Skip to content

Commit

Permalink
fix: remove goss from healthcheck (#2600)
Browse files Browse the repository at this point in the history
Signed-off-by: Ilya Kheifets <[email protected]>
  • Loading branch information
ikheifets-splunk authored Oct 1, 2024
1 parent c9b2033 commit 7202a6f
Show file tree
Hide file tree
Showing 18 changed files with 19 additions and 78 deletions.
4 changes: 2 additions & 2 deletions ansible/resources/podman_sc4s.service
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,8 @@ ExecStart=/usr/bin/podman run \
-v "$SC4S_ARCHIVE_MOUNT" \
-v "$SC4S_TLS_MOUNT" \
--env-file=/opt/sc4s/env_file \
--health-cmd="/healthcheck.sh" \
--health-interval=10s --health-retries=6 --health-timeout=6s \
--health-cmd="/usr/sbin/syslog-ng-ctl healthcheck --timeout 5" \
--health-interval=2m --health-retries=6 --health-timeout=5s \
--network host \
--name SC4S \
--rm $SC4S_IMAGE
Expand Down
13 changes: 4 additions & 9 deletions charts/splunk-connect-for-syslog/templates/statefulset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -134,9 +134,6 @@ spec:
- name: ietf-dflt-tls
containerPort: 5425
protocol: TCP
- name: health
containerPort: 8080
protocol: TCP
{{- if .Values.sc4s }}
{{- if .Values.sc4s.vendor_product }}
{{- range $vp := .Values.sc4s.vendor_product }}
Expand Down Expand Up @@ -216,16 +213,14 @@ spec:
readOnly: true
{{- end }}
livenessProbe:
httpGet:
path: /healthz
port: 8080
exec:
command: ["syslog-ng-ctl", "healthcheck", "--timeout", "5"]
initialDelaySeconds: 10
periodSeconds: 3
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /healthz
port: 8080
exec:
command: ["syslog-ng-ctl", "healthcheck", "--timeout", "5"]
initialDelaySeconds: 10
failureThreshold: 60
periodSeconds: 10
Expand Down
4 changes: 2 additions & 2 deletions docs/configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -334,8 +334,8 @@ ExecStart=/usr/bin/podman run \
-v "$SC4S_TLS_MOUNT" \
--privileged \
--env-file=/opt/sc4s/env_file \
--health-cmd="/healthcheck.sh" \
--health-interval=10s --health-retries=6 --health-timeout=6s \
--health-cmd="/usr/sbin/syslog-ng-ctl healthcheck --timeout 5" \
--health-interval=2m --health-retries=6 --health-timeout=5s \
--network host \
--name SC4S \
--rm $SC4S_IMAGE
Expand Down
1 change: 0 additions & 1 deletion docs/gettingstarted/ansible-docker-podman.md
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,6 @@ SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sour
SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sourcetype=sc4s:events...
syslog-ng checking config
sc4s version=v1.36.0
starting goss
starting syslog-ng
```

Expand Down
1 change: 0 additions & 1 deletion docs/gettingstarted/ansible-docker-swarm.md
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,6 @@ SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sour
SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sourcetype=sc4s:events...
syslog-ng checking config
sc4s version=v1.36.0
starting goss
starting syslog-ng
```

Expand Down
1 change: 0 additions & 1 deletion docs/gettingstarted/ansible-mk8s.md
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,5 @@ SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sour
SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sourcetype=sc4s:events...
syslog-ng checking config
sc4s version=v1.36.0
starting goss
starting syslog-ng
```
25 changes: 5 additions & 20 deletions docs/gettingstarted/byoe-rhel8.md
Original file line number Diff line number Diff line change
Expand Up @@ -64,28 +64,13 @@ sudo wget -c https://github.com/splunk/splunk-connect-for-syslog/releases/downlo
sudo pip3 install -r /etc/syslog-ng/requirements.txt
```

6. Optionally, to use monitoring, install `goss` and confirm that the version is v0.3.16 or later. `goss` installs in
`/usr/local/bin` by default, so do one of the following:

* Make sure that `entrypoint.sh` is modified to include `/usr/local/bin` in the full path.
* Move the `goss` binary to `/bin` or `/usr/bin`.

```
curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss
chmod +rx /usr/local/bin/goss
curl -L https://github.com/aelsabbahy/goss/releases/latest/download/dgoss -o /usr/local/bin/dgoss
# Alternatively, using the latest
# curl -L https://raw.githubusercontent.com/aelsabbahy/goss/latest/extras/dgoss/dgoss -o /usr/local/bin/dgoss
chmod +rx /usr/local/bin/dgoss
```

7. You can run SC4S using systemd in one of two ways, depending on administrator preference and
6. You can run SC4S using systemd in one of two ways, depending on administrator preference and
orchestration methodology. These are not the only ways to run in a custom environment:

* Run the `entrypoint.sh` script (identical to that used in the container) directly using systemd.
* Alter the script to preconfigure SC4S, after which only the syslog-ng are run using systemd.

8. To run the `entrypoint.sh` script directly in systemd, create the SC4S unit file ``/lib/systemd/system/sc4s.service`` and add the following:
7. To run the `entrypoint.sh` script directly in systemd, create the SC4S unit file ``/lib/systemd/system/sc4s.service`` and add the following:

```ini
[Unit]
Expand All @@ -107,7 +92,7 @@ Restart=on-abnormal
WantedBy=multi-user.target
```

9. To run `entrypoint.sh` as a preconfigured script, modify the script by commenting out or removing the stanzas following the
8. To run `entrypoint.sh` as a preconfigured script, modify the script by commenting out or removing the stanzas following the
`OPTIONAL for BYOE` comments in the script. This prevents syslog-ng from being launched by the script. Then create the SC4S unit file ``/lib/systemd/system/syslog-ng.service`` and add the following content:

```ini
Expand All @@ -130,7 +115,7 @@ Restart=on-failure
WantedBy=multi-user.target
```

10. Create the file ``/etc/syslog-ng/env_file`` and add the following environment variables. Adjust the URL/TOKEN as needed.
9. Create the file ``/etc/syslog-ng/env_file`` and add the following environment variables. Adjust the URL/TOKEN as needed.

```dotenv
# The following "path" variables can differ from the container defaults specified in the entrypoint.sh script.
Expand All @@ -150,7 +135,7 @@ SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=a778f63a-5dff-4e3c-a72c-a03183659e94
# SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no
```

11. Reload systemctl and restart syslog-ng (example here is shown for systemd option (1) above)
10. Reload systemctl and restart syslog-ng (example here is shown for systemd option (1) above)

```bash
sudo systemctl daemon-reload
Expand Down
1 change: 0 additions & 1 deletion docs/gettingstarted/docker-compose-MacOS.md
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,6 @@ You should see events similar to those below in the output:
```ini
syslog-ng checking config
sc4s version=v1.36.0
starting goss
starting syslog-ng
```

Expand Down
1 change: 0 additions & 1 deletion docs/gettingstarted/docker-compose.md
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,6 @@ You should see events similar to those below in the output:
```ini
syslog-ng checking config
sc4s version=v1.36.0
starting goss
starting syslog-ng
```

Expand Down
1 change: 0 additions & 1 deletion docs/gettingstarted/docker-systemd-general.md
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,6 @@ You should see events similar to those below in the output:
```ini
syslog-ng checking config
sc4s version=v1.36.0
starting goss
starting syslog-ng
```

Expand Down
5 changes: 2 additions & 3 deletions docs/gettingstarted/podman-systemd-general.md
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,6 @@ You should see events similar to those below in the output:
```ini
syslog-ng checking config
sc4s version=v1.36.0
starting goss
starting syslog-ng
```

Expand Down Expand Up @@ -178,8 +177,8 @@ ExecStart=/usr/bin/podman run -p 2514:514 -p 2514:514/udp -p 6514:6514 \
-v "$SC4S_ARCHIVE_MOUNT" \
-v "$SC4S_TLS_MOUNT" \
--env-file=/home/sc4s/env_file \
--health-cmd="/healthcheck.sh" \
--health-interval=10s --health-retries=6 --health-timeout=6s \
--health-cmd="/usr/sbin/syslog-ng-ctl healthcheck --timeout 5" \
--health-interval=2m --health-retries=6 --health-timeout=5s \
--network host \
--name SC4S \
--rm $SC4S_IMAGE
Expand Down
4 changes: 2 additions & 2 deletions docs/resources/podman/sc4s.service
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,8 @@ ExecStart=/usr/bin/podman run \
-v "$SC4S_ARCHIVE_MOUNT" \
-v "$SC4S_TLS_MOUNT" \
--env-file=/opt/sc4s/env_file \
--health-cmd="/healthcheck.sh" \
--health-interval=10s --health-retries=6 --health-timeout=6s \
--health-cmd="/usr/sbin/syslog-ng-ctl healthcheck --timeout 5" \
--health-interval=2m --health-retries=6 --health-timeout=5s \
--network host \
--name SC4S \
--rm $SC4S_IMAGE
Expand Down
1 change: 0 additions & 1 deletion docs/v3_upgrade.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@ SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sour
SC4S_ENV_CHECK_HEC: Splunk HEC connection test successful to index=main for sourcetype=sc4s:events...
syslog-ng checking config
sc4s version=3.0.0
starting goss
starting syslog-ng
```

Expand Down
6 changes: 1 addition & 5 deletions package/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@ RUN apk add -U --upgrade --no-cache \
cargo \
ca-certificates \
poetry \
&& curl -fsSL https://goss.rocks/install | GOSS_VER=v0.4.8 sh \
&& groupadd --gid 1024 syslog \
&& useradd -M -g 1024 -u 1024 syslog \
&& usermod -L syslog \
Expand All @@ -56,9 +55,7 @@ EXPOSE 6514/tcp
#/dev/log a low priv user cannot read this and the container will fail in SC4S
#and other uses the low user may be selected

HEALTHCHECK --interval=10s --retries=6 --timeout=6s CMD /healthcheck.sh

COPY package/etc/goss.yaml /etc/syslog-ng/goss.yaml
HEALTHCHECK --interval=2m --timeout=5s --start-period=30s CMD /usr/sbin/syslog-ng-ctl healthcheck --timeout 5

COPY pyproject.toml /
COPY poetry.lock /
Expand All @@ -75,7 +72,6 @@ COPY package/etc/test_parsers /etc/syslog-ng/test_parsers
COPY package/etc/local_config /etc/syslog-ng/local_config
COPY package/etc/local_config /etc/syslog-ng/local_config
COPY package/sbin/entrypoint.sh /
COPY package/sbin/healthcheck.sh /
COPY package/sbin/source_ports_validator.py /

ENV SC4S_CONTAINER_OPTS=--no-caps
Expand Down
6 changes: 1 addition & 5 deletions package/Dockerfile.lite
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@ RUN apk add -U --upgrade --no-cache \
cargo \
ca-certificates \
poetry \
&& curl -fsSL https://goss.rocks/install | GOSS_VER=v0.4.8 sh \
&& groupadd --gid 1024 syslog \
&& useradd -M -g 1024 -u 1024 syslog \
&& usermod -L syslog \
Expand All @@ -56,9 +55,7 @@ EXPOSE 6514/tcp
#/dev/log a low priv user cannot read this and the container will fail in SC4S
#and other uses the low user may be selected

HEALTHCHECK --interval=10s --retries=6 --timeout=6s CMD /healthcheck.sh

COPY package/etc/goss.yaml /etc/syslog-ng/goss.yaml
HEALTHCHECK --interval=2m --timeout=5s --start-period=30s CMD /usr/sbin/syslog-ng-ctl healthcheck --timeout 5

COPY pyproject.toml /
COPY poetry.lock /
Expand Down Expand Up @@ -97,7 +94,6 @@ COPY package/lite/etc/config.yaml /etc/syslog-ng/config.yaml
COPY package/lite/etc/addons /etc/syslog-ng/addons

COPY package/sbin/entrypoint.sh /
COPY package/sbin/healthcheck.sh /
COPY package/sbin/source_ports_validator.py /


Expand Down
12 changes: 0 additions & 12 deletions package/etc/goss.yaml

This file was deleted.

7 changes: 0 additions & 7 deletions package/sbin/entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -224,13 +224,6 @@ echo sc4s version=$(cat $SC4S_ETC/VERSION)
echo sc4s version=$(cat $SC4S_ETC/VERSION) >>$SC4S_VAR/log/syslog-ng.out
$SC4S_SBIN/syslog-ng --no-caps $SC4S_CONTAINER_OPTS -s >>$SC4S_VAR/log/syslog-ng.out 2>$SC4S_VAR/log/syslog-ng.err

# Use goss to pick up default listening ports for health check
if command -v goss &> /dev/null
then
echo starting goss
goss -g $SC4S_ETC/goss.yaml serve -l 0.0.0.0:$SC4S_LISTEN_STATUS_PORT --format json >/dev/null 2>/dev/null &
fi

# OPTIONAL for BYOE: Comment out/remove all remaining lines and launch syslog-ng directly from systemd
if [ "${SC4S_DEBUG_CONTAINER}" == "yes" ]
then
Expand Down
4 changes: 0 additions & 4 deletions package/sbin/healthcheck.sh

This file was deleted.

0 comments on commit 7202a6f

Please sign in to comment.