From 58cbe12dd78daf73fcfd9eeca4a44d617a071fff Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Thu, 6 May 2021 15:18:22 -0400 Subject: [PATCH 01/12] Update to use alpine --- Dockerfile | 5 ++--- start.sh | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index ebe71b1..796c8b9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,6 @@ -FROM centos:7 +FROM alpine:latest -RUN curl -s -L -o /etc/yum.repos.d/rsyslog.repo http://rpms.adiscon.com/v8-stable/rsyslog.repo -RUN yum -y install rsyslog gettext && yum clean all +RUN apk add --no-cache rsyslog gettext COPY rsyslog.conf.template /etc/rsyslog.conf.template COPY start.sh /start.sh diff --git a/start.sh b/start.sh index 3d8d3d0..d355b92 100644 --- a/start.sh +++ b/start.sh @@ -1,7 +1,7 @@ -#!/bin/bash +#!/bin/sh rm -f /etc/rsyslog.conf envsubst < /etc/rsyslog.conf.template > /etc/rsyslog.conf -exec /sbin/rsyslogd -n +exec /usr/sbin/rsyslogd -n From 64eed7eb7fa066b9725e94f7c870d2e8ceffb4ea Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Thu, 6 May 2021 15:21:15 -0400 Subject: [PATCH 02/12] Set reasonable defaults for port and protocol --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 796c8b9..95bd8cc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,5 @@ FROM alpine:latest +ENV RSYSLOG_PORT=514 RSYSLOG_PROTOCOL=udp RUN apk add --no-cache rsyslog gettext From a0c3b9d14467991933fc0ae44f7c79f5adf6e187 Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Thu, 6 May 2021 16:00:33 -0400 Subject: [PATCH 03/12] Add working daemonset and test systems --- k8s/agent.yaml | 37 +++++++++++++++++++++++++++++ k8s/config.yaml | 8 +++++++ test/nginx.yaml | 59 +++++++++++++++++++++++++++++++++++++++++++++++ test/rsyslog.yaml | 45 ++++++++++++++++++++++++++++++++++++ 4 files changed, 149 insertions(+) create mode 100644 k8s/agent.yaml create mode 100644 k8s/config.yaml create mode 100644 test/nginx.yaml create mode 100644 test/rsyslog.yaml diff --git a/k8s/agent.yaml b/k8s/agent.yaml new file mode 100644 index 0000000..99d7352 --- /dev/null +++ b/k8s/agent.yaml @@ -0,0 +1,37 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: syslog-agent + labels: + app: syslog +spec: + selector: + matchLabels: + app: syslog + template: + metadata: + labels: + app: syslog + spec: + containers: + - name: syslog-agent + image: k3d-k3s-default-registry:36387/syslog-agent + envFrom: + - configMapRef: + name: syslog-agent-config + volumeMounts: + - mountPath: /var/log + name: logs + readOnly: true + - mountPath: /var/lib/syslog + name: work + volumes: + - name: logs + hostPath: + path: /var/log + - name: work + emptyDir: {} + + + + diff --git a/k8s/config.yaml b/k8s/config.yaml new file mode 100644 index 0000000..3a015a2 --- /dev/null +++ b/k8s/config.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: syslog-agent-config +data: + RSYSLOG_PORT: "514" + RSYSLOG_PROTOCOL: UDP + RSYSLOG_TARGET: rsyslog diff --git a/test/nginx.yaml b/test/nginx.yaml new file mode 100644 index 0000000..d2d075c --- /dev/null +++ b/test/nginx.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app: nginx + name: nginx +spec: + replicas: 1 + selector: + matchLabels: + app: nginx + strategy: {} + template: + metadata: + labels: + app: nginx + spec: + containers: + - image: nginx + name: nginx + ports: + - containerPort: 80 + resources: {} +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: nginx + name: nginx +spec: + ports: + - name: 80-80 + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: nginx + type: ClusterIP +--- +# apiVersion: networking.k8s.io/v1beta1 # for k3s < v1.19 +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: nginx + annotations: + ingress.kubernetes.io/ssl-redirect: "false" +spec: + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: nginx + port: + number: 80 diff --git a/test/rsyslog.yaml b/test/rsyslog.yaml new file mode 100644 index 0000000..910d328 --- /dev/null +++ b/test/rsyslog.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + app: rsyslog + name: rsyslog +spec: + replicas: 1 + selector: + matchLabels: + app: rsyslog + template: + metadata: + labels: + app: rsyslog + spec: + containers: + - image: voxxit/rsyslog + name: rsyslog + ports: + - containerPort: 514 + protocol: UDP + name: syslog-udp + - containerPort: 514 + protocol: TCP + name: syslog-tcp + env: + - name: TZ + value: America/New_York +--- +apiVersion: v1 +kind: Service +metadata: + name: rsyslog + labels: + app: rsyslog +spec: + ports: + - protocol: UDP + port: 514 + targetPort: 514 + - protocol: TCP + port: 514 + targetPort: 514 From 1a190af1f3c505f343674a0697d8573ba38c56c5 Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Thu, 6 May 2021 16:39:10 -0400 Subject: [PATCH 04/12] Added convenience Makefile --- .dockerignore | 3 +++ .gitignore | 1 + Dockerfile | 2 +- Makefile | 46 ++++++++++++++++++++++++++++++++++++++++++++++ k8s/agent.yaml | 2 +- test/rsyslog.yaml | 2 ++ 6 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 .dockerignore create mode 100644 .gitignore create mode 100644 Makefile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..9246e48 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +k8s/ +test/ +Makefile diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..90f5088 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.k3d* diff --git a/Dockerfile b/Dockerfile index 95bd8cc..23b2ae4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:latest +FROM alpine:3.13.5 ENV RSYSLOG_PORT=514 RSYSLOG_PROTOCOL=udp RUN apk add --no-cache rsyslog gettext diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..efa0517 --- /dev/null +++ b/Makefile @@ -0,0 +1,46 @@ +IMAGE=localhost:5000/syslog-agent + +build: + docker build -t $(IMAGE) . + +push: .k3d-registry + docker push $(IMAGE) + +k8s: push .k3d + kubectl apply -f k8s -f test + +k3d-up k3d cluster cluster-up: .k3d + +.k3d: .k3d-cluster .k3d-metrics + +.k3d-cluster: .k3d-registry + k3d cluster create syslog -p "8081:80@loadbalancer" --registry-use local + touch $@ + +.k3d-registry: + k3d registry create local -p 5000 + touch $@ + + +metrics: .k3d-metrics + +.k3d-metrics: .helm-setup + helm install -n kube-system metrics prometheus-community/kube-state-metrics + touch $@ + +.k3d-prometheus: + helm install -n kube-system prometheus prometheus-community/kube-prometheus-stack + touch $@ .k3d-metrics + +helm: .helm-setup + +.helm-setup: + helm repo add prometheus-community https://prometheus-community.github.io/helm-charts + helm repo update + touch $@ + + +k3d-down cluster-down: + k3d cluster delete syslog + k3d registry delete local + rm -f .k3d-* \ No newline at end of file diff --git a/k8s/agent.yaml b/k8s/agent.yaml index 99d7352..1d54166 100644 --- a/k8s/agent.yaml +++ b/k8s/agent.yaml @@ -15,7 +15,7 @@ spec: spec: containers: - name: syslog-agent - image: k3d-k3s-default-registry:36387/syslog-agent + image: k3d-local:5000/syslog-agent envFrom: - configMapRef: name: syslog-agent-config diff --git a/test/rsyslog.yaml b/test/rsyslog.yaml index 910d328..96f19dc 100644 --- a/test/rsyslog.yaml +++ b/test/rsyslog.yaml @@ -40,6 +40,8 @@ spec: - protocol: UDP port: 514 targetPort: 514 + name: syslog-udp - protocol: TCP port: 514 targetPort: 514 + name: syslog-tcp From 6869c7a7d1e75d1adf9cd0c6776990db397e33ef Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Sat, 8 May 2021 20:00:35 -0400 Subject: [PATCH 05/12] Add a full trip test --- .gitattributes | 1 + .gitignore | 1 + Makefile | 34 +++++++++++++++++++++++----------- k8s/agent.yaml | 6 +++--- test/rsyslog.yaml | 39 +++++++++++++++++++++------------------ test/test.sh | 15 +++++++++++++++ 6 files changed, 64 insertions(+), 32 deletions(-) create mode 100644 .gitattributes create mode 100644 test/test.sh diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..457fa14 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +test/test.sh -text eol=lf diff --git a/.gitignore b/.gitignore index 90f5088..12a74e9 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .k3d* +.helm-setup diff --git a/Makefile b/Makefile index efa0517..d1d0e23 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,6 @@ IMAGE=localhost:5000/syslog-agent +DEFAULT_METRICS=kube-state-metrics +LOCAL_PORT=8081 build: docker build -t $(IMAGE) . @@ -6,15 +8,29 @@ build: push: .k3d-registry docker push $(IMAGE) -k8s: push .k3d +test: up k8s ready + bash test/test.sh + +k8s deploy: push .k3d kubectl apply -f k8s -f test -k3d-up k3d cluster cluster-up: .k3d +k3d-up k3d cluster cluster-up up: .k3d + +k3d-down cluster-down down: + k3d cluster delete syslog + k3d registry delete local + rm -f .k3d-* -.k3d: .k3d-cluster .k3d-metrics +ready: + @while kubectl get pods -A | grep -q ContainerCreating; do sleep 2; done || true + +.k3d: .k3d-cluster .k3d-kube-state-metrics .k3d-cluster: .k3d-registry - k3d cluster create syslog -p "8081:80@loadbalancer" --registry-use local + k3d cluster create syslog -p "$(LOCAL_PORT):80@loadbalancer" --registry-use local +# @echo "Waiting for cluster to initialize" +# @while [ -n "kubectl get -n kube-system pods | grep ContainerCreating" ]; do echo -n "."; sleep 3; done +# @echo DONE touch $@ .k3d-registry: @@ -22,15 +38,15 @@ k3d-up k3d cluster cluster-up: .k3d touch $@ -metrics: .k3d-metrics +metrics: .k3d-$(DEFAULT_METRICS) -.k3d-metrics: .helm-setup +.k3d-kube-state-metrics: .helm-setup helm install -n kube-system metrics prometheus-community/kube-state-metrics touch $@ .k3d-prometheus: helm install -n kube-system prometheus prometheus-community/kube-prometheus-stack - touch $@ .k3d-metrics + touch $@ .k3d-kube-state-metrics helm: .helm-setup @@ -40,7 +56,3 @@ helm: .helm-setup touch $@ -k3d-down cluster-down: - k3d cluster delete syslog - k3d registry delete local - rm -f .k3d-* \ No newline at end of file diff --git a/k8s/agent.yaml b/k8s/agent.yaml index 1d54166..ef8d7d7 100644 --- a/k8s/agent.yaml +++ b/k8s/agent.yaml @@ -3,15 +3,15 @@ kind: DaemonSet metadata: name: syslog-agent labels: - app: syslog + app: syslog-agent spec: selector: matchLabels: - app: syslog + app: syslog-agent template: metadata: labels: - app: syslog + app: syslog-agent spec: containers: - name: syslog-agent diff --git a/test/rsyslog.yaml b/test/rsyslog.yaml index 96f19dc..80dd271 100644 --- a/test/rsyslog.yaml +++ b/test/rsyslog.yaml @@ -1,7 +1,26 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: rsyslog + labels: + app: rsyslog +spec: + selector: + app: rsyslog + ports: + - protocol: UDP + port: 514 + targetPort: 514 + name: syslog-udp + - protocol: TCP + port: 514 + targetPort: 514 + name: syslog-tcp +--- apiVersion: apps/v1 kind: Deployment metadata: - creationTimestamp: null labels: app: rsyslog name: rsyslog @@ -28,20 +47,4 @@ spec: env: - name: TZ value: America/New_York ---- -apiVersion: v1 -kind: Service -metadata: - name: rsyslog - labels: - app: rsyslog -spec: - ports: - - protocol: UDP - port: 514 - targetPort: 514 - name: syslog-udp - - protocol: TCP - port: 514 - targetPort: 514 - name: syslog-tcp + diff --git a/test/test.sh b/test/test.sh new file mode 100644 index 0000000..c1271cf --- /dev/null +++ b/test/test.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +# purpose: test the k8s cluster to see if a log message gets through + +DATE=$(date +%y%m%d%H%M%S) +curl -s "http://localhost:8081/testing/${DATE}" > /dev/null + +pod=$(kubectl get pods -l app=rsyslog | awk '!/NAME/{print $1}') +if kubectl exec "$pod" -- grep -q "testing/${DATE}" /var/log/messages +then + echo "PASS" +else + echo "FAIL" + exit 1 +fi From 7605d09e0c669a70fdc4130cfea1be916ae7fe2d Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Sat, 8 May 2021 21:19:04 -0400 Subject: [PATCH 06/12] Make container work with read-only root file system --- Dockerfile | 3 +++ k8s/agent.yaml | 6 ++++-- start.sh | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 23b2ae4..d856974 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,6 +6,9 @@ RUN apk add --no-cache rsyslog gettext COPY rsyslog.conf.template /etc/rsyslog.conf.template COPY start.sh /start.sh +# So we can make the root file system read-only +RUN ln -sf /var/lib/rsyslog/rsyslog.conf /etc/rsyslog.conf + RUN chmod +x /start.sh CMD /start.sh diff --git a/k8s/agent.yaml b/k8s/agent.yaml index ef8d7d7..0ac19da 100644 --- a/k8s/agent.yaml +++ b/k8s/agent.yaml @@ -23,9 +23,11 @@ spec: - mountPath: /var/log name: logs readOnly: true - - mountPath: /var/lib/syslog + - mountPath: /var/lib/rsyslog name: work - volumes: + securityContext: + readOnlyRootFilesystem: true + volumes: - name: logs hostPath: path: /var/log diff --git a/start.sh b/start.sh index d355b92..80c6b8c 100644 --- a/start.sh +++ b/start.sh @@ -2,6 +2,6 @@ rm -f /etc/rsyslog.conf -envsubst < /etc/rsyslog.conf.template > /etc/rsyslog.conf +envsubst < /etc/rsyslog.conf.template > /var/lib/rsyslog/rsyslog.conf exec /usr/sbin/rsyslogd -n From dd381eb9ce4bb57c0c749b26eba30aa89f227d2f Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Sat, 8 May 2021 21:20:48 -0400 Subject: [PATCH 07/12] Improve waiting for cluster --- Makefile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index d1d0e23..bfb0d99 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,12 @@ k3d-down cluster-down down: rm -f .k3d-* ready: - @while kubectl get pods -A | grep -q ContainerCreating; do sleep 2; done || true + @echo -n "Waiting for pod count..." + @while [ "$$(kubectl get pods -A | wc -l)" -lt 4 ] ; do sleep 2; echo -n .; done || true + @echo "DONE" + @echo -n "Waiting for pods ready..." + @while kubectl get pods -A | grep -q -E 'Pending|ContainerCreating'; do sleep 2; echo -n . ; done || true + @echo "READY" .k3d: .k3d-cluster .k3d-kube-state-metrics From c7e36d7ebce706a65f74b13f86cf581aff4d276a Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Sat, 8 May 2021 21:48:43 -0400 Subject: [PATCH 08/12] Ensure start has appropriate line feeds --- .gitattributes | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitattributes b/.gitattributes index 457fa14..542ddd2 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1 +1,3 @@ test/test.sh -text eol=lf +start.sh -text eol=lf + From 0f7de4e7fc44cf1f6e629b0cf160916d9c4c9169 Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Sat, 8 May 2021 21:53:50 -0400 Subject: [PATCH 09/12] Improve dependencies --- Makefile | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index bfb0d99..8f9de12 100644 --- a/Makefile +++ b/Makefile @@ -2,10 +2,13 @@ IMAGE=localhost:5000/syslog-agent DEFAULT_METRICS=kube-state-metrics LOCAL_PORT=8081 -build: +build: .k3d-image + +.k3d-image: Dockerfile start.sh rsyslog.conf.template docker build -t $(IMAGE) . + @touch $@ -push: .k3d-registry +push: .k3d-registry .k3d-image docker push $(IMAGE) test: up k8s ready @@ -23,7 +26,7 @@ k3d-down cluster-down down: ready: @echo -n "Waiting for pod count..." - @while [ "$$(kubectl get pods -A | wc -l)" -lt 4 ] ; do sleep 2; echo -n .; done || true + @while [ "$$(kubectl get pods -A | wc -l 2>/dev/null)" -lt 4 ] ; do sleep 2; echo -n .; done || true @echo "DONE" @echo -n "Waiting for pods ready..." @while kubectl get pods -A | grep -q -E 'Pending|ContainerCreating'; do sleep 2; echo -n . ; done || true From 0ca88f87edd07d2ea9cae156a286459fd8808da3 Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Sat, 8 May 2021 22:22:33 -0400 Subject: [PATCH 10/12] Enhanced documentation --- Makefile | 25 +++++++++++++++++++++++-- README.md | 30 +++++++++++++++++++++++------- 2 files changed, 46 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index 8f9de12..218fd8f 100644 --- a/Makefile +++ b/Makefile @@ -2,31 +2,42 @@ IMAGE=localhost:5000/syslog-agent DEFAULT_METRICS=kube-state-metrics LOCAL_PORT=8081 +## make build -- build the image build: .k3d-image .k3d-image: Dockerfile start.sh rsyslog.conf.template docker build -t $(IMAGE) . @touch $@ +## make push -- push the image to the local k3d registry push: .k3d-registry .k3d-image docker push $(IMAGE) -test: up k8s ready +## make test -- install all components and run a simple test by cURLing the NGINX container and looking for the access record +test: build up k8s ready bash test/test.sh +## run a Snyk scan on the image +scan: + docker scan $(IMAGE) + +## make k8s or make deploy -- install the components into the cluster k8s deploy: push .k3d kubectl apply -f k8s -f test +## make up -- create and configure the testing cluster k3d-up k3d cluster cluster-up up: .k3d +## make down -- delete the testing cluster k3d-down cluster-down down: k3d cluster delete syslog k3d registry delete local rm -f .k3d-* +## make ready -- wait for all components to be ready ready: @echo -n "Waiting for pod count..." - @while [ "$$(kubectl get pods -A | wc -l 2>/dev/null)" -lt 4 ] ; do sleep 2; echo -n .; done || true + @while [ "$$(kubectl get pods -A | wc -l)" -lt 4 ] ; do sleep 2; echo -n .; done || true @echo "DONE" @echo -n "Waiting for pods ready..." @while kubectl get pods -A | grep -q -E 'Pending|ContainerCreating'; do sleep 2; echo -n . ; done || true @@ -46,6 +57,7 @@ ready: touch $@ +# Install the selected metrics server package metrics: .k3d-$(DEFAULT_METRICS) .k3d-kube-state-metrics: .helm-setup @@ -56,6 +68,7 @@ metrics: .k3d-$(DEFAULT_METRICS) helm install -n kube-system prometheus prometheus-community/kube-prometheus-stack touch $@ .k3d-kube-state-metrics +# Run a local helm setup helm: .helm-setup .helm-setup: @@ -63,4 +76,12 @@ helm: .helm-setup helm repo update touch $@ +clean: + -make -f $(lastword $(MAKEFILE_LIST)) down >/dev/null 2>/dev/null + rm -f .helm-setup + +real-clean: clean + docker image rm $(IMAGE) +help: + awk '/^##/{print}' $(lastword $(MAKEFILE_LIST)) diff --git a/README.md b/README.md index c09beef..526ec62 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,33 @@ # Kubernetes Container Log Syslog Forwarder -This container is designed to run as a DaemonSet and forwards pod logs to a syslog -listener for all pods running on a node. Log forwarding is implemented with -[RSYSLOG](http://www.rsyslog.com/) and uses [omfwd](http://www.rsyslog.com/doc/v8-stable/configuration/modules/omfwd.html) module. +This container is designed to run as a DaemonSet and forwards pod logs to a syslog listener for all +pods running on a node. Log forwarding is implemented with +[RSYSLOG](http://www.rsyslog.com/) and +uses [omfwd](http://www.rsyslog.com/doc/v8-stable/configuration/modules/omfwd.html) module. ## Configuration Options + Configuration can be done with environment variables: * **RSYSLOG_TARGET** - Remote syslog listener * **RSYSLOG_PORT** - Remote syslog listener port * **RSYSLOG_PROTOCOL** - Remote syslog listener protocol (udp/tcp) -## Example DaemonSet -DaemonSet example requires a privileged SCC if using k8s v1.5+ or OpenShift and -probably needs rsyslog already installed in order to use /var/lib/rsyslog on the -host as the place for the file state directory +## DaemonSet + +A working example of a deployment daemonset can be found in the [k8s](./k8s) directory, along with +an example ConfigMap. You will need to adjust the configmap to suit your system. + +## Hacking + +The `Makefile` included here is set up to assist development *and* testing of the system, +using [`k3d`](https://k3d.io/). It will fully set up a test cluster, install all necessary +components, and run a simple test. + +Use `make test` to perform all of these + +**NOTE:** there is currently an occasional timing issue where the test will fail right after the +cluster is up. If this happens, wait 30 seconds and attempt `make test` again. + +Use `make help` to display information about available targets + From 238a7a4ffeeb70db55669ebf8a886d89d3d97d66 Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Sat, 8 May 2021 22:22:49 -0400 Subject: [PATCH 11/12] Add readiness probe for testing rsyslog --- test/rsyslog.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/test/rsyslog.yaml b/test/rsyslog.yaml index 80dd271..ea63c12 100644 --- a/test/rsyslog.yaml +++ b/test/rsyslog.yaml @@ -47,4 +47,13 @@ spec: env: - name: TZ value: America/New_York + livenessProbe: + tcpSocket: + port: 514 + readinessProbe: + exec: + command: + - test + - -s + - /var/log/messages From 17abf4eab40ee24f800257f507141b3221b6b420 Mon Sep 17 00:00:00 2001 From: Dewey Sasser Date: Wed, 12 May 2021 11:05:36 -0400 Subject: [PATCH 12/12] Fix issue in start.sh when root file system is *NOT* read-only --- start.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/start.sh b/start.sh index 80c6b8c..f201151 100644 --- a/start.sh +++ b/start.sh @@ -1,7 +1,5 @@ #!/bin/sh -rm -f /etc/rsyslog.conf - envsubst < /etc/rsyslog.conf.template > /var/lib/rsyslog/rsyslog.conf exec /usr/sbin/rsyslogd -n