1. 添加logrotate配置文件
#cat /etc/logrotate.d/nginx /home/david/AppEntranceProxy/logs/*log { create 0644 david yinnut-devops daily #每天分割一次,最小到 hourly dateext # 日期后缀 dateyesterday # 使用昨天的日期 rotate 14 # 最大文件保留14个 missingok notifempty compress sharedscripts postrotate /bin/kill -USR1 `cat /home/david/AppEntranceProxy/logs/nginx.pid 2>/dev/null` 2>/dev/null || true endscript } # 强制分割测试 #logrotate -vf /etc/logrotate.d/nginx
补充 [如何告诉应用程序重新打开日志文件]
在上面的配置文件中我们设置了postrote后使用发送信号量通知nginx重新打开日志文件,这是因为nginx程序支持该功能,但是其他的应用程序不一定遵循这样的约定,比如说MySQL是通过flush-logs来重新打开日志文件的,更有甚者应用程序就压根没有提供类似的方法,此时如果想重新打开日志文件,就必须重启服务,但为了高可用性,这往往不能接受。针对此种情况logrotate提供了一个名为copytruncate的指令,此方法采用的是先拷贝再清空的方式,整个过程中日志文件的操作句柄没有发生改变,所以不需要通知应用程序重新打开日志文件,但是需要注意的是,在拷贝和清空之间有一个时间差,所以可能会丢失部分日志数据。
例如如果我们想对docker日志进行压缩和分割,则可以设置如下:
# Installs logrotate configuration files
function setup-logrotate() {
mkdir -p /etc/logrotate.d/
cat >/etc/logrotate.d/docker-containers <<EOF
/var/lib/docker/containers/*/*-json.log {
rotate 5
copytruncate
missingok
notifempty
compress
maxsize 10M
daily
dateext
dateformat -%Y%m%d-%s
create 0644 root root
}
EOF
# Configure log rotation for all logs in /var/log, which is where k8s services
# are configured to write their log files. Whenever logrotate is ran, this
# config will:
# * rotate the log file if its size is > 100Mb OR if one day has elapsed
# * save rotated logs into a gzipped timestamped backup
# * log file timestamp (controlled by 'dateformat') includes seconds too. This
# ensures that logrotate can generate unique logfiles during each rotation
# (otherwise it skips rotation if 'maxsize' is reached multiple times in a
# day).
# * keep only 5 old (rotated) logs, and will discard older logs.
cat > /etc/logrotate.d/allvarlogs <<EOF
/var/log/*.log {
rotate 5
copytruncate
missingok
notifempty
compress
maxsize 100M
daily
dateext
dateformat -%Y%m%d-%s
create 0644 root root
}
EOF
}
docker日志参考:configure-helper.sh
copytruncate参考:被遗忘的Logrotate
error with logrotate that it has insecure permissions
Pingback引用通告: docker和kubernetes日志收集方案 | 程序印象