Univention Bugzilla – Bug 52495
Feature: implement and document logrotation for http.log
Last modified: 2023-05-09 13:54:28 CEST
The current Kelvin docs only mention that a logfile http.log in /var/log/univention/ucsschool-kelvin-rest-api exists. Bug #50709 introduced the ability to change the loglevel which increases the chance that the logfile may become huge especially in large environments. Looking at the behaviour of the installed API a rotation of the http.log only happens when the application is restarted. From an administrative perspective this is unusual. As an administrator I would expect that either the settings from the UCRVs logrotate/* are honored or there are other documented methods how to implement and change the logrotation according to the retention periods that are valid for my environment. I addition I would be unsure if and how an external rotation should be done for dockerized applications without really knowing how the application will deal with this attempt. .
A subclass of TimedRotatingFileHandler (https://docs.python.org/2.7/library/logging.handlers.html#timedrotatingfilehandler) is used for file logging. The current configuration is to rotate the logfile on a daily basis and keep up to 10.000.000 old logfiles. It is currently not possible to access the hosts UCR from the container. So I suggest to add two options to the app settings: * rotation interval in days * number of copies to keep
there is also a log at /var/log/univention/listener_modules/ As workaround I have created a config in logrotate.d, which is basically an adapted copy of the logrotation for an AD-Connector which evaluates the logrotate-UCRs. But this is now just a workaround, if the UCRs change in the future, the manual logrotation-config for must be updated accordingly. /var/log/univention/listener_modules/ucsschool-kelvin-rest-api.log /var/log/univention/ucsschool-kelvin-rest-api/http.log { daily rotate 14 create 640 root adm compress missingok notifempty }
#comment2 was an old one, sorry! this is the actual used setting: cat ucsschool-kelvin-rest-api /var/log/univention/listener_modules/ucsschool-kelvin-rest-api.log /var/log/univention/ucsschool-kelvin-rest-api/http.log { daily rotate 14 create 640 root adm compress missingok notifempty postrotate univention-app restart ucsschool-kelvin-rest-api > /dev/null endscript }
listener_modules logfiles are created by the appcenters listener module. A Docker app is not supposed to install files into the host. Another solution should be found. IMHO the appcenter should provide: a) a logrotate config for the listener_modules file. b) an interface to register additional logfiles to rotate The rotation should be according to the hosts logrotate logrotate/* UCRVs.
This should be fixed in Bug 52503 and Bug 52504. *** This bug has been marked as a duplicate of bug 52503 ***
*** This bug has been marked as a duplicate of bug 52504 ***