PDNS log rotation

logrotatepowerdns

I wonder what's the recommended way to rotate PowerDNS log files. I added the following entry to logrotate:

# cat /etc/logrotate.d/pdns 
/var/log/pdns/*.log {
    daily
    rotate 7
    compress
    delaycompress
}

– but it looks like PowerDNS doesn't accept the signals from logrotate and it's referring the old log file:

# lsof | grep "pdns.log*"
rsyslogd  17776    root    5w      REG              253,0      88273     785738 /var/log/pdns/pdns.log-20140728

There are two available methods:

1.
The copytruncate option but then there is a warning that some logging data might be lost.

copytruncate
              Truncate the original log file in place after creating a copy,
              instead of moving the old log file and optionally creating a
              new one.

2.
The postrotate script. It seems that a full restart is required because reload (pdns_control cycle) and kill HUP are also ignored – with this method PowerDNS will be unavailable for a short period of time.

postrotate
        /sbin/service pdns reload > /dev/null 2>/dev/null || true
    endscript

Q1.
Is there a better method to avoid potential logging data lost or the need to do a full restart?

Details:

– System: CentOS 6x

– Version: pdns-3.3.1
– related options

/etc/pdns/pdns.conf
...
log-dns-queries=yes
loglevel=5
logging-facility=6
...

Edit:

It's strange but I also noticed that it works fine with default logging-facility to system log /var/log/messages.

Best Answer

PowerDNS logs to the local syslog, so it is the syslog daemon you need to send a HUP signal to when you rotate the log files. You do not need to signal PowerDNS at all.

For example (taken from the logrotate configuration for rsyslog):

/var/log/pdns/*.log {
    sharedscripts
    postrotate
        /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
    endscript
}

Related Solutions

Logrotate Configuration for Apache HTTPD on CentOS

No, the '/sbin/service httpd reload' command does not kill all connections as it does not initiate a 'hard restart'. CentOS triggers Apache via service, other OSs do via init scripts. For all of them a 'reload' means a graceful restart/sending Apache the USR1 signal:

"The USR1 or graceful signal causes the parent process to advise the children to exit after their current request (or to exit immediately if they're not serving anything). The parent re-reads its configuration files and re-opens its log files. As each child dies off the parent replaces it with a child from the new generation of the configuration, which begins serving new requests immediately."

Linux – Rsyslog stops sending data to remote server after log rotation

The problem was actually coming from logrotate.

Basically with my configuration, running unicorn, I don't need to use the copytruncate directive. (which is what causes problems here)

USR1 - Reopen all logs owned by the worker process. See Unicorn::Util.reopen_logs for what is considered a log. Log files are not reopened until it is done processing the current request, so multiple log lines for one request (as done by Rails) will not be split across multiple logs.

This started working properly after updating to this configuration:

/home/user/my_app/shared/log/*.log {
  daily
  missingok
  dateext
  rotate 30
  compress
  notifempty
  extension gz
  create 640 user user
  sharedscripts

  post-rotate
    # Telling Unicorn to reload files
    test -s /home/user/my_app/shared/pids/unicorn.pid && kill -USR1 "$(cat /home/user/my_app/shared/pids/unicorn.pid)"

    # Reloading rsyslog telling it that files have been rotated
    reload rsyslog 2>&1 || true
  endscript
}

Related Topic