-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
podman exec commands use log-driver from podman run #6555
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
Comments
openshift-ci-robot
added
the
kind/bug
Categorizes issue or PR as related to a bug.
label
Jun 10, 2020
Ideally podman exec would support --log-driver and allow it to be specified. Even if I could do --log-driver none, it would be better than what it does now. Preserving from the "run" command makes podman exec pretty useless when using a log driver. |
I'll take this one |
For now, I'm going to force log-driver off for |
mheon
added a commit
to mheon/libpod
that referenced
this issue
Jun 10, 2020
When the container uses journald logging, we don't want to automatically use the same driver for its exec sessions. If we do we will pollute the journal (particularly in the case of healthchecks) with large amounts of undesired logs. Instead, force exec sessions logs to file for now; we can add a log-driver flag later (we'll probably want to add a `podman logs` command that reads exec session logs at the same time). Fixes containers#6555 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
mheon
added a commit
to mheon/libpod
that referenced
this issue
Jun 17, 2020
When the container uses journald logging, we don't want to automatically use the same driver for its exec sessions. If we do we will pollute the journal (particularly in the case of healthchecks) with large amounts of undesired logs. Instead, force exec sessions logs to file for now; we can add a log-driver flag later (we'll probably want to add a `podman logs` command that reads exec session logs at the same time). As part of this, add support for the new 'none' logs driver in Conmon. It will be the default log driver for exec sessions, and can be optionally selected for containers. Great thanks to Joe Gooch (mrwizard@dok.org) for adding support to Conmon for a null log driver, and wiring it in here. Fixes containers#6555 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
github-actions
bot
added
the
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
label
Sep 23, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
kind/bug
Categorizes issue or PR as related to a bug.
locked - please file new issue/PR
Assist humans wanting to comment on an old issue or PR with locked comments.
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
When starting a container with a --log-driver journald, it logs all stdout/err to journald as expect.
What is NOT expected is that when doing a podman exec -it $container bash, all stdin/out is ALSO logged.
Steps to reproduce the issue:
podman run -d --log-driver journald alpine sleep infinity
journalctl -f &
podman exec -it -l sh
type ls and hit enter.
Describe the results you received:
Jun 10 15:56:12 photon-machine conmon[12093]: [8B blob data]
Jun 10 15:56:12 photon-machine conmon[12093]: [8B blob data]
Jun 10 15:56:13 photon-machine conmon[12093]: l
Jun 10 15:56:13 photon-machine conmon[12093]: s
Jun 10 15:56:14 photon-machine conmon[12093]: [2B blob data]
Jun 10 15:56:14 photon-machine conmon[12093]: [117B blob data]
Jun 10 15:56:14 photon-machine conmon[12093]: [8B blob data]
Describe the results you expected:
No data in journald. It's an interactive session.
Additional information you deem important (e.g. issue happens only occasionally):
In docker, log drivers only affect the logs from the container's parent process, i.e. /proc/1/fd/1 and 2, as passed up into the docker daemon. In this case conmon fills that role, and that all works fine.
Docker exec has no concept of log-driver because it's not passing output through dockerd. podman exec DOES spawn a new copy of conmon, and preserves the log-driver from the container initialization, which is not desired nor expected.
Since podman does allow exec -d (which docker doesn't, because it wouldn't make sense w/ their model), log-driver should probably continue to work on podman exec but should have to be explicitly supplied. i.e.
podman run --log-driver determines the log driver for the container's init output. NOT ALL container output.
podman exec --log-driver determines the log driver for THIS command's output. In most cases, if using -i or -it, you'd want that to be "none", not whatever was used to run the container.
log-level debug shows it:
running conmon: /usr/local/libexec/podman/conmon args="[--api-version 1 -c e6fc4ef4ccab59064a4de35ff68818612041cb90c892cd30a2c8d0b0e41673db -u f5452b69ee19b32e675476be605d8856db03f8dfaa6f1ab1235e70516068572b -r /usr/bin/runc -b /var/lib/containers/storage/overlay-containers/e6fc4ef4ccab59064a4de35ff68818612041cb90c892cd30a2c8d0b0e41673db/userdata/f5452b69ee19b32e675476be605d8856db03f8dfaa6f1ab1235e70516068572b -p /var/lib/containers/storage/overlay-containers/e6fc4ef4ccab59064a4de35ff68818612041cb90c892cd30a2c8d0b0e41673db/userdata/f5452b69ee19b32e675476be605d8856db03f8dfaa6f1ab1235e70516068572b/exec_pid -n friendly_mirzakhani --exit-dir /var/lib/containers/storage/overlay-containers/e6fc4ef4ccab59064a4de35ff68818612041cb90c892cd30a2c8d0b0e41673db/userdata/f5452b69ee19b32e675476be605d8856db03f8dfaa6f1ab1235e70516068572b/exit --socket-dir-path /var/run/libpod/socket -s -l journald --log-level debug --syslog -t -i -e --exec-attach --exec-process-spec /var/lib/containers/storage/overlay-containers/e6fc4ef4ccab59064a4de35ff68818612041cb90c892cd30a2c8d0b0e41673db/userdata/f5452b69ee19b32e675476be605d8856db03f8dfaa6f1ab1235e70516068572b/exec-process-811522033]"
even though my command line was:
podman --log-level debug exec -itl sh
It must have inherited the -l journald from somewhere, i.e. the container run line. I've verified if I do NOT set journald on the container run line, the command line is different.
DEBU[0000] running conmon: /usr/local/libexec/podman/conmon args="[--api-version 1 -c 5146c02a71efe886446522509d0ab616f3cb5aafd523b591a44d64c0507da4f1 -u d6cfc85f7b9f582dcf11b478dbb3d72954fe7bec4266f604ac83d983c0faf891 -r /usr/bin/runc -b /var/lib/containers/storage/overlay-containers/5146c02a71efe886446522509d0ab616f3cb5aafd523b591a44d64c0507da4f1/userdata/d6cfc85f7b9f582dcf11b478dbb3d72954fe7bec4266f604ac83d983c0faf891 -p /var/lib/containers/storage/overlay-containers/5146c02a71efe886446522509d0ab616f3cb5aafd523b591a44d64c0507da4f1/userdata/d6cfc85f7b9f582dcf11b478dbb3d72954fe7bec4266f604ac83d983c0faf891/exec_pid -n nice_galileo --exit-dir /var/lib/containers/storage/overlay-containers/5146c02a71efe886446522509d0ab616f3cb5aafd523b591a44d64c0507da4f1/userdata/d6cfc85f7b9f582dcf11b478dbb3d72954fe7bec4266f604ac83d983c0faf891/exit --socket-dir-path /var/run/libpod/socket -s -l k8s-file:/var/lib/containers/storage/overlay-containers/5146c02a71efe886446522509d0ab616f3cb5aafd523b591a44d64c0507da4f1/userdata/d6cfc85f7b9f582dcf11b478dbb3d72954fe7bec4266f604ac83d983c0faf891/exec_log --log-level debug --syslog -t -i -e --exec-attach --exec-process-spec /var/lib/containers/storage/overlay-containers/5146c02a71efe886446522509d0ab616f3cb5aafd523b591a44d64c0507da4f1/userdata/d6cfc85f7b9f582dcf11b478dbb3d72954fe7bec4266f604ac83d983c0faf891/exec-process-709543616]"
Specifically the -l journald option is not passed through.
Output of
podman version
:Output of
podman info --debug
:Package info (e.g. output of
rpm -q podman
orapt list podman
):Compiled from source.
The text was updated successfully, but these errors were encountered: