Merge commit 'a70776ebf5914071bac202f94292b9c46db0e411' as 'nicsdru-logging'

neilblair · neilblair · commit 46474d152c48 · 2022-12-09T12:20:14.000Z
diff --git a/nicsdru-logging/LICENSE b/nicsdru-logging/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Digital Shared Services
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/nicsdru-logging/README.md b/nicsdru-logging/README.md
@@ -0,0 +1,263 @@
+# Send Platform.sh logs to Logz.io
+
+Platform.sh log files are stored on disk (in /var/log) and trimmed
+to 100 MB automatically. For busy environments this means that logs
+may only contain entries for the last 24 hours or even less
+depending on the volume of log entries an environment is generating.
+By shipping logs to a centralised logging service like Logz.io, it 
+makes it possible to retain logs for a longer period as well as 
+having nice tools to search through the logs.
+
+Platform.sh grid hosted environments currently do not support 
+installation of logging services or daemons. For example, syslog nor 
+rsyslog are available. To get around this, we can use cron to run a 
+script which periodically uploads batches of log entries using cURL.
+
+This solution is loosely based on
+[this solution for uploading logs to Amazon S3 storage](https://gitlab.com/contextualcode/platformsh-store-logs-at-s3/).
+
+The solution only ever uploads the newest
+log entries rather than uploading an entire log file. This is
+necessary because log management solutions set a maximum limit on
+the size of files that can be uploaded in a single request.
+
+## 1. Add nicsdru-logging repo to the project root using `git subtree`
+
+[git subtree](https://www.atlassian.com/git/tutorials/git-subtree) lets you nest one repository inside another as a 
+sub-directory.
+
+In your local copy of a platform hosted Drupal project, 
+run the following command in the project root (which should contain 
+the `.platform/` directory and the `.platform.app.yaml` file):
+
+```shell
+git subtree add --prefix nicsdru-logging git@github.com:dof-dss/nicsdru-logging.git main --squash
+```
+
+This will generate a couple of new commits into your project repo. 
+
+### Updating the repo
+
+If you want to later update to the latest version of the nicsdru-logging 
+repo, run the following command in the project root:
+
+```shell
+git subtree pull --prefix nicsdru-logging git@github.com:dof-dss/nicsdru-logging.git main --squash
+```
+
+## 2. Copy example.cronjob.sh to cronjob.sh
+
+Copy `nicsdru-logging/scripts/example.cronjob.sh` into the project root renaming to `cronjob.sh`.
+
+```shell
+cp nicsdru-logging/scripts/example.cronjob.sh cronjob.sh
+```
+
+The directory structure for a typical dof-dss D9 project should
+end up looking something like this:
+
+```
+├── .circleci/
+├── .platform/
+│   ├── solr_config
+│   ├── routes.yaml
+│   └── services.yaml
+├── config/
+├── drush/
+├── nicsdru-logging/
+│   └── scripts/
+│   │   ├── example.cronjob.sh
+│   │   └── shiplog.sh
+│   └── README.md
+├── private/
+├── vendor/
+├── web/
+├── .platform.app.yaml
+├── composer.json
+├── composer.lock
+├── cronjob.sh
+├── LICENSE
+├── phpcs.sh
+└── README.md
+```
+
+
+## 3. Make the new `cronjob.sh` file executable
+
+```shell
+chmod +x cronjob.sh
+```
+
+## 4. Edit `cronjob.sh` to configure log files to be shipped
+
+`cronjob.sh` contains calls to `shiplog.sh` to ship specifc logs in the following format: 
+
+```shell
+/bin/bash /app/nicsdru-logging/scripts/shiplog.sh "LOG_NAME" "LOG_PATH" "LOG_DATE_PATTERN" "LOG_TYPE"
+```
+
+Where:
+
+- `LOG_NAME` is unique name of a log (e.g "access"). NO SPACES!
+- `LOG_PATH` is the full path to source log file to be shipped (e.g. "/var/log/access.log")
+- `LOG_DATE_PATTERN` is a date formatted to match datetime stamps in individual log entries 
+(e.g. "$(date +%d/%b/%Y:)")
+- `LOG_TYPE` identifies [the type of log file to Logz.io](https://docs.logz.io/user-guide/log-shipping/built-in-log-types.html) (e.g. "nginx_access"). NO SPACES!
+
+For example, the following line ships the /var/log/access.log generated by nginx.
+
+```shell
+/bin/bash /app/nicsdru-logging/scripts/shiplog.sh "access" "/var/log/access.log" "$(date +%d/%b/%Y:)" "nginx_access"
+```
+
+*For D9 sites*, with the [filelog contrib module](https://www.drupal.org/project/filelog) 
+installed, ensure the module is configured to write to logs to `/app/log` and then
+uncomment or add the following line to `cronjob.sh`:
+
+```shell
+/bin/bash /app/nicsdru-logging/scripts/shiplog.sh "drupal" "/app/log/drupal.log" "$(date +'%a, %d/%m/%Y -')" "drupal"
+```
+
+(Note the LOG_TYPE specified is "drupal" which is a custom log type we have asked 
+Logz.io to configure for us.)
+
+*For D9 multisite projects* using the [filelog contrib module](https://www.drupal.org/project/filelog),
+ensure the module is configured on each site to write to logs to a sub-directory of
+`/app/log` - for example `/app/log/sitename` and then add a line like the 
+following to ship the drupal.log for that specific site:
+
+```shell
+/bin/bash /app/nicsdru-logging/scripts/shiplog.sh "drupal-sitename" "/app/log/sitename/drupal.log" "$(date +'%a, %d/%m/%Y -')" "drupal"
+```
+
+## 5. Create a writable mount in .platform.app.yaml for storing logs
+
+The normal log directory `/var/log` is not writeable.  So we create
+a writeable mount in `.platform.app.yaml` for the shiplog script to write logs to:
+
+```yaml
+mounts:
+  '/log':
+    source: local
+    source_path: 'log'
+```
+
+## 6. Add cron job in .platform.app.yaml
+
+```yaml
+crons:
+  # Log shipping cron.
+  logging:
+    spec: '*/5 * * * *'
+    commands:
+      start: '/bin/bash /app/cronjob.sh'
+    shutdown_timeout: 290
+```
+
+## 7. Create LOGZ_TOKEN and LOGZ_URL environment variables
+
+Obtain an account token from Logz.io. Then create a project
+environment variable LOGZ_TOKEN to store the token securely.
+
+```shell
+platform variable:create -l environment -e [ENVIRONMENT_NAME] --prefix env: --name LOGZ_TOKEN --value '[LOGZ_IO_TOKEN]' --visible-runtime true --inheritable false --sensitive true
+```
+
+**Optionally**, set the "listener URL" for sending logs to 
+Logz.io.  By default the URL is `https://listener-uk.logz.io:8022`
+You can override this by setting the project environment variable 
+LOGZ_URL. The URL should begin with "https://" with no end
+forward slash.
+
+```shell
+platform variable:create -l environment -e [ENVIRONMENT_NAME] --prefix env: --name LOGZ_URL --value 'https://listener-uk.logz.io:8022' --visible-runtime true --inheritable true --sensitive false
+```
+
+## 8. Deploy to Platform.sh and verify logs are being shipped
+
+Cron will run cronjob.sh to ship latest log entries to Logz.io.
+You should start to see log entries arrive in Logz.io's Kibana
+interface. If you don't, there are a number of things to check.
+
+### Check cron is running
+
+Run this platform CLI command
+```shell
+$ platform activity:list
+```
+And gives output like this ...
+
+```shell
+Activities on the project NIDirect-D8 (wcjm3mu7bacfm), environment logz (type: development):
++---------------+---------------------------+----------------------------------+----------+----------+---------+
+| ID            | Created                   | Description                      | Progress | State    | Result  |
++---------------+---------------------------+----------------------------------+----------+----------+---------+
+| cc3s4jkfkb5ke | 2022-05-11T16:01:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| yado3ie3w4rqu | 2022-05-11T15:56:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| tuckl2vxeecss | 2022-05-11T15:51:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| z7jx33erazc3a | 2022-05-11T15:46:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| iq43xajukyn5e | 2022-05-11T15:41:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| q64gu6qqiw6s4 | 2022-05-11T15:36:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| dc2hifwrzgm6y | 2022-05-11T15:31:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| 3l737f5rmp6m4 | 2022-05-11T15:26:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| kuydxo23aeczy | 2022-05-11T15:21:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
+| 6jnwgge2ufivk | 2022-05-11T15:16:27+00:00 | Platform.sh Bot ran cron logging | 100%     | complete | success |
++---------------+---------------------------+----------------------------------+----------+----------+---------+
+```
+
+### SSH onto the environment and check logs are being generated in the `/app/log` mount
+
+The logging scripts create and rotate their own log files in the `/app/log`
+mounted directory.
+
+If the project is a D9 project with the filelog module enabled and you 
+have configured `cronjob.sh` to ship the access and drupal logs (as described above), 
+then you should see something like the following in `/app/log`:
+
+```shell
+web@nidirect.0:~$ cd /app/log
+web@nidirect.0:~/log$ ls -al
+total 88
+drwxr-xr-x  2 web web  4096 May 11 16:26 .
+drwxr-xr-x 18 web web   514 May 11 12:21 ..
+-r--r--r--  1 web web   686 Apr 13 16:41 .htaccess
+-rw-r--r--  1 web web 15743 May 11 12:31 2022-05-11-access.log
+-rw-r--r--  1 web web  8038 May 11 12:31 2022-05-11-drupal.log
+-rw-rw-r--  1 web web 51256 May 11 12:29 drupal.log
+web@nidirect.0:~/log$ 
+```
+
+The logs prefixed with a YYYY-MM-DD format date are created by `shiplog.sh` 
+and rotated daily.  The drupal.log is created by the filelog module which 
+can also be rotated daily (depending on module settings).
+
+### If all else fails, run `cronjob.sh` from the command-line and check the output
+
+```shell
+/bin/bash /app/cronjob.sh
+```
+
+Healthy output looks like this ...
+
+```shell
+web@nidirect.0:~$ /bin/bash /app/cronjob.sh
+Shipping log ...
+Shipping today's newest log entries from /var/log/access.log ...
+Creating 2022-05-11-access.log ...
+2022-05-11-access.log already exists
+Deleting 2022-05-10-access.log ...
+2022-05-10-access.log does not exist
+Retrieving latest log entries from /var/log/access.log and writing to 2022-05-11-access.log
+Shipping latest log entries from 2022-05-11-access.log to Logz.io using cURL
+Log shipping succeeded with: 200
+Shipping log ...
+Shipping today's newest log entries from /app/log/drupal.log ...
+Creating 2022-05-11-drupal.log ...
+2022-05-11-drupal.log already exists
+Deleting 2022-05-10-drupal.log ...
+2022-05-10-drupal.log does not exist
+Retrieving latest log entries from /app/log/drupal.log and writing to 2022-05-11-drupal.log
+Shipping latest log entries from 2022-05-11-drupal.log to Logz.io using cURL
+Log shipping succeeded with: 200
+```
+
diff --git a/nicsdru-logging/scripts/example.cronjob.sh b/nicsdru-logging/scripts/example.cronjob.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+#
+# nicsdru-logging/scripts/example.cronjob.sh
+#
+# Calls shiplog.sh to ship latest log entries from various logs
+# to logz.io.
+
+# /bin/bash /app/nicsdru-logging/scripts/shiplog.sh "[LOG_NAME]" "[LOG_PATH]" "[LOG_DATE_PATTERN]" "[LOG_TYPE]"
+
+# Ship /var/log/access.log generated by nginx.
+/bin/bash /app/nicsdru-logging/scripts/shiplog.sh "access" "/var/log/access.log" "$(date +%d/%b/%Y:)" "nginx_access"
+
+# Uncomment following line to ship drupal.log generated by D9 filelog module.
+# /bin/bash /app/nicsdru-logging/scripts/shiplog.sh "drupal" "/app/log/drupal.log" "$(date +'%a, %d/%m/%Y -')" "drupal"
diff --git a/nicsdru-logging/scripts/shiplog.sh b/nicsdru-logging/scripts/shiplog.sh
@@ -0,0 +1,96 @@
+#!/usr/bin/env bash
+#
+# logging/scripts/shiplog.sh
+#
+# Ship today's log entries from a specified log to logz.io
+# Usage: /bin/bash /app/logging/scripts/shiplog.sh [LOG_NAME] [LOG_PATH] [LOG_DATE_PATTERN] [LOG_TYPE]
+#    eg: /bin/bash /app/logging/scripts/shiplog.sh "access" "/var/log/access.log" "$(date +%d/%b/%Y:)" "nginx_access"'
+
+echo "Shipping log ..."
+
+# LOGZ_TOKEN environment variable is required for this script to run.
+if [ -z "$LOGZ_TOKEN" ]; then
+    echo "LOGZ_TOKEN is not set - exiting"
+    exit 1
+fi
+
+# Set LOGZ_URL if environment variable is not set.
+if [ -z "$LOGZ_URL" ]; then
+    LOGZ_URL="https://listener-uk.logz.io:8022"
+fi
+
+# Mount for logs must exist or exit script.
+cd /app/log || exit
+
+LOG_NAME=$1
+LOG_PATH=$2
+LOG_DATE_PATTERN=$3
+LOG_TYPE=$4
+
+# Script will be creating logs for today and removing yesterday's logs
+TODAY_DATE=$(date +%Y-%m-%d)
+YESTERDAY_DATE=$(date --date="yesterday" +%Y-%m-%d)
+
+# Check 4 arguments passed.
+if [ $# -ne 4 ]; then
+    echo "shiplog called with incorrect number of arguments. Expected 4, got $#."
+    echo 'Usage: ./shiplog.sh [LOG_NAME] [LOG_PATH] [LOG_DATE_PATTERN] [LOG_TYPE]'
+    echo '   eg: ./shiplog.sh "access" "/var/log/access.log" "$(date +%d/%b/%Y:)" "nginx_access"'
+    exit 1
+fi
+
+if [ -f "$LOG_PATH" ]; then
+
+    echo "Shipping today's newest log entries from $LOG_PATH ..."
+
+    # Create today's log file.
+    todays_log="${TODAY_DATE}-${LOG_NAME}.log"
+    echo "Creating ${todays_log} ..."
+    if [ ! -f ./"${todays_log}" ]; then
+        touch ./"${todays_log}"
+        echo "${todays_log} created"
+    else
+        echo "${todays_log} already exists"
+    fi
+
+    # Delete yesterdays log files.
+    yesterdays_log="${YESTERDAY_DATE}-${LOG_NAME}.log"
+
+    echo "Deleting ${yesterdays_log} ..."
+
+    if [ -f ./"${yesterdays_log}" ]; then
+        rm "${yesterdays_log}"
+        echo "${yesterdays_log} deleted"
+    else
+        echo "${yesterdays_log} does not exist"
+    fi
+
+    # Get latest log entries and ship to logz.io.
+    echo "Retrieving latest log entries from ${LOG_PATH} and writing to ${todays_log}"
+    cat "$LOG_PATH" | grep "$LOG_DATE_PATTERN" > ./"$LOG_NAME"-latest.log
+    diff --changed-group-format='%>' --unchanged-group-format='' "$todays_log" "$LOG_NAME-latest.log" > "$LOG_NAME-new.log"
+    cat "$LOG_NAME-new.log" >> "$todays_log"
+    echo "Shipping latest log entries from ${todays_log} to Logz.io using cURL"
+    http_response=$(curl -T "$LOG_NAME-new.log" -s -w "%{response_code}" $LOGZ_URL/file_upload/"${LOGZ_TOKEN}"/"${LOG_TYPE}")
+    exit_code=$?
+
+    # Clean up temporary log files.
+    rm "$LOG_NAME-latest.log" "$LOG_NAME-new.log"
+
+    if [ "$exit_code" != "0" ]; then
+        echo "The cURL command failed with: $exit_code"
+    elif [ "$http_response" != "200" ]; then
+        echo "Log shipping failed with: $http_response"
+    fi
+
+    if [ "$exit_code" != "0" ] || [ "$http_response" != "200" ]; then
+        exit 1
+    fi
+
+    echo "Log shipping succeeded with: $http_response"
+else
+    echo "${LOG_PATH} does not exist"
+    exit 1
+fi
+
+exit 0
