How to Enable Logrotate and crontab on PhotonOS

Learn how to enable logrotate and crontab on PhotonOS to prevent Traefik logs from filling up your partition.

Traefik Photon Example

I have moved away from using CentOS and/or Ubuntu for running Docker containers. My OS of choice for the last few years has been PhotonOS. I generally have my containers config and log files in the Host OS, but have not been dealing with the growing size in an automated way. That changes now! I don’t want my partitions to fill up with logs!

Install the necessary packages

PhotonOS does not install or configure logrotate and a crontab service by default so we need to do that now. For the crond service, PhotonOS uses “cronie”. If you’re unfamiliar with cronie, here is the package description:

cronie description: Cronie contains the standard UNIX daemon crond that runs specified programs at scheduled times and related tools. It is based on the original cron and has security and configuration enhancements like the ability to use pam and SELinux.

1sudo tdnf install -y logrotate cronie

After installation, a default config file will be created: /etc/logrotate.conf with the following contents: (valid as of PhotonOS 3.0)

 1# see "man logrotate" for details
 2# rotate log files weekly
 3weekly
 4
 5# keep 4 weeks worth of backlogs
 6rotate 4
 7
 8# create new (empty) log files after rotating old ones
 9create
10
11# use date as a suffix of the rotated file
12dateext
13
14# uncomment this if you want your log files compressed
15#compress
16
17# RPM packages drop log rotation information into this directory
18include /etc/logrotate.d
19
20# system-specific logs may be also be configured here.

The install also created a crontab file in /etc/cron.daily named logrotate

Since my PhotonOS systems are genarally used for running Traefik under Docker with config and log files residing in a subdirectory of my docker-compose.yml, I want to configure rotation of the log files associated with it, namely access.log and traefik.log.

Configure log rotation

Create a file named /etc/logrotate.d/traefik2.conf

 1/path/to/traefik/logs/* {
 2  weekly
 3  rotate 3
 4  size 50M
 5  compress
 6  delaycompress
 7  missingok
 8  notifempty
 9  dateext
10  dateformat .%Y-%m-%d
11  create 0644 root root
12  postrotate
13    docker kill --signal="USR1" $(docker ps | grep '\btraefik\b' | awk '{print $1}')
14  endscript
15}

Reference/Credit for the above config file - particularly the postrate script: Stackoverflow.com - How to enable logrotation for traefik?

Ref: https://doc.traefik.io/traefik/observability/logs/#log-rotation - Traefik will close and reopen its log files, assuming they're configured, on receipt of a USR1 signal. This allows the logs to be rotated and processed by an external program, such as logrotate.

weekly means that the tool will attempt to rotate the logs on a weekly basis. Other possible values are daily and monthly.
rotate 3 indicates that only 3 rotated logs should be kept. Thus, the oldest file will be removed on the fourth subsequent run.
size=50M sets the minimum size for the rotation to take place to 50M. In other words, each log will not be rotated until it reaches 50MB.
compress and delaycompress are used to tell that all rotated logs, with the exception of the most recent one, should be compressed.
create sets the chmod and user group ownership of the rotated files
dateext and dateformat specify the suffix of the rotated files
postrotate / endscript - IMPORTANT: this kill signal allows traefik to reload the log file. Failing to include this will result in the newly rotated log file remaing zero bytes.

Now check the config file by performing a dry-run:

1sudo logrotate -d /etc/logrotate.d/traefik2.conf

Results:

 1WARNING: logrotate in debug mode does nothing except printing debug messages!  Consider using verbose mode (-v) instead if this is not what you want.
 2
 3reading config file /etc/logrotate.d/traefik2.conf
 4Reading state from file: /var/lib/logrotate.status
 5Allocating hash table for state file, size 64 entries
 6
 7Handling 1 logs
 8
 9rotating pattern: /path/to/traefik/logs/*  52428800 bytes (3 rotations)
10empty log files are rotated, old logs are removed
11considering log /path/to/traefik/logs/access.log
12Creating new state
13  Now: 2021-04-07 07:39
14  Last rotated at 2021-04-07 07:00
15  log needs rotating
16considering log /path/to/traefik/logs/traefik.log
17Creating new state
18  Now: 2021-04-07 07:39
19  Last rotated at 2021-04-07 07:00
20  log does not need rotating (log size is below the 'size' threshold)
21rotating log /path/to/traefik/logs/access.log, log->rotateCount is 3
22dateext suffix '-20210407'
23glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
24previous log /path/to/traefik/logs/access.log.1 does not exist
25renaming /path/to/traefik/logs/access.log.3.gz to /path/to/traefik/logs/access.log.4.gz (rotatecount 3, logstart 1, i 3), 
26renaming /path/to/traefik/logs/access.log.2.gz to /path/to/traefik/logs/access.log.3.gz (rotatecount 3, logstart 1, i 2), 
27renaming /path/to/traefik/logs/access.log.1.gz to /path/to/traefik/logs/access.log.2.gz (rotatecount 3, logstart 1, i 1), 
28renaming /path/to/traefik/logs/access.log.0.gz to /path/to/traefik/logs/access.log.1.gz (rotatecount 3, logstart 1, i 0), 
29log /path/to/traefik/logs/access.log.4.gz doesn't exist -- won't try to dispose of it
30renaming /path/to/traefik/logs/access.log to /path/to/traefik/logs/access.log.1

Enable crond

Now, in order for this rotation to take place and that /etc/cron.daily/logrotate file to be run, we need to enable our crontab tool. When cronie was installed, it created the necessary files for enabling a crond service, but did not actually enable or start the service so do that now:

1sudo systemctl enable --now crond
2sudo systemctl status crond

Output:

 1● crond.service - Command Scheduler
 2   Loaded: loaded (/lib/systemd/system/crond.service; enabled; vendor preset: enabled)
 3   Active: active (running) since Wed 2021-04-07 08:03:27 PDT; 7s ago
 4 Main PID: 2844 (crond)
 5    Tasks: 1 (limit: 4731)
 6   Memory: 408.0K
 7   CGroup: /system.slice/crond.service
 8           └─2844 /usr/sbin/crond -n
 9
10Apr 07 08:03:27 lab-proxy-0.lab.livefire.dev systemd[1]: Started Command Scheduler.
11Apr 07 08:03:27 lab-proxy-0.lab.livefire.dev crond[2844]: (CRON) STARTUP (1.5.5)
12Apr 07 08:03:27 lab-proxy-0.lab.livefire.dev crond[2844]: (CRON) INFO (Syslog will be used instead of sendmail.)
13Apr 07 08:03:27 lab-proxy-0.lab.livefire.dev crond[2844]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 82% if used.)

There we go! Now my Traefik logs will be rotated regularly!

After a few days, check back on your logs folder (ls -ahl) and it should have a similar appearance to the following:

1-rw-r--r-- 1 root     root   19M Apr 11 09:16 access.log
2-rw-r----- 1 root     root  7.6M Apr  9 03:27 access.log.2021-04-09.gz
3-rw-r--r-- 1 root     root  5.9M Apr 10 03:19 access.log.2021-04-10.gz
4-rw-r--r-- 1 root     root  100M Apr 11 03:18 access.log.2021-04-11
5-rw-r--r-- 1 root     root  105K Apr 11 09:09 traefik.log

How to Enable Logrotate and Crontab on PhotonOS

Contents

Install the necessary packages

Configure log rotation

Enable crond

Copyright