Container Logging

1 hour
  • 6 Learning Objectives

About this Hands-on Lab

For the last six months, the Acme Anvil Corporation has been migrating some of their bare metal infrastructure to Docker containers. After the initial implementation, the team has decided to implement a better logging strategy by using a centralized syslog server.

You have been tasked with configuring syslog on one of the Docker instances. Next, you will configure Docker to use syslog instead of the JSON file log. Finally, you will test the configuration by spinning up two containers to test logging with syslog and a JSON file.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Configure syslog.

You will need to open rsyslog.conf and make a few changes:

 vim /etc/rsyslog.conf

Uncomment the two UDP syslog receptions:

#$ModLoad imudp
#$UDPServerRun 514


$ModLoad imudp
$UDPServerRun 514
Configure Docker to use syslog.

Create the daemon.json file.

mkdir /etc/docker
vim /etc/docker/daemon.json

Add the following content.

  "log-driver": "syslog",
  "log-opts": {
    "syslog-address": "udp://PRIVATE_IP:514"
Create a container using syslog.

Enable and start the Dockere service.

 sudo systemctl enable docker
 sudo systemctl start docker

Create a container called syslog-logging using the httpd image.

docker container run -d --name syslog-logging --log-driver none httpd
Create a container using a JSON file.

Create a container that uses the JSON file for logging.

docker container run -d --name json-logging --log-driver json-file httpd
Verify that the `syslog-logging` container is sending its logs to syslog.

Make sure that the syslog-logging container is logging to syslog by checking the message log file:

tail /var/log/messages
Verify that the `json-logging` container is sending its logs to the JSON file.

Execute docker logs for the json-logging container.

 docker logs json-logging

Additional Resources

Log in to your live environment and sudo to root. Edit the syslog config file and uncomment the two lines under Provides UDP syslog reception. Then, start the syslog service.

Configure Docker to use syslog as the default log driver and then start the Docker service.

Create two new containers using the httpd image. The first one will be called syslog-logging and will use none for the log driver. The second will be called json-logging and will use the JSON file for the log driver.

Verify that the syslog-logging container is sending its logs to syslog by running tail on the message log file. Then, verify that the json-logging container is sending its logs to the JSON file. Good luck!

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?