Docker Logging and Monitoring

Contents

  1. Docker Logging and Monitoring
    1. Utilities
    2. Logging to Files
    3. Prometheus
      1. Networking
      2. Docker Swarm
      3. Prometheus Service

Utilities

The docker(1) utility offers some logging and monitoring functionality.

To view the usage statistics for all containers, try: 

$ docker stats redis1 redis2

CONTAINER           CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O
redis1              0.07%               796 KB / 64 MB        1.21%               788 B / 648 B       3.568 MB / 512 KB
redis2              0.07%               2.746 MB / 64 MB      4.29%               1.266 KB / 648 B    12.4 MB / 0 B

To print the log messages from a container in a manner similar to tail --follow, try: 

docker logs --tail --follow redis1

Logging to Files

The default behavior is for dockerd(8) to write JSON-formatted messages to a distinct file for each container.

Especially for long-running containers, this can lead to log files that are too large to store or reasonably use. See here for configuration options that will mitigate this.

Prometheus

Networking

For Prometheus monitoring, dockerd(8) will need to bind to an address and port.

If you aren't concerned with hardening your server, just use 0.0.0.0 and everything will work.

If all monitoring will be done locally, you can check the output of ip addr show docker0 to find the exact intranet address that dockerd(8) has bound to.

When monitoring remote servers, the Prometheus client must connect to the same address that dockerd(8) is bound to. It is not possible to configure DNS for the client and bind to 127.0.0.1 on the server. The only workaround is for dockerd(8) to bind to 0.0.0.0.

Docker Swarm

Docker must be running in swarm mode.

Configure dockerd(8) to advertise metrics. This is an experimental feature, so the dockerd(8) configuration file must be updated like: 

{
  "metrics-addr": "0.0.0.0:9323",
  "experimental": true
}

Prometheus Service

Prometheus needs to be configured to scrape dockerd(8) and publish it's database. 

global:
  scrape_interval:     15s # Default is 60s
  evaluation_interval: 15s # Default is 60s
  # scrape_timeout default is 10s
  external_labels:
    monitor: 'my-monitor'

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['127.0.0.1:9090']

  - job_name: 'docker'
    static_configs:
      - targets: ['172.17.0.1:9323', 'example.com:9323']

Start one instance of Prometheus to the swarm. 

docker service create --replicas=1 --name prometheus \
    --mount type=bind,src=/path/to/prometheus.yml,dst=/etc/prometheus/prometheus.yml \
    --publish 9090:9090/tcp \
    prom/prometheus

Verify that Prometheus has successfully connected to dockerd(8) at http://127.0.0.1:9090/targets.

CategoryRicottone

Docker/LoggingAndMonitoring (last edited 2023-04-04 19:20:03 by DominicRicottone)