Re: [atomic-devel] cron job for logrotate on containers

[Colin Walters <walters verbum org>]

On Tue, Dec 16, 2014, at 11:10 AM, Lokesh Mandvekar wrote:
> I have a script which would run logrotate on all running docker containers.
> Plan is to have this installed via the docker rpm into /etc/cron.daily. Posting here 
> for further discussion as per Colin's suggestion before I include it in any rpms.
> 
> ---
> #!/bin/sh
> 
> for id in $(docker ps -q); do
>     docker exec $id logrotate -s /var/log/logstatus /etc/logrotate.conf >/dev/null 2>&1
> done
> exit 0

I don't like that this presumes I have logrotate inside my containers.  If I have
configured my containers to be microservices (potentially using a custom "thin"
base instead of the present "fat" base) using remote logging, then I don't need this.

I get that this is trying to address a real problem, but I feel like with this
we're encouraging people to do the wrong thing.

I also think cron is just a hack =/  There are race conditions here if
the container exits before the exec runs, and I know we ignore that
with >/dev/null, but still.

This seems like something to add to *documentation* around container
logging as an option if you're using "containers as VMs" model.  But
not something to turn on by default for every user of the Docker RPM.