본문 바로가기

리눅스

우분투(Ubuntu)에서 도커(Docker) 데몬의 로그를 관리하는 방법

728x90

우분투(Ubuntu)에서 도커(Docker) 데몬의 로그를 관리하는 방법

도커(Docker) 데몬의 로그를 관리하는 방법은 다양한 로그 관리 도구를 사용하여 가능합니다. 주로는 도커의 로깅 드라이버 설정 및 로그 파일 관리를 통해 로그를 관리합니다.

 

1. 로그 드라이버 설정(daemon.json 파일 생성)

도커 데몬은 다양한 로그 드라이버를 지원하며, 이를 사용하여 로그를 관리합니다. 기본 로그 드라이버는 json-file 이며, 다른 로그 드라이버로 변경하려면 /etc/docker/daemon.json 파일을 편집합니다.

sudo vim /etc/docker/daemon.json

daemon.json 파일이 없는 경우 새로 만들 수 있습니다.

다음은 daemon.json 파일에 json-file 로그 드라이버를 설정하는 예제입니다.

{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
  }
}

이 설정은 로그 파일의 최대 크기를 10MB로 제한하고 로그 파일을 최대 3개까지 유지합니다. 원하는 로그 드라이버와 옵션을 사용하도록 수정할 수 있습니다.

 

2. 파일을 저장하고 에디터를 닫습니다.

 

3. 도커 데몬을 다시 시작합니다.

sudo systemctl restart docker

 

이제 도커 데몬은 /etc/docker/daemon.json 파일에 지정된 로그 관리 설정을 사용하여 로그를 관리합니다. 설정을 수정하려면 파일을 다시 편집하고 도커 데몬을 다시 시작하면 됩니다.

 

로컬 로그 파일의 위치는 로그 드라이버와 설정에 따라 달라질 수 있으며, 기본적으로 /var/lib/docker/containers/<container-id>/ 디렉토리에 저장됩니다. 필요에 따라 로그 파일의 위치도 수정할 수 있습니다.

 

도커 컨테이너 로그 위치 : /var/lib/docker/containers/CONTAINER_ID/CONTAINER_ID-json.log

ex) /var/lib/docker/containers/d2902eae/d2902eae-json.log

 

Configure logging drivers : https://docs.docker.com/config/containers/logging/configure/

728x90

도커에서 로그 로테이션(logrotate) 구성

logrotate 파일(docker) 생성

touch /etc/logrotate.d/docker

logrotate 파일(docker) 편집

vim /etc/logrotate.d/docker
/var/lib/docker/containers/*/*.log
{
    rotate 90
    daily
    maxsize 100M
    dateext
    #dateformat .%Y%m%d%H
    missingok
    notifempty
    ifempty
    compress
    delaycompress
    copytruncate
    create
    sharedscripts
}

 

logrotate -f /etc/logrotate.conf

 

logrotate -d /etc/logrotate.conf

 

logrotate -vdf /etc/logrotate.conf
$ logrotate -vdf /etc/logrotate.conf
...
rotating pattern: /var/lib/docker/containers/*/*.log
 forced from command line (90 rotations)
empty log files are rotated, old logs are removed
considering log /var/lib/docker/containers/d290eae/d290eae-json.log
  log needs rotating
rotating log /var/lib/docker/containers/d290eae/d290eae-json.log, log->rotateCount is 90
dateext suffix '-20211123'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
glob finding logs to compress failed
glob finding old rotated logs failed
copying /var/lib/docker/containers/d290eae/d290eae-json.log to /var/lib/docker/containers/d290eae/d290eae-json.log-20211123
truncating /var/lib/docker/containers/d290eae/d290eae-json.log
...

logrotate 사용법

$ logrotate --help
Usage: logrotate [OPTION...] <configfile>
  -d, --debug               Don't do anything, just test (implies -v)
  -f, --force               Force file rotation
  -m, --mail=command        Command to send mail (instead of `/bin/mail')
  -s, --state=statefile     Path of state file
  -v, --verbose             Display messages during rotation
  -l, --log=STRING          Log file
  --version                 Display version information

Help options:
  -?, --help                Show this help message
  --usage                   Display brief usage message
compress
 Old versions of log files are compressed with gzip(1) by default. See also nocompress.

copytruncate
 Truncate the original log file in place after creating a copy, instead of moving the old log file and optionally creating a new one. It can be used when some program cannot be told to close its logfile and thus might continue writing (appending) to the previous log file forever. Note that there is a very small time slice between copying the file and truncating it, so some logging data might be lost. When this option is used, the create option will have no effect, as the old log file stays in place.

create mode owner group, create owner group
 Immediately after rotation (before the postrotate script is run) the log file is created (with the same name as the log file just rotated). mode specifies the mode for the log file in octal (the same as chmod(2)), owner specifies the user name who will own the log file, and group specifies the group the log file will belong to. Any of the log file attributes may be omitted, in which case those attributes for the new file will use the same values as the original log file for the omitted attributes. This option can be disabled using the nocreate option.

createolddir mode owner group
 If the directory specified by olddir directive does not exist, it is created. mode specifies the mode for the olddir directory in octal(the same as chmod(2)), owner specifies the user name who will own the olddir directory, and group specifies the group the olddir direc‐tory will belong to. This option can be disabled using the nocreateolddir option. daily Log files are rotated every day.

dateext
 Archive old versions of log files adding a date extension like YYYYMMDD instead of simply adding a number. The extension may be configured using the dateformat and dateyesterday options.

dateformat format_string
 Specify the extension for dateext using the notation similar to strftime(3) function. Only %Y %m %d %H and %s specifiers are allowed. The default value is -%Y%m%d except hourly, which uses -%Y%m%d%H as default value. Note that also the character separating log name from the extension is part of the dateformat string. The system clock must be set past Sep 9th 2001 for %s to work correctly. Note that the date‐stamps generated by this format must be lexically sortable (i.e., first the year, then the month then the day. e.g., 2001/12/01 is ok, but 01/12/2001 is not, since 01/11/2002 would sort lower while it is later). This is because when using the rotate option, logrotate sorts all rotated filenames to find out which logfiles are older and should be removed.

delaycompress
 Postpone compression of the previous log file to the next rotation cycle. This only has effect when used in combination with compress. It can be used when some program cannot be told to close its logfile and thus might continue writing to the previous log file for some time.

ifempty
 Rotate the log file even if it is empty, overriding the notifempty option (ifempty is the default).

maxsize size
 Log files are rotated when they grow bigger than size bytes even before the additionally specified time interval (daily, weekly, monthly, or yearly). The related size option is similar except that it is mutually exclusive with the time interval options, and it causes log files to be rotated without regard for the last rotation time. When maxsize is used, both the size and timestamp of a log file are con‐sidered.

missingok
 If the log file is missing, go on to the next one without issuing an error message. See also nomissingok.

notifempty
 Do not rotate the log if it is empty (this overrides the ifempty option).

postrotate/endscript
 The lines between postrotate and endscript (both of which must appear on lines by themselves) are executed (using /bin/sh) after the log file is rotated. These directives may only appear inside a log file definition. Normally, the absolute path to the log file is passed as first argument to the script. If sharedscripts is specified, whole pattern is passed to the script. See also prerotate. See sharedscripts and nosharedscripts for error handling.

prerotate/endscript
 The lines between prerotate and endscript (both of which must appear on lines by themselves) are executed (using /bin/sh) before the log file is rotated and only if the log will actually be rotated. These directives may only appear inside a log file definition. Normally, the absolute path to the log file is passed as first argument to the script. If sharedscripts is specified, whole pattern is passed to the script. See also postrotate. See sharedscripts and nosharedscripts for error handling.

firstaction/endscript
 The lines between firstaction and endscript (both of which must appear on lines by themselves) are executed (using /bin/sh) once before all log files that match the wildcarded pattern are rotated, before prerotate script is run and only if at least one log will actually be rotated. These directives may only appear inside a log file definition. Whole pattern is passed to the script as first argument. If the script exits with error, no further processing is done. See also lastaction.

rotate count
 Log files are rotated count times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather than rotated.

size size
 Log files are rotated only if they grow bigger then size bytes. If size is followed by k, the size is assumed to be in kilobytes. If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G are all valid.

sharedscripts
 Normally, prerotate and postrotate scripts are run for each log which is rotated and the absolute path to the log file is passed as first argument to the script. That means a single script may be run multiple times for log file entries which match multiple files (such as the /var/log/news/* example). If sharedscripts is specified, the scripts are only run once, no matter how many logs match the wildcarded pat‐tern, and whole pattern is passed to them. However, if none of the logs in the pattern require rotating, the scripts will not be run at all. If the scripts exit with error, the remaining actions will not be executed for any logs. This option overrides the nosharedscripts option and implies create option.

su user group
 Rotate log files set under this user and group instead of using default user/group (usually root). user specifies the user name used for rotation and group specifies the group used for rotation.

 

728x90