From c6f749093a1ac2504e828d729d7d877020d447a8 Mon Sep 17 00:00:00 2001 From: Eldar Nash Date: Sun, 14 Jan 2024 19:07:25 +0100 Subject: [PATCH 01/10] Adds draft unitfile and podman-systemd page --- content/install/podman-systemd/_index.md | 131 ++++++++++++++++++ .../install/podman-systemd/axosyslog.service | 68 +++++++++ 2 files changed, 199 insertions(+) create mode 100644 content/install/podman-systemd/_index.md create mode 100644 content/install/podman-systemd/axosyslog.service diff --git a/content/install/podman-systemd/_index.md b/content/install/podman-systemd/_index.md new file mode 100644 index 00000000..a1609686 --- /dev/null +++ b/content/install/podman-systemd/_index.md @@ -0,0 +1,131 @@ +--- +title: Install AxoSyslog with Podman and systemd +linktitle: Podman with systemd +weight: 100 +command: podman +--- + + +This page shows you how to run {{% param "product.abbrev" %}} as a systemd service using {{< param "command" >}}. + +{{< include-headless "cloud-ready-images.md" >}} + +## Prerequisites + +Podman version FIXME + +## Install {{% param "product.abbrev" %}} as a systemd service + +1. Make sure that there is no `axosyslog.service` unit file on the system. Run the following commands: + + ```shell + sudo rm /etc/systemd/system/axosyslog.service + ``` + + Expected output: + + ```shell + rm: cannot remove '/etc/systemd/system/axosyslog.service': No such file or directory + ``` + + ```shell + sudo systemctl cat axosyslog.service + ``` + + Expected output: + + ```shell + No files found for axosyslog.service. + ``` + +1. Create a systemd unit file called `/etc/containers/systemd/axosyslog.container` based on the following template: + + ```shell + sudo curl -o /etc/containers/systemd/axosyslog.container https://axoflow.com/docs/axosyslog-core/install/podman-systemd/axosyslog.service + ``` + + {{< include-code "axosyslog.service" "systemd" >}} + + +1. Edit the unit file as needed for your environment. + + - We recommend using the mount points suggested. + - Adjust the `CONFIG_MOUNT` option if you only want to manage one configuration file externally. + +1. (Optional) Create an `override.conf` file to set custom environment values. This can be useful if you don't want to use `/etc/containers/systemd/axosyslog.container` exclusively. + + ```shell + mkdir -p /etc/systemd/system/axosyslog.service.d + cat > /etc/systemd/system/axosyslog.service.d/override.conf <<"A" + A + ``` + + Later you can edit this file by running `systemctl edit axosyslog` + +1. Create the `/etc/syslog-ng/syslog-ng.conf` configuration file. + + For a start, you can use [this configuration file from the syslog-ng repository](https://github.com/syslog-ng/syslog-ng/blob/master/scl/syslog-ng.conf). + + Using this configuration, {{% param "product_name" %}} collects the local system logs and logs received from the network into the `/var/log/messages` and `/var/log/messages-kv.log` files. + + {{< include-code "https://raw.githubusercontent.com/syslog-ng/syslog-ng/master/scl/syslog-ng.conf" "shell" >}} + +1. Run the following commands to reload the systemd configuration and launch the `axosyslog` service. Though the systemctl commands are run as root, the container will run as the specified user if set appropriately in the unit file. + + ```shell + sudo systemctl daemon-reload + sudo systemctl stop axosyslog + sudo systemctl start axosyslog + ``` + +1. Run the following command to verify that the service was properly started: + + ```shell + journalctl -b -u axosyslog | tail -100 + ``` + + + +## Customize the configuration + +To customize the configuration, edit the `/etc/syslog-ng/syslog-ng.conf` file on the host, then reload the service. + +{{< include-headless "disk-buffer-in-container.md" >}} + + +## Managing the {{% param "product.abbrev" %}} systemd service + +- You can reload `syslog-ng` running in the container via systemctl. The following command reloads the `syslog-ng.conf` file, without stopping/starting `syslog-ng` itself. + + ```shell + sudo systemctl reload axosyslog + ``` + +- You can access `syslog-ng-ctl` from the host, for example by running: + + ```shell + {{< param "command" >}} exec AxoSyslog syslog-ng-ctl config + ``` + +- The traditional method of starting a service at boot (`systemctl enable`) is not supported for container services. To automatically start the {{% param "product.abbrev" %}} service, make sure that the following line is included in the unit file. (It is included in the sample template.) + + ```systemd + [Install] + WantedBy=default.target + ``` diff --git a/content/install/podman-systemd/axosyslog.service b/content/install/podman-systemd/axosyslog.service new file mode 100644 index 00000000..bbbc6ea1 --- /dev/null +++ b/content/install/podman-systemd/axosyslog.service @@ -0,0 +1,68 @@ +[Unit] +Description=AxoSyslog Container +Wants=NetworkManager.service network-online.target +After=NetworkManager.service network-online.target + + +[Install] +WantedBy=multi-user.target default.target + +[Container] +# Sets User and Group ID of container syslog-ng process; should match UID/GID of desired host user +# User= and Group= values must be numeric; this is a hard requirement with strict input validation +# Example: host passwd entry syslogng:x:1003:1004 => User=1003 Group=1004 +# Any symbolic representation, environment variable, or other non-numeric value will +# be ignored and the container run as root (UID 0). +User=1003 +Group=1004 + + +ContainerName=AxoSyslog + + +AddCapability=CAP_NET_BIND_SERVICE CAP_CHOWN CAP_FOWNER CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_SYS_ADMIN + + +Image=${AXOSYSLOG_IMAGE} + + +Volume=${PERSIST_MOUNT}:/var/lib/syslog-ng:z +Volume=${CONFIG_MOUNT}:/etc/syslog-ng:z +Volume=${DISKBUF_MOUNT}:/opt/dskbuf:z + + +Exec=-e +LogDriver=journald +Network=host +SecurityLabelDisable=true + + +[Service] +# Set up environment for container above +# Container image pulled from repository +Environment="AXOSYSLOG_IMAGE=ghcr.io/axoflow/axosyslog-hibiki:0.1.1" + + +# Required local mount point for syslog-ng persist data (including disk buffer) +# Required for axolet (metrics agent) access +Environment="PERSIST_MOUNT=/var/lib/syslog-ng" + + +# Required local mount point for syslog-ng config file and associated subdirectories +# Adjust this mount to reference either the entire directory or just the syslog-ng config file as needed +Environment="CONFIG_MOUNT=/opt/syslog-ng/etc" +# Environment="CONFIG_MOUNT=/opt/syslog-ng/etc/syslog-ng.conf" + +# Mount for Disk buffer files +Environment="DISKBUF_MOUNT=/opt/dskbuf" + + +# Ensure local filesystem mount points are created and set with appropriate permissions +ExecStartPre = +mkdir -p $PERSIST_MOUNT $CONFIG_MOUNT $DISKBUF_MOUNT +ExecStartPre = +chown -R syslogng:syslogng $PERSIST_MOUNT $CONFIG_MOUNT $DISKBUF_MOUNT + + +ExecReload=podman kill --signal="SIGHUP" AxoSyslog + + +Restart=on-failure From 7a0c6b2d9fcc66da3e21eed6ca6fb02bec5e0f5c Mon Sep 17 00:00:00 2001 From: Eldar Nash Date: Sun, 14 Jan 2024 19:07:33 +0100 Subject: [PATCH 02/10] Theme update --- themes/docsy-axoflow | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/themes/docsy-axoflow b/themes/docsy-axoflow index bb858e99..fe22b906 160000 --- a/themes/docsy-axoflow +++ b/themes/docsy-axoflow @@ -1 +1 @@ -Subproject commit bb858e99c7689f1f6d0584c3ea2e0cc48bb4f8eb +Subproject commit fe22b90671e6c59b8b7bcc4205c31e80d61f76c9 From ffb751d75b336a6640fc349e7ca463cc5211c476 Mon Sep 17 00:00:00 2001 From: Eldar Nash Date: Mon, 15 Jan 2024 18:08:13 +0100 Subject: [PATCH 03/10] systemd unitfile updates --- .../install/podman-systemd/axosyslog.service | 26 ++++++------------- 1 file changed, 8 insertions(+), 18 deletions(-) diff --git a/content/install/podman-systemd/axosyslog.service b/content/install/podman-systemd/axosyslog.service index bbbc6ea1..c64990fe 100644 --- a/content/install/podman-systemd/axosyslog.service +++ b/content/install/podman-systemd/axosyslog.service @@ -10,11 +10,11 @@ WantedBy=multi-user.target default.target [Container] # Sets User and Group ID of container syslog-ng process; should match UID/GID of desired host user # User= and Group= values must be numeric; this is a hard requirement with strict input validation -# Example: host passwd entry syslogng:x:1003:1004 => User=1003 Group=1004 +# Example: host passwd entry syslogng:x:1000:1000 => User=1000 Group=1000 # Any symbolic representation, environment variable, or other non-numeric value will # be ignored and the container run as root (UID 0). -User=1003 -Group=1004 +# User=1000 +# Group=1000 ContainerName=AxoSyslog @@ -26,10 +26,8 @@ AddCapability=CAP_NET_BIND_SERVICE CAP_CHOWN CAP_FOWNER CAP_DAC_OVERRIDE CAP_DAC Image=${AXOSYSLOG_IMAGE} -Volume=${PERSIST_MOUNT}:/var/lib/syslog-ng:z -Volume=${CONFIG_MOUNT}:/etc/syslog-ng:z -Volume=${DISKBUF_MOUNT}:/opt/dskbuf:z - +Volume=${PERSIST_MOUNT}:/opt/axosyslog/var/lib:z +Volume=${CONFIG_MOUNT}:/opt/axosyslog/etc:z Exec=-e LogDriver=journald @@ -40,26 +38,18 @@ SecurityLabelDisable=true [Service] # Set up environment for container above # Container image pulled from repository -Environment="AXOSYSLOG_IMAGE=ghcr.io/axoflow/axosyslog-hibiki:0.1.1" +Environment="AXOSYSLOG_IMAGE=ghcr.io/axoflow/axosyslog:latest" -# Required local mount point for syslog-ng persist data (including disk buffer) -# Required for axolet (metrics agent) access Environment="PERSIST_MOUNT=/var/lib/syslog-ng" # Required local mount point for syslog-ng config file and associated subdirectories -# Adjust this mount to reference either the entire directory or just the syslog-ng config file as needed -Environment="CONFIG_MOUNT=/opt/syslog-ng/etc" -# Environment="CONFIG_MOUNT=/opt/syslog-ng/etc/syslog-ng.conf" - -# Mount for Disk buffer files -Environment="DISKBUF_MOUNT=/opt/dskbuf" +Environment="CONFIG_MOUNT=/opt/axosyslog/etc" # Ensure local filesystem mount points are created and set with appropriate permissions -ExecStartPre = +mkdir -p $PERSIST_MOUNT $CONFIG_MOUNT $DISKBUF_MOUNT -ExecStartPre = +chown -R syslogng:syslogng $PERSIST_MOUNT $CONFIG_MOUNT $DISKBUF_MOUNT +ExecStartPre = +mkdir -p $PERSIST_MOUNT $CONFIG_MOUNT ExecReload=podman kill --signal="SIGHUP" AxoSyslog From d16f43179e6ffb9f79c3dd7e310ef8cb2c583dc7 Mon Sep 17 00:00:00 2001 From: Eldar Nash Date: Mon, 15 Jan 2024 18:38:47 +0100 Subject: [PATCH 04/10] Review updates --- content/install/podman-systemd/_index.md | 62 +++++++++++++----------- 1 file changed, 34 insertions(+), 28 deletions(-) diff --git a/content/install/podman-systemd/_index.md b/content/install/podman-systemd/_index.md index a1609686..c0093da0 100644 --- a/content/install/podman-systemd/_index.md +++ b/content/install/podman-systemd/_index.md @@ -12,7 +12,7 @@ This page shows you how to run {{% param "product.abbrev" %}} as a systemd servi ## Prerequisites -Podman version FIXME +Podman version 4.6.1. ## Install {{% param "product.abbrev" %}} as a systemd service @@ -45,46 +45,38 @@ Podman version FIXME ``` {{< include-code "axosyslog.service" "systemd" >}} - +1. (Optional) Create an `override.conf` file to set custom environment values. This can be useful if you don't want to modify `/etc/containers/systemd/axosyslog.container`. Run: -1. Edit the unit file as needed for your environment. + ```shell + systemctl edit axosyslog + ``` - - We recommend using the mount points suggested. - - Adjust the `CONFIG_MOUNT` option if you only want to manage one configuration file externally. + Later you can edit this file by running the previous command again. -1. (Optional) Create an `override.conf` file to set custom environment values. This can be useful if you don't want to use `/etc/containers/systemd/axosyslog.container` exclusively. +1. Create the `/opt/axosyslog/etc/syslog-ng.conf` configuration file based on the following template. ```shell - mkdir -p /etc/systemd/system/axosyslog.service.d - cat > /etc/systemd/system/axosyslog.service.d/override.conf <<"A" - A + sudo curl -o /opt/axosyslog/etc/syslog-ng.conf https://axoflow.com/docs/axosyslog-core/install/podman-systemd/syslog-ng.conf ``` - Later you can edit this file by running `systemctl edit axosyslog` + With the following sample configuration file {{% param "product_name" %}} collects the local system logs and logs received from the network into the `/var/log/messages` file. -1. Create the `/etc/syslog-ng/syslog-ng.conf` configuration file. + ```shell + log { + source { default-network-drivers(); }; + destination { file("/logs/messages"); }; + }; + ``` - For a start, you can use [this configuration file from the syslog-ng repository](https://github.com/syslog-ng/syslog-ng/blob/master/scl/syslog-ng.conf). + You can customize the configuration file according to your needs. For a few pointers, see {{% xref "/quickstart/configure-servers/_index.md" %}} and the rest of this guide. - Using this configuration, {{% param "product_name" %}} collects the local system logs and logs received from the network into the `/var/log/messages` and `/var/log/messages-kv.log` files. - {{< include-code "https://raw.githubusercontent.com/syslog-ng/syslog-ng/master/scl/syslog-ng.conf" "shell" >}} + 1. Run the following commands to reload the systemd configuration and launch the `axosyslog` service. Though the systemctl commands are run as root, the container will run as the specified user if set appropriately in the unit file. @@ -102,6 +94,20 @@ Podman version FIXME +1. Send a test message to the service: + + ```shell + echo '<5> localhost test: this is a test message' | nc localhost 514 + ``` + + Check that the test message has arrived into the log file: + + ```shell + less /opt/axosyslog/var/log/messages + ``` + + + ## Customize the configuration To customize the configuration, edit the `/etc/syslog-ng/syslog-ng.conf` file on the host, then reload the service. @@ -120,7 +126,7 @@ To customize the configuration, edit the `/etc/syslog-ng/syslog-ng.conf` file on - You can access `syslog-ng-ctl` from the host, for example by running: ```shell - {{< param "command" >}} exec AxoSyslog syslog-ng-ctl config + {{< param "command" >}} exec -ti AxoSyslog syslog-ng-ctl show-license-info ``` - The traditional method of starting a service at boot (`systemctl enable`) is not supported for container services. To automatically start the {{% param "product.abbrev" %}} service, make sure that the following line is included in the unit file. (It is included in the sample template.) From 6c0580636f4d6a2d65f96314dc1d6f9befa24b18 Mon Sep 17 00:00:00 2001 From: Eldar Nash Date: Mon, 12 Feb 2024 15:58:13 +0100 Subject: [PATCH 05/10] Updates and sample syslog-ng config file --- content/install/podman-systemd/_index.md | 36 ++++++++++++++----- .../install/podman-systemd/axosyslog.service | 8 ++++- content/install/podman-systemd/syslog-ng.conf | 7 ++++ 3 files changed, 42 insertions(+), 9 deletions(-) create mode 100644 content/install/podman-systemd/syslog-ng.conf diff --git a/content/install/podman-systemd/_index.md b/content/install/podman-systemd/_index.md index c0093da0..17a5676a 100644 --- a/content/install/podman-systemd/_index.md +++ b/content/install/podman-systemd/_index.md @@ -40,6 +40,7 @@ Podman version 4.6.1. 1. Create a systemd unit file called `/etc/containers/systemd/axosyslog.container` based on the following template: + ```shell sudo curl -o /etc/containers/systemd/axosyslog.container https://axoflow.com/docs/axosyslog-core/install/podman-systemd/axosyslog.service ``` @@ -61,17 +62,12 @@ Podman version 4.6.1. 1. Create the `/opt/axosyslog/etc/syslog-ng.conf` configuration file based on the following template. ```shell - sudo curl -o /opt/axosyslog/etc/syslog-ng.conf https://axoflow.com/docs/axosyslog-core/install/podman-systemd/syslog-ng.conf + sudo mkdir -p /opt/axosyslog/etc/ ; sudo curl -o /opt/axosyslog/etc/syslog-ng.conf https://axoflow.com/docs/axosyslog-core/install/podman-systemd/syslog-ng.conf ``` With the following sample configuration file {{% param "product_name" %}} collects the local system logs and logs received from the network into the `/var/log/messages` file. - ```shell - log { - source { default-network-drivers(); }; - destination { file("/logs/messages"); }; - }; - ``` + {{< include-code "syslog-ng.conf" "shell" >}} You can customize the configuration file according to your needs. For a few pointers, see {{% xref "/quickstart/configure-servers/_index.md" %}} and the rest of this guide. @@ -86,13 +82,37 @@ Podman version 4.6.1. sudo systemctl start axosyslog ``` + If there aren't any errors, these commands don't have any output. + 1. Run the following command to verify that the service was properly started: ```shell journalctl -b -u axosyslog | tail -100 ``` - + The output should be similar to: + + ```shell + Feb 12 09:04:40 systemd[1]: Starting AxoSyslog Container... + Feb 12 09:04:40 podman[2783]: 2024-02-12 09:04:40.454665314 -0500 EST m=+0.167732500 system refresh + Feb 12 09:04:40 axosyslog[2783]: Trying to pull ghcr.io/axoflow/axosyslog:latest... + Feb 12 09:04:40 axosyslog[2783]: Pulling image //ghcr.io/axoflow/axosyslog:latest inside systemd: setting pull timeout to 5m0s + Feb 12 09:04:41 axosyslog[2783]: Getting image source signatures + Feb 12 09:04:41 axosyslog[2783]: Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 + Feb 12 09:04:41 axosyslog[2783]: Copying blob sha256:619be1103602d98e1963557998c954c892b3872986c27365e9f651f5bc27cab8 + Feb 12 09:04:41 axosyslog[2783]: Copying blob sha256:b061f41886afb563aff2a5f731f3286ba54ea6f657ed3e282f5339a12a64c5ef + Feb 12 09:04:41 axosyslog[2783]: Copying blob sha256:1b8d965a650c6a05227bd5c549930c9898071e8e7abb26886d4169a99762de0a + Feb 12 09:04:41 axosyslog[2783]: Copying blob sha256:b5b0ce6ebef193c4f909379188cfb59443e8a1809816fbb476074908b170b4d1 + Feb 12 09:04:50 axosyslog[2783]: Copying config sha256:c379d94ef2c5ec348dfb3a93eed9a19aed667c396008db85edc354c8f4f8cb6a + Feb 12 09:04:50 axosyslog[2783]: Writing manifest to image destination + Feb 12 09:04:50 podman[2783]: 2024-02-12 09:04:50.422390687 -0500 EST m=+10.135457863 container create 477c9f011684f767aae138a0f88602ff30a8c95a46d616bb3b95318ec3a4b79f (image=ghcr.io/axoflow/axosyslog:latest, name=AxoSyslog, org.opencontainers.image.documentation=https://axoflow.com/docs/axosyslog/docs/, org.opencontainers.image.url=https://axoflow.io/, org.opencontainers.image.source=https://github.com/axoflow/axosyslog, org.opencontainers.image.authors=Axoflow, org.opencontainers.image.title=AxoSyslog, org.opencontainers.image.vendor=Axoflow, PODMAN_SYSTEMD_UNIT=axosyslog.service, org.opencontainers.image.description=A cloud-native distribution of syslog-ng by Axoflow, maintainer=axoflow.io, org.opencontainers.image.licenses=GPL-3.0-only) + Feb 12 09:04:50 podman[2783]: 2024-02-12 09:04:50.402626446 -0500 EST m=+10.115693622 image pull c379d94ef2c5ec348dfb3a93eed9a19aed667c396008db85edc354c8f4f8cb6a ghcr.io/axoflow/axosyslog:latest + Feb 12 09:04:50 podman[2783]: 2024-02-12 09:04:50.489925509 -0500 EST m=+10.202992695 container init 477c9f011684f767aae138a0f88602ff30a8c95a46d616bb3b95318ec3a4b79f (image=ghcr.io/axoflow/axosyslog:latest, name=AxoSyslog, org.opencontainers.image.authors=Axoflow, org.opencontainers.image.licenses=GPL-3.0-only, org.opencontainers.image.vendor=Axoflow, maintainer=axoflow.io, PODMAN_SYSTEMD_UNIT=axosyslog.service, org.opencontainers.image.url=https://axoflow.io/, org.opencontainers.image.documentation=https://axoflow.com/docs/axosyslog/docs/, org.opencontainers.image.title=AxoSyslog, org.opencontainers.image.description=A cloud-native distribution of syslog-ng by Axoflow, org.opencontainers.image.source=https://github.com/axoflow/axosyslog) + Feb 12 09:04:50 systemd[1]: Started AxoSyslog Container. + Feb 12 09:04:50 podman[2783]: 2024-02-12 09:04:50.500050669 -0500 EST m=+10.213117845 container start 477c9f011684f767aae138a0f88602ff30a8c95a46d616bb3b95318ec3a4b79f (image=ghcr.io/axoflow/axosyslog:latest, name=AxoSyslog, PODMAN_SYSTEMD_UNIT=axosyslog.service, org.opencontainers.image.source=https://github.com/axoflow/axosyslog, org.opencontainers.image.authors=Axoflow, org.opencontainers.image.description=A cloud-native distribution of syslog-ng by Axoflow, org.opencontainers.image.documentation=https://axoflow.com/docs/axosyslog/docs/, org.opencontainers.image.licenses=GPL-3.0-only, org.opencontainers.image.vendor=Axoflow, org.opencontainers.image.title=AxoSyslog, maintainer=axoflow.io, org.opencontainers.image.url=https://axoflow.io/) + Feb 12 09:04:50 axosyslog[2783]: 477c9f011684f767aae138a0f88602ff30a8c95a46d616bb3b95318ec3a4b79f + Feb 12 09:04:50 AxoSyslog[2821]: [2024-02-12T14:04:50.806054] syslog-ng starting up; version='4.6.0' + ``` 1. Send a test message to the service: diff --git a/content/install/podman-systemd/axosyslog.service b/content/install/podman-systemd/axosyslog.service index c64990fe..f570a402 100644 --- a/content/install/podman-systemd/axosyslog.service +++ b/content/install/podman-systemd/axosyslog.service @@ -1,3 +1,4 @@ + [Unit] Description=AxoSyslog Container Wants=NetworkManager.service network-online.target @@ -28,6 +29,7 @@ Image=${AXOSYSLOG_IMAGE} Volume=${PERSIST_MOUNT}:/opt/axosyslog/var/lib:z Volume=${CONFIG_MOUNT}:/opt/axosyslog/etc:z +Volume=${LOG_MOUNT}:/opt/axosyslog/var/log:z Exec=-e LogDriver=journald @@ -48,8 +50,12 @@ Environment="PERSIST_MOUNT=/var/lib/syslog-ng" Environment="CONFIG_MOUNT=/opt/axosyslog/etc" +# Required local mount point for storing collected logs +Environment="LOG_MOUNT=/var/logs" + + # Ensure local filesystem mount points are created and set with appropriate permissions -ExecStartPre = +mkdir -p $PERSIST_MOUNT $CONFIG_MOUNT +ExecStartPre = +mkdir -p $PERSIST_MOUNT $CONFIG_MOUNT $LOG_MOUNT ExecReload=podman kill --signal="SIGHUP" AxoSyslog diff --git a/content/install/podman-systemd/syslog-ng.conf b/content/install/podman-systemd/syslog-ng.conf new file mode 100644 index 00000000..c1fad0a5 --- /dev/null +++ b/content/install/podman-systemd/syslog-ng.conf @@ -0,0 +1,7 @@ + +@version: current +@include "scl.conf" +log { + source { default-network-drivers(); system(); internal(); }; + destination { file("/var/logs/messages"); }; +}; \ No newline at end of file From 6ea29e967f94030f4c08da0de4e4edd3e2096a39 Mon Sep 17 00:00:00 2001 From: Eldar Nash Date: Mon, 12 Feb 2024 16:00:10 +0100 Subject: [PATCH 06/10] Typo fix --- .../chapter-sources/source-default-network-drivers/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/chapter-sources/source-default-network-drivers/_index.md b/content/chapter-sources/source-default-network-drivers/_index.md index 2b9821f8..67fec3d9 100644 --- a/content/chapter-sources/source-default-network-drivers/_index.md +++ b/content/chapter-sources/source-default-network-drivers/_index.md @@ -24,7 +24,7 @@ In addition to receiving messages on different ports and in different formats, t {{% alert title="Warning" color="warning" %}} -If you do not configure the TLS keys to dislay to the clients, {{% param "product.abbrev" %}} cannot accept encrypted connections. The application starts and listens on TCP:6514, and can receive messages on other ports, but will display a warning messages about missing keys. +If you do not configure the TLS keys to show to the clients, {{% param "product.abbrev" %}} cannot accept encrypted connections. The application starts and listens on TCP:6514, and can receive messages on other ports, but will display a warning messages about missing keys. {{% /alert %}} From 05cd25dc80e80d81ac4bc85ba615d2a2f84c1330 Mon Sep 17 00:00:00 2001 From: Eldar Nash Date: Sun, 18 Feb 2024 13:39:09 +0100 Subject: [PATCH 07/10] Adds some notes --- content/install/podman-systemd/_index.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/content/install/podman-systemd/_index.md b/content/install/podman-systemd/_index.md index 17a5676a..39d8531c 100644 --- a/content/install/podman-systemd/_index.md +++ b/content/install/podman-systemd/_index.md @@ -14,6 +14,8 @@ This page shows you how to run {{% param "product.abbrev" %}} as a systemd servi Podman version 4.6.1. + + ## Install {{% param "product.abbrev" %}} as a systemd service 1. Make sure that there is no `axosyslog.service` unit file on the system. Run the following commands: @@ -72,7 +74,8 @@ Podman version 4.6.1. You can customize the configuration file according to your needs. For a few pointers, see {{% xref "/quickstart/configure-servers/_index.md" %}} and the rest of this guide. - + 1. Run the following commands to reload the systemd configuration and launch the `axosyslog` service. Though the systemctl commands are run as root, the container will run as the specified user if set appropriately in the unit file. @@ -120,6 +123,11 @@ Podman version 4.6.1. echo '<5> localhost test: this is a test message' | nc localhost 514 ``` + + Check that the test message has arrived into the log file: ```shell @@ -133,7 +141,7 @@ Podman version 4.6.1. To customize the configuration, edit the `/etc/syslog-ng/syslog-ng.conf` file on the host, then reload the service. {{< include-headless "disk-buffer-in-container.md" >}} - + ## Managing the {{% param "product.abbrev" %}} systemd service From 15a8e3eee6ae064da8370ab54aa366ec04e7b331 Mon Sep 17 00:00:00 2001 From: Robert Fekete Date: Sun, 18 Feb 2024 15:31:55 +0100 Subject: [PATCH 08/10] Minor fixes --- content/install/podman-systemd/_index.md | 10 ++++++---- .../{axosyslog.service => axosyslog.container} | 0 2 files changed, 6 insertions(+), 4 deletions(-) rename content/install/podman-systemd/{axosyslog.service => axosyslog.container} (100%) diff --git a/content/install/podman-systemd/_index.md b/content/install/podman-systemd/_index.md index 39d8531c..cee2fc7b 100644 --- a/content/install/podman-systemd/_index.md +++ b/content/install/podman-systemd/_index.md @@ -14,7 +14,7 @@ This page shows you how to run {{% param "product.abbrev" %}} as a systemd servi Podman version 4.6.1. - +The steps in this procedure were tested on CentOS 9, but should work on other similar distributions as well. ## Install {{% param "product.abbrev" %}} as a systemd service @@ -44,10 +44,10 @@ Podman version 4.6.1. ```shell - sudo curl -o /etc/containers/systemd/axosyslog.container https://axoflow.com/docs/axosyslog-core/install/podman-systemd/axosyslog.service + sudo curl -o /etc/containers/systemd/axosyslog.container https://axoflow.com/docs/axosyslog-core/install/podman-systemd/axosyslog.container ``` - {{< include-code "axosyslog.service" "systemd" >}} + {{< include-code "axosyslog.container" "systemd" >}} 1. Edit the unit file as needed for your environment. @@ -75,7 +75,8 @@ Podman version 4.6.1. + > Where do we set the /var/log part? + > Do we have to manually create /opt/axosyslog/var/log/messages outside? --> 1. Run the following commands to reload the systemd configuration and launch the `axosyslog` service. Though the systemctl commands are run as root, the container will run as the specified user if set appropriately in the unit file. @@ -139,6 +140,7 @@ Podman version 4.6.1. ## Customize the configuration To customize the configuration, edit the `/etc/syslog-ng/syslog-ng.conf` file on the host, then reload the service. + {{< include-headless "disk-buffer-in-container.md" >}} diff --git a/content/install/podman-systemd/axosyslog.service b/content/install/podman-systemd/axosyslog.container similarity index 100% rename from content/install/podman-systemd/axosyslog.service rename to content/install/podman-systemd/axosyslog.container From 4b04cea71e93026de60beb26d53af203e690bfdf Mon Sep 17 00:00:00 2001 From: Robert Fekete Date: Tue, 20 Feb 2024 13:08:36 +0100 Subject: [PATCH 09/10] Fixes and corrections --- content/install/podman-systemd/_index.md | 35 +++++++++++-------- .../podman-systemd/axosyslog.container | 20 +++-------- content/install/podman-systemd/syslog-ng.conf | 2 +- 3 files changed, 26 insertions(+), 31 deletions(-) diff --git a/content/install/podman-systemd/_index.md b/content/install/podman-systemd/_index.md index cee2fc7b..76f62254 100644 --- a/content/install/podman-systemd/_index.md +++ b/content/install/podman-systemd/_index.md @@ -51,7 +51,13 @@ The steps in this procedure were tested on CentOS 9, but should work on other si 1. Edit the unit file as needed for your environment. - - We recommend using the mount points suggested. + We recommend using the default mount points: + + | Purpose | On the host | In the container | + | -------- | ------- | ------- | + | Disk-buffer and persist files | `/var/lib/syslog-ng` | `/var/lib/syslog-ng` | + | `syslog-ng` configuration file | `/opt/axosyslog/etc` | `/etc/syslog-ng` | + | Output log files | `/opt/axosyslog/var/log` | `/var/log` | 1. (Optional) Create an `override.conf` file to set custom environment values. This can be useful if you don't want to modify `/etc/containers/systemd/axosyslog.container`. Run: @@ -73,11 +79,6 @@ The steps in this procedure were tested on CentOS 9, but should work on other si You can customize the configuration file according to your needs. For a few pointers, see {{% xref "/quickstart/configure-servers/_index.md" %}} and the rest of this guide. - - - 1. Run the following commands to reload the systemd configuration and launch the `axosyslog` service. Though the systemctl commands are run as root, the container will run as the specified user if set appropriately in the unit file. ```shell @@ -124,23 +125,21 @@ The steps in this procedure were tested on CentOS 9, but should work on other si echo '<5> localhost test: this is a test message' | nc localhost 514 ``` - - Check that the test message has arrived into the log file: ```shell less /opt/axosyslog/var/log/messages ``` - + The output should be similar to: + + ```shell + Feb 19 15:49:12 localhost test: this is a test message + ``` ## Customize the configuration -To customize the configuration, edit the `/etc/syslog-ng/syslog-ng.conf` file on the host, then reload the service. - +To customize the configuration, edit the `/opt/axosyslog/etc/syslog-ng.conf` file on the host, then reload the service. {{< include-headless "disk-buffer-in-container.md" >}} @@ -159,6 +158,14 @@ To customize the configuration, edit the `/etc/syslog-ng/syslog-ng.conf` file on {{< param "command" >}} exec -ti AxoSyslog syslog-ng-ctl show-license-info ``` + If you use `syslog-ng-ctl` regularly, you can create the `/opt/axosyslog/bin/syslog-ng-ctl` file with the following content, make it executable, and add it to your path. That way running `syslog-ng-ctl ` will execute the command in the AxoSyslog container. + + ```shell + #!/bin/bash + + podman exec -ti AxoSyslog syslog-ng-ctl "$@" + ``` + - The traditional method of starting a service at boot (`systemctl enable`) is not supported for container services. To automatically start the {{% param "product.abbrev" %}} service, make sure that the following line is included in the unit file. (It is included in the sample template.) ```systemd diff --git a/content/install/podman-systemd/axosyslog.container b/content/install/podman-systemd/axosyslog.container index f570a402..c116db8c 100644 --- a/content/install/podman-systemd/axosyslog.container +++ b/content/install/podman-systemd/axosyslog.container @@ -4,7 +4,6 @@ Description=AxoSyslog Container Wants=NetworkManager.service network-online.target After=NetworkManager.service network-online.target - [Install] WantedBy=multi-user.target default.target @@ -17,48 +16,37 @@ WantedBy=multi-user.target default.target # User=1000 # Group=1000 - ContainerName=AxoSyslog - AddCapability=CAP_NET_BIND_SERVICE CAP_CHOWN CAP_FOWNER CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_SYS_ADMIN - Image=${AXOSYSLOG_IMAGE} - -Volume=${PERSIST_MOUNT}:/opt/axosyslog/var/lib:z -Volume=${CONFIG_MOUNT}:/opt/axosyslog/etc:z -Volume=${LOG_MOUNT}:/opt/axosyslog/var/log:z +Volume=${PERSIST_MOUNT}:/var/lib/syslog-ng:z +Volume=${CONFIG_MOUNT}:/etc/syslog-ng:z +Volume=${LOG_MOUNT}:/var/log:z Exec=-e LogDriver=journald Network=host SecurityLabelDisable=true - [Service] # Set up environment for container above # Container image pulled from repository Environment="AXOSYSLOG_IMAGE=ghcr.io/axoflow/axosyslog:latest" - Environment="PERSIST_MOUNT=/var/lib/syslog-ng" - # Required local mount point for syslog-ng config file and associated subdirectories Environment="CONFIG_MOUNT=/opt/axosyslog/etc" - # Required local mount point for storing collected logs -Environment="LOG_MOUNT=/var/logs" - +Environment="LOG_MOUNT=/opt/axosyslog/var/log" # Ensure local filesystem mount points are created and set with appropriate permissions ExecStartPre = +mkdir -p $PERSIST_MOUNT $CONFIG_MOUNT $LOG_MOUNT - ExecReload=podman kill --signal="SIGHUP" AxoSyslog - Restart=on-failure diff --git a/content/install/podman-systemd/syslog-ng.conf b/content/install/podman-systemd/syslog-ng.conf index c1fad0a5..56b1f09c 100644 --- a/content/install/podman-systemd/syslog-ng.conf +++ b/content/install/podman-systemd/syslog-ng.conf @@ -3,5 +3,5 @@ @include "scl.conf" log { source { default-network-drivers(); system(); internal(); }; - destination { file("/var/logs/messages"); }; + destination { file("/var/log/messages"); }; }; \ No newline at end of file From e0635bd421f91887875afad346adb5f3d3d04e70 Mon Sep 17 00:00:00 2001 From: Robert Fekete Date: Tue, 20 Feb 2024 13:17:34 +0100 Subject: [PATCH 10/10] Delete disk-buffer notes most of these is taken care of in the unit file --- content/install/podman-systemd/_index.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/content/install/podman-systemd/_index.md b/content/install/podman-systemd/_index.md index 76f62254..e438763a 100644 --- a/content/install/podman-systemd/_index.md +++ b/content/install/podman-systemd/_index.md @@ -141,9 +141,6 @@ The steps in this procedure were tested on CentOS 9, but should work on other si To customize the configuration, edit the `/opt/axosyslog/etc/syslog-ng.conf` file on the host, then reload the service. -{{< include-headless "disk-buffer-in-container.md" >}} - - ## Managing the {{% param "product.abbrev" %}} systemd service - You can reload `syslog-ng` running in the container via systemctl. The following command reloads the `syslog-ng.conf` file, without stopping/starting `syslog-ng` itself.