使用 sidecar 轮转日志
背景
业务程序如果将日志写到日志文件,如果没有自动轮转,可能会撑爆磁盘导致业务异常,甚至可能影响节点上其它 Pod。
如果所使用的日志框架不支持日志轮转,或者不想改动业务代码,可以通过 sidecar 来对业务日志进行自动轮转,本文介绍如何基于 docker-logrotate 来实现日志轮转。
docker-logrotate 介绍
docker-logrotate 是一个将 logrotate 容器化的开源项目,该项目自动构建出的容器镜像 imroc/logrotate 是基于 alpine,预装了 logrotate,且支持多 CPU 架构的容器镜像,还可以通过环境变量的方式控制 logrotate 配置。
示例一:自动轮转 nginx ingress 的日志
配置 ingress-nginx helm chart 的 values.yaml:
controller:
config:
access-log-path: /var/log/nginx/nginx_access.log
error-log-path: /var/log/nginx/nginx_error.log
extraVolumes:
- name: log
emptyDir: {}
extraVolumeMounts:
- name: log
mountPath: /var/log/nginx
extraContainers: # logrotate sidecar
- name: logrotate
image: imroc/logrotate:latest
imagePullPolicy: IfNotPresent
env:
- name: LOGROTATE_FILE_PATTERN
value: "/var/log/nginx/nginx_*.log"
- name: LOGROTATE_FILESIZE
value: "20M"
- name: LOGROTATE_FILENUM
value: "10"
- name: CRON_EXPR
value: "*/1 * * * *"
- name: CROND_LOGLEVEL
value: "7"
volumeMounts:
- name: log # share log directory
mountPath: /var/log/nginx
示例二:自动轮转 nginx 日志
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
volumeMounts:
- name: log # share log directory
mountPath: /var/log/nginx
- name: logrotate
image: imroc/logrotate:latest
env:
- name: LOGROTATE_FILE_PATTERN
value: "/var/log/nginx/*.log"
- name: LOGROTATE_FILESIZE
value: "20M"
- name: LOGROTATE_FILENUM
value: "10"
- name: CRON_EXPR
value: "*/1 * * * *"
- name: CROND_LOGLEVEL
value: "7"
volumeMounts:
- name: log # share log directory
mountPath: /var/log/nginx
volumes:
- name: log
emptyDir: {}