0

I'm using HAProxy 1.7 which needs rsyslog to push logs to stdout. Once the container writes logs to stdout, programs like filebeat or fluentd will pickup.

Docker container has: Ubuntu 20.04, HAProxy 1.7.12 2019/10/25, rsyslog v8.2001.0

docker-entrypoint.sh

#!/bin/sh
set -e

readonly RSYSLOG_PID="/app/rsyslogd.pid"
start_rsyslogd() {
  rm -f $RSYSLOG_PID
  rsyslogd -n -i "/app/rsyslogd.pid"
}
# Start rsyslog
start_rsyslogd

# Launch HAProxy
./haproxy-start.sh "[email protected]"

rsyslog part config in Dockerfile:

# Install & run setcap to enable non-root user to bind sockets
RUN apt-get update && apt-get install -y --no-install-recommends \
    rsyslog \
    liblua5.3-0=5.3.3-1.1ubuntu2 \
    libcap2=1:2.32-1 \
    libcap2-bin=1:2.32-1 && \
    rm -rf /var/lib/apt/lists/* && \
    setcap CAP_NET_BIND_SERVICE=+eip "$(which haproxy)" && \
    setcap CAP_NET_BIND_SERVICE=+eip "$(which rsyslogd)" && \
    touch /var/log/haproxy.log  && \
    ln -sf /dev/stdout /var/log/haproxy.log

COPY docker-entrypoint.sh /app
COPY haproxy-start.sh /app

COPY haproxy-rsyslog.conf /etc/rsyslog.d/haproxy.conf
COPY rsyslog.conf /etc/rsyslog.conf

RUN chmod a+x /app/*.sh && \
    chown -R ${USER}:${GROUP} /app
USER ${USER}
WORKDIR /app
ENTRYPOINT ["/usr/local/bin/dumb-init","--","./docker-entrypoint.sh"]
CMD ["-f", "./config/haproxy.cfg"]

rsyslog.conf:

$ModLoad imudp
$UDPServerAddress 127.0.0.1
$UDPServerRun 514
local1.* /var/log/haproxy.log
& ~

Error on haproxy container logs:

│ rsyslogd: could not remove supplemental group IDs: Operation not permitted [v8.2001.0 try https://www.rsyslog.com/e/2432 ]                          │
│ rsyslogd: run failed with error -2432 (see rsyslog.h or try https://www.rsyslog.com/e/2432 to learn what that number means)                         │
│ stream closed   

It looks like a permissions issue but not sure how to configure rsyslog completely in userspace. Any suggestions around it would be great! TYA!

Ref: https://ops.tips/gists/haproxy-docker-container-logs/

Browse other questions tagged or ask your own question.