1. Topic requirements
Question eight
Configure the container and enable it to start automatically. The registry is located at http://registry.lab.example.com, the registry user is rhel8, and the password is redhat321;
Using the rsyslog image in the registry, create a container named journal-server;
Configure it to run as a system service, and only face the user student;
Question 9
Extend the service of the previous task
Configure the host system log to retain data after system restart, and restart the logging service;
Configure the service to start and automatically mount /home/student/container_logfile to /var/log/journal of the container; enter the container and use the following command logger -p local3.info this is testing logger’ to send the container log.
2. Problem solving process
1. Use the student user to log in to blue
[roo@host1 ~]$ ssh student@blue -X student@blue's password: Warning: No xauth data; using fake authentication data for X11 forwarding. X11 forwarding request failed on channel 0 Activate the web console with: systemctl enable --now cockpit.socket This system is not registered to Red Hat Insights. See https://cloud.redhat.com/ To register this system, run: insights-client --register Last login: Thu May 27 12:58:41 2021 [student@blue ~]$
2. Create a new folder
[student@blue ~]$ mkdir /home/student/container_logfile [student@blue ~]$ loginctl enable-linger [student@blue ~]$
3. Log in to the registration form
[student@blue ~]$ podman login registry.lab.example.com Username: rhel8 Password: Login Succeeded! [student@blue ~]$
4. Find rsyslog
[student@blue ~]$ podman search rsyslog INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED example.com registry.lab.example.com/rhel8/rsyslog 0 [student@blue ~]$
5. Pull the image
[student@blue ~]$ podman pull registry.lab.example.com/rhel8/rsyslog Trying to pull registry.lab.example.com/rhel8/rsyslog… Getting image source signatures Copying blob 675ca883249a skipped: already exists Copying blob 53732dad4680 [----------------------------------------] 0.0b / 0.0b Copying blob a538c9b97609 [----------------------------------------] 0.0b / 0.0b Copying blob a490e26747ef [----------------------------------------] 0.0b / 0.0b Copying config 4d58530530 done Writing manifest to image destination Storing signatures 4d58530530f79689673c2b07d48076b3db331ef9c0e5074b1ec5a3d530523018 [student@blue ~]$
6. Run the container and view
[student@blue ~]$ podman run -d --name=journal-server -v /home/student/container_logfile/:/var/log/journal:Z registry.lab.example.com/rhel8/rsyslog be71fe2cdbea4e6c28de09efcfc14593bf9ca51d9c1a8bd7f8140aed3344c02d [student@blue ~]$ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES be71fe2cdbea registry.lab.example.com/rhel8/rsyslog:latest /usr/sbin/init 9 seconds ago Up 8 seconds ago journal-server [student@blue ~]$
7. Create a new target folder
[student@blue ~]$ mkdir -p ~/.config/systemd/user [student@blue ~]$ cd ~/.config/systemd/user [student@blue user]$
8. Configure the system service and start automatically after booting
[student@blue user]$ podman generate systemd --name journal-server --files --new /home/student/.config/systemd/user/container-journal-server.service /home/student/.config/systemd/user/container-journal-server.service [student@blue user]$ ls container-journal-server.service [student@blue user]$
stop and delete the container
[student@blue user]$ podman stop journal-server be71fe2cdbea4e6c28de09efcfc14593bf9ca51d9c1a8bd7f8140aed3344c02d [student@blue user]$ podman rm journal-server be71fe2cdbea4e6c28de09efcfc14593bf9ca51d9c1a8bd7f8140aed3344c02d [student@blue user]$ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [student@blue user]$
Make the generated system service start automatically at boot and take effect immediately
[student@blue user]$ systemctl --user enable --now container-journal-server.service Created symlink /home/student/.config/systemd/user/multi-user.target.wants/container-journal-server.service → /home/student/.config/systemd/user/container-journal-server.service. Created symlink /home/student/.config/systemd/user/default.target.wants/container-journal-server.service → /home/student/.config/systemd/user/container-journal-server.service. [student@blue user]$
Check if mirroring is running automatically
[student@blue user]$ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8ff271f0f3bd registry.lab.example.com/rhel8/rsyslog:latest /usr/sbin/init 58 seconds ago Up 58 seconds ago journal-server [student@blue user]
restart verification
[root@host1 ~]# ssh student@blue student@blue's password: Activate the web console with: systemctl enable --now cockpit.socket This system is not registered to Red Hat Insights. See https://cloud.redhat.com/ To register this system, run: insights-client --register Last login: Tue May 23 09:49:14 2023 from 172.24.1.254 [student@blue ~]$ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d42c5e0ba7fa registry.lab.example.com/rhel8/rsyslog:latest /usr/sbin/init 17 seconds ago Up 16 seconds ago journal-server [student@blue ~]$
9. Verify log mount
Enter the container and execute the command to generate the log
[student@blue ~]$ podman exec -it journal-server /bin/bash [root@d42c5e0ba7fa /]# logger -p local5.info 'this is testing logger' [root@d42c5e0ba7fa /]# logger -p local5.info 'this is testing logger' [root@d42c5e0ba7fa /]#
10. Check whether the log is generated
[root@d42c5e0ba7fa /]# cd /var/log/journal/ [root@d42c5e0ba7fa journal]# ls b876c6ebf55f4c99bb17eff7b851aa86 rhcsa.log [root@d42c5e0ba7fa journal]# cat rhcsa.log May 23 14:10:57 d42c5e0ba7fa root[35]: this is testing logger May 23 14:10:59 d42c5e0ba7fa root[36]: this is testing logger [root@d42c5e0ba7fa journal]#
11. Exit the container and check whether the mounted directory also has log files
[root@d42c5e0ba7fa journal]# exit exit [student@blue ~]$ ls container_logfile [student@blue ~]$ cd container_logfile/ [student@blue container_logfile]$ ls b876c6ebf55f4c99bb17eff7b851aa86 rhcsa.log [student@blue container_logfile]$ cat rhcsa.log May 23 14:10:57 d42c5e0ba7fa root[35]: this is testing logger May 23 14:10:59 d42c5e0ba7fa root[36]: this is testing logger [student@blue container_logfile]$