Univention Bugzilla – Bug 56058
UCS should save Docker logs to journald
Last modified: 2024-03-28 09:08:16 CET
Most native Docker apps write their log output directly to STDOUT/STDERR. It is best practice. Univention apps should do that too. The problem is, that atm those logs go to /var/lib/docker/containers/*/*-json.log (with '*' being the Docker container ID). 1. That path is very difficult to find for operators. 2. There is no tooling in UCS to read JSON logs. 3. When the container is removed, the log file gets deleted. The Appcenter should configure Docker, journald and logrotate in a way that the Docker container output gets redirected to e.g. "/var/log/<appid>.log" and those files get logrotated. This is a precondition to 1. Common way to build Docker apps for Kubernetes and UCS. 2. Fixing multiple bugs we have with Python logging from Docker containers (Bug 56048, Bug 52501, Bug 55983).
As a 1st step, just configure "journald" to be the default Docker logging driver. All that needs to be done for that, is fixing Bug #56130 and setting the default for the UCRV: ucr set docker/daemon/default/opts/log-driver?journald If a log file should actually be extracted from the journald DB by rsyslog and written to a text file (and then also logrotated), can be decided case-by-case. As currently all logs are lost, don't do that by default. It's already an improvement to have them in journald instead of losing the logs. Additional bug reports can be created when required.
IMHO, this should be implemented for the 5.2-0 release, because the change requires a restart of the Docker daemon to take effect. Something we should not do in an errata release.