just-containers / socklog-overlay Goto Github PK
View Code? Open in Web Editor NEWSmall syslog add-on for s6-overlay
License: Other
Small syslog add-on for s6-overlay
License: Other
s6-overlay
version: 3.1.4.2
socklog-overlay
version: 3.1.2-0
socklog
fails to start at docker run
.
Problems:
s6-overlay
doesn't have binaries in the /usr/bin
path anymore, all binaries are moved to /command
folder.
#!/usr/bin/execlineb -P
doesn't work.s6-overlay-symlinks-arch.tar.xz
additionally.cont-init.d/~-socklog
fails to run due to numerous errors:
s6-test
cannot be found (it was replaced with eltest
)fix-attrs
cannot be found in paths (it's been wind down).execlineb
and printcontenv
cannot be found (unpack s6-overlay-symlinks-arch.tar.xz
to fix)./var/log/*
folders are not chmod
ed in the end of the script due to some error (chmoding from Dockerfile works though).I added this to a Dockerfile along with s6-overlay. I want to see the log output of cron without installing rsyslog proper.
After I start my container, I see repeatedly this message in the docker logs:
s6-log: fatal: unable to mkdir /var/log/socklog/cron: Permission denied
Container is ubuntu:16:04.
root@4961014f1773:/var/log/socklog# ls -lah
total 48K
drwxr-x--- 22 32768 32768 4.0K Feb 21 01:53 .
drwxr-xr-x 8 root root 4.0K Feb 21 01:53 ..
drwxr-x--- 2 32768 32768 4.0K Nov 2 18:01 cron
```
I basically just have a single file in `/etc/services.d/cron/run` that reads:
```
#!/usr/bin/with-contenv sh
exec cron -f
```
What are the right permissions for me to use?
I have some programs that expect to find individual log files under /var/log, and having them under /var/log/socklog/ will mess things up
I check your signature from https://keybase.io/justcontainers/key.asc for s6-overlay, but there is no signature for socklog-overlay. Could you please add one?
I am looking to do some process-specific logging, and want to create directories for it. So, i added those in the socklog
script under /etc/cont-init.d
:
#!/usr/bin/execlineb
if { s6-mkdir -p -m 0750 /var/log/socklog/cron }
if { s6-mkdir -p -m 0750 /var/log/socklog/daemon }
if { s6-mkdir -p -m 0750 /var/log/socklog/debug }
if { s6-mkdir -p -m 0750 /var/log/socklog/errors }
if { s6-mkdir -p -m 0750 /var/log/socklog/everything }
if { s6-mkdir -p -m 0750 /var/log/socklog/kernel }
if { s6-mkdir -p -m 0750 /var/log/socklog/mail }
if { s6-mkdir -p -m 0750 /var/log/socklog/messages }
if { s6-mkdir -p -m 0750 /var/log/socklog/secure }
if { s6-mkdir -p -m 0750 /var/log/socklog/user }
if { s6-mkdir -p -m 0755 /var/log/socklog/my/process }
But, the directories are created as user root
, not nobody:nogroup
as they should, so S6-log fails to write to them. I found some workarounds, each less straightforward than I think it should be:
docker build
, so the permission-fix of var/log/socklog
will affect them too/etc/cont-init.d
scriptany better way?
I'm frustrated at the time it takes my container to shut down when using the S6 socklog overlay service. When i use the socklog service it takes ~10sec but when i don't it takes ~700ms.
** I realize in the example below nginx does not need syslog. The real service i want to use, postfix, does use syslog so that is why i am using socklog. I used the example below because that is what s6 uses for their example.
Dockerfile
FROM ubuntu
ADD https://github.com/just-containers/s6-overlay/releases/download/v2.2.0.1/s6-overlay-amd64-installer /tmp/
RUN chmod +x /tmp/s6-overlay-amd64-installer && /tmp/s6-overlay-amd64-installer /
# Add S6 Socklog
ADD https://github.com/just-containers/socklog-overlay/releases/download/v3.1.1-1/socklog-overlay-amd64.tar.gz /tmp/
RUN tar xzf /tmp/socklog-overlay-amd64.tar.gz -C /
RUN apt-get update && \
apt-get install -y nginx && \
echo "daemon off;" >> /etc/nginx/nginx.conf
ENTRYPOINT ["/init"]
CMD ["nginx"]
Build the image: docker build -t test .
Run the Image: docker run --name test --rm -d test
Stop the Image: time docker stop test
bryan@cave ~/s/b/shutdown (master)> time docker stop test
test
________________________________________________________
Executed in 10.31 secs fish external
usr time 15.02 millis 317.00 micros 14.70 millis
sys time 9.88 millis 68.00 micros 9.81 millis
I don't know how prevalent it is, but some applications (or humans, for that matter) expect logs to be in specific places. it will not do good to state a different location for the logs, as the structure will still be foreign (/var/log/socklog/whatever/current' instead of
/var/log/whatever.log`).
So, it will be very convenient to have a way to automatically create symlinks (ln -s
) that point to current
in the right spot. that way, socklog takes care of syslog and rotation, the symlink is always fresh (as it will keep pointing to current
even if the file is swapped), and there will be much rejoicing.
(I create those symlinks manually in /etc/cont-init.d
manually, for now)
When using docker's --read-only
and s6-overlay's S6_READ_ONLY_ROOT=1
, then /var/log directory needs to be created before socklog can be used. Otherwise socklog yields error similar to #2 nonstop.
Considering that this is an add-on to s6-overlay, then perhaps this overlay could install an additional script setting up /var/log directory in case of S6_READ_ONLY_ROOT
is enabled?
cat > /etc/cont-init.d/00-init-varlog <<EOF
#!/usr/bin/execlineb -P
mkdir -p /var/log
EOF
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.