Merge "Add container journal linking"
This commit is contained in:
commit
61fcf1af80
|
@ -174,3 +174,9 @@ lxc_user_defined_container: null
|
||||||
|
|
||||||
# Dictionary of settings for containers
|
# Dictionary of settings for containers
|
||||||
properties: {}
|
properties: {}
|
||||||
|
|
||||||
|
# Set "/var/log/journal/{{ machine_id }}" to be a bind mount to the physical
|
||||||
|
# host. This option will link the container journal and the physical host
|
||||||
|
# journals making it possible to log stream from the container on the physical
|
||||||
|
# host.
|
||||||
|
lxc_container_journal_link: true
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- In a greenfield deployment containers will now bind link
|
||||||
|
their journals to the physical host machine in the
|
||||||
|
``/var/log/journal/{{ machine_id }}`` location. During an
|
||||||
|
upgrade this change will be added to the container config but
|
||||||
|
will not go into effect until the container is restarted.
|
||||||
|
Because the restart is not forced the operator can perform
|
||||||
|
restarts to best suit the needs of their environment.
|
||||||
|
Journal linking provides operators the ability to log stream
|
||||||
|
and health check containerized systems without having to
|
||||||
|
attach or otherwise login. If this feature is not needed or
|
||||||
|
desired it can be disabled by setting the option
|
||||||
|
``lxc_container_journal_link`` to *false*.
|
|
@ -277,6 +277,38 @@
|
||||||
mode: "0444"
|
mode: "0444"
|
||||||
remote_src: "yes"
|
remote_src: "yes"
|
||||||
remote_user: root
|
remote_user: root
|
||||||
|
|
||||||
|
- name: Link container journal to host
|
||||||
|
block:
|
||||||
|
- name: Retrieve the machine-id
|
||||||
|
slurp:
|
||||||
|
src: /etc/machine-id
|
||||||
|
register: machine_id
|
||||||
|
|
||||||
|
- name: Set bind mount for journal linking
|
||||||
|
set_fact:
|
||||||
|
lxc_container_journal_path: "/var/log/journal/{{ (machine_id.content | b64decode).strip() }}"
|
||||||
|
|
||||||
|
- name: Ensure journal directory exists
|
||||||
|
file:
|
||||||
|
path: "{{ lxc_container_journal_path }}"
|
||||||
|
state: "directory"
|
||||||
|
group: "systemd-journal"
|
||||||
|
owner: "root"
|
||||||
|
mode: "02755"
|
||||||
|
delegate_to: "{{ item }}"
|
||||||
|
with_items:
|
||||||
|
- "{{ physical_host }}"
|
||||||
|
- "{{ inventory_hostname }}"
|
||||||
|
|
||||||
|
- name: Add bind mount configuration to container
|
||||||
|
lineinfile:
|
||||||
|
dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
|
||||||
|
line: "lxc.mount.entry = {{ lxc_container_journal_path }} {{ lxc_container_journal_path.lstrip('/') }} none bind,create=dir 0 0"
|
||||||
|
backup: "true"
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
when:
|
||||||
|
- lxc_container_journal_link | bool
|
||||||
# ENVIRONMENT AND HOSTNAME SETTINGS
|
# ENVIRONMENT AND HOSTNAME SETTINGS
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -164,3 +164,27 @@
|
||||||
assert:
|
assert:
|
||||||
that:
|
that:
|
||||||
- "'1' in nonlocalbind.stdout"
|
- "'1' in nonlocalbind.stdout"
|
||||||
|
|
||||||
|
- name: Test journal linking
|
||||||
|
hosts: all_containers
|
||||||
|
user: root
|
||||||
|
become: true
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Get container machine-id
|
||||||
|
command: "cat /etc/machine-id"
|
||||||
|
changed_when: false
|
||||||
|
register: container_machine_id
|
||||||
|
|
||||||
|
- name: Stat linked journal on the host
|
||||||
|
stat:
|
||||||
|
path: "/var/log/journal/{{ container_machine_id.stdout.strip() }}/system.journal"
|
||||||
|
register: journal_stat
|
||||||
|
delegate_to: "{{ physical_host }}"
|
||||||
|
|
||||||
|
- name: Check for linked journal
|
||||||
|
fail:
|
||||||
|
msg: >-
|
||||||
|
Container journal [/var/log/journal/{{ container_machine_id.stdout.strip() }}] not found
|
||||||
|
when:
|
||||||
|
- not journal_stat.stat.exists
|
||||||
|
|
Loading…
Reference in New Issue