Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NAS-131125 / 24.10.0 / Do not clone systemd journal on upgrade (by anodos325) (by bugclerk) #713

Merged
merged 1 commit into from
Sep 12, 2024
Merged

NAS-131125 / 24.10.0 / Do not clone systemd journal on upgrade (by anodos325) (by bugclerk) #713

merged 1 commit into from
Sep 12, 2024

Conversation

bugclerk
Copy link

During the upgrade process its possible for the syslog-ng cursor for the systemd journal to advance beyond what is present in the newly cloned logs dataset. This results in syslog-ng re-reading the same messages and sending them a second time to remote syslog servers, our audit databases, and local files.

For typical purposes the systemd journal is treated as ephemeral data, but is not something we want to lose on reboot or upgrade. This means that volatile storage is undesirable. As a compromise solution that absolutely prevents duplicate entries we have settled on creating a new dedicated systemd journal dataset on upgrades. The old journal contents dataset are preserved in the previous boot environment.

This has the added advantage of allowing us to disable ACL support on the logs dataset.

Original PR: #711
Jira URL: https://ixsystems.atlassian.net/browse/NAS-131125

Original PR: #712
Jira URL: https://ixsystems.atlassian.net/browse/NAS-131125

@anodos325 @bugclerk
Do not clone systemd journal on upgrade
1b83476 
During the upgrade process its possible for the syslog-ng cursor for
the systemd journal to advance beyond what is present in the newly
cloned logs dataset. This results in syslog-ng re-reading the same
messages and sending them a second time to remote syslog servers, our
audit databases, and local files.

For typical purposes the systemd journal is treated as ephemeral data,
but is not something we want to lose on reboot or upgrade. This means
that volatile storage is undesirable. As a compromise solution that
absolutely prevents duplicate entries we have settled on creating a new
dedicated systemd journal dataset on upgrades. The old journal contents
dataset are preserved in the previous boot environment.

This has the added advantage of allowing us to disable ACL support
on the logs dataset.

(cherry picked from commit fc2477c)
(cherry picked from commit ccd0a50)
@bugclerk bugclerk self-assigned this Sep 12, 2024
@anodos325 anodos325 merged commit 3a96609 into stable/electriceel Sep 12, 2024
3 of 4 checks passed
@anodos325 anodos325 deleted the NAS-131125-24.10.0 branch September 12, 2024 13:27
@bugclerk
Copy link
Author

This PR has been merged and conversations have been locked.
If you would like to discuss more about this issue please use our forums or raise a Jira ticket.

@truenas truenas locked as resolved and limited conversation to collaborators Sep 12, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@anodos325 anodos325 anodos325 approved these changes

Assignees

@bugclerk bugclerk

Labels
no-time-tracked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bugclerk @anodos325