WIP: Metacat logrotate

[mamelara]

Logrotation and cron job for catalina.out

Description

This uses a logrotation configuration that allows a user to rotate catalina.out. It is the recommended approach by the Apache Tomcat wiki. Since we cannot have root control over in Spin this adds some "hack arounds". The hack is described here in full detail but the short description is that we use a cron job that calls logrotate as the metacat user. Modification of the crontab is programmatically done as described here. This will be done in the docker-entrypoint.sh

Fixes ess-dive/ess-dive-project#123

Type of change

Please delete options that are not relevant.

• [X] New feature (non-breaking change which adds functionality)

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

• [ ] Unit tests
• [ ] Integration tests
• [ ] Test coverage >= 77%
• [ ] Flake8 Tests
• [ ] Mypy Tests
• [X] Other - add any additional tests here

Currently the tests are done manually. In order to test the logrotate issue, the metacat docker-container should be started up as described in the ess-dive-catalog README. Once you have the metacat container up from this branch you will want to go into essdive-appstack and build the new image. Look for the tagged image (I've been using a local one) and then run the command docker exec -it essdive_mn /bin/bash to enter the docker container in a bash shell. From there you can test running the commands manually.

To test apply_config.py create two copies of the cron and logrotate modify them and then run apply_config.py [new_config] [old_config] and see if the changes are reflect in the old_config.

[vchendrix]

@mamelara I see this new PR but noone has been assigned. Is this still a draft? If so, you can convert it to a draft.

It would be good to avoid having cron running in the metacat container as it would negate the idea of microservices. I have a couple of explorations: 1) Is it possible to avoid the cron "hack around" by making the logrotate director writable by the metacat group? 2) is it possible to have the logrotate in a separate docker container that is cronned in Spin?

[vchendrix]

@mamelara issue branche names should start with issue-<number>-<short description>. For example issue-123-metacat-log-rolling.

[mamelara]

@vchendrix yes this is a draft because I am stuck and not sure if I am implementing the best solution for this problem. Thank you for your recommendations.

Is it possible to avoid the cron "hack around" by making the logrotate director writable by the metacat group?

So, in order to run logrotate as a service, we would need a logrotate.conf file in logrotate.d directory. This line though: create 640 tomcat7 adm makes me think that we can maybe write logs and change them as the metacat user.

The issue here though would be modifying the logrotate service while the service remains up without having to rebuild and deploy the container.

is it possible to have the logrotate in a separate docker container that is cronned in Spin?

I am curious myself if this is possible though I'm not sure if there is currently a way for a container to execute commands through another container via Spin

[vchendrix]

@mamelara After we have deployed our first release candidate to staging let's discuss possible solutions.

[mamelara]

Closing this since its a draft