Performing log rotation as a part of chef recipe

Question

I am using the following recipe to perform log rotation:

bash 'adding_logrotate_for_consul' do
  code <<-EOH
    echo "" >> /etc/logrotate.conf
    echo "/tmp/output.log {" >> /etc/logrotate.conf
    echo -e "\tsize 20M" >> /etc/logrotate.conf
    echo -e "\tcreate 700 root root" >> /etc/logrotate.conf
    echo -e "\trotate 3" >> /etc/logrotate.conf
    echo "}" >> /etc/logrotate.conf
  EOH
end

The above code runs completely fine and it adds the following entry in /etc/logrotate.conf

/tmp/output.log {
        size 20M
        create 700 root root
        rotate 3
}

However, after the above entry is added using chef, I have to manually run the following command on the node everytime:

logrotate -s /var/log/logstatus /etc/logrotate.conf

How can I include the above command in chef recipe so that log rotation can be performed using chef recipe after the file size reached 20M??

Answer 1

I think there are a few things here you are doing less than ideally. Let me go one by one:

I am using the following recipe to perform log rotation:

bash 'adding_logrotate_for_consul' do code ...

This is not a good way of creating a logrotate entry. Chef (and other orchestration tools) have a very nice feature called idempotency. Its basic meaning is that you can run the same recipe many times, and it will only converge itself, or "apply" itself, if it is needed. A problem you will have with the way you are doing this is that your block of code will run EVERY time you run you cookbook - so after 5 runs, you will have 5 identical entries in /etc/logrotate.conf. That wouldn't be very good...

Thankfully there are much better ways of doing what you want to do. Are you familiar with the Chef Supermarket? This is a site where you can find many pre-made cookbooks to extend the functionality of your cookbook. So, for your current problem, you could for example use the cookbook called logrotate. How can you use it in your own cookbook? You need to include it by adding the following to these files:

BERKSFILE

source 'https://supermarket.chef.io'
metadata

METADATA.RB

depends 'logrotate'

Now your cookbook is aware of the 'logrotate' cookbook, and you can use the Chef resources it provides. So you could create the following recipe:

logrotate_app 'app_with_logs' do
  path      '/tmp/output.log'
  options   ['size 20M']
  rotate    3
  create    '700 root adm'
end

Now, when you run your recipe, this will create the logrotate entry, only if it doesn't already exist. Handy! (note, this might create the entry in /etc/logrotate.d/ instead of /etc/logratate.conf. This is the preferred way of adding a logrotate entry).

On to the next part.

How can I include the above command in chef recipe so that log rotation can be performed using chef recipe after the file size reached 20M??

Logrotate as a program runs automatically, once a day. When it runs, it will check all entries in /etc/logrotate.conf and /etc/logrotate.d/*, and run them if they fulfil the requirements (in this case, size of 20M). However, since it only runs once a day, depending how fast your log grows, it could be much bigger than 20M by the time it gets evaluated and rotated!

So now, you have two options. Either, one, let logrotate work as it is expected to, and rotate your log once a day if, when it looks at it, its over 20M in size. Or two, you could do what you want to do and run that command in a Chef recipe, although this would not be a good way of doing it. But, for completeness, I will tell you how you can run a command with Chef. But remember! This will, again, NOT be idempotent. Thus why it is not a good way of doing this!

To run a command from a Chef recipe, use the execute resource. For example:

execute 'rotate_my_log_because_I_cant_wait_24h' do
  command 'logrotate -s /var/log/logstatus /etc/logrotate.conf'
end

That will run that command on your node. But again, this is not the recommended way of doing this.