[systemd-devel] Logroate + Pass signal to executable in container (nspawn)

Peter Paule systemd-devel at fedux.org
Mon Feb 23 10:15:36 PST 2015 

Excerpts from "Jóhann B. Guðmundsson"'s message of 2015-02-23 17:56:43 +0000:
> 
> On 02/23/2015 02:12 PM, Peter Paule wrote:
> > Hi,
> >
> > I run "nginx" in a container which itself is under systemd-control. All
> > error messages are put to stderr and the incomming requests are logged in
> > access.log. To reduce the filesize I want to rotate the access.log.
> 
> If you are not using systemd's journal to handle this for you but are 
> using textual log files you will need to install and setup tools that 
> correctly deal with that.
> Something like logrotate should suffice.
Sure, but I think, you need to make the application "releasing" the old file
handle(s) after rotating the logfile. Maybe my question was not that
clear. :) 

What is the best way to handle logrotation using "logrotated" together
with "systemd-nspawn"?

1. nginx creates two files

  * error_log
  * access_log

  The error_log goes to stderr which should be handled by journald. The
  access.log is written to the file system.

2. I want "logrotate" to handle "access.log"

3. I think that "nginx" needs to be restarted/sent a signal after rotating the log

  This way it I want to make sure, that it uses a new log file and does
  not write to the "rotated" log file using the "old" file handle.

To make sure that, that "nginx" uses a "new" log file I see two
possibilities:

  a) Restarting it
  b) Sending it a signal

I think

a) Is straight forward:

  My only concern here is, some requests to nginx will fail during restart

    = /etc/logrotate.d/nginx =
      /var/log/machines/www_fedux_org/*.log {
        daily
        compress
        dateext
        notifempty
        missingok
        nocreate
        rotate 30
        postrotate
          systemctl restart nginx at site
        endscript
      }

b) Seems to be not that straight forward:

  If I chose b) "systemd-nspawn" will exit. It does not "pass" the signal
  to the nginx running in the container.


    = /etc/logrotate.d/nginx =
      /var/log/machines/www_fedux_org/*.log {
        daily
        compress
        dateext
        notifempty
        missingok
        nocreate
        rotate 30
        postrotate
          systemctl kill -s SIGUSR1 nginx at site
        endscript
      }

/pp

More information about the systemd-devel mailing list