Docker Logging and Monitoring
Contents
Logging to Files
The default behavior is for dockerd(8) to write JSON-formatted messages to a distinct file for each container.
Especially for long-running containers, this can lead to log files that are too large to store or reasonably use. See here for configuration options that will mitigate this.
Prometheus
Networking
For Prometheus monitoring, dockerd(8) will need to bind to an address and port.
If you aren't concerned with hardening your server, just use 0.0.0.0 and everything will work.
If all monitoring will be done locally, you can check the output of ip addr show docker0 to find the exact intranet address that dockerd(8) has bound to.
When monitoring remote servers, the Prometheus client must connect to the same address that dockerd(8) is bound to. It is not possible to configure DNS for the client and bind to 127.0.0.1 on the server. The only workaround is for dockerd(8) to bind to 0.0.0.0.
Docker Swarm
Docker must be running in swarm mode.
Configure dockerd(8) to advertise metrics. This is an experimental feature, so the dockerd(8) configuration file must be updated like:
{
"metrics-addr": "0.0.0.0:9323",
"experimental": true
}
Prometheus Service
Prometheus needs to be configured to scrape dockerd(8) and publish it's database.
global:
scrape_interval: 15s # Default is 60s
evaluation_interval: 15s # Default is 60s
# scrape_timeout default is 10s
external_labels:
monitor: 'my-monitor'
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['127.0.0.1:9090']
- job_name: 'docker'
static_configs:
- targets: ['172.17.0.1:9323', 'example.com:9323']Start one instance of Prometheus to the swarm.
docker service create --replicas=1 --name prometheus \
--mount type=bind,src=/path/to/prometheus.yml,dst=/etc/prometheus/prometheus.yml \
--publish 9090:9090/tcp \
prom/prometheusVerify that Prometheus has successfully connected to dockerd(8) at http://127.0.0.1:9090/targets.