FWIW (probably not much), I have run into an issue with regard to the default journal size being too large on Fedora Server when running a bunch of systemd-nspawn containers each with sshd and fail2ban enabled. When I reboot a bunch of the containers at once (or the whole hypervisor), fail2ban really seemed to bog things down and use a lot of CPU time (re)scanning the journals for failed ssh attempts to (re)ban the IP addresses. In my case, I worked around the issue with the following. The real problem might be with my fail2ban configuration or something else. But it might be something to consider when thinking about what would be a good size/time limit for the journal.
# cat /etc/systemd/system/fail2ban.service.d/override.conf [Service] ExecStartPre=/usr/bin/journalctl --vacuum-time=1months _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
