Linux LogRotate

 Question: The Nautilus DevOps team is ready to launch a new application, which they will deploy on app servers in Stratos Datacenter. They are expecting significant traffic/usage of squid on app servers after that. This will generate massive logs, creating huge log files. To utilise the storage efficiently, they need to compress the log files and retain them for a maximum of 3 weeks. Check the requirements shared below:

a. In all app servers install squid package.

b. Using logrotate configure squid logs rotation to monthly and keep only 3 rotated.

(If by default log rotation is set, then please update configuration as needed)

Please Note:-  Perform the below commands based on your question server,  user name & other details that might differ. So please read the task carefully before executing it. All the Best 👍

Solution:  

1. Login on all app servers & switch to root user1. Login on   App server as per the task

thor@jump_host ~$ ssh tony@stapp01 The authenticity of host 'stapp03 (172.16.238.12)' can't be established. ECDSA key fingerprint is SHA256:jQBzPUeKPaiyjrpKdy6e4PG/2IswOUaZYIogb7o1SHE. ECDSA key fingerprint is MD5:1f:11:06:a6:ec:6c:f5:37:38:31:79:ad:a6:70:94:37. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'stapp01,172.16.238.10' (ECDSA) to the list of known hosts. banner@stapp01's password: [banner@stapp01~]$ sudo su -  We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:      #1) Respect the privacy of others.     #2) Think before you type.     #3) With great power comes great responsibility.  [sudo] password for banner: [root@stapp01 ~]#

2. Install the package as per the given task

[root@stapp01 ~]# yum install squid -y Loaded plugins: fastestmirror, ovl Loading mirror speeds from cached hostfile  * base: mirror.team-cymru.com  * extras: ftpmirror.your.org  * updates: bay.uchicago.edu Resolving Dependencies --> Running transaction check ---> Package squid.x86_64 7:3.5.20-17.el7_9.6 will be installed --> Processing Dependency: squid-migration-script for package: 7:squid-3.5.20-17.el7_9.6.x86_64 --> Finished Dependency Resolution  Dependencies Resolved  ==========================================================================================  Package                       Arch         Version                   Repository     Size ========================================================================================== Installing:  squid                         x86_64       7:3.5.20-17.el7_9.6       updates       3.1 M Installing for dependencies:  groff-base                    x86_64       1.22.2-8.el7              base          942 k  libecap                       x86_64       1.0.0-1.el7               base           21 k  Transaction Summary ========================================================================================== Install  1 Package (+40 Dependent packages)  Total download size: 17 M Installed size: 53 M Downloading packages: (1/41): libecap-1.0.0-1.el7.x86_64.rpm                             |  21 kB  00:00:00     (2/41): libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm                     |  49 kB  00:00:00     Running transaction check Running transaction test Transaction test succeeded Running transaction   Installing : 7:squid-migration-script-3.5.20-17.el7_9.6.x86_64                     1/41   Installing : libtool-ltdl-2.4.2-22.el7_3.x86_64                                    2/41   Installed:   squid.x86_64 7:3.5.20-17.el7_9.6    [root@stapp01 ~]#

[3. Navigate to logrotate folder and check existing folder

[root@stapp01 ~]# ll /etc/logrotate.d/ total 8 -rw-r--r-- 1 root root 435 Apr 15 18:47 squid -rw-r--r-- 1 root root 103 Nov  5  2018 yum [root@stapp01 ~]# cat /etc/logrotate.d/squid /var/log/squid/*.log {     weekly     rotate 5     compress     notifempty     missingok     nocreate     sharedscripts     postrotate       # Asks squid to reopen its logs. (logfile_rotate 0 is set in squid.conf)       # errors redirected to make it silent if squid is not running       /usr/sbin/squid -k rotate 2>/dev/null       # Wait a little to allow Squid to catch up before the logs is compressed       sleep 1     endscript } [root@stapp01 ~]#

4. As per the task edit log file & save the file

[root@stapp01 ~]# vi /etc/logrotate.d/squid  [root@stapp01 ~]# cat /etc/logrotate.d/squid /var/log/squid/*.log {     monthly     rotate 3     compress     notifempty     missingok     nocreate     sharedscripts     postrotate       # Asks squid to reopen its logs. (logfile_rotate 0 is set in squid.conf)       # errors redirected to make it silent if squid is not running       /usr/sbin/squid -k rotate 2>/dev/null       # Wait a little to allow Squid to catch up before the logs is compressed       sleep 1     endscript } [root@stapp01 ~]#

5. Start services & check the status

[root@stapp01 ~]# systemctl start squid [root@stapp01 ~]# systemctl status squid ● squid.service - Squid caching proxy    Loaded: loaded (/usr/lib/systemd/system/squid.service; disabled; vendor preset: disabled)    Active: active (running) since Sat 2021-07-17 05:53:56 UTC; 42s ago   Process: 973 ExecStart=/usr/sbin/squid $SQUID_OPTS -f $SQUID_CONF (code=exited, status=0/SUCCESS)   Process: 968 ExecStartPre=/usr/libexec/squid/cache_swap.sh (code=exited, status=0/SUCCESS)  Main PID: 974 (squid)    CGroup: /docker/a5b128496beeffa4e18848ee8eadfff12c5068d4b9e42d184417cd5b1ecab66a/system.slice/squid.service            ├─974 /usr/sbin/squid -f /etc/squid/squid.conf            ├─976 (squid-1) -f /etc/squid/squid.conf            └─977 (logfile-daemon) /var/log/squid/access.log   Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[973]: Executing: /usr/sbin/squi... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com squid[974]: Squid Parent: will start 1 ... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com squid[974]: Squid Parent: (squid-1) pro... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[1]: Child 973 belongs to squid.... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[1]: squid.service: control proc... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[1]: squid.service got final SIG... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[1]: Main PID guessed: 974 Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[1]: squid.service changed start... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[1]: Job squid.service/start fin... Jul 17 05:53:56 stapp01.stratos.xfusioncorp.com systemd[1]: Started Squid caching proxy. Hint: Some lines were ellipsized, use -l to show in full. [root@stapp01 ~]#

Please Note:- I have shown only for stapp01. 

You have to do this in all app server stapp01,stapp02, stapp03. 

6.  Click on Finish & Confirm to complete the task successfully

Happy Learning!!!!

Apart from this if you need more clarity,  I have made a  tutorial video on this, 

please go through and share your comments. Like and share the knowledge