Run as docker container?

[mattes]

I'm trying to run systemd-netlogd inside a docker container. What sockets/files from the host machine would I need to mount into the docker container so that I can ship log data?

Is this approach infeasible?

[ssahani]

We open SD_JOURNAL_LOCAL_ONLY that is

"/run/log/journal\0"
    "/var/log/journal\0"

If can make access to these then it should work I guess. Not tested though.

[mattes]

I unfortunately wasn't able to get it to work. I'm going to post the things I've done here, maybe someone else wants to play around with it:

1. Compile systemd-netlogd inside Docker container, see Dockerfile.
2. Start container:

docker run -it --rm \
  -v /var/log/journal:/var/log/journal \
  -v /run/systemd/journal:/run/log/journal \
  -v /var/run/systemd:/var/run/systemd \
  -v $PWD/systemd-netlogd.conf:/etc/systemd/system/systemd-netlogd.conf \
  --privileged systemdnetlog bash

3. Inside container I run (see strace)

cd /lib/systemd && ./systemd-netlogd

4. On host machine I run:

logger "this is a test"

Now looking at the strace output, I see it's waiting on a epoll_wait, so I assume it's not reading the right files (maybe I mounted the wrong ones) or can't read them?

Please also note that the docker run command above is highly invasive, not suitable for prod usage.

Also, for reference I'm testing all of this on Google's Container-Optimized OS

[bobzoller]

I'm not using this project, but I traced through a similar issue and found I needed to to mount /etc/machine-id from the host (or at least mirror its contents) to my docker container to get it to work. here's the relevant bit of code in systemd.

HTH!