Merge pull request #460 from djs55/iptables-syslog

Make the iptables wrapper use syslog

alpine/packages/diagnostics/capture.go

@@ -47,7 +47,6 @@ var (
 	}
 	localCmdCaptures = []CommandCapturer{
 		{"/usr/bin/tail", []string{"-100", "/var/log/proxy-vsockd.log"}},
-		{"/usr/bin/tail", []string{"-100", "/var/log/service-port-opener.log"}},
 		{"/usr/bin/tail", []string{"-100", "/var/log/vsudd.log"}},
 	}
 	localCaptures = []Capturer{NewDatabaseCapturer()}

alpine/packages/iptables/Dockerfile

@@ -1,7 +1,7 @@
 FROM ocaml/opam:alpine
 RUN sudo apk add m4
-RUN opam install ocamlfind astring -y
+RUN opam install ocamlfind astring syslog -y
 WORKDIR /app
 ADD . /app
 RUN sudo chown -R opam /app
-RUN opam config exec -- ocamlfind ocamlopt -package unix,astring -linkpkg -o iptables main.ml
+RUN opam config exec -- ocamlfind ocamlopt -package unix,astring,syslog -linkpkg -o iptables main.ml

alpine/packages/iptables/main.ml

@@ -16,17 +16,11 @@ type port = {
   port:  string; (* container port *)
 }
 
-let log_fd = Unix.openfile "/var/log/service-port-opener.log" [ Unix.O_WRONLY; Unix.O_APPEND; Unix.O_CREAT ] 0o0644
+let syslog = Syslog.openlog ~facility:`LOG_SECURITY "iptables-wrapper"
 
 let logf fmt =
   Printf.ksprintf (fun s ->
-    let s = s ^ "\n" in
-    let rec loop ofs remaining =
-      if remaining > 0 then begin
-        let n = Unix.write log_fd s ofs remaining in
-        loop (ofs + n) (remaining - n)
-      end in
-    loop 0 (String.length s)
+    Syslog.syslog syslog `LOG_INFO s
   ) fmt
 
 let pid_filename { proto; dport; ip; port } =