K8SPSMDB-1518: allow specifying logrotate configuration

build/logcollector/entrypoint.sh

@@ -1,21 +1,100 @@
-#!/bin/sh
+#!/bin/bash
 set -e
-set -o xtrace
 
-export PATH="$PATH":/opt/fluent-bit/bin
+export PATH="$PATH:/opt/fluent-bit/bin"
 
-if [ "$1" = 'logrotate' ]; then
+LOGROTATE_SCHEDULE="${LOGROTATE_SCHEDULE:-0 0 * * *}"
+
+is_logrotate_config_invalid() {
+	local config_file="$1"
+	if [ -z "$config_file" ] || [ ! -f "$config_file" ]; then
+		return 1
+	fi
+	# Specifying -d runs in debug mode, so even in case of errors, it will exit with 0.
+	# We need to check the output for "error" but skip those lines that are related to the missing logrotate.status file.
+	# Filter out logrotate.status lines first, then check for remaining errors
+	(
+		set +e
+		logrotate -d "$config_file" 2>&1 | grep -v "logrotate.status" | grep -qi "error"
+	)
+	return $?
+}
+
+run_logrotate() {
+	local logrotate_status_file="/data/db/logs/logrotate.status"
+	local logrotate_conf_file="/opt/percona/logcollector/logrotate/logrotate.conf"
+	local logrotate_additional_conf_files=()
+	local conf_d_dir="/opt/percona/logcollector/logrotate/conf.d"
+
+	# Check if mongodb.conf exists and validate it
+	if [ -f "$conf_d_dir/mongodb.conf" ]; then
+		logrotate_conf_file="$conf_d_dir/mongodb.conf"
+		if is_logrotate_config_invalid "$logrotate_conf_file"; then
+			echo "ERROR: Logrotate configuration is invalid, fallback to default configuration"
+			logrotate_conf_file="/opt/percona/logcollector/logrotate/logrotate.conf"
+		fi
+	fi
+
+	# Process all .conf files in conf.d directory (excluding mongodb.conf which is already handled)
+	if [ -d "$conf_d_dir" ]; then
+		for conf_file in "$conf_d_dir"/*.conf; do
+			# Check if glob matched any files (if no .conf files exist, the glob returns itself)
+			[ -f "$conf_file" ] || continue
+			# Skip mongodb.conf as it's already processed above
+			[ "$(basename "$conf_file")" = "mongodb.conf" ] && continue
+			if is_logrotate_config_invalid "$conf_file"; then
+				echo "ERROR: Logrotate configuration file $conf_file is invalid, it will be ignored"
+			else
+				logrotate_additional_conf_files+=("$conf_file")
+			fi
+		done
+	fi
+	# Ensure logrotate can run with current UID
 	if [[ $EUID != 1001 ]]; then
 		# logrotate requires UID in /etc/passwd
 		sed -e "s^x:1001:^x:$EUID:^" /etc/passwd >/tmp/passwd
 		cat /tmp/passwd >/etc/passwd
 		rm -rf /tmp/passwd
 	fi
-	exec go-cron "0 0 * * *" sh -c "logrotate -s /data/db/logs/logrotate.status /opt/percona/logcollector/logrotate/logrotate.conf;"
-else
-	if [ "$1" = 'fluent-bit' ]; then
-		fluentbit_opt+='-c /opt/percona/logcollector/fluentbit/fluentbit.conf'
-	fi
 
-	exec "$@" $fluentbit_opt
-fi
+	local logrotate_cmd="logrotate -s \"$logrotate_status_file\" \"$logrotate_conf_file\""
+	for additional_conf in "${logrotate_additional_conf_files[@]}"; do
+		logrotate_cmd="$logrotate_cmd \"$additional_conf\""
+	done
+
+	set -o xtrace
+	exec go-cron "$LOGROTATE_SCHEDULE" sh -c "$logrotate_cmd"
+}
+
+run_fluentbit() {
+	local fluentbit_opt=(-c /opt/percona/logcollector/fluentbit/fluentbit.conf)
+	mkdir -p /tmp/fluentbit/custom
+	set +e
+	local fluentbit_conf_dir="/opt/percona/logcollector/fluentbit/custom"
+	for conf_file in $fluentbit_conf_dir/*.conf; do
+		[ -f "$conf_file" ] || continue
+		if ! fluent-bit --dry-run -c "$conf_file" >/dev/null 2>&1; then
+			echo "ERROR: Fluentbit configuration file $conf_file is invalid, it will be ignored"
+		else
+			cp "$conf_file" /tmp/fluentbit/custom/
+		fi
+	done
+	touch /tmp/fluentbit/custom/default.conf || true
+
+	set -e
+	set -o xtrace
+	exec "$@" "${fluentbit_opt[@]}"
+}
+
+case "$1" in
+	logrotate)
+		run_logrotate
+		;;
+	fluent-bit)
+		run_fluentbit "$@"
+		;;
+	*)
+		echo "Invalid argument: $1"
+		exit 1
+		;;
+esac

build/logcollector/fluentbit/fluentbit.conf

@@ -1,2 +1,2 @@
 @INCLUDE fluentbit_*.conf
-@INCLUDE custom/*.conf
+@INCLUDE /tmp/fluentbit/custom/*.conf

config/crd/bases/psmdb.percona.com_perconaservermongodbs.yaml

@@ -806,6 +806,21 @@ spec:
                     type: string
                   imagePullPolicy:
                     type: string
+                  logrotate:
+                    properties:
+                      configuration:
+                        type: string
+                      extraConfig:
+                        properties:
+                          name:
+                            default: ""
+                            type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      schedule:
+                        default: 0 0 * * *
+                        type: string
+                    type: object
                   resources:
                     properties:
                       claims:

deploy/bundle.yaml

@@ -1665,6 +1665,21 @@ spec:
                     type: string
                   imagePullPolicy:
                     type: string
+                  logrotate:
+                    properties:
+                      configuration:
+                        type: string
+                      extraConfig:
+                        properties:
+                          name:
+                            default: ""
+                            type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      schedule:
+                        default: 0 0 * * *
+                        type: string
+                    type: object
                   resources:
                     properties:
                       claims:

deploy/cr.yaml

@@ -884,3 +884,8 @@ spec:
       requests:
         memory: 100M
         cpu: 200m
+#    logrotate:
+#      configuration: ""
+#      extraConfig:
+#        name: logrotate-config
+#      schedule: "0 0 * * *"

deploy/crd.yaml

@@ -1665,6 +1665,21 @@ spec:
                     type: string
                   imagePullPolicy:
                     type: string
+                  logrotate:
+                    properties:
+                      configuration:
+                        type: string
+                      extraConfig:
+                        properties:
+                          name:
+                            default: ""
+                            type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      schedule:
+                        default: 0 0 * * *
+                        type: string
+                    type: object
                   resources:
                     properties:
                       claims:

deploy/cw-bundle.yaml

@@ -1665,6 +1665,21 @@ spec:
                     type: string
                   imagePullPolicy:
                     type: string
+                  logrotate:
+                    properties:
+                      configuration:
+                        type: string
+                      extraConfig:
+                        properties:
+                          name:
+                            default: ""
+                            type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      schedule:
+                        default: 0 0 * * *
+                        type: string
+                    type: object
                   resources:
                     properties:
                       claims:

e2e-tests/version-service/conf/crd.yaml

@@ -1665,6 +1665,21 @@ spec:
                     type: string
                   imagePullPolicy:
                     type: string
+                  logrotate:
+                    properties:
+                      configuration:
+                        type: string
+                      extraConfig:
+                        properties:
+                          name:
+                            default: ""
+                            type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      schedule:
+                        default: 0 0 * * *
+                        type: string
+                    type: object
                   resources:
                     properties:
                       claims:

pkg/apis/psmdb/v1/psmdb_types.go

@@ -1579,6 +1579,23 @@ type LogCollectorSpec struct {
 	ImagePullPolicy          corev1.PullPolicy           `json:"imagePullPolicy,omitempty"`
 	Env                      []corev1.EnvVar             `json:"env,omitempty"`
 	EnvFrom                  []corev1.EnvFromSource      `json:"envFrom,omitempty"`
+	LogRotate                *LogRotateSpec              `json:"logrotate,omitempty"`
+}
+
+// LogRotateSpec defines the configuration for the logrotate container.
+type LogRotateSpec struct {
+	// Configuration allows overriding the default logrotate configuration.
+	Configuration string `json:"configuration,omitempty"`
+	// ExtraConfig allows specifying logrotate configuration file in addition to the main configuration file.
+	// This should be a reference to a ConfigMap or a Secret in the same namespace.
+	// Key must contain the .conf extension to be processed correctly.
+	//
+	// NOTE: mongodb.conf is reserved for the default configuration specified by .configuration field.
+	ExtraConfig corev1.LocalObjectReference `json:"extraConfig,omitempty"`
+	// Schedule allows specifying the schedule for logrotate.
+	// This should be a valid cron expression.
+	//+kubebuilder:default:="0 0 * * *"
+	Schedule string `json:"schedule,omitempty"`
 }
 
 func (cr *PerconaServerMongoDB) IsLogCollectorEnabled() bool {

pkg/controller/perconaservermongodb/psmdb_controller.go

@@ -40,6 +40,7 @@ import (
 	"github.com/percona/percona-server-mongodb-operator/pkg/psmdb/backup"
 	psmdbconfig "github.com/percona/percona-server-mongodb-operator/pkg/psmdb/config"
 	"github.com/percona/percona-server-mongodb-operator/pkg/psmdb/logcollector"
+	"github.com/percona/percona-server-mongodb-operator/pkg/psmdb/logcollector/logrotate"
 	"github.com/percona/percona-server-mongodb-operator/pkg/psmdb/pmm"
 	"github.com/percona/percona-server-mongodb-operator/pkg/psmdb/secret"
 	"github.com/percona/percona-server-mongodb-operator/pkg/psmdb/tls"
@@ -364,6 +365,12 @@ func (r *ReconcilePerconaServerMongoDB) Reconcile(ctx context.Context, request r
 		}
 	}
 
+	if cr.CompareVersion("1.22.0") >= 0 {
+		if err := r.reconcileLogRotateConfigMaps(ctx, cr); err != nil {
+			return reconcile.Result{}, errors.Wrap(err, "reconcile log rotate config map")
+		}
+	}
+
 	err = r.reconcileUsers(ctx, cr, repls)
 	if err != nil {
 		return reconcile.Result{}, errors.Wrap(err, "failed to reconcile users")
@@ -1263,6 +1270,40 @@ func (r *ReconcilePerconaServerMongoDB) reconcileLogCollectorConfigMaps(ctx cont
 	return nil
 }
 
+func (r *ReconcilePerconaServerMongoDB) reconcileLogRotateConfigMaps(ctx context.Context, cr *api.PerconaServerMongoDB) error {
+	if !cr.IsLogCollectorEnabled() {
+		if err := deleteConfigMapIfExists(ctx, r.client, cr, logrotate.ConfigMapName(cr.Name)); err != nil {
+			return errors.Wrap(err, "failed to delete log rotate config map when log collector is disabled")
+		}
+		return nil
+	}
+
+	if cr.Spec.LogCollector.LogRotate == nil || cr.Spec.LogCollector.LogRotate.Configuration == "" {
+		if err := deleteConfigMapIfExists(ctx, r.client, cr, logrotate.ConfigMapName(cr.Name)); err != nil {
+			return errors.Wrap(err, "failed to delete log rotate config map when the configuration is empty")
+		}
+		return nil
+	}
+
+	cm := &corev1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      logrotate.ConfigMapName(cr.Name),
+			Namespace: cr.GetNamespace(),
+			Labels:    naming.ClusterLabels(cr),
+		},
+		Data: map[string]string{
+			logrotate.MongodbConfig: cr.Spec.LogCollector.LogRotate.Configuration,
+		},
+	}
+
+	err := r.createOrUpdateConfigMap(ctx, cr, cm)
+	if err != nil {
+		return errors.Wrap(err, "create or update config map")
+	}
+
+	return nil
+}
+
 func deleteConfigMapIfExists(ctx context.Context, cl client.Client, cr *api.PerconaServerMongoDB, cmName string) error {
 	configMap := &corev1.ConfigMap{}