adding template for send-logs-to-s3

3c6cfd54 · John Jarvis · 91d72973 · 3c6cfd54
Commit 3c6cfd54 authored Feb 18, 2014 by John Jarvis
Hide whitespace changes
Inline Side-by-side

Showing with 98 additions and 0 deletions

playbooks/roles/aws/templates/send-logs-to-s3.j2
+98 -0

No files found.
--- a/playbooks/roles/aws/templates/send-logs-to-s3.j2
+++ b/playbooks/roles/aws/templates/send-logs-to-s3.j2
+{% set lb = '{' %}
+{% set rb = '}' %}
+#!/bin/bash
+#
+#  This script can be called from logrotate
+#  to sync logs to s3
+
+if (( $EUID != 0 )); then
+    echo "Please run as the root user"
+    exit 1
+fi
+
+S3_LOGFILE="/var/log/s3-log-sync.log"
+NOTIFY_EMAIL={{ AWS_S3_LOGS_NOTIFY_EMAIL }}
+FROM_EMAIL={{ AWS_S3_LOGS_FROM_EMAIL }}
+AWS_CMD="{{ aws_cmd }}"
+
+exec > >(tee $S3_LOGFILE) 
+exec 2>&1
+
+shopt -s extglob
+
+usage() {
+
+  cat<<EO
+ 
+  A wrapper of s3cmd sync that will sync files to
+  an s3 bucket, will send mail to {{ AWS_S3_LOGS_NOTIFY_EMAIL }} 
+  on failures.
+ 
+  Usage: $PROG
+            -v    add verbosity (set -x)
+            -n    echo what will be done
+            -h    this
+EO
+}
+
+while getopts "vhn" opt; do
+  case $opt in
+    v)
+      set -x
+      shift
+      ;;
+    h)
+      usage
+      exit 0
+      ;;
+    n)
+      noop="echo Would have run: "
+      shift
+  esac
+done
+
+# grab the first security group for the instance
+# which will be used as a directory name in the s3
+# bucket
+
+# If there are any errors from this point
+# send mail to $NOTIFY_EMAIL
+
+set -e
+
+sec_grp=unset
+instance_id=unset
+s3_path=unset
+
+onerror() {
+  if [[ -z $noop ]]; then
+    message_file=/var/tmp/message-$$.json
+    message_string="Error syncing $s3_path: inst_id=$instance_id ip=$ip region=$region"
+    if [[ -r /var/tmp/$S3_LOGFILE ]]; then
+      python -c "import json; d={'Subject':{'Data':'$message_string'},'Body':{'Text':{'Data':open('$S3_LOGFILE').read()}}};print json.dumps(d)" > $message_file
+    else
+      cat << EOF > $message_file
+      {"Subject": { "Data": "$message_string" }, "Body": { "Text": { "Data": "!! ERROR !! no logfile" } } }
+EOF
+    fi
+    echo "ERROR: syncing $s3_path on $instance_id"
+    $AWS_CMD ses send-email --from $FROM_EMAIL --to $NOTIFY_EMAIL --message file://$message_file --region $region
+  else
+    echo "Error syncing $s3_path on $instance_id"
+  fi
+}
+
+trap onerror ERR SIGHUP SIGINT SIGTERM 
+
+# first security group is used as the directory name in the bucket
+sec_grp=$(ec2metadata --security-groups | head -1)
+instance_id=$(ec2metadata --instance-id)
+ip=$(ec2metadata --local-ipv4)
+availability_zone=$(ec2metadata --availability-zone)
+# region isn't available via the metadata service
+region=${availability_zone:0:${{lb}}#availability_zone{{rb}} - 1}
+
+s3_path="${2}/$sec_grp/"
+{% for item in AWS_S3_LOG_PATHS -%}
+$noop $AWS_CMD s3 sync {{ item['path'] }} "s3://{{ item['bucket'] }}/$sec_grp/${instance_id}-${ip}/" --region $region {{ item['extra_args'] }}
+{% endfor %}