puppetlabs-docker
puppetlabs-docker copied to clipboard
puppetlabs
Option to disable systemd syslog in docker::run + Document extra_systemd_parameters
Use Case
A normal docker setup do not syslog container output to the systemd journal (by default container output is placed in json logfiles under /var/lib/docker/containers/*/*.log).
Only internal messages from the docker daemon itself are syslogged, not the container output.
However, the puppetlabs docker module builds a systemd service file for each continer to run, and by default, systemd syslogs all stdout and stderr for all services.
So suddently a system get double logs. First the direct json-logs in /var/lib/docker/containers/*/*.log and then the same thing is spammed to the journal, and therefore also spammed to /var/log/* (if the system is running a syslog service).
Describe the Solution You Would Like
I want an option to stop the docker::run systemd service syslogging, and only log whatever I have configured in docker, globally or in container specific options.
In docker::run you already have the options syslog_identifier and syslog_facility to tweak the syslog from the systemd service.
I would like this new extra option:
syslog_enable = true/false (default should be true, because this module has always worked this (incorrect) way)
When set to false, the /etc/systemd/system/docker-containername.service unit should get these two extra lines:
[Service]
StandardOutput=null
StandardError=null
This will mute all output from the container-service, and we're back to a "normal" setup.
Describe Alternatives You've Considered
I see there is an option extra_systemd_parameters, but it is totally undocumented.
Can/should it be used to solve the above?
In the meantime I've created this workaround: In the profile where I docker::run my container, I've added this systemd dropin-file:
file { '/etc/systemd/system/docker-foobar.service.d':
ensure => directory,
}
file { '/etc/systemd/system/docker-foobar.service.d/mute_output.conf':
content => "### Managed by puppet ###\n[Service]\nStandardOutput=null\nStandardError=null\n",
require => File['/etc/systemd/system/docker-foobar.service.d'],
}
Oh, in any case, please document the extra_systemd_parameters option and give an example how to use it.
Hey @elofu17, thanks for raising this issue.
Would this be something you'd consider opening a PR for?
Hi. Unfortunately I'm no developer, so I don't know where or what to modify, otherwise I would have done it instead of describing it in text.
Hello! 👋
This issue has been open for a while and has had no recent activity. We've labelled it with attention-needed so that we can get a clear view of which issues need our attention.
If you are waiting on a response from us we will try and address your comments on a future Community Day.
Alternatively, if it is no longer relevant to you please close the issue with a comment.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This ticket should be re-opened by someone with privileges, in my opinion. It was just auto-closed for no particular reason.
As a workaround, I'm using resource collector to accomplish this globally, like:
# this will ensure that docker containers doesn't log to "syslog" or "journald",
# use a resource collector to amend this globally
Docker::Run <||> {
extra_systemd_parameters => {
'Service' => {
'StandardError' => 'null',
'StandardOutput' => 'null',
}
}
}
