Airgap Directory 100% full causing problem with downloading TKG cluster images from Airgap.
search cancel

Airgap Directory 100% full causing problem with downloading TKG cluster images from Airgap.

book

Article ID: 345743

calendar_today

Updated On:

Products

VMware Telco Cloud Automation

Issue/Introduction

/var/log/nginx/access.log or /var/log/messages is consuming excessive disk space.

 

Environment

1.x
2.x

Cause

Excessive invalid login attempts using invalid credentials.
Log files are not being rotated properly.

Resolution

Address the source of the excessive invalid login attempts which are using invalid credentials within your environment and install and configure logrotate.

NOTE: All the commands must be executed as the 'root' user

Step 1: Disable Airgap Internet Repositories

root# tdnf clean all
sed -i 's/^enabled=1/enabled=0/' /etc/yum.repos.d/*.repo

Step 2: Enable Airgap Local Repositories 

root# echo "[airgapphoton]
name=VMware Airgap Photon Release Repo
baseurl=https://$HOSTNAME/release/photon
gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY
gpgcheck=1
enabled=1
skip_if_unavailable=True" > /etc/yum.repos.d/airgapphoton.repo

root# echo "[airgappu]
name=VMware Airgap Photon Updates Repo
baseurl=https://$HOSTNAME/updates/photon-updates
gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY
gpgcheck=1
enabled=1
skip_if_unavailable=True" > /etc/yum.repos.d/airgappu.repo

root# echo "[airgap-telco-debuginfo]
name=VMware Airgap Photon Telco Debuginfo
baseurl=https://$HOSTNAME/updates/photon-telco-debuginfo
gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY
gpgcheck=1
enabled=1
skip_if_unavailable=True" > /etc/yum.repos.d/airgap-telco-debuginfo.repo

root# echo "[airgap-telco-updates]
name=VMware Airgap Photon Telco Updates
baseurl=https://$HOSTNAME/updates/photon-telco-updates
gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY
gpgcheck=1
enabled=1
skip_if_unavailable=True" > /etc/yum.repos.d/airgap-telco-updates.repo

Step3:  Install logrotate and cronie

root# tdnf intall -y logrotate cronie


Step4: Start and Enable crond service

root# systemctl enable --now crond.service

root# systemctl status crond.service

Step 5: Create config files in logrotate.d folder

root# echo "/var/log/nginx/*.log {
rotate 10
size 200M
copytruncate
compress
missingok
nodateext
}" > /etc/logrotate.d/nginx

root#  echo "/var/log/messages {
prerotate
/usr/bin/chattr -a /var/log/messages
endscript
compress
size 200M
weekly
rotate 8
copytruncate
missingok
postrotate
/usr/bin/kill -HUP rsyslogd
endscript
}" > /etc/logrotate.d/messages

Step 6: Update permissions: 

chmod +x /etc/cron.daily/logrotate

Step 7:  Execute testing:

root # logrotate -f /etc/logrotate.d/nginx

root # logrotate -f /etc/logrotate.d/messages

4. Validate files have been rotated

root# ls -l /var/log/nginx/

root# ls -l /var/log/


Workaround:

Address the source of the excessive invalid login attempts which are using invalid credentials within your environment and truncate the /var/log/nginx/access.log 

Attachments

Airgap logrotate - SYSTEMD get_app