Do not share container log driver for exec #6560
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mheon The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
Should we just drop the logging altogether rather then saving them to a log. Does Docker exec get logged? |
|
Conmon currently requires a log driver. Adding a |
|
docker exec is never logged (fyi) |
|
@haircommander How hard would it be to add the null driver to conmon? Not for this PR but for future ones. |
|
@mheon I think you should tell conmon to log to /dev/null then on exec, rather then taking up disk space and having to deal with cleaning it up. Once conmon can handle no log driver or the null driver, we can remove it. |
|
@rhatdan @haircommander My one concern there is breaking log rotation - will conmon try to rotate /dev/null? |
I've been all over the conmon source recently - I think it'd be pretty trivial. i.e. Keeping both of those false, instead of always setting one. |
|
it should be a simple fix |
|
All said - this patch does work - it logs to exec_log and is cleaned up when the process exits. |
|
@mheon do you want to squash this so the gating check passes.... |
|
We actually have a new Conmon out now, so we're expecting that tests should start passing - let me get this passing |
mheon
force-pushed
the
fix_exec_logdriver
branch
2 times, most recently
from
d93e579 to
d739cce
Compare
|
Rebased, but could use a few tests for the new functionality, let me add some. |
mheon
force-pushed
the
fix_exec_logdriver
branch
from
d739cce to
9777750
Compare
|
Added a test for the none logdriver. Re-enabled exec tests on ubuntu, which should work now that Conmon 2.0.18 is available in the libcontainers repos. |
mheon
force-pushed
the
fix_exec_logdriver
branch
from
9777750 to
71d1ad2
Compare
When the container uses journald logging, we don't want to automatically use the same driver for its exec sessions. If we do we will pollute the journal (particularly in the case of healthchecks) with large amounts of undesired logs. Instead, force exec sessions logs to file for now; we can add a log-driver flag later (we'll probably want to add a `podman logs` command that reads exec session logs at the same time). As part of this, add support for the new 'none' logs driver in Conmon. It will be the default log driver for exec sessions, and can be optionally selected for containers. Great thanks to Joe Gooch ([email protected]) for adding support to Conmon for a null log driver, and wiring it in here. Fixes containers#6555 Signed-off-by: Matthew Heon <[email protected]>
mheon
force-pushed
the
fix_exec_logdriver
branch
from
71d1ad2 to
0e171b7
Compare
|
|
|
I think they're going to pass this time... |
|
LGTM |
|
LGTM |
|
/lgtm |
github-actions
bot
added
the
locked - please file new issue/PR
When the container uses journald logging, we don't want to automatically use the same driver for its exec sessions. If we do we will pollute the journal (particularly in the case of healthchecks) with large amounts of undesired logs. Instead, force exec sessions logs to file for now; we can add a log-driver
flag later (we'll probably want to add a
podman logscommand that reads exec session logs at the same time).Fixes #6555