From: berenddeschouwer Date: Sat, 17 Dec 2022 13:54:16 +0000 (+0200) Subject: vacuum journal remote (#25076) X-Git-Tag: v253-rc1~250 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f12b399dd6362a03379cb769954ebfb9972236ed;p=thirdparty%2Fsystemd.git vacuum journal remote (#25076) * Support vacuuming for journal-remote Co-authored-by: Berend De Schouwer --- diff --git a/man/journal-remote.conf.xml b/man/journal-remote.conf.xml index 3f69f30df32..56992369acd 100644 --- a/man/journal-remote.conf.xml +++ b/man/journal-remote.conf.xml @@ -84,6 +84,33 @@ SSL CA certificate. + + MaxUse= + KeepFree= + MaxFileSize= + MaxFiles= + + These are analogous to SystemMaxUse=, + SystemKeepFree=, SystemMaxFileSize= + and SystemMaxFiles= in + journald.conf5. + + MaxUse= controls how much disk space + the systemd-journal-remote may use up at most. + KeepFree= controls how much disk + space systemd-journal-remote shall leave free for other uses. + systemd-journal-remote will respect both limits + and use the smaller of the two values. + + MaxFiles= controls how many + individual journal files to keep at most. Note that only + archived files are deleted to reduce the number of files until + this limit is reached; active files will stay around. This + means that, in effect, there might still be more journal files + around in total than this limit after a vacuuming operation is + complete. + + @@ -91,8 +118,9 @@ See Also - systemd-journal-remote.service8, + journald.conf5, systemd1, + systemd-journal-remote.service8, systemd-journald.service8 diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c index 440aad1cf7b..476c9ad972c 100644 --- a/src/journal-remote/journal-remote-main.c +++ b/src/journal-remote/journal-remote-main.c @@ -53,6 +53,11 @@ static bool arg_trust_all = false; static bool arg_trust_all = true; #endif +static uint64_t arg_max_use = UINT64_MAX; +static uint64_t arg_max_size = UINT64_MAX; +static uint64_t arg_n_max_files = UINT64_MAX; +static uint64_t arg_keep_free = UINT64_MAX; + STATIC_DESTRUCTOR_REGISTER(arg_gnutls_log, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_key, freep); STATIC_DESTRUCTOR_REGISTER(arg_cert, freep); @@ -759,11 +764,15 @@ static int negative_fd(const char *spec) { static int parse_config(void) { const ConfigTableItem items[] = { - { "Remote", "Seal", config_parse_bool, 0, &arg_seal }, - { "Remote", "SplitMode", config_parse_write_split_mode, 0, &arg_split_mode }, - { "Remote", "ServerKeyFile", config_parse_path, 0, &arg_key }, - { "Remote", "ServerCertificateFile", config_parse_path, 0, &arg_cert }, - { "Remote", "TrustedCertificateFile", config_parse_path, 0, &arg_trust }, + { "Remote", "Seal", config_parse_bool, 0, &arg_seal }, + { "Remote", "SplitMode", config_parse_write_split_mode, 0, &arg_split_mode }, + { "Remote", "ServerKeyFile", config_parse_path, 0, &arg_key }, + { "Remote", "ServerCertificateFile", config_parse_path, 0, &arg_cert }, + { "Remote", "TrustedCertificateFile", config_parse_path, 0, &arg_trust }, + { "Remote", "MaxUse", config_parse_iec_uint64, 0, &arg_max_use }, + { "Remote", "MaxFileSize", config_parse_iec_uint64, 0, &arg_max_size }, + { "Remote", "MaxFiles", config_parse_uint64, 0, &arg_n_max_files }, + { "Remote", "KeepFree", config_parse_iec_uint64, 0, &arg_keep_free }, {} }; @@ -1136,6 +1145,12 @@ static int run(int argc, char **argv) { s.check_trust = !arg_trust_all; } + journal_reset_metrics(&s.metrics); + s.metrics.max_use = arg_max_use; + s.metrics.max_size = arg_max_size; + s.metrics.max_size = arg_keep_free; + s.metrics.n_max_files = arg_n_max_files; + r = create_remoteserver(&s, key, cert, trust); if (r < 0) return r; diff --git a/src/journal-remote/journal-remote-write.c b/src/journal-remote/journal-remote-write.c index f4f3b64811d..2e58c6d91ee 100644 --- a/src/journal-remote/journal-remote-write.c +++ b/src/journal-remote/journal-remote-write.c @@ -1,7 +1,11 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ +#include + #include "alloc-util.h" #include "journal-remote.h" +#include "path-util.h" +#include "stat-util.h" static int do_rotate(ManagedJournalFile **f, MMapCache *m, JournalFileFlags file_flags) { int r; @@ -19,12 +23,13 @@ static int do_rotate(ManagedJournalFile **f, MMapCache *m, JournalFileFlags file Writer* writer_new(RemoteServer *server) { Writer *w; + int r; w = new0(Writer, 1); if (!w) return NULL; - memset(&w->metrics, 0xFF, sizeof(w->metrics)); + w->metrics = server->metrics; w->mmap = mmap_cache_new(); if (!w->mmap) @@ -33,6 +38,18 @@ Writer* writer_new(RemoteServer *server) { w->n_ref = 1; w->server = server; + if (is_dir(server->output, /* follow = */ true) > 0) { + w->output = strdup(server->output); + if (!w->output) + return NULL; + } else { + r = path_extract_directory(server->output, &w->output); + if (r < 0) { + log_error_errno(r, "Failed to find directory of file \"%s\": %m", server->output); + return NULL; + } + } + return w; } @@ -53,6 +70,8 @@ static Writer* writer_free(Writer *w) { if (w->mmap) mmap_cache_unref(w->mmap); + free(w->output); + return mfree(w); } @@ -75,6 +94,9 @@ int writer_write(Writer *w, r = do_rotate(&w->journal, w->mmap, file_flags); if (r < 0) return r; + r = journal_directory_vacuum(w->output, w->metrics.max_use, w->metrics.n_max_files, 0, NULL, /* verbose = */ true); + if (r < 0) + return r; } r = journal_file_append_entry(w->journal->file, ts, boot_id, @@ -93,6 +115,9 @@ int writer_write(Writer *w, return r; else log_debug("%s: Successfully rotated journal", w->journal->file->path); + r = journal_directory_vacuum(w->output, w->metrics.max_use, w->metrics.n_max_files, 0, NULL, /* verbose = */ true); + if (r < 0) + return r; log_debug("Retrying write."); r = journal_file_append_entry(w->journal->file, ts, boot_id, diff --git a/src/journal-remote/journal-remote-write.h b/src/journal-remote/journal-remote-write.h index 2079214e234..c140f6cba3d 100644 --- a/src/journal-remote/journal-remote-write.h +++ b/src/journal-remote/journal-remote-write.h @@ -9,6 +9,7 @@ typedef struct RemoteServer RemoteServer; typedef struct Writer { ManagedJournalFile *journal; JournalMetrics metrics; + char *output; /* directory where we write, for vacuuming */ MMapCache *mmap; RemoteServer *server; diff --git a/src/journal-remote/journal-remote.conf.in b/src/journal-remote/journal-remote.conf.in index 648aa1ba11b..afb319102c0 100644 --- a/src/journal-remote/journal-remote.conf.in +++ b/src/journal-remote/journal-remote.conf.in @@ -18,3 +18,7 @@ # ServerKeyFile={{CERTIFICATE_ROOT}}/private/journal-remote.pem # ServerCertificateFile={{CERTIFICATE_ROOT}}/certs/journal-remote.pem # TrustedCertificateFile={{CERTIFICATE_ROOT}}/ca/trusted.pem +# MaxUse= +# KeepFree= +# MaxFileSize= +# MaxFiles= diff --git a/src/journal-remote/journal-remote.h b/src/journal-remote/journal-remote.h index facf1516e05..39d04464814 100644 --- a/src/journal-remote/journal-remote.h +++ b/src/journal-remote/journal-remote.h @@ -6,6 +6,7 @@ #include "hashmap.h" #include "journal-remote-parse.h" #include "journal-remote-write.h" +#include "journal-vacuum.h" #if HAVE_MICROHTTPD #include "microhttpd-util.h" @@ -40,6 +41,7 @@ struct RemoteServer { JournalWriteSplitMode split_mode; JournalFileFlags file_flags; bool check_trust; + JournalMetrics metrics; }; extern RemoteServer *journal_remote_server_global;