75 lines
2.2 KiB
YAML
75 lines
2.2 KiB
YAML
---
|
|
- name: 配置 systemd-journald
|
|
hosts: all
|
|
become: yes
|
|
|
|
vars:
|
|
journald_config:
|
|
system_max_use: "500M"
|
|
system_max_file_size: "100M"
|
|
max_retention_sec: "7day"
|
|
rate_limit_interval_sec: "30s"
|
|
rate_limit_burst: "10000"
|
|
|
|
backup_journald: true
|
|
|
|
tasks:
|
|
- name: 备份原有 journald.conf
|
|
ansible.builtin.copy:
|
|
src: /etc/systemd/journald.conf
|
|
dest: "/etc/systemd/journald.conf.backup.{{ ansible_date_time.iso8601_basic_short }}"
|
|
remote_src: yes
|
|
force: no
|
|
when: backup_journald
|
|
|
|
- name: 部署 journald.conf 配置
|
|
ansible.builtin.copy:
|
|
dest: /etc/systemd/journald.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
backup: yes
|
|
content: |
|
|
# This file is managed by Ansible
|
|
# Manual changes will be overwritten
|
|
# See journald.conf(5) for details.
|
|
|
|
[Journal]
|
|
# 限制日志最大使用空间(所有服务总和)
|
|
SystemMaxUse={{ journald_config.system_max_use }}
|
|
|
|
# 单个日志文件最大大小
|
|
SystemMaxFileSize={{ journald_config.system_max_file_size }}
|
|
|
|
# 保留日志的时间
|
|
MaxRetentionSec={{ journald_config.max_retention_sec }}
|
|
|
|
# 限制单个服务的日志速率(防止日志炸弹)
|
|
RateLimitIntervalSec={{ journald_config.rate_limit_interval_sec }}
|
|
RateLimitBurst={{ journald_config.rate_limit_burst }}
|
|
notify: 重启 systemd-journald
|
|
|
|
- name: 验证 journald 服务状态
|
|
ansible.builtin.systemd:
|
|
name: systemd-journald
|
|
register: journald_status
|
|
|
|
- name: 显示 journald 服务状态
|
|
ansible.builtin.debug:
|
|
msg: "journald 状态: {{ journald_status.status.ActiveState }}"
|
|
|
|
- name: 显示日志磁盘使用情况
|
|
ansible.builtin.command: journalctl --disk-usage
|
|
register: disk_usage
|
|
changed_when: false
|
|
|
|
- name: 显示磁盘使用
|
|
ansible.builtin.debug:
|
|
var: disk_usage.stdout
|
|
|
|
handlers:
|
|
- name: 重启 systemd-journald
|
|
ansible.builtin.systemd:
|
|
name: systemd-journald
|
|
state: restarted
|