[systemd-devel] Logroate + Pass signal to executable in container (nspawn)

Zbigniew Jędrzejewski-Szmek zbyszek at in.waw.pl
Mon Feb 23 16:45:39 PST 2015 

On Mon, Feb 23, 2015 at 07:15:36PM +0100, Peter Paule wrote:
> Excerpts from "Jóhann B. Guðmundsson"'s message of 2015-02-23 17:56:43 +0000:
> > 
> > On 02/23/2015 02:12 PM, Peter Paule wrote:
> > > Hi,
> > >
> > > I run "nginx" in a container which itself is under systemd-control. All
> > > error messages are put to stderr and the incomming requests are logged in
> > > access.log. To reduce the filesize I want to rotate the access.log.
> > 
> > If you are not using systemd's journal to handle this for you but are 
> > using textual log files you will need to install and setup tools that 
> > correctly deal with that.
> > Something like logrotate should suffice.
> Sure, but I think, you need to make the application "releasing" the old file
> handle(s) after rotating the logfile. Maybe my question was not that
> clear. :) 
> 
> What is the best way to handle logrotation using "logrotated" together
> with "systemd-nspawn"?
> 
> 1. nginx creates two files
> 
>   * error_log
>   * access_log
> 
>   The error_log goes to stderr which should be handled by journald. The
>   access.log is written to the file system.
> 
> 2. I want "logrotate" to handle "access.log"
> 
> 3. I think that "nginx" needs to be restarted/sent a signal after rotating the log
> 
>   This way it I want to make sure, that it uses a new log file and does
>   not write to the "rotated" log file using the "old" file handle.
> 
> To make sure that, that "nginx" uses a "new" log file I see two
> possibilities:
> 
>   a) Restarting it
>   b) Sending it a signal
Sending a signal directly will probably have less overhead, including less noise
in the logs. systemctl kill -SIG... --kill-who=main should dtrt.

You might want to consider teaching it to use the journal and not worry about log
rotation anymore, but that's a much bigger project.

Zbyszek

> 
> I think
> 
> a) Is straight forward:
> 
>   My only concern here is, some requests to nginx will fail during restart
> 
>     = /etc/logrotate.d/nginx =
>       /var/log/machines/www_fedux_org/*.log {
>         daily
>         compress
>         dateext
>         notifempty
>         missingok
>         nocreate
>         rotate 30
>         postrotate
>           systemctl restart nginx at site
>         endscript
>       }
> 
> b) Seems to be not that straight forward:
> 
>   If I chose b) "systemd-nspawn" will exit. It does not "pass" the signal
>   to the nginx running in the container.
> 
> 
>     = /etc/logrotate.d/nginx =
>       /var/log/machines/www_fedux_org/*.log {
>         daily
>         compress
>         dateext
>         notifempty
>         missingok
>         nocreate
>         rotate 30
>         postrotate
>           systemctl kill -s SIGUSR1 nginx at site
>         endscript
>       }
> 
> /pp
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel

More information about the systemd-devel mailing list