollover when a size limit is hit.
+#
+#stdio_handler = "logd"
+{%- if compute.get('qemu',{}).get('logging',{}).handler is defined %}
+stdio_handler = "{{ compute.qemu.logging.handler }}"
+{%- endif %}
diff --git a/nova/files/ocata/qemu.conf.RedHat b/nova/files/ocata/qemu.conf.RedHat
new file mode 120000
index 0000000..1d23f19
--- /dev/null
+++ b/nova/files/ocata/qemu.conf.RedHat
@@ -0,0 +1 @@
+qemu.conf.Debian
\ No newline at end of file
diff --git a/nova/files/ocata/virtlogd.conf.Debian b/nova/files/ocata/virtlogd.conf.Debian
new file mode 100644
index 0000000..ecb5b2e
--- /dev/null
+++ b/nova/files/ocata/virtlogd.conf.Debian
@@ -0,0 +1,78 @@
+{%- from "nova/map.jinja" import compute with context %}
+# Master virtlogd daemon configuration file
+#
+
+#################################################################
+#
+# Logging controls
+#
+
+# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
+# basically 1 will log everything possible
+{%- if compute.get('virtlog',{}).level is defined %}
+log_level = {{ compute.virtlog.level }}
+{%- endif %}
+# Logging filters:
+# A filter allows to select a different logging level for a given category
+# of logs
+# The format for a filter is one of:
+# x:name
+# x:+name
+# where name is a string which is matched against source file name,
+# e.g., "remote", "qemu", or "util/json", the optional "+" prefix
+# tells libvirt to log stack trace for each message matching name,
+# and x is the minimal level where matching messages should be logged:
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple filter can be defined in a single @filters, they just need to be
+# separated by spaces.
+#
+# e.g. to only get warning or errors from the remote layer and only errors
+# from the event layer:
+#log_filters="3:remote 4:event"
+{%- if compute.get('virtlog',{}).filters is defined %}
+log_filters={{ compute.virtlog.get('filters')|yaml_dquote }}
+{%- endif %}
+# Logging outputs:
+# An output is one of the places to save logging information
+# The format for an output can be:
+# x:stderr
+# output goes to stderr
+# x:syslog:name
+# use syslog for the output and use the given name as the ident
+# x:file:file_path
+# output to a file, with the given filepath
+# x:journald
+# ouput to the systemd journal
+# In all case the x prefix is the minimal level, acting as a filter
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple output can be defined, they just need to be separated by spaces.
+# e.g. to log all warnings and errors to syslog under the virtlogd ident:
+#log_outputs="3:syslog:virtlogd"
+{%- if compute.get('virtlog',{}).outputs is defined %}
+log_outputs={{ compute.virtlog.get('outputs')|yaml_dquote }}
+{%- endif %}
+# The maximum number of concurrent client connections to allow
+# over all sockets combined.
+#max_clients = 1024
+{%- if compute.get('virtlog',{}).max_clients is defined %}
+max_clients = {{ compute.virtlog.max_clients }}
+{%- endif %}
+# Maximum file size before rolling over. Defaults to 2 MB
+#max_size = 2097152
+{%- if compute.get('virtlog',{}).max_size is defined %}
+max_size = {{ compute.virtlog.max_size }}
+{%- endif %}
+# Maximum number of backup files to keep. Defaults to 3,
+# not including the primary active file
+#max_backups = 3
+{%- if compute.get('virtlog',{}).max_backups is defined %}
+max_backups = {{ compute.virtlog.max_backups }}
+{%- endif %}
diff --git a/nova/files/ocata/virtlogd.conf.RedHat b/nova/files/ocata/virtlogd.conf.RedHat
new file mode 120000
index 0000000..d466306
--- /dev/null
+++ b/nova/files/ocata/virtlogd.conf.RedHat
@@ -0,0 +1 @@
+virtlogd.conf.Debian
\ No newline at end of file
diff --git a/nova/files/pike/libvirt.RedHat b/nova/files/pike/libvirt.RedHat
new file mode 120000
index 0000000..f8f6638
--- /dev/null
+++ b/nova/files/pike/libvirt.RedHat
@@ -0,0 +1 @@
+libvirt.Debian
\ No newline at end of file
diff --git a/nova/files/pike/libvirtd.conf.Debian b/nova/files/pike/libvirtd.conf.Debian
index 4fab737..6f4afb9 100644
--- a/nova/files/pike/libvirtd.conf.Debian
+++ b/nova/files/pike/libvirtd.conf.Debian
@@ -295,7 +295,9 @@
# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
# basically 1 will log everything possible
#log_level = 3
-
+{%- if compute.libvirt.get('logging',{}).level is defined %}
+log_level = {{ compute.libvirt.logging.level }}
+{%- endif %}
# Logging filters:
# A filter allows to select a different logging level for a given category
# of logs
@@ -317,6 +319,9 @@
# e.g. to only get warning or errors from the remote layer and only errors
# from the event layer:
#log_filters="3:remote 4:event"
+{%- if compute.libvirt.get('logging',{}).filters is defined %}
+log_filters={{ compute.libvirt.logging.filters|yaml_dquote }}
+{%- endif %}
# Logging outputs:
# An output is one of the places to save logging information
@@ -337,6 +342,9 @@
# e.g. to log all warnings and errors to syslog under the libvirtd ident:
#log_outputs="3:syslog:libvirtd"
#
+{%- if compute.libvirt.get('logging',{}).outputs is defined %}
+log_outputs={{ compute.libvirt.logging.outputs|yaml_dquote }}
+{%- endif %}
# Log debug buffer size: default 64
# The daemon keeps an internal debug log buffer which will be dumped in case
@@ -344,7 +352,9 @@
# the default buffer size in kilobytes.
# If value is 0 or less the debug log buffer is deactivated
#log_buffer_size = 64
-
+{%- if compute.libvirt.get('logging',{}).buffer_size is defined %}
+log_buffer_size = {{ compute.libvirt.logging.buffer_size }}
+{%- endif %}
##################################################################
#
@@ -400,4 +410,4 @@
# If set to 1, libvirtd will refuse to talk to clients that do not
# support keepalive protocol. Defaults to 0.
#
-#keepalive_required = 1
\ No newline at end of file
+#keepalive_required = 1
diff --git a/nova/files/pike/libvirtd.conf.RedHat b/nova/files/pike/libvirtd.conf.RedHat
new file mode 120000
index 0000000..2a7b101
--- /dev/null
+++ b/nova/files/pike/libvirtd.conf.RedHat
@@ -0,0 +1 @@
+libvirtd.conf.Debian
\ No newline at end of file
diff --git a/nova/files/pike/qemu.conf.Debian b/nova/files/pike/qemu.conf.Debian
index 6212dda..cb20491 100644
--- a/nova/files/pike/qemu.conf.Debian
+++ b/nova/files/pike/qemu.conf.Debian
@@ -497,3 +497,21 @@
"/dev/vfio/vfio",
{% endif %}
]
+
+# The backend to use for handling stdout/stderr output from
+# QEMU processes.
+#
+# 'file': QEMU writes directly to a plain file. This is the
+# historical default, but allows QEMU to inflict a
+# denial of service attack on the host by exhausting
+# filesystem space
+#
+# 'logd': QEMU writes to a pipe provided by virtlogd daemon.
+# This is the current default, providing protection
+# against denial of service by performing log file
+# rollover when a size limit is hit.
+#
+#stdio_handler = "logd"
+{%- if compute.get('qemu',{}).get('logging',{}).handler is defined %}
+stdio_handler = "{{ compute.qemu.logging.handler }}"
+{%- endif %}
diff --git a/nova/files/pike/qemu.conf.RedHat b/nova/files/pike/qemu.conf.RedHat
new file mode 120000
index 0000000..1d23f19
--- /dev/null
+++ b/nova/files/pike/qemu.conf.RedHat
@@ -0,0 +1 @@
+qemu.conf.Debian
\ No newline at end of file
diff --git a/nova/files/pike/virtlogd.conf.Debian b/nova/files/pike/virtlogd.conf.Debian
new file mode 100644
index 0000000..ecb5b2e
--- /dev/null
+++ b/nova/files/pike/virtlogd.conf.Debian
@@ -0,0 +1,78 @@
+{%- from "nova/map.jinja" import compute with context %}
+# Master virtlogd daemon configuration file
+#
+
+#################################################################
+#
+# Logging controls
+#
+
+# Logging level: 4 errors, 3 warnings, 2 information, 1 debug
+# basically 1 will log everything possible
+{%- if compute.get('virtlog',{}).level is defined %}
+log_level = {{ compute.virtlog.level }}
+{%- endif %}
+# Logging filters:
+# A filter allows to select a different logging level for a given category
+# of logs
+# The format for a filter is one of:
+# x:name
+# x:+name
+# where name is a string which is matched against source file name,
+# e.g., "remote", "qemu", or "util/json", the optional "+" prefix
+# tells libvirt to log stack trace for each message matching name,
+# and x is the minimal level where matching messages should be logged:
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple filter can be defined in a single @filters, they just need to be
+# separated by spaces.
+#
+# e.g. to only get warning or errors from the remote layer and only errors
+# from the event layer:
+#log_filters="3:remote 4:event"
+{%- if compute.get('virtlog',{}).filters is defined %}
+log_filters={{ compute.virtlog.get('filters')|yaml_dquote }}
+{%- endif %}
+# Logging outputs:
+# An output is one of the places to save logging information
+# The format for an output can be:
+# x:stderr
+# output goes to stderr
+# x:syslog:name
+# use syslog for the output and use the given name as the ident
+# x:file:file_path
+# output to a file, with the given filepath
+# x:journald
+# ouput to the systemd journal
+# In all case the x prefix is the minimal level, acting as a filter
+# 1: DEBUG
+# 2: INFO
+# 3: WARNING
+# 4: ERROR
+#
+# Multiple output can be defined, they just need to be separated by spaces.
+# e.g. to log all warnings and errors to syslog under the virtlogd ident:
+#log_outputs="3:syslog:virtlogd"
+{%- if compute.get('virtlog',{}).outputs is defined %}
+log_outputs={{ compute.virtlog.get('outputs')|yaml_dquote }}
+{%- endif %}
+# The maximum number of concurrent client connections to allow
+# over all sockets combined.
+#max_clients = 1024
+{%- if compute.get('virtlog',{}).max_clients is defined %}
+max_clients = {{ compute.virtlog.max_clients }}
+{%- endif %}
+# Maximum file size before rolling over. Defaults to 2 MB
+#max_size = 2097152
+{%- if compute.get('virtlog',{}).max_size is defined %}
+max_size = {{ compute.virtlog.max_size }}
+{%- endif %}
+# Maximum number of backup files to keep. Defaults to 3,
+# not including the primary active file
+#max_backups = 3
+{%- if compute.get('virtlog',{}).max_backups is defined %}
+max_backups = {{ compute.virtlog.max_backups }}
+{%- endif %}
diff --git a/nova/files/pike/virtlogd.conf.RedHat b/nova/files/pike/virtlogd.conf.RedHat
new file mode 120000
index 0000000..d466306
--- /dev/null
+++ b/nova/files/pike/virtlogd.conf.RedHat
@@ -0,0 +1 @@
+virtlogd.conf.Debian
\ No newline at end of file