0
0
Dockerdevops~10 mins

Centralized logging setup in Docker - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Centralized logging setup
Start Docker Containers
Containers generate logs
Docker logging driver captures logs
Logs sent to centralized logging system
Central system stores and indexes logs
User queries logs via dashboard or CLI
Logs flow from Docker containers through a logging driver to a central system where they are stored and accessed.
Execution Sample
Docker
docker network create logging-net

# Run Elasticsearch

docker run -d --name elasticsearch --net=logging-net elasticsearch:8

# Run Fluentd

docker run -d --name fluentd --net=logging-net -p 24224:24224 fluent/fluentd

# Run app container with logging driver

docker run -d --log-driver=fluentd --log-opt fluentd-address=fluentd:24224 myapp
Sets up a network, runs Elasticsearch and Fluentd containers, then runs an app container sending logs to Fluentd.
Process Table
StepActionComponentResultNotes
1Create Docker networkdocker network create logging-netNetwork 'logging-net' createdAllows containers to communicate
2Start Elasticsearch containerdocker run elasticsearchElasticsearch running on logging-netStores and indexes logs
3Start Fluentd containerdocker run fluentdFluentd running on logging-net, listening on port 24224Receives logs from containers
4Start app container with Fluentd logging driverdocker run myapp with --log-driver=fluentdApp container running, logs sent to FluentdLogs forwarded to Fluentd
5App generates logsApp containerLogs captured by Docker logging driverLogs sent to Fluentd
6Fluentd receives logsFluentd containerLogs forwarded to ElasticsearchLogs indexed and stored
7User queries logsUser via dashboard or CLILogs retrieved from ElasticsearchUser sees centralized logs
8ExitN/ASetup complete and runningLogging flow established
💡 All containers running and logs flowing to centralized system
Status Tracker
ComponentInitial StateAfter SetupFinal State
Docker NetworkNonelogging-net createdlogging-net active
ElasticsearchNot runningRunning on logging-netRunning and indexing logs
FluentdNot runningRunning on logging-net, port 24224 openReceiving and forwarding logs
App ContainerNot runningRunning with Fluentd logging driverSending logs to Fluentd
Key Moments - 3 Insights
Why do we create a Docker network for logging?
The network allows containers like Elasticsearch, Fluentd, and the app to communicate securely and directly, as shown in step 1 and used in steps 2-4.
How does the app container send logs to Fluentd?
By specifying the Fluentd logging driver and address in the docker run command (step 4), Docker forwards container logs to Fluentd automatically.
What happens if Fluentd is not running when the app starts?
Logs cannot be forwarded and may be lost or buffered; Fluentd must be running to receive logs as shown in steps 3 and 5.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, at which step does Fluentd start receiving logs?
AStep 4
BStep 5
CStep 6
DStep 7
💡 Hint
Check the 'Component' and 'Result' columns for Fluentd receiving logs
According to the variable tracker, what is the state of the Elasticsearch container after setup?
ANot running
BRunning on logging-net
CRunning but not indexing logs
DStopped
💡 Hint
Look at the 'After Setup' column for Elasticsearch in variable_tracker
If the app container did not specify the Fluentd logging driver, what would change in the execution table?
AStep 5 would show logs not forwarded to Fluentd
BStep 5 would show logs not captured by Docker logging driver
CStep 5 would show logs sent to Fluentd
DStep 6 would show Fluentd receiving logs
💡 Hint
Refer to step 5 and 6 about log forwarding from app to Fluentd
Concept Snapshot
Centralized logging in Docker:
- Create a Docker network for container communication
- Run logging system containers (e.g., Elasticsearch, Fluentd) on the network
- Run app containers with logging driver set to Fluentd
- Logs flow from app -> Fluentd -> Elasticsearch
- Query logs centrally via dashboard or CLI
- Ensures easy log management and troubleshooting
Full Transcript
This visual execution shows how to set up centralized logging with Docker. First, a Docker network named 'logging-net' is created to allow containers to communicate. Then, Elasticsearch and Fluentd containers are started on this network. The app container is run with the Fluentd logging driver configured to send logs to Fluentd. As the app runs, it generates logs that Docker captures and forwards to Fluentd. Fluentd receives these logs and sends them to Elasticsearch for storage and indexing. Finally, users can query logs from Elasticsearch using dashboards or command line tools. The execution table traces each step, showing the state changes and flow of logs. The variable tracker summarizes the status of each component before and after setup. Key moments clarify common confusions about network creation, log forwarding, and Fluentd availability. The quiz tests understanding of when logs are received, container states, and effects of missing logging driver configuration.