Switch default logdriver and eventslogger to journald, if root #621
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@giuseppe @vrothberg is there an easy way to see if journald will work for rootless users? |
|
Attempting to fix/improve #580 |
|
/hold Can you open a test PR against Podman? We've had bad experiences in previous attempts. I am optimistic that it'll pass since we massaged the journald backends quite a bit but I want to make sure we merge after Podman CI is green. |
https://github.com/containers/podman/blob/master/pkg/systemd/dbus.go has some code for it. I think that if we can connect to DBUS, we can default to journald. |
|
That will tell us we have a dbus connection, but not necessarily if we can write journald messages. I will open a PR for Podman. |
rhatdan
changed the title
|
Currently this patch just uses file for rootless systems, even if the system supports rootless journald. Since some systems give permission denied if you try to write to the journal without being in the "wheel" group. |
|
Good point. There may be group access in between. Then something as below should work: import "github.com/coreos/go-systemd/v22/sdjournal"
func CanAccessJournald() bool {
journal, err := sdjournal.NewJournal()
if err != nil {
logrus.Debugf("Cannot access journald: %v", err)
return false
}
return true
} |
I think we need to |
|
This adds a requirement for cgo... |
|
|
May need to add |
|
That is causing us to pull in lots of other libraries and files including -devmapper. |
rhatdan
force-pushed
the
events
branch
4 times, most recently
from
972bdb8 to
7d9e76e
Compare
| return | ||
| } | ||
| journal, err := sdjournal.NewJournal() | ||
| if err != nil { |
There was a problem hiding this comment.
@giuseppe @vrothberg @nalind Do you know if this is enough to check if we can use the journal?
There was a problem hiding this comment.
It looks like the implementation will either manage to open the journal for reading and return a handle for it, or return an error. The APIs for sending data to the journal don't go through the handle, so I think we have to take it on faith that messages we send to the journal will be retrievable through the handle.
rhatdan
force-pushed
the
events
branch
2 times, most recently
from
baf6603 to
7297d4b
Compare
rhatdan
force-pushed
the
events
branch
3 times, most recently
from
b5704df to
0fc324f
Compare
rhatdan
force-pushed
the
events
branch
2 times, most recently
from
01da7de to
6cc1845
Compare
This will fix hte eventslog and log files from growing huge, Lets journald handling rolling logs. Signed-off-by: Daniel J Walsh <[email protected]>
rhatdan
changed the title
|
@TomSweeneyRedHat @mheon PTAL @containers/podman-maintainers PTAL |
|
LGTM |
|
|
||
| return DefaultLogDriver | ||
|
|
||
| return "k8s-file" |
There was a problem hiding this comment.
Should you still set DefaultLogDriver to k8s-file, return it here, and then just system it to systems in the appropriate places?
There was a problem hiding this comment.
No because we want DefaultLogDriver to be indicated as journald now.
|
LGTM |
|
We need to flip back: containers/podman#10653 was not green and it's now causing c/common to break in Podman. |
Correction. We're good! @nalind is pushing the PR in Podman over the finish line in containers/podman#11263. |
Signed-off-by: Daniel J Walsh [email protected]