Merge pull request #2295 from mchaker/mchaker-2022-07-mount-logs

host-ctr: add a mount for system logs
bottlerocket-os · Jul 27, 2022 · 2e4049a · 2e4049a
2 parents a965ae4 + 3bd7ae5
commit 2e4049a
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -674,13 +674,15 @@ Here are the metrics settings:
   **Important note:** this setting does not affect kernel modules that are already loaded.
   You may need to reboot for a change to disallow a kernel module to take effect.
   * Example user data for blocking kernel modules:
+
     ```
     [settings.kernel.modules.sctp]
     allowed = false
 
     [settings.kernel.modules.udf]
     allowed = false
     ```
+
 * `settings.kernel.sysctl`: Key/value pairs representing Linux kernel parameters.
   Remember to quote keys (since they often contain ".") and to quote all values.
   * Example user data for setting up sysctl:
@@ -896,13 +898,14 @@ logdog
 ```
 
 This will write an archive of the logs to `/var/log/support/bottlerocket-logs.tar.gz`.
+This archive is accessible from host containers at `/.bottlerocket/support`.
 You can use SSH to retrieve the file.
 Once you have exited from the Bottlerocket host, run a command like:
 
 ```bash
 ssh -i YOUR_KEY_FILE \
     ec2-user@YOUR_HOST \
-    "cat /.bottlerocket/rootfs/var/log/support/bottlerocket-logs.tar.gz" > bottlerocket-logs.tar.gz
+    "cat /.bottlerocket/support/bottlerocket-logs.tar.gz" > bottlerocket-logs.tar.gz
 ```
 
 (If your instance isn't accessible through SSH, you can use [SSH over SSM](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-enable-ssh-connections.html).)

diff --git a/sources/host-ctr/cmd/host-ctr/main.go b/sources/host-ctr/cmd/host-ctr/main.go
@@ -708,6 +708,13 @@ func withDefaultMounts(containerID string, persistentDir string) oci.SpecOpts {
 			Destination: fmt.Sprintf("/var/lib/bottlerocket/inventory/application.json"),
 			Source:      fmt.Sprintf("/usr/share/bottlerocket/application-inventory.json"),
 		},
+		// Bottlerocket logs
+		{
+			Options:     []string{"bind", "ro"},
+			Destination: "/.bottlerocket/support",
+			Source:      "/var/log/support",
+			Type:        "bind",
+		},
 	}
 
 	// The `current` dir was added for easier referencing in Dockerfiles and scripts.