Home

Awesome

ansible-role-fluentd

Configures fluentd.

Notes for FreeBSD

The sysutils/rubygem-fluentd port does not patch the gem to include fluentd_plugin_dir, or /usr/local/etc/fluentd/plugin, by default (as of version 0.12.14_1). If you manage local plugins in the directory, you need to set fluentd_flags.

fluentd_flags: "-p {{ fluentd_plugin_dir }}"

See Add a Plugin Via /etc/fluent/plugin for more details.

Note that fluentd_plugins_to_install does not use fluentd_plugin_dir.

Requirements

None

Role Variables

variabledescriptiondefault
fluentd_userthe user of fluentd{{ __fluentd_user }}
fluentd_groupthe group of fluentd{{ __fluentd_group }}
fluentd_extra_groupslist of extra group names (preferred) or a comma-separated string of group names (deprecated, for backward-compatibility) that fluentd user belongs to[]
fluentd_package_namepackage name of fluentd{{ __fluentd_package_name }}
fluentd_config_dirpath to config directory{{ __fluentd_config_dir }}
fluentd_config_filepath to fluent.conf{{ __fluentd_config_file }}
fluentd_config_fragment_dirpath to conf.d directory{{ fluentd_config_dir }}/conf.d
fluentd_service_nameservice name of fluentd{{ __fluentd_service_name }}
fluentd_plugin_dirpath to directory where local plugins reside{{ fluentd_config_dir }}/plugin
fluentd_flagsoptional command line flags for the service{{ __fluentd_flags }}
fluentd_gem_binpath to fluent-gem{{ __fluentd_gem_bin }}
fluentd_plugins_to_installlist of plug-in names to install[]
fluentd_plugins_to_createlist of plug-ins to create (see below)[]
fluentd_certs_dirpath to directory where cert files reside{{ __fluentd_config_dir }}/certs
fluentd_configsdict of config fragments, see below{}
fluentd_ca_keycontent of ca_key.pem""
fluentd_ca_certcontent of ca_cert.pem""
fluentd_ca_private_key_passphrasethe passphrase of ca_key.pem""
fluentd_buffer_pathpath to file-based buffer directory/var/spool/fluentd
fluentd_unix_pipe_dirpath to directory where AF_UNIX pipe should be created{{ __fluentd_unix_pipe_dir }}
fluentd_log_dirpath to directory where fluentd can write logs. Set None to disable/var/log/{{ fluentd_service_name }}
fluentd_log_filepath to log file{{ fluentd_log_dir }}/{{ fluentd_service_name }}.log
fluentd_system_configa string that is enclosed by <system> tag in fluentd.conf. use `` in yaml to set multiple lines of system-wide configurations
fluentd_pid_dirpath to PID directory"{{ __fluentd_pid_dir }}"
fluentd_pid_filepath to PID file"{{ __fluentd_pid_file }}"

Note that although the role provides fluentd_log_dir and fluentd_log_file, you need to configure fluentd to log to fluentd_log_file. The role does NOT configures fluentd to log to the file. See Example Playbook for how.

fluentd_plugins_to_create

This variable is list of dict. The dict is described below. The role creates plug-ins listed in this variable under fluentd_plugin_dir.

KeyDescriptionMandatory?
namefile name of the plug-inyes
contentcontent of the plug-in, must be valid ruby codeyes
statestate of the plug-in, either present or absentyes

fluentd_configs

Key is the name of the config fragment file. the key has a hash described below. The role creates a configuration fragment of config under fluentd_config_fragment_dir.

keyvalue
enabledbool, create the config if true, remove if false
configthe configuration

Debian

VariableDefault
__fluentd_usertd-agent
__fluentd_grouptd-agent
__fluentd_package_nametd-agent
__fluentd_service_nametd-agent
__fluentd_config_dir/etc/td-agent
__fluentd_config_file{{ fluentd_config_dir }}/td-agent.conf
__fluentd_bin/usr/sbin/td-agent
__fluentd_gem_bin/usr/sbin/td-agent-gem
__fluentd_unix_pipe_dir/var/tmp/fluentd
__fluentd_flags""
__fluentd_pid_dir/var/run/td-agent
__fluentd_pid_file{{ fluentd_pid_dir }}/td-agent.pid

FreeBSD

VariableDefault
__fluentd_userfluentd
__fluentd_groupfluentd
__fluentd_package_namerubygem-fluentd
__fluentd_service_namefluentd
__fluentd_config_dir/usr/local/etc/fluentd
__fluentd_config_file{{ fluentd_config_dir }}/fluent.conf
__fluentd_bin/usr/local/bin/fluentd
__fluentd_gem_bin/usr/local/bin/fluent-gem
__fluentd_unix_pipe_dir/var/tmp/fluentd
__fluentd_flags""
__fluentd_pid_dir/var/run/fluentd
__fluentd_pid_file{{ fluentd_pid_dir }}/fluentd.pid

OpenBSD

VariableDefault
__fluentd_user_fluentd
__fluentd_group_fluentd
__fluentd_package_namerubygem-fluentd
__fluentd_service_namefluentd
__fluentd_config_dir/etc/fluentd
__fluentd_config_file{{ fluentd_config_dir }}/fluent.conf
__fluentd_bin/usr/local/bin/fluentd23
__fluentd_gem_bin/usr/local/bin/fluent-gem
__fluentd_unix_pipe_dir/var/tmp/fluentd
__fluentd_flags""
__fluentd_pid_dir/var/run/fluentd
__fluentd_pid_file{{ fluentd_pid_dir }}/fluentd.pid

RedHat

VariableDefault
__fluentd_usertd-agent
__fluentd_grouptd-agent
__fluentd_package_nametd-agent
__fluentd_service_nametd-agent
__fluentd_config_dir/etc/td-agent
__fluentd_config_file{{ fluentd_config_dir }}/td-agent.conf
__fluentd_bin/usr/sbin/td-agent
__fluentd_gem_bin/usr/sbin/td-agent-gem
__fluentd_unix_pipe_dir/var/tmp/fluentd
__fluentd_flags""
__fluentd_pid_dir/var/run/td-agent
__fluentd_pid_file{{ fluentd_pid_dir }}/td-agent.pid

Dependencies

Example Playbook

- hosts: localhost
  roles:
    - ansible-role-fluentd
  vars:
    fluentd_extra_groups: tty,bin
    fluentd_flags: "{% if ansible_os_family == 'FreeBSD' %}-p {{ fluentd_plugin_dir }}{% elif ansible_os_family == 'Debian' %}-p {{ fluentd_plugin_dir }}{% elif ansible_os_family == 'RedHat' %}{% elif ansible_os_family == 'OpenBSD' %}--daemon /var/run/fluentd/fluentd.pid --config /etc/fluentd/fluent.conf -p /etc/fluentd/plugin{% endif %} --log {{ fluentd_log_file }}"
    fluentd_system_config: |
      log_level debug
      suppress_config_dump
    fluentd_plugins_to_install:
      - fluent-plugin-redis
      - fluent-plugin-secure-forward
    fluentd_plugins_to_create:
      - name: example.rb
        content: "{{ lookup('file', 'files/example.rb') }}"
        state: present
    fluentd_ca_cert: |
      -----BEGIN CERTIFICATE-----
      MIIDIDCCAggCAQEwDQYJKoZIhvcNAQEFBQAwTTELMAkGA1UEBhMCVVMxCzAJBgNV
      BAgMAkNBMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRkwFwYDVQQDDBBTZWN1cmVG
      b3J3YXJkIENBMB4XDTcwMDEwMTAwMDAwMFoXDTIxMDQxNTE3MDE1OVowTTELMAkG
      A1UEBhMCVVMxCzAJBgNVBAgMAkNBMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRkw
      FwYDVQQDDBBTZWN1cmVGb3J3YXJkIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
      MIIBCgKCAQEAsubDxMCBata8T8++x85nlsEyXT+fEXseZAln+RffZJqqdsJtbLmc
      /a7u40IefQBShm3itba0dMTsPnG8rrvLtkz+3TSuN6wBTR+iM5/vBlu9Z8b983c9
      HZ/RkDzhlucqzDSIstYbpLDefiw78ME2kpzIbDpmsudzYQCK1XHr7eIVog9pSjJS
      UEvj967lFX1T+ajpib/cqOSjjmjCbA91Pdo+il8iTHSo+SFgG3mIVDNnztD9nBUi
      96sWblnEDlzSH8MV9AOwM/FxI2HQ+giNQnc2NXt7q5wHBNG7fQ19+IiQ7tHjyvke
      eQ3POmo00+NSVcKObX29e6PCqiD14OrnLQIDAQABoxAwDjAMBgNVHRMEBTADAQH/
      MA0GCSqGSIb3DQEBBQUAA4IBAQB6t43EHkd2d8P25h1QNE1136VwC+OHg5ThPmXU
      wexuLY35iyWDs8AdZm2wu+9L0TAd3pqqY6qJW5JblTTGFZ3372oe2043EpcGVxxF
      /ov7VtlcD/Govu8IDkKhzojDrcKEoZCaI2zLaJpDZx5O/Zki0+fAOSNA+9HuLxUv
      mzCgQMazeUYkvvqxnm64Skw07xQ/g8JvjmFxfOz1LqMjY/M5TOXHUTZJFwpZVwHD
      8yt/MboSjEItdGb9qQlDfajYNYbodbbhurDXmwXRJU10uUK3RekKWOGKKoRhEOJ1
      SCi2iwz7n1N+bqXB8nLDOOr/zL1a4zev/KpMRhQNYMFswzUe
      -----END CERTIFICATE-----
    fluentd_ca_private_key_passphrase: password
    fluentd_ca_key: |
      -----BEGIN RSA PRIVATE KEY-----
      Proc-Type: 4,ENCRYPTED
      DEK-Info: AES-256-CBC,CB41DBD602640F0131B108162FBDA4C1

      eUVHk/0/haiey+uTvUVjLMG1uKqXEKzqbhuna3k+dPuOTOYPPrAArNfVgXS3K+rV
      kjsJUGLxwseC2Q9krbOx0tHoY25elMMGW/G46tds5CRJ5quoQIFXfuD8TBBSDEAI
      QFlU8PgUx+6KhEy63xjM1c9Y8CsgJqwpxWO6p6lAvJfVvuzUGBdEc7WvkDzmpGZk
      aNggxKJnd1qy/YNe1gbYpXPrn7y001s3CJtKs3goMJ6baMWfaUBDx6EBx7lJgL/r
      MqCWT+3q2McK3HcqEwK2O4oimlJy2pGj/SDESCPRGmKcYz6MLCZMoEjRDRWgZln8
      L9maXurGCIKsiBz61vNFGZtmu/dPJaJISPF3s4RTh7mst4SgWeNWK88dn6XAygkd
      yHOSM0l5y4YEqxiyPof7uAZBd276yMFp0mO8Hf61rtrTmUz/3nE4rsTTmGI60FIk
      PbzxZbWkZRcWNnDJE9ijuoqQ4W1ZGx5YkhNb5Al/Bap2rZ8ksEtpJswkGTm/j16i
      oSDpgu2ArSnxllbd7PWug/suCoullXlOJuOg3U5zrVASdAcUTK5872ObE40LzVPI
      4PRDYmYjvAIml2MjsXM1qlaN/qr8vnoRb+wZB0c3Jqj+eIVSPkypBcRxeeSp8akT
      Sdt7JmROdSgH7Sv9zdgJreMDofkQns6RN3TpEWnnDhZrE1vWQxF2DhNxeGThouqr
      QCdSv2DDPM6PgJEjFSXAYOKdeO+s22kzUv87fI+ubuU8gesSL7uAELSVHaXe/zKw
      9dGWVVIYfZ7F61aBXYqz598N2EqUv2rviQTWeVJ6Xggr/O7s6N7U6rn+1ptFcUTl
      BrPOdQws3Syc2NE2qov1A1QQ2uQQcy0l7bEEOuc1jxLKUMl5+ZWl94iZ5tg+3zG8
      QMf74rel6ELi1zVGcmwAROgt0AlOzQ7X8iiOjM1E9ZkplnQWaXbXRcZKlkYtnVHg
      Vk/bs2Fs2+qHpNR0m4nNzeWxcm5z/wN2xgJFRPyiOJDSMYfwnNPM3TEOg72RUtBi
      PT8Is8vRb7pb6JjT20OScxymNgOFYRAkcKQn2vVrrA7CWJpA7xeNbcoLM99bSOl7
      upgzyIb5jK8NzUwCv1kjCkESO3tGkfHPLbfXFzj966PEsR4Cyr5Mh8MiPk8p9VQV
      of27ZcwGCwiR7spMTKAQWEComDegZoN2pYELJL78Cb36p4mfu6pi9Ka6XeBoO7Hp
      zPFY9HPVjHHUAYZcFvLlMoaZz+VzjeATxAiSmD/iuWu9aJ77653cCzcicUOVM2T2
      nu1mMNm2EcPLXgZ4MqDLcwmYDV+GKdR2ilVdlbjKquf8rqzGkxXco2rDBOuVGMfk
      Cyc8QO5+Ym+0PPJOTWA6x9cTdCwSg2XfZoy7pRhiENTC7I78KZMa/NT+3Jpnksve
      pBA23tg7gTCi9f1tS+QjMJfz6pavK+0XcHS+4FEqg4B5l4f5pT9FGp3miI5z5uzv
      0gpi2SA4Q15HQAHGmzLtLCbuaVmivXqswvwktYbJ15Fhw8hcDhIg6pJZa2vO93gG
      ZGq87OydiIkk0pZxdabkpGxpbkKiIwK2+zFWDu3x604pR4b+rAMgrpEseD6TjLgr
      -----END RSA PRIVATE KEY-----
    fluentd_configs:
      example_input:
        enabled: true
        config: |
          <soruce>
            @type example
          </soruce>
      listen_on_5140:
        enabled: true
        config: |
          <source>
            @type syslog
            port 5140
            bind 127.0.0.1
            tag syslog
            format /^(?<time>[^ ]*\s*[^ ]* [^ ]*) (?<ident>[a-zA-Z0-9_\/\.\-]*)(?:\[(?<pid>[0-9]+)\])?(?:[^\:]*\:)? *(?<message>.*)$/
            time_format %b %d %H:%M:%S
          </source>
          <match syslog.**>

            @type null
          </match>

License

Copyright (c) 2016 Tomoyuki Sakurai <tomoyukis@reallyenglish.com>

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Author Information

Tomoyuki Sakurai tomoyukis@reallyenglish.com