cancel
Showing results for 
Search instead for 
Did you mean: 
jonawang
Flight Engineer
Flight Engineer
  • 7,719 Views

How to install the containerized version of rhel8/rsyslog utility ?

Jump to solution

I am exercising the installation of containerized version of rsyslog utility under rhel8. The image source is described in the url:

https://catalog.redhat.com/software/containers/rhel8/rsyslog/5ba2b33dbed8bd6ee819a1c9?container-tabs...

I used podman to pull it down from registry.redhat.io, using the commands as:

# podman login registry.redhat.io

# podman pull registry.redhat.io/rhel8/rsyslog:8.5-4

# podman inspect registry.redhat.io/rhel8/rsyslog:8.5-4

But from the output information provided by podman inspect command, I can not figure out how to install the subject rhel8/rsyslog. Searching through web sites got no helpful information about it.

Can anyone give me advise ? Thanks.

-- Jonathan Wang

3 Solutions

Accepted Solutions
Tracy_Baker
Starfighter Starfighter
Starfighter
  • 7,702 Views

Pulling an image simply stores the image on your local system. To use it, you must start a container using the image. Use podman run

Something like: podman run registry.redhat.io/rhel8/rsyslog:8.5-4

However, this is very unlikely to be sufficient. Most likely, you'll want to use a few options, such as:

-d (run in the backgroup)

-p <local_network_port>:<container_network_port> (port forwarding)

-v <local_storage>:<container_storage>[:Z] (persistent storage)

(note: if :Z isn't used, you'll need to handle the SELinux context on persistent (host) storage using semanage fcontext and restorecon commands)

--name <container_name> (give the container a friendly name)

-e <ENV_VAR=value> (set environment variable(s) within the container)

(note: if multiple environment variables are required, a -e <ENV_VAR=value> will be required to set each)

See man podman-run for explanations of what these options, and others, do.

----------

You could end up with something that looks like this:

podman run -d -p 10514:514 -v /var/log/mysyslog:/var/log/:Z --name mysyslogcontainer -e SOME_VAR=come_val -e SOME_VAR2=some_val2 registry.redhat.io/rhel8/rsyslog:8.5-4

NOTE 1: You cannot port forward host ports less than 1024 (those appearing on the left-side of the : after the -p option) unless you run the container as root. If you do this, the container image needs to be re-pulled by the root user as well (or using sudo) becasue, by default, each user keep their own copies of container images - and the containers themselves.

Take care! Best practice is to not run a container as root -- unless you really need to.

NOTE 2: Again, :Z can be used with the -v option. However, you are more likely better off "properly" setting the SELinux context on the persistent (host) storage, such as (using our example:

semanage fcontext -a -t container_file_t '/var/log/mysyslog(/.*)?'

restorecon -Rfv /var/log/mysyslog

NOTE 3: You may need to change the ownership of the local (host) storage using podman unshare:

podman unshare chown -Rv <UID>:<GID> \var\log\mysyslog

where <UID> and <GID> are the user ID and group ID of the user, inside the container, running rsyslog.

Why all this talk of persistent (host) storage? Because if you don't do this, your syslog messages will be deleted if / when the container is deleted -- unless they're stored in persistent storage located on the host system. It's kind of like mounting a block device.

Hope this helps.

 

Program Lead at Arizona's first Red Hat Academy, est. 2005
Estrella Mountain Community College

View solution in original post

jonawang
Flight Engineer
Flight Engineer
  • 7,682 Views

Thanks. Your explanation is excellent.

 

Alternatively, I found other way of running rsyslog, in Chapter 10 (Running special container images) of the following manual, using "podman container runlabel <label>" command.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/building_runnin...

From rsyslog perspective, which way is recommended - rootless or runlabel ?

View solution in original post

jonawang
Flight Engineer
Flight Engineer
  • 7,627 Views

I followed the podman container runlabel steps to implement the rsyslog, it worked as expected.

1. stop and remove existing rsyslog service.

2. # podman login registry.redhat.io

3. # podman pull registry.redhat.io/rhel8/rsyslog

4. # podman container runlabel install registry.redhat.io/rhel8/rsyslog

5. # podman container runlabel run registry.redhat.io/rhel8/rsyslog:latest

6. # cd /etc/systemd/system

7. # podman generate systemd -f rsyslog

8. # mv container-e52ca007...28fe.service container-rsyslog.service

9. # systemctl daemon-reload

10. # systemctl start container-rsyslog.service

11. # systemctl enable container-rsyslog.service

12. # systemctl status container-rsyslog.service

13. # logger "*** Hello message ****"

14. # tail /var/log/messages

==> logger's message recevied in the messages file. After system reboot, container-rsyslog.service is active.  Work done.

 

Yet it's root-based with port 514. I'm struggling on rootless container way. Not knowing the problem source. It just doesn't work!

View solution in original post

8 Replies
Tracy_Baker
Starfighter Starfighter
Starfighter
  • 7,703 Views

Pulling an image simply stores the image on your local system. To use it, you must start a container using the image. Use podman run

Something like: podman run registry.redhat.io/rhel8/rsyslog:8.5-4

However, this is very unlikely to be sufficient. Most likely, you'll want to use a few options, such as:

-d (run in the backgroup)

-p <local_network_port>:<container_network_port> (port forwarding)

-v <local_storage>:<container_storage>[:Z] (persistent storage)

(note: if :Z isn't used, you'll need to handle the SELinux context on persistent (host) storage using semanage fcontext and restorecon commands)

--name <container_name> (give the container a friendly name)

-e <ENV_VAR=value> (set environment variable(s) within the container)

(note: if multiple environment variables are required, a -e <ENV_VAR=value> will be required to set each)

See man podman-run for explanations of what these options, and others, do.

----------

You could end up with something that looks like this:

podman run -d -p 10514:514 -v /var/log/mysyslog:/var/log/:Z --name mysyslogcontainer -e SOME_VAR=come_val -e SOME_VAR2=some_val2 registry.redhat.io/rhel8/rsyslog:8.5-4

NOTE 1: You cannot port forward host ports less than 1024 (those appearing on the left-side of the : after the -p option) unless you run the container as root. If you do this, the container image needs to be re-pulled by the root user as well (or using sudo) becasue, by default, each user keep their own copies of container images - and the containers themselves.

Take care! Best practice is to not run a container as root -- unless you really need to.

NOTE 2: Again, :Z can be used with the -v option. However, you are more likely better off "properly" setting the SELinux context on the persistent (host) storage, such as (using our example:

semanage fcontext -a -t container_file_t '/var/log/mysyslog(/.*)?'

restorecon -Rfv /var/log/mysyslog

NOTE 3: You may need to change the ownership of the local (host) storage using podman unshare:

podman unshare chown -Rv <UID>:<GID> \var\log\mysyslog

where <UID> and <GID> are the user ID and group ID of the user, inside the container, running rsyslog.

Why all this talk of persistent (host) storage? Because if you don't do this, your syslog messages will be deleted if / when the container is deleted -- unless they're stored in persistent storage located on the host system. It's kind of like mounting a block device.

Hope this helps.

 

Program Lead at Arizona's first Red Hat Academy, est. 2005
Estrella Mountain Community College
jonawang
Flight Engineer
Flight Engineer
  • 7,683 Views

Thanks. Your explanation is excellent.

 

Alternatively, I found other way of running rsyslog, in Chapter 10 (Running special container images) of the following manual, using "podman container runlabel <label>" command.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/building_runnin...

From rsyslog perspective, which way is recommended - rootless or runlabel ?

Tracy_Baker
Starfighter Starfighter
Starfighter
  • 7,661 Views

I cannot answer this as I don't have any experience with podman container runlabel

It'd be worth giving it a shot -- it does speak specifically to rsyslog

Program Lead at Arizona's first Red Hat Academy, est. 2005
Estrella Mountain Community College
jonawang
Flight Engineer
Flight Engineer
  • 7,628 Views

I followed the podman container runlabel steps to implement the rsyslog, it worked as expected.

1. stop and remove existing rsyslog service.

2. # podman login registry.redhat.io

3. # podman pull registry.redhat.io/rhel8/rsyslog

4. # podman container runlabel install registry.redhat.io/rhel8/rsyslog

5. # podman container runlabel run registry.redhat.io/rhel8/rsyslog:latest

6. # cd /etc/systemd/system

7. # podman generate systemd -f rsyslog

8. # mv container-e52ca007...28fe.service container-rsyslog.service

9. # systemctl daemon-reload

10. # systemctl start container-rsyslog.service

11. # systemctl enable container-rsyslog.service

12. # systemctl status container-rsyslog.service

13. # logger "*** Hello message ****"

14. # tail /var/log/messages

==> logger's message recevied in the messages file. After system reboot, container-rsyslog.service is active.  Work done.

 

Yet it's root-based with port 514. I'm struggling on rootless container way. Not knowing the problem source. It just doesn't work!

jonawang
Flight Engineer
Flight Engineer
  • 7,618 Views

For building rootless rsyslog container, I typed the following command (on user "contsvc", id=1016) to create a rsyslog container.

$ podman run -d --name mysyslog -p 20514:514 -v /home/contsvc/mysyslog:/var/log/:Z registry.redhat.io/rhel8/rsyslog:latest

Next, I used the logger command to verify whether the log function works or not.  But this log message can not be found in ~/mysyslog directory!

$ logger -P 20514 "**** logger message to rsyslog container ****"

No idea about what is missing!

 

0 Kudos
POKHREL
Cadet
Cadet
  • 5,098 Views

thats what i also dont understand,.THough we make persistent storage to store container's' logs , we dont see any messages files on such persistent storage. As i know messages not stored in directories, there should be a  file to store such messages. is it necessary to bind the port this way. i dont see solution any where though this is a new RHEL8 question.

0 Kudos
ahmed-zt
Cadet
Cadet
  • 5,874 Views

hi Jon

i can t see the utility and the meaning of the rsyslog container, since yo are doing a logger .....in the local host, off course it work (either without installing the container) if you have the systemd-journald daemon started,

 

0 Kudos
POKHREL
Cadet
Cadet
  • 4,678 Views

how can we see the log messages , how and where to see the logs inside container or persistent storage . How do we use logger command to see logs inside container logs or persistent storage. can you please mention it too.

0 Kudos
Join the discussion
You must log in to join this conversation.