github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-08-04 08:20:01 +00:00
Code Issues Projects Releases Wiki Activity

iptables wrapper: write to syslog rather than /var/log/service-port-opener.log

Browse Source 
This will enable proper log rotation and is simpler.

Signed-off-by: David Scott <dave.scott@docker.com>
This commit is contained in:
David Scott 2016-09-01 11:28:14 +01:00
parent 0f1298e336
commit cd052f1fe0
2 changed files with 4 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
alpine/packages/iptables/Dockerfile
View File

@ -1,7 +1,7 @@
FROM ocaml/opam:alpine FROM ocaml/opam:alpine
RUN sudo apk add m4 RUN sudo apk add m4
RUN opam install ocamlfind astring -y RUN opam install ocamlfind astring syslog -y
WORKDIR /app WORKDIR /app
ADD . /app ADD . /app
RUN sudo chown -R opam /app RUN sudo chown -R opam /app
RUN opam config exec -- ocamlfind ocamlopt -package unix,astring -linkpkg -o iptables main.ml RUN opam config exec -- ocamlfind ocamlopt -package unix,astring,syslog -linkpkg -o iptables main.ml

10
alpine/packages/iptables/main.ml
View File

@ -16,17 +16,11 @@ type port = {
port: string; (* container port *) port: string; (* container port *)
} }
let log_fd = Unix.openfile "/var/log/service-port-opener.log" [ Unix.O_WRONLY; Unix.O_APPEND; Unix.O_CREAT ] 0o0644 let syslog = Syslog.openlog ~facility:`LOG_SECURITY "iptables-wrapper"
let logf fmt = let logf fmt =
Printf.ksprintf (fun s -> Printf.ksprintf (fun s ->
let s = s ^ "\n" in Syslog.syslog syslog `LOG_INFO s
let rec loop ofs remaining =
if remaining > 0 then begin
let n = Unix.write log_fd s ofs remaining in
loop (ofs + n) (remaining - n)
end in
loop 0 (String.length s)
) fmt ) fmt
let pid_filename { proto; dport; ip; port } = let pid_filename { proto; dport; ip; port } =