Redhat - configuration container (persistent storage and automatic startup)

Registration server information

Register server address registry.domain250.example.com

Use admin as the username and redhat321 as the credentials for the image registry

#Configure the container to start automatically

Using the rsyslog mirror on the registry server, create a container named logserver

For wallah users, configure a systemd service

The service is named container-logserver and starts automatically on system reboot without intervention

 
# Configure persistent storage for the container

Extend the service of the previous task by

Configure the host system's journald journal to preserve data across system reboots, and restart the logging service

Copy any files with *.journal in the host /var/log/journal directory to /home/wallah/container_logfile

Configure the service to automatically mount /home/wallah/container_logfile to /var/log/journal in the container on startup

[root@node1 ~]# man journald.conf
[root@node1 ~]# vim /etc/systemd/journald.conf
[root@node1 ~]# ll -d /run/log/journal/
drwxr-sr-x. 4 root systemd-journal 80 May 12 18:11 /run/log/journal/
[root@node1 ~]# mkdir /var/log/journal
[root@node1 ~]# ll -d /var/log/journal
drwxr-xr-x. 2 root root 6 May 12 18:57 /var/log/journal
[root@node1 ~]# chmod -R g+s /var/log/journal
[root@node1 ~]# ll -d /var/log/journal
drwxr-sr-x. 2 root root 6 May 12 18:57 /var/log/journal
[root@node1 ~]# chown root:systemd-journal /var/log/journal
[root@node1 ~]# ll -d /var/log/journal
drwxr-sr-x. 2 root systemd-journal 6 May 12 18:57 /var/log/journal
[root@node1 ~]# systemctl restart systemd-journald
[root@node1 ~]# systemctl enable systemd-journald
The unit files have no installation config (WantedBy, RequiredBy, Also, Alias
settings in the [Install] section, and DefaultInstance for template units).
This means they are not meant to be enabled using systemctl.
Possible reasons for having this kind of units are:
1) A unit may be statically enabled by being symlinked from another unit's
   .wants/ or .requires/ directory.
2) A unit's purpose may be to act as a helper for some other unit which has
   a requirement dependency on it.
3) A unit may be started when needed via activation (socket, path, timer,
   D-Bus, udev, scripted systemctl call, ...).
4) In case of template units, the unit is meant to be enabled with some
   instance name specified.
[root@node1 ~]# systemctl status systemd-journald
● systemd-journald.service - Journal Service
   Loaded: loaded (/usr/lib/systemd/system/systemd-journald.service; static; ve>
   Active: active (running) since Fri 2023-05-12 18:59:26 EDT; 16s ago
     Docs: man:systemd-journald.service(8)
           man:journald.conf(5)
 Main PID: 1505 (systemd-journal)
   Status: "Processing requests..."
    Tasks: 1 (limit: 11345)
   Memory: 1.3M
   CGroup: /system.slice/systemd-journald.service
           └─1505 /usr/lib/systemd/systemd-journald

May 12 18:59:26 node1.domain250.example.com systemd-journald[1505]: Journal sta>
May 12 18:59:26 node1.domain250.example.com systemd-journald[1505]: System jour>
[root@node1 ~]# cp /var/log/journal/*/*.journal /home/wallah/container_logfile
[root@node1 ~]# cd /home/wallah
[root@node1 wallah]# ll
total 0
drwxr-xr-x. 2 wallah wallah 28 May 12 19:00 container_logfile
[root@node1 wallah]# cd container_logfile/
[root@node1 container_logfile]# ll
total 8192
-rw-r-----. 1 root root 8388608 May 12 19:00 system.journal
[root@node1 container_logfile]# chown wallah ~wallah
[root@node1 container_logfile]# ll
total 8192
-rw-r-----. 1 root root 8388608 May 12 19:00 system.journal
[root@node1 container_logfile]# chown -R wallah ~wallah
[root@node1 container_logfile]# ll
total 8192
-rw-r-----. 1 wallah root 8388608 May 12 19:00 system.journal
[root@node1 container_logfile]# ssh wallah@localhost
Activate the web console with: systemctl enable --now cockpit.socket

This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register

[wallah@node1 ~]$ podman login registry.domain250.example.com
Username: admin
Password: 
Login Succeeded!
[wallah@node1 ~]$ podman search registry.domain250.example.com/
INDEX         NAME                                               DESCRIPTION   STARS   OFFICIAL   AUTOMATED
example.com   registry.domain250.example.com/rhel8/mariadb-103                 0                  
example.com   registry.domain250.example.com/rhel8/httpd-24                    0                  
example.com   registry.domain250.example.com/library/nginx                     0                  
example.com   registry.domain250.example.com/ubi7/ubi                          0                  
example.com   registry.domain250.example.com/ubi8/ubi                          0                  
example.com   registry.domain250.example.com/rhel8/rsyslog                     0                  
[wallah@node1 ~]$ podman run -d --name logserver -v /home/wallah/container_logfile:/var/log/journal:Z registry.domain250.example.com/rhel8/rsyslog 
Trying to pull registry.domain250.example.com/rhel8/rsyslog...
Getting image source signatures
Copying blob d23202532999 done  
Copying blob b6efbecbebd6 done  
Copying blob 88afac75a773 done  
Copying config 1ca52ef7a2 done  
Writing manifest to image destination
Storing signatures
e0012a874499ca23600c9744fbd5d6cd0fd054f824924798b8d843c68eeac62a
[wallah@node1 ~]$ podman ps
CONTAINER ID  IMAGE                                                COMMAND          CREATED        STATUS            PORTS  NAMES
e0012a874499  registry.domain250.example.com/rhel8/rsyslog:latest  /bin/rsyslog.sh  7 seconds ago  Up 6 seconds ago         logserver
[wallah@node1 ~]$ podman stop logserver
e0012a874499ca23600c9744fbd5d6cd0fd054f824924798b8d843c68eeac62a
[wallah@node1 ~]$ podman ps
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES
[wallah@node1 ~]$ loginctl enable-linger 
[wallah@node1 ~]$ mkdir -p ~/.config/systemd/user
[wallah@node1 ~]$ cd ~/.config/systemd/user
[wallah@node1 user]$ ll
total 0
[wallah@node1 user]$ podman generate systemd -n logserver -f
/home/wallah/.config/systemd/user/container-logserver.service
[wallah@node1 user]$ systemctl enable --user --now container-logserver.service
Created symlink /home/wallah/.config/systemd/user/multi-user.target.wants/container-logserver.service → /home/wallah/.config/systemd/user/container-logserver.service.
Created symlink /home/wallah/.config/systemd/user/default.target.wants/container-logserver.service → /home/wallah/.config/systemd/user/container-logserver.service.
[wallah@node1 user]$ podman ps
CONTAINER ID  IMAGE                                                COMMAND          CREATED        STATUS            PORTS  NAMES
e0012a874499  registry.domain250.example.com/rhel8/rsyslog:latest  /bin/rsyslog.sh  3 minutes ago  Up 6 seconds ago         logserver
[wallah@node1 user]$ podman images
REPOSITORY                                     TAG      IMAGE ID       CREATED       SIZE
registry.domain250.example.com/rhel8/rsyslog   latest   1ca52ef7a2f4   2 years ago   232 MB