Docker container log management best practices

Author: freedom chaos to the rest of his life in the morning and evening sooner or later, the rest of my life Blog garden: www.cnblogs.com/operationho…

All content of this article is based on:

Docker-CE
Server Version: 18.09.6
Storage Driver: overlay2
Kernel Version: 3.10.0-862.el7.x86_64
Operating System: CentOS Linux 7 (Core)
Copy the code

Docker logs fall into two categories:

• Docker engine logs (i.e., dockerd runtime logs),
• Container logs. Logs generated by the services in the container.

Docker engine logs

Docker engine logs are usually handed to Upstart(Ubuntu 14.04) or Systemd (CentOS 7, Ubuntu 16.04). The former general is located in the/var/log/upstart docker. Log, which we usually by journalctl -u docker to look at it.

| | system log position | | -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | Ubuntu (14.04) | `/var/logUpstart/docker. Log ` | | Ubuntu (16.04) | ` journalctl -u docker. Service ` | | CentOS/RHEL 7 / Fedora 7 | ` journalctl -u docker.service` | | CoreOS | `journalctl -u docker.service` | | OpenSuSE | `journalctl -u docker.service` | | OSX | `~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/log/d‌ocker.log` |
| Debian GNU/Linux 7     | `/var/log/daemon.log`                                        |
| Debian GNU/Linux 8     | `journalctl -u docker.service`                               |
| Boot2Docker            | `/var/log/docker.log`                                        |
Copy the code

The above content from: blog.lab99.org/post/docker…

Container logs

2.1 Commonly used command to view logs — docker logs

UNIX and Linux commands have three input and output options: STDIN(standard input), STDOUT(standard output), STDERR(standard error output). Docker logs display contents including STOUT and STDERR. In a production environment, if our application outputs to our log files, we generally do not collect much important log information when using Docker logs.

• The official nginx image uses a way to export logs to STDOUT by creating a symbolic link/var/log/nginx/access.log 到 /dev/stdout.
• HTTPD uses to make it output to the specified file, normal log output to/proc/self/fd/1(STDOUT), error log output to/proc/self/fd/2(STDERR).
• When the amount of logs is large, we use Docker logs to check the logs, which will cause great pressure on the Docker daemon and slow container creation.
• Only useLocal, json-file, journaldDocker logs can be used to capture logs by a log driven container, but not by other log driversdocker logs

2.2 Docker log driver

Docker provides two modes for moving messages from the container to the log driver.

• (Default) reject, block from container to container driver
• Non-blocking passes, and logs are stored in the container’s buffer.

When the buffer is full, old logs are discarded.

Use blocking(default) or non-blocking in the mode log option. Max -buffer-size (default: 1MB) is required when setting it to non-blocking.

Supported drivers

Description | | | | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | ` none ` | run container no log, ` docker logs ` also does not return any output. | | [`local`](https://docs.docker.com/config/containers/logging/local/) | log is stored in a custom format, designed to achieve the minimum cost. | | [` json - file `] (https://docs.docker.com/config/containers/logging/json-file/) | log format for json. Docker's default logging driver. | | [` syslog `] (https://docs.docker.com/config/containers/logging/syslog/) | to write the log messages into ` syslog `. The syslog daemon must be running on the host. | | [` journald `] (https://docs.docker.com/config/containers/logging/journald/) | to write the log messages into ` journald `. The journald daemon must run on the host. | | [` gelf `] (https://docs.docker.com/config/containers/logging/gelf/) | to write the log messages into Graylog extended log format (gelf) endpoint, such as Graylog or Logstash.  | | [` fluentd `] (https://docs.docker.com/config/containers/logging/fluentd/) | to write the log messages into ` fluentd ` forward (input). The 'Fluentd' daemon must be running on the host. | | [` awslogs `] (https://docs.docker.com/config/containers/logging/awslogs/) | to write the log messages into the Amazon CloudWatch Logs. | | [` splunk `] (https://docs.docker.com/config/containers/logging/splunk/) | using HTTP event collector will log messages written ` splunk `. | | [` etwlogs `] (https://docs.docker.com/config/containers/logging/etwlogs/) | write log messages for Windows (ETW) tracking events. This operation applies only to Windows platforms. | | [` gcplogs `] (https://docs.docker.com/config/containers/logging/gcplogs/) | to write the log messages into the Google Cloud Platform (GCP) Logging. | | [` logentries `] (https://docs.docker.com/config/containers/logging/logentries/) | to write the log messages into the Rapid7 logentries. |Copy the code

With the docker-CE version, the Docker logs command only applies to the following drivers.

• local
• json-file
• journald

Common commands used by Docker log drivers

View the log driver currently configured in the system

docker  info |grep  "Logging Driver"  / docker info --format '{{.LoggingDriver}}'
Copy the code

View log drivers for individual container Settings

docker inspect  -f '{{.HostConfig.LogConfig.Type}}'The container idCopy the code

Docker logs drive global configuration changes

To change the log driver, configure the log driver in the /etc/docker-daemon. json file. Note that the file is in JSON format.

Example:

{
  "log-driver": "syslog"
}
Copy the code

The above changes are log-driven for all containers. We can also set up the log driver separately for a single container.

Docker single container log driver configuration

Specify the log-driver when running the container.

docker  run  -itd --log-driver none alpine ash The log driver specified here is None
Copy the code

Log driver 1 local

The local logging driver records the output from the container’s STOUT/STDERR and writes it to the host’s disk.

By default, the local logging driver reserves 100MB of log information for each container and enables automatic compression to save it. (As tested, 100MB reserved logs are uncompressed logs.)

Driven local log storage location/var/lib/docker/containers/container id/local – logs/in the container. The log name.

Options supported by the local driver

| | options described sample value | | | : -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | ` Max - size ` | before cutting the maximum size of the log. The value can be K,m, or g. The default value is 20m. | ` - log - opt Max - size = 10 m ` | | ` Max - file ` | the maximum number of log files can exist. If the maximum value is exceeded, the oldest files are deleted. ** This parameter is valid only when max-size is set. The default value is 5. | ` - log - opt Max - file = 3 ` | | ` compress ` | corresponding cutting log files whether to enable compression. It is enabled by default. | `--log-opt compress=false` |

Copy the code

Set the global log driver to -local

In the /etc/docker-daemon. json file (note that the content of this file is in JSON format), you can configure it.

{
  "log-driver": "local"."log-opts": {
    "max-size": "10m"}}Copy the code

Restart the Docker to take effect.

Set the log driver for a single container to -local

Run the container and set it to local driver.

Run a container, set the log driver to local, and run ping www.baidu.com
[root@localhost docker]# docker run -itd --log-driver local alpine ping www.baidu.com
3795b6483534961c1d5223359ad1106433ce2bf25e18b981a47a2d79ad7a3156
Check whether the logging driver of the running container is local
[root@localhost docker]# docker inspect -f '{{.HostConfig.LogConfig.Type}}' 3795b6483534961c
local
# check log
[root@localhost local-logs]# tail -f /var/lib/docker/containers/3795b6483534961c1d5223359ad1106433ce2bf25e18b981a47a2d79ad7a3156/local-logs/container.logNNdout Ѱ : ̈:64 bytes from 14.215.177.38: seq=816 TTL =55 time=5.320 MS NNdoutه, legislation ̈:64 bytes from 14.215.177.38: Seq = 817 TTL = 55 time = 4.950 msCopy the code

Note: In our tests, we had four compressed files and one container.log when we produced a 100 MB log:

[root@localhost local-logs]# ls -l
total 32544
-rw-r-----. 1 root root 18339944 May 16 09:41 container.log
-rw-r-----. 1 root root  3698660 May 16 09:41 container.log.1.gz
-rw-r-----. 1 root root  3726315 May 16 09:41 container.log.2.gz
-rw-r-----. 1 root root  3805668 May 16 09:41 container.log.3.gz
-rw-r-----. 1 root root  3744104 May 16 09:41 container.log.4.gz
Copy the code

If the size of a log file exceeds 100MB, the log file is written to container.log, but the old log file is deleted and a new one is added to the container. An old log file in container.log is deleted and saved to 100MB. This is going to have some effect on us,

When I run the system, I generate 100MB logs due to a bug on the first day, so the previous logs have been compressed into 80MB logs, so I can only get the latest 20MB logs in the subsequent run.Copy the code

Log driver 2. Default log driver – JSON

Default log driver json-file for all containers.

Json-file The log driver records the output from the container’s STOUT/STDERR and writes it to a file in JSON format. The log contains not only the output log, but also the timestamp and output format. Here is a JSON log corresponding to ping www.baidu.com

{"log":"64 bytes from 14.215.177.39: seq=34 TTL =55 time=7.067 ms\r\n"."stream":"stdout"."time":"" the T14:2019-05-16. 030612567 z"}
Copy the code

Json – the path of the log file located in/var/lib/docker/containers/container_id/container_id – json. The log.

The jSON-file log driver supports the following options:

| | options described sample value | | | : -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | ` Max - size ` | before cutting the maximum size of the log. The unit is k,m, or g. The default value is -1 (unlimited). | ` - log - opt Max - size = 10 m ` | | ` Max - file ` | the maximum number of log files can exist. If cutting the log creates more files than the threshold, the oldest files are deleted. ** This parameter is valid only when max-size is set. ** positive integer. The default value is 1. | ` - log - opt Max - file = 3 ` | | ` labels ` | apply to activate the Docker daemon. A comma-separated list of logging related tags accepted by this daemon. | ` - log - opt labels = production_status, geo ` | | ` env ` | apply to activate the Docker daemon. A comma-separated list of logging related environment variables accepted by this daemon. | ` - log - opt env = OS, customer ` | | ` env - regex ` | similar and compatible ` env `. A regular expression used to match logging related environment variables. | ` - log - opt env - regex = ^ (OS | customer). ` | | ` compress ` | cutting logging is compressed. The default is' disabled '. | `--log-opt compress=true`                |
Copy the code

json-fileLog-driven examples for

# set the log driver to json-file, or not, because the default is json-file
docker run  -itd  --name  test-log-json  --log-driver json-file   alpine  ping www.baidu.com
199608b2e2c52136d2a17e539e9ef7fbacf97f1293678aded421dadbdb006a5e

Log -json.log
tail -f/var/lib/docker/containers/199608b2e2c52136d2a17e539e9ef7fbacf97f1293678aded421dadbdb006a5e/199608b2e2c52136d2a17e539e9e f7fbacf97f1293678aded421dadbdb006a5e-json.log {"log":"64 bytes from 14.215.177.39: seq=13 TTL =55 time= 15.023ms \r\n"."stream":"stdout"."time":"The 2019-05-16 T14: when 003118877 z"}
{"log":"64 bytes from 14.215.177.39: seq=14 TTL =55 time= 9.640ms \r\n"."stream":"stdout"."time":"The 2019-05-16 T14: when 999011017 z"}
{"log":"64 bytes from 14.215.177.39: seq=15 TTL =55 time= 8.938ms \r\n"."stream":"stdout"."time":"The 2019-05-16 T14: plague. 998612636 z"}
{"log":"64 bytes from 14.215.177.39: seq=16 TTL =55 time=18.086 ms\r\n"."stream":"stdout"."time":"The 2019-05-16 T14: and. Appear 011235913 z"}
{"log":"64 bytes from 14.215.177.39: seq=17 TTL =55 time= 12.615ms \r\n"."stream":"stdout"."time":"The 2019-05-16 T14:13:58. 007104112 z"}
{"log":"64 bytes from 14.215.177.39: seq=18 TTL =55 time= 11.009ms \r\n"."stream":"stdout"."time":"The 2019-05-16 T14: pronounce. 007559413 z"}
Copy the code

Log driver 3. Syslog

The syslog driver routes logs to the syslog server. Syslog uses the original string as log message metadata. The receiver can extract the following messages:

• Level Indicates the log level, for exampledebug.warning.error.info.
• Timestamp timestamp
• Hostname Indicates the host on which the event occurred
• Facillty system module
• Process name and process ID

syslogLogging drives global configuration

Edit the /etc/docker-daemon. json file

{
  "log-driver": "syslog"."log-opts": {
    "syslog-address": "Udp: / / 2:1111"}}Copy the code

Restart the Docker to take effect.

| Option | Description | Example value | | :----------------------- | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | ` syslog - address ` | specify syslog service's server and use the protocol and port. Format: ` [TCP | | udp TCP + TLS] : / / host: port, Unix: / / path, orunixgram: / / path `. The default port is 514. | ` - log - opt syslog - address = TCP + TLS: / / 192.168.1.3:514 `, ` - log - opt syslog - address = Unix: / / / TMP/syslog. The sock ` | | ` syslog - facility ` | use ` syslog ` equipment, See the specific device name/syslog documentation (https://tools.ietf.org/html/rfc5424# section - 6.2.1). | ` - log - opt syslog daemon ` - facility = || ` syslog - TLS - ca - cert ` | if you are using ` TCP + TLS ` address, specify the address of the ca certificate, if there is no use, do not set this option. | ` - log - opt syslog - TLS - ca - cert = / etc/ca - certificates/custom/ca. Pem ` | | ` syslog TLS - cert ` | if you are using ` TCP + TLS ` address, Specifies the address of the TLS certificate. If it is not used, this option is not set. | ` - log - opt syslog - TLS - cert = / etc/ca - certificates/custom/cert. Pem ` | | ` syslog TLS - key ` | if you are using ` TCP + TLS ` address, Specifies the address of the TLS certificate key. If the TLS certificate key is not used, this option is not set. * * | ` - log - opt syslog - TLS - key = / etc/ca certificates/custom/key. The pem ` | | ` syslog - TLS - skip - verify ` | if set totrue, skips TLS authentication. The default value isfalse              | `--log-opt syslog-tls-skip-verify=true` | | ` tag ` | attach the name of the application to the ` syslog ` message, by default, using a container ID before 12 to mark the log information. | ` - log - opt tag = mailer ` | | ` syslog - format ` | ` syslog ` using message format If use the local UNIX syslog format is not specified, rfc5424micro format has subtle timestamp. | ` - log - opt syslog - format = rfc5424micro ` | | ` labels ` | start docker, configuration and log related labels, With comma-separated | ` - log - opt labels = production_status, geo ` | | ` env ` | start docker, specified environment variables are used to log in, Comma-separated | ` - log - opt env = OS, customer ` | | ` env - regex ` | similar and compatible ` env `, | ` - log - opt env - regex = ^ (OS \ | customer) ` |Copy the code

** The single container log driver is set to – syslog **

Linux system we use the system log module rsyslog, it is based on syslog standard implementation. To use the syslog driver, you need to use the rsyslog service of the system.

View the current Rsyslog version and basic information
[root@localhost harbor]# rsyslogd -vRsyslogd 8.24.0, Compiled with: PLATFORM: x86_64- Redhat-Linux-GNU PLATFORM (LSb_release-d):		
	FEATURE_REGEXP:				Yes
	GSSAPI Kerberos 5 support:		Yes
	FEATURE_DEBUG (debug build, slow code):	No
	32bit Atomic operations supported:	Yes
	64bit Atomic operations supported:	Yes
	memory allocator:			system default
	Runtime Instrumentation (slow code):	No
	uuid support:				Yes
	Number of Bits in RainerScript integers: 64

See http://www.rsyslog.com for more information.
Copy the code

In the /etc/rsyslog.conf configuration file around line 14-20, we can see two configurations, one udp and one TCP, which listen on port 514 and provide syslog reception. Select TCP and comment out the # before the two configurations of TCP.

# Provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514

# Provides TCP syslog reception
#$ModLoad imtcp  
#$InputTCPServerRun 514
Copy the code

Then restart rsyslog and we can see that port 514 is listening.

systemctl restart  rsyslog
[root@localhost harbor]# netstat -ntul |grep 514TCP 0 0 0.0.0.0:514 0.0.0.0:* LISTEN TCP6 0 0: :514 ::* LISTENCopy the code

Start a syslog driven container.

docker  run -d-it -p 87:80 --log-driver syslog --log-opt syslog-address= TCP ://127.0.0.1:514 --name nginx-syslog nginxCopy the code

Access and view logs

# visit nginxThe curl 127.0.0.1:87View the access log
tail -f  /var/log/messages May 17 15:56:48 localhost fe18924aEFDE [6141]: 172.17.0.1 - - [17/May/2019:07:56:48 +0000]"The GET/HTTP / 1.1"200, 612,"-" "Curl / 7.29.0" "-"# 015
May 17 15:58:16 localhost fe18924aefde[6141]: 172.17.0.1 - - [17/May/2019:07:58:16 +0000] "The GET/HTTP / 1.1"200, 612,"-" "Curl / 7.29.0" "-"# 015
Copy the code

Journald

The Journald logging driver sends the container’s logs to Systemd Journal, which can be looked up using the Journal API or using Docker logs.

In addition to the log itself, the Journald log driver stores the log along with the following data and messages. | Field | Description | | :----------------------------------- | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | ` CONTAINER_ID ` | container ID, for 12 characters | | ` CONTAINER_ID_FULL ` | Full container ID, of 64 characters | | ` CONTAINER_NAME ` | activated when the name of the vessel, if changed the name of the container behind, log name won't change it. | | `CONTAINER_TAG`, ` SYSLOG_IDENTIFIER ` | container tag. | | ` CONTAINER_PARTIAL_MESSAGE ` | when log longer use the tag to represent (display the size of the log) whether options | | | options must be described | | | : -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | ` tag ` | | optional Specifies the template to set the 'CONTAINER_TAG' and 'SYSLOG_IDENTIFIER' values in the log. | | ` labels ` | | of optional comma-separated list of tags, if specify the label for the container, should be included in the message. | | ` env ` | | of optional if for container, specifies the variables with comma-separated list of environment variables button (should be included in the message). | | ` env - regex ` | optional | and env similar and compatible. A regular expression used to match logging related environment variables. |Copy the code

journaldLogging drives global configuration

Edit the /etc/docker-daemon. json file

{
  "log-driver": "journald"
}
Copy the code

Single container log driver set to –journald

docker  run  -d -it --log-driver=journald \
    --log-opt labels=location \
    --log-opt env=TEST \
    --env "TEST=false" \
    --label location=china \
    --name  nginx-journald\
    -p 80:80\
    nginx
Copy the code

View journalctl

Select * from container
 journalctl CONTAINER_NAME=webserver
# -b Specifies all messages since the last startup
 journalctl -b CONTAINER_NAME=webserver
-o specifies the log message format. -o json indicates that the log message is returned in JSON format
 journalctl -o json CONTAINER_NAME=webserver
# -f always capture log output
 journalctl -f CONTAINER_NAME=webserver
Copy the code

If our container was started with -t and TTY enabled, my view of the log would look like this

May 17 17:19:26 localhost.localdomain 2a338e4631fe[6141]: [104B blob data]
May 17 17:19:32 localhost.localdomain 2a338e4631fe[6141]: [104B blob data]
Copy the code

The reason to display [104B blob data] instead of the full log is because of the existence of \r. If we want to display the full log, we need to add the parameter –all.

3. How to store logs in containers in production environment

We have seen that Docker officially provides many log drivers, but the above drivers are for standard output log drivers.

Container Log Classification

There are actually two main categories of container logs:

• The standard output logs, namely STDOUT and STDERR, can be collected by the official Docker log driver.

Example: Nginx log, Nginx log has access. Log and error. Log, we can see on Docker Hub Nginx dockerfile processing for these two logs:

RUN ln -sf /dev/stdout /var/log/nginx/access.log \
	&& ln -sf /dev/stderr /var/log/nginx/error.log
Copy the code

Both are soft-wired to /dev/stdout and /dev/stderr, also known as standard output, so this type of container can use the official Docker log driver.

• Text logs that exist inside the container and are not redirected to the container’s standard output.

  Example: Tomcat logs, including Catalina, localhost, Manager, admin, and host-manager. We can see in Docker Hub that Tomcat dockerfile is only processed for Catalina, other logs will be stored in the container.

  CMD ["catalina.sh"."run"]
  Copy the code

  We ran a Tomcat container, and after accessing it and logging in to the container, we can see the text log generated:

  root@25ba00fdab97:/usr/local/tomcat/logs# ls -l
  total 16
  -rw-r-----. 1 root root 6822 May 17 14:36 catalina.2019-05-17.log
  -rw-r-----. 1 root root    0 May 17 14:36 host-manager.2019-05-17.log
  -rw-r-----. 1 root root  459 May 17 14:36 localhost.2019-05-17.log
  -rw-r-----. 1 root root 1017 May 17 14:37 localhost_access_log.2019-05-17.txt
  -rw-r-----. 1 root root    0 May 17 14:36 manager.2019-05-17.log
  Copy the code

  We have a special plan to deal with such containers.

A container that is completely standard output

We can choose jSON-file, syslog, local and other log drivers supported by Docker.

Second, when there is a file text log type container

Option 1 mount the directory bind

Create a directory and mount it to the directory in the container where the logs are generated.

--mount  type=bind,src=/opt/logs/,dst=/usr/local/tomcat/logs/ 
Copy the code

Example:

Create mount directory /opt/logs
[root@fy-local-2 /]# mkdir /opt/logs
Mount /opt/logs to /usr/local/tomcat/logs/
[root@fy-local-2 /]# docker run -d --name tomcat-bind -P --mount type=bind,src=/opt/logs/,dst=/usr/local/tomcat/logs/ tomcat
[root@fy-local-2 /]# ls -l /opt/logs/
total 12
-rw-r----- 1 root root 6820 May 22 17:31 catalina.2019-05-22.log
-rw-r----- 1 root root    0 May 22 17:31 host-manager.2019-05-22.log
-rw-r----- 1 root root  459 May 22 17:31 localhost.2019-05-22.log
-rw-r----- 1 root root    0 May 22 17:31 localhost_access_log.2019-05-22.txt
-rw-r----- 1 root root    0 May 22 17:31 manager.2019-05-22.log
Copy the code

Scheme 2 Uses the data volume

Create a data volume. Bind the data volume when creating a container.

--mount  type=volume  src=volume_name  dst=/usr/local/tomcat/logs/ 
Copy the code

Example:

The name of the application volume is tomcat
[root@fy-local-2 /]# docker volume create tomcat
/usr/local/tomcat/logs/
[root@fy-local-2 /]# docker run -d --name tomcat-volume -P --mount type=volume,src=tomcat,dst=/usr/local/tomcat/logs/ tomcat
# View the contents of the data volume
[root@fy-local-2 /]# ls -l /var/lib/docker/volumes/tomcat/_data/
total 12
-rw-r----- 1 root root 6820 May 22 17:33 catalina.2019-05-22.log
-rw-r----- 1 root root    0 May 22 17:33 host-manager.2019-05-22.log
-rw-r----- 1 root root  459 May 22 17:33 localhost.2019-05-22.log
-rw-r----- 1 root root    0 May 22 17:33 localhost_access_log.2019-05-22.txt
-rw-r----- 1 root root    0 May 22 17:33 manager.2019-05-22.log

Copy the code

Scheme 3 calculates the mount point of container RootFS

This plan the text content of extract from yq.aliyun.com/articles/67…

Collecting logs by mounting the host directory is somewhat intrusive because it requires that the container be started with a mount command. It would be great if the collection process were transparent to the user. In fact, you can do this by calculating the container rootFS mount point.

A concept closely related to the container rootFS mount point is the Storage driver. During actual use, users select an appropriate storage driver based on the Linux version, file system type, and container read/write conditions. The rootFS mount points of different storage drivers follow certain rules. Therefore, you can infer the rootFS mount points of containers based on the type of storage drivers to collect internal logs of containers. The following table shows rootFS mount points of some storage dirvers and their calculation methods.

| | Storage driver | rootfs mount point method to calculate the | | : -- -- -- -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | : -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - | | aufs | / var/lib/docker aufs/MNT / < id > | id can be read from the following file. `/var/lib/docker/image/aufs/layerdb/mounts/<container-id>/mount-id` | | overlay | /var/lib/docker/overlay/<id>/merged | You can run the following command to obtain the full path. `docker inspect-f '{{.GraphDriver.Data.MergedDir}}'< the container - id > ` | | overlay2 | / var/lib/docker overlay2 / < id > / merged | full path can be obtained by the following commands. `docker inspect-f '{{.GraphDriver.Data.MergedDir}}'< the container - id > ` | | devicemapper | / var/lib/docker devicemapper/MNT / < id > / rootfs | id can be obtained by the following commands. `docker inspect-f '{{.GraphDriver.Data.DeviceName}}' <container-id>` |
Copy the code

Example:

Create a container tomcat-test
[root@fy-local-2 /]# docker run -d --name tomcat-test -P tomcat
36510dd653ae7dcac1d017174b1c38b3f9a226f9c4e329d0ff656cfe041939ff  
# check the mount point location of the tomcat-test container
[root@fy-local-2 /]# docker inspect -f '{{.GraphDriver.Data.MergedDir}}' 36510dd653ae7dcac1d017174b1c38b3f9a226f9c4e329d0ff656cfe041939ff  
/var/lib/docker/overlay2/c10ec54bab8f3fccd2c5f1a305df6f3b1e53068776363ab0c104d253216b799d/merged
View the directory structure of the mount point
[root@fy-local-2 /]# ls -l /var/lib/docker/overlay2/c10ec54bab8f3fccd2c5f1a305df6f3b1e53068776363ab0c104d253216b799d/merged
total 4
drwxr-xr-x 1 root root  179 May  8 13:05 bin
drwxr-xr-x 2 root root    6 Mar 28 17:12 boot
drwxr-xr-x 1 root root   43 May 22 17:27 dev
lrwxrwxrwx 1 root root   33 May  8 13:08 docker-java-home -> /usr/lib/jvm/java-8-openjdk-amd64
drwxr-xr-x 1 root root   66 May 22 17:27 etc
drwxr-xr-x 2 root root    6 Mar 28 17:12 home
drwxr-xr-x 1 root root    6 May 16 08:50 lib
drwxr-xr-x 2 root root   34 May  6 08:00 lib64
drwxr-xr-x 2 root root    6 May  6 08:00 media
drwxr-xr-x 2 root root    6 May  6 08:00 mnt
drwxr-xr-x 2 root root    6 May  6 08:00 opt
drwxr-xr-x 2 root root    6 Mar 28 17:12 proc
drwx------ 1 root root   27 May 22 17:29 root
drwxr-xr-x 3 root root   30 May  6 08:00 run
drwxr-xr-x 2 root root 4096 May  6 08:00 sbin
drwxr-xr-x 2 root root    6 May  6 08:00 srv
drwxr-xr-x 2 root root    6 Mar 28 17:12 sys
drwxrwxrwt 1 root root   29 May 16 08:50 tmp
drwxr-xr-x 1 root root   19 May  6 08:00 usr
drwxr-xr-x 1 root root   41 May  6 08:00 var
# check log
[root@fy-local-2 /]# ls -l /var/lib/docker/overlay2/c10ec54bab8f3fccd2c5f1a305df6f3b1e53068776363ab0c104d253216b799d/merged/usr/local/tomcat/logs/
total 20
-rw-r----- 1 root root 14514 May 22 17:40 catalina.2019-05-22.log
-rw-r----- 1 root root     0 May 22 17:27 host-manager.2019-05-22.log
-rw-r----- 1 root root  1194 May 22 17:40 localhost.2019-05-22.log
-rw-r----- 1 root root     0 May 22 17:27 localhost_access_log.2019-05-22.txt
-rw-r----- 1 root root     0 May 22 17:27 manager.2019-05-22.log

Copy the code

Scheme 4 implements writing logs directly to Redis in the code layer

Docker — redis — Logstash — Elasticsearch

At the code level, write the log directly to Redis and finally to Elasticsearch.

The above are all the conceptual explanations and prescriptions for Docker logs. The specific scheme to be adopted depends on the specific business of the company. What fits is best.

Recommend the article

• Best Answer: How to design a robust seckill system?
• Spring Boot Core Technical Guide for building a multi-tenant SaaS platform
• Summary of experience in Saas system architecture
• Millions of commodity data real-time synchronization, query results out in seconds
• Explain ali data center architecture in detail

Learning Materials Sharing

12 sets of core technology materials of micro services, Spring Boot and Spring Cloud. This is part of the data catalog:

• Spring Security authentication and authorization
• Spring Boot Project practice (background service architecture and operation and maintenance architecture of small and medium-sized Internet companies)
• Spring Boot Project (Enterprise rights Management project)
• Spring Cloud Micro-service Architecture Project (Distributed transaction solution)
• .

Public account background replyarch028Access to information: