Bug 47416

Summary: Enable Docker container log rotation
Product: UCS Reporter: Erik Damrose <damrose>
Component: App CenterAssignee: Felix Botner <botner>
Status: CLOSED FIXED QA Contact: Erik Damrose <damrose>
Severity: normal    
Priority: P5 CC: botner, heidelberger
Version: UCS 4.4   
Target Milestone: UCS 4.4-0-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: Bug Report What type of bug is this?: 7: Crash: Bug causes crash or data loss
Who will be affected by this bug?: 1: Will affect a very few installed domains How will those affected feel about the bug?: 5: Blocking further progress on the daily work
User Pain: 0.200 Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Erik Damrose univentionstaff 2018-07-30 16:49:27 CEST 
Our default configuration does not enable log rotation for app containers. In a support case we saw a heavily used app with thousands of users. The container existed for 12 days, and the container logfile had a size of 24GiB.

Using docker logs to analyse anything in the logs way pointless, apparently the logfile is parsed by dockerd before shown to the user.

We should by default enable log rotation for containers started by the app center, see

https://docs.docker.com/config/containers/logging/json-file/

This can be activated for new installation and applied to existing apps on update.
Comment 1 Felix Botner univentionstaff 2019-04-30 17:45:20 CEST 
added UCRV
 * docker/daemon/default/opts/log-driver?'json-file'
 * docker/daemon/default/map/log-opt?'max-file=4,max-size=10m'
for /etc/default/docker in univention-docker, docker daemon is restarted during this update (is this OK?, apps are not available during the restart).

Settings apply to new containers only, afaik

univention-docker.yaml
Comment 2 Erik Damrose univentionstaff 2019-05-07 12:02:16 CEST 
OK: univention-docker 4.0.0-4A~4.4.0.201904301731

OK: Log splitting at configured defaults
-r-------- 1 root root 4,1M Mai  7 11:59 e1c1a76dbbb53f69b8eea824ef1fec129a44d4462c2e8f5cabd76405c8f3816a-json.log
-rw-r----- 1 root root 9,6M Mai  7 11:35 e1c1a76dbbb53f69b8eea824ef1fec129a44d4462c2e8f5cabd76405c8f3816a-json.log.1

OK: As discussed, this fix will only apply to new containers, so on app updates or new installations
OK: yaml
Verified
Comment 3 Arvid Requate univentionstaff 2019-05-08 13:26:16 CEST 
<http://errata.software-univention.de/ucs/4.4/82.html>