In order to get a more complete container logging, we now enable the file logging for the podman containers. This will output container stdout/stderr in a file located in the new /var/log/containers/stdouts location. This follows the other efforts already made with paunch[1] and docker-puppet.py (now named container-puppet.py)[2] Notes: - podman supports only "json-file", allowing to push files in the location we want via the "path" log option - docker doesn't have the "path" log option and push its log in /var/lib/docker/containers/ID/ID-json.log - unusable since it's destroyed upon container removal. [1] https://review.openstack.org/635437 [2] https://review.openstack.org/635438 Change-Id: Ibaa8bca52ea2f68afa1effc989b04d2e6213813a
62 lines
2.2 KiB
62 lines
2.2 KiB
<%- | String $image_name = '',
String $bind_socket = '',
Boolean $debug,
String $container_cli = ''
| -%>
<%- if $debug { -%>set -x<%- } -%>
<%- if $bind_socket { -%>
export DOCKER_HOST="<%=$bind_socket%>"
<%- } -%>
# Extract the network namespace UUID from the command line args provided by
# neutron. Typically of the form (with dnsmasq as an example):
# dnsmasq --no-hosts --no-resolv --except-interface=lo \
# --pid-file=/var/lib/neutron/dhcp/317716b8-919a-4a6f-8db1-78128ec3b100/pid \
# --dhcp-hostsfile=/var/lib/neutron/dhcp/317716b8-919a-4a6f-8db1-78128ec3b100/host ...
NETNS=$(ip netns identify)
<%- if $container_cli == 'docker' { -%>
CMD="ip netns exec ${NETNS} /usr/sbin/dnsmasq -k"
<%- } elsif $container_cli == 'podman' { -%>
CLI="nsenter --net=/run/netns/${NETNS} --preserve-credentials -m -t 1 podman"
LOGGING="--log-driver json-file --log-opt path=/var/log/containers/stdouts/${NAME}.log"
CMD='/usr/sbin/dnsmasq -k'
<%- } else { -%>
CLI='echo noop'
CMD='echo noop'
<%- } -%>
LIST=$($CLI ps -a --filter name=neutron-dnsmasq- --format '{{.ID}}:{{.Names}}:{{.Status}}' | awk '{print $1}')
# Find orphaned containers left for dead after its main process terminated by neutron parent process
# FIXME(cjeanner): https://github.com/containers/libpod/issues/1703
ORPHANTS=$(printf "%s\n" "${LIST}" | grep -E ":(Exited|Created)")
if [ -n "${ORPHANTS}" ]; then
for orphant in $(printf "%s\n" "${ORPHANTS}" | awk -F':' '{print $1}'); do
echo "Removing orphaned container ${orphant}"
$CLI stop ${orphant} || true
$CLI rm -f ${orphant} || true
# If the NAME is already taken by a container, give it an unique name
printf "%s\n" "${LIST}" | grep -q "${NAME}$" && NAME="${NAME}-$(date +%Y-%m-%d-%H%M%S-%N)"
echo "Starting a new child container ${NAME}"
$CLI run --detach ${LOGGING} \
-v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:ro \
-v /run/netns:/run/netns:shared \
-v /var/lib/neutron:/var/lib/neutron:z,shared \
-v /dev/log:/dev/log \
--net host \
--pid host \
--privileged \
-u root \
--name $NAME \
<%=$image_name%> \