Container Logging
Published 2025-04-24
Location Online
Duration 1h 0mFor the last six months, the Acme Anvil Corporation has been migrating some of their bare metal infrastructure to Docker containers. After the initial implementation, the team has decided to implement a better logging strategy by using a centralized syslog server. You have been tasked with configuring syslog on one of the Docker instances. Next, you will configure Docker to use syslog instead of the JSON file log. Finally, you will test the configuration by spinning up two containers to test logging with syslog and a JSON file.
Challenge
Configure syslog.
You will need to open rsyslog.conf and make a few changes:
vim /etc/rsyslog.conf
Uncomment the two UDP syslog receptions:
#$ModLoad imudp
#$UDPServerRun 514
to
$ModLoad imudp
$UDPServerRun 514
Challenge
Configure Docker to use syslog.
Create the daemon.json file.
mkdir /etc/docker
vim /etc/docker/daemon.json
Add the following content.
{
"log-driver": "syslog",
"log-opts": {
"syslog-address": "udp://PRIVATE_IP:514"
}
}
Challenge
Create a container using syslog.
Enable and start the Dockere service.
sudo systemctl enable docker
sudo systemctl start docker
Create a container called syslog-logging using the httpd image.
docker container run -d --name syslog-logging --log-driver none httpd
Challenge
Create a container using a JSON file.
Create a container that uses the JSON file for logging.
docker container run -d --name json-logging --log-driver json-file httpd
Challenge
Verify that the `syslog-logging` container is sending its logs to syslog.
Make sure that the syslog-logging container is logging to syslog by checking the message log file:
tail /var/log/messages
Challenge
Verify that the `json-logging` container is sending its logs to the JSON file.
Execute docker logs for the json-logging container.
docker logs json-logging