Docker/baseimage-docker
1
0
Fork 1
mirror of https://github.com/phusion/baseimage-docker.git synced 2026-03-26 20:38:58 +00:00
Code Issues Releases Wiki Activity

Merge pull request #425 from sundbry/syslog-shutdown

Browse Source 
Start syslog-ng before runit, and stop after runit.
This commit is contained in:
Travis Rowland
2017-11-01 12:06:35 -07:00
committed by GitHub
parent 421ca4ea05 18a10580e1
commit 42c48d8465
5 changed files with 69 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@@ -57,6 +57,7 @@ You can configure the stock `ubuntu` image yourself from your Dockerfile, so why
* [Environment variable dumps](#envvar_dumps) * [Environment variable dumps](#envvar_dumps)
* [Modifying environment variables](#modifying_envvars) * [Modifying environment variables](#modifying_envvars)
* [Security](#envvar_security) * [Security](#envvar_security)
* [System logging](#logging)
* [Upgrading the operating system inside the container](#upgrading_os) * [Upgrading the operating system inside the container](#upgrading_os)
* [Container administration](#container_administration) * [Container administration](#container_administration)
* [Running a one-shot command in a new container](#oneshot) * [Running a one-shot command in a new container](#oneshot)
@@ -303,6 +304,14 @@ If you are sure that your environment variables don't contain sensitive data, th
RUN chmod 755 /etc/container_environment RUN chmod 755 /etc/container_environment
RUN chmod 644 /etc/container_environment.sh /etc/container_environment.json RUN chmod 644 /etc/container_environment.sh /etc/container_environment.json
<a name="logging"></a>
### System logging
Baseimage-docker uses syslog-ng to provide a syslog facility to the container. Syslog-ng is not managed as an runit service (see below). Syslog messages are forwarded to the console via the service at /etc/service/syslog-forwarder.
#### Log startup/shutdown sequence
In order to ensure that all application log messages are captured by syslog-ng, syslog-ng is started separately before the runit supervisor process, and shutdown after runit exits. This uses the [startup script facility](#running_startup_scripts) provided by this image. This avoids a race condition which would exist if syslog-ng were managed as an runit service, where runit kills syslog-ng in parallel with the container's other services, causing log messages to be dropped during a graceful shutdown if syslog-ng exits while logs are still being produced by other services.
<a name="upgrading_os"></a> <a name="upgrading_os"></a>
### Upgrading the operating system inside the container ### Upgrading the operating system inside the container

34
image/services/syslog-ng/syslog-ng.init Executable file
View File

@@ -0,0 +1,34 @@
#!/bin/bash
set -e
# If /dev/log is either a named pipe or it was placed there accidentally,
# e.g. because of the issue documented at https://github.com/phusion/baseimage-docker/pull/25,
# then we remove it.
if [ ! -S /dev/log ]; then rm -f /dev/log; fi
if [ ! -S /var/lib/syslog-ng/syslog-ng.ctl ]; then rm -f /var/lib/syslog-ng/syslog-ng.ctl; fi
PIDFILE="/var/run/syslog-ng.pid"
SYSLOGNG_OPTS=""
[ -r /etc/default/syslog-ng ] && . /etc/default/syslog-ng
syslogng_wait() {
if [ "$2" -ne 0 ]; then
return 1
fi
RET=1
for i in $(seq 1 30); do
status=0
syslog-ng-ctl stats >/dev/null 2>&1 || status=$?
if [ "$status" != "$1" ]; then
RET=0
break
fi
sleep 1s
done
return $RET
}
/usr/sbin/syslog-ng --pidfile "$PIDFILE" -F $SYSLOGNG_OPTS &
syslogng_wait 1 $?

32
image/services/syslog-ng/syslog-ng.runit
View File

@@ -1,32 +0,0 @@
#!/bin/sh
set -e
# If /dev/log is either a named pipe or it was placed there accidentally,
# e.g. because of the issue documented at https://github.com/phusion/baseimage-docker/pull/25,
# then we remove it.
if [ ! -S /dev/log ]; then rm -f /dev/log; fi
if [ ! -S /var/lib/syslog-ng/syslog-ng.ctl ]; then rm -f /var/lib/syslog-ng/syslog-ng.ctl; fi
SYSLOGNG_OPTS=""
[ -r /etc/default/syslog-ng ] && . /etc/default/syslog-ng
case "x$CONSOLE_LOG_LEVEL" in
x[1-8])
dmesg -n $CONSOLE_LOG_LEVEL
;;
x)
;;
*)
echo "CONSOLE_LOG_LEVEL is of unaccepted value."
;;
esac
if [ ! -e /dev/xconsole ]
then
mknod -m 640 /dev/xconsole p
chown root:adm /dev/xconsole
[ -x /sbin/restorecon ] && /sbin/restorecon $XCONSOLE
fi
exec syslog-ng -F -p /var/run/syslog-ng.pid $SYSLOGNG_OPTS

4
image/services/syslog-ng/syslog-ng.sh
View File

@@ -7,8 +7,8 @@ SYSLOG_NG_BUILD_PATH=/bd_build/services/syslog-ng
## Install a syslog daemon. ## Install a syslog daemon.
$minimal_apt_get_install syslog-ng-core $minimal_apt_get_install syslog-ng-core
mkdir /etc/service/syslog-ng cp $SYSLOG_NG_BUILD_PATH/syslog-ng.init /etc/my_init.d/10_syslog-ng.init
cp $SYSLOG_NG_BUILD_PATH/syslog-ng.runit /etc/service/syslog-ng/run cp $SYSLOG_NG_BUILD_PATH/syslog-ng.shutdown /etc/my_init.post_shutdown.d/10_syslog-ng.shutdown
mkdir -p /var/lib/syslog-ng mkdir -p /var/lib/syslog-ng
cp $SYSLOG_NG_BUILD_PATH/syslog_ng_default /etc/default/syslog-ng cp $SYSLOG_NG_BUILD_PATH/syslog_ng_default /etc/default/syslog-ng
touch /var/log/syslog touch /var/log/syslog

24
image/services/syslog-ng/syslog-ng.shutdown Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/bash
PIDFILE="/var/run/syslog-ng.pid"
syslogng_wait() {
if [ "$2" -ne 0 ]; then
return 1
fi
RET=1
for i in $(seq 1 30); do
status=0
syslog-ng-ctl stats >/dev/null 2>&1 || status=$?
if [ "$status" != "$1" ]; then
RET=0
break
fi
sleep 1s
done
return $RET
}
kill $(cat "$PIDFILE")
syslogng_wait 0 $?