Skip to Content
Skip Breadcrumb

Syslog receiver in a container World

Posted on Modified on by Aleksandar Lazic

As you can read in my blog post about syslog in a container world it isn’t easy to run a syslogger in a none privileged Container which is the default setup on openshift.

I describe here how you can setup a syslog receiver for the openshift router which is possible since the version 3.3 via Router Environment Variables.

haproxy version

You can check with the command sequence below which version of haproxy is used for the latest tag.

$ oc new-project haproxyrouter2
$ oc run haproxyrouter \
    --image=registry.access.redhat.com/openshift3/ose-haproxy-router
$ oc rsh $(oc get po --no-headers -o name |egrep -v deploy) \
    /usr/sbin/haproxy -vv

on your cluster

You can check with similar command the haproxy on your cluster.

⚠ | Please replace the default project with your router project

$ oc get po -n default
$ oc rsh <ROUTER_POD> \
    /usr/sbin/haproxy -vv

Solutions for syslog receiver

You have now several possible solutions to run a syslog receiver on your cluster.

I will describe here this two solutions

alpine based

This solution requires that you can pull images from docker hub.

create dc

$ oc run -n default \
    syslog-receiver \
    --image=me2digital/alpine-socklog \
    --env=SYSLOG_PORT=8514

after some times you should get such a output from the syslog pod.

oc logs -n default -f syslog-receiver-1-sycvf
+ [ -n  ]
+ exec /sbin/socklog inet 0 8514
listening on 0.0.0.0:8514, starting.

create service

echo "apiVersion: v1
items:
- apiVersion: v1
  kind: Service
  metadata:
    labels:
      run: syslog-receiver
    name: syslog-receiver
  spec:
    ports:
    - name: 8514-udp
      port: 8514
      protocol: UDP
    selector:
      run: syslog-receiver
      deploymentconfig: syslog-receiver
    sessionAffinity: None
    type: ClusterIP
  status:
    loadBalancer: {}
kind: List
metadata: {}" | oc create -n default -f -

configure openshift router

⚠ | Please replace the default project with your router project

$ CLU_IP=$(oc get svc \
    -n default \
    syslog-receiver \
    -o template \
    --template='{{ .spec.clusterIP }}')

$ oc get dc -n default

$ oc set env -n default \
    dc/<ROUTER_NAME> \
    ROUTER_SYSLOG_ADDRESS=${CLU_IP}:8514 \
    ROUTER_LOG_LEVEL=debug

You should now see the logs in the syslog-receiver pod

For example:

oc logs -f syslog-receiver-1-sycvf

cleanup

oc delete all -l run=syslog-receiver

RHEL7 based

create resources

This solution requires that you can get files from github.

$ oc process \
    -f https://raw.githubusercontent.com/git001/rhel7-socklog/master/rhel7-socklog.yaml \
    | oc create -f -

Output

deploymentconfig "rhel7-socklog" created
service "rhel7-socklog" created
buildconfig "rhel7-socklog" created
imagestream "rhel7-socklog" created
imagestreamtag "rhel7:latest" created

Wait until the build is done and the pod is up and running.

oc logs -f bc/rhel7-socklog
...

configure openshift router

⚠ | Please replace the default project with your router project

$ CLU_IP=$(oc get svc \
    -n default \
    rhel7-socklog \
    -o template \
    --template='{{ .spec.clusterIP }}')
$ oc get dc -n default
$ oc set env -n default \
    dc/<ROUTER_NAME> \
    ROUTER_SYSLOG_ADDRESS=${CLU_IP}:8514 \
    ROUTER_LOG_LEVEL=debug

You should now see the logs in the syslog-receiver pod

For example:

oc logs -f <rhel7-socklog-POD>

cleanup

$ oc delete all -l app=rhel7-socklog

Any feedback is welcome via contact form.

You can contact me for any further questions and orders