When running HAProxy in production, it's crucial that log files are rotated properly to prevent excessive disk usage and system slowdowns. If HAProxy logs are not rotating as expected, it could lead to your disk filling up, affecting the performance and reliability of your system.
If your HAProxy logs are not rotating, it could be due to several possible reasons.
In this post, we'll walk through the most common causes of log rotation issues, how to troubleshoot them, and provide a real-world use case with a solution.
HAProxy typically uses logrotate to handle log file rotation. If your log files are not rotating, it could be due to a missing or misconfigured logrotate configuration.
How to Check Logrotate Configuration:
Ensure there is a logrotate configuration file for HAProxy in /etc/logrotate.d/
It should look similar to the following:
/var/log/haproxy.log {
daily
missingok
rotate 7
compress
notifempty
create 0640 haproxy adm
sharedscripts
postrotate
/etc/init.d/haproxy reload > /dev/null 2>/dev/null || true
endscript
}
Explanation of Directives:
daily: Rotate the log files daily. You can also use weekly, monthly, etc., depending on your requirements.
rotate 7: Keep 7 backup log files before deleting the oldest.
compress: Compress old log files to save disk space.
create 0640 haproxy adm: This ensures that new log files are created with proper permissions (0640), and the owner is set to haproxy, with the group as adm.
postrotate: This ensures that HAProxy is reloaded after log rotation to begin writing to the new log file. If HAProxy is still writing to the old log file, logrotate will not be able to rename the rotated file.
Troubleshooting:
If the logrotate configuration is missing or incorrectly configured, you can either create or update the configuration file as shown above.
To check if logrotate is working correctly, run the following command to simulate the log rotation process:
sudo logrotate -d /etc/logrotate.conf
This command will display what logrotate would do, but will not actually rotate any logs. This is useful for troubleshooting.
2. Permissions Issues
If the HAProxy log files are not being written to or rotated due to permission issues, you need to verify that HAProxy has write access to its log file and the directory.
Check the permissions of /var/log/haproxy.log and ensure the user HAProxy runs as (usually haproxy) has the correct permissions:
ls -l /var/log/haproxy.log
Check that the logrotate user (usually root) has the necessary permissions to rotate the file.
If permissions are incorrect, adjust them with chown and chmod:
sudo chown haproxy:adm /var/log/haproxy.log
sudo chmod 0640 /var/log/haproxy.log
3. Log Output Configuration in HAProxy
HAProxy must be configured to log to a file (e.g., /var/log/haproxy.log). Ensure your HAProxy configuration includes proper logging directives:
In /etc/haproxy/haproxy.cfg, make sure you have something like the following:
global
log /dev/log local0
defaults
log global
option httplog
This tells HAProxy to log to the syslog facility local0, which is often associated with the HAProxy logs. If this is not set correctly, HAProxy may not be logging to the expected location.
4. Logfile Being Open by HAProxy Process
If the HAProxy process is holding the log file open (e.g., if HAProxy is still running with the old log file after rotation), logrotate might fail to rename the file. You can ensure that HAProxy is properly reloading by sending a SIGHUP signal to HAProxy, or by using the postrotate script in the logrotate config (mentioned above).
To manually reload HAProxy, you can:
sudo systemctl reload haproxy
or
sudo service haproxy reload
5. Logrotate Not Running
If logrotate is not running automatically (e.g., if the cron job for logrotate is not configured or working), the logs will not rotate.
Check cron jobs: Ensure that the logrotate cron job is enabled. You can check cron jobs by listing them with:
crontab -l
Alternatively, check if the logrotate service is running (on systems that use systemd):
systemctl status logrotate
To test logrotate manually, run:
sudo logrotate /etc/logrotate.conf
6. Disk Space Issues
If your disk is full, logrotate may not be able to create new log files or rotate old ones. You can check disk usage with:
df -h
If the disk is full, free up some space or increase the disk size.
No comments:
Post a Comment