Skip to content

Option to disable systemd syslog in docker::run + Document extra_systemd_parameters #809

Open
@elofu17

Description

@elofu17

Use Case

A normal docker setup do not syslog container output to the systemd journal (by default container output is placed in json logfiles under /var/lib/docker/containers/*/*.log).
Only internal messages from the docker daemon itself are syslogged, not the container output.

However, the puppetlabs docker module builds a systemd service file for each continer to run, and by default, systemd syslogs all stdout and stderr for all services.
So suddently a system get double logs. First the direct json-logs in /var/lib/docker/containers/*/*.log and then the same thing is spammed to the journal, and therefore also spammed to /var/log/* (if the system is running a syslog service).

Describe the Solution You Would Like

I want an option to stop the docker::run systemd service syslogging, and only log whatever I have configured in docker, globally or in container specific options.

In docker::run you already have the options syslog_identifier and syslog_facility to tweak the syslog from the systemd service.
I would like this new extra option:
syslog_enable = true/false (default should be true, because this module has always worked this (incorrect) way)

When set to false, the /etc/systemd/system/docker-containername.service unit should get these two extra lines:

[Service]
StandardOutput=null
StandardError=null

This will mute all output from the container-service, and we're back to a "normal" setup.

Describe Alternatives You've Considered

I see there is an option extra_systemd_parameters, but it is totally undocumented.
Can/should it be used to solve the above?

In the meantime I've created this workaround:
In the profile where I docker::run my container, I've added this systemd dropin-file:

  file { '/etc/systemd/system/docker-foobar.service.d':
    ensure  => directory,
  }
  file { '/etc/systemd/system/docker-foobar.service.d/mute_output.conf':
    content => "### Managed by puppet ###\n[Service]\nStandardOutput=null\nStandardError=null\n",
    require => File['/etc/systemd/system/docker-foobar.service.d'],
  }

Oh, in any case, please document the extra_systemd_parameters option and give an example how to use it.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions