RPM package: Do not log into systemd journal #17220
Comments
spinscale
added
blocker
discuss
:Delivery/Packaging
|
@spinscale why not? Storing the logs in the journal allows an administrator to do something like: Is there any reason why shouldn't put logs in it on systemd systems? |
|
As far as my knowledge about systemd journal goes, by default it cleans itself up in case it takes up too much space. If Elasticsearch is on a log blast, we fill up the disk twice (which I dont care too much about, monitoring will kick in and notify), but this might expire other important entries out of the journal logs, where we have the es logs anyway. That said, I do like the querying capabilties :) |
That sounds like evidence that we should log only to the journal on systemd machines, since you can easily configure the journal to write to a log file additionally. |
|
So long as we only log one place I really don't care which place that is. |
|
I'm in favor of We can provide commented out journal configuration for end-users that want this instead of the simpler default. |
|
When it comes to elasticsearch as a system service I think we should try to integrate as much as possible with the OS features. I feel like systemd is adopted by more and more distributions and the journalctl is really powerful. We could enable persistent log with a max file size and compress by default. Concerning the vast body of knowledge referring to /var/log/elasticsearch/elasticsearch.log file, I think dropping a file there with a single line comment saying to look at the journal is OK. |
|
@tlrx I'm all in favor in
We can also provide a
That does not alleviate my concerns that I've encountered many end users that have found the journal confusing. |
|
I also completely forgot we are still bound to maintain Proposal from my side, unless we are on systemd exclusively (lets see if that works out without another dozen of init systems jumping into existence): Remove the |
|
Discussed in FixitFriday, agreed with #17220 (comment),, especially given that having logs in a standard place makes it easier for our diagnostic tools to capture them |
This commit adds a -q/--quiet option to Elasticsearch so that it does not log anything in the console and closes stdout & stderr streams. This is useful for SystemD to avoid duplicate logs in both journalctl and /var/log/elasticsearch/elasticsearch.log while still allows the JVM to print error messages in stdout/stderr if needed. closes elastic#17220
This commit adds a -q/--quiet option to Elasticsearch so that it does not log anything in the console and closes stdout & stderr streams. This is useful for SystemD to avoid duplicate logs in both journalctl and /var/log/elasticsearch/elasticsearch.log while still allows the JVM to print error messages in stdout/stderr if needed. closes #17220 (cherry picked from commit 6090c51)
This commit adds a -q/--quiet option to Elasticsearch so that it does not log anything in the console and closes stdout & stderr streams. This is useful for SystemD to avoid duplicate logs in both journalctl and /var/log/elasticsearch/elasticsearch.log while still allows the JVM to print error messages in stdout/stderr if needed. closes #17220 (cherry picked from commit 6090c51)
When the RPM package is installed and elasticsearch is started via systemd, every log message is logged in
/var/log/elasticsearch/and to the systemd journal, which can be accessed using thejournalctltool.I dont think we should put anything into the journal, especially as most other services seem to be kinda scarce on output in there (given my vagrant vm).
Open for discussion.
The text was updated successfully, but these errors were encountered: