"Fossies" - the Fresh Open Source Software Archive

Member "monasca-log-api-2.9.0/doc/source/configuration/configuring.rst" (1 Apr 2019, 5447 Bytes) of package /linux/misc/openstack/monasca-log-api-2.9.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format (assuming markdown format). Alternatively you can here view or download the uninterpreted source code file. A member file download can also be achieved by clicking within a package contents listing on the according byte size field. See also the latest Fossies "Diffs" side-by-side code changes report for "configuring.rst": 2.7.0_vs_2.9.0.

Configuring

monasca-log-api has several configuration options. Some of them are inherited from oslo libraries, others can be found in the monasca-log-api codebase.

The entire configuration of monasca-log-api is defined in configuration files.

Note

This is intended behaviour. One of possible ways to deploy monasca-log-api is to use gunicorn. Unfortunately gunicorn's argument parsing clashes with oslo's argument parsing. This means that gunicorn reports the CLI options of oslo as unknown, and vice versa.

There are 4 configuration files. For more details on the configuration options, see here <configuration-files>.

Configuring Keystone Authorization

Keystone authorization (i.e. verification of the token associated with a request) is a critical part of monasca-log-api. It prevents from unauthorized access and provides the isolation needed for multi-tenancy.

The configuration for keystonemiddleware should either be provided in monasca-log-api.conf or in a file in one of the configuration directories. For more details about configuration options, check here.

Configuring Log Publishing

monasca-log-api sends all logs to the Kafka Message Queue. Proper configuration should include:

The configuration for log_publisher should either be provided in monasca-log-api.conf or in a file in one of the configuration directories.

Configuring Healthcheck

Healthcheck is an essential part of monasca-log-api. It allows sending HTTP requests and getting knowledge about the availability of the API. Configuration of healthcheck includes:

The configuration for kafka_healthcheck should either be provided in monasca-log-api.conf or in a file in one of the configuration directories.

Configuring Monitoring

monasca-log-api is capable of self-monitoring. This is achieved through monasca-statsd. It assumes that there is monasca-agent available on the system node and that statsd-server has been launched.

There are several options you may want to tweak if necessary:

The configuration for monitoring should either be provided in monasca-log-api.conf or in a file in one of the configuration directories.

Configuring RBAC

The role-based access policy can be defined in the log-api.policy.yaml file as described in oslo.policy documentation.

Additionally, for historical reasons, custom RBAC mechanism is provided. It can be configured as follows:

The configuration for roles_middleware can be provided either in monasca-log-api.conf or in a file in one of the configuration directories.

Configuring Logging

Logging in monasca-log-api is controlled from the single log-api-logging.conf configuration file. Here is a short list of several modifications you may want to apply, based on your deployment:

Configuring Policies

The policies for accessing each service can be configured in the log-api.policy.yaml configuration file:

Policy Description
Method Path
"Policy string": "Roles"

example:

Logs post rule
POST  /logs
POST  /log/single
"log_api:logs:post": "role:monasca-user"