How does alpine linux handle system logging (cannot find log files under /var/log)
#1
Sun, 2016-09-18 23:10
u6f6o
-
- Offline
- 1 year 6 months ago
- 2016-09-18
Hi,
I created some docker images lately in order to set up a container with open vpn and firewall (iptables) support.
So far most things are working fine, but as I have some issues with the firewall, I added some more iptables rules to log dropped packages to /var/log/messages. I realized though, that even if sth. is dropped, no log file can be found under /var/log.
Thus my question is: How does alpine linux handle (system) logging and how can I check the iptables log specifically?
Thx in advance,
u6f6o
I use Alpine on few computers ("Real" hosts and LXC virtual hosts) and I don't have any problems with log files. Everything I need I can find in its usual place. /var/log...
Including openvpn and /var/log/messages
So, problem is not in the AL. Probably it's wrong Docker settings
The docker alpine image includes only the bare minimum, that's why it's less then 5 MB in size.
It doesn't include a syslog daemon. If you need one, you have to install it, e.g. by "apk add rsyslog". Furthermore the docker image has no init system, so you need your own startup script, that starts the log server (rsyslogd). Or you also install some init system.
If you are only interested in the kernel log message, then "dmesg" is a simple (and low level) utility for that.
.
I learnt that docker disabled standard LOG in the kernel in order to disable log flooding and DDOSing the host. You were right, Alpine works as intended, but docker simply swallows these log messages. After all, I use ulogd now to see the messages from iptables.