TIL: Systemd Journald Cannot Clear the Logs of a Specific Unit

Some logs of my Docker containers got out of hand, so I tried Docker’s Journald logging driver. It did not take long for the log of the service to grow again, but no problem. Here’s the plan:

1. reconfigure service to be less verbose

2. truncate logs

3. €€€

… or so I thought.

As always, systemd does not disappoint: It’s impossible to remove the log of a single unit using its journalctl command: https://stackoverflow.com/a/37915789

Of course, there are workarounds, but I don’t want workarounds. I want sane, “standard” handling of things.

Well… Back to files, a UNIX concept that proved flexible and powerful since the dawn of time [1].

cat <<'EOF' > /etc/docker/daemon.json
{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "200m",
    "max-file": "1"
  }
}
EOF

systemctl restart docker.service

Note that running containers have to be stopped, removed and restarted for them to use the new log driver. Afterwards you find the log files here:

ls /var/lib/docker/containers/*/*json.log

For log aggregation and storage, I use promtail. I have to use the JSON File logging driver, because Promtail’s docker_sd_config demands that “The containers must run with either the json-file or journald logging driver.”. I would like to use the Local File logging driver, because on the machine itself, I prefer performance and minimal disk use.

---

[1]

According to https://www.lugod.org/presentations/filesystems.pdf since 1974. 🤓

Tuxedo Akku Aufgebläht   TIL: vim docker-compose.yml completion using vim-coc