Fluentd Role

fluentd role

Deploy and manage the Fluentd log aggregation service.

This role deploys and manages Fluentd as a containerized log aggregation service within a Kolla-Ansible managed OpenStack environment.

Fluentd collects logs from OpenStack services, system sources (syslog, systemd, MariaDB, RabbitMQ, libvirt, OpenVSwitch), and optionally forwards them to Elasticsearch or OpenSearch.

Variables

Variable	Type	Default	Description
enable_fluentd	bool	True	Whether to enable the Fluentd service.
enable_fluentd_systemd	bool		Whether to enable the systemd journal input for Fluentd. Requires both enable_fluentd and enable_central_logging to be true.
fluentd_services	dict		Dictionary of Fluentd service definitions used by Kolla container management.
fluentd_tag	str		Docker image tag for the Fluentd container image. Defaults to openstack_tag.
fluentd_image	str		Docker image name (without tag) for the Fluentd container.
fluentd_image_full	str		Fully qualified Docker image reference (name and tag) for Fluentd.
fluentd_dimensions	dict		Resource dimension constraints (CPU, memory, ulimits, etc.) for the Fluentd container. Defaults to default_container_dimensions.
fluentd_default_volumes	list[str]		List of default volume mounts for the Fluentd container.
fluentd_extra_volumes	list[str]		List of additional volume mounts to attach to the Fluentd container. Defaults to default_extra_volumes.
fluentd_syslog_port	str	5140	UDP port on which Fluentd listens for syslog input.
syslog_udp_port	str		Alias for fluentd_syslog_port. Used by syslog clients to send logs.
syslog_haproxy_facility	str	local1	Syslog facility used by HAProxy when sending logs to Fluentd.
syslog_facilities	list[dict]		List of syslog facility definitions for services that send syslog to Fluentd. Each entry has name, enabled, facility, logdir, and logfile.
fluentd_enable_watch_timer	str	false	Whether to enable the additional watch timer in Fluentd. Set to "true" to enable.
fluentd_bulk_message_request_threshold	str	20M	Maximum size of a bulk request sent to Elasticsearch/OpenSearch. Should be set below the OpenSearch bulk API maximum content length (100MB).
fluentd_buffer_chunk_limit_size	str	8M	Maximum size of a single chunk in the Fluentd output buffer. Should be less than fluentd_bulk_message_request_threshold.
fluentd_elasticsearch_path	str		URL path prefix for the Elasticsearch endpoint.
fluentd_elasticsearch_scheme	str		Protocol scheme for connecting to Elasticsearch (http or https). Defaults to internal_protocol.
fluentd_elasticsearch_user	str		Username for Elasticsearch authentication.
fluentd_elasticsearch_password	str		Password for Elasticsearch authentication.
fluentd_elasticsearch_ssl_version	str	TLSv1_2	TLS protocol version used when connecting to Elasticsearch over HTTPS.
fluentd_elasticsearch_ssl_verify	str	true	Whether to verify the Elasticsearch TLS certificate. Set to "false" to disable verification (not recommended in production).
fluentd_elasticsearch_cacert	str		Path to the CA certificate bundle used to verify the Elasticsearch TLS certificate. Defaults to openstack_cacert.
fluentd_elasticsearch_request_timeout	str	60s	Timeout for Elasticsearch HTTP requests.
fluentd_opensearch_path	str		URL path prefix for the OpenSearch endpoint.
fluentd_opensearch_scheme	str	http	Protocol scheme for connecting to OpenSearch (http or https).
fluentd_opensearch_user	str		Username for OpenSearch authentication.
fluentd_opensearch_password	str		Password for OpenSearch authentication.
fluentd_opensearch_request_timeout	str	60s	Timeout for OpenSearch HTTP requests.
fluentd_input_openstack_services	list[dict]		List of OpenStack services for which Fluentd collects WSGI/API logs. Each entry has name and enabled keys.
fluentd_enabled_input_openstack_services	list[str]		Derived list of enabled OpenStack service names for Fluentd WSGI log input. Computed automatically from fluentd_input_openstack_services.